diff options
author | Marko Mäkelä <marko.makela@mariadb.com> | 2019-02-05 11:16:43 +0200 |
---|---|---|
committer | Marko Mäkelä <marko.makela@mariadb.com> | 2019-02-05 12:02:41 +0200 |
commit | 625994b7cc4ebd0bc2652ae80b93386aa4b766ac (patch) | |
tree | c18508f1f391e316b049994882fbae50ae024818 /mysql-test/suite/innodb/t/alter_varchar_change.test | |
parent | f53e795250133a622eb1c00271c073726ae3c7fc (diff) | |
download | mariadb-git-625994b7cc4ebd0bc2652ae80b93386aa4b766ac.tar.gz |
MDEV-16982 Server crashes in mem_heap_dup upon DELETE from table with virtual columns
An uninitialized buffer is passed to row_sel_store_mysql_rec() but
InnoDB may not initialize everything. Looks like it's ok in most cases
but not always.
The partially initialized buffer was later passed to
ha_innobase::write_row() which reads random NULL bit values for
virtual columns and random stuff happens.
No test case for MariaDB 10.2 was found.
The test case for MariaDB 10.3 involves partitioning,
system versioning and the TRASH_ALLOC fill pattern 0xA5.
Test case depends very much on the number and layout of columns.
Think about 0xA5 byte for a NULL bit mask.
row_sel_store_mysql_rec(): always initialize virtual columns NULL bit
Closes #1144
Diffstat (limited to 'mysql-test/suite/innodb/t/alter_varchar_change.test')
0 files changed, 0 insertions, 0 deletions