MDEV-18707 Server crash in my_hash_sort_bin, ASAN heap-use-after-free in...

MDEV-18707 Server crash in my_hash_sort_bin, ASAN heap-use-after-free in Field::is_null, server hang, corrupted double-linked list

adjust share->stored_rec_length for LONG_UNIQUE_HASH_FIELD,
just like it's done for normal virtual fields

mysql-test/main/long_unique.result

@@ -43,7 +43,7 @@ MyISAM file:         DATADIR/test/t1
 Record format:       Packed
 Character set:       latin1_swedish_ci (8)
 Data records:                   10  Deleted blocks:                 0
-Recordlength:                   20
+Recordlength:                   12
 
 table description:
 Key Start Len Index   Type
@@ -131,7 +131,7 @@ MyISAM file:         DATADIR/test/t1
 Record format:       Packed
 Character set:       latin1_swedish_ci (8)
 Data records:                    7  Deleted blocks:                 0
-Recordlength:                   20
+Recordlength:                   12
 
 table description:
 Key Start Len Index   Type
@@ -366,7 +366,7 @@ MyISAM file:         DATADIR/test/t1
 Record format:       Packed
 Character set:       latin1_swedish_ci (8)
 Data records:                    8  Deleted blocks:                 0
-Recordlength:                 3072
+Recordlength:                 3040
 
 table description:
 Key Start Len Index   Type
@@ -723,7 +723,7 @@ MyISAM file:         DATADIR/test/t1
 Record format:       Packed
 Character set:       latin1_swedish_ci (8)
 Data records:                    9  Deleted blocks:                 0
-Recordlength:                 5092
+Recordlength:                 5059
 
 table description:
 Key Start Len Index   Type

mysql-test/main/long_unique_bugs.result

+create table t1 (a int, b int, c int, d int, e int);
+insert into t1 () values
+(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),
+(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),
+(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),
+(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),
+(),(),(),();
+select * into outfile 'load.data' from t1;
+create temporary table tmp (a varchar(1024), b int, c int, d int, e linestring, unique (e));
+load data infile 'load.data' into table tmp;
+delete from tmp;
+drop table t1;

mysql-test/main/long_unique_bugs.test

+#
+# MDEV-18707 Server crash in my_hash_sort_bin, ASAN heap-use-after-free in Field::is_null, server hang, corrupted double-linked list
+#
+create table t1 (a int, b int, c int, d int, e int);
+insert into t1 () values
+(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),
+(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),
+(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),
+(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),(),
+(),(),(),();
+select * into outfile 'load.data' from t1;
+create temporary table tmp (a varchar(1024), b int, c int, d int, e linestring, unique (e));
+load data infile 'load.data' into table tmp;
+delete from tmp;
+drop table t1;
+--let $datadir= `SELECT @@datadir`
+--remove_file $datadir/test/load.data

sql/table.cc

@@ -2449,6 +2449,9 @@ int TABLE_SHARE::init_from_binary_frm_image(THD *thd, bool write,
         hash_field->flags|= LONG_UNIQUE_HASH_FIELD;//Used in parse_vcol_defs
         keyinfo->flags|= HA_NOSAME;
         share->virtual_fields++;
+        share->stored_fields--;
+        if (record + share->stored_rec_length >= hash_field->ptr)
+          share->stored_rec_length= (ulong)(hash_field->ptr - record - 1);
         hash_field_used_no++;
         offset+= HA_HASH_FIELD_LENGTH;
       }