From 821dfcd8d229511f5ffc4cd0b6bd4aa2ac1690be Mon Sep 17 00:00:00 2001
From: Thirunarayanan B <thirunarayanan.balathandayuth@oracle.com>
Date: Tue, 4 Nov 2014 17:40:29 +0530
Subject: [PATCH] Bug #19815702	TIS620: CRASH WITH MULTI TABLE DELETE
 Description:   Using correct length when moving to next field in cmp_ref. The
 store length already includes the length bytes of blobs, which is already
 considered earlier for blob types. 	Approved by Mattias, Jimmy [rb-7088]

---
 mysql-test/suite/innodb/r/multi_delete.result | 14 ++++++++++++++
 mysql-test/suite/innodb/t/multi_delete.test   |  8 ++++++++
 storage/innobase/handler/ha_innodb.cc         |  6 ++----
 3 files changed, 24 insertions(+), 4 deletions(-)
 create mode 100644 mysql-test/suite/innodb/r/multi_delete.result
 create mode 100644 mysql-test/suite/innodb/t/multi_delete.test

diff --git a/mysql-test/suite/innodb/r/multi_delete.result b/mysql-test/suite/innodb/r/multi_delete.result
new file mode 100644
index 00000000000..1336e2b93ac
--- /dev/null
+++ b/mysql-test/suite/innodb/r/multi_delete.result
@@ -0,0 +1,14 @@
+create table t1 (a int,b varchar(100) ,d blob,primary key (a,d(10), b(10))) engine=innodb;
+insert into t1 values (1,'e','a'),(5,'f','5'), (3,'a','b');
+create table t2 (a int) engine=innodb;
+insert into t2() values(4),(5);
+delete t1 from t1, t2 where t1.a;
+show create table t1;
+Table	Create Table
+t1	CREATE TABLE `t1` (
+  `a` int(11) NOT NULL DEFAULT '0',
+  `b` varchar(100) NOT NULL DEFAULT '',
+  `d` blob NOT NULL,
+  PRIMARY KEY (`a`,`d`(10),`b`(10))
+) ENGINE=InnoDB DEFAULT CHARSET=latin1
+drop table t1, t2;
diff --git a/mysql-test/suite/innodb/t/multi_delete.test b/mysql-test/suite/innodb/t/multi_delete.test
new file mode 100644
index 00000000000..4d8e1e07791
--- /dev/null
+++ b/mysql-test/suite/innodb/t/multi_delete.test
@@ -0,0 +1,8 @@
+--source include/have_innodb.inc
+create table t1 (a int,b varchar(100) ,d blob,primary key (a,d(10), b(10))) engine=innodb;
+insert into t1 values (1,'e','a'),(5,'f','5'), (3,'a','b');
+create table t2 (a int) engine=innodb;
+insert into t2() values(4),(5);
+delete t1 from t1, t2 where t1.a;
+show create table t1;
+drop table t1, t2;
diff --git a/storage/innobase/handler/ha_innodb.cc b/storage/innobase/handler/ha_innodb.cc
index 137a89dc9de..fab832d2be0 100644
--- a/storage/innobase/handler/ha_innodb.cc
+++ b/storage/innobase/handler/ha_innodb.cc
@@ -10405,10 +10405,8 @@ ha_innobase::cmp_ref(
 			len1 = innobase_read_from_2_little_endian(ref1);
 			len2 = innobase_read_from_2_little_endian(ref2);
 
-			ref1 += 2;
-			ref2 += 2;
-			result = ((Field_blob*)field)->cmp( ref1, len1,
-                                                            ref2, len2);
+			result = ((Field_blob*)field)->cmp(ref1 + 2, len1,
+							   ref2 + 2, len2);
 		} else {
 			result = field->key_cmp(ref1, ref2);
 		}