MySQL Bugs: #79249: main.group_min_max fails under Valgrind

Bug #79249	main.group_min_max fails under Valgrind
Submitted:	12 Nov 2015 12:45	Modified:	27 Nov 2015 13:49
Reporter:	Laurynas Biveinis (OCA)	Email Updates:
Status:	Closed	Impact on me:	None
Category:	MySQL Server: Optimizer	Severity:	S3 (Non-critical)
Version:	5.6.27	OS:	Ubuntu (15.10)
Assigned to:		CPU Architecture:	Any

Description:
On 5.6 but not on 5.7. This could be related to bug 67244.

$ cmake ../mysql-5.6/ -DBUILD_CONFIG=mysql_release -DWITH_DEBUG=ON -DWITH_VALGRIND=ON -DWITH_SSL=system -DENABLE_DOWNLOADS=1 ...
...
$ ./mtr --debug-server --valgrind group_min_max --valgrind-option=--track-origins=yes
...
main.group_min_max                       [ fail ]  Found warnings/errors in server log file!
        Test ended at 2015-11-12 14:35:19
line
==29769== Thread 18:
==29769== Conditional jump or move depends on uninitialised value(s)
==29769==    at 0x4C31D52: __memcmp_sse4_1 (vg_replace_strmem.c:1094)
==29769==    by 0x9AFECE: QUICK_GROUP_MIN_MAX_SELECT::add_range(SEL_ARG*) (opt_range.cc:12876)
==29769==    by 0x9AF4E0: TRP_GROUP_MIN_MAX::make_quick(PARAM*, bool, st_mem_root*) (opt_range.cc:12635)
==29769==    by 0x998432: SQL_SELECT::test_quick_select(THD*, Bitmap<64u>, unsigned long long, unsigned long long, bool, st_order::enum_order) (opt_range.cc:2971)
==29769==    by 0x9FD4E5: get_quick_record_count(THD*, SQL_SELECT*, TABLE*, Bitmap<64u> const*, unsigned long long) (sql_optimizer.cc:3983)
==29769==    by 0x9FC77A: make_join_statistics(JOIN*, TABLE_LIST*, Item*, Mem_root_array<Key_use, true>*, bool) (sql_optimizer.cc:3694)
==29769==    by 0x9F351F: JOIN::optimize() (sql_optimizer.cc:363)
==29769==    by 0x834260: mysql_execute_select(THD*, st_select_lex*, bool) (sql_select.cc:1086)
==29769==    by 0x8345EA: mysql_select(THD*, TABLE_LIST*, unsigned int, List<Item>&, Item*, SQL_I_List<st_order>*, SQL_I_List<st_order>*, Item*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) (sql_select.cc:1221)
==29769==    by 0x986DDB: mysql_explain_unit(THD*, st_select_lex_unit*, select_result*) (opt_explain.cc:2132)
==29769==    by 0x9869A4: explain_query_expression(THD*, select_result*) (opt_explain.cc:2034)
==29769==    by 0x807FD1: execute_sqlcom_select(THD*, TABLE_LIST*) (sql_parse.cc:5119)
==29769==    by 0x800B40: mysql_execute_command(THD*) (sql_parse.cc:2656)
==29769==    by 0x80AE5C: mysql_parse(THD*, char*, unsigned int, Parser_state*) (sql_parse.cc:6386)
==29769==    by 0x7FD97B: dispatch_command(enum_server_command, THD*, char*, unsigned int) (sql_parse.cc:1340)
==29769==    by 0x7FC9B8: do_command(THD*) (sql_parse.cc:1037)
==29769==  Uninitialised value was created by a client request
==29769==    at 0x9A2CA4: get_mm_leaf(RANGE_OPT_PARAM*, Item*, Field*, st_key_part*, Item_func::Functype, Item*) (opt_range.cc:7088)
==29769==    by 0x9A1818: get_mm_parts(RANGE_OPT_PARAM*, Item_func*, Field*, Item_func::Functype, Item*, Item_result) (opt_range.cc:6555)
==29769==    by 0x9A0320: get_func_mm_tree(RANGE_OPT_PARAM*, Item_func*, Field*, Item*, Item_result, bool) (opt_range.cc:6119)
==29769==    by 0x9A052B: get_full_func_mm_tree(RANGE_OPT_PARAM*, Item_func*, Item_field*, Item*, bool) (opt_range.cc:6219)
==29769==    by 0x9A13CF: get_mm_tree(RANGE_OPT_PARAM*, Item*) (opt_range.cc:6456)
==29769==    by 0x997E26: SQL_SELECT::test_quick_select(THD*, Bitmap<64u>, unsigned long long, unsigned long long, bool, st_order::enum_order) (opt_range.cc:2830)
==29769==    by 0x9FD4E5: get_quick_record_count(THD*, SQL_SELECT*, TABLE*, Bitmap<64u> const*, unsigned long long) (sql_optimizer.cc:3983)
==29769==    by 0x9FC77A: make_join_statistics(JOIN*, TABLE_LIST*, Item*, Mem_root_array<Key_use, true>*, bool) (sql_optimizer.cc:3694)
==29769==    by 0x9F351F: JOIN::optimize() (sql_optimizer.cc:363)
==29769==    by 0x834260: mysql_execute_select(THD*, st_select_lex*, bool) (sql_select.cc:1086)
==29769==    by 0x8345EA: mysql_select(THD*, TABLE_LIST*, unsigned int, List<Item>&, Item*, SQL_I_List<st_order>*, SQL_I_List<st_order>*, Item*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) (sql_select.cc:1221)
==29769==    by 0x986DDB: mysql_explain_unit(THD*, st_select_lex_unit*, select_result*) (opt_explain.cc:2132)
==29769==    by 0x9869A4: explain_query_expression(THD*, select_result*) (opt_explain.cc:2034)
==29769==    by 0x807FD1: execute_sqlcom_select(THD*, TABLE_LIST*) (sql_parse.cc:5119)
==29769==    by 0x800B40: mysql_execute_command(THD*) (sql_parse.cc:2656)
==29769==    by 0x80AE5C: mysql_parse(THD*, char*, unsigned int, Parser_state*) (sql_parse.cc:6386)
...

How to repeat:
See above

miguel@ubuntu1510:~/mysql-5.6.27/mysql-test$ ./mtr --debug-server --valgrind group_min_max --valgrind-option=--track-origins=yes
Logging: ./mtr  --debug-server --valgrind group_min_max --valgrind-option=--track-origins=yes
2015-11-12 11:32:35 0 [Note] /home/miguel/mysql-5.6.27/sql/mysqld-debug (mysqld 5.6.27-debug) starting as process 16634 ...
2015-11-12 11:32:35 16634 [Note] Plugin 'FEDERATED' is disabled.
2015-11-12 11:32:35 16634 [Note] Binlog end
2015-11-12 11:32:35 16634 [Note] Shutting down plugin 'CSV'
2015-11-12 11:32:35 16634 [Note] Shutting down plugin 'MyISAM'
MySQL Version 5.6.27
Turning on valgrind for all executables
Running valgrind with options " --track-origins=yes "
Turning off --check-testcases to save time when valgrinding
Checking supported features...
 - SSL connections supported
 - binaries are debug compiled
Collecting tests...
Removing old var directory...
Creating var directory '/home/miguel/mysql-5.6.27/mysql-test/var'...
Installing system database...

==============================================================================

TEST                                      RESULT   TIME (ms) or COMMENT
--------------------------------------------------------------------------

worker[1] Using MTR_BUILD_THREAD 300, with reserved ports 13000..13009
main.group_min_max                       [ fail ]  Found warnings/errors in server log file!
        Test ended at 2015-11-12 11:34:23
line
==16660== Thread 18:
==16660== Conditional jump or move depends on uninitialised value(s)
==16660==    at 0x4C31D52: __memcmp_sse4_1 (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==16660==    by 0x9AFE86: QUICK_GROUP_MIN_MAX_SELECT::add_range(SEL_ARG*) (opt_range.cc:12876)
==16660==    by 0x9AF498: TRP_GROUP_MIN_MAX::make_quick(PARAM*, bool, st_mem_root*) (opt_range.cc:12635)
==16660==    by 0x9983EA: SQL_SELECT::test_quick_select(THD*, Bitmap<64u>, unsigned long long, unsigned long long, bool, st_order::enum_order) (opt_range.cc:2971)
==16660==    by 0x9FD49D: get_quick_record_count(THD*, SQL_SELECT*, TABLE*, Bitmap<64u> const*, unsigned long long) (sql_optimizer.cc:3983)
==16660==    by 0x9FC732: make_join_statistics(JOIN*, TABLE_LIST*, Item*, Mem_root_array<Key_use, true>*, bool) (sql_optimizer.cc:3694)
==16660==    by 0x9F34D7: JOIN::optimize() (sql_optimizer.cc:363)
==16660==    by 0x834260: mysql_execute_select(THD*, st_select_lex*, bool) (sql_select.cc:1086)
==16660==    by 0x8345EA: mysql_select(THD*, TABLE_LIST*, unsigned int, List<Item>&, Item*, SQL_I_List<st_order>*, SQL_I_List<st_order>*, Item*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) (sql_select.cc:1221)
==16660==    by 0x986D93: mysql_explain_unit(THD*, st_select_lex_unit*, select_result*) (opt_explain.cc:2132)
==16660==    by 0x98695C: explain_query_expression(THD*, select_result*) (opt_explain.cc:2034)
==16660==    by 0x807FD1: execute_sqlcom_select(THD*, TABLE_LIST*) (sql_parse.cc:5119)
==16660==    by 0x800B40: mysql_execute_command(THD*) (sql_parse.cc:2656)
==16660==    by 0x80AE5C: mysql_parse(THD*, char*, unsigned int, Parser_state*) (sql_parse.cc:6386)
==16660==    by 0x7FD97B: dispatch_command(enum_server_command, THD*, char*, unsigned int) (sql_parse.cc:1340)
==16660==    by 0x7FC9B8: do_command(THD*) (sql_parse.cc:1037)

Thank you for the bug report. Repeatable on Ubuntu 15.10.

miguel@debianvb:~/mysql-5.6.27/mysql-test$ ./mtr --debug-server --valgrind group_min_max --valgrind-option=--track-origins=yes
Logging: ./mtr  --debug-server --valgrind group_min_max --valgrind-option=--track-origins=yes
2015-11-12 12:03:20 0 [Note] /home/miguel/mysql-5.6.27/sql/mysqld-debug (mysqld 5.6.27-debug) starting as process 16125 ...
2015-11-12 12:03:20 16125 [Note] Plugin 'FEDERATED' is disabled.
2015-11-12 12:03:20 16125 [Note] Binlog end
2015-11-12 12:03:20 16125 [Note] Shutting down plugin 'CSV'
2015-11-12 12:03:20 16125 [Note] Shutting down plugin 'MyISAM'
MySQL Version 5.6.27
Turning on valgrind for all executables
Running valgrind with options " --track-origins=yes "
Turning off --check-testcases to save time when valgrinding
Checking supported features...
 - SSL connections supported
 - binaries are debug compiled
Collecting tests...
Removing old var directory...
Creating var directory '/home/miguel/mysql-5.6.27/mysql-test/var'...
Installing system database...

==============================================================================

TEST                                      RESULT   TIME (ms) or COMMENT
--------------------------------------------------------------------------

worker[1] Using MTR_BUILD_THREAD 300, with reserved ports 13000..13009
main.group_min_max                       [ pass ]  63798
worker[1] Valgrind report from /home/miguel/mysql-5.6.27/mysql-test/var/log/mysqld.1.err after tests:
 main.group_min_max

miguel@debianvb:~/mysql-5.6.27/mysql-test$ lsb_release -a
No LSB modules are available.
Distributor ID:	Debian
Description:	Debian GNU/Linux 8.2 (jessie)
Release:	8.2
Codename:	jessie

Reported internally and fixed in 5.6.29, 5.7.11, 5.8.0.