Description:
got a valgrind warning today about uninitialized memory:

Thread 13:
Conditional jump or move depends on uninitiali
   at 0x12DDC9: (within /usr/lib/libz.so.1.2.3
   by 0x12EF80: (within /usr/lib/libz.so.1.2.3
   by 0x12E3B6: deflate 
   by 0x12BC71: compress2
   by 0x12BCE9: compress 
   by 0x8186D39: Item_func_compress::val_str
   by 0x8145B9B: Item::send
   by 0x81D96CD: select_send::send_data
   by 0x825B246: JOIN::exec
   by 0x825C89E: mysql_select
   by 0x825D15E: handle_select
   by 0x81F1F49: execute_sqlcom_select

How to repeat:
will make a testcase later.  select compress(?) was used with certain data.

I should better try newer zlib also:

[sbester@box1 6.0]$ rpm -qa|grep zlib
zlib-1.2.3-3
zlib-devel-1.2.3-3

finally setting as verified because the official 5.1.26-glibc23 binaries have the problems, and now we see a cause:

==949== Conditional jump or move depends on uninitialised value(s)
 longest_match (deflate.c:1138)
 deflate_slow (deflate.c:1595)
 deflate (deflate.c:790)
 compress2 (compress.c:49)
 compress (compress.c:68)
 Item_func_compress::val_str (sql_string.h:99)
 Item::save_in_field (item.cc:4832)
 fill_record (sql_base.cc:8041)
 select_union::send_data( (sql_union.cc:60)
 JOIN::exec (sql_select.cc:1671)
 mysql_select
 handle_select

line 1138 is this:
do {
} while (*++scan == *++match && *++scan == *++match &&
       *++scan == *++match && *++scan == *++match &&
       *++scan == *++match && *++scan == *++match &&
       *++scan == *++match && *++scan == *++match &&
  scan < strend);

==949== Conditional jump or move depends on uninitialised value(s)
 longest_match (deflate.c:1121)
 deflate_slow (deflate.c:1595)
 deflate (deflate.c:790)
 compress2 (compress.c:49)
 compress (compress.c:68)
 Item_func_compress::val_str (sql_string.h:99)
 Item::save_in_field (item.cc:4832)
 fill_record (sql_base.cc:8041)
 select_union::send_data (sql_union.cc:60)
 JOIN::exec (sql_select.cc:1671)
 mysql_select
 handle_select

line 1121 is this:

if (match[best_len]   != scan_end  ||
    match[best_len-1] != scan_end1 ||
   *match            != *scan     ||
   *++match          != scan[1])      continue;

I don't have a definite SELECT query that causes this, but it was triggered by
giving random length hex strings to the function, e.g SELECT COMPRESS(0x123131231213) ...

Kristofer, let me know if you need a definite testcase for this or if the bug is obvious from the code?

ZLib is known to cause valgrind error messages because of certain optimizations. Issues with valgrid error messages are mentioned in ZLib FAQ: http://www.zlib.net/zlib_faq.html#faq36

Shane, did you measure this with the suppression file (valgrind.supp) ?

I'm going to claim that this is not a bug. I've had problems reproducing the valgrind error messages, but they do on the other hand match the error messages talked about on the zlib page. I also added a debug routine which traverse all elements in the string we send to compress in order to try to capture any broken arguments without any signs of trouble.

Kristofer, I finally found a simple testcase for this.  5.0.76-debug bzr and 5.1.31-debug bzr gives valgrind warnings on FC9:

select compress(' 1B.UADuhByxQVXW70MY P2L;8v.alAzGJMpb.');

Can you check if it's still safe to ignore ?

Bug#43105 is a duplicate of this one. Please update its status when this one is fixed.

From the zlib FAQ:

39. Valgrind (or some similar memory access checker) says that deflate is performing a conditional jump that depends on an uninitialized value. Isn't that a bug?

No. That is intentional for performance reasons, and the output of deflate is not affected. This only started showing up recently since zlib 1.2.x uses malloc() by default for allocations, whereas earlier versions used calloc(), which zeros out the allocated memory.

I haven't seen anything new which would indicate a bug. I think it safe to ignore.

A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/68606

2768 Rafal Somla	2009-03-09
      Bug #36989 - valgrind warning in Item_func_compress::val_str
      
      Adding valgrind suppression rule for "Conditional jump or move depends 
      on uninitialised value(s)" warning generated by zlib code.

Pushed into mysql-6.0-backup-merge tree. Note: it will end up in 6.0 only.
Joro approved it by email:

Georgi Kodinov wrote:
> Hi Kristofer,
> 
> On 09.03.2009, at 10:58, Rafal Somla wrote:
> 
>> Hi Kristofer,
>>
>> We can not ignore this bug - it makes our PB trees red. See bugs 
>> 42409, 43105 and 43456. I proposed a patch, which will keep valgrind 
>> quiet by suppressing this warning. You can find it here 
>> <http://lists.mysql.com/commits/68007>. Could you push it as a fix for 
>> 36989 or, alternatively, approve it and then I'll push it to our tree.
> 
> 
> We need to add a suppression.
> 
> Best Regards,
> Joro

Pushed into 6.0.11-alpha (revid:alik@sun.com-20090326121822-pt84kzxxayzho4mn) (version source revid:rafal.somla@sun.com-20090309101751-34o7kwovd856swto) (merge vers: 6.0.11-alpha) (pib:6)

Not really a bug, it's a change to get PB to stop complaining. No changelog entry needed.

A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/100664

3102 Chuck Bell	2010-02-17
      Bug #36989 - valgrind warning in Item_func_compress::val_str
      
      Adding valgrind suppression rule for "Conditional jump or move depends 
      on uninitialised value(s)" warning generated by zlib code.
      
      original changeset: 2599.112.32 (mysql-6.0-backup)