MDEV-31113 Server crashes in store_length / Type_handler_string_result::make_sort_key with DISTINCT and group function

Fix-up for commit 476b24d
  Author: Monty
  Date:   Thu Feb 16 14:19:33 2023 +0200
    MDEV-20057 Distinct SUM on CROSS JOIN and grouped returns wrong result
which misses initializing of sorder->suffix_length.
In this commit the initialization is implemented by passing
MY_ZEROFILL flag to the allocation of SORT_FIELD elements

Author: Olernov

mysql-test/main/distinct.result

@@ -1093,6 +1093,7 @@ sum(distinct 1)	sum(t1.d) > 5	c
 1	1	0
 1	0	5
 1	1	6
+SET @sort_buffer_size_save= @@sort_buffer_size;
 set @@sort_buffer_size=1024;
 insert into t1 select -seq,-seq from seq_1_to_100;
 select distinct sum(distinct 1), sum(t1.d) > 2, length(group_concat(t1.d)) > 1000 from (t1 e join t1) group by t1.c having t1.c > -2 ;
@@ -1106,4 +1107,17 @@ sum(distinct 1)	sum(t1.d) > 2	length(group_concat(t1.d)) > 1000	c
 1	1	0	5
 1	1	0	6
 drop table t1;
+set @@sort_buffer_size=@sort_buffer_size_save;
+#
+# MDEV-31113 Server crashes in store_length / Type_handler_string_result::make_sort_key
+# with DISTINCT and group function
+#
+CREATE TABLE t (f INT);
+INSERT INTO t VALUES (1),(2);
+SELECT DISTINCT CONVERT(STDDEV(f), CHAR(16)) AS f1, UUID() AS f2 FROM t GROUP BY f2 WITH ROLLUP;
+f1	f2
+0.0000	#
+0.0000	#
+0.5000	#
+DROP TABLE t;
 # End of 10.4 tests

mysql-test/main/distinct.test

@@ -834,10 +834,23 @@ select distinct sum(distinct 1), sum(t1.d) > 5 from (t1 e join t1) group by t1.c
 select distinct sum(distinct 1), sum(t1.d) > 5, t1.c from (t1 e join t1) group by t1.c;
 
 # Force usage of remove_dup_with_compare() algorithm
+SET @sort_buffer_size_save= @@sort_buffer_size;
 set @@sort_buffer_size=1024;
 insert into t1 select -seq,-seq from seq_1_to_100;
 select distinct sum(distinct 1), sum(t1.d) > 2, length(group_concat(t1.d)) > 1000 from (t1 e join t1) group by t1.c having t1.c > -2 ;
 select distinct sum(distinct 1), sum(t1.d) > 2, length(group_concat(t1.d)) > 1000,t1.c from (t1 e join t1) group by t1.c having t1.c > -2;
 drop table t1;
+set @@sort_buffer_size=@sort_buffer_size_save;
+
+--echo #
+--echo # MDEV-31113 Server crashes in store_length / Type_handler_string_result::make_sort_key
+--echo # with DISTINCT and group function
+--echo #
+
+CREATE TABLE t (f INT);
+INSERT INTO t VALUES (1),(2);
+--replace_column 2 #
+SELECT DISTINCT CONVERT(STDDEV(f), CHAR(16)) AS f1, UUID() AS f2 FROM t GROUP BY f2 WITH ROLLUP;
+DROP TABLE t;
 
 --echo # End of 10.4 tests

sql/sql_select.cc

@@ -24226,7 +24226,7 @@ JOIN_TAB::remove_duplicates()
 
   if (!(sortorder= (SORT_FIELD*) my_malloc((fields->elements+1) *
                                            sizeof(SORT_FIELD),
-                                           MYF(MY_WME))))
+                                           MYF(MY_WME | MY_ZEROFILL))))
     DBUG_RETURN(TRUE);
 
   /* Calculate how many saved fields there is in list */
@@ -24245,7 +24245,6 @@ JOIN_TAB::remove_duplicates()
       else
       {
         /* Item is not stored in temporary table, remember it */
-        sorder->field= 0;                       // Safety, not used
         sorder->item= item;
         /* Calculate sorder->length */
         item->type_handler()->sortlength(thd, item, sorder);