[Bug] be may core dump because of heap over flow

### Search before asking

- [X] I had searched in the [issues](https://github.com/apache/incubator-doris/issues?q=is%3Aissue) and found no similar issues.


### Version

all 

### What's Wrong?

be may core dump because of heap over flow

```
==16109==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x604000900733 at pc 0x5571b47d4f28 bp 0x7fceebe57470 sp 0x7fceebe57460
READ of size 1 at 0x604000900733 thread T37
    #0 0x5571b47d4f27 in doris::StringFunctions::find_in_set(doris_udf::FunctionContext*, doris_udf::StringVal const&, doris_udf::StringVal const&) /home/disk6/palo/release/baidu/bdg/doris/palo-1.1/be/src/exprs/string_functions.cpp:706
    #1 0x5571b479aa3d in doris_udf::IntVal doris::ScalarFnCall::interpret_eval<doris_udf::IntVal>(doris::ExprContext*, doris::TupleRow*) /home/disk6/palo/release/baidu/bdg/doris/palo-1.1/be/src/exprs/scalar_fn_call.cpp:230
    #2 0x5571b478888d in doris::ScalarFnCall::get_int_val(doris::ExprContext*, doris::TupleRow*) /home/disk6/palo/release/baidu/bdg/doris/palo-1.1/be/src/exprs/scalar_fn_call.cpp:396
    #3 0x5571b4b5030c in doris::NeIntValPred::get_boolean_val(doris::ExprContext*, doris::TupleRow*) /home/disk6/palo/release/baidu/bdg/doris/palo-1.1/be/src/exprs/binary_predicate.cpp:287
    #4 0x5571b4bb2cac in doris::IfExpr::get_boolean_val(doris::ExprContext*, doris::TupleRow*) /home/disk6/palo/release/baidu/bdg/doris/palo-1.1/be/src/exprs/conditional_functions.cpp:97
    #5 0x5571b7331843 in doris::ExecNode::eval_conjuncts(doris::ExprContext* const*, int, doris::TupleRow*) /home/disk6/palo/release/baidu/bdg/doris/palo-1.1/be/src/exec/exec_node.cpp:629
    #6 0x5571b754b557 in doris::OlapScanner::get_batch(doris::RuntimeState*, doris::RowBatch*, bool*) /home/disk6/palo/release/baidu/bdg/doris/palo-1.1/be/src/exec/olap_scanner.cpp:356
    #7 0x5571b73e3d76 in doris::OlapScanNode::scanner_thread(doris::OlapScanner*) /home/disk6/palo/release/baidu/bdg/doris/palo-1.1/be/src/exec/olap_scan_node.cpp:1619
    #8 0x5571b74107c3 in void std::__invoke_impl<void, void (doris::OlapScanNode::*&)(doris::OlapScanner*), doris::OlapScanNode*&, doris::OlapScanner*&>(std::__invoke_memfun_deref, void (doris::OlapScanNode::*&)(doris::OlapScanner*), doris::OlapScanNode*&, doris::OlapScanner*&) /home/disk6/palo/release/baidu/bdg/doris/ldb_toolchain/include/c++/11/bits/invoke.h:74
    #9 0x5571b74107c3 in std::__invoke_result<void (doris::OlapScanNode::*&)(doris::OlapScanner*), doris::OlapScanNode*&, doris::OlapScanner*&>::type std::__invoke<void (doris::OlapScanNode::*&)(doris::OlapScanner*), doris::OlapScanNode*&, doris::OlapScanner*&>(void (doris::OlapScanNode::*&)(doris::OlapScanner*), doris::OlapScanNode*&, doris::OlapScanner*&) /home/disk6/palo/release/baidu/bdg/doris/ldb_toolchain/include/c++/11/bits/invoke.h:96
    #10 0x5571b74107c3 in void std::_Bind<void (doris::OlapScanNode::*(doris::OlapScanNode*, doris::OlapScanner*))(doris::OlapScanner*)>::__call<void, , 0ul, 1ul>(std::tuple<>&&, std::_Index_tuple<0ul, 1ul>) /home/disk6/palo/release/baidu/bdg/doris/ldb_toolchain/include/c++/11/functional:420
    #11 0x5571b74107c3 in void std::_Bind<void (doris::OlapScanNode::*(doris::OlapScanNode*, doris::OlapScanner*))(doris::OlapScanner*)>::operator()<, void>() /home/disk6/palo/release/baidu/bdg/doris/ldb_toolchain/include/c++/11/functional:503
    #12 0x5571b74107c3 in void std::__invoke_impl<void, std::_Bind<void (doris::OlapScanNode::*(doris::OlapScanNode*, doris::OlapScanner*))(doris::OlapScanner*)>&>(std::__invoke_other, std::_Bind<void (doris::OlapScanNode::*(doris::OlapScanNode*, doris::OlapScanner*))(doris::OlapScanner*)>&) /home/disk6/palo/release/baidu/bdg/doris/ldb_toolchain/include/c++/11/bits/invoke.h:61
    #13 0x5571b74107c3 in std::enable_if<is_invocable_r_v<void, std::_Bind<void (doris::OlapScanNode::*(doris::OlapScanNode*, doris::OlapScanner*))(doris::OlapScanner*)>&>, void>::type std::__invoke_r<void, std::_Bind<void (doris::OlapScanNode::*(doris::OlapScanNode*, doris::OlapScanner*))(doris::OlapScanner*)>&>(std::_Bind<void (doris::OlapScanNode::*(doris::OlapScanNode*, doris::OlapScanner*))(doris::OlapScanner*)>&) /home/disk6/palo/release/baidu/bdg/doris/ldb_toolchain/include/c++/11/bits/invoke.h:111
    #14 0x5571b74107c3 in std::_Function_handler<void (), std::_Bind<void (doris::OlapScanNode::*(doris::OlapScanNode*, doris::OlapScanner*))(doris::OlapScanner*)> >::_M_invoke(std::_Any_data const&) /home/disk6/palo/release/baidu/bdg/doris/ldb_toolchain/include/c++/11/bits/std_function.h:291
    #15 0x5571b5759c05 in std::function<void ()>::operator()() const /home/disk6/palo/release/baidu/bdg/doris/ldb_toolchain/include/c++/11/bits/std_function.h:560
    #16 0x5571b5759c05 in doris::PriorityWorkStealingThreadPool::work_thread(int) /home/disk6/palo/release/baidu/bdg/doris/palo-1.1/be/src/util/priority_work_stealing_thread_pool.hpp:133
    #17 0x5571b57345f5 in void std::__invoke_impl<void, void (doris::PriorityWorkStealingThreadPool::* const&)(int), doris::PriorityWorkStealingThreadPool*&, int&>(std::__invoke_memfun_deref, void (doris::PriorityWorkStealingThreadPool::* const&)(int), doris::PriorityWorkStealingThreadPool*&, int&) /home/disk6/palo/release/baidu/bdg/doris/ldb_toolchain/include/c++/11/bits/invoke.h:74
    #18 0x5571b57345f5 in std::__invoke_result<void (doris::PriorityWorkStealingThreadPool::* const&)(int), doris::PriorityWorkStealingThreadPool*&, int&>::type std::__invoke<void (doris::PriorityWorkStealingThreadPool::* const&)(int), doris::PriorityWorkStealingThreadPool*&, int&>(void (doris::PriorityWorkStealingThreadPool::* const&)(int), doris::PriorityWorkStealingThreadPool*&, int&) /home/disk6/palo/release/baidu/bdg/doris/ldb_toolchain/include/c++/11/bits/invoke.h:96
    #19 0x5571b57345f5 in decltype (__invoke((*this)._M_pmf, (forward<doris::PriorityWorkStealingThreadPool*&>)({parm#1}), (forward<int&>)({parm#1}))) std::_Mem_fn_base<void (doris::PriorityWorkStealingThreadPool::*)(int), true>::operator()<doris::PriorityWorkStealingThreadPool*&, int&>(doris::PriorityWorkStealingThreadPool*&, int&) const /home/disk6/palo/release/baidu/bdg/doris/ldb_toolchain/include/c++/11/functional:131
    #20 0x5571b57345f5 in void std::__invoke_impl<void, std::_Mem_fn<void (doris::PriorityWorkStealingThreadPool::*)(int)>&, doris::PriorityWorkStealingThreadPool*&, int&>(std::__invoke_other, std::_Mem_fn<void (doris::PriorityWorkStealingThreadPool::*)(int)>&, doris::PriorityWorkStealingThreadPool*&, int&) /home/disk6/palo/release/baidu/bdg/doris/ldb_toolchain/include/c++/11/bits/invoke.h:61
    #21 0x5571b57345f5 in std::enable_if<is_invocable_r_v<void, std::_Mem_fn<void (doris::PriorityWorkStealingThreadPool::*)(int)>&, doris::PriorityWorkStealingThreadPool*&, int&>, void>::type std::__invoke_r<void, std::_Mem_fn<void (doris::PriorityWorkStealingThreadPool::*)(int)>&, doris::PriorityWorkStealingThreadPool*&, int&>(std::_Mem_fn<void (doris::PriorityWorkStealingThreadPool::*)(int)>&, doris::PriorityWorkStealingThreadPool*&, int&) /home/disk6/palo/release/baidu/bdg/doris/ldb_toolchain/include/c++/11/bits/invoke.h:111
    #22 0x5571b57345f5 in void std::_Bind_result<void, std::_Mem_fn<void (doris::PriorityWorkStealingThreadPool::*)(int)> (doris::PriorityWorkStealingThreadPool*, int)>::__call<void, , 0ul, 1ul>(std::tuple<>&&, std::_Index_tuple<0ul, 1ul>) /home/disk6/palo/release/baidu/bdg/doris/ldb_toolchain/include/c++/11/functional:570
    #23 0x5571b57345f5 in void std::_Bind_result<void, std::_Mem_fn<void (doris::PriorityWorkStealingThreadPool::*)(int)> (doris::PriorityWorkStealingThreadPool*, int)>::operator()<>() /home/disk6/palo/release/baidu/bdg/doris/ldb_toolchain/include/c++/11/functional:629
    #24 0x5571b57345f5 in void std::__invoke_impl<void, std::_Bind_result<void, std::_Mem_fn<void (doris::PriorityWorkStealingThreadPool::*)(int)> (doris::PriorityWorkStealingThreadPool*, int)>>(std::__invoke_other, std::_Bind_result<void, std::_Mem_fn<void (doris::PriorityWorkStealingThreadPool::*)(int)> (doris::PriorityWorkStealingThreadPool*, int)>&&) /home/disk6/palo/release/baidu/bdg/doris/ldb_toolchain/include/c++/11/bits/invoke.h:61
    #25 0x5571b57345f5 in std::__invoke_result<std::_Bind_result<void, std::_Mem_fn<void (doris::PriorityWorkStealingThreadPool::*)(int)> (doris::PriorityWorkStealingThreadPool*, int)>>::type std::__invoke<std::_Bind_result<void, std::_Mem_fn<void (doris::PriorityWorkStealingThreadPool::*)(int)> (doris::PriorityWorkStealingThreadPool*, int)>>(std::_Bind_result<void, std::_Mem_fn<void (doris::PriorityWorkStealingThreadPool::*)(int)> (doris::PriorityWorkStealingThreadPool*, int)>&&) /home/disk6/palo/release/baidu/bdg/doris/ldb_toolchain/include/c++/11/bits/invoke.h:96
    #26 0x5571b57345f5 in void std::thread::_Invoker<std::tuple<std::_Bind_result<void, std::_Mem_fn<void (doris::PriorityWorkStealingThreadPool::*)(int)> (doris::PriorityWorkStealingThreadPool*, int)> > >::_M_invoke<0ul>(std::_Index_tuple<0ul>) /home/disk6/palo/release/baidu/bdg/doris/ldb_toolchain/include/c++/11/bits/std_thread.h:253
    #27 0x5571b57345f5 in std::thread::_Invoker<std::tuple<std::_Bind_result<void, std::_Mem_fn<void (doris::PriorityWorkStealingThreadPool::*)(int)> (doris::PriorityWorkStealingThreadPool*, int)> > >::operator()() /home/disk6/palo/release/baidu/bdg/doris/ldb_toolchain/include/c++/11/bits/std_thread.h:260
    #28 0x5571b57345f5 in std::thread::_State_impl<std::thread::_Invoker<std::tuple<std::_Bind_result<void, std::_Mem_fn<void (doris::PriorityWorkStealingThreadPool::*)(int)> (doris::PriorityWorkStealingThreadPool*, int)> > > >::_M_run() /home/disk6/palo/release/baidu/bdg/doris/ldb_toolchain/include/c++/11/bits/std_thread.h:211
    #29 0x5571be41eeff in execute_native_thread_routine (/root/boxer2/running/686863224221601792/palobe/lib/palo_be+0xc889eff)
    #30 0x7fcf02104ea4 in start_thread (/lib64/libpthread.so.0+0x7ea4)
    #31 0x7fcf024178dc in __clone (/lib64/libc.so.6+0xfe8dc)

0x604000900733 is located 0 bytes to the right of 35-byte region [0x604000900710,0x604000900733)
allocated by thread T37 here:
    #0 0x5571b45479f8 in __interceptor_realloc (/root/boxer2/running/686863224221601792/palobe/lib/palo_be+0x29b29f8)
    #1 0x5571b5041c56 in void doris::Field::direct_copy<doris::RowCursorCell, doris::RowCursorCell>(doris::RowCursorCell*, doris::RowCursorCell const&) const /home/disk6/palo/release/baidu/bdg/doris/palo-1.1/be/src/olap/field.h:192
    #2 0x5571b5041c56 in void doris::direct_copy_row<doris::RowCursor, doris::RowCursor>(doris::RowCursor*, doris::RowCursor const&) /home/disk6/palo/release/baidu/bdg/doris/palo-1.1/be/src/olap/row.h:122
    #3 0x5571b503df84 in doris::TupleReader::_direct_next_row(doris::RowCursor*, doris::MemPool*, doris::ObjectPool*, bool*) /home/disk6/palo/release/baidu/bdg/doris/palo-1.1/be/src/olap/tuple_reader.cpp:110
    #4 0x5571b7548db8 in doris::OlapScanner::get_batch(doris::RuntimeState*, doris::RowBatch*, bool*) /home/disk6/palo/release/baidu/bdg/doris/palo-1.1/be/src/exec/olap_scanner.cpp:314
    #5 0x5571b73e3d76 in doris::OlapScanNode::scanner_thread(doris::OlapScanner*) /home/disk6/palo/release/baidu/bdg/doris/palo-1.1/be/src/exec/olap_scan_node.cpp:1619
    #6 0x5571b74107c3 in void std::__invoke_impl<void, void (doris::OlapScanNode::*&)(doris::OlapScanner*), doris::OlapScanNode*&, doris::OlapScanner*&>(std::__invoke_memfun_deref, void (doris::OlapScanNode::*&)(doris::OlapScanner*), doris::OlapScanNode*&, doris::OlapScanner*&) /home/disk6/palo/release/baidu/bdg/doris/ldb_toolchain/include/c++/11/bits/invoke.h:74
    #7 0x5571b74107c3 in std::__invoke_result<void (doris::OlapScanNode::*&)(doris::OlapScanner*), doris::OlapScanNode*&, doris::OlapScanner*&>::type std::__invoke<void (doris::OlapScanNode::*&)(doris::OlapScanner*), doris::OlapScanNode*&, doris::OlapScanner*&>(void (doris::OlapScanNode::*&)(doris::OlapScanner*), doris::OlapScanNode*&, doris::OlapScanner*&) /home/disk6/palo/release/baidu/bdg/doris/ldb_toolchain/include/c++/11/bits/invoke.h:96
    #8 0x5571b74107c3 in void std::_Bind<void (doris::OlapScanNode::*(doris::OlapScanNode*, doris::OlapScanner*))(doris::OlapScanner*)>::__call<void, , 0ul, 1ul>(std::tuple<>&&, std::_Index_tuple<0ul, 1ul>) /home/disk6/palo/release/baidu/bdg/doris/ldb_toolchain/include/c++/11/functional:420
    #9 0x5571b74107c3 in void std::_Bind<void (doris::OlapScanNode::*(doris::OlapScanNode*, doris::OlapScanner*))(doris::OlapScanner*)>::operator()<, void>() /home/disk6/palo/release/baidu/bdg/doris/ldb_toolchain/include/c++/11/functional:503
    #10 0x5571b74107c3 in void std::__invoke_impl<void, std::_Bind<void (doris::OlapScanNode::*(doris::OlapScanNode*, doris::OlapScanner*))(doris::OlapScanner*)>&>(std::__invoke_other, std::_Bind<void (doris::OlapScanNode::*(doris::OlapScanNode*, doris::OlapScanner*))(doris::OlapScanner*)>&) /home/disk6/palo/release/baidu/bdg/doris/ldb_toolchain/include/c++/11/bits/invoke.h:61
    #11 0x5571b74107c3 in std::enable_if<is_invocable_r_v<void, std::_Bind<void (doris::OlapScanNode::*(doris::OlapScanNode*, doris::OlapScanner*))(doris::OlapScanner*)>&>, void>::type std::__invoke_r<void, std::_Bind<void (doris::OlapScanNode::*(doris::OlapScanNode*, doris::OlapScanner*))(doris::OlapScanner*)>&>(std::_Bind<void (doris::OlapScanNode::*(doris::OlapScanNode*, doris::OlapScanner*))(doris::OlapScanner*)>&) /home/disk6/palo/release/baidu/bdg/doris/ldb_toolchain/include/c++/11/bits/invoke.h:111
    #12 0x5571b74107c3 in std::_Function_handler<void (), std::_Bind<void (doris::OlapScanNode::*(doris::OlapScanNode*, doris::OlapScanner*))(doris::OlapScanner*)> >::_M_invoke(std::_Any_data const&) /home/disk6/palo/release/baidu/bdg/doris/ldb_toolchain/include/c++/11/bits/std_function.h:291
    #13 0x5571b5759c05 in std::function<void ()>::operator()() const /home/disk6/palo/release/baidu/bdg/doris/ldb_toolchain/include/c++/11/bits/std_function.h:560
    #14 0x5571b5759c05 in doris::PriorityWorkStealingThreadPool::work_thread(int) /home/disk6/palo/release/baidu/bdg/doris/palo-1.1/be/src/util/priority_work_stealing_thread_pool.hpp:133
    #15 0x5571b57345f5 in void std::__invoke_impl<void, void (doris::PriorityWorkStealingThreadPool::* const&)(int), doris::PriorityWorkStealingThreadPool*&, int&>(std::__invoke_memfun_deref, void (doris::PriorityWorkStealingThreadPool::* const&)(int), doris::PriorityWorkStealingThreadPool*&, int&) /home/disk6/palo/release/baidu/bdg/doris/ldb_toolchain/include/c++/11/bits/invoke.h:74
    #16 0x5571b57345f5 in std::__invoke_result<void (doris::PriorityWorkStealingThreadPool::* const&)(int), doris::PriorityWorkStealingThreadPool*&, int&>::type std::__invoke<void (doris::PriorityWorkStealingThreadPool::* const&)(int), doris::PriorityWorkStealingThreadPool*&, int&>(void (doris::PriorityWorkStealingThreadPool::* const&)(int), doris::PriorityWorkStealingThreadPool*&, int&) /home/disk6/palo/release/baidu/bdg/doris/ldb_toolchain/include/c++/11/bits/invoke.h:96
    #17 0x5571b57345f5 in decltype (__invoke((*this)._M_pmf, (forward<doris::PriorityWorkStealingThreadPool*&>)({parm#1}), (forward<int&>)({parm#1}))) std::_Mem_fn_base<void (doris::PriorityWorkStealingThreadPool::*)(int), true>::operator()<doris::PriorityWorkStealingThreadPool*&, int&>(doris::PriorityWorkStealingThreadPool*&, int&) const /home/disk6/palo/release/baidu/bdg/doris/ldb_toolchain/include/c++/11/functional:131
    #18 0x5571b57345f5 in void std::__invoke_impl<void, std::_Mem_fn<void (doris::PriorityWorkStealingThreadPool::*)(int)>&, doris::PriorityWorkStealingThreadPool*&, int&>(std::__invoke_other, std::_Mem_fn<void (doris::PriorityWorkStealingThreadPool::*)(int)>&, doris::PriorityWorkStealingThreadPool*&, int&) /home/disk6/palo/release/baidu/bdg/doris/ldb_toolchain/include/c++/11/bits/invoke.h:61
    #19 0x5571b57345f5 in std::enable_if<is_invocable_r_v<void, std::_Mem_fn<void (doris::PriorityWorkStealingThreadPool::*)(int)>&, doris::PriorityWorkStealingThreadPool*&, int&>, void>::type std::__invoke_r<void, std::_Mem_fn<void (doris::PriorityWorkStealingThreadPool::*)(int)>&, doris::PriorityWorkStealingThreadPool*&, int&>(std::_Mem_fn<void (doris::PriorityWorkStealingThreadPool::*)(int)>&, doris::PriorityWorkStealingThreadPool*&, int&) /home/disk6/palo/release/baidu/bdg/doris/ldb_toolchain/include/c++/11/bits/invoke.h:111
    #20 0x5571b57345f5 in void std::_Bind_result<void, std::_Mem_fn<void (doris::PriorityWorkStealingThreadPool::*)(int)> (doris::PriorityWorkStealingThreadPool*, int)>::__call<void, , 0ul, 1ul>(std::tuple<>&&, std::_Index_tuple<0ul, 1ul>) /home/disk6/palo/release/baidu/bdg/doris/ldb_toolchain/include/c++/11/functional:570
    #21 0x5571b57345f5 in void std::_Bind_result<void, std::_Mem_fn<void (doris::PriorityWorkStealingThreadPool::*)(int)> (doris::PriorityWorkStealingThreadPool*, int)>::operator()<>() /home/disk6/palo/release/baidu/bdg/doris/ldb_toolchain/include/c++/11/functional:629
    #22 0x5571b57345f5 in void std::__invoke_impl<void, std::_Bind_result<void, std::_Mem_fn<void (doris::PriorityWorkStealingThreadPool::*)(int)> (doris::PriorityWorkStealingThreadPool*, int)>>(std::__invoke_other, std::_Bind_result<void, std::_Mem_fn<void (doris::PriorityWorkStealingThreadPool::*)(int)> (doris::PriorityWorkStealingThreadPool*, int)>&&) /home/disk6/palo/release/baidu/bdg/doris/ldb_toolchain/include/c++/11/bits/invoke.h:61
    #23 0x5571b57345f5 in std::__invoke_result<std::_Bind_result<void, std::_Mem_fn<void (doris::PriorityWorkStealingThreadPool::*)(int)> (doris::PriorityWorkStealingThreadPool*, int)>>::type std::__invoke<std::_Bind_result<void, std::_Mem_fn<void (doris::PriorityWorkStealingThreadPool::*)(int)> (doris::PriorityWorkStealingThreadPool*, int)>>(std::_Bind_result<void, std::_Mem_fn<void (doris::PriorityWorkStealingThreadPool::*)(int)> (doris::PriorityWorkStealingThreadPool*, int)>&&) /home/disk6/palo/release/baidu/bdg/doris/ldb_toolchain/include/c++/11/bits/invoke.h:96
    #24 0x5571b57345f5 in void std::thread::_Invoker<std::tuple<std::_Bind_result<void, std::_Mem_fn<void (doris::PriorityWorkStealingThreadPool::*)(int)> (doris::PriorityWorkStealingThreadPool*, int)> > >::_M_invoke<0ul>(std::_Index_tuple<0ul>) /home/disk6/palo/release/baidu/bdg/doris/ldb_toolchain/include/c++/11/bits/std_thread.h:253
    #25 0x5571b57345f5 in std::thread::_Invoker<std::tuple<std::_Bind_result<void, std::_Mem_fn<void (doris::PriorityWorkStealingThreadPool::*)(int)> (doris::PriorityWorkStealingThreadPool*, int)> > >::operator()() /home/disk6/palo/release/baidu/bdg/doris/ldb_toolchain/include/c++/11/bits/std_thread.h:260
    #26 0x5571b57345f5 in std::thread::_State_impl<std::thread::_Invoker<std::tuple<std::_Bind_result<void, std::_Mem_fn<void (doris::PriorityWorkStealingThreadPool::*)(int)> (doris::PriorityWorkStealingThreadPool*, int)> > > >::_M_run() /home/disk6/palo/release/baidu/bdg/doris/ldb_toolchain/include/c++/11/bits/std_thread.h:211
    #27 0x5571be41eeff in execute_native_thread_routine (/root/boxer2/running/686863224221601792/palobe/lib/palo_be+0xc889eff)

Thread T37 created by T0 here:
    #0 0x5571b44eb8e1 in pthread_create (/root/boxer2/running/686863224221601792/palobe/lib/palo_be+0x29568e1)
    #1 0x5571be41efd5 in std::thread::_M_start_thread(std::unique_ptr<std::thread::_State, std::default_delete<std::thread::_State> >, void (*)()) (/root/boxer2/running/686863224221601792/palobe/lib/palo_be+0xc889fd5)
    #2 0x5571b57323a4 in doris::ExecEnv::_init(std::vector<doris::StorePath, std::allocator<doris::StorePath> > const&) /home/disk6/palo/release/baidu/bdg/doris/palo-1.1/be/src/runtime/exec_env_init.cpp:117
    #3 0x5571b5733555 in doris::ExecEnv::init(doris::ExecEnv*, std::vector<doris::StorePath, std::allocator<doris::StorePath> > const&) /home/disk6/palo/release/baidu/bdg/doris/palo-1.1/be/src/runtime/exec_env_init.cpp:85
    #4 0x5571b4024927 in main /home/disk6/palo/release/baidu/bdg/doris/palo-1.1/be/src/service/doris_main.cpp:383
    #5 0x7fcf0233b554 in __libc_start_main (/lib64/libc.so.6+0x22554)

SUMMARY: AddressSanitizer: heap-buffer-overflow /home/disk6/palo/release/baidu/bdg/doris/palo-1.1/be/src/exprs/string_functions.cpp:706 in doris::StringFunctions::find_in_set(doris_udf::FunctionContext*, doris_udf::StringVal const&, doris_udf::StringVal const&)
Shadow bytes around the buggy address:
  0x0c0880118090: fa fa 00 00 00 00 00 fa fa fa fa fa fa fa fa fa
  0x0c08801180a0: fa fa 00 00 00 00 00 fa fa fa 00 00 00 00 00 00
  0x0c08801180b0: fa fa 00 00 00 00 00 00 fa fa 00 00 00 00 00 00
  0x0c08801180c0: fa fa 00 00 00 00 00 00 fa fa 00 00 00 00 00 00
  0x0c08801180d0: fa fa 00 00 00 00 00 00 fa fa 00 00 00 00 00 00
=>0x0c08801180e0: fa fa 00 00 00 00[03]fa fa fa fa fa fa fa fa fa
  0x0c08801180f0: fa fa 00 00 00 00 00 00 fa fa fa fa fa fa fa fa
  0x0c0880118100: fa fa 00 00 00 00 00 00 fa fa 00 00 00 00 00 fa
  0x0c0880118110: fa fa 00 00 00 00 00 fa fa fa 00 00 00 00 00 fa
  0x0c0880118120: fa fa 00 00 00 00 00 00 fa fa 00 00 00 00 00 fa
  0x0c0880118130: fa fa 00 00 00 00 00 00 fa fa 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
  Shadow gap:              cc
==16109==ABORTING
```

### What You Expected?

no core

### How to Reproduce?

_No response_

### Anything Else?

_No response_

### Are you willing to submit PR?

- [X] Yes I am willing to submit a PR!

### Code of Conduct

- [X] I agree to follow this project's [Code of Conduct](https://www.apache.org/foundation/policies/conduct)


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Bug] be may core dump because of heap over flow #12612

Search before asking

Version

What's Wrong?

What You Expected?

How to Reproduce?

Anything Else?

Are you willing to submit PR?

Code of Conduct

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

[Bug] be may core dump because of heap over flow #12612

Description

Search before asking

Version

What's Wrong?

What You Expected?

How to Reproduce?

Anything Else?

Are you willing to submit PR?

Code of Conduct

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions