[BugFix] Fix UAF in shared UDF

[stdpain]

Why I'm doing:

In shared UDF the function context object is cached in memory, this can lead to a UAF when accessing the function context, resulting in undefined behavior.

What I'm doing:

In this commit, we remove the Function Context object of BatchCallStub. Use the StatusOr interface instead of the control flow.

==1404951==ERROR: AddressSanitizer: heap-use-after-free on address 0x614001250e80 at pc 0x00000c6298a1 bp 0x7f7f81b806f0 sp 0x7f7f81b806e0
READ of size 8 at 0x614001250e80 thread T590
    #0 0xc6298a0 in std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::size() const /usr/include/c++/11/bits/basic_string.h:921
    #1 0xc685eed in std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::empty() const /usr/include/c++/11/bits/basic_string.h:1024
    #2 0x14934659 in starrocks::FunctionContext::has_error() const be/src/exprs/function_context.cpp:160
    #3 0x162357c1 in starrocks::UDFFunctionCallHelper::call(starrocks::FunctionContext*, std::vector<std::shared_ptr<starrocks::Column>, std::allocator<std::shared_ptr<starrocks::Column> > >&, unsigned long) be/src/exprs/java_function_call_expr.cpp:81
    #4 0x1622959e in operator() be/src/exprs/java_function_call_expr.cpp:114
    #5 0x16231d53 in __invoke_impl<starrocks::Status, starrocks::JavaFunctionCallExpr::evaluate_checked(starrocks::ExprContext*, starrocks::Chunk*)::<lambda()>&> /usr/include/c++/11/bits/invoke.h:61
    #6 0x16231093 in __invoke_r<starrocks::Status, starrocks::JavaFunctionCallExpr::evaluate_checked(starrocks::ExprContext*, starrocks::Chunk*)::<lambda()>&> /usr/include/c++/11/bits/invoke.h:116
    #7 0x16230746 in _M_invoke /usr/include/c++/11/bits/std_function.h:291
    #8 0xe2ada11 in std::function<starrocks::Status ()>::operator()() const /usr/include/c++/11/bits/std_function.h:590
    #9 0x19a18955 in starrocks::call_function_in_pthread(starrocks::RuntimeState*, std::function<starrocks::Status ()> const&) be/src/udf/java/utils.cpp:45
    #10 0x16229da8 in starrocks::JavaFunctionCallExpr::evaluate_checked(starrocks::ExprContext*, starrocks::Chunk*) be/src/exprs/java_function_call_expr.cpp:117
    #11 0x1491137f in starrocks::ExprContext::evaluate(starrocks::Expr*, starrocks::Chunk*, unsigned char*) be/src/exprs/expr_context.cpp:188
    #12 0x14910a53 in starrocks::ExprContext::evaluate(starrocks::Chunk*, unsigned char*) be/src/exprs/expr_context.cpp:164
    #13 0xfd85334 in starrocks::pipeline::ProjectOperator::push_chunk(starrocks::RuntimeState*, std::shared_ptr<starrocks::Chunk> const&) be/src/exec/pipeline/project_operator.cpp:60
    #14 0x10156289 in starrocks::pipeline::PipelineDriver::process(starrocks::RuntimeState*, int) be/src/exec/pipeline/pipeline_driver.cpp:352

close https://github.com/StarRocks/StarRocksTest/issues/9031

What type of PR is this:

• BugFix
• Feature
• Enhancement
• Refactor
• UT
• Doc
• Tool

Does this PR entail a change in behavior?

• Yes, this PR will result in a change in behavior.
• No, this PR will not result in a change in behavior.

If yes, please specify the type of change:

• Interface/UI changes: syntax, type conversion, expression evaluation, display information
• Parameter changes: default values, similar parameters but with different default values
• Policy changes: use new policy to replace old one, functionality automatically enabled
• Feature removed
• Miscellaneous: upgrade & downgrade compatibility, etc.

Checklist:

• I have added test cases for my bug fix or my new feature
• This pr needs user documentation (for new or modified features or behaviors)
  • I have added documentation for my new feature or new function
• This is a backport pr

Bugfix cherry-pick branch check:

• I have checked the version labels which the pr will be auto-backported to the target branch
  • 3.4
  • 3.3
  • 3.2
  • 3.1
  • 3.0

[github-actions]

[Java-Extensions Incremental Coverage Report]

✅ pass : 0 / 0 (0%)

[github-actions]

[FE Incremental Coverage Report]

✅ pass : 0 / 0 (0%)

[github-actions]

[BE Incremental Coverage Report]

✅ pass : 11 / 11 (100.00%)

file detail

	path	covered_line	new_line	coverage	not_covered_line_detail
🔵	be/src/udf/java/java_udf.cpp	3	3	100.00%	[]
🔵	be/src/exprs/java_function_call_expr.cpp	6	6	100.00%	[]
🔵	be/src/udf/java/java_udf.h	2	2	100.00%	[]

[github-actions]

@Mergifyio backport branch-3.4

[github-actions]

@Mergifyio backport branch-3.3

[github-actions]

@Mergifyio backport branch-3.2

[github-actions]

@Mergifyio backport branch-3.1

[mergify]

backport branch-3.4

✅ Backports have been created

• #54607 [BugFix] Fix UAF in shared UDF (backport #54592) has been created for branch branch-3.4

[mergify]

backport branch-3.3

✅ Backports have been created

• #54608 [BugFix] Fix UAF in shared UDF (backport #54592) has been created for branch branch-3.3

[mergify]

backport branch-3.2

✅ Backports have been created

• #54609 [BugFix] Fix UAF in shared UDF (backport #54592) has been created for branch branch-3.2

[mergify]

backport branch-3.1

✅ Backports have been created

• #54610 [BugFix] Fix UAF in shared UDF (backport #54592) has been created for branch branch-3.1 but encountered conflicts

[stdpain]

https://github.com/Mergifyio backport branch-3.3.8

[mergify]

backport branch-3.3.8

✅ Backports have been created

• #54611 [BugFix] Fix UAF in shared UDF (backport #54592) has been created for branch branch-3.3.8

[stdpain]

https://github.com/Mergifyio backport branch-3.4.0-rc01

[mergify]

backport branch-3.4.0-rc01

✅ Backports have been created

• #54693 [BugFix] Fix UAF in shared UDF (backport #54592) has been created for branch branch-3.4.0-rc01