AddressSanitizer error in operator new[](unsigned long) ../../../../src/libsanitizer/asan/asan_new_delete.cpp:102

[fuzzerofducks]

Issue found by DuckFuzz on git commit hash cf5b7 using seed 797644398.

To Reproduce

create table all_types as select * exclude(small_enum, medium_enum, large_enum) from test_all_types();
SELECT NULL FROM all_types AS t51(c1, c2, c3, c4, c5, c6, c7, c8, c9, c10, c11, c12, c13, c14, c15, c16, c17, c18, c19, c20, c21, c22, c23, c24, c25, c26, c27, c28, c29, c30, c31, c32, c33, c34, c35, c36, c37, c38, c39, c40, c41, c42, c43, c44, c45, c46, c47, c48, c49, c50) WHERE range(c10)

Error Message

AddressSanitizer error in operator new[](unsigned long) ../../../../src/libsanitizer/asan/asan_new_delete.cpp:102

[Tmonster]

Mini repro

create table all_types as select * exclude(small_enum, medium_enum, large_enum) from test_all_types();
select int_array from all_types as t(c1) where range(uint);

This isn't really an issue

• In release a Conversion error is thrown Conversion Error: Unimplemented type for cast (BIGINT[] -> BOOLEAN), but this only happens during physical execution after the range(uint) calls are finished.
• The reason the query get an address sanitizer error is because it generates range(4294967295) before checking the filter. The query select uint from all_types; returns the following

  D select uint from all_types;
  ┌────────────┐
  │    uint    │
  │   uint32   │
  ├────────────┤
  │          0 │
  │ 4294967295 │
  │            │
  └────────────┘

  Naturally range(4294967295) will take up a lot of memory, which the GitHub Actions machine doesn't have, thereby causing the address sanitizer issue.

I feel like DuckDB could throw an error earlier here if it's known the types can't cast. I looked at the code, and it looks like we don't throw eagerly on purpose, instead we have a DefaultCasts::TryVectorNullCast as the cast operator.

@Mytherin any thoughts on what might be best here? Or should this just be closed as not an issue?