Bug#54477: Crash on IN / CASE with NULL arguments

Incorrect handling of NULL arguments could lead to a crash on
the IN or CASE operations when either NULL arguments were
passed explicitly as arguments (IN) or implicitly generated by
the WITH ROLLUP modifier (both IN and CASE).

Item_func_case::find_item() assumed all necessary comparators
to be instantiated in fix_length_and_dec(). However, in the
presence of WITH ROLLUP modifier, arguments could be
substituted with an Item_null leading to an "unexpected"
STRING_RESULT comparator being invoked.

In addition to the problem identical to the above,
Item_func_in::val_int() could crash even with explicitly passed
NULL arguments due to an optimization in fix_length_and_dec()
leading to NULL arguments being ignored during comparators
creation.

mysql-test/r/func_in.result

@@ -750,4 +750,24 @@ id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	Impossible WHERE noticed after reading const tables
 DROP TABLE t1;
 #
+# Bug#54477: Crash on IN / CASE with NULL arguments
+#
+CREATE TABLE t1 (a INT);
+INSERT INTO t1 VALUES (1), (2);
+SELECT 1 IN (NULL, a) FROM t1;
+1 IN (NULL, a)
+1
+NULL
+SELECT a IN (a, a) FROM t1 GROUP BY a WITH ROLLUP;
+a IN (a, a)
+1
+1
+NULL
+SELECT CASE a WHEN a THEN a END FROM t1 GROUP BY a WITH ROLLUP;
+CASE a WHEN a THEN a END
+1
+2
+NULL
+DROP TABLE t1;
+#
 End of 5.1 tests