-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Undefined behavior in tidb_query_datatype's RowSlice #7613
Comments
Maybe we can drop the usage of slice at all. The slice is constructed to reuse the binary search method from std. We can write our own binary search using explicitly unaligned memory access. |
@zhongzc PTAL |
Writing our own binary search has to deal with the endian at every comparison. Or any other good idea? |
Bug Report
RowSlice
does an unsafe pointer cast that is often unaligned. This is undefined behavior, which could potentially lead to miscompilation.Here is the source:
tikv/components/tidb_query_datatype/src/codec/row/v2/row_slice.rs
Line 149 in 7565efc
The fix isn't simple, so I'm just filing a bug cc @breeswish.
Potential fixes are to accumulate the casted items into a new buffer instead of slicing the original buffer, but that costs an allocation. Another fix would be to change the serialization such that the cast always ends up aligned, while adding an assertion here that the alignment is correct.
Tested against commit adf3a94
Found with miri (cc @oli-obk 👍 ).
The text was updated successfully, but these errors were encountered: