Open
Conversation
alamb
changed the title
ArrayData::slice length overflow
alamb
commented
Apr 25, 2026
| assert_eq!(data.null_count() - 1, new_data.null_count()); | ||
| } | ||
|
|
||
| #[test] |
Contributor
Author
There was a problem hiding this comment.
Here is how the test fails without the code change
It seems like maybe we should start running some targeted tests in release builds too to really ensure these cases are covered 🤔
andrewlamb@Andrews-MacBook-Pro-3:~/Software/arrow-rs$ cargo test -p arrow-data test_slice_panics_on_offset_length_overflow
Compiling arrow-data v58.1.0 (/Users/andrewlamb/Software/arrow-rs/arrow-data)
Finished `test` profile [unoptimized + debuginfo] target(s) in 0.45s
Running unittests src/lib.rs (target/debug/deps/arrow_data-c6408ac97be22d82)
running 1 test
test data::tests::test_slice_panics_on_offset_length_overflow - should panic ... FAILED
failures:
---- data::tests::test_slice_panics_on_offset_length_overflow stdout ----
thread 'data::tests::test_slice_panics_on_offset_length_overflow' (46323764) panicked at arrow-data/src/data.rs:581:17:
attempt to add with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
note: panic did not contain expected string
panic message: "attempt to add with overflow"
expected substring: "offset + length overflow"
failures:
data::tests::test_slice_panics_on_offset_length_overflow
test result: FAILED. 0 passed; 1 failed; 0 ignored; 0 measured; 27 filtered out; finished in 0.00s
error: test failed, to rerun pass `-p arrow-data --lib`
Contributor
Author
There was a problem hiding this comment.
Follow on PR:
This was referenced Apr 25, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Which issue does this PR close?
Rationale for this change
ArrayData::slicechecked bounds using uncheckedusizeaddition. In optimized builds, very largelengthvalues could wrapoffset + length, allowing invalid slice arguments to createArrayDatawith inconsistent length and offset metadata instead of panicking.What changes are included in this PR?
This updates
ArrayData::sliceto use checked arithmetic when computing the slice end.The panic documentation is updated to describe the overflow case.
Are these changes tested?
Yes. This adds a regression test covering a slice-of-slice call where
offset + lengthoverflows. The new regression was also verified in release mode.Validated with:
cargo test -p arrow-data test_slice_panics_on_offset_length_overflow --releaseAre there any user-facing changes?
Invalid
ArrayData::slicearguments whereoffset + lengthoverflows now panic consistently across build modes. There are no API changes.