dataroaring commented on PR #53540: URL: https://github.com/apache/doris/pull/53540#issuecomment-3284891395
**🚨 CRITICAL: Non-Thread-Safe Time Functions** **File**: `be/src/cloud/cloud_tablet.cpp` lines 295-305 ```cpp std::time_t t1 = system_clock::to_time_t(rs_meta->visible_timestamp()); std::tm tm1 = *std::localtime(&t1); // ❌ NOT THREAD-SAFE std::time_t t2 = system_clock::to_time_t(system_clock::now()); std::tm tm2 = *std::localtime(&t2); // ❌ NOT THREAD-SAFE ``` **Issue**: `std::localtime()` is **not thread-safe** and can cause: - **Data races** when multiple threads call it simultaneously - **Memory corruption** from shared internal buffers - **Incorrect time calculations** leading to wrong freshness decisions - **Undefined behavior** in production multi-threaded environments **Critical Risk**: Since this code runs in a multi-threaded tablet server environment, this could cause **production crashes** and **incorrect query results**. **Fix**: Use thread-safe alternatives: **Option 1** - Thread-safe POSIX function: ```cpp std::time_t t1 = system_clock::to_time_t(rs_meta->visible_timestamp()); std::tm tm1; std::gmtime_r(&t1, &tm1); // ✅ THREAD SAFE std::time_t t2 = system_clock::to_time_t(system_clock::now()); std::tm tm2; std::gmtime_r(&t2, &tm2); // ✅ THREAD SAFE ``` **Option 2** - Modern C++20 approach: ```cpp // Use chrono formatting directly (if C++20 available) auto t1 = rs_meta->visible_timestamp(); auto t2 = system_clock::now(); // Use std::format or similar for time formatting ``` **Note**: Using `gmtime_r` gives UTC time. If local time is specifically needed, use `localtime_r` instead. **This must be fixed before merge** as it poses a serious thread safety risk. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
