lwhite1 commented on PR #13248:
URL: https://github.com/apache/arrow/pull/13248#issuecomment-1262827075
> > In the ArrayImporter code, the CDataReferenceManager releases the memory
as soon as the import is complete:
> > ```
> > // This keeps the array alive as long as there are any buffers that
need it
> > referenceManager = new CDataReferenceManager(ownedArray);
> > try {
> > referenceManager.increment();
> > doImport(snapshot);
> > } finally {
> > referenceManager.release();
> > }
> > ```
> >
> > So the ref count is already 0 when the transfer attempt occurs later.
>
> That can't be right, ref count 0 is freed and so that would mean the code
causes a use-after-free. The reference count should be nonzero, because
doImport calls into FieldVector#loadFieldBuffers and the type-specific
implementations call retainBuffer on the bufferse as necessary.
You're probably right. I didn't actually check, but rather assumed the
importer would only have one reference.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
