fix leaks in read_table #449
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
nicklan
commented
Oct 30, 2024
nicklan
requested review from
zachschuermann,
scovich and
OussamaSaoudi-db
and removed request for
scovich,
zachschuermann and
OussamaSaoudi-db
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #449 +/- ##
=======================================
Coverage ? 78.16%
=======================================
Files ? 55
Lines ? 11594
Branches ? 11594
=======================================
Hits ? 9062
Misses ? 2032
Partials ? 500 ☔ View full report in Codecov by Sentry. |
scovich
reviewed
Oct 30, 2024
scovich
approved these changes
Oct 30, 2024
There was a problem hiding this comment.
Most of the fixed problems seem to be due to g_arrow?
Yep. So much g_object_unref :)
Could you elaborate on what parts are kernel footguns and why?
Main things I was referencing are:
get_raw_arrow_data-> returns a leaked struct with two elements. This means you have to consider the lifetimes of the raw schema and data, which generally will go into garrow or similar, and the actual struct itself, which is confusing. I added a todo in the code for this where we could probably use a callback.kernel_scan_data_next-> This uses a callback model, but the things we pass into the callback are owned by engine. This is an inversion of how we usually handle it in which we say that things that get passed into a callback will be freed by kernel after the callback completes. I'd like to have a look at this and see if there's a good reason we don't free on kernel side, or if we can just change those semantics.- Longer lived things like a
Scanwhich also get "scan data" and then we have to individually free each. I'm not sure there's much we can do here, but it's still important that we carefully document this.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What changes are proposed in this pull request?
Fix leaks in
read_table. It now runs cleanly with-fsanitize=address.Some of these are probably footguns in kernel that we should fix. I've also added comments for now in kernel for some places where engine is responsible to free things. We should look at these and see if we can/should move to a callback model so the freeing is not necessary.
The good news is, this didn't find any leaks in kernel itself, just bad c code :)
Fixes #448
How was this change tested?
valgrind