fornwall opened a new pull request, #4473:
URL: https://github.com/apache/arrow-adbc/pull/4473

   **Disclaimer**: Most of this PR description and all the code here was AI 
generated. Let me know if there is any issues to dig into or modifications to 
be made. The code comments are rather verbose, but not obviously unnecessary - 
let me know if they should be removed/shortened.
   
   The FFI driver exporter wrote the entire `FFI_AdbcError` struct into the 
caller's out-pointer on every failed method, unconditionally clobbering the 
`private_data` (and, at two of the three sites, `private_driver`) fields.
   
   The `AdbcError` documentation in `c/include/arrow-adbc/adbc.h` says these 
fields exist only in the ADBC 1.1.0 layout and that a driver "should read/write 
these fields if and only if vendor_code is equal to 
ADBC_ERROR_VENDOR_CODE_PRIVATE_DATA", and "should never touch more than [the 
1.0.0-sized] portion of an AdbcError struct" otherwise. Overwriting them 
corrupts memory an ADBC 1.0.0 caller owns (or does not have at all).
   
   Route all three error-writing sites (check_err!, pointer_as_mut! and the 
panic handler in catch_panic) through a new `set_error_out()` that:
   
   - reads the caller's `vendor_code` first; when it is not the sentinel, 
writes only the 1.0.0-sized prefix and installs a message-only release, leaving 
`private_data`/`private_driver` as the caller set them;
   - otherwise behaves as before: preserves `private_driver` and writes the 
full struct, with structured details carried in `private_data`.
   
   This makes the C++ validation suite's `StatementTest.ErrorCompatibility` 
pass against an ADBC driving implemented using `adbc_ffi`.
   
   Fixes #4472.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to