-
Notifications
You must be signed in to change notification settings - Fork 12.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use try_reserve and panic in Vec's io::Write #84612
Conversation
r? @m-ou-se (rust-highfive has picked a reviewer for you, use r? to override) |
If we change latter this would not be considered as breaking change ? BTW, that why almost everything should return result |
|
I mean remove it later. This patch say "on oom an error of type other will be trigger" changing to a dedicated error later would be breaking change no ? |
|
Can you please quote and link it ? |
Ah find it:
Well, I have no objection anymore. It's perfect. |
Add ErrorKind::OutOfMemory Ability to express `ENOMEM` as an `io::Error`. I've used `OutOfMemory` as opposed to `NotEnoughMem` or `AllocationFailed`, because "OOM" is used in Rust already. See also rust-lang#84612
There may be code that assumes that writing to a |
they choice to ignore error... we can't prevent bad code. If you choice to ignore error, you choice it. Anyway, OOM is too rare to affect code that ignore error. |
Up till now it was a completely reasonable choice as there was literally no way that it could produce an error.
It will make for hard to debug problems. Currently OOM will just crash the program, but after this change it will cause it to silently give a bogus result. The fact that OOM's are so rare is precisely why this is a problem. If OOM's were common, the code would still break with this PR, but at least it would relatively consistently break, which makes it easy to fix before the hitting production. Because OOM's are uncommon, the incorrect handling will almost guaranteed hit production. |
That what we call implementation behavior, the function return a result, nothing said it's guarantee to not error. So, not it was not a completely reasonable choice. |
If I understand correctly, you're describing Hyrum's Law here. Users may have created a trap for themselves by relying on an aspect of an API that has never been promised or documented. Write to a
|
Add ErrorKind::OutOfMemory Ability to express `ENOMEM` as an `io::Error`. I've used `OutOfMemory` as opposed to `NotEnoughMem` or `AllocationFailed`, because "OOM" is used in Rust already. See also rust-lang#84612
@rfcbot merge This makes it possible for @rust-lang/libs curious to hear your opinions. |
Team member @m-ou-se has proposed to merge this. The next step is review by the rest of the tagged team members: Concerns:
Once a majority of reviewers approve (and at most 2 approvals are outstanding), this will enter its final comment period. If you spot a major issue that hasn't been raised at any point in this process, please speak up! See this document for info about what commands tagged team members can give me. |
|
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
@bors r-
Alright, let's go for that then. |
Triage here, I'm unclear on the status of this PR, is it being postponed while other avenues are pursued? |
yea, I think this is currently blocked on |
Hey! It looks like you've submitted a new PR for the library teams! If this PR contains changes to any Examples of
|
io::Write
is already fallible in principle, so it makes sense to be actually fallible forVec
too.This enables use of fallible allocation for
Vec
without exposing the yet-undecidedTryAllocError
.I've changed original PR from returning
io::Error
to panicking, to de-risk the change for cases wherelet _ = vec.write()
may have been used.