alamb commented on PR #7843:
URL: https://github.com/apache/arrow-rs/pull/7843#issuecomment-3033460356
> Relating to the ?-safety and unwind safety comment above: unconditionally
finalizing on drop (hopefully) produces a physically valid variant -- but the
result is still a logically invalid "torn write". That kind of spookiness is
really hard to reason around when coding, and even harder to triage when
something goes wrong. As I mentioned, I've hit this issue many times over the
years, in various forms. It's always surprising and never in a good way.
The idea of a logically lost object being hard to debug makes sense to me.
Thank you -- I think I missed that
# Propsal
1. Add a function like `ObjectBuilder::rollback` to explicitly "cancel" the
currently in progress object
2. Implement `ObjectBuilder::drop` such that it calls
`ObjectBuilder::rollback` if `ObjectBuilder::build()` has not been called
That way:
1. No way to get accidentally completed ("torn") objects
2. No panics on drop
3. No partially / corrupt objects if `finish` isn't called
To be clear, it doesn't mean that @viirya needs to fix this in this PR
(though if he does that would be great)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
