Observe close(2) errors for std::fs::{copy, write}#149834
Observe close(2) errors for std::fs::{copy, write}#149834tbu- wants to merge 1 commit intorust-lang:mainfrom
close(2) errors for std::fs::{copy, write}#149834Conversation
|
rustbot has assigned @Mark-Simulacrum. Use |
ab5eab8 to
38e2c5b
Compare
|
This PR was rebased onto a different main commit. Here's a range-diff highlighting what actually changed. Rebasing is a normal part of keeping PRs up to date, so no action is needed—this note is just to help reviewers. |
|
|
||
| io::copy(&mut reader, &mut writer) | ||
| let ret = io::copy(&mut reader, &mut writer)?; | ||
| writer.close()?; |
There was a problem hiding this comment.
Even though this can't fail, I copied it for symmetry with the other implementations.
This comment has been minimized.
This comment has been minimized.
38e2c5b to
cac4eb5
Compare
This comment has been minimized.
This comment has been minimized.
Adds a (private to `std`) `File::close` method and uses it in `std::fs::write` and `std::fs::copy`. This is a lighter version of rust-lang/libs-team#705 that can be added even if that ACP isn't accepted, as this is purely a quality of implementation thing that could be reverted at any time. External libraries and applications can use external crates like https://crates.io/crates/close-err to achieve the same with the files they own. CC rust-lang/libs-team#705.
cac4eb5 to
f7e0a04
Compare
|
So I don't see why these practically least-effort methods are the ones that would warrant extra care. Such a PR might be more appropriate to atomic write crates... except that they already do fsync, which subsumes this.
|
|
We're just returning the error from |
|
Well, I both do not like the precedent, and I also think that if anything really needs to do this then these are the methods where it's the least necessary, which makes the first point worse "look, even these simple, least-defensive std methods do it!" |
|
I'm personally not a huge fan of incrementally doing this in semi-random places in the standard library that operate on files internally and happen to already handle some errors. At minimum, it makes it harder to read code by adding extra operations. I'm going to mark this waiting on T-libs. I think it makes sense for T-libs and T-libs-api to discuss what we want as policy here for internal implementations and external implementations before we land changes either way. |
I tried to not make it "semi-random places in the standard library", but "all places in the standard library that drop a file after writing to it", i.e. all the places where the calling code can't close the file itself. |
Why does this need T-libs/T-libs-api decisions on policy? This looks like a simple quality of implementation thing. It does not regress any use cases. It improves some (see rust-lang/libs-team#705). It doesn't do anything special a normal rust crate couldn't do. It can be reverted if it causes problems. It's not a huge diff, so it's not hard to maintain. |
|
This was discussed in the libs meeting. The discussion in the ACP is still on going so we'd prefer to see the discussion there continue before deciding on this. |
|
With the ACP closed I propose to also close this. There's technically nothing wrong with returning errors from those places, but we should not create the impression that these convenience methods do anything special resulting in higher reliability than almost all other File APIs in std and that those other APIs should be avoided. I believe that the error-swallowing behavior in File/OwnedFd's drop impl already is something of a de-facto policy in std that we don't treat @rfcbot fcp close libs |
|
Team member @the8472 has proposed to close this. The next step is review by the rest of the tagged team members: No concerns currently listed. Once a majority of reviewers approve (and at most 2 approvals are outstanding), this will enter its final comment period. If you spot a major issue that hasn't been raised at any point in this process, please speak up! See this document for info about what commands tagged team members can give me. |
Correct.
Is your imagined scenario that people will avoid these other APIs? I see little reason to believe that. It's just convenience for people who want to observe these errors. It comes at no performance cost, too. I think the ACP closure is relatively irrelevant here, as I already pointed out in the very first comment, it's just a "return errors where we already know about them and are in a position to return them instead of explicitly throwing them away". It's not even an API promise, it's just an implementation detail. If it turns out that this is confusing for people, we can always revert it. |
|
I don't love the decision against the
I do think it will discourage the other APIs, yes. But a crate like |
Fair then I guess. Although the following point still applies:
|
Is contradicted by the earlier comment
If you "want" to do this you'd have to know about that implementation detail and then rely on an implementation detail rather than the API contract. |
Yes, just like what you do when you rely on other implementation details, like knowing which syscalls get called by |
|
🔔 This is now entering its final comment period, as per the review above. 🔔 |
Adds a (private to
std)File::closemethod and uses it instd::fs::writeandstd::fs::copy.This is a lighter version of rust-lang/libs-team#705 that can be added even if that ACP isn't accepted, as this is purely a quality of implementation thing that could be reverted at any time. External libraries and applications can use external crates like https://crates.io/crates/close-err to achieve the same with the files they own.
CC rust-lang/libs-team#705.