ARROW-10448: [Rust] Remove PrimitiveArray::new that can cause UB #8560
Conversation
jorgecarleitao
changed the title
jorgecarleitao
changed the title
jorgecarleitao
changed the title
|
I think we have a similar problem with building arrays from So something like the below gets created, but ends up as a 0-len array // try build array data without specifying length
ArrayData::builder(DataType::_).buffers(vec![buffer1, buffer2]).build() |
That is a very good point. I think that we have a trade-off here: do we check that the This could be a good topic for the mailing list, as it is a general question, specially for IPC and the c data interface. |
|
Is it the case that "UB" means "Undefined Behavior"? |
This PR removes `PrimitiveArray::new`. `PrimitiveArray::new` is `pub`, but it is dangerous because:
* when the buffer's content is not aligned with T, many of its methods cause UB
* when used with `null_count > 0`, many calls panic as the null bitmap is `None`, but the `null_count != 0`
* when used with `null_count > 0`, it creates an array out of spec (as the buffer for the null bitmap is `None` but the null count is not zero)
Since:
* a change in this method's signature (to either add the bitmap or remove `null_count`) requires a backward incompatible change
* it is only used in tests
* we have good offers to create primitive arrays:
* from an ArrayData,
* from a vector or vector of optionals
* from an iterator
This PR removes it.
Closes apache#8560 from jorgecarleitao/remove_new
Authored-by: Jorge C. Leitao <jorgecarleitao@gmail.com>
Signed-off-by: Neville Dipale <nevilledips@gmail.com>
This PR removes
PrimitiveArray::new.PrimitiveArray::newispub, but it is dangerous because:null_count > 0, many calls panic as the null bitmap isNone, but thenull_count != 0null_count > 0, it creates an array out of spec (as the buffer for the null bitmap isNonebut the null count is not zero)Since:
null_count) requires a backward incompatible changeThis PR removes it.