But the end result of all this is that you CAN, in fact, just look a the Rust API and know how to use it correctly for the most part. You never have to worry about reference counts, about NULL pointers, about forgetting to check results, about dropping refs in error cases.
You never have to worry about holding the right locks, about accidentally forgetting to take a ref or dropping it twice. You never have to wonder how error returns are encoded.
Because if you make a mistake with these things, your code won't compile.
Of course you can still misuse APIs, but the worst that will happen is that you'll get an error return, or maybe a deadlock (deadlocks are easy to debug with lockdep and I wrote a really neat Arc<> integration to catch potential drop/decref related locking errors).
Even with APIs that mostly are fairly rigorously documented (OpenFirmware/Device Tree comes to mind), following all the rules in C is often tedious and error prone. Look at some random OF code in a driver and there's a good chance it leaks references.
(This doesn't really matter for most systems since they don't compile kernels with OF_DYNAMIC so ref counts are ignored, so this never gets noticed and fixed.)
But with my OF Rust abstractions? They do ref counting for you. You can just forget about it.
Asahi Lina (朝日リナ) // nullptr::live /
npub1cx…z6wtz
2024-08-31 11:44:45
in reply to nevent1q…za7m
Author Public Key
npub1cxqje22r8ewnr30rt625d58cr8gpdjnw405cq5765m2qsvghnmpquz6wtzSeen on
wss://relay.noswhere.comPublished at
2024-08-31 11:44:45Event JSON
{
"id": "704527fad6ec54779436572574ec949cccb40628fac337a641234f8e920ca056",
"pubkey": "c1812ca9433e5d31c5e35e9546d0f819d016ca6eabe98053daa6d40831179ec2",
"created_at": 1725104685,
"kind": 1,
"tags": [
[
"p",
"c1812ca9433e5d31c5e35e9546d0f819d016ca6eabe98053daa6d40831179ec2"
],
[
"e",
"b853271c1960b8ee9ad9bbd5e5d71cf93dab8ec3348aabdd9d441d592923e6e6",
"",
"root",
"c1812ca9433e5d31c5e35e9546d0f819d016ca6eabe98053daa6d40831179ec2"
],
[
"proxy",
"https://vt.social/@lina/113056460638121435",
"web"
],
[
"e",
"b712817777c6885873a730561aedf6d5f6153f450ae0663c9d8d685811b75a18",
"",
"reply",
"c1812ca9433e5d31c5e35e9546d0f819d016ca6eabe98053daa6d40831179ec2"
],
[
"proxy",
"https://vt.social/users/lina/statuses/113056460638121435",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://vt.social/users/lina/statuses/113056460638121435",
"pink.momostr"
],
[
"-"
]
],
"content": "But the end result of all this is that you CAN, in fact, just look a the Rust API and know how to use it correctly for the most part. You never have to worry about reference counts, about NULL pointers, about forgetting to check results, about dropping refs in error cases.\n\nYou never have to worry about holding the right locks, about accidentally forgetting to take a ref or dropping it twice. You never have to wonder how error returns are encoded.\n\nBecause if you make a mistake with these things, your code won't compile.\n\nOf course you can still misuse APIs, but the worst that will happen is that you'll get an error return, or maybe a deadlock (deadlocks are easy to debug with lockdep and I wrote a really neat Arc\u003c\u003e integration to catch potential drop/decref related locking errors).\n\nEven with APIs that mostly are fairly rigorously documented (OpenFirmware/Device Tree comes to mind), following all the rules in C is often tedious and error prone. Look at some random OF code in a driver and there's a good chance it leaks references.\n\n(This doesn't really matter for most systems since they don't compile kernels with OF_DYNAMIC so ref counts are ignored, so this never gets noticed and fixed.)\n\nBut with my OF Rust abstractions? They do ref counting for you. You can just forget about it.",
"sig": "17f0542c35c31f2306303f2362faf61b8713e6698dd89051e3746943eff538326e614de76bc5d1f6b21f21c272cb6185a7d37c22e55bddb8bca57884b9dac7b1"
}