Rust in Samba example code and slides
Kai Blin
kai at samba.org
Fri Jun 8 15:26:49 UTC 2018
On Thu, 2018-06-07 at 09:00 -0400, Simo wrote:
Hi Simo,
> Pretty cool Kai,
> however my heart sank when I saw talloc in Rust.
Yeah, I felt the same when I initially realised why all the Rust FFI
docs only ever pass around trivial data types.
> I think one of the key features about Rust (and its safety) is that
> the compiler handles memory, I wouldn't want to use talloc in there
> :-)
We'll have to accept that whatever way we handle the memory, we'll
always need to deal with a small layer of insecurity on the edge
between Rust (where ownership is clear and pointers never can be NULL)
and C.
> I would rather pay the price of copying memory at the edges if we
> really have no options, or simply have a wrapping talloc construct
> that wraps Rust structures like:
>
> struct talloc_wrap {
> Rust owned memory here
> };
>
> When you receive the memory from rust you'd slap the talloc_wrap in
> the memory hierarchy so that will take care of freeing stuff via a
> destructor, then use the result. The only gotcha will be that you
> can't steal any Rust returned buffers, but that seem a small price to
> pay, worst case you copy it out.
That certainly is an option, I just didn't get around to build that for
the talk as well.
The main goal of my talk was to see if there is any value in even
investigating this further, and I think there could be.
I'm glad my email kicked off a conversation on which of the models for
memory management make sense for us. Thanks to Garming for the input as
well.
Cheers,
Kai
--
Kai Blin @kaiblin
Samba Developer http://samba.team
More information about the samba-technical
mailing list