Re: [PATCH v4 2/3] rust: pci: impl TryFrom<&Device> for &pci::Device

From: Danilo Krummrich
Date: Mon Mar 24 2025 - 14:13:32 EST

Next message: syzbot: "[syzbot] [usb?] WARNING in dib0700_i2c_xfer/usb_submit_urb"
Previous message: Michal Koutný: "Re: [PATCH v2 00/10] Add kernel cmdline option for rt_group_sched"
In reply to: Benno Lossin: "Re: [PATCH v4 2/3] rust: pci: impl TryFrom<&Device> for &pci::Device"
Next in thread: Benno Lossin: "Re: [PATCH v4 2/3] rust: pci: impl TryFrom<&Device> for &pci::Device"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Mar 24, 2025 at 05:36:45PM +0000, Benno Lossin wrote:
> On Mon Mar 24, 2025 at 5:49 PM CET, Danilo Krummrich wrote:
> > On Mon, Mar 24, 2025 at 04:39:25PM +0000, Benno Lossin wrote:
> >> On Sun Mar 23, 2025 at 11:10 PM CET, Danilo Krummrich wrote:
> >> > On Sat, Mar 22, 2025 at 11:10:57AM +0100, Danilo Krummrich wrote:
> >> >> On Fri, Mar 21, 2025 at 08:25:07PM -0700, Greg KH wrote:
> >> >> > Along these lines, if you can convince me that this is something that we
> >> >> > really should be doing, in that we should always be checking every time
> >> >> > someone would want to call to_pci_dev(), that the return value is
> >> >> > checked, then why don't we also do this in C if it's going to be
> >> >> > something to assure people it is going to be correct? I don't want to
> >> >> > see the rust and C sides get "out of sync" here for things that can be
> >> >> > kept in sync, as that reduces the mental load of all of us as we travers
> >> >> > across the boundry for the next 20+ years.
> >> >>
> >> >> I think in this case it is good when the C and Rust side get a bit
> >> >> "out of sync":
> >> >
> >> > A bit more clarification on this:
> >> >
> >> > What I want to say with this is, since we can cover a lot of the common cases
> >> > through abstractions and the type system, we're left with the not so common
> >> > ones, where the "upcasts" are not made in the context of common and well
> >> > established patterns, but, for instance, depend on the semantics of the driver;
> >> > those should not be unsafe IMHO.
> >>
> >> I don't think that we should use `TryFrom` for stuff that should only be
> >> used seldomly. A function that we can document properly is a much better
> >> fit, since we can point users to the "correct" API.
> >
> > Most of the cases where drivers would do this conversion should be covered by
> > the abstraction to already provide that actual bus specific device, rather than
> > a generic one or some priv pointer, etc.
> >
> > So, the point is that the APIs we design won't leave drivers with a reason to
> > make this conversion in the first place. For the cases where they have to
> > (which should be rare), it's the right thing to do. There is not an alternative
> > API to point to.
>
> Yes, but for such a case, I wouldn't want to use `TryFrom`, since that
> trait to me is a sign of a canonical way to convert a value.

Well, it is the canonical way to convert, it's just that by the design of other
abstractions drivers should very rarely get in the situation of needing it in
the first place.

Next message: syzbot: "[syzbot] [usb?] WARNING in dib0700_i2c_xfer/usb_submit_urb"
Previous message: Michal Koutný: "Re: [PATCH v2 00/10] Add kernel cmdline option for rt_group_sched"
In reply to: Benno Lossin: "Re: [PATCH v4 2/3] rust: pci: impl TryFrom<&Device> for &pci::Device"
Next in thread: Benno Lossin: "Re: [PATCH v4 2/3] rust: pci: impl TryFrom<&Device> for &pci::Device"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]