Re: [PATCH v10 5/8] rust: clist: Add support to interface with C linked lists

[Joel Fernandes]

Hi Alice,

On 2/21/2026 3:59 AM, Alice Ryhl wrote:
> On Wed, Feb 18, 2026 at 03:55:03PM -0500, Joel Fernandes wrote:
>> Add a new module `clist` for working with C's doubly circular linked
>> lists. Provide low-level iteration over list nodes.
>>
>> Typed iteration over actual items is provided with a `clist_create`
>> macro to assist in creation of the `CList` type.
>>
>> Cc: Nikola Djukic <ndjukic@xxxxxxxxxx>
>> Reviewed-by: Daniel Almeida <daniel.almeida@xxxxxxxxxxxxx>
>> Acked-by: Gary Guo <gary@xxxxxxxxxxx>
>> Signed-off-by: Joel Fernandes <joelagnelf@xxxxxxxxxx>
> 
> In general this looks like a useful tool to write other abstractions, so
> that's good. A few nits below.
> 
> Also, I think it would make more sense to split this series into two
> with titles like this:
> 
> * Add clist helper for writing abstractions using C lists
> * Move buddy alloctor one level up
> 
> That way, you can tell what the series actually does from its title.
> Yes, the 'why' of a series is very important, and must be included in
> the cover letter or commit messages, but I think the title of a series
> should explain the 'what', not the 'why'.

Sure, that makes sense I can move the buddy patches into a different series
indeed.

> 
>> +impl CListHead {
>> +    /// Create a `&CListHead` reference from a raw `list_head` pointer.
>> +    ///
>> +    /// # Safety
>> +    ///
>> +    /// - `ptr` must be a valid pointer to an allocated and initialized `list_head` structure.
>> +    /// - `ptr` must remain valid and unmodified for the lifetime `'a`.
>> +    /// - The list and all linked `list_head` nodes must not be modified by non-Rust code
>> +    ///   for the lifetime `'a`.
> 
> I don't think C vs Rust is useful here. What you want is that the list
> is not modified by random other code in ways you didn't expect. It
> doesn't matter if it's C or Rust code that carries out the illegal
> modification.

Yeah, this is true. I will change it to the following then:

"The list and all linked `list_head` nodes must not be modified from
anywhere for the lifetime `'a`."

> 
>> +// SAFETY: [`CListHead`] can be sent to any thread.
>> +unsafe impl Send for CListHead {}
>> +
>> +// SAFETY: [`CListHead`] can be shared among threads as it is not modified
>> +// by non-Rust code per safety requirements of [`CListHead::from_raw`].
>> +unsafe impl Sync for CListHead {}
> 
> Same here. If another piece of Rust code modifies the list in parallel
> from another thread, you'll have a bad time too. C vs Rust does not
> matter.

Ack, will change it to:
  // SAFETY: [`CListHead`] can be shared among threads as it is
  // read-only per safety requirements of [`CListHead::from_raw`].

thanks,

--
Joel Fernandes