Received: by 2002:a05:6a10:17d3:0:0:0:0 with SMTP id hz19csp359646pxb;
        Wed, 14 Apr 2021 17:47:59 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJwE0H+VLGtPLVk5gdNN3trfy9jX16tEn3g3tOcfeiDAJ2AfiZPq7W49q0UswLIPVVPg01Ba
X-Received: by 2002:a17:90b:4a46:: with SMTP id lb6mr890090pjb.45.1618447679117;
        Wed, 14 Apr 2021 17:47:59 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1618447679; cv=none;
        d=google.com; s=arc-20160816;
        b=nBJnpjd1bJTsfdZBwbQ3GY2+Nc7RK6CKYOl8ACgdFN2A5FlNj/JXQu3TB8b1jbAhk+
         LL5cFWSMq5gI0+Tb3uCb4fL7WRGlLsaPOdTZATRlqGgfIEEjuak9USnJsiNsm8Bcwy1x
         lpaUYgNuQNkbtymci8fXgBr89BaATiEOdVKRNXpm3sJqM9g/4CHfJhv4Ad2v6Ldboi4H
         k/ra5tY+uS7l0fcElpKzOUnSDV/xLh0J9Iux+zgfMDS9TJ8L4/geuOVNZ7TehSASaOJ3
         AGAiGcIaNhRH014OsiJbYZwrBVRuPtzZ+IfTVWgbzLWC5cpulfoz0mrJog74oUSazmZ2
         ZKqQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:in-reply-to:content-disposition:mime-version
         :references:message-id:subject:cc:to:from:date;
        bh=9moKvPhRUkjJJO4Wvya+mBkbGwe1JBe817tqjOIbz+0=;
        b=AWxEoJeSZWFOD0EqWM0LGP8fAbDjvM11SF2YT3wndTRmiNtci9jYOpxQmDNjVNqXaa
         Ojv1UCxFs8gpZUOegW03xlKdGSIlgAFOm588WX6OmLfEeDjG31+hOc73cOR2E9oMTB7E
         y8EtiXZNHnN6W2NZUYvZAnRmPpb23Au/Y/C5RJs8tea1L2Cx5y3xCjlwoAV7iGNoAEXp
         PQKSo5jzHqIie1//dKxCfKLm2+suHejvMsFEJa4PuoiYAa5Y91Kj2bYDZvkeeplNnJM4
         wyHZ/0MA+bf3kMtF1Ukwh/ZamYZDjoAwyoy1ZaalVSu7Gi+6YYbXOe/+PiQJhmq/eXF1
         i3fg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id s6si1315982plp.81.2021.04.14.17.47.46;
        Wed, 14 Apr 2021 17:47:59 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1344460AbhDNUrQ (ORCPT <rfc822;linux.s.jambekar@gmail.com>
        + 99 others); Wed, 14 Apr 2021 16:47:16 -0400
Received: from mslow1.mail.gandi.net ([217.70.178.240]:40119 "EHLO
        mslow1.mail.gandi.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S231415AbhDNUrP (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 14 Apr 2021 16:47:15 -0400
Received: from relay9-d.mail.gandi.net (unknown [217.70.183.199])
        by mslow1.mail.gandi.net (Postfix) with ESMTP id 842FDC15D0;
        Wed, 14 Apr 2021 20:35:41 +0000 (UTC)
X-Originating-IP: 50.39.163.217
Received: from localhost (unknown [50.39.163.217])
        (Authenticated sender: josh@joshtriplett.org)
        by relay9-d.mail.gandi.net (Postfix) with ESMTPSA id A9393FF804;
        Wed, 14 Apr 2021 20:35:15 +0000 (UTC)
Date:   Wed, 14 Apr 2021 13:35:13 -0700
From:   Josh Triplett <josh@joshtriplett.org>
To:     Linus Torvalds <torvalds@linux-foundation.org>
Cc:     Matthew Wilcox <willy@infradead.org>, ojeda@kernel.org,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        rust-for-linux@vger.kernel.org,
        Linux Kbuild mailing list <linux-kbuild@vger.kernel.org>,
        "open list:DOCUMENTATION" <linux-doc@vger.kernel.org>,
        Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH 00/13] [RFC] Rust support
Message-ID: <YHdSATy9am21Tj4Z@localhost>
References: <20210414184604.23473-1-ojeda@kernel.org>
 <20210414200953.GX2531743@casper.infradead.org>
 <CAHk-=wgdhVW3+YFHG5Le=mZMYf3mGjgv1f-Td=254bj9fYd7fg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CAHk-=wgdhVW3+YFHG5Le=mZMYf3mGjgv1f-Td=254bj9fYd7fg@mail.gmail.com>
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Wed, Apr 14, 2021 at 01:21:52PM -0700, Linus Torvalds wrote:
> On Wed, Apr 14, 2021 at 1:10 PM Matthew Wilcox <willy@infradead.org> wrote:
> >
> > There's a philosophical point to be discussed here which you're skating
> > right over!  Should rust-in-the-linux-kernel provide the same memory
> > allocation APIs as the rust-standard-library, or should it provide a Rusty
> > API to the standard-linux-memory-allocation APIs?
> 
> Yeah, I think that the standard Rust API may simply not be acceptable
> inside the kernel, if it has similar behavior to the (completely
> broken) C++ "new" operator.
> 
> So anything that does "panic!" in the normal Rust API model needs to
> be (statically) caught, and never exposed as an actual call to
> "panic()/BUG()" in the kernel.

Rust has both kinds of allocation APIs: you can call a method like
`Box::new` that panics on allocation failure, or a method like
`Box::try_new` that returns an error on allocation failure.

With some additional infrastructure that's still in progress, we could
just not supply the former kind of methods at all, and *only* supply the
latter, so that you're forced to handle allocation failure. That just
requires introducing some further ability to customize the Rust standard
library.

(There are some cases of methods in the standard library that don't have
a `try_` equivalent, but we could fix that. Right now, for instance,
there isn't a `try_` equivalent of every Vec method, and you're instead
expected to call `try_reserve` to make sure you have enough memory
first; however, that could potentially be changed.)