Insulating layer?

Posted Oct 11, 2024 10:37 UTC (Fri) by farnz (subscriber, #17727)
In reply to: Insulating layer? by mmechri
Parent article: On Rust in enterprise kernels

The big thing that Rust makes easier is writing performant code that's structured as "parse external form into suitable internal structures, work with internal structures, serialize into external form".

The type system then allows you to make sure that your invariants aren't ever broken inside the internal structures (absent the use of unsafe, which you can catch and worry about during code review). Rust enums (sum type) are powerful for representing choices, because enum variants can be structs, not just integers, while the affine typing rules Rust uses mean that you can guarantee that if someone wants to get an object of a specific type, they've given you ownership of an object of a different type, which allows you to prevent double-action of many forms (double-freeing is the famous one, but any form of double action on a type that shouldn't allow it is something you can prohibit).