Matthias Endler
๐ค SpeakerAppearances Over Time
Podcast Appearances
How do you review Rust code for correctness?
What do you look out for?
What are some common patterns that you found useful here?
It turns out there's not a lot of space in space.
You work on tiny hardware.
And shout out to Vegard as well.
It was an amazing episode too.
Now, Rust has fallible allocations for vectors nowadays, but...
I'm guessing that you even want to avoid allocations in the first place, especially the dynamic allocations.
And Oxide, for example, has a scheduler called Hubris.
And Steve, please correct me if I'm wrong here, but Steve Klapnick, that is.
I think what they did was they used static allocation, static memory, and every payload that they run on that scheduler has a fixed size known at compile time, which allows you to have predictable allocations.
Do you use that pattern as well, if you can?
So having a fixed struct and knowing that only this struct will need to be allocated, quote unquote, on the stack?
If I understand correctly, that means you don't initialize the struct.
You have a view into this byte block in this block of bytes and zero copy kind of makes it safe for you.
well that's really nice it's a nice example of making illegal state impossible to represent and parsing instead of validating that's kind of cool you said that zero copy is a bit like a safe transmute would that mean you can ditch transmute altogether and always use zero copy or are there any cases where zero copy just doesn't provide a safe interface
Okay, you try to minimize unsafe code.
Do you also try to minimize unwraps?
Are there any better patterns that you use?