Hi Alice,
On 2/21/2026 3:59 AM, Alice Ryhl wrote:
> On Wed, Feb 18, 2026 at 03:55:03PM -0500, Joel Fernandes wrote:
>> Add a new module `clist` for working with C's doubly circular linked
>> lists. Provide low-level iteration over list nodes.
>>
>> Typed iteration over actual items is provided with a `clist_create`
>> macro to assist in creation of the `CList` type.
>>
>> Cc: Nikola Djukic <[email protected]>
>> Reviewed-by: Daniel Almeida <[email protected]>
>> Acked-by: Gary Guo <[email protected]>
>> Signed-off-by: Joel Fernandes <[email protected]>
>
> In general this looks like a useful tool to write other abstractions, so
> that's good. A few nits below.
>
> Also, I think it would make more sense to split this series into two
> with titles like this:
>
> * Add clist helper for writing abstractions using C lists
> * Move buddy alloctor one level up
>
> That way, you can tell what the series actually does from its title.
> Yes, the 'why' of a series is very important, and must be included in
> the cover letter or commit messages, but I think the title of a series
> should explain the 'what', not the 'why'.
Sure, that makes sense I can move the buddy patches into a different series
indeed.
>
>> +impl CListHead {
>> + /// Create a `&CListHead` reference from a raw `list_head` pointer.
>> + ///
>> + /// # Safety
>> + ///
>> + /// - `ptr` must be a valid pointer to an allocated and initialized
>> `list_head` structure.
>> + /// - `ptr` must remain valid and unmodified for the lifetime `'a`.
>> + /// - The list and all linked `list_head` nodes must not be modified by
>> non-Rust code
>> + /// for the lifetime `'a`.
>
> I don't think C vs Rust is useful here. What you want is that the list
> is not modified by random other code in ways you didn't expect. It
> doesn't matter if it's C or Rust code that carries out the illegal
> modification.
Yeah, this is true. I will change it to the following then:
"The list and all linked `list_head` nodes must not be modified from
anywhere for the lifetime `'a`."
>
>> +// SAFETY: [`CListHead`] can be sent to any thread.
>> +unsafe impl Send for CListHead {}
>> +
>> +// SAFETY: [`CListHead`] can be shared among threads as it is not modified
>> +// by non-Rust code per safety requirements of [`CListHead::from_raw`].
>> +unsafe impl Sync for CListHead {}
>
> Same here. If another piece of Rust code modifies the list in parallel
> from another thread, you'll have a bad time too. C vs Rust does not
> matter.
Ack, will change it to:
// SAFETY: [`CListHead`] can be shared among threads as it is
// read-only per safety requirements of [`CListHead::from_raw`].
thanks,
--
Joel Fernandes
