In this talk, we’ll walk through a practical example of wrapping a real C++ library and show repeatable design patterns for: modelling ownership and lifetimes, mapping error handling into Result, defining safe abstraction boundaries, and minimising unsafe surface area. We’ll also discuss how generated bindings (e.g., Crubit-style tools) accelerate interop, and why wrapper design still requires deliberate human judgment.
We’ll cover common interop footguns like unsound Send/Sync assumptions, ABI/layout hazards, panic/exception boundary issues, accidental copies, and wrapper-layer performance regressions, and close with a review checklist teams can apply immediately.
This matters because in large production C++ codebases, adoption often starts with “generate bindings” but teams quickly discover that bindings aren’t APIs. The wrapper design is what determines safety, ergonomics, and long-term maintainability under constraints like thread-safety, exceptions, stable APIs, and strict performance budgets.
Divya is a software engineer at Google’s Core Dev Rust team, focused on developing safe wrappers, C++/Rust interoperability, and scaling Rust in production.
