2 In many respects Rust is a competent but not particularly novel
7 Reference to Blub languages.
9 B======================================================================B
13 Firstly, I'm going to go into some detail about Rust's one very novel
14 property: it's approach to memory management. Let us consider,
15 particularly, dynamically allocated memory.
17 Until now there have been basically two approaches:
19 In lower-level languages like C, C++ and assembler, you as the
20 programmer must know whenever memory allocation is occurring, and
21 control when that memory is freed, usually with explicit code.
22 Mistakes lead to bugs - often, bugs which are very hard to track down.
23 There are some static checkers, and coding conventions, which help to
24 reduce the number of these bugs but they are still a big problem even
25 with the most careful software development practices.
27 In higher-level languages, memory allocation is often implicit and
28 deallocation is handled automatically by a garbage collector. This is
29 convenient for the programmer. But it requires support from a
30 language runtime, which is awkward in some environments and makes it
31 hard to interface to other languages. And it costs performance -
32 sometimes, a lot of performance. Traditionally, garbage-collected
33 languages have focused on programmer convenience, or programming
34 language power, rather than performance.
36 [ MM survey slide + Rust ]
38 Rust has a different approach. Each object in a Rust program has
39 exactly one owner; for a local variable that owner is the variable.
40 For an object in a complex data structure, the data structure is the
41 owner (and of course that data structure has, in turn, an owner). In
42 many ways this resembles informal notions of object ownership which
43 programmers have typically used in C and C++ to make their code
46 But in Rust the ownership is known to the language, and the rules
47 surrounding ownership are enforced by the compiler. When an object
48 ceases to have an owner, it is freed.
50 This ownership system is used not only for dynamically allocated
51 objects, but for local variables, and statically allocated objects.
53 [ Borrowing example slide ] https://doc.rust-lang.org/book/ch04-02-references-and-borrowing.html#mutable-references
55 To allow an object to be accessed other than through owner, Rust
56 formalises the notion of borrowing. An object can be borrowed by
57 writing the ampersand, giving a reference. The compiler checks that
58 the object will outlive the reference.
60 [ dangling reference error example https://doc.rust-lang.org/book/ch04-02-references-and-borrowing.html#dangling-references ]
62 Borrows (that is, references) come in two kinds: mutable and
63 immutable. You can have many immutable references at once. A mutable
64 reference permits modification, and provides exclusive access.
66 [ Borrowing example slide with mut missing ] ABOVE https://doc.rust-lang.org/book/ch04-02-references-and-borrowing.html#mutable-references
68 That's what the `mut' is doing in that example. If you leave it out
69 the compiler complains. This is the Rust `borrow checker' that you
70 have may have heard about: the part of the compiler which enforces the
71 object ownership rules.
73 Overall, this scheme makes use-after-free and double-free bugs
74 impossible. You have to work at it to make a memory leak. Rust
75 programs are safe (by default): you can write bugs, but you cannot
76 randomly corrupt memory (or otherwise trigger what in C/C++ is called
77 "undefined behaviour"). The ownership rules even give you safe
80 And, the ownership system means that the compiler can often optimise
81 very aggressively, because it has really good visibility of all the
82 aliases of and references to the objects its working with. Compared
83 to garbage collected languages, the ownership system eliminates a lot
84 of runtime memory management. I have found Rust programs to generally
87 C======================================================================C
89 Apart from the ownership system, there is little new in Rust.
90 Nevertheless, it is an advanced language with a lot of expressive
91 power - power which is generally available without sacrificing
94 Sometimes advanced languages from academia can be rather inaccessible:
95 they can feel like incomprehensible alien technology, with a steep
96 learning curve and an unfamiliar or even obscure syntax.
98 Not Rust. Rust has managed to take the best - and most proven -
99 features of earlier research languages and package them up into a
100 whole which feels fairly familiar and is easy to use.
102 Rust's syntax is built from the familiar structure of curly braces,
103 keywords, parentheses, and infix expressions. It looks a lot like C
104 or JavaScript or something.
106 Rust is statically typed. The compiler will typecheck it. This is
107 great. You may have heard Haskell and Ocaml programmers say "once you
108 can get the program to typecheck, it will probably work". Rust has
109 the same experience. When in the throes of writing a complex
110 algorithm you can type some drivelous pseudocode into your text
111 editor. Then keep fixing errors until it builds and lo! it will often
114 For polymorphism, Rust has generics. These will be known to
115 Haskell programmers as typeclasses.
117 They're a bit like C++
118 templates, but not mad.
120 For when you want runtime polymorphism, Rust has a dynamic dispatch
123 [ Example from bottom of xenstored/history.ml ]
130 Those other can (which can sometimes be
136 You can lend Objects which
147 write explicit code allocate memory, and and free allre
~ijackson / talk-2019-ghm-rust.git / blob