rust programming language

Introduction to Rust

Brief introduction

• First Inventor: Graydon Hoare (about 8 years)• Mozilla foundation(2009~)• Trait-based OOP• Zero-cost abstraction• High concurrency support

• Memory safety by ownership and lifetime concept

Problem: Memory Safety

• Use-after-free (dangling pointer)

• Double free

• Null pointer dereference

These kind of problems cause not only software crash, but also security vulnerabilities.

Use-after free

Simple and trivial case

Dangling pointer

&

Local variable is allocated in stack, a temporal storage of function.

If you return a reference of local variable,the address will be invalidated.

If these two functions are far away from each other, this kind of bugs can be very hard to find.

Hard case: Iterator invalidation

Can you see the problem?

Even a famous library may betray you

If you do not know much about the internals...

Garbage collection

• Java, Python, Ruby, C#, Scala, Go...• Programmer creates objects. However,

the computer is responsible to remove them.

• No explicit malloc and free. – Therefore no mistake.

Is the world saved?

The real life is not that easy...

• Computer cannot know the exact timing that each object should be freed.– tracing GC:GC engine should track all objects

periodically.– reference counting: every object has a

counter; the number of pointers referencing itself.

• Both ways need more memory and CPU power.

Garbage Collection

• No predictability– cannot used for real-time system

• Limited concurrency– global interpreter lock

• Larger code size– VM(or GC) must included

System program

• Must be FAST.

• Must has runtime overhead as little as possible.

• Must be memory SAFE.

• Should be possible to direct memory access.

• GC cannot be used in such area!

Rust programming language

• Zero-cost abstraction

• Memory safety without garbage collection

• Super fast code generation

• C function compatibility (extern "C")

• Simpler syntax than C++

Basic: move sementic

http://is.gd/pZKiBw

Basic: mutability

http://is.gd/OQDszP

Benchmark

• http://benchmarksgame.alioth.debian.org/u64q/rust.html

• Program written in Rust is as fast as that of C!

Reminder: iterator invalidation

Case study: Servo

• Mozilla's next-gen web browser engine• Written in Rust• Parallel layout, rendering, ... almost

everything

• "During the 2 years of development, we have never experienced any memory-related bugs like use-after-free or double free."

- an engineer from Mozilla

Performance enhencement

http://is.gd/dEamuS

The ownership magic

v is an owner of the vector

x borrows the vector from v

now v cannot modify the vectorbecause it lent the ownership to x

remember this?

&

http://is.gd/3MTsSC

Lifetime

borrowed pointer cannot outlivesthe owner!!

Borrowing rules

• You cannot borrow mutable reference from immutable object

• You can borrow immutable reference many times• You cannot borrow more than one mutable reference• There cannot exist a mutable reference and an

immutable one simultaneously

• The lifetime of a borrowed reference should be ended before the owner object do