The first code snippet, which is as simple as it gets, perfectly illustrates why Rust is extremely annoying to work with. I understand why you need the into_iter bit and why the borrow checker complains about it, but the fact that even the simplest "for x in y" loop already makes you wrestle the compiler is just poor ergonomics.
0xdeafbeef · 2m ago
No wrestling, pure enjoyment:
#include <vector>
#include <iostream>
int main() {
std::vector<int> vec = {1, 2, 3};
vec.reserve(3);
std::cout << "Initial capacity: " << vec.capacity() << std::endl;
std::cout << "Initial data address: " << (void*)vec.data() << std::endl;
int* ptr = vec.data();
std::cout << "Pointer before push_back: " << (void*)ptr << std::endl;
std::cout << "Value via pointer before push_back: " << *ptr << std::endl;
std::cout << "\nPushing back 4...\n" << std::endl;
vec.push_back(4);
std::cout << "New capacity: " << vec.capacity() << std::endl;
std::cout << "New data address: " << (void*)vec.data() << std::endl;
std::cout << "\nAttempting to access data via the old pointer..." << std::endl;
std::cout << "Old pointer value: " << (void*)ptr << std::endl;
int value = *ptr;
std::cout << "Read from dangling pointer (UB): " << value << std::endl;
return 0;
}
./a.out
Initial capacity: 3
Initial data address: 0x517d2b0
Pointer before push_back: 0x517d2b0
Value via pointer before push_back: 1
Pushing back 4...
New capacity: 6
New data address: 0x517d6e0
Attempting to access data via the old pointer...
Old pointer value: 0x517d2b0
Read from dangling pointer (UB): 20861
baq · 16m ago
> wrestle the compiler
This is quite literally a skill issue, no offense.
'wrestle the compiler' implies you think you know better; this is usually not the case and the compiler is here to tell you about it. It's annoying to be bad at tracking ownership and guess what: most people are. The ones who aren't have decades of experience in C/C++ and employ much the same techniques that Rust guides you towards. If you really know better, there are ways to get around the compiler. They're verbose and marked unsafe to 1) discourage you from doing that and 2) warn others to be extra careful here.
If this is all unnecessary for you - and I want to underscore I agree it should be in most software development work - stick to GC languages. With some elbow grease they can be made as performant as low level languages if you write the critical parts in a way you'd have to do it in Rust and will be free to write the rest in a way which doesn't require years of experience tracking ownership manually. (Note it won't hurt to be tracking ownership anyway, it's just much less of an issue if you have to put a weakref somewhere once a couple years vs be aware at all times of what owns what.)
steveklabnik · 3h ago
This is a good post! A few comments:
> Function Overloads
Strictly speaking, Rust doesn't support overloaded functions. Function overloading is when you define the same function but with different arguments, and the language selects the correct one based on the argument type. In this case, it's two different implementations of a trait for two different types. That said, it's close enough that this isn't really an issue, more of just a technical note, since this is a series trying to get into details.
> I can't find an explanation in the Rust documentation but I expect the reason is that someone could implement another trait that provides .into_iter() on whatever the x is in for y in x, thus resulting in a compiler error because there would be two candidate implementations.
Yep, I'm not sure that there is an official explanation anywhere else, but this is exactly what I would assume as well. This ensures that the correct implementation is called. This is also one of the reasons why adding a trait implementation isn't considered a breaking change, even if it could create a compiler error, because you can always expand it yourself to explicitly select the correct choice. Of course, these situations are usually treated more carefully then they have to be, because breakage isn't fun, even if it's technically allowed.
> But wait, you say, I'm doing exactly this in the first program, and indeed you are.
It's not the same, as the next paragraphs explain.
> We are able to examine the function and realize it's safe, but because the compiler wants to use local reasoning, it's not able to do so.
This is a super important point!
junon · 2h ago
> I can't find an explanation in the Rust documentation but I expect the reason is that someone could implement another trait that provides .into_iter() on whatever the x is in for y in x, thus resulting in a compiler error because there would be two candidate implementations.
Because nothing in Rust is identifier-based. Unlike python, all syntax magic (even the ? operator) relies on traits defined by `core`.
for x in y {
desugars to
let mut iter = IntoIterator::into_iter(y);
while let Some(x) = y.next() {
and
x?
desugars to
match x {
Ok(x) => x,
Err(e) => {
return Err(From::from(e));
}
}
and
x + y
desugars to
core::ops::Add::add(x, y)
etc.
All of those traits are expected to live explicitly in the core crate at well known paths. Otherwise you'd be writing methods with absolutely no idea how the language would interact with it. And if you had a Set type implement `add`, it'd have to accept exactly 2 arguments to be compatible with the language's `add` or something equally as unergonomic.
It's traits all the way down! There'd be no explanation needed because it'd be antithetical and contradictory to traits to begin with. Once one understands how traits are intended to be used, the explanation for why there aren't identifier based resolution semantics becomes obvious.
saagarjha · 4m ago
Swift has overloading and its own version of traits. None of what you said is actually required.
Animats · 4h ago
This is pretty good.
A useful way to think about this:
- All data in Rust has exactly one owner.
- If you need some kind of multiple ownership, you have to make the owner be a reference-counted cell, such as Rc or Arc.
- All data can be accessed by one reader/writer, or N readers, but not both at the same time.
- There is both compile time and run time machinery to strictly enforce this.
Once you get that, you can see what the borrow checker is trying to do for you.
cornholio · 3h ago
A 20 page document on how to use basic variables, function calls and methods. Except for the threading paragraph, which is hard in any language, this is all complexity and refactoring pain that Rust hoists onto every programmer every day, for relatively modest benefits, somewhat improved performance and memory usage vs the garbage collected/ref-counted version of the same code.
Essentially, you wouldn't and shouldn't make that tradeoff for anything other than system programming.
baq · 3h ago
> this is all complexity and refactoring pain that Rust hoists onto every programmer every day
This is what you should be doing when working with C/C++, except there is no compiler to call you names there if you don’t.
If you’re saying ‘use a GC language unless requirements are strict about it’, yeah hard to disagree.
bsaul · 1h ago
I see why you're saying that, and i almost entirely agree with you. However, i would say that if all you're doing is glueing calls to third party systems (like what most backend code is), then you won't fall into complex lifetime problems anyway, and the experience will remain quite pleasant.
Another point, is that the rust ecosystem is absolutely insanely good ( i've recently worked with uniffi and wasmbindgen, and those are 5 years ahead of anything else i've seen..)
bsaul · 1h ago
"If we change .set_value() to take a &self instead of a &self"
guess it's "instead of a &mut self"
Surac · 4h ago
I really like the text. Giving more light to the memory management of rust will help me understand more of the language. I still think some concepts of rust are over verbose but I slowly understand the hype around rust. I myself use C or C++ but I will „borrow“ some of the rust ideas to make my code even more robust
ultimaweapon · 2h ago
I'm coming from C++ now I don't want to use C++ anymore. When C++ was still my primary language I always frustrated with some of its feature like non-destructive move, copy by default and dangling references then I found Rust fixed all of those problems. At the beginning I very frustrated with Rust because the borrow checker prevent me from doing what I usually do in C++ but I keep going.
sidcool · 5h ago
This is brilliantly written n
bnjms · 4h ago
Im sure it is. I don’t know how to program but read most of part 4 when it appeared here last.
#include <vector> #include <iostream>
int main() { std::vector<int> vec = {1, 2, 3}; vec.reserve(3);
}./a.out Initial capacity: 3 Initial data address: 0x517d2b0 Pointer before push_back: 0x517d2b0 Value via pointer before push_back: 1
Pushing back 4...
New capacity: 6 New data address: 0x517d6e0
Attempting to access data via the old pointer... Old pointer value: 0x517d2b0 Read from dangling pointer (UB): 20861
This is quite literally a skill issue, no offense.
'wrestle the compiler' implies you think you know better; this is usually not the case and the compiler is here to tell you about it. It's annoying to be bad at tracking ownership and guess what: most people are. The ones who aren't have decades of experience in C/C++ and employ much the same techniques that Rust guides you towards. If you really know better, there are ways to get around the compiler. They're verbose and marked unsafe to 1) discourage you from doing that and 2) warn others to be extra careful here.
If this is all unnecessary for you - and I want to underscore I agree it should be in most software development work - stick to GC languages. With some elbow grease they can be made as performant as low level languages if you write the critical parts in a way you'd have to do it in Rust and will be free to write the rest in a way which doesn't require years of experience tracking ownership manually. (Note it won't hurt to be tracking ownership anyway, it's just much less of an issue if you have to put a weakref somewhere once a couple years vs be aware at all times of what owns what.)
> Function Overloads
Strictly speaking, Rust doesn't support overloaded functions. Function overloading is when you define the same function but with different arguments, and the language selects the correct one based on the argument type. In this case, it's two different implementations of a trait for two different types. That said, it's close enough that this isn't really an issue, more of just a technical note, since this is a series trying to get into details.
> I can't find an explanation in the Rust documentation but I expect the reason is that someone could implement another trait that provides .into_iter() on whatever the x is in for y in x, thus resulting in a compiler error because there would be two candidate implementations.
Yep, I'm not sure that there is an official explanation anywhere else, but this is exactly what I would assume as well. This ensures that the correct implementation is called. This is also one of the reasons why adding a trait implementation isn't considered a breaking change, even if it could create a compiler error, because you can always expand it yourself to explicitly select the correct choice. Of course, these situations are usually treated more carefully then they have to be, because breakage isn't fun, even if it's technically allowed.
> But wait, you say, I'm doing exactly this in the first program, and indeed you are.
It's not the same, as the next paragraphs explain.
> We are able to examine the function and realize it's safe, but because the compiler wants to use local reasoning, it's not able to do so.
This is a super important point!
Because nothing in Rust is identifier-based. Unlike python, all syntax magic (even the ? operator) relies on traits defined by `core`.
desugars to and desugars to and desugars to etc.All of those traits are expected to live explicitly in the core crate at well known paths. Otherwise you'd be writing methods with absolutely no idea how the language would interact with it. And if you had a Set type implement `add`, it'd have to accept exactly 2 arguments to be compatible with the language's `add` or something equally as unergonomic.
It's traits all the way down! There'd be no explanation needed because it'd be antithetical and contradictory to traits to begin with. Once one understands how traits are intended to be used, the explanation for why there aren't identifier based resolution semantics becomes obvious.
A useful way to think about this:
- All data in Rust has exactly one owner.
- If you need some kind of multiple ownership, you have to make the owner be a reference-counted cell, such as Rc or Arc.
- All data can be accessed by one reader/writer, or N readers, but not both at the same time.
- There is both compile time and run time machinery to strictly enforce this.
Once you get that, you can see what the borrow checker is trying to do for you.
Essentially, you wouldn't and shouldn't make that tradeoff for anything other than system programming.
This is what you should be doing when working with C/C++, except there is no compiler to call you names there if you don’t.
If you’re saying ‘use a GC language unless requirements are strict about it’, yeah hard to disagree.
Another point, is that the rust ecosystem is absolutely insanely good ( i've recently worked with uniffi and wasmbindgen, and those are 5 years ahead of anything else i've seen..)
guess it's "instead of a &mut self"