Cool, that was an informative read!
If we were willing to leak memory, then we could write […]
Box::leak(Box::new(0))
In this example, you could have just made a constant with value
0
and returned a reference to that. It would also have a'static
lifetime and there would be no leaking.Why does nobody seem to be talking about this?
My guess is that the overlap in use cases between Rust and C# isn’t very large. Many places where Rust is making inroads (kernel and low-level libraries) are places where C# would be automatically disqualified because of the requirements for a runtime and garbage collection.
(Note that I’m not the article author)
In this example, you could have just made a constant with value
0
and returned a reference to that. It would also have a'static
lifetime and there would be no leaking.I believe the intention was to demonstrate something that works with runtime values too, and a constant 0 does not.
Btw you can just write
&0
to do what you proposed, there’s no need for an explicit constant/static.- Unconvincing use-case: why is returning an
Option
not an option? - Unconvincing objection: what concrete problems are caused by utilizing
Cow
s? - Wrong demonstrated “solution”: why would one have to create a value and leak it with each call instead of using one
LazyLock
static?
I can agree that the example function is not the best usecase. But the point still stand that there’s no realistic escape hatch from lifetimes and memory management in Rust.
Cow
does not work when you are actually required to return a reference, e.g. if you’re working with some other crate that requires that.Cow
also has some more strict requirements on reborrows (i.e. you can reborrow a&'short &'long T
to a&'long T
, but you can only reborrow a&'short Cow<'long, T>
to a&'short T
).LazyLock
can solve very specific issues likestatic
, but is not a general escape hatch. Again, the example is not the best to showcase this, but imagine if you have to perform this operation for an unknown amount of runtime values.LazyLock
will only work for the very first one.but imagine if you have to perform this operation for an unknown amount of runtime values
This is a poor argument. You dont write code like this in rust. If you can find a situation where it is an actual issue we can discuss things but to just say imagine this is a problem when it very likely is not a problem that can be solved in a better way at all let alone a common one is a very poor argument.
Typically when you want an escape from lifetimes that means you want shared ownership of data which you can do with an Arc. Cow and LazyLock can also help in situations - but to dismiss all these for some imagined problem is a waste of time. Comes up with a concrete example where it would help. Very likely you would find another way to solve the problem in any realistic situation you can come up with that I would suspect leads to a better overall design for a rust program.
I would say this is just a straw man argument - but you have not even created a straw man to begin with, just assume that one exists.
You dont write code like this in rust.
I perfectly agree, that would be horrible code! I would generally try to restructure my code, making it better fit the actual lifetimes of the data I’m working with. The point in the article is that you can’t really escape from this. I’m not arguing this is a real problem, and I don’t think the article is neither, just pointing out that this is something you can easily do in C# and not in Rust. It’s just a difference between the two languages.
What? You can easily escape from it if there are better alternatives you can use. Pointing at one language and saying it is not easy to code like it is another language is a pointless argument. You can do that about any two languages. They all differ for good reasons and as long as you can solve similar problems in both, even if in different ways then what does it matter that you cannot do it in the same way?
What? You can easily escape from it if there are better alternatives you can use.
So there is no general escape hatch.
Pointing at one language and saying it is not easy to code like it is another language is a pointless argument.
I’m not arguing that it is easier to code in C# than in Rust, just that this particular escape hatch is possible in C# and not in Rust. It’s just an observation.
They all differ for good reasons and as long as you can solve similar problems in both, even if in different ways then what does it matter that you cannot do it in the same way?
It does not really matter, but does it have to?
Cow
does not work when you are actually required to return a referenceWhat does that even mean? Can you provide a practical example?
(I’m assuming you’re familiar with
Deref
and autoref/autoderef behaviors in Rust.)This is a kind of stupid example, but imagine you have to implement some external trait (e.g. in order to work with some dependency) with the following shape:
trait Foo { fn foo(&self, i: usize) -> &Bar; }
Which is not too unreasonable, for example it’s very similar to the stdlib’s
Index
. In order to implement this trait you must return a reference, you can’t return e.g. aCow
or anArc
. The fact that it takes a parameter means there might not even be one single value it has to return, so you can’t even cache that inside ofself
with e.g.LazyLock
.Of course I’m not saying I would try to reach for an escape hatch if I had to do something like this. I would first try to see if this is an intrinsic problem in my code, or if maybe I can change the crate I’m working with to be more permissible. That is, I would try to look for proper solutions first, though
Cow
might not always work for that.is a reference to something. That something is either a part of
self
, or a part of the static context. There is no other context because there is no runtime/GC. So there is no logical not-nonsensical scenario where this would be both a valid and a limiting situation in Rust. And this is why your surface analogy toIndex
is invalid.If the return value may depend on something other than
self
or the static context, and still need to be reference-like, then the trait definition is wrong. It should either return aCow
, or go for the obvious generalization of returningimpl AsRef<Bar>
values. With that generalization, references,Cow
s, and more can be returned.There is also the possibility that the trait definition is right, and you (the implementer) are trying to break a (probably) deliberate constraint (e.g. the return value in
Index
being tied to&self
).I would wager a guess that what you call an escape hatchet is considered a very bad C# style anyway (or will/should be). Just like how mutable statics are considered very bad in Rust 😉
That kind of “escape hatch” also makes reasoning about code a lot harder merely because you have to consider that someone used it somewhere. You literally don’t want “escape hatches” from safety guarantees all over your language.
- Unconvincing use-case: why is returning an
That is interesting and I didn’t know C# had anything like that. I saw another article recently saying at some point we were likely to see Rust get garbage collection.
Would you have a link to that? I know there are many third-party garbage collectors for Rust, but if there’s something semi-official being proposed or prototyped I’d be most curious :)
It’s not official or semi-official, it was just someone (a well known Haskell guru if that matters) speculating in a blog post.
So someone that is not involved in rust at all and does not seem to like the language thinks it will get a GC at some point? That is not a very credible source for such a statement. Rust is very unlikely to see an official GC anytime soon if ever. There are zero signs it will ever get one. There was a lot of serious talk about it before 1.0 days - but never made it into the language. Similar to green threads which was a feature of the language pre 1.0 days but dropped before the 1.0 release. Rust really wants to have a no required runtime and leans heavy on the zero-cost abstractions for things. Which a GC would impose on the language.
It sounds like he uses Rust and has some issues with it. IDK about green threads but Ada has had tasks (implemented in gnat with posix threads) from the beginning. If you pin a CPU core to a task and don’t use gc in it, that can handle your realtime stuff. Or these days, it’s becoming more common to use an fpga for cycle level timing control.
Note that traditional Forth cooperative multitaskers used a few hundred bytes of code or even less. This stuff doesn’t have to be bloaty.
Added: I’ve also seen a Boehm-style conservative GC in a few hundred lines of Forth. Using something like that in Rust could work nicely for lots of things.
Anyway, you can have a soft realtime gc with pauses in the low milliseconds (Erlang has that). That’s OOMs lower than most internet ping times, so plenty fast enough for web servers. Which are all full of JS bloat now regardless.
You could do a lot of things. Rust had a gc and it was removed so they have already explored this area and are very unlikely to do so again unless there is a big need for it that libraries cannot solve. Which I have not seen anyone that actually uses the language a lot see the need for.
Not like how async was talked about - that required a lot if discussion and tests in libraries before it was added to the language. GC does not have anywhere near as many people pushing for it, the only noise I see is people on the outside thinking it would be nice with no details on how it might work in the language.
The reason is the vast majority of places use c# to avoid this stuff. So performance is often not the first priority
The complexity it adds takes away from the readability and maintainability. Which is often the priority.
But in a hot path where you need optimization these are a good send as previously you had to use raw pointers and completely side step all the safety of the language.
I would say 90% of c# developers will never touch these. It’s more for library and framework writers.
I believe most of these features are driven by what the Microsoft Devs need to write asp.net and EF.
Yeah I had thought that C# was basically Microsoft’s version of Java, GC’d throughout. But it’s fine, I’m not particularly more excited by it now than I was before (i.e. unexcited). I’m not even excited by Rust, but maybe I’m missing something. I think it’s fine to use GC for most things, and program carefully in a non-allocating style when you have to, using verification tools as well.
A classic: http://james-iry.blogspot.com/2009/05/brief-incomplete-and-mostly-wrong.html
There are quite a few places where a GC is just not acceptable. Anything that requires precise timing for one. This includes kernel development, a lot of embedded systems, gaming, high frequency trading and even latency critical web servers. Though you are right that a lot of places a GC is fine to have. But IMO rust adds more than just fast and safe code without a GC - lots of people come to the language for those but stay for the rest of the features it has to offer.
IMO a big one is the enum support it has and how they can hold values. This opens up a lot of patterns that are just nice to use and one of the biggest things I miss when using other languages. Built with that are Options and Results which are amazing for representing missing values and errors (which is nicer than coding with exceptions IMO). And generally they whole type system leads you towards thinking about the state things can be in and accounting for those states which tends to make it easier to write software with fewer issues in production.
It has always had structs. They are often used for interop but can be used to avoid allocations and they are memory safe out the box, which nice.
Both languages are really great in my opinion. But very different use cases generally.
Is what the author calls a C# borrow checker purely lexically based? The first error message gives that impression. And if it is, then it wouldn’t qualify for any such comparisons with 2018+ Rust.
It’s 100% not a borrow checker because c# doesn’t have borrowing. It’s just static analysis to ensure memory safety. But the author acknowledges that.
It’s just checking the scopes the variables are defined in in the first example.
It’s a very different kind of borrow checking than Rust’s. For example there’s no mutability xor sharing checking, because mutability cannot invalidate memory (there’s still a GC in C# after all!). As such, Rust’s NLL (which are available in the 2015 edition too btw) don’t really make sense in C#.
I found it hard to follow despite C# being my main driver.
Using
ref
, in the past, has been about modifiable variable references.All these introductions, even when following C# changes across recent versions, were never something I actively used, apart from the occasional adding ref to structs so they can contain existing ref struct types. It never seems necessary.
Even without ref you use reference and struct types, where reference content can be modified elsewhere. And
IDisposable
for object lifetimes with cleanup.