2. Any persistent gripes, difficulties or confusions?
I’m not entirely sure why, but the whole Double-Free
issue never quite sunk in from chapter 4. It’s first covered, I think here, section 4.3: Fixing an Unsafe Program: Copying vs. Moving Out of a Collection
I think it was because the description of the issue kinda conflated ownership and the presence or absence of the Copy
trait, which isn’t covered until way after chapter 4. Additionally, it seems that the issue mechanically comes down to whether the value of a variable is actually a pointer to a heap allocation or not (??)
It was also a behaviour/issue that tripped me up in a later quiz, in an ownership recap quiz in chapter 6 where I didn’t pick it up correctly.
Here’s the first quiz question that touches on it (see Q2 in The Book here, by scrolling down).
Which of the following best describes the undefined behavior that could occur if this program were allowed to execute?
let s = String::from("Hello world");
let s_ref = &s;
let s2 = *s_ref;
println!("{s2}");
For those not clear, the issue, if this code were permitted to execute, is that s2
would be a pointer to the same String
that s
points too. Which means that when deallocations occur as the scope ends, both s
and s2
would be deallocated, as well as their corresponding memory allocations on the heap. The second such deallocation would then be of undefined content.
I find this simple enough, but I feel like the issue can catch me whenever the code or syntax obscures that a pointer would be copied, not some other value, like in the re-cap quiz in chapter 6 that I got wrong and linked above.
A basic lesson or tip from a discussion in this community (link here):
IE, using copy/clone as an escape hatch for ownership issues is perfectly fine.
Another one that helps put ownership into perspective I think is this section in the Rustonomicon on unsafe rust, and the section that follows:
There are two kinds of reference:
Which obey the following rules:
That’s it. That’s the whole model references follow.
Of course, we should probably define what aliased means.
error[E0425]: cannot find value `aliased` in this scope --> <rust.rs>:2:20 | 2 | println!("{}", aliased); | ^^^^^^^ not found in this scope error: aborting due to previous error
Unfortunately, Rust hasn’t actually defined its aliasing model. 🙀
While we wait for the Rust devs to specify the semantics of their language, let’s use the next section to discuss what aliasing is in general, and why it matters.
Basically it highlights that rust’s inferential understanding of the lifetimes of variables is a bit course (and maybe a work in progress?) … so when the compiler raises an error about ownership, it’s being cautious (as The Book stresses, unsafe code may not have any undefined behaviour).
It helps I think reframe the whole thing as not being exclusively about correctness but just making sure memory bugs don’t happen
Last lesson I think I’ve gained after chapter 4 was that the implementation and details of any particular method or object matter. The quiz in chapter 6 (question 5) I’ve mentioned is I think a good example of this. What exactly the
Copy
andClone
trait are all about too … where I found looking into those made me comfortable with the general problem space I was navigating in working with ownership in rust. Obviously the compiler is the safe guard, but you don’t always want to get beaten over with ownership problems.