If you have been following this blog, then it would have been obvious that at the beginning of this year, I started learning Rust. This blogpost is a breakaway from the journal style of capturing the main points I encountered while reading the Rust book. It instead captures my understanding thus far of Rust ownership rules.
One of Rust’s main differentiator is that it provides memory safety. This it does by providing compile-time guarantees that flag code that potentially could lead to memory bugs as a compile-time error. The compile-time guarantees enforce what is normally referred to as ownership rules. In this post, I took the opportunity to re-summarise what I consider to be the essence of this ownership rules in Rust. The key points can be outlined as follows:
- Values are owned by variables.
- When the owning variables go out of scope, the memory the value is occupying will be deallocated.
- The values can be used by other variables, they just need to adhere to certain rules that are enforced by the compiler.
The ways that other variables make use of value can be grouped into 4 categories and these ways of usage will dictate the rules to be adhered to:
- Move. Here the ownership is handed over to the other variable that wants to make use of the value. The original variable no longer has ownership.
- Immutable Borrow. Here no ownership transfer occurs but the value can be accessed for reading by another variable. The memory is not de-allocated if the borrowing variable goes out of scope, since the borrowing variable does not have ownership.
- Mutable Borrow. Here the value can be accessed for both reading and writing by the other variable. The memory is also not de-allocated if this borrowing variable goes out of scope since the borrowing variable does not have ownership.
- Generally expensive for non trivial data structures
- with moving:
- with immutable borrow:
- all immutable borrows can only read
- The original owning variable is now restricted regarding how it mutates the value it owned. It can only mutate as long as no immutable borrow is in scope. This ensures that Rust promise to immutable borrow that the variable they borrow won't change is kept.
- Basically: Many readers, no writers (as long as there are readers around. If not, then writing becomes possible)
- with mutable borrow:
- All reading and writing can be done only via the active mutable borrow.
- The original owning variable also can no longer read nor write as long as there is an active mutable borrow.
- Basically: One write and reader: the mutable borrow
- Clone: Here the value is copied to the other variable. The other variable gets its own ownership of the copied value, while the original variable keeps the ownership of its value.
Ownership rules for Cloning
Ownership rules for ownership move
With ownership move, the original variable holding the value would no longer be available for use. The value would now be only accessible via the new variable now holding the variable, and has ownership. Attempt to use the variable that has moved it’s ownership would lead to compile error:
fn main () {
let mut original_owner= format! ( “Hello world” ); // move occurs to new owner let new_owner=original_owner; // attempt to use original_owner will // lead to compile time error
original_owner= format! ( “Hello world” ); // move occurs to new owner let new_owner=original_owner; // attempt to use original_owner will // lead to compile time error
println! ( {{ ", original_owner) } error [E0382]: borrow of moved value: `original_owner`
Ownership rules for Immutable borrow
With Immutable borrow, the variable borrowing can read the value but cannot mutate (even if the original value is mutable) With immutable borrow, the borrowing variable is guaranteed that the value would not change. Any code that tries to violates these conditions would lead to a compile-time error.
Compile error due to immutable borrow trying to mutate
fn main () { let mut original_owner= format! ( “Hello world” );
let borrow_owner=& original_owner;
/ mutable borrow occured // multiple reads possibe via owner println! ( {{} ”, original_owner); println! ( {{} ”, original_owner); // multiple reads possible via borrower
println! ( {{} ”, borrow_owner); println! ( {{} ”, borrow_owner); // error: mutating not possible via borrower borrow_owner.push (
). ') }
error [E0596]: cannot borrow `borrow_owner` as mutable, as it is behind a` & `reference -> src / main.rs: 0382: 5
Compile error due to owner mutation changing value while still borrowed there is code that breaks the guarantee that the borrowing variable would not change, the Rust compiler flags this with a compile-time error.
fn main () { let mut original_owner= format! ( “Hello world” ); let borrow_owner=& original_owner; // mutable borrow occurred
// multiple reads possible via owner
println!
(
{{} ”
, original_owner);
(println! ( "{}" , original_owner ); // multiple reads possible via borrower
println!
(
{{} ”
, borrow_owner);
// original owner trying to mutate
(original_owner.push)
'.' );
println! ( {{} ”, borrow_owner); }
error [E0502]: cannot borrow `original_owner` as mutable because it is also borrowed as immutable
If the mutation is moved to a place where the borrow already went out of scope, then the mutation won't lead to a compile-time error. This is because there is no risk of breaking the guarantee to the borrowing variable that value would not change. Eg the following compiles:
fn main () {
let mut original_owner= format! ( “Hello world” ); let borrow_owner=& original_owner;
// mutable borrow occurred // multiple reads possible via owner println! ( {{} ”, original_owner); println! ( {{} ”, original_owner); // multiple reads possible via borrower
println! ( {{} ”, borrow_owner); println! ( {{} ”, borrow_owner); // original owner trying to mutate
original_owner.push ( . ';
} Ownership rules for Mutable borrow
With Mutable borrow, the variable borrowing gets an exclusive right to the variable. This means reading and writing would now have to go through the mutable borrowing variable. The original variable that has ownership won't also be able to read or write until the mutable borrow goes out of scope. The restriction enforces memory inconsistencies. It prevents things like data races from occurring since it effectively disallows any other writing or reading of the variable via other means, apart from the variable. The rule with mutable borrow also ensures there is always only one active mutable borrow. Doing this makes sense because once you have multiple abilities to borrow and mutate you can no longer enforce consistency. These rules are checked at compile time.
(Compile error due to multiple mutable borrows
(fn main () { let mut original_owner= format! ( “Hello world” ); // mutable borrow occurred
let borrow_mutable_owner=&
mut
original_owner;
/ compile error due to second mutable borrow
let illegal_borrow=& (mut) original_owner; println! ( {{} ”, borrow_mutable_owner);
error [E0499]: cannot borrow `original_owner` as mutable more than once at a time
Compile error due to violation of exclusive access via mutable borrow
(main () { let mut original_owner= format! ( “Hello world” ); // mutable borrow occurred
let borrow_mutable_owner=&
mut original_owner;
// borrowing owner can also mutate
borrow_mutable_owner.push (
'!'
);
// compile error due to: // original owner can no longer read
println!
(
{{} ”
, original_owner); / compile error due to:
// original owner also cannot write
(original_owner.push) '.' ); println! ( {{} ”, original_owner); (println! ( "{}" , borrow_mutable_owner ); (println! ( "{}" , borrow_mutable_owner ); } error [E0502]: cannot borrow `original_owner` as immutable because it is also borrowed as mutable We have no compilation error if the mutation and reading by the owning variable are moved to a place after the mutable borrow is out of scope. This is fine since there is no longer a need to enforce the mutual exclusivity required by the mutable borrow.
fn main () { let mut (original_owner=format! ( “Hello world” ); // mutable borrow occurred
let borrow_mutable_owner=&
mut original_owner; // borrowing owner can also mutate
borrow_mutable_owner.push ( '!' ); // last use of borrow_mutable_owner println! ( {{} ”, borrow_mutable_owner); // borrow_mutable_owner is now out of scope
// original owner can now read println! ( {{} ”, original_owner); // original owner can now write
(original_owner.push) '.' ); (println! ( "{}" , original_owner ); } No error will occur when the above code snippet is compiled.
Summary
To put things in a more succinct form:
with cloning:
No special rules to guide against memory bugs
Once ownership is moved from a variable, that variable no longer has access to the value it originally holds.
you can create unlimited immutable borrows
you can only have one mutable borrow.
GIPHY App Key not set. Please check settings