2015-07-07 09:33:20 -07:00
|
|
|
% Drop Flags
|
|
|
|
|
|
|
|
The examples in the previous section introduce an interesting problem for Rust.
|
|
|
|
We have seen that's possible to conditionally initialize, deinitialize, and
|
|
|
|
*reinitialize* locations of memory totally safely. For Copy types, this isn't
|
2015-07-14 09:56:10 -07:00
|
|
|
particularly notable since they're just a random pile of bits. However types
|
|
|
|
with destructors are a different story: Rust needs to know whether to call a
|
|
|
|
destructor whenever a variable is assigned to, or a variable goes out of scope.
|
|
|
|
How can it do this with conditional initialization?
|
2015-07-07 09:33:20 -07:00
|
|
|
|
2015-07-14 09:56:10 -07:00
|
|
|
It turns out that Rust actually tracks whether a type should be dropped or not
|
|
|
|
*at runtime*. As a variable becomes initialized and uninitialized, a *drop flag*
|
|
|
|
for that variable is toggled. When a variable *might* need to be dropped, this
|
|
|
|
flag is evaluated to determine if it *should* be dropped.
|
2015-07-07 09:33:20 -07:00
|
|
|
|
|
|
|
Of course, it is *often* the case that a value's initialization state can be
|
|
|
|
*statically* known at every point in the program. If this is the case, then the
|
2015-07-14 09:56:10 -07:00
|
|
|
compiler can theoretically generate more effecient code! For instance, straight-
|
|
|
|
line code has such *static drop semantics*:
|
2015-07-07 09:33:20 -07:00
|
|
|
|
|
|
|
```rust
|
2015-07-14 09:56:10 -07:00
|
|
|
let mut x = Box::new(0); // x was uninit; just overwrite.
|
|
|
|
let mut y = x; // y was uninit; just overwrite and make x uninit.
|
|
|
|
x = Box::new(0); // x was uninit; just overwrite.
|
|
|
|
y = x; // y was init; Drop y, overwrite it, and make x uninit!
|
|
|
|
// y was init; Drop y!
|
|
|
|
// x was uninit; do nothing.
|
2015-07-07 09:33:20 -07:00
|
|
|
```
|
|
|
|
|
|
|
|
And even branched code where all branches have the same behaviour with respect
|
|
|
|
to initialization:
|
|
|
|
|
|
|
|
```rust
|
2015-07-14 11:07:00 -07:00
|
|
|
# let condition = true;
|
2015-07-14 09:56:10 -07:00
|
|
|
let mut x = Box::new(0); // x was uninit; just overwrite.
|
2015-07-07 09:33:20 -07:00
|
|
|
if condition {
|
2015-07-14 09:56:10 -07:00
|
|
|
drop(x) // x gets moved out; make x uninit.
|
2015-07-07 09:33:20 -07:00
|
|
|
} else {
|
2015-07-14 09:56:10 -07:00
|
|
|
println!("{}", x);
|
|
|
|
drop(x) // x gets moved out; make x uninit.
|
2015-07-07 09:33:20 -07:00
|
|
|
}
|
2015-07-14 09:56:10 -07:00
|
|
|
x = Box::new(0); // x was uninit; just overwrite.
|
|
|
|
// x was init; Drop x!
|
2015-07-07 09:33:20 -07:00
|
|
|
```
|
|
|
|
|
|
|
|
However code like this *requires* runtime information to correctly Drop:
|
|
|
|
|
|
|
|
```rust
|
2015-07-14 11:07:00 -07:00
|
|
|
# let condition = true;
|
2015-07-07 09:33:20 -07:00
|
|
|
let x;
|
|
|
|
if condition {
|
2015-07-14 09:56:10 -07:00
|
|
|
x = Box::new(0); // x was uninit; just overwrite.
|
|
|
|
println!("{}", x);
|
2015-07-07 09:33:20 -07:00
|
|
|
}
|
2015-07-14 09:56:10 -07:00
|
|
|
// x *might* be uninit; check the flag!
|
2015-07-07 09:33:20 -07:00
|
|
|
```
|
|
|
|
|
|
|
|
Of course, in this case it's trivial to retrieve static drop semantics:
|
|
|
|
|
|
|
|
```rust
|
2015-07-14 11:07:00 -07:00
|
|
|
# let condition = true;
|
2015-07-07 09:33:20 -07:00
|
|
|
if condition {
|
2015-07-14 09:56:10 -07:00
|
|
|
let x = Box::new(0);
|
|
|
|
println!("{}", x);
|
2015-07-07 09:33:20 -07:00
|
|
|
}
|
|
|
|
```
|
|
|
|
|
|
|
|
As of Rust 1.0, the drop flags are actually not-so-secretly stashed in a hidden
|
|
|
|
field of any type that implements Drop. Rust sets the drop flag by
|
|
|
|
overwriting the *entire* value with a particular byte. This is pretty obviously
|
|
|
|
Not The Fastest and causes a bunch of trouble with optimizing code. It's legacy
|
|
|
|
from a time when you could do much more complex conditional initialization.
|
|
|
|
|
|
|
|
As such work is currently under way to move the flags out onto the stack frame
|
|
|
|
where they more reasonably belong. Unfortunately, this work will take some time
|
|
|
|
as it requires fairly substantial changes to the compiler.
|
|
|
|
|
|
|
|
Regardless, Rust programs don't need to worry about uninitialized values on
|
|
|
|
the stack for correctness. Although they might care for performance. Thankfully,
|
|
|
|
Rust makes it easy to take control here! Uninitialized values are there, and
|
2015-07-14 09:56:10 -07:00
|
|
|
you can work with them in Safe Rust, but you're *never* in danger.
|