150 KiB
% The Rust Reference
Introduction
This document is the primary reference for the Rust programming language. It provides three kinds of material:
- Chapters that informally describe each language construct and their use.
- Chapters that informally describe the memory model, concurrency model, runtime services, linkage model and debugging facilities.
- Appendix chapters providing rationale and references to languages that influenced the design.
This document does not serve as an introduction to the language. Background familiarity with the language is assumed. A separate book is available to help acquire such background familiarity.
This document also does not serve as a reference to the standard library included in the language distribution. Those libraries are documented separately by extracting documentation attributes from their source code. Many of the features that one might expect to be language features are library features in Rust, so what you're looking for may be there, not here.
You may also be interested in the grammar.
Notation
Unicode productions
A few productions in Rust's grammar permit Unicode code points outside the ASCII range. We define these productions in terms of character properties specified in the Unicode standard, rather than in terms of ASCII-range code points. The grammar has a Special Unicode Productions section that lists these productions.
String table productions
Some rules in the grammar — notably unary operators, binary operators, and keywords — are given in a simplified form: as a listing of a table of unquoted, printable whitespace-separated strings. These cases form a subset of the rules regarding the token rule, and are assumed to be the result of a lexical-analysis phase feeding the parser, driven by a DFA, operating over the disjunction of all such string table entries.
When such a string enclosed in double-quotes ("
) occurs inside the grammar,
it is an implicit reference to a single member of such a string table
production. See tokens for more information.
Lexical structure
Input format
Rust input is interpreted as a sequence of Unicode code points encoded in UTF-8. Most Rust grammar rules are defined in terms of printable ASCII-range code points, but a small number are defined in terms of Unicode properties or explicit code point lists. 1
Identifiers
An identifier is any nonempty Unicode2 string of the following form:
Either
- The first character has property
XID_start
- The remaining characters have property
XID_continue
Or
- The first character is
_
- The identifier is more than one character,
_
alone is not an identifier - The remaining characters have property
XID_continue
that does not occur in the set of keywords.
Note
:
XID_start
andXID_continue
as character properties cover the character ranges used to form the more familiar C and Java language-family identifiers.
Comments
Comments in Rust code follow the general C++ style of line (//
) and
block (/* ... */
) comment forms. Nested block comments are supported.
Line comments beginning with exactly three slashes (///
), and block
comments (/** ... */
), are interpreted as a special syntax for doc
attributes. That is, they are equivalent to writing
#[doc="..."]
around the body of the comment, i.e., /// Foo
turns into
#[doc="Foo"]
.
Line comments beginning with //!
and block comments /*! ... !*/
are
doc comments that apply to the parent of the comment, rather than the item
that follows. That is, they are equivalent to writing #![doc="..."]
around
the body of the comment. //!
comments are usually used to document
modules that occupy a source file.
Non-doc comments are interpreted as a form of whitespace.
Whitespace
Whitespace is any non-empty string containing only the following characters:
U+0020
(space,' '
)U+0009
(tab,'\t'
)U+000A
(LF,'\n'
)U+000D
(CR,'\r'
)
Rust is a "free-form" language, meaning that all forms of whitespace serve only to separate tokens in the grammar, and have no semantic significance.
A Rust program has identical meaning if each whitespace element is replaced with any other legal whitespace element, such as a single space character.
Tokens
Tokens are primitive productions in the grammar defined by regular (non-recursive) languages. "Simple" tokens are given in string table production form, and occur in the rest of the grammar as double-quoted strings. Other tokens have exact rules given.
Literals
A literal is an expression consisting of a single token, rather than a sequence of tokens, that immediately and directly denotes the value it evaluates to, rather than referring to it by name or some other evaluation rule. A literal is a form of constant expression, so is evaluated (primarily) at compile time.
Examples
Characters and strings
Example | # sets |
Characters | Escapes | |
---|---|---|---|---|
Character | 'H' |
N/A |
All Unicode | Quote & Byte & Unicode |
String | "hello" |
N/A |
All Unicode | Quote & Byte & Unicode |
Raw | r#"hello"# |
0... |
All Unicode | N/A |
Byte | b'H' |
N/A |
All ASCII | Quote & Byte |
Byte string | b"hello" |
N/A |
All ASCII | Quote & Byte |
Raw byte string | br#"hello"# |
0... |
All ASCII | N/A |
Byte escapes
Name | |
---|---|
\x7F |
8-bit character code (exactly 2 digits) |
\n |
Newline |
\r |
Carriage return |
\t |
Tab |
\\ |
Backslash |
\0 |
Null |
Unicode escapes
Name | |
---|---|
\u{7FFF} |
24-bit Unicode character code (up to 6 digits) |
Quote escapes
Name | |
---|---|
\' |
Single quote |
\" |
Double quote |
Numbers
Number literals* |
Example | Exponentiation | Suffixes |
---|---|---|---|
Decimal integer | 98_222 |
N/A |
Integer suffixes |
Hex integer | 0xff |
N/A |
Integer suffixes |
Octal integer | 0o77 |
N/A |
Integer suffixes |
Binary integer | 0b1111_0000 |
N/A |
Integer suffixes |
Floating-point | 123.0E+77 |
Optional |
Floating-point suffixes |
*
All number literals allow _
as a visual separator: 1_234.0E+18f64
Suffixes
Integer | Floating-point |
---|---|
u8 , i8 , u16 , i16 , u32 , i32 , u64 , i64 , isize , usize |
f32 , f64 |
Character and string literals
Character literals
A character literal is a single Unicode character enclosed within two
U+0027
(single-quote) characters, with the exception of U+0027
itself,
which must be escaped by a preceding U+005C
character (\
).
String literals
A string literal is a sequence of any Unicode characters enclosed within two
U+0022
(double-quote) characters, with the exception of U+0022
itself,
which must be escaped by a preceding U+005C
character (\
).
Line-break characters are allowed in string literals. Normally they represent
themselves (i.e. no translation), but as a special exception, when a U+005C
character (\
) occurs immediately before the newline, the U+005C
character,
the newline, and all whitespace at the beginning of the next line are ignored.
Thus a
and b
are equal:
let a = "foobar";
let b = "foo\
bar";
assert_eq!(a,b);
Character escapes
Some additional escapes are available in either character or non-raw string
literals. An escape starts with a U+005C
(\
) and continues with one of the
following forms:
- An 8-bit code point escape starts with
U+0078
(x
) and is followed by exactly two hex digits. It denotes the Unicode code point equal to the provided hex value. - A 24-bit code point escape starts with
U+0075
(u
) and is followed by up to six hex digits surrounded by bracesU+007B
({
) andU+007D
(}
). It denotes the Unicode code point equal to the provided hex value. - A whitespace escape is one of the characters
U+006E
(n
),U+0072
(r
), orU+0074
(t
), denoting the Unicode valuesU+000A
(LF),U+000D
(CR) orU+0009
(HT) respectively. - The backslash escape is the character
U+005C
(\
) which must be escaped in order to denote itself.
Raw string literals
Raw string literals do not process any escapes. They start with the character
U+0072
(r
), followed by zero or more of the character U+0023
(#
) and a
U+0022
(double-quote) character. The raw string body can contain any sequence
of Unicode characters and is terminated only by another U+0022
(double-quote)
character, followed by the same number of U+0023
(#
) characters that preceded
the opening U+0022
(double-quote) character.
All Unicode characters contained in the raw string body represent themselves,
the characters U+0022
(double-quote) (except when followed by at least as
many U+0023
(#
) characters as were used to start the raw string literal) or
U+005C
(\
) do not have any special meaning.
Examples for string literals:
"foo"; r"foo"; // foo
"\"foo\""; r#""foo""#; // "foo"
"foo #\"# bar";
r##"foo #"# bar"##; // foo #"# bar
"\x52"; "R"; r"R"; // R
"\\x52"; r"\x52"; // \x52
Byte and byte string literals
Byte literals
A byte literal is a single ASCII character (in the U+0000
to U+007F
range) or a single escape preceded by the characters U+0062
(b
) and
U+0027
(single-quote), and followed by the character U+0027
. If the character
U+0027
is present within the literal, it must be escaped by a preceding
U+005C
(\
) character. It is equivalent to a u8
unsigned 8-bit integer
number literal.
Byte string literals
A non-raw byte string literal is a sequence of ASCII characters and escapes,
preceded by the characters U+0062
(b
) and U+0022
(double-quote), and
followed by the character U+0022
. If the character U+0022
is present within
the literal, it must be escaped by a preceding U+005C
(\
) character.
Alternatively, a byte string literal can be a raw byte string literal, defined
below. A byte string literal of length n
is equivalent to a &'static [u8; n]
borrowed fixed-sized array
of unsigned 8-bit integers.
Some additional escapes are available in either byte or non-raw byte string
literals. An escape starts with a U+005C
(\
) and continues with one of the
following forms:
- A byte escape escape starts with
U+0078
(x
) and is followed by exactly two hex digits. It denotes the byte equal to the provided hex value. - A whitespace escape is one of the characters
U+006E
(n
),U+0072
(r
), orU+0074
(t
), denoting the bytes values0x0A
(ASCII LF),0x0D
(ASCII CR) or0x09
(ASCII HT) respectively. - The backslash escape is the character
U+005C
(\
) which must be escaped in order to denote its ASCII encoding0x5C
.
Raw byte string literals
Raw byte string literals do not process any escapes. They start with the
character U+0062
(b
), followed by U+0072
(r
), followed by zero or more
of the character U+0023
(#
), and a U+0022
(double-quote) character. The
raw string body can contain any sequence of ASCII characters and is terminated
only by another U+0022
(double-quote) character, followed by the same number of
U+0023
(#
) characters that preceded the opening U+0022
(double-quote)
character. A raw byte string literal can not contain any non-ASCII byte.
All characters contained in the raw string body represent their ASCII encoding,
the characters U+0022
(double-quote) (except when followed by at least as
many U+0023
(#
) characters as were used to start the raw string literal) or
U+005C
(\
) do not have any special meaning.
Examples for byte string literals:
b"foo"; br"foo"; // foo
b"\"foo\""; br#""foo""#; // "foo"
b"foo #\"# bar";
br##"foo #"# bar"##; // foo #"# bar
b"\x52"; b"R"; br"R"; // R
b"\\x52"; br"\x52"; // \x52
Number literals
A number literal is either an integer literal or a floating-point literal. The grammar for recognizing the two kinds of literals is mixed.
Integer literals
An integer literal has one of four forms:
- A decimal literal starts with a decimal digit and continues with any mixture of decimal digits and underscores.
- A hex literal starts with the character sequence
U+0030
U+0078
(0x
) and continues as any mixture of hex digits and underscores. - An octal literal starts with the character sequence
U+0030
U+006F
(0o
) and continues as any mixture of octal digits and underscores. - A binary literal starts with the character sequence
U+0030
U+0062
(0b
) and continues as any mixture of binary digits and underscores.
Like any literal, an integer literal may be followed (immediately,
without any spaces) by an integer suffix, which forcibly sets the
type of the literal. The integer suffix must be the name of one of the
integral types: u8
, i8
, u16
, i16
, u32
, i32
, u64
, i64
,
isize
, or usize
.
The type of an unsuffixed integer literal is determined by type inference:
-
If an integer type can be uniquely determined from the surrounding program context, the unsuffixed integer literal has that type.
-
If the program context under-constrains the type, it defaults to the signed 32-bit integer
i32
. -
If the program context over-constrains the type, it is considered a static type error.
Examples of integer literals of various forms:
123i32; // type i32
123u32; // type u32
123_u32; // type u32
0xff_u8; // type u8
0o70_i16; // type i16
0b1111_1111_1001_0000_i32; // type i32
0usize; // type usize
Floating-point literals
A floating-point literal has one of two forms:
- A decimal literal followed by a period character
U+002E
(.
). This is optionally followed by another decimal literal, with an optional exponent. - A single decimal literal followed by an exponent.
Like integer literals, a floating-point literal may be followed by a
suffix, so long as the pre-suffix part does not end with U+002E
(.
).
The suffix forcibly sets the type of the literal. There are two valid
floating-point suffixes, f32
and f64
(the 32-bit and 64-bit floating point
types), which explicitly determine the type of the literal.
The type of an unsuffixed floating-point literal is determined by type inference:
-
If a floating-point type can be uniquely determined from the surrounding program context, the unsuffixed floating-point literal has that type.
-
If the program context under-constrains the type, it defaults to
f64
. -
If the program context over-constrains the type, it is considered a static type error.
Examples of floating-point literals of various forms:
123.0f64; // type f64
0.1f64; // type f64
0.1f32; // type f32
12E+99_f64; // type f64
let x: f64 = 2.; // type f64
This last example is different because it is not possible to use the suffix
syntax with a floating point literal ending in a period. 2.f64
would attempt
to call a method named f64
on 2
.
The representation semantics of floating-point numbers are described in "Machine Types".
Boolean literals
The two values of the boolean type are written true
and false
.
Symbols
Symbols are a general class of printable tokens that play structural roles in a variety of grammar productions. They are a set of remaining miscellaneous printable tokens that do not otherwise appear as unary operators, binary operators, or keywords. They are catalogued in the Symbols section of the Grammar document.
Paths
A path is a sequence of one or more path components logically separated by
a namespace qualifier (::
). If a path consists of only one component, it may
refer to either an item or a variable in a local control
scope. If a path has multiple components, it refers to an item.
Every item has a canonical path within its crate, but the path naming an item is only meaningful within a given crate. There is no global namespace across crates; an item's canonical path merely identifies it within the crate.
Two examples of simple paths consisting of only identifier components:
x;
x::y::z;
Path components are usually identifiers, but they may
also include angle-bracket-enclosed lists of type arguments. In
expression context, the type argument list is given
after a ::
namespace qualifier in order to disambiguate it from a
relational expression involving the less-than symbol (<
). In type
expression context, the final namespace qualifier is omitted.
Two examples of paths with type arguments:
# struct HashMap<K, V>(K,V);
# fn f() {
# fn id<T>(t: T) -> T { t }
type T = HashMap<i32,String>; // Type arguments used in a type expression
let x = id::<i32>(10); // Type arguments used in a call expression
# }
Paths can be denoted with various leading qualifiers to change the meaning of how it is resolved:
- Paths starting with
::
are considered to be global paths where the components of the path start being resolved from the crate root. Each identifier in the path must resolve to an item.
mod a {
pub fn foo() {}
}
mod b {
pub fn foo() {
::a::foo(); // call a's foo function
}
}
# fn main() {}
- Paths starting with the keyword
super
begin resolution relative to the parent module. Each further identifier must resolve to an item.
mod a {
pub fn foo() {}
}
mod b {
pub fn foo() {
super::a::foo(); // call a's foo function
}
}
# fn main() {}
- Paths starting with the keyword
self
begin resolution relative to the current module. Each further identifier must resolve to an item.
fn foo() {}
fn bar() {
self::foo();
}
# fn main() {}
Syntax extensions
A number of minor features of Rust are not central enough to have their own
syntax, and yet are not implementable as functions. Instead, they are given
names, and invoked through a consistent syntax: some_extension!(...)
.
Users of rustc
can define new syntax extensions in two ways:
-
Compiler plugins can include arbitrary Rust code that manipulates syntax trees at compile time. Note that the interface for compiler plugins is considered highly unstable.
-
Macros define new syntax in a higher-level, declarative way.
Macros
macro_rules
allows users to define syntax extension in a declarative way. We
call such extensions "macros by example" or simply "macros" — to be distinguished
from the "procedural macros" defined in compiler plugins.
Currently, macros can expand to expressions, statements, items, or patterns.
(A sep_token
is any token other than *
and +
. A non_special_token
is
any token other than a delimiter or $
.)
The macro expander looks up macro invocations by name, and tries each macro rule in turn. It transcribes the first successful match. Matching and transcription are closely related to each other, and we will describe them together.
Macro By Example
The macro expander matches and transcribes every token that does not begin with
a $
literally, including delimiters. For parsing reasons, delimiters must be
balanced, but they are otherwise not special.
In the matcher, $
name :
designator matches the nonterminal in the Rust
syntax named by designator. Valid designators are:
item
: an itemblock
: a blockstmt
: a statementpat
: a patternexpr
: an expressionty
: a typeident
: an identifierpath
: a pathtt
: either side of the=>
in macro rulesmeta
: the contents of an attribute
In the transcriber, the designator is already known, and so only the name of a matched nonterminal comes after the dollar sign.
In both the matcher and transcriber, the Kleene star-like operator indicates
repetition. The Kleene star operator consists of $
and parentheses, optionally
followed by a separator token, followed by *
or +
. *
means zero or more
repetitions, +
means at least one repetition. The parentheses are not matched or
transcribed. On the matcher side, a name is bound to all of the names it
matches, in a structure that mimics the structure of the repetition encountered
on a successful match. The job of the transcriber is to sort that structure
out.
The rules for transcription of these repetitions are called "Macro By Example".
Essentially, one "layer" of repetition is discharged at a time, and all of them
must be discharged by the time a name is transcribed. Therefore, ( $( $i:ident ),* ) => ( $i )
is an invalid macro, but ( $( $i:ident ),* ) => ( $( $i:ident ),* )
is acceptable (if trivial).
When Macro By Example encounters a repetition, it examines all of the $
name s that occur in its body. At the "current layer", they all must repeat
the same number of times, so ( $( $i:ident ),* ; $( $j:ident ),* ) => ( $( ($i,$j) ),* )
is valid if given the argument (a,b,c ; d,e,f)
, but not
(a,b,c ; d,e)
. The repetition walks through the choices at that layer in
lockstep, so the former input transcribes to (a,d), (b,e), (c,f)
.
Nested repetitions are allowed.
Parsing limitations
The parser used by the macro system is reasonably powerful, but the parsing of Rust syntax is restricted in two ways:
- Macro definitions are required to include suitable separators after parsing
expressions and other bits of the Rust grammar. This implies that
a macro definition like
$i:expr [ , ]
is not legal, because[
could be part of an expression. A macro definition like$i:expr,
or$i:expr;
would be legal, however, because,
and;
are legal separators. See RFC 550 for more information. - The parser must have eliminated all ambiguity by the time it reaches a
$
name:
designator. This requirement most often affects name-designator pairs when they occur at the beginning of, or immediately after, a$(...)*
; requiring a distinctive token in front can solve the problem.
Crates and source files
Although Rust, like any other language, can be implemented by an interpreter as well as a compiler, the only existing implementation is a compiler, and the language has always been designed to be compiled. For these reasons, this section assumes a compiler.
Rust's semantics obey a phase distinction between compile-time and run-time.3 Semantic rules that have a static interpretation govern the success or failure of compilation, while semantic rules that have a dynamic interpretation govern the behavior of the program at run-time.
The compilation model centers on artifacts called crates. Each compilation processes a single crate in source form, and if successful, produces a single crate in binary form: either an executable or some sort of library.4
A crate is a unit of compilation and linking, as well as versioning, distribution and runtime loading. A crate contains a tree of nested module scopes. The top level of this tree is a module that is anonymous (from the point of view of paths within the module) and any item within a crate has a canonical module path denoting its location within the crate's module tree.
The Rust compiler is always invoked with a single source file as input, and
always produces a single output crate. The processing of that source file may
result in other source files being loaded as modules. Source files have the
extension .rs
.
A Rust source file describes a module, the name and location of which —
in the module tree of the current crate — are defined from outside the
source file: either by an explicit mod_item
in a referencing source file, or
by the name of the crate itself. Every source file is a module, but not every
module needs its own source file: module definitions can be nested
within one file.
Each source file contains a sequence of zero or more item
definitions, and
may optionally begin with any number of attributes
that apply to the containing module, most of which influence the behavior of
the compiler. The anonymous crate module can have additional attributes that
apply to the crate as a whole.
// Specify the crate name.
#![crate_name = "projx"]
// Specify the type of output artifact.
#![crate_type = "lib"]
// Turn on a warning.
// This can be done in any module, not just the anonymous crate module.
#![warn(non_camel_case_types)]
A crate that contains a main
function can be compiled to an executable. If a
main
function is present, its return type must be ()
("unit") and it must take no arguments.
Items and attributes
Crates contain items, each of which may have some number of attributes attached to it.
Items
An item is a component of a crate. Items are organized within a crate by a nested set of modules. Every crate has a single "outermost" anonymous module; all further items within the crate have paths within the module tree of the crate.
Items are entirely determined at compile-time, generally remain fixed during execution, and may reside in read-only memory.
There are several kinds of item:
extern crate
declarationsuse
declarations- modules
- functions
- type definitions
- structs
- enumerations
- constant items
- static items
- traits
- implementations
Some items form an implicit scope for the declaration of sub-items. In other words, within a function or module, declarations of items can (in many cases) be mixed with the statements, control blocks, and similar artifacts that otherwise compose the item body. The meaning of these scoped items is the same as if the item was declared outside the scope — it is still a static item — except that the item's path name within the module namespace is qualified by the name of the enclosing item, or is private to the enclosing item (in the case of functions). The grammar specifies the exact locations in which sub-item declarations may appear.
Type Parameters
All items except modules, constants and statics may be parameterized by type.
Type parameters are given as a comma-separated list of identifiers enclosed in
angle brackets (<...>
), after the name of the item and before its definition.
The type parameters of an item are considered "part of the name", not part of
the type of the item. A referencing path must (in principle) provide
type arguments as a list of comma-separated types enclosed within angle
brackets, in order to refer to the type-parameterized item. In practice, the
type-inference system can usually infer such argument types from context. There
are no general type-parametric types, only type-parametric items. That is, Rust
has no notion of type abstraction: there are no higher-ranked (or "forall") types
abstracted over other types, though higher-ranked types do exist for lifetimes.
Modules
A module is a container for zero or more items.
A module item is a module, surrounded in braces, named, and prefixed with the
keyword mod
. A module item introduces a new, named module into the tree of
modules making up a crate. Modules can nest arbitrarily.
An example of a module:
mod math {
type Complex = (f64, f64);
fn sin(f: f64) -> f64 {
/* ... */
# panic!();
}
fn cos(f: f64) -> f64 {
/* ... */
# panic!();
}
fn tan(f: f64) -> f64 {
/* ... */
# panic!();
}
}
Modules and types share the same namespace. Declaring a named type with the same name as a module in scope is forbidden: that is, a type definition, trait, struct, enumeration, or type parameter can't shadow the name of a module in scope, or vice versa.
A module without a body is loaded from an external file, by default with the
same name as the module, plus the .rs
extension. When a nested submodule is
loaded from an external file, it is loaded from a subdirectory path that
mirrors the module hierarchy.
// Load the `vec` module from `vec.rs`
mod vec;
mod thread {
// Load the `local_data` module from `thread/local_data.rs`
// or `thread/local_data/mod.rs`.
mod local_data;
}
The directories and files used for loading external file modules can be
influenced with the path
attribute.
#[path = "thread_files"]
mod thread {
// Load the `local_data` module from `thread_files/tls.rs`
#[path = "tls.rs"]
mod local_data;
}
Extern crate declarations
An extern crate
declaration specifies a dependency on an external crate.
The external crate is then bound into the declaring scope as the ident
provided in the extern_crate_decl
.
The external crate is resolved to a specific soname
at compile time, and a
runtime linkage requirement to that soname
is passed to the linker for
loading at runtime. The soname
is resolved at compile time by scanning the
compiler's library path and matching the optional crateid
provided against
the crateid
attributes that were declared on the external crate when it was
compiled. If no crateid
is provided, a default name
attribute is assumed,
equal to the ident
given in the extern_crate_decl
.
Three examples of extern crate
declarations:
extern crate pcre;
extern crate std; // equivalent to: extern crate std as std;
extern crate std as ruststd; // linking to 'std' under another name
Use declarations
A use declaration creates one or more local name bindings synonymous with
some other path. Usually a use
declaration is used to shorten the
path required to refer to a module item. These declarations may appear at the
top of modules and blocks.
Note
: Unlike in many languages,
use
declarations in Rust do not declare linkage dependency with external crates. Rather,extern crate
declarations declare linkage dependencies.
Use declarations support a number of convenient shortcuts:
- Rebinding the target name as a new local name, using the syntax
use p::q::r as x;
- Simultaneously binding a list of paths differing only in their final element,
using the glob-like brace syntax
use a::b::{c,d,e,f};
- Binding all paths matching a given prefix, using the asterisk wildcard syntax
use a::b::*;
- Simultaneously binding a list of paths differing only in their final element
and their immediate parent module, using the
self
keyword, such asuse a::b::{self, c, d};
An example of use
declarations:
use std::option::Option::{Some, None};
use std::collections::hash_map::{self, HashMap};
fn foo<T>(_: T){}
fn bar(map1: HashMap<String, usize>, map2: hash_map::HashMap<String, usize>){}
fn main() {
// Equivalent to 'foo(vec![std::option::Option::Some(1.0f64),
// std::option::Option::None]);'
foo(vec![Some(1.0f64), None]);
// Both `hash_map` and `HashMap` are in scope.
let map1 = HashMap::new();
let map2 = hash_map::HashMap::new();
bar(map1, map2);
}
Like items, use
declarations are private to the containing module, by
default. Also like items, a use
declaration can be public, if qualified by
the pub
keyword. Such a use
declaration serves to re-export a name. A
public use
declaration can therefore redirect some public name to a
different target definition: even a definition with a private canonical path,
inside a different module. If a sequence of such redirections form a cycle or
cannot be resolved unambiguously, they represent a compile-time error.
An example of re-exporting:
# fn main() { }
mod quux {
pub use quux::foo::{bar, baz};
pub mod foo {
pub fn bar() { }
pub fn baz() { }
}
}
In this example, the module quux
re-exports two public names defined in
foo
.
Also note that the paths contained in use
items are relative to the crate
root. So, in the previous example, the use
refers to quux::foo::{bar, baz}
, and not simply to foo::{bar, baz}
. This also means that top-level
module declarations should be at the crate root if direct usage of the declared
modules within use
items is desired. It is also possible to use self
and
super
at the beginning of a use
item to refer to the current and direct
parent modules respectively. All rules regarding accessing declared modules in
use
declarations apply to both module declarations and extern crate
declarations.
An example of what will and will not work for use
items:
# #![allow(unused_imports)]
use foo::baz::foobaz; // good: foo is at the root of the crate
mod foo {
mod example {
pub mod iter {}
}
use foo::example::iter; // good: foo is at crate root
// use example::iter; // bad: example is not at the crate root
use self::baz::foobaz; // good: self refers to module 'foo'
use foo::bar::foobar; // good: foo is at crate root
pub mod bar {
pub fn foobar() { }
}
pub mod baz {
use super::bar::foobar; // good: super refers to module 'foo'
pub fn foobaz() { }
}
}
fn main() {}
Functions
A function item defines a sequence of statements and a
final expression, along with a name and a set of
parameters. Other than a name, all these are optional.
Functions are declared with the keyword fn
. Functions may declare a
set of input variables as parameters, through which the caller
passes arguments into the function, and the output type
of the value the function will return to its caller on completion.
A function may also be copied into a first-class value, in which case the value has the corresponding function type, and can be used otherwise exactly as a function item (with a minor additional cost of calling the function indirectly).
Every control path in a function logically ends with a return
expression or a
diverging expression. If the outermost block of a function has a
value-producing expression in its final-expression position, that expression is
interpreted as an implicit return
expression applied to the final-expression.
An example of a function:
fn add(x: i32, y: i32) -> i32 {
x + y
}
As with let
bindings, function arguments are irrefutable patterns, so any
pattern that is valid in a let binding is also valid as an argument.
fn first((value, _): (i32, i32)) -> i32 { value }
Generic functions
A generic function allows one or more parameterized types to appear in its signature. Each type parameter must be explicitly declared, in an angle-bracket-enclosed, comma-separated list following the function name.
// foo is generic over A and B
fn foo<A, B>(x: A, y: B) {
Inside the function signature and body, the name of the type parameter can be
used as a type name. Trait bounds can be specified for type parameters
to allow methods with that trait to be called on values of that type. This is
specified using the where
syntax:
fn foo<T>(x: T) where T: Debug {
When a generic function is referenced, its type is instantiated based on the
context of the reference. For example, calling the foo
function here:
use std::fmt::Debug;
fn foo<T>(x: &[T]) where T: Debug {
// details elided
# ()
}
foo(&[1, 2]);
will instantiate type parameter T
with i32
.
The type parameters can also be explicitly supplied in a trailing
path component after the function name. This might be necessary if
there is not sufficient context to determine the type parameters. For example,
mem::size_of::<u32>() == 4
.
Diverging functions
A special kind of function can be declared with a !
character where the
output type would normally be. For example:
fn my_err(s: &str) -> ! {
println!("{}", s);
panic!();
}
We call such functions "diverging" because they never return a value to the
caller. Every control path in a diverging function must end with a panic!()
or
a call to another diverging function on every control path. The !
annotation
does not denote a type.
It might be necessary to declare a diverging function because as mentioned
previously, the typechecker checks that every control path in a function ends
with a return
or diverging expression. So, if my_err
were declared without the !
annotation, the following code would not
typecheck:
# fn my_err(s: &str) -> ! { panic!() }
fn f(i: i32) -> i32 {
if i == 42 {
return 42;
}
else {
my_err("Bad number!");
}
}
This will not compile without the !
annotation on my_err
, since the else
branch of the conditional in f
does not return an i32
, as required by the
signature of f
. Adding the !
annotation to my_err
informs the
typechecker that, should control ever enter my_err
, no further type judgments
about f
need to hold, since control will never resume in any context that
relies on those judgments. Thus the return type on f
only needs to reflect
the if
branch of the conditional.
Extern functions
Extern functions are part of Rust's foreign function interface, providing the
opposite functionality to external blocks. Whereas
external blocks allow Rust code to call foreign code, extern functions with
bodies defined in Rust code can be called by foreign code. They are defined
in the same way as any other Rust function, except that they have the extern
modifier.
// Declares an extern fn, the ABI defaults to "C"
extern fn new_i32() -> i32 { 0 }
// Declares an extern fn with "stdcall" ABI
extern "stdcall" fn new_i32_stdcall() -> i32 { 0 }
Unlike normal functions, extern fns have type extern "ABI" fn()
. This is the
same type as the functions declared in an extern block.
# extern fn new_i32() -> i32 { 0 }
let fptr: extern "C" fn() -> i32 = new_i32;
Extern functions may be called directly from Rust code as Rust uses large, contiguous stack segments like C.
Type aliases
A type alias defines a new name for an existing type. Type
aliases are declared with the keyword type
. Every value has a single,
specific type, but may implement several different traits, or be compatible with
several different type constraints.
For example, the following defines the type Point
as a synonym for the type
(u8, u8)
, the type of pairs of unsigned 8 bit integers:
type Point = (u8, u8);
let p: Point = (41, 68);
Structs
A struct is a nominal struct type defined with the
keyword struct
.
An example of a struct
item and its use:
struct Point {x: i32, y: i32}
let p = Point {x: 10, y: 11};
let px: i32 = p.x;
A tuple struct is a nominal tuple type, also defined with
the keyword struct
. For example:
struct Point(i32, i32);
let p = Point(10, 11);
let px: i32 = match p { Point(x, _) => x };
A unit-like struct is a struct without any fields, defined by leaving off the list of fields entirely. Such a struct implicitly defines a constant of its type with the same name. For example:
# #![feature(braced_empty_structs)]
struct Cookie;
let c = [Cookie, Cookie {}, Cookie, Cookie {}];
is equivalent to
# #![feature(braced_empty_structs)]
struct Cookie {}
const Cookie: Cookie = Cookie {};
let c = [Cookie, Cookie {}, Cookie, Cookie {}];
The precise memory layout of a struct is not specified. One can specify a
particular layout using the repr
attribute.
Enumerations
An enumeration is a simultaneous definition of a nominal enumerated type as well as a set of constructors, that can be used to create or pattern-match values of the corresponding enumerated type.
Enumerations are declared with the keyword enum
.
An example of an enum
item and its use:
enum Animal {
Dog,
Cat,
}
let mut a: Animal = Animal::Dog;
a = Animal::Cat;
Enumeration constructors can have either named or unnamed fields:
enum Animal {
Dog (String, f64),
Cat { name: String, weight: f64 }
}
let mut a: Animal = Animal::Dog("Cocoa".to_string(), 37.2);
a = Animal::Cat { name: "Spotty".to_string(), weight: 2.7 };
In this example, Cat
is a struct-like enum variant,
whereas Dog
is simply called an enum variant.
Enums have a discriminant. You can assign them explicitly:
enum Foo {
Bar = 123,
}
If a discriminant isn't assigned, they start at zero, and add one for each variant, in order.
You can cast an enum to get this value:
# enum Foo { Bar = 123 }
let x = Foo::Bar as u32; // x is now 123u32
This only works as long as none of the variants have data attached. If
it were Bar(i32)
, this is disallowed.
Constant items
A constant item is a named constant value which is not associated with a specific memory location in the program. Constants are essentially inlined wherever they are used, meaning that they are copied directly into the relevant context when used. References to the same constant are not necessarily guaranteed to refer to the same memory address.
Constant values must not have destructors, and otherwise permit most forms of
data. Constants may refer to the address of other constants, in which case the
address will have the static
lifetime. The compiler is, however, still at
liberty to translate the constant many times, so the address referred to may not
be stable.
Constants must be explicitly typed. The type may be bool
, char
, a number, or
a type derived from those primitive types. The derived types are references with
the static
lifetime, fixed-size arrays, tuples, enum variants, and structs.
const BIT1: u32 = 1 << 0;
const BIT2: u32 = 1 << 1;
const BITS: [u32; 2] = [BIT1, BIT2];
const STRING: &'static str = "bitstring";
struct BitsNStrings<'a> {
mybits: [u32; 2],
mystring: &'a str
}
const BITS_N_STRINGS: BitsNStrings<'static> = BitsNStrings {
mybits: BITS,
mystring: STRING
};
Static items
A static item is similar to a constant, except that it represents a precise
memory location in the program. A static is never "inlined" at the usage site,
and all references to it refer to the same memory location. Static items have
the static
lifetime, which outlives all other lifetimes in a Rust program.
Static items may be placed in read-only memory if they do not contain any
interior mutability.
Statics may contain interior mutability through the UnsafeCell
language item.
All access to a static is safe, but there are a number of restrictions on
statics:
- Statics may not contain any destructors.
- The types of static values must ascribe to
Sync
to allow thread-safe access. - Statics may not refer to other statics by value, only by reference.
- Constants cannot refer to statics.
Constants should in general be preferred over statics, unless large amounts of data are being stored, or single-address and mutability properties are required.
Mutable statics
If a static item is declared with the mut
keyword, then it is allowed to
be modified by the program. One of Rust's goals is to make concurrency bugs
hard to run into, and this is obviously a very large source of race conditions
or other bugs. For this reason, an unsafe
block is required when either
reading or writing a mutable static variable. Care should be taken to ensure
that modifications to a mutable static are safe with respect to other threads
running in the same process.
Mutable statics are still very useful, however. They can be used with C
libraries and can also be bound from C libraries (in an extern
block).
# fn atomic_add(_: &mut u32, _: u32) -> u32 { 2 }
static mut LEVELS: u32 = 0;
// This violates the idea of no shared state, and this doesn't internally
// protect against races, so this function is `unsafe`
unsafe fn bump_levels_unsafe1() -> u32 {
let ret = LEVELS;
LEVELS += 1;
return ret;
}
// Assuming that we have an atomic_add function which returns the old value,
// this function is "safe" but the meaning of the return value may not be what
// callers expect, so it's still marked as `unsafe`
unsafe fn bump_levels_unsafe2() -> u32 {
return atomic_add(&mut LEVELS, 1);
}
Mutable statics have the same restrictions as normal statics, except that the
type of the value is not required to ascribe to Sync
.
Traits
A trait describes an abstract interface that types can implement. This interface consists of associated items, which come in three varieties:
- functions
- constants
- types
Associated functions whose first parameter is named self
are called
methods and may be invoked using .
notation (e.g., x.foo()
).
All traits define an implicit type parameter Self
that refers to
"the type that is implementing this interface". Traits may also
contain additional type parameters. These type parameters (including
Self
) may be constrained by other traits and so forth as usual.
Trait bounds on Self
are considered "supertraits". These are
required to be acyclic. Supertraits are somewhat different from other
constraints in that they affect what methods are available in the
vtable when the trait is used as a trait object.
Traits are implemented for specific types through separate implementations.
Consider the following trait:
# type Surface = i32;
# type BoundingBox = i32;
trait Shape {
fn draw(&self, Surface);
fn bounding_box(&self) -> BoundingBox;
}
This defines a trait with two methods. All values that have
implementations of this trait in scope can have their
draw
and bounding_box
methods called, using value.bounding_box()
syntax.
Traits can include default implementations of methods, as in:
trait Foo {
fn bar(&self);
fn baz(&self) { println!("We called baz."); }
}
Here the baz
method has a default implementation, so types that implement
Foo
need only implement bar
. It is also possible for implementing types
to override a method that has a default implementation.
Type parameters can be specified for a trait to make it generic. These appear after the trait name, using the same syntax used in generic functions.
trait Seq<T> {
fn len(&self) -> u32;
fn elt_at(&self, n: u32) -> T;
fn iter<F>(&self, F) where F: Fn(T);
}
It is also possible to define associated types for a trait. Consider the
following example of a Container
trait. Notice how the type is available
for use in the method signatures:
trait Container {
type E;
fn empty() -> Self;
fn insert(&mut self, Self::E);
}
In order for a type to implement this trait, it must not only provide
implementations for every method, but it must specify the type E
. Here's
an implementation of Container
for the standard library type Vec
:
# trait Container {
# type E;
# fn empty() -> Self;
# fn insert(&mut self, Self::E);
# }
impl<T> Container for Vec<T> {
type E = T;
fn empty() -> Vec<T> { Vec::new() }
fn insert(&mut self, x: T) { self.push(x); }
}
Generic functions may use traits as bounds on their type parameters. This will have two effects:
- Only types that have the trait may instantiate the parameter.
- Within the generic function, the methods of the trait can be called on values that have the parameter's type.
For example:
# type Surface = i32;
# trait Shape { fn draw(&self, Surface); }
fn draw_twice<T: Shape>(surface: Surface, sh: T) {
sh.draw(surface);
sh.draw(surface);
}
Traits also define a trait object with the same
name as the trait. Values of this type are created by coercing from a
pointer of some specific type to a pointer of trait type. For example,
&T
could be coerced to &Shape
if T: Shape
holds (and similarly
for Box<T>
). This coercion can either be implicit or
explicit. Here is an example of an explicit
coercion:
trait Shape { }
impl Shape for i32 { }
let mycircle = 0i32;
let myshape: Box<Shape> = Box::new(mycircle) as Box<Shape>;
The resulting value is a box containing the value that was cast, along with information that identifies the methods of the implementation that was used. Values with a trait type can have methods called on them, for any method in the trait, and can be used to instantiate type parameters that are bounded by the trait.
Trait methods may be static, which means that they lack a self
argument.
This means that they can only be called with function call syntax (f(x)
) and
not method call syntax (obj.f()
). The way to refer to the name of a static
method is to qualify it with the trait name, treating the trait name like a
module. For example:
trait Num {
fn from_i32(n: i32) -> Self;
}
impl Num for f64 {
fn from_i32(n: i32) -> f64 { n as f64 }
}
let x: f64 = Num::from_i32(42);
Traits may inherit from other traits. Consider the following example:
trait Shape { fn area(&self) -> f64; }
trait Circle : Shape { fn radius(&self) -> f64; }
The syntax Circle : Shape
means that types that implement Circle
must also
have an implementation for Shape
. Multiple supertraits are separated by +
,
trait Circle : Shape + PartialEq { }
. In an implementation of Circle
for a
given type T
, methods can refer to Shape
methods, since the typechecker
checks that any type with an implementation of Circle
also has an
implementation of Shape
:
struct Foo;
trait Shape { fn area(&self) -> f64; }
trait Circle : Shape { fn radius(&self) -> f64; }
impl Shape for Foo {
fn area(&self) -> f64 {
0.0
}
}
impl Circle for Foo {
fn radius(&self) -> f64 {
println!("calling area: {}", self.area());
0.0
}
}
let c = Foo;
c.radius();
In type-parameterized functions, methods of the supertrait may be called on
values of subtrait-bound type parameters. Referring to the previous example of
trait Circle : Shape
:
# trait Shape { fn area(&self) -> f64; }
# trait Circle : Shape { fn radius(&self) -> f64; }
fn radius_times_area<T: Circle>(c: T) -> f64 {
// `c` is both a Circle and a Shape
c.radius() * c.area()
}
Likewise, supertrait methods may also be called on trait objects.
# trait Shape { fn area(&self) -> f64; }
# trait Circle : Shape { fn radius(&self) -> f64; }
# impl Shape for i32 { fn area(&self) -> f64 { 0.0 } }
# impl Circle for i32 { fn radius(&self) -> f64 { 0.0 } }
# let mycircle = 0i32;
let mycircle = Box::new(mycircle) as Box<Circle>;
let nonsense = mycircle.radius() * mycircle.area();
Implementations
An implementation is an item that implements a trait for a specific type.
Implementations are defined with the keyword impl
.
# #[derive(Copy, Clone)]
# struct Point {x: f64, y: f64};
# type Surface = i32;
# struct BoundingBox {x: f64, y: f64, width: f64, height: f64};
# trait Shape { fn draw(&self, Surface); fn bounding_box(&self) -> BoundingBox; }
# fn do_draw_circle(s: Surface, c: Circle) { }
struct Circle {
radius: f64,
center: Point,
}
impl Copy for Circle {}
impl Clone for Circle {
fn clone(&self) -> Circle { *self }
}
impl Shape for Circle {
fn draw(&self, s: Surface) { do_draw_circle(s, *self); }
fn bounding_box(&self) -> BoundingBox {
let r = self.radius;
BoundingBox {
x: self.center.x - r,
y: self.center.y - r,
width: 2.0 * r,
height: 2.0 * r,
}
}
}
It is possible to define an implementation without referring to a trait. The
methods in such an implementation can only be used as direct calls on the values
of the type that the implementation targets. In such an implementation, the
trait type and for
after impl
are omitted. Such implementations are limited
to nominal types (enums, structs, trait objects), and the implementation must
appear in the same crate as the self
type:
struct Point {x: i32, y: i32}
impl Point {
fn log(&self) {
println!("Point is at ({}, {})", self.x, self.y);
}
}
let my_point = Point {x: 10, y:11};
my_point.log();
When a trait is specified in an impl
, all methods declared as part of the
trait must be implemented, with matching types and type parameter counts.
An implementation can take type parameters, which can be different from the
type parameters taken by the trait it implements. Implementation parameters
are written after the impl
keyword.
# trait Seq<T> { fn dummy(&self, _: T) { } }
impl<T> Seq<T> for Vec<T> {
/* ... */
}
impl Seq<bool> for u32 {
/* Treat the integer as a sequence of bits */
}
External blocks
External blocks form the basis for Rust's foreign function interface. Declarations in an external block describe symbols in external, non-Rust libraries.
Functions within external blocks are declared in the same way as other Rust functions, with the exception that they may not have a body and are instead terminated by a semicolon.
Functions within external blocks may be called by Rust code, just like functions defined in Rust. The Rust compiler automatically translates between the Rust ABI and the foreign ABI.
A number of attributes control the behavior of external blocks.
By default external blocks assume that the library they are calling uses the
standard C "cdecl" ABI. Other ABIs may be specified using an abi
string, as
shown here:
// Interface to the Windows API
extern "stdcall" { }
The link
attribute allows the name of the library to be specified. When
specified the compiler will attempt to link against the native library of the
specified name.
#[link(name = "crypto")]
extern { }
The type of a function declared in an extern block is extern "abi" fn(A1, ..., An) -> R
, where A1...An
are the declared types of its arguments and R
is
the declared return type.
It is valid to add the link
attribute on an empty extern block. You can use
this to satisfy the linking requirements of extern blocks elsewhere in your code
(including upstream crates) instead of adding the attribute to each extern block.
Visibility and Privacy
These two terms are often used interchangeably, and what they are attempting to convey is the answer to the question "Can this item be used at this location?"
Rust's name resolution operates on a global hierarchy of namespaces. Each level in the hierarchy can be thought of as some item. The items are one of those mentioned above, but also include external crates. Declaring or defining a new module can be thought of as inserting a new tree into the hierarchy at the location of the definition.
To control whether interfaces can be used across modules, Rust checks each use of an item to see whether it should be allowed or not. This is where privacy warnings are generated, or otherwise "you used a private item of another module and weren't allowed to."
By default, everything in Rust is private, with one exception. Enum variants
in a pub
enum are also public by default. When an item is declared as pub
,
it can be thought of as being accessible to the outside world. For example:
# fn main() {}
// Declare a private struct
struct Foo;
// Declare a public struct with a private field
pub struct Bar {
field: i32
}
// Declare a public enum with two public variants
pub enum State {
PubliclyAccessibleState,
PubliclyAccessibleState2,
}
With the notion of an item being either public or private, Rust allows item accesses in two cases:
- If an item is public, then it can be used externally through any of its public ancestors.
- If an item is private, it may be accessed by the current module and its descendants.
These two cases are surprisingly powerful for creating module hierarchies exposing public APIs while hiding internal implementation details. To help explain, here's a few use cases and what they would entail:
-
A library developer needs to expose functionality to crates which link against their library. As a consequence of the first case, this means that anything which is usable externally must be
pub
from the root down to the destination item. Any private item in the chain will disallow external accesses. -
A crate needs a global available "helper module" to itself, but it doesn't want to expose the helper module as a public API. To accomplish this, the root of the crate's hierarchy would have a private module which then internally has a "public API". Because the entire crate is a descendant of the root, then the entire local crate can access this private module through the second case.
-
When writing unit tests for a module, it's often a common idiom to have an immediate child of the module to-be-tested named
mod test
. This module could access any items of the parent module through the second case, meaning that internal implementation details could also be seamlessly tested from the child module.
In the second case, it mentions that a private item "can be accessed" by the current module and its descendants, but the exact meaning of accessing an item depends on what the item is. Accessing a module, for example, would mean looking inside of it (to import more items). On the other hand, accessing a function would mean that it is invoked. Additionally, path expressions and import statements are considered to access an item in the sense that the import/expression is only valid if the destination is in the current visibility scope.
Here's an example of a program which exemplifies the three cases outlined above:
// This module is private, meaning that no external crate can access this
// module. Because it is private at the root of this current crate, however, any
// module in the crate may access any publicly visible item in this module.
mod crate_helper_module {
// This function can be used by anything in the current crate
pub fn crate_helper() {}
// This function *cannot* be used by anything else in the crate. It is not
// publicly visible outside of the `crate_helper_module`, so only this
// current module and its descendants may access it.
fn implementation_detail() {}
}
// This function is "public to the root" meaning that it's available to external
// crates linking against this one.
pub fn public_api() {}
// Similarly to 'public_api', this module is public so external crates may look
// inside of it.
pub mod submodule {
use crate_helper_module;
pub fn my_method() {
// Any item in the local crate may invoke the helper module's public
// interface through a combination of the two rules above.
crate_helper_module::crate_helper();
}
// This function is hidden to any module which is not a descendant of
// `submodule`
fn my_implementation() {}
#[cfg(test)]
mod test {
#[test]
fn test_my_implementation() {
// Because this module is a descendant of `submodule`, it's allowed
// to access private items inside of `submodule` without a privacy
// violation.
super::my_implementation();
}
}
}
# fn main() {}
For a rust program to pass the privacy checking pass, all paths must be valid accesses given the two rules above. This includes all use statements, expressions, types, etc.
Re-exporting and Visibility
Rust allows publicly re-exporting items through a pub use
directive. Because
this is a public directive, this allows the item to be used in the current
module through the rules above. It essentially allows public access into the
re-exported item. For example, this program is valid:
pub use self::implementation::api;
mod implementation {
pub mod api {
pub fn f() {}
}
}
# fn main() {}
This means that any external crate referencing implementation::api::f
would
receive a privacy violation, while the path api::f
would be allowed.
When re-exporting a private item, it can be thought of as allowing the "privacy chain" being short-circuited through the reexport instead of passing through the namespace hierarchy as it normally would.
Attributes
Any item declaration may have an attribute applied to it. Attributes in Rust are modeled on Attributes in ECMA-335, with the syntax coming from ECMA-334 (C#). An attribute is a general, free-form metadatum that is interpreted according to name, convention, and language and compiler version. Attributes may appear as any of:
- A single identifier, the attribute name
- An identifier followed by the equals sign '=' and a literal, providing a key/value pair
- An identifier followed by a parenthesized list of sub-attribute arguments
Attributes with a bang ("!") after the hash ("#") apply to the item that the attribute is declared within. Attributes that do not have a bang after the hash apply to the item that follows the attribute.
An example of attributes:
// General metadata applied to the enclosing module or crate.
#![crate_type = "lib"]
// A function marked as a unit test
#[test]
fn test_foo() {
/* ... */
}
// A conditionally-compiled module
#[cfg(target_os="linux")]
mod bar {
/* ... */
}
// A lint attribute used to suppress a warning/error
#[allow(non_camel_case_types)]
type int8_t = i8;
Note: At some point in the future, the compiler will distinguish between language-reserved and user-available attributes. Until then, there is effectively no difference between an attribute handled by a loadable syntax extension and the compiler.
Crate-only attributes
crate_name
- specify the crate's crate name.crate_type
- see linkage.feature
- see compiler features.no_builtins
- disable optimizing certain code patterns to invocations of library functions that are assumed to existno_main
- disable emitting themain
symbol. Useful when some other object being linked to definesmain
.no_start
- disable linking to thenative
crate, which specifies the "start" language item.no_std
- disable linking to thestd
crate.plugin
- load a list of named crates as compiler plugins, e.g.#![plugin(foo, bar)]
. Optional arguments for each plugin, i.e.#![plugin(foo(... args ...))]
, are provided to the plugin's registrar function. Theplugin
feature gate is required to use this attribute.recursion_limit
- Sets the maximum depth for potentially infinitely-recursive compile-time operations like auto-dereference or macro expansion. The default is#![recursion_limit="64"]
.
Module-only attributes
no_implicit_prelude
- disable injectinguse std::prelude::*
in this module.path
- specifies the file to load the module from.#[path="foo.rs"] mod bar;
is equivalent tomod bar { /* contents of foo.rs */ }
. The path is taken relative to the directory that the current module is in.
Function-only attributes
main
- indicates that this function should be passed to the entry point, rather than the function in the crate root namedmain
.plugin_registrar
- mark this function as the registration point for compiler plugins, such as loadable syntax extensions.start
- indicates that this function should be used as the entry point, overriding the "start" language item. See the "start" language item for more details.test
- indicates that this function is a test function, to only be compiled in case of--test
.should_panic
- indicates that this test function should panic, inverting the success condition.cold
- The function is unlikely to be executed, so optimize it (and calls to it) differently.
Static-only attributes
thread_local
- on astatic mut
, this signals that the value of this static may change depending on the current thread. The exact consequences of this are implementation-defined.
FFI attributes
On an extern
block, the following attributes are interpreted:
link_args
- specify arguments to the linker, rather than just the library name and type. This is feature gated and the exact behavior is implementation-defined (due to variety of linker invocation syntax).link
- indicate that a native library should be linked to for the declarations in this block to be linked correctly.link
supports an optionalkind
key with three possible values:dylib
,static
, andframework
. See external blocks for more about external blocks. Two examples:#[link(name = "readline")]
and#[link(name = "CoreFoundation", kind = "framework")]
.linked_from
- indicates what native library this block of FFI items is coming from. This attribute is of the form#[linked_from = "foo"]
wherefoo
is the name of a library in either#[link]
or a-l
flag. This attribute is currently required to export symbols from a Rust dynamic library on Windows, and it is feature gated behind thelinked_from
feature.
On declarations inside an extern
block, the following attributes are
interpreted:
link_name
- the name of the symbol that this function or static should be imported as.linkage
- on a static, this specifies the linkage type.
On enum
s:
repr
- on C-like enums, this sets the underlying type used for representation. Takes one argument, which is the primitive type this enum should be represented for, orC
, which specifies that it should be the defaultenum
size of the C ABI for that platform. Note that enum representation in C is undefined, and this may be incorrect when the C code is compiled with certain flags.
On struct
s:
repr
- specifies the representation to use for this struct. Takes a list of options. The currently accepted ones areC
andpacked
, which may be combined.C
will use a C ABI compatible struct layout, andpacked
will remove any padding between fields (note that this is very fragile and may break platforms which require aligned access).
Macro-related attributes
-
macro_use
on amod
— macros defined in this module will be visible in the module's parent, after this module has been included. -
macro_use
on anextern crate
— load macros from this crate. An optional list of names#[macro_use(foo, bar)]
restricts the import to just those macros named. Theextern crate
must appear at the crate root, not insidemod
, which ensures proper function of the$crate
macro variable. -
macro_reexport
on anextern crate
— re-export the named macros. -
macro_export
- export a macro for cross-crate usage. -
no_link
on anextern crate
— even if we load this crate for macros, don't link it into the output.
See the macros section of the book for more information on macro scope.
Miscellaneous attributes
export_name
- on statics and functions, this determines the name of the exported symbol.link_section
- on statics and functions, this specifies the section of the object file that this item's contents will be placed into.no_mangle
- on any item, do not apply the standard name mangling. Set the symbol for this item to its identifier.simd
- on certain tuple structs, derive the arithmetic operators, which lower to the target's SIMD instructions, if any; thesimd
feature gate is necessary to use this attribute.unsafe_destructor_blind_to_params
- onDrop::drop
method, asserts that the destructor code (and all potential specializations of that code) will never attempt to read from nor write to any references with lifetimes that come in via generic parameters. This is a constraint we cannot currently express via the type system, and therefore we rely on the programmer to assert that it holds. Adding this to a Drop impl causes the associated destructor to be considered "uninteresting" by the Drop-Check rule, and thus it can help sidestep data ordering constraints that would otherwise be introduced by the Drop-Check rule. Such sidestepping of the constraints, if done incorrectly, can lead to undefined behavior (in the form of reading or writing to data outside of its dynamic extent), and thus this attribute has the word "unsafe" in its name. To use this, theunsafe_destructor_blind_to_params
feature gate must be enabled.unsafe_no_drop_flag
- on structs, remove the flag that prevents destructors from being run twice. Destructors might be run multiple times on the same object with this attribute. To use this, theunsafe_no_drop_flag
feature gate must be enabled.doc
- Doc comments such as/// foo
are equivalent to#[doc = "foo"]
.rustc_on_unimplemented
- Write a custom note to be shown along with the error when the trait is found to be unimplemented on a type. You may use format arguments like{T}
,{A}
to correspond to the types at the point of use corresponding to the type parameters of the trait of the same name.{Self}
will be replaced with the type that is supposed to implement the trait but doesn't. To use this, theon_unimplemented
feature gate must be enabled.
Conditional compilation
Sometimes one wants to have different compiler outputs from the same code, depending on build target, such as targeted operating system, or to enable release builds.
There are two kinds of configuration options, one that is either defined or not
(#[cfg(foo)]
), and the other that contains a string that can be checked
against (#[cfg(bar = "baz")]
). Currently, only compiler-defined configuration
options can have the latter form.
// The function is only included in the build when compiling for OSX
#[cfg(target_os = "macos")]
fn macos_only() {
// ...
}
// This function is only included when either foo or bar is defined
#[cfg(any(foo, bar))]
fn needs_foo_or_bar() {
// ...
}
// This function is only included when compiling for a unixish OS with a 32-bit
// architecture
#[cfg(all(unix, target_pointer_width = "32"))]
fn on_32bit_unix() {
// ...
}
// This function is only included when foo is not defined
#[cfg(not(foo))]
fn needs_not_foo() {
// ...
}
This illustrates some conditional compilation can be achieved using the
#[cfg(...)]
attribute. any
, all
and not
can be used to assemble
arbitrarily complex configurations through nesting.
The following configurations must be defined by the implementation:
debug_assertions
- Enabled by default when compiling without optimizations. This can be used to enable extra debugging code in development but not in production. For example, it controls the behavior of the standard library'sdebug_assert!
macro.target_arch = "..."
- Target CPU architecture, such as"x86"
,"x86_64"
"mips"
,"powerpc"
,"arm"
, or"aarch64"
.target_endian = "..."
- Endianness of the target CPU, either"little"
or"big"
.target_env = ".."
- An option provided by the compiler by default describing the runtime environment of the target platform. Some examples of this aremusl
for builds targeting the MUSL libc implementation,msvc
for Windows builds targeting MSVC, andgnu
frequently the rest of the time. This option may also be blank on some platforms.target_family = "..."
- Operating system family of the target, e. g."unix"
or"windows"
. The value of this configuration option is defined as a configuration itself, likeunix
orwindows
.target_os = "..."
- Operating system of the target, examples include"windows"
,"macos"
,"ios"
,"linux"
,"android"
,"freebsd"
,"dragonfly"
,"bitrig"
,"openbsd"
or"netbsd"
.target_pointer_width = "..."
- Target pointer width in bits. This is set to"32"
for targets with 32-bit pointers, and likewise set to"64"
for 64-bit pointers.target_vendor = "..."
- Vendor of the target, for exampleapple
,pc
, or simply"unknown"
.test
- Enabled when compiling the test harness (using the--test
flag).unix
- Seetarget_family
.windows
- Seetarget_family
.
You can also set another attribute based on a cfg
variable with cfg_attr
:
#[cfg_attr(a, b)]
Will be the same as #[b]
if a
is set by cfg
, and nothing otherwise.
Lint check attributes
A lint check names a potentially undesirable coding pattern, such as unreachable code or omitted documentation, for the static entity to which the attribute applies.
For any lint check C
:
allow(C)
overrides the check forC
so that violations will go unreported,deny(C)
signals an error after encountering a violation ofC
,forbid(C)
is the same asdeny(C)
, but also forbids changing the lint level afterwards,warn(C)
warns about violations ofC
but continues compilation.
The lint checks supported by the compiler can be found via rustc -W help
,
along with their default settings. Compiler
plugins can provide additional lint checks.
mod m1 {
// Missing documentation is ignored here
#[allow(missing_docs)]
pub fn undocumented_one() -> i32 { 1 }
// Missing documentation signals a warning here
#[warn(missing_docs)]
pub fn undocumented_too() -> i32 { 2 }
// Missing documentation signals an error here
#[deny(missing_docs)]
pub fn undocumented_end() -> i32 { 3 }
}
This example shows how one can use allow
and warn
to toggle a particular
check on and off:
#[warn(missing_docs)]
mod m2{
#[allow(missing_docs)]
mod nested {
// Missing documentation is ignored here
pub fn undocumented_one() -> i32 { 1 }
// Missing documentation signals a warning here,
// despite the allow above.
#[warn(missing_docs)]
pub fn undocumented_two() -> i32 { 2 }
}
// Missing documentation signals a warning here
pub fn undocumented_too() -> i32 { 3 }
}
This example shows how one can use forbid
to disallow uses of allow
for
that lint check:
#[forbid(missing_docs)]
mod m3 {
// Attempting to toggle warning signals an error here
#[allow(missing_docs)]
/// Returns 2.
pub fn undocumented_too() -> i32 { 2 }
}
Language items
Some primitive Rust operations are defined in Rust code, rather than being
implemented directly in C or assembly language. The definitions of these
operations have to be easy for the compiler to find. The lang
attribute
makes it possible to declare these operations. For example, the str
module
in the Rust standard library defines the string equality function:
#[lang = "str_eq"]
pub fn eq_slice(a: &str, b: &str) -> bool {
// details elided
}
The name str_eq
has a special meaning to the Rust compiler, and the presence
of this definition means that it will use this definition when generating calls
to the string equality function.
The set of language items is currently considered unstable. A complete list of the built-in language items will be added in the future.
Inline attributes
The inline attribute suggests that the compiler should place a copy of the function or static in the caller, rather than generating code to call the function or access the static where it is defined.
The compiler automatically inlines functions based on internal heuristics. Incorrectly inlining functions can actually make the program slower, so it should be used with care.
#[inline]
and #[inline(always)]
always cause the function to be serialized
into the crate metadata to allow cross-crate inlining.
There are three different types of inline attributes:
#[inline]
hints the compiler to perform an inline expansion.#[inline(always)]
asks the compiler to always perform an inline expansion.#[inline(never)]
asks the compiler to never perform an inline expansion.
derive
The derive
attribute allows certain traits to be automatically implemented
for data structures. For example, the following will create an impl
for the
PartialEq
and Clone
traits for Foo
, the type parameter T
will be given
the PartialEq
or Clone
constraints for the appropriate impl
:
#[derive(PartialEq, Clone)]
struct Foo<T> {
a: i32,
b: T
}
The generated impl
for PartialEq
is equivalent to
# struct Foo<T> { a: i32, b: T }
impl<T: PartialEq> PartialEq for Foo<T> {
fn eq(&self, other: &Foo<T>) -> bool {
self.a == other.a && self.b == other.b
}
fn ne(&self, other: &Foo<T>) -> bool {
self.a != other.a || self.b != other.b
}
}
Compiler Features
Certain aspects of Rust may be implemented in the compiler, but they're not necessarily ready for every-day use. These features are often of "prototype quality" or "almost production ready", but may not be stable enough to be considered a full-fledged language feature.
For this reason, Rust recognizes a special crate-level attribute of the form:
#![feature(feature1, feature2, feature3)]
This directive informs the compiler that the feature list: feature1
,
feature2
, and feature3
should all be enabled. This is only recognized at a
crate-level, not at a module-level. Without this directive, all features are
considered off, and using the features will result in a compiler error.
The currently implemented features of the reference compiler are:
-
advanced_slice_patterns
- See the match expressions section for discussion; the exact semantics of slice patterns are subject to change, so some types are still unstable. -
slice_patterns
- OK, actually, slice patterns are just scary and completely unstable. -
asm
- Theasm!
macro provides a means for inline assembly. This is often useful, but the exact syntax for this feature along with its semantics are likely to change, so this macro usage must be opted into. -
associated_consts
- Allows constants to be defined inimpl
andtrait
blocks, so that they can be associated with a type or trait in a similar manner to methods and associated types. -
box_patterns
- Allowsbox
patterns, the exact semantics of which is subject to change. -
box_syntax
- Allows use ofbox
expressions, the exact semantics of which is subject to change. -
cfg_target_vendor
- Allows conditional compilation using thetarget_vendor
matcher which is subject to change. -
concat_idents
- Allows use of theconcat_idents
macro, which is in many ways insufficient for concatenating identifiers, and may be removed entirely for something more wholesome. -
custom_attribute
- Allows the usage of attributes unknown to the compiler so that new attributes can be added in a backwards compatible manner (RFC 572). -
custom_derive
- Allows the use of#[derive(Foo,Bar)]
as sugar for#[derive_Foo] #[derive_Bar]
, which can be user-defined syntax extensions. -
intrinsics
- Allows use of the "rust-intrinsics" ABI. Compiler intrinsics are inherently unstable and no promise about them is made. -
lang_items
- Allows use of the#[lang]
attribute. Likeintrinsics
, lang items are inherently unstable and no promise about them is made. -
link_args
- This attribute is used to specify custom flags to the linker, but usage is strongly discouraged. The compiler's usage of the system linker is not guaranteed to continue in the future, and if the system linker is not used then specifying custom flags doesn't have much meaning. -
link_llvm_intrinsics
– Allows linking to LLVM intrinsics via#[link_name="llvm.*"]
. -
linkage
- Allows use of thelinkage
attribute, which is not portable. -
log_syntax
- Allows use of thelog_syntax
macro attribute, which is a nasty hack that will certainly be removed. -
main
- Allows use of the#[main]
attribute, which changes the entry point into a Rust program. This capability is subject to change. -
macro_reexport
- Allows macros to be re-exported from one crate after being imported from another. This feature was originally designed with the sole use case of the Rust standard library in mind, and is subject to change. -
non_ascii_idents
- The compiler supports the use of non-ascii identifiers, but the implementation is a little rough around the edges, so this can be seen as an experimental feature for now until the specification of identifiers is fully fleshed out. -
no_std
- Allows the#![no_std]
crate attribute, which disables the implicitextern crate std
. This typically requires use of the unstable APIs behind the libstd "facade", such as libcore and libcollections. It may also cause problems when using syntax extensions, including#[derive]
. -
on_unimplemented
- Allows the#[rustc_on_unimplemented]
attribute, which allows trait definitions to add specialized notes to error messages when an implementation was expected but not found. -
optin_builtin_traits
- Allows the definition of default and negative trait implementations. Experimental. -
plugin
- Usage of compiler plugins for custom lints or syntax extensions. These depend on compiler internals and are subject to change. -
plugin_registrar
- Indicates that a crate provides compiler plugins. -
quote
- Allows use of thequote_*!
family of macros, which are implemented very poorly and will likely change significantly with a proper implementation. -
rustc_attrs
- Gates internal#[rustc_*]
attributes which may be for internal use only or have meaning added to them in the future. -
rustc_diagnostic_macros
- A mysterious feature, used in the implementation of rustc, not meant for mortals. -
simd
- Allows use of the#[simd]
attribute, which is overly simple and not the SIMD interface we want to expose in the long term. -
simd_ffi
- Allows use of SIMD vectors in signatures for foreign functions. The SIMD interface is subject to change. -
start
- Allows use of the#[start]
attribute, which changes the entry point into a Rust program. This capability, especially the signature for the annotated function, is subject to change. -
thread_local
- The usage of the#[thread_local]
attribute is experimental and should be seen as unstable. This attribute is used to declare astatic
as being unique per-thread leveraging LLVM's implementation which works in concert with the kernel loader and dynamic linker. This is not necessarily available on all platforms, and usage of it is discouraged. -
trace_macros
- Allows use of thetrace_macros
macro, which is a nasty hack that will certainly be removed. -
unboxed_closures
- Rust's new closure design, which is currently a work in progress feature with many known bugs. -
unsafe_no_drop_flag
- Allows use of the#[unsafe_no_drop_flag]
attribute, which removes hidden flag added to a type that implements theDrop
trait. The design for theDrop
flag is subject to change, and this feature may be removed in the future. -
unmarked_api
- Allows use of items within a#![staged_api]
crate which have not been marked with a stability marker. Such items should not be allowed by the compiler to exist, so if you need this there probably is a compiler bug. -
visible_private_types
- Allows public APIs to expose otherwise private types, e.g. as the return type of a public function. This capability may be removed in the future. -
allow_internal_unstable
- Allowsmacro_rules!
macros to be tagged with the#[allow_internal_unstable]
attribute, designed to allowstd
macros to call#[unstable]
/feature-gated functionality internally without imposing on callers (i.e. making them behave like function calls in terms of encapsulation). -
default_type_parameter_fallback
- Allows type parameter defaults to influence type inference.
-
braced_empty_structs
- Allows use of empty structs and enum variants with braces.
If a feature is promoted to a language feature, then all existing programs will
start to receive compilation warnings about #![feature]
directives which enabled
the new feature (because the directive is no longer necessary). However, if a
feature is decided to be removed from the language, errors will be issued (if
there isn't a parser error first). The directive in this case is no longer
necessary, and it's likely that existing code will break if the feature isn't
removed.
If an unknown feature is found in a directive, it results in a compiler error. An unknown feature is one which has never been recognized by the compiler.
Statements and expressions
Rust is primarily an expression language. This means that most forms of value-producing or effect-causing evaluation are directed by the uniform syntax category of expressions. Each kind of expression can typically nest within each other kind of expression, and rules for evaluation of expressions involve specifying both the value produced by the expression and the order in which its sub-expressions are themselves evaluated.
In contrast, statements in Rust serve mostly to contain and explicitly sequence expression evaluation.
Statements
A statement is a component of a block, which is in turn a component of an outer expression or function.
Rust has two kinds of statement: declaration statements and expression statements.
Declaration statements
A declaration statement is one that introduces one or more names into the enclosing statement block. The declared names may denote new variables or new items.
Item declarations
An item declaration statement has a syntactic form identical to an item declaration within a module. Declaring an item — a function, enumeration, struct, type, static, trait, implementation or module — locally within a statement block is simply a way of restricting its scope to a narrow region containing all of its uses; it is otherwise identical in meaning to declaring the item outside the statement block.
Note
: there is no implicit capture of the function's dynamic environment when declaring a function-local item.
let
statements
A let
statement introduces a new set of variables, given by a pattern. The
pattern may be followed by a type annotation, and/or an initializer expression.
When no type annotation is given, the compiler will infer the type, or signal
an error if insufficient type information is available for definite inference.
Any variables introduced by a variable declaration are visible from the point of
declaration until the end of the enclosing block scope.
Expression statements
An expression statement is one that evaluates an expression
and ignores its result. The type of an expression statement e;
is always
()
, regardless of the type of e
. As a rule, an expression statement's
purpose is to trigger the effects of evaluating its expression.
Expressions
An expression may have two roles: it always produces a value, and it may have effects (otherwise known as "side effects"). An expression evaluates to a value, and has effects during evaluation. Many expressions contain sub-expressions (operands). The meaning of each kind of expression dictates several things:
- Whether or not to evaluate the sub-expressions when evaluating the expression
- The order in which to evaluate the sub-expressions
- How to combine the sub-expressions' values to obtain the value of the expression
In this way, the structure of expressions dictates the structure of execution. Blocks are just another kind of expression, so blocks, statements, expressions, and blocks again can recursively nest inside each other to an arbitrary depth.
Lvalues, rvalues and temporaries
Expressions are divided into two main categories: lvalues and rvalues. Likewise within each expression, sub-expressions may occur in lvalue context or rvalue context. The evaluation of an expression depends both on its own category and the context it occurs within.
An lvalue is an expression that represents a memory location. These expressions
are paths (which refer to local variables, function and
method arguments, or static variables), dereferences (*expr
), indexing
expressions (expr[expr]
), and field
references (expr.f
). All other expressions are rvalues.
The left operand of an assignment or compound-assignment expression is an lvalue context, as is the single operand of a unary borrow. The discriminant or subject of a match expression may be an lvalue context, if ref bindings are made, but is otherwise an rvalue context. All other expression contexts are rvalue contexts.
When an lvalue is evaluated in an lvalue context, it denotes a memory location; when evaluated in an rvalue context, it denotes the value held in that memory location.
Temporary lifetimes
When an rvalue is used in an lvalue context, a temporary un-named lvalue is created and used instead. The lifetime of temporary values is typically the innermost enclosing statement; the tail expression of a block is considered part of the statement that encloses the block.
When a temporary rvalue is being created that is assigned into a let
declaration, however, the temporary is created with the lifetime of
the enclosing block instead, as using the enclosing statement (the
let
declaration) would be a guaranteed error (since a pointer to the
temporary would be stored into a variable, but the temporary would be
freed before the variable could be used). The compiler uses simple
syntactic rules to decide which values are being assigned into a let
binding, and therefore deserve a longer temporary lifetime.
Here are some examples:
let x = foo(&temp())
. The expressiontemp()
is an rvalue. As it is being borrowed, a temporary is created which will be freed after the innermost enclosing statement (thelet
declaration, in this case).let x = temp().foo()
. This is the same as the previous example, except that the value oftemp()
is being borrowed via autoref on a method-call. Here we are assuming thatfoo()
is an&self
method defined in some trait, sayFoo
. In other words, the expressiontemp().foo()
is equivalent toFoo::foo(&temp())
.let x = &temp()
. Here, the same temporary is being assigned intox
, rather than being passed as a parameter, and hence the temporary's lifetime is considered to be the enclosing block.let x = SomeStruct { foo: &temp() }
. As in the previous case, the temporary is assigned into a struct which is then assigned into a binding, and hence it is given the lifetime of the enclosing block.let x = [ &temp() ]
. As in the previous case, the temporary is assigned into an array which is then assigned into a binding, and hence it is given the lifetime of the enclosing block.let ref x = temp()
. In this case, the temporary is created using a ref binding, but the result is the same: the lifetime is extended to the enclosing block.
Moved and copied types
When a local variable is used as an
rvalue, the variable will be copied
if its type implements Copy
. All others are moved.
Literal expressions
A literal expression consists of one of the literal forms described earlier. It directly describes a number, character, string, boolean value, or the unit value.
(); // unit type
"hello"; // string type
'5'; // character type
5; // integer type
Path expressions
A path used as an expression context denotes either a local variable or an item. Path expressions are lvalues.
Tuple expressions
Tuples are written by enclosing zero or more comma-separated expressions in parentheses. They are used to create tuple-typed values.
(0.0, 4.5);
("a", 4usize, true);
You can disambiguate a single-element tuple from a value in parentheses with a comma:
(0,); // single-element tuple
(0); // zero in parentheses
Struct expressions
There are several forms of struct expressions. A struct expression consists of the path of a struct item, followed by a brace-enclosed list of one or more comma-separated name-value pairs, providing the field values of a new instance of the struct. A field name can be any identifier, and is separated from its value expression by a colon. The location denoted by a struct field is mutable if and only if the enclosing struct is mutable.
A tuple struct expression consists of the path of a struct item, followed by a parenthesized list of one or more comma-separated expressions (in other words, the path of a struct item followed by a tuple expression). The struct item must be a tuple struct item.
A unit-like struct expression consists only of the path of a struct item.
The following are examples of struct expressions:
# struct Point { x: f64, y: f64 }
# struct TuplePoint(f64, f64);
# mod game { pub struct User<'a> { pub name: &'a str, pub age: u32, pub score: usize } }
# struct Cookie; fn some_fn<T>(t: T) {}
Point {x: 10.0, y: 20.0};
TuplePoint(10.0, 20.0);
let u = game::User {name: "Joe", age: 35, score: 100_000};
some_fn::<Cookie>(Cookie);
A struct expression forms a new value of the named struct type. Note that for a given unit-like struct type, this will always be the same value.
A struct expression can terminate with the syntax ..
followed by an
expression to denote a functional update. The expression following ..
(the
base) must have the same struct type as the new struct type being formed.
The entire expression denotes the result of constructing a new struct (with
the same type as the base expression) with the given values for the fields that
were explicitly specified and the values in the base expression for all other
fields.
# struct Point3d { x: i32, y: i32, z: i32 }
let base = Point3d {x: 1, y: 2, z: 3};
Point3d {y: 0, z: 10, .. base};
Block expressions
A block expression is similar to a module in terms of the declarations that are possible. Each block conceptually introduces a new namespace scope. Use items can bring new names into scopes and declared items are in scope for only the block itself.
A block will execute each statement sequentially, and then execute the
expression (if given). If the block ends in a statement, its value is ()
:
let x: () = { println!("Hello."); };
If it ends in an expression, its value and type are that of the expression:
let x: i32 = { println!("Hello."); 5 };
assert_eq!(5, x);
Method-call expressions
A method call consists of an expression followed by a single dot, an
identifier, and a parenthesized expression-list. Method calls are resolved to
methods on specific traits, either statically dispatching to a method if the
exact self
-type of the left-hand-side is known, or dynamically dispatching if
the left-hand-side expression is an indirect trait object.
Field expressions
A field expression consists of an expression followed by a single dot and an identifier, when not immediately followed by a parenthesized expression-list (the latter is a method call expression). A field expression denotes a field of a struct.
mystruct.myfield;
foo().x;
(Struct {a: 10, b: 20}).a;
A field access is an lvalue referring to the value of that field. When the type providing the field inherits mutability, it can be assigned to.
Also, if the type of the expression to the left of the dot is a pointer, it is automatically dereferenced as many times as necessary to make the field access possible. In cases of ambiguity, we prefer fewer autoderefs to more.
Array expressions
An array expression is written by enclosing zero or more comma-separated expressions of uniform type in square brackets.
In the [expr ';' expr]
form, the expression after the ';'
must be a
constant expression that can be evaluated at compile time, such as a
literal or a static item.
[1, 2, 3, 4];
["a", "b", "c", "d"];
[0; 128]; // array with 128 zeros
[0u8, 0u8, 0u8, 0u8];
Index expressions
Array-typed expressions can be indexed by writing a square-bracket-enclosed expression (the index) after them. When the array is mutable, the resulting lvalue can be assigned to.
Indices are zero-based, and may be of any integral type. Vector access is bounds-checked at compile-time for constant arrays being accessed with a constant index value. Otherwise a check will be performed at run-time that will put the thread in a panicked state if it fails.
([1, 2, 3, 4])[0];
let x = (["a", "b"])[10]; // compiler error: const index-expr is out of bounds
let n = 10;
let y = (["a", "b"])[n]; // panics
let arr = ["a", "b"];
arr[10]; // panics
Also, if the type of the expression to the left of the brackets is a pointer, it is automatically dereferenced as many times as necessary to make the indexing possible. In cases of ambiguity, we prefer fewer autoderefs to more.
Range expressions
The ..
operator will construct an object of one of the std::ops::Range
variants.
1..2; // std::ops::Range
3..; // std::ops::RangeFrom
..4; // std::ops::RangeTo
..; // std::ops::RangeFull
The following expressions are equivalent.
let x = std::ops::Range {start: 0, end: 10};
let y = 0..10;
assert_eq!(x, y);
Unary operator expressions
Rust defines the following unary operators. They are all written as prefix operators, before the expression they apply to.
-
-
- Negation. May only be applied to numeric types.
-
*
- Dereference. When applied to a pointer it denotes the
pointed-to location. For pointers to mutable locations, the resulting
lvalue can be assigned to.
On non-pointer types, it calls the
deref
method of thestd::ops::Deref
trait, or thederef_mut
method of thestd::ops::DerefMut
trait (if implemented by the type and required for an outer expression that will or could mutate the dereference), and produces the result of dereferencing the&
or&mut
borrowed pointer returned from the overload method.
-
!
- Logical negation. On the boolean type, this flips between
true
andfalse
. On integer types, this inverts the individual bits in the two's complement representation of the value.
-
&
and&mut
- Borrowing. When applied to an lvalue, these operators produce a
reference (pointer) to the lvalue. The lvalue is also placed into
a borrowed state for the duration of the reference. For a shared
borrow (
&
), this implies that the lvalue may not be mutated, but it may be read or shared again. For a mutable borrow (&mut
), the lvalue may not be accessed in any way until the borrow expires. If the&
or&mut
operators are applied to an rvalue, a temporary value is created; the lifetime of this temporary value is defined by syntactic rules.
Binary operator expressions
Binary operators expressions are given in terms of operator precedence.
Arithmetic operators
Binary arithmetic expressions are syntactic sugar for calls to built-in traits,
defined in the std::ops
module of the std
library. This means that
arithmetic operators can be overridden for user-defined types. The default
meaning of the operators on standard types is given here.
-
+
- Addition and array/string concatenation.
Calls the
add
method on thestd::ops::Add
trait.
-
-
- Subtraction.
Calls the
sub
method on thestd::ops::Sub
trait.
-
*
- Multiplication.
Calls the
mul
method on thestd::ops::Mul
trait.
-
/
- Quotient.
Calls the
div
method on thestd::ops::Div
trait.
-
%
- Remainder.
Calls the
rem
method on thestd::ops::Rem
trait.
Bitwise operators
Like the arithmetic operators, bitwise operators are
syntactic sugar for calls to methods of built-in traits. This means that
bitwise operators can be overridden for user-defined types. The default
meaning of the operators on standard types is given here. Bitwise &
, |
and
^
applied to boolean arguments are equivalent to logical &&
, ||
and !=
evaluated in non-lazy fashion.
-
&
- Bitwise AND.
Calls the
bitand
method of thestd::ops::BitAnd
trait.
-
|
- Bitwise inclusive OR.
Calls the
bitor
method of thestd::ops::BitOr
trait.
-
^
- Bitwise exclusive OR.
Calls the
bitxor
method of thestd::ops::BitXor
trait.
-
<<
- Left shift.
Calls the
shl
method of thestd::ops::Shl
trait.
-
>>
- Right shift (arithmetic).
Calls the
shr
method of thestd::ops::Shr
trait.
Lazy boolean operators
The operators ||
and &&
may be applied to operands of boolean type. The
||
operator denotes logical 'or', and the &&
operator denotes logical
'and'. They differ from |
and &
in that the right-hand operand is only
evaluated when the left-hand operand does not already determine the result of
the expression. That is, ||
only evaluates its right-hand operand when the
left-hand operand evaluates to false
, and &&
only when it evaluates to
true
.
Comparison operators
Comparison operators are, like the arithmetic operators, and bitwise operators, syntactic sugar for calls to built-in traits. This means that comparison operators can be overridden for user-defined types. The default meaning of the operators on standard types is given here.
-
==
- Equal to.
Calls the
eq
method on thestd::cmp::PartialEq
trait.
-
!=
- Unequal to.
Calls the
ne
method on thestd::cmp::PartialEq
trait.
-
<
- Less than.
Calls the
lt
method on thestd::cmp::PartialOrd
trait.
-
>
- Greater than.
Calls the
gt
method on thestd::cmp::PartialOrd
trait.
-
<=
- Less than or equal.
Calls the
le
method on thestd::cmp::PartialOrd
trait.
-
>=
- Greater than or equal.
Calls the
ge
method on thestd::cmp::PartialOrd
trait.
Type cast expressions
A type cast expression is denoted with the binary operator as
.
Executing an as
expression casts the value on the left-hand side to the type
on the right-hand side.
An example of an as
expression:
# fn sum(values: &[f64]) -> f64 { 0.0 }
# fn len(values: &[f64]) -> i32 { 0 }
fn average(values: &[f64]) -> f64 {
let sum: f64 = sum(values);
let size: f64 = len(values) as f64;
sum / size
}
Some of the conversions which can be done through the as
operator
can also be done implicitly at various points in the program, such as
argument passing and assignment to a let
binding with an explicit
type. Implicit conversions are limited to "harmless" conversions that
do not lose information and which have minimal or no risk of
surprising side-effects on the dynamic execution semantics.
Assignment expressions
An assignment expression consists of an
lvalue expression followed by an equals
sign (=
) and an rvalue expression.
Evaluating an assignment expression either copies or moves its right-hand operand to its left-hand operand.
# let mut x = 0;
# let y = 0;
x = y;
Compound assignment expressions
The +
, -
, *
, /
, %
, &
, |
, ^
, <<
, and >>
operators may be
composed with the =
operator. The expression lval OP= val
is equivalent to
lval = lval OP val
. For example, x = x + 1
may be written as x += 1
.
Any such expression always has the unit
type.
Operator precedence
The precedence of Rust binary operators is ordered as follows, going from strong to weak:
as
* / %
+ -
<< >>
&
^
|
== != < > <= >=
&&
||
= ..
Operators at the same precedence level are evaluated left-to-right. Unary operators have the same precedence level and are stronger than any of the binary operators.
Grouped expressions
An expression enclosed in parentheses evaluates to the result of the enclosed expression. Parentheses can be used to explicitly specify evaluation order within an expression.
An example of a parenthesized expression:
let x: i32 = (2 + 3) * 4;
Call expressions
A call expression invokes a function, providing zero or more input variables and an optional location to move the function's output into. If the function eventually returns, then the expression completes.
Some examples of call expressions:
# fn add(x: i32, y: i32) -> i32 { 0 }
let x: i32 = add(1i32, 2i32);
let pi: Result<f32, _> = "3.14".parse();
Lambda expressions
A lambda expression (sometimes called an "anonymous function expression")
defines a function and denotes it as a value, in a single expression. A lambda
expression is a pipe-symbol-delimited (|
) list of identifiers followed by an
expression.
A lambda expression denotes a function that maps a list of parameters
(ident_list
) onto the expression that follows the ident_list
. The
identifiers in the ident_list
are the parameters to the function. These
parameters' types need not be specified, as the compiler infers them from
context.
Lambda expressions are most useful when passing functions as arguments to other functions, as an abbreviation for defining and capturing a separate function.
Significantly, lambda expressions capture their environment, which regular
function definitions do not. The exact type of capture depends
on the function type inferred for the lambda expression. In
the simplest and least-expensive form (analogous to a || { }
expression),
the lambda expression captures its environment by reference, effectively
borrowing pointers to all outer variables mentioned inside the function.
Alternately, the compiler may infer that a lambda expression should copy or
move values (depending on their type) from the environment into the lambda
expression's captured environment.
In this example, we define a function ten_times
that takes a higher-order
function argument, and we then call it with a lambda expression as an argument:
fn ten_times<F>(f: F) where F: Fn(i32) {
for index in 0..10 {
f(index);
}
}
ten_times(|j| println!("hello, {}", j));
Infinite loops
A loop
expression denotes an infinite loop.
A loop
expression may optionally have a label. The label is written as
a lifetime preceding the loop expression, as in 'foo: loop{ }
. If a
label is present, then labeled break
and continue
expressions nested
within this loop may exit out of this loop or return control to its head.
See break expressions and continue
expressions.
break
expressions
A break
expression has an optional label. If the label is absent, then
executing a break
expression immediately terminates the innermost loop
enclosing it. It is only permitted in the body of a loop. If the label is
present, then break 'foo
terminates the loop with label 'foo
, which need not
be the innermost label enclosing the break
expression, but must enclose it.
continue
expressions
A continue
expression has an optional label. If the label is absent, then
executing a continue
expression immediately terminates the current iteration
of the innermost loop enclosing it, returning control to the loop head. In
the case of a while
loop, the head is the conditional expression controlling
the loop. In the case of a for
loop, the head is the call-expression
controlling the loop. If the label is present, then continue 'foo
returns
control to the head of the loop with label 'foo
, which need not be the
innermost label enclosing the break
expression, but must enclose it.
A continue
expression is only permitted in the body of a loop.
while
loops
A while
loop begins by evaluating the boolean loop conditional expression.
If the loop conditional expression evaluates to true
, the loop body block
executes and control returns to the loop conditional expression. If the loop
conditional expression evaluates to false
, the while
expression completes.
An example:
let mut i = 0;
while i < 10 {
println!("hello");
i = i + 1;
}
Like loop
expressions, while
loops can be controlled with break
or
continue
, and may optionally have a label. See infinite
loops, break expressions, and
continue expressions for more information.
for
expressions
A for
expression is a syntactic construct for looping over elements provided
by an implementation of std::iter::IntoIterator
.
An example of a for
loop over the contents of an array:
# type Foo = i32;
# fn bar(f: &Foo) { }
# let a = 0;
# let b = 0;
# let c = 0;
let v: &[Foo] = &[a, b, c];
for e in v {
bar(e);
}
An example of a for loop over a series of integers:
# fn bar(b:usize) { }
for i in 0..256 {
bar(i);
}
Like loop
expressions, for
loops can be controlled with break
or
continue
, and may optionally have a label. See infinite
loops, break expressions, and
continue expressions for more information.
if
expressions
An if
expression is a conditional branch in program control. The form of an
if
expression is a condition expression, followed by a consequent block, any
number of else if
conditions and blocks, and an optional trailing else
block. The condition expressions must have type bool
. If a condition
expression evaluates to true
, the consequent block is executed and any
subsequent else if
or else
block is skipped. If a condition expression
evaluates to false
, the consequent block is skipped and any subsequent else if
condition is evaluated. If all if
and else if
conditions evaluate to
false
then any else
block is executed.
match
expressions
A match
expression branches on a pattern. The exact form of matching that
occurs depends on the pattern. Patterns consist of some combination of
literals, destructured arrays or enum constructors, structs and tuples,
variable binding specifications, wildcards (..
), and placeholders (_
). A
match
expression has a head expression, which is the value to compare to
the patterns. The type of the patterns must equal the type of the head
expression.
In a pattern whose head expression has an enum
type, a placeholder (_
)
stands for a single data field, whereas a wildcard ..
stands for all the
fields of a particular variant.
A match
behaves differently depending on whether or not the head expression
is an lvalue or an rvalue. If the head
expression is an rvalue, it is first evaluated into a temporary location, and
the resulting value is sequentially compared to the patterns in the arms until
a match is found. The first arm with a matching pattern is chosen as the branch
target of the match
, any variables bound by the pattern are assigned to local
variables in the arm's block, and control enters the block.
When the head expression is an lvalue, the match does not allocate a temporary location (however, a by-value binding may copy or move from the lvalue). When possible, it is preferable to match on lvalues, as the lifetime of these matches inherits the lifetime of the lvalue, rather than being restricted to the inside of the match.
An example of a match
expression:
let x = 1;
match x {
1 => println!("one"),
2 => println!("two"),
3 => println!("three"),
4 => println!("four"),
5 => println!("five"),
_ => println!("something else"),
}
Patterns that bind variables default to binding to a copy or move of the
matched value (depending on the matched value's type). This can be changed to
bind to a reference by using the ref
keyword, or to a mutable reference using
ref mut
.
Subpatterns can also be bound to variables by the use of the syntax variable @ subpattern
. For example:
let x = 1;
match x {
e @ 1 ... 5 => println!("got a range element {}", e),
_ => println!("anything"),
}
Patterns can also dereference pointers by using the &
, &mut
and box
symbols, as appropriate. For example, these two matches on x: &i32
are
equivalent:
# let x = &3;
let y = match *x { 0 => "zero", _ => "some" };
let z = match x { &0 => "zero", _ => "some" };
assert_eq!(y, z);
Multiple match patterns may be joined with the |
operator. A range of values
may be specified with ...
. For example:
# let x = 2;
let message = match x {
0 | 1 => "not many",
2 ... 9 => "a few",
_ => "lots"
};
Range patterns only work on scalar types (like integers and characters; not
like arrays and structs, which have sub-components). A range pattern may not
be a sub-range of another range pattern inside the same match
.
Finally, match patterns can accept pattern guards to further refine the
criteria for matching a case. Pattern guards appear after the pattern and
consist of a bool-typed expression following the if
keyword. A pattern guard
may refer to the variables bound within the pattern they follow.
# let maybe_digit = Some(0);
# fn process_digit(i: i32) { }
# fn process_other(i: i32) { }
let message = match maybe_digit {
Some(x) if x < 10 => process_digit(x),
Some(x) => process_other(x),
None => panic!()
};
if let
expressions
An if let
expression is semantically identical to an if
expression but in
place of a condition expression it expects a let
statement with a refutable
pattern. If the value of the expression on the right hand side of the let
statement matches the pattern, the corresponding block will execute, otherwise
flow proceeds to the first else
block that follows.
let dish = ("Ham", "Eggs");
// this body will be skipped because the pattern is refuted
if let ("Bacon", b) = dish {
println!("Bacon is served with {}", b);
}
// this body will execute
if let ("Ham", b) = dish {
println!("Ham is served with {}", b);
}
while let
loops
A while let
loop is semantically identical to a while
loop but in place of
a condition expression it expects let
statement with a refutable pattern. If
the value of the expression on the right hand side of the let
statement
matches the pattern, the loop body block executes and control returns to the
pattern matching statement. Otherwise, the while expression completes.
return
expressions
Return expressions are denoted with the keyword return
. Evaluating a return
expression moves its argument into the designated output location for the
current function call, destroys the current function activation frame, and
transfers control to the caller frame.
An example of a return
expression:
fn max(a: i32, b: i32) -> i32 {
if a > b {
return a;
}
return b;
}
Type system
Types
Every variable, item and value in a Rust program has a type. The type of a value defines the interpretation of the memory holding it.
Built-in types and type-constructors are tightly integrated into the language, in nontrivial ways that are not possible to emulate in user-defined types. User-defined types have limited capabilities.
Primitive types
The primitive types are the following:
- The boolean type
bool
with valuestrue
andfalse
. - The machine types (integer and floating-point).
- The machine-dependent integer types.
Machine types
The machine types are the following:
-
The unsigned word types
u8
,u16
,u32
andu64
, with values drawn from the integer intervals [0, 2^8 - 1], [0, 2^16 - 1], [0, 2^32 - 1] and [0, 2^64 - 1] respectively. -
The signed two's complement word types
i8
,i16
,i32
andi64
, with values drawn from the integer intervals [-(2^(7)), 2^7 - 1], [-(2^(15)), 2^15 - 1], [-(2^(31)), 2^31 - 1], [-(2^(63)), 2^63 - 1] respectively. -
The IEEE 754-2008
binary32
andbinary64
floating-point types:f32
andf64
, respectively.
Machine-dependent integer types
The usize
type is an unsigned integer type with the same number of bits as the
platform's pointer type. It can represent every memory address in the process.
The isize
type is a signed integer type with the same number of bits as the
platform's pointer type. The theoretical upper bound on object and array size
is the maximum isize
value. This ensures that isize
can be used to calculate
differences between pointers into an object or array and can address every byte
within an object along with one byte past the end.
Textual types
The types char
and str
hold textual data.
A value of type char
is a Unicode scalar value (i.e. a code point that
is not a surrogate), represented as a 32-bit unsigned word in the 0x0000 to
0xD7FF or 0xE000 to 0x10FFFF range. A [char]
array is effectively an UCS-4 /
UTF-32 string.
A value of type str
is a Unicode string, represented as an array of 8-bit
unsigned bytes holding a sequence of UTF-8 code points. Since str
is of
unknown size, it is not a first-class type, but can only be instantiated
through a pointer type, such as &str
.
Tuple types
A tuple type is a heterogeneous product of other types, called the elements of the tuple. It has no nominal name and is instead structurally typed.
Tuple types and values are denoted by listing the types or values of their elements, respectively, in a parenthesized, comma-separated list.
Because tuple elements don't have a name, they can only be accessed by
pattern-matching or by using N
directly as a field to access the
N
th element.
An example of a tuple type and its use:
type Pair<'a> = (i32, &'a str);
let p: Pair<'static> = (10, "ten");
let (a, b) = p;
assert_eq!(a, 10);
assert_eq!(b, "ten");
assert_eq!(p.0, 10);
assert_eq!(p.1, "ten");
For historical reasons and convenience, the tuple type with no elements (()
)
is often called ‘unit’ or ‘the unit type’.
Array, and Slice types
Rust has two different types for a list of items:
[T; N]
, an 'array'&[T]
, a 'slice'
An array has a fixed size, and can be allocated on either the stack or the heap.
A slice is a 'view' into an array. It doesn't own the data it points to, it borrows it.
Examples:
// A stack-allocated array
let array: [i32; 3] = [1, 2, 3];
// A heap-allocated array
let vector: Vec<i32> = vec![1, 2, 3];
// A slice into an array
let slice: &[i32] = &vector[..];
As you can see, the vec!
macro allows you to create a Vec<T>
easily. The
vec!
macro is also part of the standard library, rather than the language.
All in-bounds elements of arrays and slices are always initialized, and access to an array or slice is always bounds-checked.
Struct types
A struct
type is a heterogeneous product of other types, called the
fields of the type.5
New instances of a struct
can be constructed with a struct
expression.
The memory layout of a struct
is undefined by default to allow for compiler
optimizations like field reordering, but it can be fixed with the
#[repr(...)]
attribute. In either case, fields may be given in any order in
a corresponding struct expression; the resulting struct
value will always
have the same memory layout.
The fields of a struct
may be qualified by visibility
modifiers, to allow access to data in a
struct outside a module.
A tuple struct type is just like a struct type, except that the fields are anonymous.
A unit-like struct type is like a struct type, except that it has no fields. The one value constructed by the associated struct expression is the only value that inhabits such a type.
Enumerated types
An enumerated type is a nominal, heterogeneous disjoint union type, denoted
by the name of an enum
item. 6
An enum
item declares both the type and a number of variant
constructors, each of which is independently named and takes an optional tuple
of arguments.
New instances of an enum
can be constructed by calling one of the variant
constructors, in a call expression.
Any enum
value consumes as much memory as the largest variant constructor for
its corresponding enum
type.
Enum types cannot be denoted structurally as types, but must be denoted by
named reference to an enum
item.
Recursive types
Nominal types — enumerations and
structs — may be recursive. That is, each enum
constructor or struct
field may refer, directly or indirectly, to the
enclosing enum
or struct
type itself. Such recursion has restrictions:
- Recursive types must include a nominal type in the recursion (not mere type definitions, or other structural types such as arrays or tuples).
- A recursive
enum
item must have at least one non-recursive constructor (in order to give the recursion a basis case). - The size of a recursive type must be finite; in other words the recursive fields of the type must be pointer types.
- Recursive type definitions can cross module boundaries, but not module visibility boundaries, or crate boundaries (in order to simplify the module system and type checker).
An example of a recursive type and its use:
enum List<T> {
Nil,
Cons(T, Box<List<T>>)
}
let a: List<i32> = List::Cons(7, Box::new(List::Cons(13, Box::new(List::Nil))));
Pointer types
All pointers in Rust are explicit first-class values. They can be copied, stored into data structs, and returned from functions. There are two varieties of pointer in Rust:
-
- References (
&
) - These point to memory owned by some other value.
A reference type is written
&type
, or&'a type
when you need to specify an explicit lifetime. Copying a reference is a "shallow" operation: it involves only copying the pointer itself. Releasing a reference has no effect on the value it points to, but a reference of a temporary value will keep it alive during the scope of the reference itself.
- References (
-
- Raw pointers (
*
) - Raw pointers are pointers without safety or liveness guarantees.
Raw pointers are written as
*const T
or*mut T
, for example*const i32
means a raw pointer to a 32-bit integer. Copying or dropping a raw pointer has no effect on the lifecycle of any other value. Dereferencing a raw pointer or converting it to any other pointer type is anunsafe
operation. Raw pointers are generally discouraged in Rust code; they exist to support interoperability with foreign code, and writing performance-critical or low-level functions.
- Raw pointers (
The standard library contains additional 'smart pointer' types beyond references and raw pointers.
Function types
The function type constructor fn
forms new function types. A function type
consists of a possibly-empty set of function-type modifiers (such as unsafe
or extern
), a sequence of input types and an output type.
An example of a fn
type:
fn add(x: i32, y: i32) -> i32 {
return x + y;
}
let mut x = add(5,7);
type Binop = fn(i32, i32) -> i32;
let bo: Binop = add;
x = bo(5,7);
Function types for specific items
Internal to the compiler, there are also function types that are specific to a particular
function item. In the following snippet, for example, the internal types of the functions
foo
and bar
are different, despite the fact that they have the same signature:
fn foo() { }
fn bar() { }
The types of foo
and bar
can both be implicitly coerced to the fn
pointer type fn()
. There is currently no syntax for unique fn types,
though the compiler will emit a type like fn() {foo}
in error
messages to indicate "the unique fn type for the function foo
".
Closure types
A lambda expression produces a closure value with a unique, anonymous type that cannot be written out.
Depending on the requirements of the closure, its type implements one or more of the closure traits:
-
FnOnce
- The closure can be called once. A closure called as
FnOnce
can move out values from its environment.
-
FnMut
- The closure can be called multiple times as mutable. A closure called as
FnMut
can mutate values from its environment.FnMut
inherits fromFnOnce
(i.e. anything implementingFnMut
also implementsFnOnce
).
-
Fn
- The closure can be called multiple times through a shared reference.
A closure called as
Fn
can neither move out from nor mutate values from its environment.Fn
inherits fromFnMut
, which itself inherits fromFnOnce
.
Trait objects
In Rust, a type like &SomeTrait
or Box<SomeTrait>
is called a trait object.
Each instance of a trait object includes:
- a pointer to an instance of a type
T
that implementsSomeTrait
- a virtual method table, often just called a vtable, which contains, for
each method of
SomeTrait
thatT
implements, a pointer toT
's implementation (i.e. a function pointer).
The purpose of trait objects is to permit "late binding" of methods. A call to a method on a trait object is only resolved to a vtable entry at compile time. The actual implementation for each vtable entry can vary on an object-by-object basis.
Note that for a trait object to be instantiated, the trait must be object-safe. Object safety rules are defined in RFC 255.
Given a pointer-typed expression E
of type &T
or Box<T>
, where T
implements trait R
, casting E
to the corresponding pointer type &R
or
Box<R>
results in a value of the trait object R
. This result is
represented as a pair of pointers: the vtable pointer for the T
implementation of R
, and the pointer value of E
.
An example of a trait object:
trait Printable {
fn stringify(&self) -> String;
}
impl Printable for i32 {
fn stringify(&self) -> String { self.to_string() }
}
fn print(a: Box<Printable>) {
println!("{}", a.stringify());
}
fn main() {
print(Box::new(10) as Box<Printable>);
}
In this example, the trait Printable
occurs as a trait object in both the
type signature of print
, and the cast expression in main
.
Type parameters
Within the body of an item that has type parameter declarations, the names of its type parameters are types:
fn to_vec<A: Clone>(xs: &[A]) -> Vec<A> {
if xs.is_empty() {
return vec![];
}
let first: A = xs[0].clone();
let mut rest: Vec<A> = to_vec(&xs[1..]);
rest.insert(0, first);
rest
}
Here, first
has type A
, referring to to_vec
's A
type parameter; and rest
has type Vec<A>
, a vector with element type A
.
Self types
The special type Self
has a meaning within traits and impls. In a trait definition, it refers
to an implicit type parameter representing the "implementing" type. In an impl,
it is an alias for the implementing type. For example, in:
trait Printable {
fn make_string(&self) -> String;
}
impl Printable for String {
fn make_string(&self) -> String {
(*self).clone()
}
}
The notation &self
is a shorthand for self: &Self
. In this case,
in the impl, Self
refers to the value of type String
that is the
receiver for a call to the method make_string
.
Subtyping
Subtyping is implicit and can occur at any stage in type checking or inference. Subtyping in Rust is very restricted and occurs only due to variance with respect to lifetimes and between types with higher ranked lifetimes. If we were to erase lifetimes from types, then the only subtyping would be due to type equality.
Consider the following example: string literals always have 'static
lifetime. Nevertheless, we can assign s
to t
:
fn bar<'a>() {
let s: &'static str = "hi";
let t: &'a str = s;
}
Since 'static
"lives longer" than 'a
, &'static str
is a subtype of
&'a str
.
Type coercions
Coercions are defined in RFC401. A coercion is implicit and has no syntax.
Coercion sites
A coercion can only occur at certain coercion sites in a program; these are typically places where the desired type is explicit or can be derived by propagation from explicit types (without type inference). Possible coercion sites are:
-
let
statements where an explicit type is given.For example,
128
is coerced to have typei8
in the following:let _: i8 = 128;
-
static
andconst
statements (similar tolet
statements). -
Arguments for function calls
The value being coerced is the actual parameter, and it is coerced to the type of the formal parameter.
For example,
128
is coerced to have typei8
in the following:fn bar(_: i8) { } fn main() { bar(128); }
-
Instantiations of struct or variant fields
For example,
128
is coerced to have typei8
in the following:struct Foo { x: i8 } fn main() { Foo { x: 128 }; }
-
Function results, either the final line of a block if it is not semicolon-terminated or any expression in a
return
statementFor example,
128
is coerced to have typei8
in the following:fn foo() -> i8 { 128 }
If the expression in one of these coercion sites is a coercion-propagating expression, then the relevant sub-expressions in that expression are also coercion sites. Propagation recurses from these new coercion sites. Propagating expressions and their relevant sub-expressions are:
-
Array literals, where the array has type
[U; n]
. Each sub-expression in the array literal is a coercion site for coercion to typeU
. -
Array literals with repeating syntax, where the array has type
[U; n]
. The repeated sub-expression is a coercion site for coercion to typeU
. -
Tuples, where a tuple is a coercion site to type
(U_0, U_1, ..., U_n)
. Each sub-expression is a coercion site to the respective type, e.g. the zeroth sub-expression is a coercion site to typeU_0
. -
Parenthesized sub-expressions (
(e)
): if the expression has typeU
, then the sub-expression is a coercion site toU
. -
Blocks: if a block has type
U
, then the last expression in the block (if it is not semicolon-terminated) is a coercion site toU
. This includes blocks which are part of control flow statements, such asif
/else
, if the block has a known type.
Coercion types
Coercion is allowed between the following types:
-
T
toU
ifT
is a subtype ofU
(reflexive case) -
T_1
toT_3
whereT_1
coerces toT_2
andT_2
coerces toT_3
(transitive case)Note that this is not fully supported yet
-
&mut T
to&T
-
*mut T
to*const T
-
&T
to*const T
-
&mut T
to*mut T
-
&T
to&U
ifT
implementsDeref<Target = U>
. For example:use std::ops::Deref; struct CharContainer { value: char } impl Deref for CharContainer { type Target = char; fn deref<'a>(&'a self) -> &'a char { &self.value } } fn foo(arg: &char) {} fn main() { let x = &mut CharContainer { value: 'y' }; foo(x); //&mut CharContainer is coerced to &char. }
-
&mut T
to&mut U
ifT
implementsDerefMut<Target = U>
. -
TyCtor(
T
) to TyCtor(coerce_inner(T
)), where TyCtor(T
) is one of&T
&mut T
*const T
*mut T
Box<T>
and where
- coerce_inner(
[T, ..n]
) =[T]
- coerce_inner(
T
) =U
whereT
is a concrete type which implements the traitU
.
In the future, coerce_inner will be recursively extended to tuples and structs. In addition, coercions from sub-traits to super-traits will be added. See RFC401 for more details.
Special traits
Several traits define special evaluation behavior.
The Copy
trait
The Copy
trait changes the semantics of a type implementing it. Values whose
type implements Copy
are copied rather than moved upon assignment.
The Sized
trait
The Sized
trait indicates that the size of this type is known at compile-time.
The Drop
trait
The Drop
trait provides a destructor, to be run whenever a value of this type
is to be destroyed.
The Deref
trait
The Deref<Target = U>
trait allows a type to implicitly implement all the methods
of the type U
. When attempting to resolve a method call, the compiler will search
the top-level type for the implementation of the called method. If no such method is
found, .deref()
is called and the compiler continues to search for the method
implementation in the returned type U
.
Memory model
A Rust program's memory consists of a static set of items and a heap. Immutable portions of the heap may be safely shared between threads, mutable portions may not be safely shared, but several mechanisms for effectively-safe sharing of mutable values, built on unsafe code but enforcing a safe locking discipline, exist in the standard library.
Allocations in the stack consist of variables, and allocations in the heap consist of boxes.
Memory allocation and lifetime
The items of a program are those functions, modules and types that have their value calculated at compile-time and stored uniquely in the memory image of the rust process. Items are neither dynamically allocated nor freed.
The heap is a general term that describes boxes. The lifetime of an allocation in the heap depends on the lifetime of the box values pointing to it. Since box values may themselves be passed in and out of frames, or stored in the heap, heap allocations may outlive the frame they are allocated within.
Memory ownership
When a stack frame is exited, its local allocations are all released, and its references to boxes are dropped.
Variables
A variable is a component of a stack frame, either a named function parameter, an anonymous temporary, or a named local variable.
A local variable (or stack-local allocation) holds a value directly, allocated within the stack's memory. The value is a part of the stack frame.
Local variables are immutable unless declared otherwise like: let mut x = ...
.
Function parameters are immutable unless declared with mut
. The mut
keyword
applies only to the following parameter (so |mut x, y|
and fn f(mut x: Box<i32>, y: Box<i32>)
declare one mutable variable x
and one immutable
variable y
).
Methods that take either self
or Box<Self>
can optionally place them in a
mutable variable by prefixing them with mut
(similar to regular arguments):
trait Changer {
fn change(mut self) -> Self;
fn modify(mut self: Box<Self>) -> Box<Self>;
}
Local variables are not initialized when allocated; the entire frame worth of local variables are allocated at once, on frame-entry, in an uninitialized state. Subsequent statements within a function may or may not initialize the local variables. Local variables can be used only after they have been initialized; this is enforced by the compiler.
Linkage
The Rust compiler supports various methods to link crates together both statically and dynamically. This section will explore the various methods to link Rust crates together, and more information about native libraries can be found in the FFI section of the book.
In one session of compilation, the compiler can generate multiple artifacts
through the usage of either command line flags or the crate_type
attribute.
If one or more command line flags are specified, all crate_type
attributes will
be ignored in favor of only building the artifacts specified by command line.
-
--crate-type=bin
,#[crate_type = "bin"]
- A runnable executable will be produced. This requires that there is amain
function in the crate which will be run when the program begins executing. This will link in all Rust and native dependencies, producing a distributable binary. -
--crate-type=lib
,#[crate_type = "lib"]
- A Rust library will be produced. This is an ambiguous concept as to what exactly is produced because a library can manifest itself in several forms. The purpose of this genericlib
option is to generate the "compiler recommended" style of library. The output library will always be usable by rustc, but the actual type of library may change from time-to-time. The remaining output types are all different flavors of libraries, and thelib
type can be seen as an alias for one of them (but the actual one is compiler-defined). -
--crate-type=dylib
,#[crate_type = "dylib"]
- A dynamic Rust library will be produced. This is different from thelib
output type in that this forces dynamic library generation. The resulting dynamic library can be used as a dependency for other libraries and/or executables. This output type will create*.so
files on linux,*.dylib
files on osx, and*.dll
files on windows. -
--crate-type=staticlib
,#[crate_type = "staticlib"]
- A static system library will be produced. This is different from other library outputs in that the Rust compiler will never attempt to link tostaticlib
outputs. The purpose of this output type is to create a static library containing all of the local crate's code along with all upstream dependencies. The static library is actually a*.a
archive on linux and osx and a*.lib
file on windows. This format is recommended for use in situations such as linking Rust code into an existing non-Rust application because it will not have dynamic dependencies on other Rust code. -
--crate-type=rlib
,#[crate_type = "rlib"]
- A "Rust library" file will be produced. This is used as an intermediate artifact and can be thought of as a "static Rust library". Theserlib
files, unlikestaticlib
files, are interpreted by the Rust compiler in future linkage. This essentially means thatrustc
will look for metadata inrlib
files like it looks for metadata in dynamic libraries. This form of output is used to produce statically linked executables as well asstaticlib
outputs.
Note that these outputs are stackable in the sense that if multiple are
specified, then the compiler will produce each form of output at once without
having to recompile. However, this only applies for outputs specified by the
same method. If only crate_type
attributes are specified, then they will all
be built, but if one or more --crate-type
command line flags are specified,
then only those outputs will be built.
With all these different kinds of outputs, if crate A depends on crate B, then
the compiler could find B in various different forms throughout the system. The
only forms looked for by the compiler, however, are the rlib
format and the
dynamic library format. With these two options for a dependent library, the
compiler must at some point make a choice between these two formats. With this
in mind, the compiler follows these rules when determining what format of
dependencies will be used:
-
If a static library is being produced, all upstream dependencies are required to be available in
rlib
formats. This requirement stems from the reason that a dynamic library cannot be converted into a static format.Note that it is impossible to link in native dynamic dependencies to a static library, and in this case warnings will be printed about all unlinked native dynamic dependencies.
-
If an
rlib
file is being produced, then there are no restrictions on what format the upstream dependencies are available in. It is simply required that all upstream dependencies be available for reading metadata from.The reason for this is that
rlib
files do not contain any of their upstream dependencies. It wouldn't be very efficient for allrlib
files to contain a copy oflibstd.rlib
! -
If an executable is being produced and the
-C prefer-dynamic
flag is not specified, then dependencies are first attempted to be found in therlib
format. If some dependencies are not available in an rlib format, then dynamic linking is attempted (see below). -
If a dynamic library or an executable that is being dynamically linked is being produced, then the compiler will attempt to reconcile the available dependencies in either the rlib or dylib format to create a final product.
A major goal of the compiler is to ensure that a library never appears more than once in any artifact. For example, if dynamic libraries B and C were each statically linked to library A, then a crate could not link to B and C together because there would be two copies of A. The compiler allows mixing the rlib and dylib formats, but this restriction must be satisfied.
The compiler currently implements no method of hinting what format a library should be linked with. When dynamically linking, the compiler will attempt to maximize dynamic dependencies while still allowing some dependencies to be linked in via an rlib.
For most situations, having all libraries available as a dylib is recommended if dynamically linking. For other situations, the compiler will emit a warning if it is unable to determine which formats to link each library with.
In general, --crate-type=bin
or --crate-type=lib
should be sufficient for
all compilation needs, and the other options are just available if more
fine-grained control is desired over the output format of a Rust crate.
Unsafety
Unsafe operations are those that potentially violate the memory-safety guarantees of Rust's static semantics.
The following language level features cannot be used in the safe subset of Rust:
- Dereferencing a raw pointer.
- Reading or writing a mutable static variable.
- Calling an unsafe function (including an intrinsic or foreign function).
Unsafe functions
Unsafe functions are functions that are not safe in all contexts and/or for all
possible inputs. Such a function must be prefixed with the keyword unsafe
and
can only be called from an unsafe
block or another unsafe
function.
Unsafe blocks
A block of code can be prefixed with the unsafe
keyword, to permit calling
unsafe
functions or dereferencing raw pointers within a safe function.
When a programmer has sufficient conviction that a sequence of potentially
unsafe operations is actually safe, they can encapsulate that sequence (taken
as a whole) within an unsafe
block. The compiler will consider uses of such
code safe, in the surrounding context.
Unsafe blocks are used to wrap foreign libraries, make direct use of hardware or implement features not directly present in the language. For example, Rust provides the language features necessary to implement memory-safe concurrency in the language but the implementation of threads and message passing is in the standard library.
Rust's type system is a conservative approximation of the dynamic safety
requirements, so in some cases there is a performance cost to using safe code.
For example, a doubly-linked list is not a tree structure and can only be
represented with reference-counted pointers in safe code. By using unsafe
blocks to represent the reverse links as raw pointers, it can be implemented
with only boxes.
Behavior considered undefined
The following is a list of behavior which is forbidden in all Rust code,
including within unsafe
blocks and unsafe
functions. Type checking provides
the guarantee that these issues are never caused by safe code.
- Data races
- Dereferencing a null/dangling raw pointer
- Reads of undef (uninitialized) memory
- Breaking the pointer aliasing rules with raw pointers (a subset of the rules used by C)
&mut
and&
follow LLVM’s scoped noalias model, except if the&T
contains anUnsafeCell<U>
. Unsafe code must not violate these aliasing guarantees.- Mutating non-mutable data (that is, data reached through a shared reference or
data owned by a
let
binding), unless that data is contained within anUnsafeCell<U>
. - Invoking undefined behavior via compiler intrinsics:
- Indexing outside of the bounds of an object with
std::ptr::offset
(offset
intrinsic), with the exception of one byte past the end which is permitted. - Using
std::ptr::copy_nonoverlapping_memory
(memcpy32
/memcpy64
intrinsics) on overlapping buffers
- Indexing outside of the bounds of an object with
- Invalid values in primitive types, even in private fields/locals:
- Dangling/null references or boxes
- A value other than
false
(0) ortrue
(1) in abool
- A discriminant in an
enum
not included in the type definition - A value in a
char
which is a surrogate or abovechar::MAX
- Non-UTF-8 byte sequences in a
str
- Unwinding into Rust from foreign code or unwinding from Rust into foreign code. Rust's failure system is not compatible with exception handling in other languages. Unwinding must be caught and handled at FFI boundaries.
Behavior not considered unsafe
This is a list of behavior not considered unsafe in Rust terms, but that may be undesired.
- Deadlocks
- Leaks of memory and other resources
- Exiting without calling destructors
- Integer overflow
- Overflow is considered "unexpected" behavior and is always user-error,
unless the
wrapping
primitives are used. In non-optimized builds, the compiler will insert debug checks that panic on overflow, but in optimized builds overflow instead results in wrapped values. See RFC 560 for the rationale and more details.
- Overflow is considered "unexpected" behavior and is always user-error,
unless the
Appendix: Influences
Rust is not a particularly original language, with design elements coming from a wide range of sources. Some of these are listed below (including elements that have since been removed):
- SML, OCaml: algebraic data types, pattern matching, type inference, semicolon statement separation
- C++: references, RAII, smart pointers, move semantics, monomorphization, memory model
- ML Kit, Cyclone: region based memory management
- Haskell (GHC): typeclasses, type families
- Newsqueak, Alef, Limbo: channels, concurrency
- Erlang: message passing, thread failure,
linked thread failure,lightweight concurrency - Swift: optional bindings
- Scheme: hygienic macros
- C#: attributes
- Ruby:
block syntax - NIL, Hermes:
typestate - Unicode Annex #31: identifier and pattern syntax
-
Substitute definitions for the special Unicode productions are provided to the grammar verifier, restricted to ASCII range, when verifying the grammar in this document. ↩︎
-
Non-ASCII characters in identifiers are currently feature gated. This is expected to improve soon. ↩︎
-
This distinction would also exist in an interpreter. Static checks like syntactic analysis, type checking, and lints should happen before the program is executed regardless of when it is executed. ↩︎
-
A crate is somewhat analogous to an assembly in the ECMA-335 CLI model, a library in the SML/NJ Compilation Manager, a unit in the Owens and Flatt module system, or a configuration in Mesa. ↩︎
-
struct
types are analogous tostruct
types in C, the record types of the ML family, or the struct types of the Lisp family. ↩︎ -
The
enum
type is analogous to adata
constructor declaration in ML, or a pick ADT in Limbo. ↩︎