rust/doc/rust.texi
2011-06-28 17:50:06 -07:00

3831 lines
136 KiB
Plaintext

\input texinfo @c -*-texinfo-*-
@c %**start of header
@setfilename rust.info
@settitle Rust Documentation
@setchapternewpage odd
@c %**end of header
@syncodeindex fn cp
@include version.texi
@ifinfo
This manual is for the ``Rust'' programming language.
@uref{http://github.com/graydon/rust}
Version: @gitversion
Copyright 2006-2010 Graydon Hoare
Copyright 2009-2010 Mozilla Foundation
See accompanying LICENSE.txt for terms.
@end ifinfo
@dircategory Programming
@direntry
* rust: (rust). Rust programming language
@end direntry
@titlepage
@title Rust
@subtitle A safe, concurrent, practical language.
@author Graydon Hoare
@author Mozilla Foundation
@page
@vskip 0pt plus 1filll
@uref{http://github.com/graydon/rust}
Version: @gitversion
@sp 2
Copyright @copyright{} 2006-2010 Graydon Hoare
Copyright @copyright{} 2009-2010 Mozilla Foundation
See accompanying LICENSE.txt for terms.
@end titlepage
@everyfooting @| @emph{-- Draft @today --} @|
@ifnottex
@node Top
@top Top
Rust Documentation
@end ifnottex
@menu
* Disclaimer:: Notes on a work in progress.
* Introduction:: Background, intentions, lineage.
* Tutorial:: Gentle introduction to reading Rust code.
* Reference:: Systematic reference of language elements.
* Index:: Index
@end menu
@ifnottex
Complete table of contents
@end ifnottex
@contents
@c ############################################################
@c Disclaimer
@c ############################################################
@node Disclaimer
@chapter Disclaimer
To the reader,
Rust is a work in progress. The language continues to evolve as the design
shifts and is fleshed out in working code. Certain parts work, certain parts
do not, certain parts will be removed or changed.
This manual is a snapshot written in the present tense. Some features
described do not yet exist in working code. Some may be temporary. It
is a @emph{draft}, and we ask that you not take anything you read here
as either definitive or final. The manual is to help you get a sense
of the language and its organization, not to serve as a complete
specification. At least not yet.
If you have suggestions to make, please try to focus them on @emph{reductions}
to the language: possible features that can be combined or omitted. At this
point, every ``additive'' feature we're likely to support is already on the
table. The task ahead involves combining, trimming, and implementing.
@c ############################################################
@c Introduction
@c ############################################################
@node Introduction
@chapter Introduction
@quotation
We have to fight chaos, and the most effective way of doing that is
to prevent its emergence.
@flushright
- Edsger Dijkstra
@end flushright
@end quotation
@sp 2
Rust is a curly-brace, block-structured expression language. It visually
resembles the C language family, but differs significantly in syntactic and
semantic details. Its design is oriented toward concerns of ``programming in
the large'', that is, of creating and maintaining @emph{boundaries} -- both
abstract and operational -- that preserve large-system @emph{integrity},
@emph{availability} and @emph{concurrency}.
It supports a mixture of imperative procedural, concurrent actor, object
oriented and pure functional styles. Rust also supports generic programming
and metaprogramming, in both static and dynamic styles.
@menu
* Goals:: Intentions, motivations.
* Sales Pitch:: A summary for the impatient.
* Influences:: Relationship to past languages.
@end menu
@node Goals
@section Goals
The language design pursues the following goals:
@sp 1
@itemize
@item Compile-time error detection and prevention.
@item Run-time fault tolerance and containment.
@item System building, analysis and maintenance affordances.
@item Clarity and precision of expression.
@item Implementation simplicity.
@item Run-time efficiency.
@item High concurrency.
@end itemize
@sp 1
Note that most of these goals are @emph{engineering} goals, not showcases for
sophisticated language technology. Most of the technology in Rust is
@emph{old} and has been seen decades earlier in other languages.
All new languages are developed in a technological context. Rust's goals arise
from the context of writing large programs that interact with the internet --
both servers and clients -- and are thus much more concerned with
@emph{safety} and @emph{concurrency} than older generations of program. Our
experience is that these two forces do not conflict; rather they drive system
design decisions toward extensive use of @emph{partitioning} and
@emph{statelessness}. Rust aims to make these a more natural part of writing
programs, within the niche of lower-level, practical, resource-conscious
languages.
@page
@node Sales Pitch
@section Sales Pitch
The following comprises a brief ``sales pitch'' overview of the salient
features of Rust, relative to other languages.
@itemize
@sp 1
@item No @code{null} pointers
The initialization state of every slot is statically computed as part of the
typestate system (see below), and requires that all slots are initialized
before use. There is no @code{null} value; uninitialized slots are
uninitialized, and can only be written to, not read.
The common use for @code{null} in other languages -- as a sentinel value -- is
subsumed into the more general facility of disjoint union types. A program
must explicitly model its use of such types.
@sp 1
@item Lightweight tasks with no shared mutable state
Like many @emph{actor} languages, Rust provides an isolation (and concurrency)
model based on lightweight tasks scheduled by the language runtime. These
tasks are very inexpensive and statically unable to mutate one another's local
memory. Breaking the rule of task isolation is only possible by calling
external (C/C++) code.
Inter-task communication is typed, asynchronous and simplex, based on passing
messages over channels to ports. Transmission can be rate-limited or
rate-unlimited. Selection between multiple senders is pseudo-randomized on the
receiver side.
@sp 1
@item Predictable native code, simple runtime
@cindex DWARF
The meaning and cost of every operation within a Rust program is intended to
be easy to model for the reader. The code should not ``surprise'' the
programmer once it has been compiled.
Rust compiles to native code. Rust compilation units are large and the
compilation model is designed around multi-file, whole-library or
whole-program optimization. The compiled units are standard loadable objects
(ELF, PE, Mach-O) containing standard metadata (DWARF) and are compatible with
existing, standard low-level tools (disassemblers, debuggers, profilers,
dynamic loaders).
The Rust runtime library is a small collection of support code for scheduling,
memory management, inter-task communication, reflection and runtime
linkage. This library is written in standard C++ and is quite
straightforward. It presents a simple interface to embeddings. No
research-level virtual machine, JIT or garbage collection technology is
required. It should be relatively easy to adapt a Rust front-end on to many
existing native toolchains.
@sp 1
@item Integrated system-construction facility
The units of compilation of Rust are multi-file amalgamations called
@emph{crates}. A crate is described by a separate, declarative type of source
file that guides the compilation of the crate, its packaging, its versioning,
and its external dependencies. Crates are also the units of distribution and
loading. Significantly: the dependency graph of crates is @emph{acyclic} and
@emph{anonymous}: there is no global namespace for crates, and module-level
recursion cannot cross crate barriers.
Unlike many languages, individual modules do @emph{not} carry all the
mechanisms or restrictions of crates. Modules and crates serve different
roles.
@sp 1
@item Static control over memory allocation, packing and aliasing.
Many values in Rust are allocated @emph{within} their containing stack-frame
or parent structure. Numbers, records, tuples and tags are all allocated this
way. To allocate such values in the heap, they must be explicitly
@emph{boxed}. A @dfn{box} is a pointer to a heap allocation that holds another
value, its @emph{content}.
Boxing and unboxing in Rust is explicit, though in many cases (arithmetic
operations, name-component dereferencing) Rust will automatically ``reach
through'' the box to access its content. Box values can be passed and assigned
independently, like pointers in C; the difference is that in Rust they always
point to live contents, and are not subject to pointer arithmetic.
In addition to boxes, Rust supports a kind of pass-by-reference slot called an
alias. Forming or releasing an alias does not perform reference-count
operations; aliases can only be formed on referents that will provably outlive
the alias, and are therefore only used for passing arguments to
functions. Aliases are not ``general values'', in the sense that they cannot
be independently manipulated. They are more like C++ references, except that
like boxes, aliases are safe: they always point to live values.
In addition, every slot (stack-local allocation or alias) has a static
initialization state that is calculated by the typestate system. This permits
late initialization of slots in functions with complex control-flow, while
still guaranteeing that every use of a slot occurs after it has been
initialized.
@sp 1
@item Static control over mutability and garbage collection.
Types in Rust are classified into @emph{layers}. There is a layer of immutable
values, a layer of state values, and a layer of GC values. By default, all
types are immutable.
If a field within a type is declared as @code{mutable}, then the type is part
of the @code{state} layer and must be declared as such. Any type directly
marked as @code{state} @emph{or indirectly referring to} a state type is also
a state type.
If a field within a type is potentially cyclic (this is a narrow, but
well-defined condition involving mutable recursive types) then it is part of
the @code{gc} layer and must be declared as such.
This classification of data types in Rust interacts with the memory allocation,
transmission and destruction rules. In particular:
@itemize
@item Only immutable values can be sent over channels.
@item Only non-GC objects can have destructor functions.
@end itemize
Garbage collection, when present, operates per-task and does not interrupt
other tasks while running. It is limited to types that need it and can be
statically avoided altogether by limiting the types in a program to the state
and immutable layers.
Non-GC values are reference-counted and have a deterministic destruction
order: top-down, immediately upon release of the last live reference.
State values can refer to non-state values, but not vice-versa; likewise GC
values can refer to non-GC values but not vice-versa. Rust therefore
encourages the programmer to write in a style that consists primarily of
immutable types, but also permits limited, local (per-task) mutability,
and provides local (per-task) GC only when required.
@sp 1
@item Stack-based iterators
Rust provides a type of function-like multiple-invocation iterator that is
very efficient: the iterator state lives only on the stack and is tightly
coupled to the loop that invoked it.
@sp 1
@item Direct interface to C code
Rust can load and call many C library functions simply by declaring
them. Calling a C function is an ``unsafe'' action, and can only be taken
within a block marked with the @code{unsafe} keyword. Every unsafe block
in a Rust compilation unit must be explicitly authorized in the crate file.
@sp 1
@item Structural algebraic data types
The Rust type system is primarily structural, and contains the standard
assortment of useful ``algebraic'' type constructors from functional
languages, such as function types, tuples, record types, vectors, and
nominally-tagged disjoint unions. Such values may be @emph{pattern-matched} in
an @code{alt} expression.
@sp 1
@item Generic code
Rust supports a simple form of parametric polymorphism: functions, iterators,
types and objects can be parametrized by other types.
@sp 1
@item Argument binding
Rust provides a mechanism of partially binding arguments to functions,
producing new functions that accept the remaining un-bound arguments. This
mechanism combines some of the features of lexical closures with some of the
features of currying, in a smaller and simpler package.
@sp 1
@item Local type inference
To save some quantity of programmer key-pressing, Rust supports local type
inference: signatures of functions, objects and iterators always require type
annotation, but within the body of a function or iterator many slots can be
declared @code{auto} and Rust will infer the slot's type from its uses.
@sp 1
@item Structural object system
Rust has a lightweight object system based on structural object types: there
is no ``class hierarchy'' nor any concept of inheritance. Method overriding
and object restriction are performed explicitly on object values, which are
little more than order-insensitive records of methods sharing a common private
value. Objects that reside outside the GC layer can have destructors.
@sp 1
@item Dynamic type
Rust includes support for values of a top type, @code{any}, that can hold any
type of value whatsoever. An @code{any} value is a pair of a type code and a
boxed value of that type. Injection into an @code{any} and projection by
type-case-selection is integrated into the language.
@sp 1
@item Dynamic metaprogramming (reflection)
Rust supports run-time reflection on the structure of a crate, using a
combination of custom descriptor structures and the DWARF metadata tables used
to support crate linkage and other runtime services.
@sp 1
@item Static metaprogramming (syntactic extension)
Rust supports a system for syntactic extensions that can be loaded into the
compiler, to implement user-defined notations, macros, program-generators and
the like. These notations are @emph{marked} using a special form of
bracketing, such that a reader unfamiliar with the extension can still parse
the surrounding text by skipping over the bracketed ``extension text''.
@sp 1
@item Idempotent failure
If a task fails due to a signal, or if it evaluates the special @code{fail}
expression, it enters the @emph{failing} state. A failing task unwinds its
control stack, frees all of its owned resources (executing destructors) and
enters the @emph{dead} state. Failure is idempotent and non-recoverable.
@sp 1
@item Signal handling
Rust has a system for propagating task-failures and other spontaneous
events between tasks. Some signals can be trapped and redirected to
channels; other signals are fatal and result in task-failure. Tasks
can designate other tasks to handle signals for them. This permits
organizing tasks into mutually-supervising or mutually-failing groups.
@sp 1
@item Deterministic destruction
Non-GC objects can have destructor functions, which are executed
deterministically in top-down ownership order, as control frames are exited
and/or objects are otherwise freed from data structures holding them. The same
destructors are run in the same order whether the object is deleted by
unwinding during failure or normal execution.
Similarly, the rules for freeing non-GC values are deterministic and
predictable: on scope-exit or structure-release, local slots are released
immediately. Referenced boxes have their reference count decreased and are
released if the count drops to zero. Aliases are silently forgotten.
GC values are local to a task, and are subject to per-task garbage
collection. As a result, unreferenced GC-layer boxes are not necessarily freed
immediately; if an unreferenced GC box is part of an acyclic graph, it is
freed when the last reference to it drops, but if it is part of a reference
cycle it will be freed when the GC collects it (or when the owning task
terminates, at the latest).
GC values can point to non-GC values but not vice-versa. Doing so merely
delays (to an undefined future time) the moment when the deterministic,
top-down destruction sequence for the referenced non-GC values
@emph{start}. In other words, the non-GC ``leaves'' of a GC value are released
in a locally-predictable order, even if the ``interior'' cyclic part of the GC
value is released in an unpredictable order.
@sp 1
@item Typestate system
Every storage slot in a Rust frame participates in not only a conventional
structural static type system, describing the interpretation of memory in the
slot, but also a @emph{typestate} system. The static typestates of a program
describe the set of @emph{pure, dynamic predicates} that provably hold over
some set of slots, at each point in the program's control-flow graph within
each frame. The static calculation of the typestates of a program is a
function-local dataflow problem, and handles user-defined predicates in a
similar fashion to the way the type system permits user-defined types.
A short way of thinking of this is: types statically model values,
typestates statically model @emph{assertions that hold} before and
after statements and expressions.
@end itemize
@page
@node Influences
@section Influences
@sp 2
@quotation
The essential problem that must be solved in making a fault-tolerant
software system is therefore that of fault-isolation. Different programmers
will write different modules, some modules will be correct, others will have
errors. We do not want the errors in one module to adversely affect the
behaviour of a module which does not have any errors.
@flushright
- Joe Armstrong
@end flushright
@end quotation
@sp 2
@quotation
In our approach, all data is private to some process, and processes can
only communicate through communications channels. @emph{Security}, as used
in this paper, is the property which guarantees that processes in a system
cannot affect each other except by explicit communication.
When security is absent, nothing which can be proven about a single module
in isolation can be guaranteed to hold when that module is embedded in a
system [...]
@flushright
- Robert Strom and Shaula Yemini
@end flushright
@end quotation
@sp 2
@quotation
Concurrent and applicative programming complement each other. The
ability to send messages on channels provides I/O without side effects,
while the avoidance of shared data helps keep concurrent processes from
colliding.
@flushright
- Rob Pike
@end flushright
@end quotation
@sp 2
@page
Rust is not a particularly original language. It may however appear unusual by
contemporary standards, as its design elements are drawn from a number of
``historical'' languages that have, with a few exceptions, fallen out of
favour. Five prominent lineages contribute the most:
@itemize
@sp 1
@item
The NIL (1981) and Hermes (1990) family. These languages were developed by
Robert Strom, Shaula Yemini, David Bacon and others in their group at IBM
Watson Research Center (Yorktown Heights, NY, USA).
@sp 1
@item
The Erlang (1987) language, developed by Joe Armstrong, Robert Virding, Claes
Wikstr@"om, Mike Williams and others in their group at the Ericsson Computer
Science Laboratory (@"Alvsj@"o, Stockholm, Sweden) .
@sp 1
@item
The Sather (1990) language, developed by Stephen Omohundro, Chu-Cheow Lim,
Heinz Schmidt and others in their group at The International Computer Science
Institute of the University of California, Berkeley (Berkeley, CA, USA).
@sp 1
@item
The Newsqueak (1988), Alef (1995), and Limbo (1996) family. These languages
were developed by Rob Pike, Phil Winterbottom, Sean Dorward and others in
their group at Bell labs Computing Sciences Reserch Center (Murray Hill, NJ,
USA).
@sp 1
@item
The Napier (1985) and Napier88 (1988) family. These languages were developed
by Malcolm Atkinson, Ron Morrison and others in their group at the University
of St. Andrews (St. Andrews, Fife, UK).
@end itemize
@sp 1
Additional specific influences can be seen from the following languages:
@itemize
@item The structural algebraic types and compilation manager of SML.
@item The syntax-extension systems of Camlp4 and the Common Lisp readtable.
@item The deterministic destructor system of C++.
@end itemize
@c ############################################################
@c Tutorial
@c ############################################################
@node Tutorial
@chapter Tutorial
@emph{TODO}.
@c ############################################################
@c Reference
@c ############################################################
@node Reference
@chapter Reference
@menu
* Ref.Lex:: Lexical structure.
* Ref.Path:: References to slots and items.
* Ref.Gram:: Grammar.
* Ref.Comp:: Compilation and component model.
* Ref.Mem:: Semantic model of memory.
* Ref.Task:: Semantic model of tasks.
* Ref.Item:: The components of a module.
* Ref.Type:: The types of values held in memory.
* Ref.Typestate:: Predicates that hold at points in time.
* Ref.Stmt:: Components of an executable block.
* Ref.Expr:: Units of execution and evaluation.
* Ref.Run:: Organization of runtime services.
@end menu
@node Ref.Lex
@section Ref.Lex
@c * Ref.Lex:: Lexical structure.
@cindex Lexical structure
@cindex Token
The lexical structure of a Rust source file or crate file is defined in terms
of Unicode character codes and character properties.
Groups of Unicode character codes and characters are organized into
@emph{tokens}. Tokens are defined as the longest contiguous sequence of
characters within the same token type (identifier, keyword, literal, symbol),
or interrupted by ignored characters.
Most tokens in Rust follow rules similar to the C family.
Most tokens (including whitespace, keywords, operators and structural symbols)
are drawn from the ASCII-compatible range of Unicode. Identifiers are drawn
from Unicode characters specified by the @code{XID_start} and
@code{XID_continue} rules given by UAX #31@footnote{Unicode Standard Annex
#31: Unicode Identifier and Pattern Syntax}. String and character literals may
include the full range of Unicode characters.
@emph{TODO: formalize this section much more}.
@menu
* Ref.Lex.Ignore:: Ignored characters.
* Ref.Lex.Ident:: Identifier tokens.
* Ref.Lex.Key:: Keyword tokens.
* Ref.Lex.Res:: Reserved tokens.
* Ref.Lex.Num:: Numeric tokens.
* Ref.Lex.Text:: String and character tokens.
* Ref.Lex.Syntax:: Syntactic extension tokens.
* Ref.Lex.Sym:: Special symbol tokens.
@end menu
@node Ref.Lex.Ignore
@subsection Ref.Lex.Ignore
@c * Ref.Lex.Ignore:: Ignored tokens.
Characters considered to be @emph{whitespace} or @emph{comment} are ignored,
and are not considered as tokens. They serve only to delimit tokens. Rust is
otherwise a free-form language.
@dfn{Whitespace} is any of the following Unicode characters: U+0020 (space),
U+0009 (tab, @code{'\t'}), U+000A (LF, @code{'\n'}), U+000D (CR, @code{'\r'}).
@dfn{Comments} are @emph{single-line comments} or @emph{multi-line comments}.
A @dfn{single-line comment} is any sequence of Unicode characters beginning
with U+002F U+002F (@code{"//"}) and extending to the next U+000A character,
@emph{excluding} cases in which such a sequence occurs within a string literal
token or a syntactic extension token.
A @dfn{multi-line comments} is any sequence of Unicode characters beginning
with U+002F U+002A (@code{"/*"}) and ending with U+002A U+002F (@code{"*/"}),
@emph{excluding} cases in which such a sequence occurs within a string literal
token or a syntactic extension token. Multi-line comments may be nested.
@node Ref.Lex.Ident
@subsection Ref.Lex.Ident
@c * Ref.Lex.Ident:: Identifier tokens.
@cindex Identifier token
Identifiers follow the rules given by Unicode Standard Annex #31, in the form
closed under NFKC normalization, @emph{excluding} those tokens that are
otherwise defined as keywords or reserved
tokens. @xref{Ref.Lex.Key}. @xref{Ref.Lex.Res}.
That is: an identifier starts with any character having derived property
@code{XID_Start} and continues with zero or more characters having derived
property @code{XID_Continue}; and such an identifier is NFKC-normalized during
lexing, such that all subsequent comparison of identifiers is performed on the
NFKC-normalized forms.
@emph{TODO: define relationship between Unicode and Rust versions}.
@footnote{This identifier syntax is a superset of the identifier syntaxes of C
and Java, and is modeled on Python PEP #3131, which formed the definition of
identifiers in Python 3.0 and later.}
@node Ref.Lex.Key
@subsection Ref.Lex.Key
@c * Ref.Lex.Key:: Keyword tokens.
The keywords are:
@cindex Keywords
@sp 2
@multitable @columnfractions .15 .15 .15 .15 .15
@item @code{use}
@tab @code{syntax}
@tab @code{mutable}
@tab @code{native}
@item @code{mod}
@tab @code{import}
@tab @code{export}
@tab @code{let}
@tab @code{auto}
@item @code{state}
@tab @code{gc}
@tab @code{const}
@tab @code{thread}
@item @code{auth}
@tab @code{unsafe}
@tab @code{as}
@tab @code{self}
@tab @code{log}
@item @code{bind}
@tab @code{type}
@tab @code{true}
@tab @code{false}
@tab @code{any}
@item @code{int}
@tab @code{uint}
@tab @code{float}
@tab @code{char}
@tab @code{bool}
@item @code{u8}
@tab @code{u16}
@tab @code{u32}
@tab @code{u64}
@tab @code{f32}
@item @code{i8}
@tab @code{i16}
@tab @code{i32}
@tab @code{i64}
@tab @code{f64}
@item @code{rec}
@tab @code{tup}
@tab @code{tag}
@tab @code{vec}
@tab @code{str}
@item @code{fn}
@tab @code{iter}
@tab @code{pred}
@tab @code{obj}
@tab @code{drop}
@item @code{task}
@tab @code{port}
@tab @code{chan}
@tab @code{spawn}
@tab @code{with}
@item @code{if}
@tab @code{else}
@tab @code{alt}
@tab @code{case}
@tab @code{in}
@item @code{do}
@tab @code{while}
@tab @code{break}
@tab @code{cont}
@tab @code{note}
@item @code{assert}
@tab @code{claim}
@tab @code{check}
@tab @code{prove}
@tab @code{fail}
@item @code{for}
@tab @code{each}
@tab @code{ret}
@tab @code{put}
@tab @code{be}
@end multitable
@node Ref.Lex.Res
@subsection Ref.Lex.Res
@c * Ref.Lex.Res:: Reserved tokens.
The reserved tokens are:
@cindex Reserved
@sp 2
@multitable @columnfractions .15 .15 .15 .15 .15
@item @code{f16}
@tab @code{f80}
@tab @code{f128}
@item @code{m32}
@tab @code{m64}
@tab @code{m128}
@tab @code{dec}
@end multitable
@sp 2
At present these tokens have no defined meaning in the Rust language.
These tokens may correspond, in some current or future implementation,
to additional built-in types for decimal floating-point, extended
binary and interchange floating-point formats, as defined in the IEEE
754-1985 and IEEE 754-2008 specifications.
@node Ref.Lex.Num
@subsection Ref.Lex.Num
@c * Ref.Lex.Num:: Numeric tokens.
@cindex Number token
@cindex Hex token
@cindex Decimal token
@cindex Binary token
@cindex Floating-point token
@c FIXME: This discussion isn't quite right since 'f' and 'i' can be used as
@c suffixes
A @dfn{number literal} is either an @emph{integer literal} or a
@emph{floating-point literal}.
@sp 1
An @dfn{integer literal} has one of three forms:
@enumerate
@item A @dfn{decimal literal} starts with a @emph{decimal digit} and continues
with any mixture of @emph{decimal digits} and @emph{underscores}.
@item A @dfn{hex literal} starts with the character sequence U+0030
U+0078 (@code{"0x"}) and continues as any mixture @emph{hex digits}
and @emph{underscores}.
@item A @dfn{binary literal} starts with the character sequence U+0030
U+0062 (@code{"0b"}) and continues as any mixture @emph{binary digits}
and @emph{underscores}.
@end enumerate
By default, an integer literal is of type @code{int}. An integer literal may
be followed (immediately, without any spaces) by a @dfn{integer suffix}, which
changes the type of the literal. There are three kinds of integer literal
suffix:
@enumerate
@item The @code{u} suffix gives the literal type @code{uint}.
@item The @code{g} suffix gives the literal type @code{big}.
@item Each of the signed and unsigned machine types @code{u8}, @code{i8},
@code{u16}, @code{i16}, @code{u32}, @code{i32}, @code{u64} and @code{i64}
give the literal the corresponding machine type.
@end enumerate
@sp 1
A @dfn{floating-point literal} has one of two forms:
@enumerate
@item Two @emph{decimal literals} separated by a period
character U+002E ('.'), with an optional @emph{exponent} trailing after the
second @emph{decimal literal}.
@item A single @emph{decimal literal} followed by an @emph{exponent}.
@end enumerate
By default, a floating-point literal is of type @code{float}. A floating-point
literal may be followed (immediately, without any spaces) by a
@dfn{floating-point suffix}, which changes the type of the literal. There are
only two floating-point suffixes: @code{f32} and @code{f64}. Each of these
gives the floating point literal the associated type, rather than
@code{float}.
A set of suffixes are also reserved to accommodate literal support for
types corresponding to reserved tokens. The reserved suffixes are @code{f16},
@code{f80}, @code{f128}, @code{m}, @code{m32}, @code{m64} and @code{m128}.
@sp 1
A @dfn{hex digit} is either a @emph{decimal digit} or else a character in the
ranges U+0061-U+0066 and U+0041-U+0046 (@code{'a'}-@code{'f'},
@code{'A'}-@code{'F'}).
A @dfn{binary digit} is either the character U+0030 or U+0031 (@code{'0'} or
@code{'1'}).
An @dfn{exponent} begins with either of the characters U+0065 or U+0045
(@code{'e'} or @code{'E'}), followed by an optional @emph{sign character},
followed by a trailing @emph{decimal literal}.
A @dfn{sign character} is either U+002B or U+002D (@code{'+'} or @code{'-'}).
Examples of integer literals of various forms:
@example
123; // type int
123u; // type uint
123_u; // type uint
0xff00; // type int
0xffu8; // type u8
0b1111_1111_1001_0000_i32; // type i32
0xffff_ffff_ffff_ffff_ffff_ffffg; // type big
@end example
Examples of floating-point literals of various forms:
@example
123.0; // type float
0.1; // type float
0.1f32; // type f32
12E+99_f64; // type f64
@end example
@node Ref.Lex.Text
@subsection Ref.Lex.Text
@c * Ref.Lex.Key:: String and character tokens.
@cindex String token
@cindex Character token
@cindex Escape sequence
@cindex Unicode
A @dfn{character literal} is a single Unicode character enclosed within two
U+0027 (single-quote) characters, with the exception of U+0027 itself, which
must be @emph{escaped} by a preceding U+005C character ('\').
A @dfn{string literal} is a sequence of any Unicode characters enclosed
within two U+0022 (double-quote) characters, with the exception of U+0022
itself, which must be @emph{escaped} by a preceding U+005C character
('\').
Some additional @emph{escapes} are available in either character or string
literals. An escape starts with a U+005C ('\') and continues with one
of the following forms:
@itemize
@item An @dfn{8-bit codepoint escape} escape starts with U+0078 ('x') and is
followed by exactly two @dfn{hex digits}. It denotes the Unicode codepoint
equal to the provided hex value.
@item A @dfn{16-bit codepoint escape} starts with U+0075 ('u') and is followed
by exactly four @dfn{hex digits}. It denotes the Unicode codepoint equal to
the provided hex value.
@item A @dfn{32-bit codepoint escape} starts with U+0055 ('U') and is followed
by exactly eight @dfn{hex digits}. It denotes the Unicode codepoint equal to
the provided hex value.
@item A @dfn{whitespace escape} is one of the characters U+006E, U+0072, or
U+0074, denoting the unicode values U+000A (LF), U+000D (CR) or U+0009 (HT)
respectively.
@item The @dfn{backslash escape} is the character U+005C ('\') which must be
escaped in order to denote @emph{itself}.
@end itemize
@node Ref.Lex.Syntax
@subsection Ref.Lex.Syntax
@c * Ref.Lex.Syntax:: Syntactic extension tokens.
Syntactic extensions are marked with the @emph{pound} sigil U+0023 (@code{#}),
followed by a qualified name of a compile-time imported module item, an
optional parenthesized list of @emph{parsed expressions}, and an optional
brace-enclosed region of free-form text (with brace-matching and
brace-escaping used to determine the limit of the
region). @xref{Ref.Comp.Syntax}.
@emph{TODO: formalize those terms more}.
@node Ref.Lex.Sym
@subsection Ref.Lex.Sym
@c * Ref.Lex.Sym:: Special symbol tokens.
@cindex Symbol
@cindex Operator
The special symbols are:
@sp 2
@multitable @columnfractions .1 .1 .1 .1 .1 .1
@item @code{@@}
@tab @code{_}
@item @code{#}
@tab @code{:}
@tab @code{.}
@tab @code{;}
@tab @code{,}
@item @code{[}
@tab @code{]}
@tab @code{@{}
@tab @code{@}}
@tab @code{(}
@tab @code{)}
@item @code{=}
@tab @code{<-}
@tab @code{<|}
@tab @code{<+}
@tab @code{->}
@item @code{+}
@tab @code{++}
@tab @code{+=}
@tab @code{-}
@tab @code{--}
@tab @code{-=}
@item @code{*}
@tab @code{/}
@tab @code{%}
@tab @code{*=}
@tab @code{/=}
@tab @code{%=}
@item @code{&}
@tab @code{|}
@tab @code{!}
@tab @code{~}
@tab @code{^}
@item @code{&=}
@tab @code{|=}
@tab @code{^=}
@tab @code{!=}
@item @code{>>}
@tab @code{>>>}
@tab @code{<<}
@tab @code{<<=}
@tab @code{>>=}
@tab @code{>>>=}
@item @code{<}
@tab @code{<=}
@tab @code{==}
@tab @code{>=}
@tab @code{>}
@item @code{&&}
@tab @code{||}
@end multitable
@page
@page
@node Ref.Path
@section Ref.Path
@c * Ref.Path:: References to slots and items.
@cindex Names of items or slots
@cindex Path name
@cindex Type parameters
A @dfn{path} is a ubiquitous syntactic form in Rust that deserves special
attention. A path denotes a slot or an
item. @xref{Ref.Mem.Slot}. @xref{Ref.Item}. Every slot and item in a Rust
crate has a @emph{canonical path} that refers to it from the crate top-level,
as well as a number of shorter @emph{relative paths} that may also denote it
in inner scopes of the crate. There is no way to define a slot or item without
a canonical path within its crate (with the exception of the crate's implicit
top-level module). Paths have meaning only within a specific
crate. @xref{Ref.Comp.Crate}.
Paths consist of period-separated components. In the simplest form, path
components are identifiers. @xref{Ref.Lex.Ident}.
Two examples of simple paths consisting of only identifier components:
@example
x;
x.y.z;
@end example
Paths fall into two important categories: @emph{names} and
@emph{lvals}.
A @dfn{name} denotes an item, and is statically resolved to its
referent at compile time.
An @dfn{lval} denotes a slot or some component of a value held within a slot,
and is statically resolved at compile time to a sequence of memory operations
and primitive (arithmetic) expressions that will be executed to load or store
the associated value, starting from the task stack frame, at run time.
In some contexts, the Rust grammar accepts a general @emph{path}, but a
subsequent syntactic restriction requires the path to be an lval or a name. In
other words: in some contexts an lval is required (for example, on the left
hand side of the copy operator, @pxref{Ref.Expr.Copy}) and in other contexts a
name is required (for example, as a type parameter, @pxref{Ref.Item}). In no
case is the grammar made ambiguous by accepting a general path and restricting
allowed paths to names or lvals after parsing. These restrictions are noted in
the grammar. @xref{Ref.Gram}.
A name component may include type parameters. Type parameters are denoted by
square brackets. Square brackets are used @emph{only} to denote type
parameters in Rust. If a name component includes a type parameter, the type
parameter must also resolve statically to a type in the environment of the
name. Type parameters are only part of the names of items. @xref{Ref.Item}.
An example of a name with type parameters:
@example
m.map[int,str];
@end example
An lval component may include an indexing operator. Index operators are
enclosed in parentheses and can include any integral expression. Indexing
operators can only be applied to vectors or strings, and imply a run-time
bounds-check. @xref{Ref.Type.Vec}.
An example of an lval with a dynamic indexing operator:
@example
x.y.(1 + v).z;
@end example
@page
@node Ref.Gram
@section Ref.Gram
@c * Ref.Gram:: Grammar.
@emph{TODO: mostly LL(1), it reads like C, Alef and bits of Napier;
formalize here}.
@page
@node Ref.Comp
@section Ref.Comp
@c * Ref.Comp:: Compilation and component model.
@cindex Compilation model
Rust is a @emph{compiled} language. Its semantics are divided along a
@emph{phase distinction} between compile-time and run-time. Those semantic
rules that have a @emph{static interpretation} govern the success or failure
of compilation. A program that fails to compile due to violation of a
compile-time rule has no defined semantics at run-time; the compiler should
halt with an error report, and produce no executable artifact.
The compilation model centres on artifacts called @emph{crates}. Each
compilation is directed towards a single crate in source form, and if
successful produces a single crate in executable form.
@menu
* Ref.Comp.Crate:: Units of compilation and linking.
* Ref.Comp.Meta:: Metadata about a crate.
* Ref.Comp.Syntax:: Syntax extensions.
@end menu
@node Ref.Comp.Crate
@subsection Ref.Comp.Crate
@c * Ref.Comp.Crate:: Units of compilation and linking.
@cindex Crate
A @dfn{crate} is a unit of compilation and linking, as well as versioning,
distribution and runtime loading. Crates are defined by @emph{crate source
files}, which are a type of source file written in a special declarative
language: @emph{crate language}.@footnote{A crate is somewhat analogous to an
@emph{assembly} in the ECMA-335 CLI model, a @emph{library} in the SML/NJ
Compilation Manager, a @emph{unit} in the Owens and Flatt module system, or a
@emph{configuration} in Mesa.} A crate source file describes:
@itemize
@item Metadata about the crate, such as author, name, version, and copyright.
@item The source-file and directory modules that make up the crate.
@item The set of syntax extensions to enable for the crate.
@item Any external crates or native modules that the crate imports to its top level.
@item The organization of the crate's internal namespace.
@item The set of names exported from the crate.
@end itemize
A single crate source file may describe the compilation of a large number of
Rust source files; it is compiled in its entirety, as a single indivisible
unit. The compilation phase attempts to transform a single crate source file,
and its referenced contents, into a single compiled crate. Crate source files
and compiled crates have a 1:1 relationship.
The syntactic form of a crate is a sequence of @emph{directives}, some of
which have nested sub-directives.
A crate defines an implicit top-level anonymous module: within this module,
all members of the crate have canonical path names. @xref{Ref.Path}. The
@code{mod} directives within a crate file specify sub-modules to include in
the crate: these are either directory modules, corresponding to directories in
the filesystem of the compilation environment, or file modules, corresponding
to Rust source files. The names given to such modules in @code{mod} directives
become prefixes of the paths of items and slots defined within any included
Rust source files.
The @code{use} directives within the crate specify @emph{other crates} to scan
for, locate, import into the crate's module namespace during compilation, and
link against at runtime. Use directives may also occur independently in rust
source files. These directives may specify loose or tight ``matching
criteria'' for imported crates, depending on the preferences of the crate
developer. In the simplest case, a @code{use} directive may only specify a
symbolic name and leave the task of locating and binding an appropriate crate
to a compile-time heuristic. In a more controlled case, a @code{use} directive
may specify any metadata as matching criteria, such as a URI, an author name
or version number, a checksum or even a cryptographic signature, in order to
select an an appropriate imported crate. @xref{Ref.Comp.Meta}.
The compiled form of a crate is a loadable and executable object file full of
machine code, in a standard loadable operating-system format such as ELF, PE
or Mach-O. The loadable object contains extensive DWARF metadata, describing:
@itemize
@item Metadata required for type reflection.
@item The publicly exported module structure of the crate.
@item Any metadata about the crate, defined by @code{meta} directives.
@item The crates to dynamically link with at run-time, with matching criteria
derived from the same @code{use} directives that guided compile-time imports.
@end itemize
The @code{syntax} directives of a crate are similar to the @code{use}
directives, except they govern the syntax extension namespace (accessed
through the syntax-extension sigil @code{#}, @pxref{Ref.Comp.Syntax})
available only at compile time. A @code{syntax} directive also makes its
extension available to all subsequent directives in the crate file.
An example of a crate:
@example
// Metadata about this crate
meta (author = "Jane Doe",
name = "projx"
desc = "Project X",
ver = "2.5");
// Import a module.
use std (ver = "1.0");
// Activate a syntax-extension.
syntax re;
// Define some modules.
mod foo = "foo.rs";
mod bar @{
mod quux = "quux.rs";
@}
@end example
@node Ref.Comp.Meta
@subsection Ref.Comp.Meta
@cindex Metadata, in crates
@c FIXME: This section is out of date. The @code{meta} keyword has been replaced
@c by general crate/item attributes.
In a crate, a @code{meta} directive associates free form key-value metadata
with the crate. This metadata can, in turn, be used in providing partial
matching parameters to syntax-extension loading and crate importing
directives, denoted by @code{syntax} and @code{use} keywords respectively.
Alternatively, metadata can serve as a simple form of documentation.
@node Ref.Comp.Syntax
@subsection Ref.Comp.Syntax
@c * Ref.Comp.Syntax:: Syntax extension.
@cindex Syntax extension
Rust provides a notation for @dfn{syntax extension}. The notation is a marked
syntactic form that can appear as an expression, statement or item in the body
of a Rust program, or as a directive in a Rust crate, and which causes the
text enclosed within the marked form to be translated through a named
extension function loaded into the compiler at compile-time.
The compile-time extension function must return a value of the corresponding
Rust AST type, either an expression node, a statement node or an item
node. @footnote{The syntax-extension system is analogous to the extensible
reader system provided by Lisp @emph{readtables}, or the Camlp4 system of
Objective Caml.} @xref{Ref.Lex.Syntax}.
A syntax extension is enabled by a @code{syntax} directive, which must occur
in a crate file. When the Rust compiler encounters a @code{syntax} directive
in a crate file, it immediately loads the named syntax extension, and makes it
available for all subsequent crate directives within the enclosing block scope
of the crate file, and all Rust source files referenced as modules from the
enclosing block scope of the crate file.
For example, this extension might provide a syntax for regular
expression literals:
@example
// In a crate file:
// Requests the 're' syntax extension from the compilation environment.
syntax re;
// Also declares an import dependency on the module 're'.
use re;
// Reference to a Rust source file as a module in the crate.
mod foo = "foo.rs";
@dots{}
// In the source file "foo.rs", use the #re syntax extension and
// the re module at run-time.
let str s = get_string();
let regex pattern = #re.pat@{ aa+b? @};
let bool matched = re.match(pattern, s);
@end example
@page
@node Ref.Mem
@section Ref.Mem
@c * Ref.Mem:: Semantic model of memory.
@cindex Memory model
@cindex Box
@cindex Slot
A Rust task's memory consists of a static set of @emph{items}, a set of tasks
each with its own @emph{stack}, and a @emph{heap}. Immutable portions of the
heap may be shared between tasks, mutable portions may not.
Allocations in the stack consist of @emph{slots}, and allocations in the heap
consist of @emph{boxes}.
@menu
* Ref.Mem.Alloc:: Memory allocation model.
* Ref.Mem.Own:: Memory ownership model.
* Ref.Mem.Slot:: Stack memory model.
* Ref.Mem.Box:: Heap memory model.
* Ref.Mem.Acct:: Memory accounting model.
@end menu
@node Ref.Mem.Alloc
@subsection Ref.Mem.Alloc
@c * Ref.Mem.Alloc:: Memory allocation model.
@cindex Item
@cindex Stack
@cindex Heap
@cindex Shared box
@cindex Task-local box
The @dfn{items} of a program are those functions, iterators, objects, modules
and types that have their value calculated at compile-time and stored uniquely
in the memory image of the rust process. Items are neither dynamically
allocated nor freed.
A task's @dfn{stack} consists of activation frames automatically allocated on
entry to each function as the task executes. A stack allocation is reclaimed
when control leaves the frame containing it.
The @dfn{heap} is a general term that describes two separate sets of boxes:
@emph{task-local} state and GC boxes, and the @emph{shared} immutable boxes.
State and GC boxes are @dfn{task-local}, owned by the task. Like any other
state or GC value, they cannot pass over channels. State and GC boxes do not
outlive the task that owns them. When unreferenced, they are either
immediately destructed (if acyclic) or else collected using a general
(cycle-aware) garbage-collector local to each task. Garbage collection within
a local heap does not interrupt execution of other tasks.
Immutable boxes are @dfn{shared}, and can be multiply-referenced by many
different tasks. Like any other immutable type, they can pass over channels,
and live as long as the last task referencing them within a given domain. When
unreferenced, they are destroyed immediately (due to reference-counting) and
returned to the heap memory allocator. Destruction of an immutable box also
executes within the context of the task that drops the last reference to a
shared heap allocation, so executing a long-running destructor does not
interrupt execution of other tasks.
@node Ref.Mem.Own
@subsection Ref.Mem.Own
@c * Ref.Mem.Own:: Memory ownership model.
@cindex Ownership
A task @emph{owns} all the @emph{stack-local} slot allocations in its stack
and @emph{task-local} boxes accessible from its stack. A task @emph{shares}
ownership of @emph{shared} boxes accessible from its stack. A task does not
own any items.
@dfn{Ownership} of an allocation means that the owning task is the only task
that can access the allocation.
@dfn{Sharing} of an allocation means that the same allocation may be
concurrently read by multiple tasks. The only shared allocations are those
that are non-state.
When a stack frame is exited, its local allocations are all released, and its
references to boxes (both shared and owned) are dropped.
When a task finishes, its stack is necessarily empty and it therefore has no
references to any boxes.
@node Ref.Mem.Slot
@subsection Ref.Mem.Slot
@c * Ref.Mem.Slot:: Stack memory model.
@cindex Stack
@cindex Slot
@cindex Local slot
@cindex Alias slot
A task's stack contains slots.
A @dfn{slot} is a component of a stack frame. A slot is either @emph{local} or
an @emph{alias}.
A @dfn{local} slot (or @emph{stack-local} allocation) holds a value directly,
allocated within the stack's memory. The value is a part of the stack frame.
An @dfn{alias} references a value outside the frame. An alias may refer to a
value allocated in another frame @emph{or} a boxed value in the heap. The
alias-formation rules ensure that the referent of an alias will outlive the
alias.
Local slots are always implicitly mutable.
Local slots are not initialized when allocated; the entire frame worth of
local slots are allocated at once, on frame-entry, in an uninitialized
state. Subsequent statements within a function may or may not initialize the
local slots. Local slots can only be used after they have been initialized;
this condition is guaranteed by the typestate system.
Aliases can @emph{only} be declared as arguments in a function or iterator
signature, bound to the lifetime of a stack frame. Aliases are not general
values and cannot be held in boxed allocations or other general data types.
Alias slots are indicated by the @emph{ampersand} sigil @code{&}.
An example function that accepts an alias parameter:
@example
type point3d = rec(int x, int y, int z);
fn extract_z(&point3d p) -> int @{
ret p.z;
@}
@end example
An example function that accepts an alias to a mutable value:
@example
fn incr(& mutable int i) @{
i = i + 1;
@}
@end example
@node Ref.Mem.Box
@subsection Ref.Mem.Box
@c * Ref.Mem.Box:: Heap memory model.
@cindex Box
@cindex Dereference operator
A @dfn{box} is a reference to a reference-counted heap allocation holding
another value.
Box types and values are constructed by the @emph{at} sigil @code{@@}.
An example of constructing a box type and value:
@example
let @@int x = @@10;
@end example
Some operations implicitly dereference boxes. Examples of such @dfn{implicit
dereference} operations are:
@itemize
@item arithmetic operators (@code{x + y - z})
@item name-component selection (@code{x.y.z})
@end itemize
An example of an implicit-dereference operation performed on box values:
@example
let @@int x = @@10;
let @@int y = @@12;
assert (x + y == 22);
@end example
Other operations act on box values as single-word-sized address values,
automatically adjusting reference counts on the associated heap
allocation. For these operations, to access the value held in the box requires
an explicit dereference of the box value. Explicitly dereferencing a box is
indicated with the unary @emph{star} operator @code{*}. Examples of such
@dfn{explicit dereference} operations are:
@itemize
@item copying box values (@code{x = y})
@item passing box values to functions (@code{f(x,y)})
@end itemize
An example of an explicit-dereference operation performed on box values:
@example
fn takes_boxed(@@int b) @{
@}
fn takes_unboxed(int b) @{
@}
fn main() @{
let @@int x = @@10;
takes_boxed(x);
takes_unboxed(*x);
@}
@end example
@node Ref.Mem.Acct
@subsection Ref.Mem.Acct
@c * Ref.Mem.Acct:: Memory accounting model.
@cindex Domain
@cindex Accounting
@cindex Memory budget
Every task belongs to a domain, and that domain tracks the amount of memory
allocated and not yet released by tasks within it. @xref{Ref.Task.Dom}. Each
domain has a memory budget. The @dfn{budget} of a domain is the maximum amount
of memory that can be simultaneously allocated in the domain. If a task tries
to allocate memory within a domain with an exceeded budget, the task will
receive a signal.
Within a task, accounting is strictly enforced: all memory allocated through
the runtime library, both user data, sub-domains and runtime-support
structures such as channel and signal queues, are charged to a task's domain.
When a communication channel crosses from one domain to another, any value
sent over the channel is guaranteed to have been @emph{detached} from the
domain's memory graph (singly referenced, and/or deep-copied), so its memory
cost is transferred to the receiving domain.
@page
@node Ref.Task
@section Ref.Task
@c * Ref.Task:: Semantic model of tasks.
@cindex Task
@cindex Process
An executing Rust program consists of a tree of tasks. A Rust @dfn{task}
consists of an entry function, a stack, a set of outgoing communication
channels and incoming communication ports, and ownership of some portion of
the heap of a single operating-system process.
Multiple Rust tasks may coexist in a single operating-system
process. Execution of multiple Rust tasks in a single operating-system process
may be either truly concurrent or interleaved by the runtime scheduler. Rust
tasks are lightweight: each consumes less memory than an operating-system
process, and switching between Rust tasks is faster than switching between
operating-system processes.
@menu
* Ref.Task.Comm:: Inter-task communication.
* Ref.Task.Life:: Task lifecycle and state transitions.
* Ref.Task.Dom:: Task domains.
* Ref.Task.Sched:: Task scheduling model.
@end menu
@node Ref.Task.Comm
@subsection Ref.Task.Comm
@c * Ref.Task.Comm:: Inter-task communication.
@cindex Communication
@cindex Port
@cindex Channel
@cindex Message passing
@cindex Send expression
@cindex Receive expression
With the exception of @emph{unsafe} blocks, Rust tasks are isolated from
interfering with one another's memory directly. Instead of manipulating shared
storage, Rust tasks communicate with one another using a typed, asynchronous,
simplex message-passing system.
A @dfn{port} is a communication endpoint that can @emph{receive}
messages. Ports receive messages from channels.
A @dfn{channel} is a communication endpoint that can @emph{send}
messages. Channels send messages to ports.
Each port is implicitly boxed and mutable; as such a port has a unique
per-task identity and cannot be replicated or transmitted. If a port value is
copied, both copies refer to the @emph{same} port. New ports can be
constructed dynamically and stored in data structures.
Each channel is bound to a port when the channel is constructed, so the
destination port for a channel must exist before the channel itself. A channel
cannot be rebound to a different port from the one it was constructed with.
Many channels can be bound to the same port, but each channel is bound to a
single port. In other words, channels and ports exist in an N:1 relationship,
N channels to 1 port. @footnote{It may help to remember nautical terminology
when differentiating channels from ports. Many different waterways --
channels -- may lead to the same port.}
Each port and channel can carry only one type of message. The message type is
encoded as a parameter of the channel or port type. The message type of a
channel is equal to the message type of the port it is bound to.
Messages are sent asynchronously or semi-synchronously. A channel contains a
message queue and asynchronously sending a message merely inserts it into the
sending channel's queue; message receipt is the responsibility of the
receiving task.
Queued messages in channels are charged to the domain of the @emph{sending}
task. If too many messages are queued for transmission from a single sending
task, without being received by a receiving task, the sending task may exceed
its memory budget, which causes a run-time signal. To help control this
possibility, a semi-synchronous send operation is possible, which blocks until
there is room in the existing queue and then executes an asynchronous send.
The asynchronous message-send operator is @code{<+}. The semi-synchronous
message-send operator is @code{<|}. @xref{Ref.Expr.Send}. The message-receive
operator is @code{<-}. @xref{Ref.Expr.Recv}.
@node Ref.Task.Life
@subsection Ref.Task.Life
@c * Ref.Task.Life:: Task lifecycle and state transitions.
@cindex Lifecycle of task
@cindex Scheduling
@cindex Running, task state
@cindex Blocked, task state
@cindex Failing, task state
@cindex Dead, task state
@cindex Soft failure
@cindex Hard failure
The @dfn{lifecycle} of a task consists of a finite set of states and events
that cause transitions between the states. The lifecycle states of a task are:
@itemize
@item running
@item blocked
@item failing
@item dead
@end itemize
A task begins its lifecycle -- once it has been spawned -- in the
@emph{running} state. In this state it executes the statements of its entry
function, and any functions called by the entry function.
A task may transition from the @emph{running} state to the @emph{blocked}
state any time it evaluates a communication expression on a port or channel that
cannot be immediately completed. When the communication expression can be
completed -- when a message arrives at a sender, or a queue drains
sufficiently to complete a semi-synchronous send -- then the blocked task will
unblock and transition back to @emph{running}.
A task may transition to the @emph{failing} state at any time, due to an
un-trapped signal or the evaluation of a @code{fail} expression. Once
@emph{failing}, a task unwinds its stack and transitions to the @emph{dead}
state. Unwinding the stack of a task is done by the task itself, on its own
control stack. If a value with a destructor is freed during unwinding, the
code for the destructor is run, also on the task's control
stack. Running the destructor code causes a temporary transition to a
@emph{running} state, and allows the destructor code to cause any
subsequent state transitions. The original task of unwinding and
failing thereby may suspend temporarily, and may involve (recursive)
unwinding of the stack of a failed destructor. Nonetheless, the
outermost unwinding activity will continue until the stack is unwound
and the task transitions to the @emph{dead} state. There is no way to
``recover'' from task failure. Once a task has temporarily suspended
its unwinding in the @emph{failing} state, failure occurring from
within this destructor results in @emph{hard} failure. The unwinding
procedure of hard failure frees resources but does not execute
destructors. The original (soft) failure is still resumed at the
point where it was temporarily suspended.
A task in the @emph{dead} state cannot transition to other states; it exists
only to have its termination status inspected by other tasks, and/or to await
reclamation when the last reference to it drops.
@node Ref.Task.Dom
@subsection Ref.Task.Dom
@c * Ref.Task.Dom:: Task domains
@cindex Domain
@cindex Process
@cindex Thread
Every task belongs to a domain. A @dfn{domain} is a structure that owns tasks,
schedules tasks, tracks memory allocation within tasks and manages access to
runtime services on behalf of tasks.
Typically each domain runs on a separate operating-system @emph{thread}, or
within an isolated operating-system @emph{process}. An easy way to think of a
domain is as an abstraction over either an operating-system thread @emph{or} a
process.
The key feature of a domain is that it isolates memory references created by
the Rust tasks within it. No Rust task can refer directly to memory outside
its domain.
Tasks can own sub-domains, which in turn own their own tasks. Every domain
owns one @emph{root task}, which is the root of the tree of tasks owned by the
domain.
@node Ref.Task.Sched
@subsection Ref.Task.Sched
@c * Ref.Task.Sched:: Task scheduling model.
@cindex Scheduling
@cindex Preemption
@cindex Yielding control
Every task is @emph{scheduled} within its domain. @xref{Ref.Task.Dom}. The
currently scheduled task is given a finite @emph{time slice} in which to
execute, after which it is @emph{descheduled} at a loop-edge or similar
preemption point, and another task within the domain is scheduled,
pseudo-randomly.
An executing task can @code{yield} control at any time, which deschedules it
immediately. Entering any other non-executing state (blocked, dead) similarly
deschedules the task.
@page
@node Ref.Item
@section Ref.Item
@c * Ref.Item:: The components of a module.
@cindex Item
@cindex Type parameters
@cindex Module item
An @dfn{item} is a component of a module. Items are entirely determined at
compile-time, remain constant during execution, and may reside in read-only
memory.
There are five primary kinds of item: modules, functions, iterators, objects and
type definitions.
All items form an implicit scope for the declaration of sub-items. In other
words, within a function, object or iterator, declarations of items can (in
many cases) be mixed with the statements, control blocks, and similar
artifacts that otherwise compose the item body. The meaning of these scoped
items is the same as if the item was declared outside the scope, except that
the item's @emph{path name} within the module namespace is qualified by the
name of the enclosing item. The exact locations in which sub-items may be
declared is given by the grammar. @xref{Ref.Gram}.
Functions, iterators, objects and type definitions may be @emph{parametrized}
by type. Type parameters are given as a comma-separated list of identifiers
enclosed in square brackets (@code{[]}), after the name of the item and before
its definition. The type parameters of an item are part of the name, not the
type of the item; in order to refer to the type-parametrized item, a
referencing name must in general provide type arguments as a list of
comma-separated types enclosed within square brackets (though the
type-inference system can often infer such argument types from context). There
are no general parametric types.
@menu
* Ref.Item.Mod:: Items defining modules.
* Ref.Item.Fn:: Items defining functions.
* Ref.Item.Pred:: Items defining predicates for typestates.
* Ref.Item.Iter:: Items defining iterators.
* Ref.Item.Obj:: Items defining objects.
* Ref.Item.Type:: Items defining the types of values and slots.
* Ref.Item.Tag:: Items defining the constructors of a tag type.
@end menu
@node Ref.Item.Mod
@subsection Ref.Item.Mod
@c * Ref.Item.Mod:: Items defining sub-modules.
@cindex Module item
@cindex Importing names
@cindex Exporting names
@cindex Visibility control
A @dfn{module item} contains declarations of other @emph{items}. The items
within a module may be functions, modules, objects or types. These
declarations have both static and dynamic interpretation. The purpose of a
module is to organize @emph{names} and control @emph{visibility}. Modules are
declared with the keyword @code{mod}.
An example of a module:
@example
mod math @{
type complex = (f64,f64);
fn sin(f64) -> f64 @{
@dots{}
@}
fn cos(f64) -> f64 @{
@dots{}
@}
fn tan(f64) -> f64 @{
@dots{}
@}
@dots{}
@}
@end example
Modules may also include any number of @dfn{import and export
declarations}. These declarations must precede any module item declarations
within the module, and control the visibility of names both within the module
and outside of it.
@menu
* Ref.Item.Mod.Import:: Declarations for module-local synonyms.
* Ref.Item.Mod.Export:: Declarations for restricting visibility.
@end menu
@node Ref.Item.Mod.Import
@subsubsection Ref.Item.Mod.Import
@c * Ref.Item.Mod.Import:: Declarations for module-local synonyms.
@cindex Importing names
@cindex Visibility control
An @dfn{import declaration} creates one or more local name bindings synonymous
with some other name. Usually an import declaration is used to shorten the
path required to refer to a module item.
@emph{Note}: unlike many languages, Rust's @code{import} declarations do
@emph{not} declare linkage-dependency with external crates. Linkage
dependencies are independently declared with @code{use}
declarations. @xref{Ref.Comp.Crate}.
An example of an import:
@example
import std.math.sin;
fn main() @{
// Equivalent to 'log std.math.sin(1.0);'
log sin(1.0);
@}
@end example
@node Ref.Item.Mod.Export
@subsubsection Ref.Item.Mod.Export
@c * Ref.Item.Mod.Import:: Declarations for restricting visibility.
@cindex Exporting names
@cindex Visibility control
An @dfn{export declaration} restricts the set of local declarations within a
module that can be accessed from code outside the module. By default, all
local declarations in a module are exported. If a module contains an export
declaration, this declaration replaces the default export with the export
specified.
An example of an export:
@example
mod foo @{
export primary;
fn primary() @{
helper(1, 2);
helper(3, 4);
@}
fn helper(int x, int y) @{
@dots{}
@}
@}
fn main() @{
foo.primary(); // Will compile.
foo.helper(2,3) // ERROR: will not compile.
@}
@end example
@node Ref.Item.Fn
@subsection Ref.Item.Fn
@c * Ref.Item.Fn:: Items defining functions.
@cindex Functions
@cindex Slots, function input and output
A @dfn{function item} defines a sequence of statements associated with a name
and a set of parameters. Functions are declared with the keyword
@code{fn}. Functions declare a set of @emph{input slots} as parameters,
through which the caller passes arguments into the function, and an
@emph{output slot} through which the function passes results back to the
caller.
A function may also be copied into a first class @emph{value}, in which case
the value has the corresponding @emph{function type}, and can be used
otherwise exactly as a function item (with a minor additional cost of calling
the function, as such a call is indirect). @xref{Ref.Type.Fn}.
Every control path in a function ends with a @code{ret} or @code{be}
expression or with a diverging expression (described later in this
section). If a control path lacks a @code{ret} expression in source code, an
implicit @code{ret} expression is appended to the end of the control path
during compilation, returning the implicit @code{()} value.
An example of a function:
@example
fn add(int x, int y) -> int @{
ret x + y;
@}
@end example
A special kind of function can be declared with a @code{!} character where the
output slot type would normally be. For example:
@example
fn my_err(str s) -> ! @{
log s;
fail;
@}
@end example
We call such functions ``diverging'' because they never return a value to the
caller. Every control path in a diverging function must end with a @code{fail}
or a call to another diverging function on every control path. The @code{!}
annotation does @emph{not} denote a type. Rather, the result type
of a diverging function is a special type called @math{\bot} (``bottom'') that
unifies with any type. Rust has no syntax for @math{\bot}.
It might be necessary to declare a diverging function because as mentioned
previously, the typechecker checks that every control path in a function ends
with a @code{ret}, @code{be}, or diverging expression. So, if @code{my_err}
were declared without the @code{!} annotation, the following code would not
typecheck:
@example
fn f(int i) -> int @{
if (i == 42) @{
ret 42;
@}
else @{
my_err("Bad number!");
@}
@}
@end example
The typechecker would complain that @code{f} doesn't return a value in the
@code{else} branch. Adding the @code{!} annotation on @code{my_err} would
express that @code{f} requires no explicit @code{ret}, as if it returns
control to the caller, it returns a value (true because it never returns
control).
@node Ref.Item.Pred
@subsection Ref.Item.Pred
@c * Ref.Item.Pred:: Items defining predicates.
@cindex Predicate
Any pure boolean function is called a @emph{predicate}, and may be used
as part of the static typestate system. @xref{Ref.Typestate.Constr}. A
predicate declaration is identical to a function declaration, except that it
is declared with the keyword @code{pred} instead of @code{fn}. In addition,
the typechecker checks the body of a predicate with a restricted set of
typechecking rules. A predicate
@itemize
@item may not contain a @code{put}, @code{send}, @code{recv}, assignment, or
self-call expression; and
@item may only call other predicates, not general functions.
@end itemize
An example of a predicate:
@example
pred lt_42(int x) -> bool @{
ret (x < 42);
@}
@end example
@node Ref.Item.Iter
@subsection Ref.Item.Iter
@c * Ref.Item.Iter:: Items defining iterators.
@cindex Iterators
@cindex Put expression
@cindex Put each expression
@cindex Foreach expression
Iterators are function-like items that can @code{put} multiple values during
their execution before returning or tail-calling.
Putting a value is similar to returning a value -- the argument to @code{put}
is copied into the caller's frame and control transfers back to the caller --
but the iterator frame is only @emph{suspended} during the put, and will be
@emph{resumed} at the point after the @code{put}, on the next iteration of
the caller's loop.
The output type of an iterator is the type of value that the function will
@code{put}, before it eventually evaluates a @code{ret} or @code{be} expression
of type @code{()} and completes its execution.
An iterator can only be called in the loop header of a matching @code{for
each} loop or as the argument in a @code{put each} expression.
@xref{Ref.Expr.Foreach}.
An example of an iterator:
@example
iter range(int lo, int hi) -> int @{
let int i = lo;
while (i < hi) @{
put i;
i = i + 1;
@}
@}
let int sum = 0;
for each (int x in range(0,100)) @{
sum += x;
@}
@end example
@node Ref.Item.Obj
@subsection Ref.Item.Obj
@c * Ref.Item.Obj:: Items defining objects.
@cindex Objects
@cindex Object constructors
An @dfn{object item} defines the @emph{state} and @emph{methods} of a set of
@emph{object values}. Object values have object types. @xref{Ref.Type.Obj}.
An @emph{object item} declaration -- in addition to providing a scope for
state and method declarations -- implicitly declares a static function called
the @emph{object constructor}, as well as a named @emph{object type}. The name
given to the object item is resolved to a type when used in type context, or a
constructor function when used in value context (such as a call).
Example of an object item:
@example
obj counter(int state) @{
fn incr() @{
state += 1;
@}
fn get() -> int @{
ret state;
@}
@}
let counter c = counter(1);
c.incr();
c.incr();
assert (c.get() == 3);
@end example
There is no @emph{this} or @emph{self} available inside an object's
methods, either implicitly or explicitly, so you can't directly call
other methods. For example:
@example
obj my_obj() @{
fn get() -> int @{
ret 3;
@}
fn foo() @{
auto c = get(); // Fails
@}
@}
@end example
The current replacement is to write a factory function for your type,
which provides any private helper functions:
@example
type my_obj =
obj @{
fn get() -> int;
fn foo();
@};
fn mk_my_obj() -> my_obj @{
fn get_helper() -> int @{
ret 3;
@}
obj impl() @{
fn get() -> int @{
ret get_helper();
@}
fn foo() @{
auto c = get_helper(); // Works
@}
@}
ret impl();
@}
@end example
This factory function also allows you to bind the object's state
variables to initial values.
@node Ref.Item.Type
@subsection Ref.Item.Type
@c * Ref.Item.Type:: Items defining the types of values and slots.
@cindex Type definitions
A @dfn{type definition} defines a set of possible values in
memory. @xref{Ref.Type}. Type definitions are declared with the keyword
@code{type}. Every value has a single, specific type; the type-specified
aspects of a value include:
@itemize
@item Whether the value is composed of sub-values or is indivisible.
@item Whether the value represents textual or numerical information.
@item Whether the value represents integral or floating-point information.
@item The sequence of memory operations required to access the value.
@item The storage layer the value resides in (immutable, state or gc).
@end itemize
For example, the type @code{rec(u8 x, u8 y)} defines the set of immutable
values that are composite records, each containing two unsigned 8-bit integers
accessed through the components @code{x} and @code{y}, and laid out in memory
with the @code{x} component preceding the @code{y} component.
@node Ref.Item.Tag
@subsection Ref.Item.Tag
@c * Ref.Item.Type:: Items defining the constructors of a tag type.
@cindex Tag types
A tag item simultaneously declares a new nominal tag type
(@pxref{Ref.Type.Tag}) as well as a set of @emph{constructors} that can be
used to create or pattern-match values of the corresponding tag type.
The constructors of a @code{tag} type may be recursive: that is, each constructor
may take an argument that refers, directly or indirectly, to the tag type the constructor
is a member of. Such recursion has restrictions:
@itemize
@item Recursive types can only be introduced through @code{tag} constructors.
@item A recursive @code{tag} item must have at least one non-recursive
constructor (in order to give the recursion a basis case).
@item The recursively argument of recursive tag constructors must be @emph{box}
values (in order to bound the in-memory size of the constructor).
@item Recursive type definitions can cross module boundaries, but not module
@emph{visibility} boundaries, nor crate boundaries (in order to simplify the
module system).
@end itemize
An example of a @code{tag} item and its use:
@example
tag animal @{
dog;
cat;
@}
let animal a = dog;
a = cat;
@end example
An example of a @emph{recursive} @code{tag} item and its use:
@example
tag list[T] @{
nil;
cons(T, @@list[T]);
@}
let list[int] a = cons(7, cons(13, nil));
@end example
@page
@node Ref.Type
@section Ref.Type
@cindex Types
Every slot and value in a Rust program has a type. The @dfn{type} of a
@emph{value} defines the interpretation of the memory holding it. The type of
a @emph{slot} may also include constraints. @xref{Ref.Type.Constr}.
Built-in types and type-constructors are tightly integrated into the language,
in nontrivial ways that are not possible to emulate in user-defined
types. User-defined types have limited capabilities. In addition, every
built-in type or type-constructor name is reserved as a @emph{keyword} in
Rust; they cannot be used as user-defined identifiers in any context.
@menu
* Ref.Type.Any:: An open union of every possible type.
* Ref.Type.Mach:: Machine-level types.
* Ref.Type.Int:: The machine-dependent integer types.
* Ref.Type.Float:: The machine-dependent floating-point types.
* Ref.Type.Prim:: Primitive types.
* Ref.Type.Big:: The arbitrary-precision integer type.
* Ref.Type.Text:: Strings and characters.
* Ref.Type.Rec:: Labeled products of heterogeneous types.
* Ref.Type.Tup:: Unlabeled products of heterogeneous types.
* Ref.Type.Vec:: Open products of homogeneous types.
* Ref.Type.Tag:: Disjoint unions of heterogeneous types.
* Ref.Type.Fn:: Subroutine types.
* Ref.Type.Iter:: Scoped coroutine types.
* Ref.Type.Port:: Unique inter-task message-receipt endpoints.
* Ref.Type.Chan:: Copyable inter-task message-send capabilities.
* Ref.Type.Task:: General coroutine-instance types.
* Ref.Type.Obj:: Abstract types.
* Ref.Type.Constr:: Constrained types.
* Ref.Type.Type:: Types describing types.
@end menu
@node Ref.Type.Any
@subsection Ref.Type.Any
@cindex Any type
@cindex Dynamic type, see @i{Any type}
@cindex Reflection
@cindex Alt type expression
The type @code{any} is the union of all possible Rust types. A value of type
@code{any} is represented in memory as a pair consisting of a boxed value of
some non-@code{any} type @var{T} and a reflection of the type @var{T}.
Values of type @code{any} can be used in an @code{alt type} expression, in
which the reflection is used to select a block corresponding to a particular
type extraction. @xref{Ref.Expr.Alt}.
@node Ref.Type.Mach
@subsection Ref.Type.Mach
@cindex Machine types
@cindex Floating-point types
@cindex Integer types
@cindex Word types
The machine types are the following:
@itemize
@item
The unsigned word types @code{u8}, @code{u16}, @code{u32} and @code{u64},
with values drawn from the integer intervals
@iftex
@math{[0, 2^8 - 1]},
@math{[0, 2^{16} - 1]},
@math{[0, 2^{32} - 1]} and
@math{[0, 2^{64} - 1]}
@end iftex
@ifhtml
@html
[0, 2<sup>8</sup>-1],
[0, 2<sup>16</sup>-1],
[0, 2<sup>32</sup>-1] and
[0, 2<sup>64</sup>-1]
@end html
@end ifhtml
respectively.
@item
The signed two's complement word types @code{i8}, @code{i16}, @code{i32} and
@code{i64}, with values drawn from the integer intervals
@iftex
@math{[-(2^7),(2^7)-1)]},
@math{[-(2^{15}),2^{15}-1)]},
@math{[-(2^{31}),2^{31}-1)]} and
@math{[-(2^{63}),2^{63}-1)]}
@end iftex
@ifhtml
@html
[-(2<sup>7</sup>), 2<sup>7</sup>-1],
[-(2<sup>15</sup>), 2<sup>15</sup>-1],
[-(2<sup>31</sup>), 2<sup>31</sup>-1] and
[-(2<sup>63</sup>), 2<sup>63</sup>-1]
@end html
@end ifhtml
respectively.
@item
The IEEE 754-2008 @code{binary32} and @code{binary64} floating-point types:
@code{f32} and @code{f64}, respectively.
@end itemize
@node Ref.Type.Int
@subsection Ref.Type.Int
@cindex Machine-dependent types
@cindex Integer types
@cindex Word types
The Rust type @code{uint}@footnote{A Rust @code{uint} is analogous to a C99
@code{uintptr_t}.} is an unsigned integer type with with
target-machine-dependent size. Its size, in bits, is equal to the number of
bits required to hold any memory address on the target machine.
The Rust type @code{int}@footnote{A Rust @code{int} is analogous to a C99
@code{intptr_t}.} is a two's complement signed integer type with
target-machine-dependent size. Its size, in bits, is equal to the size of the
rust type @code{uint} on the same target machine.
@node Ref.Type.Float
@subsection Ref.Type.Float
@cindex Machine-dependent types
@cindex Floating-point types
The Rust type @code{float} is a machine-specific type equal to one of the
supported Rust floating-point machine types (@code{f32} or @code{f64}). It is
the largest floating-point type that is directly supported by hardware on the
target machine, or if the target machine has no floating-point hardware
support, the largest floating-point type supported by the software
floating-point library used to support the other floating-point machine types.
Note that due to the preference for hardware-supported floating-point, the
type @code{float} may not be equal to the largest @emph{supported}
floating-point type.
@node Ref.Type.Prim
@subsection Ref.Type.Prim
@cindex Primitive types
@cindex Integer types
@cindex Floating-point types
@cindex Character type
@cindex Boolean type
The primitive types are the following:
@itemize
@item
The ``nil'' type @code{()}, having the single ``nil'' value
@code{()}.@footnote{The ``nil'' value @code{()} is @emph{not} a sentinel
``null pointer'' value for alias slots; the ``nil'' type is the implicit
return type from functions otherwise lacking a return type, and can be used in
other contexts (such as message-sending or type-parametric code) as a
zero-size type.}
@item
The boolean type @code{bool} with values @code{true} and @code{false}.
@item
The machine types.
@item
The machine-dependent integer and floating-point types.
@end itemize
@node Ref.Type.Big
@subsection Ref.Type.Big
@cindex Integer types
@cindex Big integer type
The Rust type @code{big}@footnote{A Rust @code{big} is analogous to a Lisp
bignum or a Python long integer.} is an arbitrary precision integer type that
fits in a machine word @emph{when possible} and transparently expands to a
boxed ``big integer'' allocated in the run-time heap when it overflows or
underflows outside of the range of a machine word.
A Rust @code{big} grows to accommodate extra binary digits as they are needed,
by taking extra memory from the memory budget available to each Rust task, and
should only exhaust its range due to memory exhaustion.
@node Ref.Type.Text
@subsection Ref.Type.Text
@cindex Text types
@cindex String type
@cindex Character type
@cindex Unicode
@cindex UCS-4
@cindex UTF-8
The types @code{char} and @code{str} hold textual data.
A value of type @code{char} is a Unicode character, represented as a 32-bit
unsigned word holding a UCS-4 codepoint.
A value of type @code{str} is a Unicode string, represented as a vector of
8-bit unsigned bytes holding a sequence of UTF-8 codepoints.
@node Ref.Type.Rec
@subsection Ref.Type.Rec
@cindex Record types
@cindex Structure types, see @i{Record types}
The record type-constructor @code{rec} forms a new heterogeneous product of
values.@footnote{The @code{rec} type-constructor is analogous to the
@code{struct} type-constructor in the Algol/C family, the @emph{record} types
of the ML family, or the @emph{structure} types of the Lisp family.} Fields of
a @code{rec} type are accessed by name and are arranged in memory in the order
specified by the @code{rec} type.
An example of a @code{rec} type and its use:
@example
type point = rec(int x, int y);
let point p = rec(x=10, y=11);
let int px = p.x;
@end example
@node Ref.Type.Tup
@subsection Ref.Type.Tup
@cindex Tuple types
The tuple type-constructor @code{tup} forms a new heterogeneous product of
values exactly as the @code{rec} type-constructor does, with the difference
that tuple members are automatically assigned implicit field names, given by
ascending integers prefixed by the underscore character: @code{_0}, @code{_1},
@code{_2}, etc. The members of a tuple are laid out in memory contiguously,
like a record, in order specified by the tuple type.
An example of a tuple type and its use:
@example
type pair = tup(int,str);
let pair p = tup(10,"hello");
assert (p._0 == 10);
p._1 = "world";
assert (p._1 == "world");
@end example
@node Ref.Type.Vec
@subsection Ref.Type.Vec
@cindex Vector types
@cindex Array types, see @i{Vector types}
The vector type-constructor @code{vec} represents a homogeneous array of
values of a given type. A vector has a fixed size. The layer of a vector type
is to the layer of its member type, like any type that contains a single
member type.
Vectors can be sliced. A slice expression builds a new vector by copying a
contiguous range -- given by a pair of indices representing a half-open
interval -- out of the sliced vector.
An example of a @code{vec} type and its use:
@example
let vec[int] v = vec(7, 5, 3);
let int i = v.(2);
let vec[int] v2 = v.(0,1); // Form a slice.
@end example
Vectors always @emph{allocate} a storage region sufficient to store the first
power of two worth of elements greater than or equal to the size of the
vector. This behaviour supports idiomatic in-place ``growth'' of a mutable
slot holding a vector:
@example
let mutable vec[int] v = vec(1, 2, 3);
v += vec(4, 5, 6);
@end example
Normal vector concatenation causes the allocation of a fresh vector to hold
the result; in this case, however, the slot holding the vector recycles the
underlying storage in-place (since the reference-count of the underlying
storage is equal to 1).
All accessible elements of a vector are always initialized, and access to a
vector is always bounds-checked.
@node Ref.Type.Tag
@subsection Ref.Type.Tag
@cindex Tag types
@cindex Union types, see @i{Tag types}
A @emph{tag type} is a nominal, heterogeneous disjoint union
type.@footnote{The @code{tag} type is analogous to a @code{data} constructor
declaration in ML or a @emph{pick ADT} in Limbo.} A @code{tag} @emph{item}
consists of a number of @emph{constructors}, each of which is independently
named and takes an optional tuple of arguments.
Tag types cannot be denoted @emph{structurally} as types, but must be denoted
by named reference to a @emph{tag item} declaration. @xref{Ref.Item.Tag}.
@node Ref.Type.Fn
@subsection Ref.Type.Fn
@cindex Function types
The function type-constructor @code{fn} forms new function types. A function
type consists of a sequence of input slots, an optional set of input
constraints (@pxref{Ref.Typestate.Constr}) and an output
slot. @xref{Ref.Item.Fn}.
An example of a @code{fn} type:
@example
fn add(int x, int y) -> int @{
ret x + y;
@}
let int x = add(5,7);
type binop = fn(int,int) -> int;
let binop bo = add;
x = bo(5,7);
@end example
@node Ref.Type.Iter
@subsection Ref.Type.Iter
@cindex Iterator types
The iterator type-constructor @code{iter} forms new iterator types. An
iterator type consists a sequence of input slots, an optional set of input
constraints and an output slot. @xref{Ref.Item.Iter}.
An example of an @code{iter} type:
@example
iter range(int x, int y) -> int @{
while (x < y) @{
put x;
x += 1;
@}
@}
for each (int i in range(5,7)) @{
@dots{};
@}
@end example
@node Ref.Type.Port
@subsection Ref.Type.Port
@cindex Port types
@cindex Communication
The port type-constructor @code{port} forms types that describe ports. A port
is the @emph{receiving end} of a typed, asynchronous, simplex inter-task
communication facility. @xref{Ref.Task.Comm}. A @code{port} type takes a
single type parameter, denoting the type of value that can be received from a
@code{port} value of that type.
Ports are modeled as stateful native types, with built-in meaning to the
language. They cannot be transmitted over channels or otherwise replicated,
and are always local to the task that creates them.
Ports (like channels) can only be carry types of the immutable layer. No
mutable values can pass over a port or channel.
An example of a @code{port} type:
@example
type port[vec[str]] svp;
let svp p = get_port();
let vec[str] v;
v <- p;
@end example
@node Ref.Type.Chan
@subsection Ref.Type.Chan
@cindex Channel types
@cindex Communication
The channel type-constructor @code{chan} forms types that describe channels. A
channel is the @emph{sending end} of a typed, asynchronous, simplex inter-task
communication facility. @xref{Ref.Task.Comm}. A @code{chan} type takes a
single type parameter, denoting the type of value that can be sent to a
channel of that type.
Channels are immutable, and can be transmitted over channels to other
tasks. They are modeled as immutable native types with built-in meaning to the
language.
Channels (like ports) can only be carry types of the immutable layer. No
mutable values can pass over a port or channel.
When a task sends a message into a channel, the task forms an outgoing queue
associated with that channel. The per-task queue @emph{associated} with a
channel can be indirectly manipulated by the task, but is @emph{not} otherwise
considered ``part of'' to the channel: the queue is ``part of'' the
@emph{sending task}. Sending a channel to another task does not copy the queue
associated with the channel.
Channels are also @emph{weak}: a channel is directly coupled to a particular
destination port on a particular task, but does not keep that port or task
@emph{alive}. A channel may therefore fail to operate at any moment. If a task
sends a message to a channel that is connected to a nonexistent port, the
message is dropped.
An example of a @code{chan} type:
@example
type chan[vec[str]] svc;
let svc c = get_chan();
let vec[str] v = vec("hello", "world");
c <| v;
@end example
@node Ref.Type.Task
@subsection Ref.Type.Task
@cindex Task type
The task type @code{task} describes values that are @emph{live
tasks}.
Tasks form an @emph{ownership tree} in which each task (except the root task)
is directly owned by exactly one parent task. The purpose of a variable of
@code{task} type is to manage the lifecycle of the associated
task. Communication is carried out solely using channels and ports.
Like ports, tasks are modeled as mutable native types with built-in meaning to
the language. They cannot be transmitted over channels or otherwise
replicated, and are always local to the task that spawns them.
If all references to a task are dropped (due to the release of any structure
holding those references), the runtime signals the un-referenced task, which
then fails. @xref{Ref.Task.Life}.
@node Ref.Type.Obj
@subsection Ref.Type.Obj
@c * Ref.Type.Obj:: Object types.
@cindex Object types
A @dfn{object type} describes values of abstract type, that carry some hidden
@emph{fields} and are accessed through a set of un-ordered
@emph{methods}. Every object item (@pxref{Ref.Item.Obj}) implicitly declares
an object type carrying methods with types derived from all the methods of the
object item.
Object types can also be declared in isolation, independent of any object item
declaration. Such a ``plain'' object type can be used to describe an interface
that a variety of particular objects may conform to, by supporting a superset
of the methods.
An object type that can contain fields of a given layer must be declared as
residing in that layer (or lower), like any other type.
An example of an object type with two separate object items supporting it, and
a client function using both items via the object type:
@example
state type taker =
state obj @{
fn take(int);
@};
state obj adder(mutable int x) @{
fn take(int y) @{
x += y;
@}
@}
obj sender(chan[int] c) @{
fn take(int z) @{
c <| z;
@}
@}
fn give_ints(taker t) @{
t.take(1);
t.take(2);
t.take(3);
@}
let port[int] p = port();
let taker t1 = adder(0);
let taker t2 = sender(chan(p));
give_ints(t1);
give_ints(t2);
@end example
@node Ref.Type.Constr
@subsection Ref.Type.Constr
@c * Ref.Type.Constr:: Constrained types.
@cindex Constrained types
A @dfn{constrained type} is a type that carries a @emph{formal constraint}
(@pxref{Ref.Typestate.Constr}), which is similar to a normal constraint except
that the @emph{base name} of any slots mentioned in the constraint must be the
special @emph{formal symbol} @emph{*}.
When a constrained type is instantiated in a particular slot declaration, the
formal symbol in the constraint is replaced with the name of the declared slot
and the resulting constraint is checked immediately after the slot is
declared. @xref{Ref.Expr.Check}.
An example of a constrained type with two separate instantiations:
@example
type ordered_range = rec(int low, int high) : less_than(*.low, *.high);
let ordered_range rng1 = rec(low=5, high=7);
// implicit: 'check less_than(rng1.low, rng1.high);'
let ordered_range rng2 = rec(low=15, high=17);
// implicit: 'check less_than(rng2.low, rng2.high);'
@end example
@node Ref.Type.Type
@subsection Ref.Type.Type
@c * Ref.Type.Type:: Types describing types.
@cindex Type type
@emph{TODO}.
* Ref.Typestate:: The static system of predicate analysis.
@node Ref.Typestate
@section Ref.Typestate
@c * Ref.Typestate:: The static system of predicate analysis.
@cindex Typestate system
Rust programs have a static semantics that determine the types of values
produced by each expression, as well as the @emph{predicates} that hold over
slots in the environment at each point in time during execution.
The latter semantics -- the dataflow analysis of predicates holding over slots
-- is called the @emph{typestate} system.
@menu
* Ref.Typestate.Point:: Discrete positions in execution.
* Ref.Typestate.CFG:: The control-flow graph formed by points.
* Ref.Typestate.Constr:: Predicates applied to slots.
* Ref.Typestate.Cond:: Constraints required and implied by a point.
* Ref.Typestate.State:: Constraints that hold at points.
* Ref.Typestate.Check:: Relating dynamic state to static typestate.
@end menu
@node Ref.Typestate.Point
@subsection Ref.Typestate.Point
@c * Ref.Typestate.Point:: Discrete positions in execution.
@cindex Points
Control flows from statement to statement in a block, and through the
evaluation of each expression, from one sub-expression to another. This
sequential control flow is specified as a set of @dfn{points}, each of which
has a set of points before and after it in the implied control flow.
For example, this code:
@example
s = "hello, world";
print(s);
@end example
Consists of 2 statements, 3 expressions and 12 points:
@itemize
@item the point before the first statement
@item the point before evaluating the static initializer @code{"hello, world"}
@item the point after evaluating the static initializer @code{"hello, world"}
@item the point after the first statement
@item the point before the second statement
@item the point before evaluating the function value @code{print}
@item the point after evaluating the function value @code{print}
@item the point before evaluating the arguments to @code{print}
@item the point before evaluating the symbol @code{s}
@item the point after evaluating the symbol @code{s}
@item the point after evaluating the arguments to @code{print}
@item the point after the second statement
@end itemize
Whereas this code:
@example
print(x() + y());
@end example
Consists of 1 statement, 7 expressions and 14 points:
@itemize
@item the point before the statement
@item the point before evaluating the function value @code{print}
@item the point after evaluating the function value @code{print}
@item the point before evaluating the arguments to @code{print}
@item the point before evaluating the arguments to @code{+}
@item the point before evaluating the function value @code{x}
@item the point after evaluating the function value @code{x}
@item the point before evaluating the arguments to @code{x}
@item the point after evaluating the arguments to @code{x}
@item the point before evaluating the function value @code{y}
@item the point after evaluating the function value @code{y}
@item the point before evaluating the arguments to @code{y}
@item the point after evaluating the arguments to @code{y}
@item the point after evaluating the arguments to @code{+}
@item the point after evaluating the arguments to @code{print}
@end itemize
The typestate system reasons over points, rather than statements or
expressions. This may seem counter-intuitive, but points are the more
primitive concept. Another way of thinking about a point is as a set of
@emph{instants in time} at which the state of a task is fixed. By contrast, a
statement or expression represents a @emph{duration in time}, during which the
state of the task changes. The typestate system is concerned with constraining
the possible states of a task's memory at @emph{instants}; it is meaningless
to speak of the state of a task's memory ``at'' a statement or expression, as
each statement or expression is likely to change the contents of memory.
@node Ref.Typestate.CFG
@subsection Ref.Typestate.CFG
@c * Ref.Typestate.CFG:: The control-flow graph formed by points.
@cindex Control-flow graph
Each @emph{point} can be considered a vertex in a directed @emph{graph}. Each
kind of expression or statement implies a number of points @emph{and edges} in
this graph. The edges connect the points within each statement or expression,
as well as between those points and those of nearby statements and expressions
in the program. The edges between points represent @emph{possible} indivisible
control transfers that might occur during execution.
This implicit graph is called the @dfn{control-flow graph}, or @dfn{CFG}.
@node Ref.Typestate.Constr
@subsection Ref.Typestate.Constr
@c * Ref.Typestate.Constr:: Predicates applied to slots.
@cindex Predicate
@cindex Constraint
A @dfn{predicate} is a pure boolean function declared with the keyword
@code{pred}. @xref{Ref.Item.Pred}.
A @dfn{constraint} is a predicate applied to specific slots.
For example, consider the following code:
@example
pred is_less_than(int a, int b) -> bool @{
ret a < b;
@}
fn test() @{
let int x = 10;
let int y = 20;
check is_less_than(x,y);
@}
@end example
This example defines the predicate @code{is_less_than}, and applies it to the
slots @code{x} and @code{y}. The constraint being checked on the third line of
the function is @code{is_less_than(x,y)}.
Predicates can only apply to slots holding immutable values. The slots a
predicate applies to can themselves be mutable, but the types of values held
in those slots must be immutable.
@node Ref.Typestate.Cond
@subsection Ref.Typestate.Cond
@c * Ref.Typestate.Cond:: Constraints required and implied by a point.
@cindex Condition
@cindex Precondition
@cindex Postcondition
A @dfn{condition} is a set of zero or more constraints.
Each @emph{point} has an associated @emph{condition}:
@itemize
@item The @dfn{precondition} of a statement or expression is the condition
required at in the point before it.
@item The @dfn{postcondition} of a statement or expression is the condition
enforced in the point after it.
@end itemize
Any constraint present in the precondition and @emph{absent} in the
postcondition is considered to be @emph{dropped} by the statement or
expression.
@node Ref.Typestate.State
@subsection Ref.Typestate.State
@c * Ref.Typestate.State:: Constraints that hold at points.
@cindex Typestate
@cindex Prestate
@cindex Poststate
The typestate checking system @emph{calculates} an additional condition for
each point called its typestate. For a given statement or expression, we call
the two typestates associated with its two points the prestate and a
poststate.
@itemize
@item The @dfn{prestate} of a statement or expression is the typestate of the
point before it.
@item The @dfn{poststate} of a statement or expression is the typestate of the
point after it.
@end itemize
A @dfn{typestate} is a condition that has @emph{been determined by the
typestate algorithm} to hold at a point. This is a subtle but important point
to understand: preconditions and postconditions are @emph{inputs} to the
typestate algorithm; prestates and poststates are @emph{outputs} from the
typestate algorithm.
The typestate algorithm analyses the preconditions and postconditions of every
statement and expression in a block, and computes a condition for each
typestate. Specifically:
@itemize
@item Initially, every typestate is empty.
@item Each statement or expression's poststate is given the union of the its
prestate, precondition, and postcondition.
@item Each statement or expression's poststate has the difference between its
precondition and postcondition removed.
@item Each statement or expression's prestate is given the intersection of the
poststates of every predecessor point in the CFG.
@item The previous three steps are repeated until no typestates in the
block change.
@end itemize
The typestate algorithm is a very conventional dataflow calculation, and can
be performed using bit-set operations, with one bit per predicate and one
bit-set per condition.
After the typestates of a block are computed, the typestate algorithm checks
that every constraint in the precondition of a statement is satisfied by its
prestate. If any preconditions are not satisfied, the mismatch is considered a
static (compile-time) error.
@node Ref.Typestate.Check
@subsection Ref.Typestate.Check
@c * Ref.Typestate.Check:: Relating dynamic state to static typestate.
@cindex Check statement
@cindex Assertions, see @i{Check statement}
The key mechanism that connects run-time semantics and compile-time analysis
of typestates is the use of @code{check} expressions. @xref{Ref.Expr.Check}. A
@code{check} expression guarantees that @emph{if} control were to proceed past
it, the predicate associated with the @code{check} would have succeeded, so
the constraint being checked @emph{statically} holds in subsequent
points.@footnote{A @code{check} expression is similar to an @code{assert}
call in a C program, with the significant difference that the Rust compiler
@emph{tracks} the constraint that each @code{check} expression
enforces. Naturally, @code{check} expressions cannot be omitted from a
``production build'' of a Rust program the same way @code{asserts} are
frequently disabled in deployed C programs.}
It is important to understand that the typestate system has @emph{no insight}
into the meaning of a particular predicate. Predicates and constraints are not
evaluated in any way at compile time. Predicates are treated as specific (but
unknown) functions applied to specific (also unknown) slots. All the typestate
system does is track which of those predicates -- whatever they calculate --
@emph{must have been checked already} in order for program control to reach a
particular point in the CFG. The fundamental building block, therefore, is the
@code{check} statement, which tells the typestate system ``if control passes
this point, the checked predicate holds''.
From this building block, constraints can be propagated to function signatures
and constrained types, and the responsibility to @code{check} a constraint
pushed further and further away from the site at which the program requires it
to hold in order to execute properly.
@page
@node Ref.Stmt
@section Ref.Stmt
@c * Ref.Stmt:: Components of an executable block.
@cindex Statements
A @dfn{statement} is a component of a block, which is in turn a component of
an outer block-expression, a function or an iterator. When a function is
spawned into a task, the task @emph{executes} statements in an order
determined by the body of the enclosing structure. Each statement causes the
task to perform certain actions.
Rust has two kinds of statement: declarations and expressions.
A declaration serves to introduce a @emph{name} that can be used in the block
@emph{scope} enclosing the statement: all statements before and after the
name, from the previous opening curly-brace (@code{@{}) up to the next closing
curly-brace (@code{@}}).
An expression serves the dual roles of causing side effects and producing a
@emph{value}. Expressions are said to @emph{evaluate to} a value, and the side
effects are caused during @emph{evaluation}. Many expressions contain
sub-expressions as operands; the definition of each kind of expression
dictates whether or not, and in which order, it will evaluate its
sub-expressions, and how the expression's value derives from the value of its
sub-expressions.
In this way, the structure of execution -- both the overall sequence of
observable side effects and the final produced value -- is dictated by the
structure of expressions. Blocks themselves are expressions, so the nesting
sequence of block, statement, expression, and block can repeatedly nest to an
arbitrary depth.
@menu
* Ref.Stmt.Decl:: Statement declaring an item or slot.
* Ref.Stmt.Expr:: Statement evaluating an expression.
@end menu
@node Ref.Stmt.Decl
@subsection Ref.Stmt.Decl
@c * Ref.Stmt.Decl:: Statement declaring an item or slot.
@cindex Declaration statement
A @dfn{declaration statement} is one that introduces a @emph{name} into the
enclosing statement block. The declared name may denote a new slot or a new
item. The scope of the name extends to the entire containing block, both
before and after the declaration.
@menu
* Ref.Stmt.Decl.Item:: Statement declaring an item.
* Ref.Stmt.Decl.Slot:: Statement declaring a slot.
@end menu
@node Ref.Stmt.Decl.Item
@subsubsection Ref.Stmt.Decl.Item
@c * Ref.Stmt.Decl.Item:: Statement declaring an item.
An @dfn{item declaration statement} has a syntactic form identical to an item
declaration within a module. Declaring an item -- a function, iterator,
object, type or module -- locally within a statement block is simply a way of
restricting its scope to a narrow region containing all of its uses; it is
otherwise identical in meaning to declaring the item outside the statement
block.
Note: there is no implicit capture of the function's dynamic environment when
declaring a function-local item.
@node Ref.Stmt.Decl.Slot
@subsubsection Ref.Stmt.Decl.Slot
@c * Ref.Stmt.Decl.Slot:: Statement declaring an slot.
@cindex Local slot
@cindex Variable, see @i{Local slot}
@cindex Type inference
@cindex Automatic slot
A @code{slot declaration statement} has one one of two forms:
@itemize
@item @code{let} @var{type} @var{slot} @var{optional-init};
@item @code{auto} @var{slot} @var{optional-init};
@end itemize
Where @var{type} is a type expression, @var{slot} is the name of the slot
being declared, and @var{optional-init} is either the empty string or an
equals sign (@code{=}) followed by a primitive expression.
Both forms introduce a new slot into the containing block scope. The new slot
is visible across the entire scope, but is initialized only at the point
following the declaration statement.
The latter (@code{auto}) form of slot declaration causes the compiler to infer
the static type of the slot through unification with the types of values
assigned to the slot in the remaining code in the block scope. Inference only
occurs on frame-local slots, not argument slots. Function, iterator and object
signatures must always declared types for all argument slots.
@xref{Ref.Mem.Slot}.
@node Ref.Stmt.Expr
@subsection Ref.Stmt.Expr
@c * Ref.Stmt.Expr:: Statement evaluating an expression
@cindex Expression statement
An @dfn{expression statement} is one that evaluates an expression and drops
its result. The purpose of an expression statement is often to cause the side
effects of the expression's evaluation.
@page
@node Ref.Expr
@section Ref.Expr
@c * Ref.Expr:: Parsed and primitive expressions.
@cindex Expressions
@menu
* Ref.Expr.Copy:: Expression for copying a value.
* Ref.Expr.Spawn:: Expressions for creating new tasks.
* Ref.Expr.Send:: Expressions for sending a value into a channel.
* Ref.Expr.Recv:: Expression for receiving a value from a channel.
* Ref.Expr.Call:: Expression for calling a function.
* Ref.Expr.Bind:: Expression for binding arguments to functions.
* Ref.Expr.Ret:: Expression for stopping and producing a value.
* Ref.Expr.Be:: Expression for stopping and executing a tail call.
* Ref.Expr.Put:: Expression for pausing and producing a value.
* Ref.Expr.Fail:: Expression for causing task failure.
* Ref.Expr.Log:: Expression for logging values to diagnostic buffers.
* Ref.Expr.Note:: Expression for logging values during failure.
* Ref.Expr.While:: Expression for simple conditional looping.
* Ref.Expr.Break:: Expression for terminating a loop.
* Ref.Expr.Cont:: Expression for terminating a single loop iteration.
* Ref.Expr.For:: Expression for looping over strings and vectors.
* Ref.Expr.Foreach:: Expression for looping via an iterator.
* Ref.Expr.If:: Expression for simple conditional branching.
* Ref.Expr.Alt:: Expression for complex conditional branching.
* Ref.Expr.Prove:: Expression for static assertion of typestate.
* Ref.Expr.Check:: Expression for dynamic assertion of typestate.
* Ref.Expr.Claim:: Expression for static (unsafe) or dynamic assertion of typestate.
* Ref.Expr.Assert:: Expression for halting the program if a
boolean condition fails to hold.
* Ref.Expr.IfCheck:: Expression for dynamic testing of typestate.
@end menu
@node Ref.Expr.Copy
@subsection Ref.Expr.Copy
@c * Ref.Expr.Copy:: Expression for copying a value.
@cindex Copy expression
@cindex Assignment operator, see @i{Copy expression}
A @dfn{copy expression} consists of an @emph{lval} followed by an equals-sign
(@code{=}) and a primitive expression. @xref{Ref.Expr}.
Executing a copy expression causes the value denoted by the expression --
either a value or a primitive combination of values -- to be copied into the
memory location denoted by the @emph{lval}.
A copy may entail the adjustment of reference counts, execution of destructors,
or similar adjustments in order to respect the path through the memory graph
implied by the @code{lval}, as well as any existing value held in the memory
being written-to. All such adjustment is automatic and implied by the @code{=}
operator.
An example of three different copy expressions:
@example
x = y;
x.y = z;
x.y = z + 2;
@end example
@node Ref.Expr.Spawn
@subsection Ref.Expr.Spawn
@c * Ref.Expr.Spawn:: Expressions creating new tasks.
@cindex Spawn expression
A @code{spawn} expression consists of keyword @code{spawn}, followed by
an optional literal string naming the new task and then a normal
@emph{call} expression (@pxref{Ref.Expr.Call}). A @code{spawn}
expression causes the runtime to construct a new task executing the
called function with the given name. The called function is referred
to as the @dfn{entry function} for the spawned task, and its arguments
are copied from the spawning task to the spawned task before the
spawned task begins execution. If no explicit name is present, the
task is implicitly named with the string of the call expression.
Functions taking alias-slot arguments, or returning non-nil values, cannot be
spawned. Iterators cannot be spawned.
The result of a @code{spawn} expression is a @code{task} value.
An example of a @code{spawn} expression:
@example
fn helper(chan[u8] out) @{
// do some work.
out <| result;
@}
let port[u8] out;
let task p = spawn helper(chan(out));
let task p2 = spawn "my_helper" helper(chan(out));
// let task run, do other things.
auto result <- out;
@end example
@node Ref.Expr.Send
@subsection Ref.Expr.Send
@c * Ref.Expr.Send:: Expressions for sending a value into a channel.
@cindex Send expression
@cindex Communication
Sending a value through a channel can be done via two different expressions.
Both expressions take an @emph{lval}, denoting a channel, and a value to send
into the channel. The action of @emph{sending} varies depending on the
@dfn{send operator} employed.
The @emph{asynchronous send} operator @code{<+} adds a value to the channel's
queue, without blocking. If the queue is full, it is extended, taking memory
from the task's domain. If the task memory budget is exhausted, a signal is
sent to the task.
The @emph{semi-synchronous send} operator @code{<|} adds a value to the
channel's queue @emph{only if} the queue has room; if the queue is full, the
operation @emph{blocks} the sender until the queue has room.
An example of an asynchronous send:
@example
chan[str] c = @dots{};
c <+ "hello, world";
@end example
An example of a semi-synchronous send:
@example
chan[str] c = @dots{};
c <| "hello, world";
@end example
@node Ref.Expr.Recv
@subsection Ref.Expr.Recv
@c * Ref.Expr.Recv:: Expression for receiving a value from a channel.
@cindex Receive expression
@cindex Communication
The @dfn{receive expression} takes an @var{lval} to receive into and an
expression denoting a port, and applies the @emph{receive operator}
(@code{<-}) to the pair, copying a value out of the port and into the
@var{lval}. The expression causes the receiving task to enter the @emph{blocked
reading} state until a task is sending a value to the port, at which point the
runtime pseudo-randomly selects a sending task and copies a value from the
head of one of the task queues to the receiving location in memory, and
un-blocks the receiving task. @xref{Ref.Run.Comm}.
An example of a @emph{receive}:
@example
port[str] p = @dots{};
let str s <- p;
@end example
@node Ref.Expr.Call
@subsection Ref.Expr.Call
@c * Ref.Expr.Call:: Expression for calling a function.
@cindex Call expression
@cindex Function calls
A @dfn{call expression} invokes a function, providing a tuple of input slots
and an alias slot to serve as the function's output, bound to the @var{lval}
on the right hand side of the call. If the function eventually returns, then
the expression completes.
A call expression statically requires that the precondition declared in the
callee's signature is satisfied by the expression prestate. In this way,
typestates propagate through function boundaries. @xref{Ref.Typestate}.
An example of a call expression:
@example
let int x = add(1, 2);
@end example
@node Ref.Expr.Bind
@subsection Ref.Expr.Bind
@c * Ref.Expr.Bind:: Expression for binding arguments to functions.
@cindex Bind expression
@cindex Closures
@cindex Currying
A @dfn{bind expression} constructs a new function from an existing
function.@footnote{The @code{bind} expression is analogous to the @code{bind}
expression in the Sather language.} The new function has zero or more of its
arguments @emph{bound} into a new, hidden boxed tuple that holds the
bindings. For each concrete argument passed in the @code{bind} expression, the
corresponding parameter in the existing function is @emph{omitted} as a
parameter of the new function. For each argument passed the placeholder symbol
@code{_} in the @code{bind} expression, the corresponding parameter of the
existing function is @emph{retained} as a parameter of the new function.
Any subsequent invocation of the new function with residual arguments causes
invocation of the existing function with the combination of bound arguments
and residual arguments that was specified during the binding.
An example of a @code{bind} expression:
@example
fn add(int x, int y) -> int @{
ret x + y;
@}
type single_param_fn = fn(int) -> int;
let single_param_fn add4 = bind add(4, _);
let single_param_fn add5 = bind add(_, 5);
assert (add(4,5) == add4(5));
assert (add(4,5) == add5(4));
@end example
A @code{bind} expression generally stores a copy of the bound arguments in the
hidden, boxed tuple, owned by the resulting first-class function. For each
bound slot in the bound function's signature, space is allocated in the hidden
tuple and populated with a copy of the bound value.
The @code{bind} expression is a lightweight mechanism for simulating the more
elaborate construct of @emph{lexical closures} that exist in other
languages. Rust has no support for lexical closures, but many realistic uses
of them can be achieved with @code{bind} expressions.
@node Ref.Expr.Ret
@subsection Ref.Expr.Ret
@c * Ref.Expr.Ret:: Expression for stopping and producing a value.
@cindex Return expression
Executing a @code{ret} expression@footnote{A @code{ret} expression is analogous
to a @code{return} expression in the C family.} copies a value into the output
slot of the current function, destroys the current function activation frame,
and transfers control to the caller frame.
An example of a @code{ret} expression:
@example
fn max(int a, int b) -> int @{
if (a > b) @{
ret a;
@}
ret b;
@}
@end example
@node Ref.Expr.Be
@subsection Ref.Expr.Be
@c * Ref.Expr.Be:: Expression for stopping and executing a tail call.
@cindex Be expression
@cindex Tail calls
Executing a @code{be} expression @footnote{A @code{be} expression in is
analogous to a @code{become} expression in Newsqueak or Alef.} destroys the
current function activation frame and replaces it with an activation frame for
the called function. In other words, @code{be} executes a tail-call. The
syntactic form of a @code{be} expression is therefore limited to @emph{tail
position}: its argument must be a @emph{call expression}, and it must be the
last expression in a block.
An example of a @code{be} expression:
@example
fn print_loop(int n) @{
if (n <= 0) @{
ret;
@} else @{
print_int(n);
be print_loop(n-1);
@}
@}
@end example
The above example executes in constant space, replacing each frame with a new
copy of itself.
@node Ref.Expr.Put
@subsection Ref.Expr.Put
@c * Ref.Expr.Put:: Expression for pausing and producing a value.
@cindex Put expression
@cindex Iterators
Executing a @code{put} expression copies a value into the output slot of the
current iterator, suspends execution of the current iterator, and transfers
control to the current put-recipient frame.
A @code{put} expression is only valid within an iterator. @footnote{A
@code{put} expression is analogous to a @code{yield} expression in the CLU, and
Sather languages, or in more recent languages providing a ``generator''
facility, such as Python, Javascript or C#. Like the generators of CLU and
Sather but @emph{unlike} these later languages, Rust's iterators reside on the
stack and obey a strict stack discipline.} The current put-recipient will
eventually resume the suspended iterator containing the @code{put} expression,
either continuing execution after the @code{put} expression, or terminating its
execution and destroying the iterator frame.
@node Ref.Expr.Fail
@subsection Ref.Expr.Fail
@c * Ref.Expr.Fail:: Expression for causing task failure.
@cindex Fail expression
@cindex Failure
@cindex Unwinding
Executing a @code{fail} expression causes a task to enter the @emph{failing}
state. In the @emph{failing} state, a task unwinds its stack, destroying all
frames and freeing all resources until it reaches its entry frame, at which
point it halts execution in the @emph{dead} state.
@node Ref.Expr.Log
@subsection Ref.Expr.Log
@c * Ref.Expr.Log:: Expression for logging values to diagnostic buffers.
@cindex Log expression
@cindex Logging
Executing a @code{log} expression may, depending on runtime configuration,
cause a value to be appended to an internal diagnostic logging buffer provided
by the runtime or emitted to a system console. Log expressions are enabled or
disabled dynamically at run-time on a per-task and per-item
basis. @xref{Ref.Run.Log}.
@example
@end example
@node Ref.Expr.Note
@subsection Ref.Expr.Note
@c * Ref.Expr.Note:: Expression for logging values during failure.
@cindex Note expression
@cindex Logging
@cindex Unwinding
@cindex Failure
A @code{note} expression has no effect during normal execution. The purpose of
a @code{note} expression is to provide additional diagnostic information to the
logging subsystem during task failure. @xref{Ref.Expr.Log}. Using @code{note}
expressions, normal diagnostic logging can be kept relatively sparse, while
still providing verbose diagnostic ``back-traces'' when a task fails.
When a task is failing, control frames @emph{unwind} from the innermost frame
to the outermost, and from the innermost lexical block within an unwinding
frame to the outermost. When unwinding a lexical block, the runtime processes
all the @code{note} expressions in the block sequentially, from the first
expression of the block to the last. During processing, a @code{note}
expression has equivalent meaning to a @code{log} expression: it causes the
runtime to append the argument of the @code{note} to the internal logging
diagnostic buffer.
An example of a @code{note} expression:
@example
fn read_file_lines(&str path) -> vec[str] @{
note path;
vec[str] r;
file f = open_read(path);
for each (str s in lines(f)) @{
vec.append(r,s);
@}
ret r;
@}
@end example
In this example, if the task fails while attempting to open or read a file,
the runtime will log the path name that was being read. If the function
completes normally, the runtime will not log the path.
A value that is marked by a @code{note} expression is @emph{not} copied aside
when control passes through the @code{note}. In other words, if a @code{note}
expression notes a particular @var{lval}, and code after the @code{note}
mutates that slot, and then a subsequent failure occurs, the @emph{mutated}
value will be logged during unwinding, @emph{not} the original value that was
denoted by the @var{lval} at the moment control passed through the @code{note}
expression.
@node Ref.Expr.While
@subsection Ref.Expr.While
@c * Ref.Expr.While:: Expression for simple conditional looping.
@cindex While expression
@cindex Loops
@cindex Control-flow
A @code{while} expression is a loop construct. A @code{while} loop may be
either a simple @code{while} or a @code{do}-@code{while} loop.
In the case of a simple @code{while}, the loop begins by evaluating the
boolean loop conditional expression. If the loop conditional expression
evaluates to @code{true}, the loop body block executes and control returns to
the loop conditional expression. If the loop conditional expression evaluates
to @code{false}, the @code{while} expression completes.
In the case of a @code{do}-@code{while}, the loop begins with an execution of
the loop body. After the loop body executes, it evaluates the loop conditional
expression. If it evaluates to @code{true}, control returns to the beginning
of the loop body. If it evaluates to @code{false}, control exits the loop.
An example of a simple @code{while} expression:
@example
while (i < 10) @{
print("hello\n");
i = i + 1;
@}
@end example
An example of a @code{do}-@code{while} expression:
@example
do @{
print("hello\n");
i = i + 1;
@} while (i < 10);
@end example
@node Ref.Expr.Break
@subsection Ref.Expr.Break
@c * Ref.Expr.Break:: Expression for terminating a loop.
@cindex Break expression
@cindex Loops
@cindex Control-flow
Executing a @code{break} expression immediately terminates the innermost loop
enclosing it. It is only permitted in the body of a loop.
@node Ref.Expr.Cont
@subsection Ref.Expr.Cont
@c * Ref.Expr.Cont:: Expression for terminating a single loop iteration.
@cindex Continue expression
@cindex Loops
@cindex Control-flow
Executing a @code{cont} expression immediately terminates the current iteration
of the innermost loop enclosing it, returning control to the loop
@emph{head}. In the case of a @code{while} loop, the head is the conditional
expression controlling the loop. In the case of a @code{for} or @code{for
each} loop, the head is the iterator or vector-slice increment controlling the
loop.
A @code{cont} expression is only permitted in the body of a loop.
@node Ref.Expr.For
@subsection Ref.Expr.For
@c * Ref.Expr.For:: Expression for looping over strings and vectors.
@cindex For expression
@cindex Loops
@cindex Control-flow
A @dfn{for loop} is controlled by a vector or string. The for loop
bounds-checks the underlying sequence @emph{once} when initiating the loop,
then repeatedly copies each value of the underlying sequence into the element
variable, executing the loop body once per copy. To perform a for loop on a
sub-range of a vector or string, form a temporary slice over the sub-range and
run the loop over the slice.
Example of 4 for loops, all identical:
@example
let vec[foo] v = vec(a, b, c);
for (foo e in v.(0, _vec.len(v))) @{
bar(e);
@}
for (foo e in v.(0,)) @{
bar(e);
@}
for (foo e in v.(,)) @{
bar(e);
@}
for (foo e in v) @{
bar(e);
@}
@end example
@node Ref.Expr.Foreach
@subsection Ref.Expr.Foreach
@c * Ref.Expr.Foreach:: Expression for general conditional looping.
@cindex Foreach expression
@cindex Loops
@cindex Control-flow
An @dfn{foreach loop} is denoted by the @code{for each} keywords, and is
controlled by an iterator. The loop executes once for each value @code{put} by
the iterator. When the iterator returns or fails, the loop terminates.
Example of a foreach loop:
@example
let str txt;
let vec[str] lines;
for each (str s in _str.split(txt, "\n")) @{
vec.push(lines, s);
@}
@end example
@node Ref.Expr.If
@subsection Ref.Expr.If
@c * Ref.Expr.If:: Expression for simple conditional branching.
@cindex If expression
@cindex Control-flow
An @code{if} expression is a conditional branch in program control. The form of
an @code{if} expression is a parenthesized condition expression, followed by a
consequent block, any number of @code{else if} conditions and blocks, and an
optional trailing @code{else} block. The condition expressions must have type
@code{bool}. If a condition expression evaluates to @code{true}, the
consequent block is executed and any subsequent @code{else if} or @code{else}
block is skipped. If a condition expression evaluates to @code{false}, the
consequent block is skipped and any subsequent @code{else if} condition is
evaluated. If all @code{if} and @code{else if} conditions evaluate to @code{false}
then any @code{else} block is executed.
@node Ref.Expr.Alt
@subsection Ref.Expr.Alt
@c * Ref.Expr.Alt:: Expression for complex conditional branching.
@cindex Alt expression
@cindex Control-flow
@cindex Switch expression, see @i{Alt expression}
An @code{alt} expression is a multi-directional branch in program control.
There are three kinds of @code{alt} expression: communication @code{alt}
expressions, pattern @code{alt} expressions, and @code{alt type} expressions.
The form of each kind of @code{alt} is similar: an initial @emph{head} that
describes the criteria for branching, followed by a sequence of zero or more
@emph{arms}, each of which describes a @emph{case} and provides a @emph{block}
of expressions associated with the case. When an @code{alt} is executed,
control enters the head, determines which of the cases to branch to, branches
to the block associated with the chosen case, and then proceeds to the
expression following the @code{alt} when the case block completes.
@menu
* Ref.Expr.Alt.Comm:: Expression for branching on communication events.
* Ref.Expr.Alt.Pat:: Expression for branching on pattern matches.
* Ref.Expr.Alt.Type:: Expression for branching on types.
@end menu
@node Ref.Expr.Alt.Comm
@subsubsection Ref.Expr.Alt.Comm
@c * Ref.Expr.Alt.Comm:: Expression for branching on communication events.
@cindex Communication alt expression
@cindex Control-flow
@cindex Communication
@cindex Multiplexing
The simplest form of @code{alt} expression is the a @emph{communication}
@code{alt}. The cases of a communication @code{alt}'s arms are send and
receive expressions. @xref{Ref.Task.Comm}.
To execute a communication @code{alt}, the runtime checks all of the ports and
channels involved in the arms of the expression to see if any @code{case} can
execute without blocking. If no @code{case} can execute, the task blocks, and
the runtime unblocks the task when a @code{case} @emph{can} execute. The
runtime then makes a pseudo-random choice from among the set of @code{case}
expressions that can execute, executes the expression of the @code{case} and
branches to the block of that arm.
An example of a communication @code{alt} expression:
@example
let chan c[int] = foo();
let port p[str] = bar();
let int x = 0;
let vec[str] strs;
alt @{
case (str s <- p) @{
vec.append(strs, s);
@}
case (c <| x) @{
x++;
@}
@}
@end example
@node Ref.Expr.Alt.Pat
@subsubsection Ref.Expr.Alt.Pat
@c * Ref.Expr.Alt.Pat:: Expression for branching on pattern matches.
@cindex Pattern alt expression
@cindex Control-flow
A pattern @code{alt} expression branches on a @emph{pattern}. The exact form of
matching that occurs depends on the pattern. Patterns consist of some
combination of literals, tag constructors, variable binding specifications and
placeholders (@code{_}). A pattern @code{alt} has a parenthesized @emph{head
expression}, which is the value to compare to the patterns. The type of the
patterns must equal the type of the head expression.
To execute a pattern @code{alt} expression, first the head expression is
evaluated, then its value is sequentially compared to the patterns in the arms
until a match is found. The first arm with a matching @code{case} pattern is
chosen as the branch target of the @code{alt}, any variables bound by the
pattern are assigned to local @emph{auto} slots in the arm's block, and
control enters the block.
An example of a pattern @code{alt} expression:
@example
type list[X] = tag(nil, cons(X, @@list[X]));
let list[int] x = cons(10, cons(11, nil));
alt (x) @{
case (cons(a, cons(b, _))) @{
process_pair(a,b);
@}
case (cons(v=10, _)) @{
process_ten(v);
@}
case (_) @{
fail;
@}
@}
@end example
@node Ref.Expr.Alt.Type
@subsubsection Ref.Expr.Alt.Type
@c * Ref.Expr.Alt.Type:: Expression for branching on type.
@cindex Type alt expression
@cindex Control-flow
An @code{alt type} expression is similar to a pattern @code{alt}, but branches
on the @emph{type} of its head expression, rather than the value. The head
expression of an @code{alt type} expression must be of type @code{any}, and the
arms of the expression are slot patterns rather than value patterns. Control
branches to the arm with a @code{case} that matches the @emph{actual type} of
the value in the @code{any}.
An example of an @code{alt type} expression:
@example
let any x = foo();
alt type (x) @{
case (int i) @{
ret i;
@}
case (list[int] li) @{
ret int_list_sum(li);
@}
case (list[X] lx) @{
ret list_len(lx);
@}
case (_) @{
ret 0;
@}
@}
@end example
@node Ref.Expr.Prove
@subsection Ref.Expr.Prove
@c * Ref.Expr.Prove:: Expression for static assertion of typestate.
@cindex Prove expression
@cindex Typestate system
A @code{prove} expression has no run-time effect. Its purpose is to statically
check (and document) that its argument constraint holds at its expression entry
point. If its argument typestate does not hold, under the typestate algorithm,
the program containing it will fail to compile.
@node Ref.Expr.Check
@subsection Ref.Expr.Check
@c * Ref.Expr.Check:: Expression for dynamic assertion of typestate.
@cindex Check expression
@cindex Typestate system
A @code{check} expression connects dynamic assertions made at run-time to the
static typestate system. A @code{check} expression takes a constraint to check
at run-time. If the constraint holds at run-time, control passes through the
@code{check} and on to the next expression in the enclosing block. If the
condition fails to hold at run-time, the @code{check} expression behaves as a
@code{fail} expression.
The typestate algorithm is built around @code{check} expressions, and in
particular the fact that control @emph{will not pass} a check expression with a
condition that fails to hold. The typestate algorithm can therefore assume
that the (static) postcondition of a @code{check} expression includes the
checked constraint itself. From there, the typestate algorithm can perform
dataflow calculations on subsequent expressions, propagating conditions forward
and statically comparing implied states and their
specifications. @xref{Ref.Typestate}.
@example
pred even(&int x) -> bool @{
ret x & 1 == 0;
@}
fn print_even(int x) : even(x) @{
print(x);
@}
fn test() @{
let int y = 8;
// Cannot call print_even(y) here.
check even(y);
// Can call print_even(y) here, since even(y) now holds.
print_even(y);
@}
@end example
@node Ref.Expr.Claim
@subsection Ref.Expr.Claim
@c * Ref.Expr.Claim:: Expression for static (unsafe) or dynamic assertion of typestate.
@cindex Claim expression
@cindex Typestate system
A @code{claim} expression is an unsafe variant on a @code{check} expression
that is not actually checked at runtime. Thus, using a @code{claim} implies a
proof obligation to ensure---without compiler assistance---that an assertion
always holds.
Setting a runtime flag can turn all @code{claim} expressions
into @code{check} expressions in a compiled Rust program, but the default is to not check the assertion
contained in a @code{claim}. The idea behind @code{claim} is that performance profiling might identify a
few bottlenecks in the code where actually checking a given callee's predicate
is too expensive; @code{claim} allows the code to typecheck without removing
the predicate check at every other call site.
@node Ref.Expr.IfCheck
@subsection Ref.Expr.IfCheck
@c * Ref.Expr.IfCheck:: Expression for dynamic testing of typestate.
@cindex If check expression
@cindex Typestate system
@cindex Control-flow
An @code{if check} expression combines a @code{if} expression and a @code{check}
expression in an indivisible unit that can be used to build more complex
conditional control-flow than the @code{check} expression affords.
In fact, @code{if check} is a ``more primitive'' expression than @code{check};
instances of the latter can be rewritten as instances of the former. The
following two examples are equivalent:
@sp 1
Example using @code{check}:
@example
check even(x);
print_even(x);
@end example
@sp 1
Equivalent example using @code{if check}:
@example
if check even(x) @{
print_even(x);
@} else @{
fail;
@}
@end example
@node Ref.Expr.Assert
@subsection Ref.Expr.Assert
@c * Ref.Expr.Assert:: Expression that halts the program if a boolean condition fails to hold.
@cindex Assertions
An @code{assert} expression is similar to a @code{check} expression, except
the condition may be any boolean-typed expression, and the compiler makes no
use of the knowledge that the condition holds if the program continues to
execute after the @code{assert}.
@page
@node Ref.Run
@section Ref.Run
@c * Ref.Run:: Organization of runtime services.
@cindex Runtime library
The Rust @dfn{runtime} is a relatively compact collection of C and Rust code
that provides fundamental services and datatypes to all Rust tasks at
run-time. It is smaller and simpler than many modern language runtimes. It is
tightly integrated into the language's execution model of memory, tasks,
communication, reflection, logging and signal handling.
@menu
* Ref.Run.Mem:: Runtime memory management service.
* Ref.Run.Type:: Runtime built-in type services.
* Ref.Run.Comm:: Runtime communication service.
* Ref.Run.Refl:: Runtime reflection system.
* Ref.Run.Log:: Runtime logging system.
* Ref.Run.Sig:: Runtime signal handler.
@end menu
@node Ref.Run.Mem
@subsection Ref.Run.Mem
@c * Ref.Run.Mem:: Runtime memory management service.
@cindex Memory allocation
The runtime memory-management system is based on a @emph{service-provider
interface}, through which the runtime requests blocks of memory from its
environment and releases them back to its environment when they are no longer
in use. The default implementation of the service-provider interface consists
of the C runtime functions @code{malloc} and @code{free}.
The runtime memory-management system in turn supplies Rust tasks with
facilities for allocating, extending and releasing stacks, as well as
allocating and freeing boxed values.
@node Ref.Run.Type
@subsection Ref.Run.Type
@c * Ref.Run.Mem:: Runtime built-in type services.
@cindex Built-in types
The runtime provides C and Rust code to manage several built-in types:
@itemize
@item @code{vec}, the type of vectors.
@item @code{str}, the type of UTF-8 strings.
@item @code{big}, the type of arbitrary-precision integers.
@item @code{chan}, the type of communication channels.
@item @code{port}, the type of communication ports.
@item @code{task}, the type of tasks.
@end itemize
Support for other built-in types such as simple types, tuples,
records, and tags is open-coded by the Rust compiler.
@node Ref.Run.Comm
@subsection Ref.Run.Comm
@c * Ref.Run.Comm:: Runtime communication service.
@cindex Communication
@cindex Process
@cindex Thread
The runtime provides code to manage inter-task communication. This includes
the system of task-lifecycle state transitions depending on the contents of
queues, as well as code to copy values between queues and their recipients and
to serialize values for transmission over operating-system inter-process
communication facilities.
@node Ref.Run.Refl
@subsection Ref.Run.Refl
@c * Ref.Run.Refl:: Runtime reflection system.
@cindex Reflection
@cindex DWARF
The runtime reflection system is driven by the DWARF tables emitted into a
crate at compile-time. Reflecting on a slot or item allocates a Rust data
structure corresponding to the DWARF DIE for that slot or item.
@node Ref.Run.Log
@subsection Ref.Run.Log
@c * Ref.Run.Log:: Runtime logging system.
@cindex Logging
The runtime contains a system for directing logging expressions to a logging
console and/or internal logging buffers. @xref{Ref.Expr.Log}. Logging
expressions can be enabled or disabled via a two-dimensional filtering process:
@itemize
@sp 1
@item
By Item
Each @emph{item} (module, function, iterator, object, type) in Rust has a
static name-path within its crate module, and can have logging enabled or
disabled on a name-path-prefix basis.
@sp 1
@item
By Task
Each @emph{task} in a running Rust program has a unique ownership-path through
the task ownership tree, and can have logging enabled or disabled on an
ownership-path-prefix basis.
@end itemize
Logging is integrated into the language for efficiency reasons, as well as the
need to filter logs based on these two built-in dimensions.
@node Ref.Run.Sig
@subsection Ref.Run.Sig
@c * Ref.Run.Sig:: Runtime signal handler.
@cindex Signals
The runtime signal-handling system is driven by a signal-dispatch table and a
signal queue associated with each task. Sending a signal to a task inserts the
signal into the task's signal queue and marks the task as having a pending
signal. At the next scheduling opportunity, the runtime processes signals in
the task's queue using its dispatch table. The signal queue memory is charged
to the task's domain; if the queue grows too big, the task will fail.
@c ############################################################
@c end main body of nodes
@c ############################################################
@page
@node Index
@chapter Index
@printindex cp
@bye
@c Local Variables:
@c mode: texinfo
@c fill-column: 78;
@c indent-tabs-mode: nil
@c buffer-file-coding-system: utf-8-unix
@c compile-command: "make -C $RBUILD -k 2>&1 | sed -e 's/\\/x\\//x:\\//g'";
@c End: