Rust Memory Management: Ownership vs. Reference Counting(slicker.me)
39 points by vinhnx 2 days ago | 4 comments
baranul 2 hours ago
Rust is becoming less special in this area. Languages such as Dlang, Vlang, and Julia have added optional ownership and borrowing. As these offerings are optional, many can see this as greater programmer freedom to decide what to use for their projects, with languages that are easier to use or read.
kibwen 22 minutes ago
It's not a question of support, it's a question of defaults. Rust code exercises a single-ownership discipline by default, and you must opt-in to dynamic multi-ownership (via refcounting or otherwise). In languages that have pervasive dynamic multi-ownership by default (via GC, etc.), enforced single-ownership is instead opt-in, which means that you cannot expect code in the wild to use it. In Rust, you can expect code in the wild to exhibit a single-ownership discipline; that's just the prevailing style for Rust code, as encouraged by the design of the language itself.

In fact, we can see this "defaults matter" problem in Rust as well. Note that Rust by-default assumes that code is running in a context where a dynamic allocator is available, but allows one to opt-out of this ("no_std" mode). Code written for embedded devices or baremetal contexts uniformly opt into this mode, but because it's not the default, you can't just pull any old library off the shelf and expect it to work for you, so the ecosystem is much smaller and less mature. Defaults matter.

baranul 14 minutes ago
True, defaults matter. In many cases, however, using a language that defaults to a GC for memory safety is often preferable or easier.

The argument is often about when ownership and borrowing is truly necessary. Rust has its uses, but arguably not all the time and with everything, because of its defaults.

embedding-shape 2 hours ago
> Rust is becoming less special in this area. Languages such as Dlang, Vlang, and Julia have added optional ownership and borrowing

Isn't the crux that Rust does those things without a garbage collector, that's the novel part? Someone correct me if I'm wrong (likely), but I think all those languages have garbage collectors, which Rust doesn't.

baranul 1 hour ago
> without a garbage collector, that's the novel part?

That's not quite how it works in various languages. You appear to be thinking of the garbage collector as something inseparable from the language.

Both Dlang and Vlang have optional garbage collectors, that can be turned off. In the case of Vlang, none of its libraries depend on the garbage collector. Vlang offers optional (flexible) memory management, somewhat similar to Nim (but they presently don't have optional ownership).

In the case of Julia and Vlang, their optional ownership is new and experimental. Dlang's optional ownership has been around for some years now, showing that it could be done.

Dlang and Vlang allow you to choose the type of memory management (along with some other languages) that you would like to use. Vlang does it by command line flags. You can turn off garbage collection and turn on ownership.

treyd 31 minutes ago
> Both Dlang and Vlang have optional garbage collectors, that can be turned off.

Until you need a library that was written with the assumption of using a garbage collector.

baranul 24 minutes ago
My previous post explained how this is not the case for Vlang. None of Vlang's libraries depend on using a garbage collector.
digikata 1 hour ago
Yes, it's a critical distinction that's important in many systems domains, but getting some form of ownership policy and method - even if implemented with a GC I think is a step forward in terms of building reliable code.

The thing about it being optional in some languages is that it's an experiment, but one that as a feature it really pays off the more code in the ecosystem is compliant to ownership tracking. For rust, it's the vast majority of it (with opt out explicitly findable..) For languages offering it optionally, it's harder to assemble the full benefit.

bcjdjsndon 2 hours ago
I guarantee they'll be complaining about unsafe rust in 10-15 years, mark my words. Just like they said exceptions "force" a programmer to deal with all error cases (newsflash, they still ignore it), rust will not eliminate memory errors.
vlovich123 15 minutes ago
I’ve marked your words, but I think you have to eat them.

Studies by Microsoft and Google have already been done on this and Rust provides real tangible benefits. No one has ever claimed Rust eliminates all memory errors (if that’s the bar you’re setting), but it makes them vanishingly unlikely, even when you include the prescience of unsafe, thus “eliminating” memory errors (most, not all):

> Memory safety issues, which accounted for 76% of Android vulnerabilities in 2019, and are currently 24% in 2024, well below the 70% industry norm, and continuing to drop.

The old adage is important: do not left perfect be the enemy of good.

https://security.googleblog.com/2024/09/eliminating-memory-s...

bcjdjsndon 5 minutes ago
> No one has ever claimed Rust eliminates all memory errors

The stock instinctual reply from a rustacean... Go and take the logic from the borrow checker and code in C, best of both worlds, or has your frontal lobe atrophied to the point where you can't think that deeply?

kibwen 27 minutes ago
The point of Rust, without counting `unsafe`, is to eliminate memory errors at compile-time. But the point of Rust, when including `unsafe`, is not to entirely eliminate memory errors at compile-time, but to make it feasible to cordon off the unsafe parts into realistically-auditable sections with documented safety invariants. At this it has been dramatically successful, almost beyond anyone's wildest hopes. I have worked on embedded, bare-metal Rust codebases (i.e. the codebases you would most expect to have to do grotty memory faffing) with fewer than 5% of files containing `unsafe` blocks, whereas high-level unsafe code usually has no `unsafe` blocks whatsoever. It's an incredible force multiplier for writing correct low-level code.
bcjdjsndon 18 minutes ago
> without counting `unsafe`,

Well, if you exclude all the bad code people have wrote, c is a safe language... See the point I'm making here?

If coders couldn't be trusted multiple times in the past, and we had to invent language level features to correct them, but they still continued to make either the same, or a new, mistakes.... Why is rust any different?

I guarantee you we will be complaining about unsafe rust in the future because rust doesnt really bring anything new to the table other than trivial cases that were easy to code in the first place. Rust brings you nothing a c coder couldn't already do in c.... They haven't solved the enduring problems of computer science, they have simply kicked the can down the road

zigzag312 19 minutes ago
Handling of exceptions is not enforced at compile time, while ownership is.

Better example might be statically typed languages. They were harder to use at first, but now with good type inference and features like generics, they are much more ergonomic than at first. The accessibility gap between static and dynamic languages has narrowed with time and maybe we can expect that user-friendliness of ownership will also improve like that.

b40d-48b2-979e 1 hour ago
Rust already has.
smallstepforman 1 hour ago
This is all well and dandy for some usage scenarios but breaks in others, eg. scene graphs and GUI's.

A scene graph needs 2 mutable references, and has nothing to do with ownership. Same issue exists with GUI's. The pattern that Rust forces is to always request a reference, which incurs a performance penalty while retrieving the same reference again and again and again.

TonyStr 1 hour ago
I am not familiar with scene graphs, but what is the problem with borrowing or refcounting? This article showed how you can have multiple mutable references in Rust, even multiple mutable references running in parallel threads.
ellie_kim98 2 days ago
Solid intro. One pattern worth adding: when you're reaching for Rc<RefCell<T>> for graph-like or self-referential data, an index-based arena (Vec<Node> with usize "pointers") is often a third path that keeps you in plain-ownership land — at the cost of pointer identity and some bookkeeping. petgraph, slotmap, and most ECS libraries formalize this. Doesn't replace Arc for genuinely cross-thread shared lifetimes, but it eliminates a lot of cases where people first reach for it.
jonathanstrange 3 hours ago
[flagged]
conradludgate 2 hours ago
I miss the clear distinction between exclusive access and shared access when I work in GC languages. Knowing clearly when you are allowed/expected to modify a value, and when you are expected to only read the value ends up being very useful and it has poisoned my brain when working in Python/JS/Go where some values are internally pointers and there's no standard to learn once for when a mutation is safe or if you should always make a copy
quietbritishjim 2 hours ago
One way to deal with this in GC languages is to have a separate read-only view on a mutable object. The example that comes to mind, though it's a bit more complex than a view on a simple data structure is CancellationToken (read only) vs CancellationTokenSource (writable in the sense of having "cancel()" method) in C#. I'm not saying it's better than proper mutability support but it does work well enough sometimes.
zigzag312 3 hours ago
Reference counting is a form of garbage collection.
sieabahlpark 2 hours ago
[dead]