This article is part of theTechXchange上生锈的编程。
尽管C和C ++仍然是嵌入式编程的骨干,但还有一些替代方案通常可以改善生产率,安全性和可靠性,同时提供低级控制和资源管理。较新的选择之一是Rust, 一个新兴编程语言designed to be a “safe, concurrent practical language.” It is designed to provide safe memory utilization without the need for transparent garbage collectors like those used with Java.
Rust includes features like pattern matching, trait-based generics, and zero cost abstractions, but its claim to fame centers around its guaranteed memory safety and threads without data races. Memory and multitasking tend to be areas that can cause problems with C and C++ applications due to their less restrictive compilers.
Rust was started byMozilla,为您带来Firefox Web浏览器的组织。Rust现在有自己的开源社区。您可以在Rust网站上下载编译器,文档和工具。社区非常活跃,但是商业编译器支持是Rust和C+C+C ++等既定语言之间存在巨大海湾的地方。
生锈的记忆通过langua安全支持ge semantics. For example, variables are immutable by default versus C and C++ (and most imperative programming languages) where variables are mutable by default. Variables can be explicitly defined as mutable.
Functional programming languages like Haskell also have immutable variables, although they include the ability to pass around variables that may get a value at a later time. One reason for having immutable variables is that it makes proving aspects of a program easier. It also improves readability of code, which can be important in code reviews as well as maintenance. Immutability also has implications in caching and parallel processing.
此外,Rust在C程序员的祸根的指针方面具有更严格的语义。Rust具有指针的所有者和借款人的概念。借用的指针可以作为论点传递,但由于生锈的终身生命,它们没有C POINTERS的任意交换性。Rust跟踪所引用的数据的寿命,并且不允许在引用项目的寿命到期的情况下使用借来的指针。例如,将不允许将指针返回函数的本地变量。这些错误在C应用中很常见,这些应用程序假设程序员知道他们在做什么。
The Rust compiler does a lot more checking than C or C++ because of Rust’s semantics, but it does not do the formal proof checking often required for safety critical applications. This type of checking is available in SPARK, a subset of Ada, and there are verification tools and methodologies that are used with C and C++ in safety and security critical environments, but these typically augment manual certification.
TheRustBelt projectis designed to provide formal proof checking for a subset of Rust.“RustBelt: Securing the Foundations of the Rust Programming Language,”a paper by Ralf Jun, Jacques-Henri Jourdan, Robbert Krebbers, and Derek Dreyer, presents an overview of Rust, as well as what formal proofs can be applied and how this is done. The proof checking has been applied to a number of Rust libraries and there is more work to be done. It is a good first step that will be needed when Rust is used in safety critical applications.
I did mention SPARK earlier, but it’s worth repeating here as SPARK already incorporates formal proof checking in commercially based compilers, as well as开源实现。SPARK is asubset of Ada 2012。Both incorporateAda contracts。Rust的语法与C和C ++更相似,但是Spark和Ada倾向于具有C和C ++的语义更加一致。
Rust有一个积极而强大的社区。它正在用于许多项目中,并且在自动驾驶汽车等领域的研究也利用了它。我不知道此时使用Rust的任何商业嵌入式应用程序。
C and C++ developers who are looking for comparable support should examine the numerous static analysis products available. This will not provide the same level of support that Rust or SPARK will, but they provide significantly more support than is built into any C or C++ compiler. They are very good alternatives to migrating to a new programming language.
Read more article in theTechXchange上生锈的编程。
