Fixing the Next 10,000 Aliasing Bugs

Invariants are essential to large scale programming, because it is impossible to hold the entire state of a system in your head at once. Invariants allow you to focus only on the parts of the code responsible for upholding that invariant, and to just assume it holds elsewhere, thus reducing the combinatorial explosion of the state space and allowing the development of software larger than trivial toy examples.

However, code inevitably needs to temporarily violate an invariant while performing updates. The problem comes when there are multiple references to the relevant data, and another reference observes this temporarily violated invariant.

This post does an excellent job of explaining why Rust’s borrow checker is useful for correctness, not just memory management. I spent a lot of time in Go trying to both re-use slices to reduce allocations and shooting my toes off by modifying slices to which I’d accidentally retained references.