I want to implement Into trait for my struct.
'static is hinted by the compiler, I do not know why I have to add that.
I hope:
invoking into() consumes the RequestBody object. (which already did)
the references to str inside returned HashMap live until the end of scope where into() is invoked.
Below is the error message and code, how can I make it compile as I wish?
error: lifetime may not live long enough
--> src/portal_request.rs:35:9
|
26 | fn into(self) -> HashMap<&'static str, &'static str> {
| ---- has type `RequestBody<'1>`
...
35 | list.into_iter().collect()
| ^^^^^^^^^^^^^^^^^^^^^^^^^^ returning this value requires that `'1` must outlive `'static`
pub enum BodyEntry<'a> {
MenuId(&'a str),
//...
}
pub struct RequestBody<'a> {
pub entries: Vec<BodyEntry<'a>>,
}
use BodyEntry::*;
impl Into<HashMap<&str, &str>> for RequestBody<'_> {
fn into(self) -> HashMap<&'static str, &'static str> {
let mut list = Vec::new();
for entry in self.entries {
let entry_literal = match entry {
MenuId(val) => ("_menuId", val),
//...
_ => ("else", "else"),
};
list.push(entry_literal);
}
list.into_iter().collect()
}
}
You need to declare the lifetimes like so:
impl<'a> Into<HashMap<&'static str, &'a str>> for RequestBody<'a> {
fn into(self) -> HashMap<&'static str, &'a str> {
Or better:
impl<'keys, 'a> Into<HashMap<&'keys str, &'a str>> for RequestBody<'a> {
fn into(self) -> HashMap<&'keys str, &'a str> {
You can't. You can't create new 'static string at runtime. Your keys are fine, because they're all determined at compile-time (at least in this minimal example; if your real example needs dynamically-generated ones then the same caveat applies). But you want to consume the BodyEntry and create a HashMap which owns the strings as values. An owned string is not a &str. An owned string is a String.
Consider having your Into implementation return HashMap<&str, String> (again, you might have to change the key type to String as well, if your real use case demands it). Then, inside your match, consider
let entry_literal = match entry {
MenuId(val) => ("_menuId", String::from(val)),
//...
_ => ("else", String::from("else")),
};
String::from copies the underlying &str string slice into a new owned String.
I want to write a program that will write a file in 2 steps.
It is likely that the file may not exist before the program is run. The filename is fixed.
The problem is that OpenOptions.new().write() can fail. In that case, I want to call a custom function trycreate(). The idea is to create the file instead of opening it and return a handle. Since the filename is fixed, trycreate() has no arguments and I cannot set a lifetime of the returned value.
How can I resolve this problem?
use std::io::Write;
use std::fs::OpenOptions;
use std::path::Path;
fn trycreate() -> &OpenOptions {
let f = OpenOptions::new().write(true).open("foo.txt");
let mut f = match f {
Ok(file) => file,
Err(_) => panic!("ERR"),
};
f
}
fn main() {
{
let f = OpenOptions::new().write(true).open(b"foo.txt");
let mut f = match f {
Ok(file) => file,
Err(_) => trycreate("foo.txt"),
};
let buf = b"test1\n";
let _ret = f.write(buf).unwrap();
}
println!("50%");
{
let f = OpenOptions::new().append(true).open("foo.txt");
let mut f = match f {
Ok(file) => file,
Err(_) => panic!("append"),
};
let buf = b"test2\n";
let _ret = f.write(buf).unwrap();
}
println!("Ok");
}
The question you asked
TL;DR: No, you cannot return a reference to a variable that is owned by a function. This applies if you created the variable or if you took ownership of the variable as a function argument.
Solutions
Instead of trying to return a reference, return an owned object. String instead of &str, Vec<T> instead of &[T], T instead of &T, etc.
If you took ownership of the variable via an argument, try taking a (mutable) reference instead and then returning a reference of the same lifetime.
In rare cases, you can use unsafe code to return the owned value and a reference to it. This has a number of delicate requirements you must uphold to ensure you don't cause undefined behavior or memory unsafety.
See also:
Proper way to return a new string in Rust
Return local String as a slice (&str)
Why can't I store a value and a reference to that value in the same struct?
Deeper answer
fjh is absolutely correct, but I want to comment a bit more deeply and touch on some of the other errors with your code.
Let's start with a smaller example of returning a reference and look at the errors:
fn try_create<'a>() -> &'a String {
&String::new()
}
Rust 2015
error[E0597]: borrowed value does not live long enough
--> src/lib.rs:2:6
|
2 | &String::new()
| ^^^^^^^^^^^^^ temporary value does not live long enough
3 | }
| - temporary value only lives until here
|
note: borrowed value must be valid for the lifetime 'a as defined on the function body at 1:15...
--> src/lib.rs:1:15
|
1 | fn try_create<'a>() -> &'a String {
| ^^
Rust 2018
error[E0515]: cannot return reference to temporary value
--> src/lib.rs:2:5
|
2 | &String::new()
| ^-------------
| ||
| |temporary value created here
| returns a reference to data owned by the current function
Is there any way to return a reference from a function without arguments?
Technically "yes", but for what you want, "no".
A reference points to an existing piece of memory. In a function with no arguments, the only things that could be referenced are global constants (which have the lifetime &'static) and local variables. I'll ignore globals for now.
In a language like C or C++, you could actually take a reference to a local variable and return it. However, as soon as the function returns, there's no guarantee that the memory that you are referencing continues to be what you thought it was. It might stay what you expect for a while, but eventually the memory will get reused for something else. As soon as your code looks at the memory and tries to interpret a username as the amount of money left in the user's bank account, problems will arise!
This is what Rust's lifetimes prevent - you aren't allowed to use a reference beyond how long the referred-to value is valid at its current memory location.
See also:
Is it possible to return either a borrowed or owned type in Rust?
Why can I return a reference to a local literal but not a variable?
Your actual problem
Look at the documentation for OpenOptions::open:
fn open<P: AsRef<Path>>(&self, path: P) -> Result<File>
It returns a Result<File>, so I don't know how you'd expect to return an OpenOptions or a reference to one. Your function would work if you rewrote it as:
fn trycreate() -> File {
OpenOptions::new()
.write(true)
.open("foo.txt")
.expect("Couldn't open")
}
This uses Result::expect to panic with a useful error message. Of course, panicking in the guts of your program isn't super useful, so it's recommended to propagate your errors back out:
fn trycreate() -> io::Result<File> {
OpenOptions::new().write(true).open("foo.txt")
}
Option and Result have lots of nice methods to deal with chained error logic. Here, you can use or_else:
let f = OpenOptions::new().write(true).open("foo.txt");
let mut f = f.or_else(|_| trycreate()).expect("failed at creating");
I'd also return the Result from main. All together, including fjh's suggestions:
use std::{
fs::OpenOptions,
io::{self, Write},
};
fn main() -> io::Result<()> {
let mut f = OpenOptions::new()
.create(true)
.write(true)
.append(true)
.open("foo.txt")?;
f.write_all(b"test1\n")?;
f.write_all(b"test2\n")?;
Ok(())
}
Is there any way to return a reference from a function without arguments?
No (except references to static values, but those aren't helpful here).
However, you might want to look at OpenOptions::create. If you change your first line in main to
let f = OpenOptions::new().write(true).create(true).open(b"foo.txt");
the file will be created if it does not yet exist, which should solve your original problem.
You can not return a reference pointing to a local variable. You have two alternatives, either return the value or use a static variable.
Here is why:
References are pointers to memory locations. Once functions are executed, local variables are popped off the execution stack and resources are de-allocated. After that point, any reference to a local variable will be pointing to some useless data. Since it is de-allocated, it is not in our program's possession any more and OS may have already given it to another process and our data may have been overwritten.
For the following example, x is created when the function runs and dropped off when the function completes executing. It is local to the function and lives on this particular function's stack. Function's stack holds local variables.
When run is pop off the execution stack, any reference to x, &x, will be pointing to some garbage data. That is what people call a dangling pointer. The Rust compiler does not allow to use dangling pointers since it is not safe.
fn run() -> &u32 {
let x: u32 = 42;
return &x;
} // x is dropped here
fn main() {
let x = run();
}
So, that is why we can not return a reference to a local variable. We have two options: either return the value or use a static variable.
Returning the value is the best option here. By returning the value, you will be passing the result of your calculation to the caller, in Rust's terms x will be owned by the caller. In our case it is main. So, no problem there.
Since a static variable lives as long as the process runs, its references will be pointing to the same memory location both inside and outside the function. No problem there either.
Note: #navigaid advises using a box, but it does not make sense because you are moving readily available data to heap by boxing it and then returning it. It does not solve the problem, you are still returning the local variable to the caller but using a pointer when accessing it. It adds an unnecessary indirection due to de-referencing hence incurring additional cost. Basically you will be using & for the sake of using it, nothing more.
This is an elaboration on snnsnn's answer, which briefly explained the problem without being too specific.
Rust doesn't allow return a reference to a variable created in a function. Is there a workaround? Yes, simply put that variable in a Box then return it. Example:
fn run() -> Box<u32> {
let x: u32 = 42;
return Box::new(x);
}
fn main() {
println!("{}", run());
}
code in rust playground
As a rule of thumb, to avoid similar problems in Rust, return an owned object (Box, Vec, String, ...) instead of reference to a variable:
Box<T> instead of &T
Vec<T> instead of &[T]
String instead of &str
For other types, refer to The Periodic Table of Rust Types to figure out which owned object to use.
Of course, in this example you can simply return the value (T instead of &T or Box<T>)
fn run() -> u32 {
let x: u32 = 42;
return x;
}
Yes! But you have to find a way to extend the lifetime. One way to do that is to provide mutable reference to a dummy/default value (&mut T) to the function and then fill/replace the value in the function and then return a reference to that value (&T). This way you can specify the lifetime so that the returned reference get the lifetime of a value outside the function.
Examples:
//&mut T -> &T
fn example2<'a>(life: &'a mut Vec<i32>) -> &'a Vec<i32> {
*life = vec![1, 2, 3, 4];
life
}
fn test_example2() {
//Could also use Vec::new()
let mut life = Vec::default();
let res = example2(&mut life);
println!("{:?}", res)
}
fn test2_example2() {
let life = &mut Vec::default();
let res = example2(life);
println!("{:?}", res)
}
//shows real use case
fn get_check_test_slices2<'a>(
lifetime: &'a mut Vec<usize>,
limit: usize,
) -> impl Iterator<Item = (&'a [usize], &'a [usize])> + 'a {
// create a list of primes using a simple primes sieve
*lifetime = primes1_iter_bitvec(limit).collect::<Vec<_>>();
// iterate through pairs of sub slices without copying the primes vec
// slices will be used to check that a complicated sieve is correct
all_test_check_slices(lifetime)
}
Edit:
How is that different from just giving &mut T to the function? (asked by Chayim Friedman (see old solution below)):
It's basically the same... I lost against the borrow checker previously, and that is why I didn't just use &mut T. But after renewed battles I have finally managed to just use &mut T. Thank you for the insightful question.
Old solution:
My solution works by creating a default value before calling the function, which the function later replaces/fills and returns a reference to.
/// Used to return references to values created in a function.
/// fn example<'a>(lt:& 'a mut LifeExtender<Vec<i32>>) -> &'a Vec<i32> {
/// lt.set(vec![1,2,3,4]);
/// lt.get()
/// }
pub struct LifeExtender<T> {
value: T,
}
impl<T> Default for LifeExtender<T>
where
T: Default,
{
/// using T default.
fn default() -> Self {
Self {
value: T::default(),
}
}
}
impl<T> LifeExtender<T> {
/// If T doesn't have default.
pub fn new(value: T) -> Self {
Self { value }
}
/// set value to be returned by reference
pub fn set(&mut self, new_value: T) {
self.value = new_value;
}
/// Get a reference with lifetime self.
pub fn get<'a>(&'a self) -> &'a T {
&self.value
}
/// Get a mut reference with lifetime self.
pub fn get_mut<'a>(&'a mut self) -> &'a mut T {
&mut self.value
}
}
fn example<'a>(life: &'a mut LifeExtender<Vec<i32>>) -> &'a Vec<i32> {
let local_value = vec![1, 2, 3, 4];
life.set(local_value);
life.get()
}
//prints: [1,2,3,4]
pub fn test_example() {
let mut life = LifeExtender::default();
let res = example(&mut life);
println!("{:?}", res);
}
//Real example code snippet, where I used this solution:
fn get_check_slices2<'a>(
lifetime: &'a mut LifeExtender<Vec<usize>>,
limit: usize,
) -> impl Iterator<Item = (&'a [usize], &'a [usize])> + 'a {
lifetime.set(primes1_iter_bitvec(limit).collect::<Vec<_>>());
all_test_check_slices(lifetime.get())
}
I have a situation where I have to move a struct from one object to another through a &mut self. Take a look:
pub struct MyStruct {
//no copy trait
device: Device
}
impl MyStruct {
pub fn finalize(&mut self) {
//error: cannot move since I borrowed
let interface = InterfaceBuilder::new(self.device)
}
}
First of all, why I cannot move something out of a borrowed mutable reference? Borrowed mutables are exclusive, there's no chance another code is looking into it.
Well, to address this problem I changed to
pub struct MyStruct {
//no copy trait
device: RefCell<Device>
}
impl MyStruct {
pub fn finalize(&mut self) {
//error on `self.device`: cannot move out of `self.device` which is behind a mutable reference
let interface = InterfaceBuilder::new(self.device.into_inner())
}
}
I know why the error occurs:
pub fn into_inner(self) -> T
calling into_inner makes self.device move. Why RefCell simply does not have an implementation pub fn into_inner(&mut self) -> T? I don't see a problem.
You cannot move out of a mutable reference because that would leave the original object incomplete.
Consider this code:
struct MyStruct {
s: String
}
fn finalize(f: &mut MyStruct) {
let _x = f.s; //error E0507!
}
fn main() {
let mut my = MyStruct {
s: "hi".into()
};
finalize(&mut my);
println!("{}", my.s); //what should this do?
}
Then, RefCell::into_inner(&mut self) -> T has the same problem. You could call it twice in a row and you would get two T values where before there was only one. And that, for a non Copy type is impossible.
If you want this function to consume the inner value, probably it should consume the outer value too:
fn finalize(f: MyStruct) {
let _x = f.s;
}
If you really want to move a value out of a mutable reference, you must leave something valid in its place. The easiest way is to declare an Option and use take() to steal and replace it with a None:
struct MyStruct {
s: Option<String>
}
fn finalize(f: &mut MyStruct) {
let _x = f.s.take();
}
Naturally, Option::take returns an Option so that if you call it twice, the second time you get None. If you are positive you have a value you can do take().uwnrap().
Alternatively, if your field type is Default you can use std::mem::take that replaces it with a default-created value:
struct MyStruct {
s: Vec<i32>
}
fn finalize(f: &mut MyStruct) {
let _x = std::mem::take(&mut f.s);
}
PS #1: there is Cell::take(&self) -> T, but only if T implements Default. It works just like std::mem::take but with a non-mutable reference.
PS #2: there is also unsafe fn ManuallyDrop::take(slot: &mut ManuallyDrop<T>) -> T, that is intented to be used in advanced drop implementations. But it is unsafe so it should never be your first option: if you call it twice you will get undefined behavior.
I've been thinking about why interior mutability in Rust in most cases requires runtime checks (e.g. RefCell). It looks like I've found a safe alternative without a runtime cost. I've called the type SafeCell (mainly because it is a safe wrapper around UnsafeCell), and it allows you to apply any function to the wrapped value without the risk of having the reference escape:
struct SafeCell<T> {
inner: UnsafeCell<T>,
}
impl<T> SafeCell<T> {
pub fn new(value: T) -> Self {
Self {
inner: UnsafeCell::new(value),
}
}
pub fn apply<R, F>(&self, fun: F) -> R
where
F: FnOnce(&mut T) -> R,
{
// Reference below has a lifetime of the current scope, so if
// user tries to save it somewhere, borrow checker will catch this.
let reference: &mut T = unsafe { &mut *self.inner.get() };
fun(reference)
}
}
This type can be used for interior mutability like this:
pub struct MySet {
set: HashSet<i32>,
unique_lookups: SafeCell<HashSet<i32>>,
}
impl MySet {
pub fn contains(&self, value: i32) -> bool {
self.unique_lookups.apply(|lookups| lookups.insert(value));
self.set.contains(value)
}
pub fn unique_lookups_count(&self) -> usize {
self.unique_lookups.apply(|lookups| lookups.len())
}
}
Or in conjunction with Rc:
fn foo(rc: Rc<SafeCell<String>>) {
rc.apply(|string| {
if string.starts_with("hello") {
string.push_str(", world!")
}
println!("{}", string);
});
}
Playground
Are there any safety/soundness issues with this type?
If not, why is a type like this not a standard way of achieving interior mutability? It looks like it is as usable as RefCell while providing static lifetime checks as opposed to runtime checks.
There is nothing in your API stopping a user from calling apply again in the closure provided to apply. This allows there to be multiple simultaneous mutable references to the same data, which is undefined behavior.
let x = SafeCell::new(0);
x.apply(|y| {
x.apply(|z| {
// `y` and `z` are now both mutable references to the same data
// UB!
*y = 1;
*z = 2;
})
});
x.apply(|y| println!("x: {}", y));
(playground)
Miri correctly calls this out when it sees the second mutable reference being made.
error: Undefined Behavior: not granting access to tag <untagged> because incompatible item is protected: [Unique for <1651> (call 1230)]
--> src/main.rs:20:42
|
20 | let reference: &mut T = unsafe { &mut *self.inner.get() };
| ^^^^^^^^^^^^^^^^^^^^^^ not granting access to tag <untagged> because incompatible item is protected: [Unique for <1651> (call 1230)]
|
I am trying to have a value in a trait that can be mutated by means of a reference. The problem is that the String values are very large and may be accessed by many threads, so my solution looks something like this:
trait MyTrait {
fn name<'a>(&'a mut self) -> &'a mut String;
}
struct SimpleImpl {
name: String
}
impl MyTrait for SimpleImpl {
fn name<'a>(&'a mut self) -> &'a mut String {
&mut self.name
}
}
use std::sync::{Arc,RwLock};
struct ParallelImpl {
name: Arc<RwLock<String>>
}
impl MyTrait for ParallelImpl {
fn name<'a>(&'a mut self) -> &'a mut String {
self.name.get_mut().unwrap()
}
}
fn main() {
let mut a = SimpleImpl { name: String::from("simple") };
let mut b = ParallelImpl { name: Arc::new(RwLock::new(String::from("parallel"))) };
a.name().as_mut_str();
b.name().as_mut_str();
}
This fails to compile with
main2.rs:23:9: 23:18 error: cannot borrow immutable borrowed content as mutable
main2.rs:23 self.name.get_mut().unwrap()
Why can't I call get_mut() to unwrap both the Arc and the RwLock?
Have a better look at the interface of RwLock.
get_mut returns a LockResult<&mut T> which is a guard object. The destruction of this guard automatically unlocks the lock.
In order for things to be safe, the &mut T that you get by calling unwrap() on the guard is borrowing from the guard, that is, the lifetime of the result of unwrap() is limited by that of the guard (since after the guard is destroyed, the lock is unlocked).
And here, you are creating a temporary guard and throwing it away immediately, so the lifetime of the reference cannot exceed that of the function...
Congratz to Rust! Yet another data race prevented at compile-time :)