Skip to content

Commit

Permalink
Reorganize scoping rules sections
Browse files Browse the repository at this point in the history
  • Loading branch information
@tmandry
tmandry committed Jun 2, 2023
1 parent 2274ce3 commit e09e4a8
Showing 1 changed file with 103 additions and 107 deletions.
210 changes: 103 additions & 107 deletions text/0000-return-position-impl-trait-in-traits.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -179,20 +179,25 @@ impl NewIntoIterator for Vec<u32> {
}
```

## Generic parameter capture and GATs
## Scoping rules for generic parameters

Given a trait method with a return type like `-> impl A + ... + Z` and an implementation of that trait, the hidden type for that implementation is allowed to reference:
We say a generic parameter is "in scope" for an `impl Trait` type if the actual revealed type is allowed to name that parameter. The scoping rules for return position `impl Trait` in traits are the same as [those for return position `impl Trait` generally][scoping]: All type and const parameters are considered in-scope, while lifetime parameters are only considered in-scope if they are mentioned in the `impl Trait` type directly.

Formally, given a trait method with a return type like `-> impl A + ... + Z` and an implementation of that trait, the hidden type for that implementation is allowed to reference:

* Concrete types, constant expressions, and `'static`
* `Self`
* Generics on the impl
* Certain generics on the method
* Explicit type parameters
* Argument-position `impl Trait` types
* Explicit const parameters
* Lifetime parameters that appear anywhere in `A + ... + Z`, including elided lifetimes
* Any generic type and const parameters in scope, including:
* `Self`
* Type and const parameters on the impl
* Explicit type and const parameters on the method
* Implicit type parameters on the method (argument-position `impl Trait` types)
* Lifetime parameters that appear anywhere in the `impl A + ... + Z` type, including elided lifetimes

[scoping]: https://rust-lang.github.io/rfcs/1951-expand-impl-trait.html#scoping-for-type-and-lifetime-parameters

We say that a generic parameter is *captured* if it may appear in the hidden type. These rules are the same as those for `-> impl Trait` in inherent impls.
Lifetime parameters not in scope may still be indirectly named by one of the type parameters in scope.

_Note_: The term "captured" is sometimes used as an alternative to "in scope".

When desugaring, captured parameters from the method are reflected as generic parameters on the `$` associated type. Furthermore, the `$` associated type brings whatever where clauses are declared on the method into scope, excepting those which reference parameters that are not captured.

Expand Down Expand Up @@ -352,102 +357,6 @@ impl Trait for MyType {

Similarly, the equivalent `-> impl Future` signature in a trait can be satisfied by using `async fn` in an impl of that trait.

## Scoping rules for `impl Trait`

We say a generic parameter is "in scope" for an `impl Trait` type if the actual revealed type is allowed to name that parameter. The scoping rules for return position `impl Trait` in traits are the same as [those for return position `impl Trait` generally][scoping]. Specifically:

[scoping]: https://rust-lang.github.io/rfcs/1951-expand-impl-trait.html#scoping-for-type-and-lifetime-parameters

1. All types nameable at the site of the `impl Trait` are in scope, including argument-position `impl Trait` types.
2. All lifetime parameters directly named in the `impl Trait` type are in scope.

Lifetime parameters not in scope may still be indirectly named by one of the type parameters in scope.

_Note_: The term "captured" is sometimes used as an alternative to "in scope".

### Implication for `async fn` in trait

`async fn` behaves [slightly differently][ref-async-captures] than return-position `impl Trait` when it comes to scoping rules. It considers _all_ lifetime parameters in-scope for the returned future.

[ref-async-captures]: https://doc.rust-lang.org/reference/items/functions.html#async-functions

In the case of there being one lifetime in scope (usually for `self`), the desugaring we've shown above is exactly equivalent:

```rust
trait Trait {
async fn async_fn(&self);
}

impl Trait for MyType {
fn async_fn(&self) -> impl Future<Output = ()> + '_ { .. }
}
```

It's worth taking a moment to discuss _why_ this works. The `+ '_` syntax here does two things:

1. It brings the lifetime of the `self` borrow into scope for the return type.
2. It promises that the return type will outlive the borrow of `self`.

In reality, the second point is not part of the `async fn` desugaring, but it does not matter: We can already reason that because our return type has only one lifetime in scope, it must outlive that lifetime.[^OutlivesProjectionComponents]

[^OutlivesProjectionComponents]: After all, the return type cannot possibly reference any lifetimes *shorter* than the one lifetime it is allowed to reference. This behavior is specified as the rule `OutlivesProjectionComponents` in [RFC 1214](https://rust-lang.github.io/rfcs/1214-projections-lifetimes-and-wf.html#outlives-for-projections). Note that it only works when there are no type parameters in scope.

When there are multiple lifetimes however, writing an equivalent desugaring becomes awkward.

```rust
trait Trait {
async fn async_fn(&self, num: &u32);
}
```

We might be tempted to add another outlives bound:

```rust
impl Trait for MyType {
fn async_fn<'b>(&self, num: &'b u32) -> impl Future<Output = ()> + '_ + 'b { .. }
}
```

But this signature actually promises *more* than the original trait does, and would require `#[refine]`. The `async fn` desugaring allows the returned future to name both lifetimes, but does not promise that it *outlives* both lifetimes.[^intersection]

[^intersection]: Technically speaking, we can reason that the returned future outlives the *intersection* of all named lifetimes. In other words, when all lifetimes the future is allowed to name are valid, we can reason that the future must also be valid. But at the time of this RFC, Rust has no syntax for intersection lifetimes.

One way to get around this is to "collapse" the lifetimes together:

```rust
impl Trait for MyType {
fn async_fn<'a>(&'a self, num: &'a u32) -> impl Future<Output = ()> + 'a { .. }
}
```

In most cases[^lifetime-collapse] the type system actually recognizes these signatures as equivalent. This means it should be possible to write this trait with RPITIT now and move to async fn in the future. In the general case where these are not equivalent, it is possible to write an equivalent desugaring with a bit of a hack:

[^lifetime-collapse]: Both lifetimes must be [late-bound] and the type checker must be able to pick a lifetime that is the intersection of all input lifetimes, which is the case when either both are [covariant] or both are contravariant. The reason for this is described in more detail in [this comment](https://github.com/rust-lang/rust/issues/32330#issuecomment-202536977). In practice the equivalence can be checked [using the compiler](https://play.rust-lang.org/?version=nightly&mode=debug&edition=2021&gist=56faadfc236bb9acfb4af1b51a214a79). (Note that at the time of writing, a bug in the nightly compiler prevents it from accepting the example.)

[late-bound]: https://rust-lang.github.io/rfcs/0387-higher-ranked-trait-bounds.html#distinguishing-early-vs-late-bound-lifetimes-in-impls
[covariant]: https://doc.rust-lang.org/reference/subtyping.html#variance

```rust
trait Trait {
async fn async_fn(&self, num_ref: &mut &u32);
// ^^^^
// The lifetime of this inner reference is invariant!
}

impl Trait for MyType {
// Let's say we do not want to use `async fn` here.
// We cannot use the `+ 'a` syntax in this case,
// so we use `Captures` to bring the lifetimes in scope.
fn async_fn<'a, 'b>(&'a self, num_ref: &'a mut &'b u32)
-> impl Future<Output = ()> + Captures<(&'a (), &'b ())> { .. }
}

trait Captures<T> {}
impl<T, U> Captures<T> for U {}
```

The `Captures` trait doesn't promise anything at all; its sole purpose is to give you a place to name lifetime parameters you would like to be in scope for the return type. In the future we can provide a nicer syntax for dealing with these cases, or remove the difference in scoping rules altogether.

## Legal positions for `impl Trait` to appear

`impl Trait` can appear in the return type of a trait method in all the same positions as it can in a free function.
Expand Down Expand Up @@ -551,6 +460,93 @@ The `NewIntoIterator` trait used as an example in this RFC, however, doesn't sup

The [future possibilities](#future-possibilities) section discusses a planned extension to support naming the type returned by an impl trait, which could work to overcome this limitation for clients.

## Difference in scoping rules from `async fn`

`async fn` behaves [slightly differently][ref-async-captures] than return-position `impl Trait` when it comes to the scoping rules defined above. It considers _all_ lifetime parameters in-scope for the returned future.

[ref-async-captures]: https://doc.rust-lang.org/reference/items/functions.html#async-functions

In the case of there being one lifetime in scope (usually for `self`), the desugaring we've shown above is exactly equivalent:

```rust
trait Trait {
async fn async_fn(&self);
}

impl Trait for MyType {
fn async_fn(&self) -> impl Future<Output = ()> + '_ { .. }
}
```

It's worth taking a moment to discuss _why_ this works. The `+ '_` syntax here does two things:

1. It brings the lifetime of the `self` borrow into scope for the return type.
2. It promises that the return type will outlive the borrow of `self`.

In reality, the second point is not part of the `async fn` desugaring, but it does not matter: We can already reason that because our return type has only one lifetime in scope, it must outlive that lifetime.[^OutlivesProjectionComponents]

[^OutlivesProjectionComponents]: After all, the return type cannot possibly reference any lifetimes *shorter* than the one lifetime it is allowed to reference. This behavior is specified as the rule `OutlivesProjectionComponents` in [RFC 1214](https://rust-lang.github.io/rfcs/1214-projections-lifetimes-and-wf.html#outlives-for-projections). Note that it only works when there are no type parameters in scope.

When there are multiple lifetimes however, writing an equivalent desugaring becomes awkward.

```rust
trait Trait {
async fn async_fn(&self, num: &u32);
}
```

We might be tempted to add another outlives bound:

```rust
impl Trait for MyType {
fn async_fn<'b>(&self, num: &'b u32) -> impl Future<Output = ()> + '_ + 'b { .. }
}
```

But this signature actually promises *more* than the original trait does, and would require `#[refine]`. The `async fn` desugaring allows the returned future to name both lifetimes, but does not promise that it *outlives* both lifetimes.[^intersection]

[^intersection]: Technically speaking, we can reason that the returned future outlives the *intersection* of all named lifetimes. In other words, when all lifetimes the future is allowed to name are valid, we can reason that the future must also be valid. But at the time of this RFC, Rust has no syntax for intersection lifetimes.

One way to get around this is to "collapse" the lifetimes together:

```rust
impl Trait for MyType {
fn async_fn<'a>(&'a self, num: &'a u32) -> impl Future<Output = ()> + 'a { .. }
}
```

In most cases[^lifetime-collapse] the type system actually recognizes these signatures as equivalent. This means it should be possible to write this trait with RPITIT now and move to async fn in the future. In the general case where these are not equivalent, it is possible to write an equivalent desugaring with a bit of a hack:

[^lifetime-collapse]: Both lifetimes must be [late-bound] and the type checker must be able to pick a lifetime that is the intersection of all input lifetimes, which is the case when either both are [covariant] or both are contravariant. The reason for this is described in more detail in [this comment](https://github.com/rust-lang/rust/issues/32330#issuecomment-202536977). In practice the equivalence can be checked [using the compiler](https://play.rust-lang.org/?version=nightly&mode=debug&edition=2021&gist=56faadfc236bb9acfb4af1b51a214a79). (Note that at the time of writing, a bug in the nightly compiler prevents it from accepting the example.)

[late-bound]: https://rust-lang.github.io/rfcs/0387-higher-ranked-trait-bounds.html#distinguishing-early-vs-late-bound-lifetimes-in-impls
[covariant]: https://doc.rust-lang.org/reference/subtyping.html#variance

```rust
trait Trait {
async fn async_fn(&self, num_ref: &mut &u32);
// ^^^^
// The lifetime of this inner reference is invariant!
}

impl Trait for MyType {
// Let's say we do not want to use `async fn` here.
// We cannot use the `+ 'a` syntax in this case,
// so we use `Captures` to bring the lifetimes in scope.
fn async_fn<'a, 'b>(&'a self, num_ref: &'a mut &'b u32)
-> impl Future<Output = ()> + Captures<(&'a (), &'b ())> { .. }
}

trait Captures<T> {}
impl<T, U> Captures<T> for U {}
```

Note that the `Captures` trait doesn't promise anything at all; its sole purpose is to give you a place to name lifetime parameters you would like to be in scope for the return type.

This difference is pre-existing, but it's worth highlighting in this RFC the implications for the adoption of this feature. If we stabilize this feature first, people will use it to emulate `async fn` in traits. Care will be needed not to create forward-compatibility hazards for traits that want to migrate to `async fn` later. The best strategy for someone in that situation might be to simulate such a migration with the nightly compiler.

We leave open the question of whether to stabilize these two features together. In the future we can provide a nicer syntax for dealing with these cases, or remove the difference in scoping rules altogether.

# Rationale and alternatives
[rationale-and-alternatives]: #rationale-and-alternatives

Expand Down Expand Up @@ -650,7 +646,7 @@ There are a number of crates that do desugaring like this manually or with proce
# Unresolved questions
[unresolved-questions]: #unresolved-questions

- None.
- Should we stabilize this feature together with `async fn` to mitigate hazards of writing a trait that is not forwards-compatible with its desugaring? (See [drawbacks].)

# Future possibilities
[future-possibilities]: #future-possibilities
Expand Down

0 comments on commit e09e4a8

Please sign in to comment.