Add a new syntax to declare that a trait must always be object-safe#3022
Add a new syntax to declare that a trait must always be object-safe#3022RDambrosio016 wants to merge 3 commits into
Conversation
|
Thanks for the RFC! I'm definitely in favour of making common patterns be "real" features where feasible -- rather than having people make unused functions and such. (Similar to how I like |
|
I will put my vote in for I will also put in a vote for |
|
After giving less than adequate thought: what about implicitly adding a Personally feel like dedicated syntax would be nice but not sure if |
|
IMO this is very easy to statically assert with just: const _: Option<&dyn MyTrait> = None;though perhaps a procedural attribute macro could make it even easier. However, it's worth noting that associated type bounds can be part of the trait object, such as modifying the above to be |
Yes, statically asserting that a trait is object safe is simple, however, it does not solve the issue of inaccurate error ranges. Moreover, the point of this rfc is to natively support such a pattern without "hacks" |
|
IMO we don't want Rust to be a language where you have to learn a set of tribal knowledge patterns to be effective. Go has a similar pattern to assert interface satisfaction: var _ MyInterface = &MyConcreteType{}It's unfortunate that if you haven't seen this pattern before, it would be quite challenging to arrive at it yourself. That's how I feel about |
Have you seen the |
Yes, but most people wont add a dependency for such a small thing, i dont think i have ever seen the crate be used for that over just making a private function with a dyn parameter |
I have. Thank you for sharing, though! A wonderful crate! :-) Further, this crate doesn't provide a static guarantee that the trait is object-safe. You have to execute the assertion statement -- a dynamic behavior -- to determine object-safety. The crate lets you make assertions about the static properties of types, but they're made at runtime. |
| trait MyTrait { /* */ } | ||
| ``` | ||
|
|
||
| similar to `#[non_exhaustive]`, this was ultimately ruled out in favor of dedicated syntax. |
There was a problem hiding this comment.
Why was this ruled out? #[non_exhaustive] is a valid attribute and the only way to make enums non-exhaustive currently. So to me it seems like non_exhaustive being an attribute would support #[object_safe] over dedicated syntax.
There was a problem hiding this comment.
Sorry, perhaps ruled out was not the right wording. I was referring to a conversation i had on discord, in particular with scottmcm and we decided that it should be dedicated syntax similiar to dyn Trait. I am open for using an attribute instead however, although it would need to have accurate ranges in errors, i am not sure if that is possible so perhaps you could clear that up for me? thanks
|
Quick bikeshed: a lot of people have expressed that the name "object-safe" is a little confusing. If we do go the attribute approach, it would be nice to brainstorm an official name for the concept. Personally, I'm in favor of "dyn-safe". |
|
Object safety is already used pervasively throughout the documentation, this RFC isn't the place to try and change that |
|
rust-lang/rust#87991 is a good example of the kind of accident that having a feature like this would help prevent. |
|
I think, if Rust adds a new syntax to indicate explicit dyn-safety, that should also be an opportunity to re-evalutate the object safety rules in a backward-compatible way. There are multiple other proposed language features that would benefit from something similar to object safety:
Both of these proposals (and probably many more, past, present, and future) rely on the concept of "a trait that is only useful when you have a value of a type that implements it." Current object safety is almost this, but there's a catch: anything marked Therefore, I propose that explicitly annotated
These rules would, I suspect, cover the vast majority of existing object-safe traits, while also making object safety a more general property that applies neatly to many other language features as well What does it mean to "take |
|
We have in fact renamed "object safety", now: rust-lang/lang-team#286 @RDambrosio016 Do you intend to revise this to be current and address the alternatives proposed? |
While this totally makes sense, I would like to add that static assertions are not tribal when the macro is explicitly named. In addition to static assertions, many macro crates also employ similar techniques for custom errors, such as |
|
Hi fellow lang folks, nominating because I was scanning through old RFCs and I think we might be able to express a disposition here. Without having thought through all the details, there's a "shiny future" here where when you write But also I know there are a bunch of thoughts around what dyn-compatiblity should mean and whether |
| [future-possibilities]: #future-possibilities | ||
|
|
||
| I cannot think of any at this moment. |
There was a problem hiding this comment.
(Replying here so it's in a thread)
@digama0 said:
I will put my vote in for
#[object_safe] traitoverdyn trait, at least with the current semantics. For medyn traitreads too much like a trait that can only be in a trait object (although that doesn't really make sense as a feature), and also the point brought up in the pre-RFC that this would tell users immediately if a trait is object safe or not, is false with the current design because the keyword is optional. I would prefer to reserve the keyword version for "mandatory for object safe traits" if and when we ever go that route. As it is currently, this is just one more thing for thestatic_assertionscrate.I will also put in a vote for
#[non_object_safe] traitto disabledyn Traitfor semver stability.
We currently have a (internal-only) attribute #[rustc_dyn_incompatible_trait] to opt out of dyn-compatibility. Currently, this is only applied to "magic" stdlib traits, but it could feasibly be extended to a full feature, so it could be added as a future possibility and/or an alternative.
This RFC proposes a minor addition to the trait declaration syntax as follows:
This syntax would enforce that the trait be object safe under all circumstances. This is done as a way to natively support a common design pattern for trait objects and make errors friendlier.
Pre-RFC discussion
Rendered