04-05-2025

Lifetimes in Rust

Lifetimes in Rust: A Comprehensive Guide

Rust's borrow checker and lifetime system ensure memory safety without a garbage collector. In this deep-dive we'll cover:

  • What lifetimes are
  • The 'static lifetime
  • Annotating function signatures
  • Structs with lifetime parameters
  • Common pitfalls and best practices

What Is a Lifetime?

A lifetime is the scope for which a reference is valid. When you write &T or &mut T, Rust must ensure the data behind that reference remains valid as long as you use it. Lifetimes are Rust's way to encode these scopes in the type system.

A lifetime is a construct the compiler's borrow checker uses to ensure all borrows are valid. These named regions of code correspond to paths of execution in your program where references must remain valid.

Let's see a basic example of why lifetimes matter:

fn main() {
    let r;
    {
        let x = 5;
        r = &x; // r borrows x
    } // x goes out of scope here
 
    // Error: `x` does not live long enough
    println!("r: {}", r);
}

In this example, the reference r would be dangling after the inner scope ends because x no longer exists. Rust's lifetime system prevents this error at compile time.

Most of the time, lifetimes are implicit and inferred by the compiler, just like types. You only need to explicitly annotate lifetimes when there are multiple possible ways references could relate to each other.

The 'static Lifetime

The 'static lifetime is special in Rust. As a reference lifetime, it indicates that the data pointed to by the reference lives for the entire duration of the running program.

There are two common ways to create values with 'static lifetime:

  1. Using the static declaration:
static NUM: i32 = 18;
let static_ref: &'static i32 = #
  1. Using string literals, which have type &'static str:
let literal: &'static str = "Hello, world!";

However, a common misconception is that if T: 'static, then T must be valid for the entire program. In reality, T: 'static means either:

  1. T contains no references (other than 'static ones), or
  2. T contains only 'static references

This means that owned types like String and Vec<i32> are 'static even if they're dropped early in the program:

fn main() {
    // This String is 'static (no non-static references)
    // even though it doesn't live for the whole program
    let owned_string: String = String::from("Hello");
 
    // This would work fine
    takes_static_type(owned_string);
}
 
fn takes_static_type<T: 'static>(t: T) {
    // Function body
}

A 'static reference can also be coerced to a shorter lifetime when needed:

static NUM: i32 = 18;
 
fn coerce_static<'a>(_: &'a i32) -> &'a i32 {
    &NUM // 'static lifetime is coerced to 'a
}

Annotating Function Signatures

When functions accept or return references, Rust often needs explicit lifetime annotations to understand how these references relate to each other. Without proper annotations, the compiler can't guarantee references won't become dangling.

Here's a classic example of a function that needs lifetime annotations:

fn longest<'a>(x: &'a str, y: &'a str) -> &'a str {
    if x.len() > y.len() { x } else { y }
}

The lifetime parameter 'a tells the compiler that both input parameters and the return value must have the same lifetime. This ensures the returned reference remains valid for as long as both input references are valid.

To simplify code, Rust has lifetime elision rules that allow omitting explicit lifetime annotations in common patterns. The elision rules are:

  1. Each elided lifetime in input position becomes a distinct lifetime parameter.
  2. If there is exactly one input lifetime position, that lifetime is assigned to all elided output lifetimes.
  3. If there are multiple input lifetime positions but one of them is &self or &mut self, the lifetime of self is assigned to all elided output lifetimes.
  4. Otherwise, it is an error to elide an output lifetime.

These rules help with common cases like:

// Elided:
fn first_word(s: &str) -> &str
 
// Expanded by compiler to:
fn first_word<'a>(s: &'a str) -> &'a str

Functions can also have multiple different lifetime parameters when references are not related:

fn different_lifetimes<'a, 'b>(x: &'a str, y: &'b str) -> &'a str {
    x
}

Structs with Lifetime Parameters

Structs that contain references must be annotated with lifetime parameters to ensure they don't outlive the data they reference:

struct Excerpt<'a> {
    part: &'a str,
}
 
fn main() {
    let novel = String::from("Call me Ishmael. Some years ago...");
    let first_sentence = novel.split('.').next().unwrap();
    let excerpt = Excerpt { part: first_sentence };
 
    println!("Excerpt: {}", excerpt.part);
}

Structs with lifetimes are generally used for temporary views into another value. The lifetime parameter ensures that the struct cannot be used after the data it references is invalidated.

A common mistake is having mismatched lifetimes in struct definitions, for example:

// INCORRECT
struct PixelWriter<'a> {
    fb_config: &'a mut FrameBufferConfig<'a>,
    // ...
}

In this case, you should use different lifetime parameters for different references:

// CORRECT
struct PixelWriter<'a, 'b> {
    fb_config: &'a mut FrameBufferConfig<'b>,
    // ...
}

Common Pitfalls and Best Practices

Pitfalls to Avoid

  1. Mixing up struct lifetimes: Using the same lifetime parameter for multiple unrelated references in a struct can create unnecessary constraints.
  2. Returning references to local variables: This will never compile in Rust, as local variables are dropped at the end of the function.
// This will not compile
fn return_local_reference() -> &str {
    let s = String::from("hello");
    &s // Error: returns a reference to data owned by the current function
}
  1. Fighting the borrow checker: If you find yourself struggling with lifetime errors, consider if your design could benefit from owned types instead of references.
  2. Assuming T: 'static means forever: As discussed earlier, this is a common misconception. It doesn't mean the value lives forever, just that it doesn't contain non-static references.
  3. Unnecessary lifetime annotations: Overusing explicit lifetimes can make code harder to read when Rust's elision rules would handle it automatically.

Best Practices

  1. When troubleshooting lifetime errors, name all lifetimes explicitly. This can help clarify the relationships between references.
  2. Use owned types like String instead of &str when you need to store data in structs long-term. This avoids lifetime annotations entirely.
  3. Understand lifetime elision rules to write cleaner code that still maintains safety guarantees.
  4. Design APIs to take owned values when they need to store data, and references when they only need to view data temporarily.
  5. For complex lifetime issues, consider refactoring to simplify the ownership structure of your code.
  6. Use the 'static bound judiciously. It's a powerful tool but can constrain your API unnecessarily if misused.
  7. Remember that lifetimes are about scopes, not time. They represent regions of the code where references must be valid, not durations of execution.

Conclusion

Lifetimes in Rust are a powerful feature that enables memory safety without garbage collection. While they can be challenging at first, understanding how they work empowers you to write code that's both safe and efficient.

The key insight is that lifetimes are Rust's way of tracking the relationships between references to ensure they remain valid for as long as they're used. Most of the time, Rust's lifetime elision rules handle the details automatically, but knowing when and how to specify lifetimes explicitly is essential for more complex scenarios.

By mastering lifetimes, you gain a deeper understanding of Rust's ownership system and can design APIs that are both ergonomic and safe, avoiding common memory-related bugs that plague other systems programming languages.

Happy coding, and may your references always be valid!

Back to all posts