[workerd-cxx] require lifetime annotations on all returned references (#3)

mikea · mikea · commit 43dacd02b7b4 · 2025-03-11T14:58:36.000-07:00
To support error propagation cxx generates C interface where successful result value is passed out as a pointer. This requires moving result type to parameter position which changes the meaning according to the rules of implicit liftime (each parameter gets its own lifetime). Rather than implement the same set of rules that compiler to generate such annotations, demand the user to always have explicit lifetimes for returned references. This should not be a great deal in practice with `unsafe` being the only inconvenience. In return the follow up no-abort work gets much simpler. I might revisit this change in the future if the burden of explicit lifetimes becomes too high. [workerd-cxx] fixing build (#6)
diff --git a/demo/src/main.rs b/demo/src/main.rs
@@ -10,7 +10,8 @@ mod ffi {
     extern "Rust" {
         type MultiBuf;
 
-        fn next_chunk(buf: &mut MultiBuf) -> &[u8];
+        #[allow(clippy::needless_lifetimes)]
+        unsafe fn next_chunk<'a>(buf: &'a mut MultiBuf) -> &'a [u8];
     }
 
     // C++ types and signatures exposed to Rust.
diff --git a/src/lib.rs b/src/lib.rs
@@ -90,7 +90,7 @@
 //!         type MultiBuf;
 //!
 //!         // Functions implemented in Rust.
-//!         fn next_chunk(buf: &mut MultiBuf) -> &[u8];
+//!         unsafe fn next_chunk<'a>(buf: &'a mut MultiBuf) -> &'a [u8];
 //!     }
 //!
 //!     unsafe extern "C++" {
diff --git a/syntax/parse.rs b/syntax/parse.rs
@@ -1461,7 +1461,31 @@ fn parse_return_type(
 
     match parse_type(ret)? {
         Type::Void(_) => Ok(None),
-        ty => Ok(Some(ty)),
+        ty => {
+            if has_references_without_lifetime(&ty) {
+                return Err(Error::new_spanned(
+                    ret,
+                    "cxx bridge requires all return type references to have explicit lifetimes",
+                ));
+            }
+            Ok(Some(ty))
+        }
+    }
+}
+
+fn has_references_without_lifetime(ty: &Type) -> bool {
+    match ty {
+        Type::Fn(_) | Type::Ident(_) | Type::Str(_) | Type::Void(_) => false,
+        Type::RustBox(t)
+        | Type::RustVec(t)
+        | Type::UniquePtr(t)
+        | Type::SharedPtr(t)
+        | Type::WeakPtr(t)
+        | Type::CxxVector(t) => has_references_without_lifetime(&t.inner),
+        Type::Ptr(t) => has_references_without_lifetime(&t.inner),
+        Type::Array(t) => has_references_without_lifetime(&t.inner),
+        Type::SliceRef(t) => t.lifetime.is_none(),
+        Type::Ref(t) => t.lifetime.is_none(),
     }
 }
 
diff --git a/tests/ffi/lib.rs b/tests/ffi/lib.rs
@@ -102,11 +102,11 @@ pub mod ffi {
         fn c_return_box() -> Box<R>;
         fn c_return_unique_ptr() -> UniquePtr<C>;
         fn c_return_shared_ptr() -> SharedPtr<C>;
-        fn c_return_ref(shared: &Shared) -> &usize;
-        fn c_return_mut(shared: &mut Shared) -> &mut usize;
-        fn c_return_str(shared: &Shared) -> &str;
-        fn c_return_slice_char(shared: &Shared) -> &[c_char];
-        fn c_return_mutsliceu8(slice: &mut [u8]) -> &mut [u8];
+        unsafe fn c_return_mut<'a>(shared: &'a mut Shared) -> &'a mut usize;
+        unsafe fn c_return_str<'a>(shared: &'a Shared) -> &'a str;
+        unsafe fn c_return_slice_char<'a>(shared: &'a Shared) -> &'a [c_char];
+        unsafe fn c_return_mutsliceu8<'a>(slice: &'a mut [u8]) -> &'a mut [u8];
+        unsafe fn c_return_ref<'a>(shared: &'a Shared) -> &'a usize;
         fn c_return_rust_string() -> String;
         fn c_return_rust_string_lossy() -> String;
         fn c_return_unique_ptr_string() -> UniquePtr<CxxString>;
@@ -115,18 +115,18 @@ pub mod ffi {
         fn c_return_unique_ptr_vector_string() -> UniquePtr<CxxVector<CxxString>>;
         fn c_return_unique_ptr_vector_shared() -> UniquePtr<CxxVector<Shared>>;
         fn c_return_unique_ptr_vector_opaque() -> UniquePtr<CxxVector<C>>;
-        fn c_return_ref_vector(c: &C) -> &CxxVector<u8>;
-        fn c_return_mut_vector(c: Pin<&mut C>) -> Pin<&mut CxxVector<u8>>;
+        unsafe fn c_return_ref_vector<'a>(c: &'a C) -> &'a CxxVector<u8>;
+        unsafe fn c_return_mut_vector<'a>(c: Pin<&'a mut C>) -> Pin<&'a mut CxxVector<u8>>;
         fn c_return_rust_vec_u8() -> Vec<u8>;
-        fn c_return_ref_rust_vec(c: &C) -> &Vec<u8>;
-        fn c_return_mut_rust_vec(c: Pin<&mut C>) -> &mut Vec<u8>;
+        unsafe fn c_return_ref_rust_vec<'a>(c: &'a C) -> &'a Vec<u8>;
+        unsafe fn c_return_mut_rust_vec<'a>(c: Pin<&'a mut C>) -> &'a mut Vec<u8>;
         fn c_return_rust_vec_string() -> Vec<String>;
         fn c_return_rust_vec_bool() -> Vec<bool>;
         fn c_return_identity(_: usize) -> usize;
         fn c_return_sum(_: usize, _: usize) -> usize;
         fn c_return_enum(n: u16) -> Enum;
-        fn c_return_ns_ref(shared: &AShared) -> &usize;
-        fn c_return_nested_ns_ref(shared: &ABShared) -> &usize;
+        unsafe fn c_return_ns_ref<'a>(shared: &'a AShared) -> &'a usize;
+        unsafe fn c_return_nested_ns_ref<'a>(shared: &'a ABShared) -> &'a usize;
         fn c_return_ns_enum(n: u16) -> AEnum;
         fn c_return_nested_ns_enum(n: u16) -> ABEnum;
         fn c_return_const_ptr(n: usize) -> *const C;
@@ -164,7 +164,7 @@ pub mod ffi {
         fn c_take_ref_rust_vec_string(v: &Vec<String>);
         fn c_take_ref_rust_vec_index(v: &Vec<u8>);
         fn c_take_ref_rust_vec_copy(v: &Vec<u8>);
-        fn c_take_ref_shared_string(s: &SharedString) -> &SharedString;
+        unsafe fn c_take_ref_shared_string<'a>(s: &'a SharedString) -> &'a SharedString;
         fn c_take_callback(callback: fn(String) -> usize);
         fn c_take_callback_ref(callback: fn(&String));
         #[cxx_name = "c_take_callback_ref"]
@@ -184,26 +184,26 @@ pub mod ffi {
         fn c_try_return_primitive() -> Result<usize>;
         fn c_fail_return_primitive() -> Result<usize>;
         fn c_try_return_box() -> Result<Box<R>>;
-        fn c_try_return_ref(s: &String) -> Result<&String>;
-        fn c_try_return_str(s: &str) -> Result<&str>;
-        fn c_try_return_sliceu8(s: &[u8]) -> Result<&[u8]>;
-        fn c_try_return_mutsliceu8(s: &mut [u8]) -> Result<&mut [u8]>;
+        unsafe fn c_try_return_ref<'a>(s: &'a String) -> Result<&'a String>;
+        unsafe fn c_try_return_str<'a>(s: &'a str) -> Result<&'a str>;
+        unsafe fn c_try_return_sliceu8<'a>(s: &'a [u8]) -> Result<&'a [u8]>;
+        unsafe fn c_try_return_mutsliceu8<'a>(s: &'a mut [u8]) -> Result<&'a mut [u8]>;
         fn c_try_return_rust_string() -> Result<String>;
         fn c_try_return_unique_ptr_string() -> Result<UniquePtr<CxxString>>;
         fn c_try_return_rust_vec() -> Result<Vec<u8>>;
         fn c_try_return_rust_vec_string() -> Result<Vec<String>>;
-        fn c_try_return_ref_rust_vec(c: &C) -> Result<&Vec<u8>>;
+        unsafe fn c_try_return_ref_rust_vec<'a>(c: &'a C) -> Result<&'a Vec<u8>>;
 
         fn get(self: &C) -> usize;
         fn set(self: Pin<&mut C>, n: usize) -> usize;
         fn get2(&self) -> usize;
-        fn getRef(self: &C) -> &usize;
-        fn getMut(self: Pin<&mut C>) -> &mut usize;
+        unsafe fn getRef<'a>(self: &'a C) -> &'a usize;
+        unsafe fn getMut<'a>(self: Pin<&'a mut C>) -> &'a mut usize;
         fn set_succeed(self: Pin<&mut C>, n: usize) -> Result<usize>;
         fn get_fail(self: Pin<&mut C>) -> Result<usize>;
         fn c_method_on_shared(self: &Shared) -> usize;
-        fn c_method_ref_on_shared(self: &Shared) -> &usize;
-        fn c_method_mut_on_shared(self: &mut Shared) -> &mut usize;
+        unsafe fn c_method_ref_on_shared<'a>(self: &'a Shared) -> &'a usize;
+        unsafe fn c_method_mut_on_shared<'a>(self: &'a mut Shared) -> &'a mut usize;
         fn c_set_array(self: &mut Array, value: i32);
 
         fn c_get_use_count(weak: &WeakPtr<C>) -> usize;
@@ -258,6 +258,7 @@ pub mod ffi {
         type Buffer = crate::Buffer;
     }
 
+    #[allow(clippy::extra_unused_lifetimes)]
     extern "Rust" {
         type R;
 
@@ -266,19 +267,19 @@ pub mod ffi {
         fn r_return_box() -> Box<R>;
         fn r_return_unique_ptr() -> UniquePtr<C>;
         fn r_return_shared_ptr() -> SharedPtr<C>;
-        fn r_return_ref(shared: &Shared) -> &usize;
-        fn r_return_mut(shared: &mut Shared) -> &mut usize;
-        fn r_return_str(shared: &Shared) -> &str;
+        unsafe fn r_return_ref<'a>(shared: &'a Shared) -> &'a usize;
+        unsafe fn r_return_mut<'a>(shared: &'a mut Shared) -> &'a mut usize;
+        unsafe fn r_return_str<'a>(shared: &'a Shared) -> &'a str;
         unsafe fn r_return_str_via_out_param<'a>(shared: &'a Shared, out_param: &mut &'a str);
-        fn r_return_sliceu8(shared: &Shared) -> &[u8];
-        fn r_return_mutsliceu8(slice: &mut [u8]) -> &mut [u8];
+        unsafe fn r_return_sliceu8<'a>(shared: &'a Shared) -> &'a [u8];
+        unsafe fn r_return_mutsliceu8<'a>(slice: &'a mut [u8]) -> &'a mut [u8];
         fn r_return_rust_string() -> String;
         fn r_return_unique_ptr_string() -> UniquePtr<CxxString>;
         fn r_return_rust_vec() -> Vec<u8>;
         fn r_return_rust_vec_string() -> Vec<String>;
         fn r_return_rust_vec_extern_struct() -> Vec<Job>;
-        fn r_return_ref_rust_vec(shared: &Shared) -> &Vec<u8>;
-        fn r_return_mut_rust_vec(shared: &mut Shared) -> &mut Vec<u8>;
+        unsafe fn r_return_ref_rust_vec<'a>(shared: &'a Shared) -> &'a Vec<u8>;
+        unsafe fn r_return_mut_rust_vec<'a>(shared: &'a mut Shared) -> &'a mut Vec<u8>;
         fn r_return_identity(_: usize) -> usize;
         fn r_return_sum(_: usize, _: usize) -> usize;
         fn r_return_enum(n: u32) -> Enum;
@@ -306,8 +307,8 @@ pub mod ffi {
         fn r_try_return_primitive() -> Result<usize>;
         fn r_try_return_box() -> Result<Box<R>>;
         fn r_fail_return_primitive() -> Result<usize>;
-        fn r_try_return_sliceu8(s: &[u8]) -> Result<&[u8]>;
-        fn r_try_return_mutsliceu8(s: &mut [u8]) -> Result<&mut [u8]>;
+        unsafe fn r_try_return_sliceu8<'a>(s: &'a [u8]) -> Result<&'a [u8]>;
+        unsafe fn r_try_return_mutsliceu8<'a>(s: &'a mut [u8]) -> Result<&'a mut [u8]>;
 
         fn get(self: &R) -> usize;
         fn set(self: &mut R, n: usize) -> usize;
diff --git a/tests/ffi/module.rs b/tests/ffi/module.rs
@@ -54,7 +54,7 @@ pub mod ffi2 {
         fn c_return_trivial_ns_ptr() -> UniquePtr<G>;
         fn c_return_trivial_ns() -> G;
         fn c_return_opaque_ptr() -> UniquePtr<E>;
-        fn c_return_opaque_mut_pin(e: Pin<&mut E>) -> Pin<&mut E>;
+        fn c_return_opaque_mut_pin<'a>(e: Pin<&'a mut E>) -> Pin<&'a mut E>;
         fn c_return_ns_opaque_ptr() -> UniquePtr<F>;
         fn c_return_ns_unique_ptr() -> UniquePtr<H>;
         fn c_take_ref_ns_c(h: &H);
diff --git a/tests/test.rs b/tests/test.rs
@@ -43,13 +43,15 @@ fn test_c_return() {
     assert_eq!(2020, ffi::c_return_box().0);
     ffi::c_return_unique_ptr();
     ffi2::c_return_ns_unique_ptr();
-    assert_eq!(2020, *ffi::c_return_ref(&shared));
-    assert_eq!(2020, *ffi::c_return_ns_ref(&ns_shared));
-    assert_eq!(2020, *ffi::c_return_nested_ns_ref(&nested_ns_shared));
-    assert_eq!("2020", ffi::c_return_str(&shared));
+    assert_eq!(2020, *unsafe { ffi::c_return_ref(&shared) });
+    assert_eq!(2020, *unsafe { ffi::c_return_ns_ref(&ns_shared) });
+    assert_eq!(2020, *unsafe {
+        ffi::c_return_nested_ns_ref(&nested_ns_shared)
+    });
+    assert_eq!("2020", unsafe { ffi::c_return_str(&shared) });
     assert_eq!(
         b"2020\0",
-        cast::c_char_to_unsigned(ffi::c_return_slice_char(&shared)),
+        cast::c_char_to_unsigned(unsafe { ffi::c_return_slice_char(&shared) }),
     );
     assert_eq!("2020", ffi::c_return_rust_string());
     assert_eq!("Hello \u{fffd}World", ffi::c_return_rust_string_lossy());
@@ -107,9 +109,15 @@ fn test_c_try_return() {
         ffi::c_fail_return_primitive().unwrap_err().what(),
     );
     assert_eq!(2020, ffi::c_try_return_box().unwrap().0);
-    assert_eq!("2020", *ffi::c_try_return_ref(&"2020".to_owned()).unwrap());
-    assert_eq!("2020", ffi::c_try_return_str("2020").unwrap());
-    assert_eq!(b"2020", ffi::c_try_return_sliceu8(b"2020").unwrap());
+    assert_eq!(
+        "2020",
+        *unsafe { ffi::c_try_return_ref(&"2020".to_owned()) }.unwrap()
+    );
+    assert_eq!("2020", unsafe { ffi::c_try_return_str("2020") }.unwrap());
+    assert_eq!(
+        b"2020",
+        unsafe { ffi::c_try_return_sliceu8(b"2020") }.unwrap()
+    );
     assert_eq!("2020", ffi::c_try_return_rust_string().unwrap());
     assert_eq!("2020", &*ffi::c_try_return_unique_ptr_string().unwrap());
 }
@@ -189,9 +197,11 @@ fn test_c_take() {
     check!(ffi::c_take_ref_rust_vec(&test_vec));
     check!(ffi::c_take_ref_rust_vec_index(&test_vec));
     check!(ffi::c_take_ref_rust_vec_copy(&test_vec));
-    check!(ffi::c_take_ref_shared_string(&ffi::SharedString {
-        msg: "2020".to_owned()
-    }));
+    check!(unsafe {
+        ffi::c_take_ref_shared_string(&ffi::SharedString {
+            msg: "2020".to_owned(),
+        })
+    });
     let ns_shared_test_vec = vec![ffi::AShared { z: 1010 }, ffi::AShared { z: 1011 }];
     check!(ffi::c_take_rust_vec_ns_shared(ns_shared_test_vec));
     let nested_ns_shared_test_vec = vec![ffi::ABShared { z: 1010 }, ffi::ABShared { z: 1011 }];
@@ -256,15 +266,19 @@ fn test_c_method_calls() {
     assert_eq!(2021, unique_ptr.pin_mut().set(2021));
     assert_eq!(2021, unique_ptr.get());
     assert_eq!(2021, unique_ptr.get2());
-    assert_eq!(2021, *unique_ptr.getRef());
+    assert_eq!(2021, *unsafe { unique_ptr.getRef() });
     assert_eq!(2021, unsafe { &mut *unique_ptr.as_mut_ptr() }.get());
     assert_eq!(2021, unsafe { &*unique_ptr.as_ptr() }.get());
-    assert_eq!(2021, *unique_ptr.pin_mut().getMut());
+    assert_eq!(2021, *unsafe { unique_ptr.pin_mut().getMut() });
     assert_eq!(2022, unique_ptr.pin_mut().set_succeed(2022).unwrap());
     assert!(unique_ptr.pin_mut().get_fail().is_err());
     assert_eq!(2021, ffi::Shared { z: 0 }.c_method_on_shared());
-    assert_eq!(2022, *ffi::Shared { z: 2022 }.c_method_ref_on_shared());
-    assert_eq!(2023, *ffi::Shared { z: 2023 }.c_method_mut_on_shared());
+    assert_eq!(2022, *unsafe {
+        ffi::Shared { z: 2022 }.c_method_ref_on_shared()
+    });
+    assert_eq!(2023, *unsafe {
+        ffi::Shared { z: 2023 }.c_method_mut_on_shared()
+    });
 
     let val = 42;
     let mut array = ffi::Array {
diff --git a/tests/ui/bad_explicit_impl.rs b/tests/ui/bad_explicit_impl.rs
@@ -4,7 +4,7 @@ mod ffi {
         x: u8,
     }
 
-    impl fn() -> &S {}
+    impl<'a> fn() -> &'a S {}
 }
 
 fn main() {}
diff --git a/tests/ui/bad_explicit_impl.stderr b/tests/ui/bad_explicit_impl.stderr
@@ -1,5 +1,5 @@
 error: unsupported Self type of explicit impl
  --> tests/ui/bad_explicit_impl.rs:7:5
   |
-7 |     impl fn() -> &S {}
-  |     ^^^^^^^^^^^^^^^^^^
+7 |     impl<'a> fn() -> &'a S {}
+  |     ^^^^^^^^^^^^^^^^^^^^^^^^^
diff --git a/tests/ui/mut_return.rs b/tests/ui/mut_return.rs
@@ -7,11 +7,11 @@ mod ffi {
     unsafe extern "C++" {
         type Thing;
 
-        fn f(t: &Thing) -> Pin<&mut CxxString>;
-        unsafe fn g(t: &Thing) -> Pin<&mut CxxString>;
-        fn h(t: Box<Mut>) -> Pin<&mut CxxString>;
+        fn f<'a>(t: &'a Thing) -> Pin<&'a mut CxxString>;
+        unsafe fn g<'a>(t: &'a Thing) -> Pin<&'a mut CxxString>;
+        fn h<'a>(t: Box<Mut>) -> Pin<&'a mut CxxString>;
         fn i<'a>(t: Box<Mut<'a>>) -> Pin<&'a mut CxxString>;
-        fn j(t: &Thing) -> &mut [u8];
+        fn j<'a>(t: &'a Thing) -> &'a mut [u8];
     }
 }
 
diff --git a/tests/ui/mut_return.stderr b/tests/ui/mut_return.stderr
@@ -1,11 +1,11 @@
 error: &mut return type is not allowed unless there is a &mut argument
   --> tests/ui/mut_return.rs:10:9
    |
-10 |         fn f(t: &Thing) -> Pin<&mut CxxString>;
-   |         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+10 |         fn f<'a>(t: &'a Thing) -> Pin<&'a mut CxxString>;
+   |         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 
 error: &mut return type is not allowed unless there is a &mut argument
   --> tests/ui/mut_return.rs:14:9
    |
-14 |         fn j(t: &Thing) -> &mut [u8];
-   |         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+14 |         fn j<'a>(t: &'a Thing) -> &'a mut [u8];
+   |         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
diff --git a/tests/ui/ptr_unsupported.rs b/tests/ui/ptr_unsupported.rs
@@ -3,7 +3,7 @@ mod ffi {
     unsafe extern "C++" {
         type C;
 
-        fn get_ptr_to_reference() -> *mut &C;
+        fn get_ptr_to_reference<'a>() -> *mut &'a C;
         fn get_uniqueptr_to_ptr() -> UniquePtr<*mut C>;
         fn get_vector_of_ptr() -> UniquePtr<CxxVector<*mut C>>;
     }
diff --git a/tests/ui/ptr_unsupported.stderr b/tests/ui/ptr_unsupported.stderr
@@ -1,8 +1,8 @@
 error: C++ does not allow pointer to reference as a type
  --> tests/ui/ptr_unsupported.rs:6:38
   |
-6 |         fn get_ptr_to_reference() -> *mut &C;
-  |                                      ^^^^^^^
+6 |         fn get_ptr_to_reference<'a>() -> *mut &'a C;
+  |                                          ^^^^^^^^^^
 
 error: unsupported unique_ptr target type
  --> tests/ui/ptr_unsupported.rs:7:38

Original file line number	Diff line number	Diff line change
`@@ -10,7 +10,8 @@ mod ffi {`
`10`	`10`	`extern "Rust" {`
`11`	`11`	`type MultiBuf;`
`12`	`12`
`13`		`- fn next_chunk(buf: &mut MultiBuf) -> &[u8];`
	`13`	`+ #[allow(clippy::needless_lifetimes)]`
	`14`	`+ unsafe fn next_chunk<'a>(buf: &'a mut MultiBuf) -> &'a [u8];`
`14`	`15`	`}`
`15`	`16`
`16`	`17`	`// C++ types and signatures exposed to Rust.`
Original file line number	Diff line number	Diff line change
`@@ -4,7 +4,7 @@ mod ffi {`
`4`	`4`	`x: u8,`
`5`	`5`	`}`
`6`	`6`
`7`		`- impl fn() -> &S {}`
	`7`	`+ impl<'a> fn() -> &'a S {}`
`8`	`8`	`}`
`9`	`9`
`10`	`10`	`fn main() {}`
Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,5 @@`
`1`	`1`	`error: unsupported Self type of explicit impl`
`2`	`2`	`--> tests/ui/bad_explicit_impl.rs:7:5`
`3`	`3`	`\|`
`4`		`-7 \| impl fn() -> &S {}`
`5`		`- \| ^^^^^^^^^^^^^^^^^^`
	`4`	`+7 \| impl<'a> fn() -> &'a S {}`
	`5`	`+ \| ^^^^^^^^^^^^^^^^^^^^^^^^^`
Original file line number	Diff line number	Diff line change
`@@ -7,11 +7,11 @@ mod ffi {`
`7`	`7`	`unsafe extern "C++" {`
`8`	`8`	`type Thing;`
`9`	`9`
`10`		`- fn f(t: &Thing) -> Pin<&mut CxxString>;`
`11`		`- unsafe fn g(t: &Thing) -> Pin<&mut CxxString>;`
`12`		`- fn h(t: Box<Mut>) -> Pin<&mut CxxString>;`
	`10`	`+ fn f<'a>(t: &'a Thing) -> Pin<&'a mut CxxString>;`
	`11`	`+ unsafe fn g<'a>(t: &'a Thing) -> Pin<&'a mut CxxString>;`
	`12`	`+ fn h<'a>(t: Box<Mut>) -> Pin<&'a mut CxxString>;`
`13`	`13`	`fn i<'a>(t: Box<Mut<'a>>) -> Pin<&'a mut CxxString>;`
`14`		`- fn j(t: &Thing) -> &mut [u8];`
	`14`	`+ fn j<'a>(t: &'a Thing) -> &'a mut [u8];`
`15`	`15`	`}`
`16`	`16`	`}`
`17`	`17`