search

rust-lang / lang-team

Home of the Rust lang team
http://lang-team.rust-lang.org/
Apache License 2.0
200 stars 48 forks source link

Meeting proposal: Unsafe extern blocks #223

Closed tmandry closed 8 months ago

tmandry commented 11 months ago

Summary

Simply declaring extern items, even without ever using them, can cause Undefined Behavior. When performing cross-language compilation, attributes on one function declaration can flow to the foreign declaration elsewhere within LLVM and cause a miscompilation. In Rust we consider all sources of Undefined Behavior to be unsafe, and so we must make declaring extern blocks be unsafe. The up-side to this change is that in the new style it will be possible to declare an extern fn that's safe to call after the initial unsafe declaration.

In Edition 2024 it is unsafe to declare an extern function or static, but external functions and statics can be safe to use after the initial declaration.

Background reading

https://github.com/rust-lang/rfcs/pull/3484

About this issue

This issue corresponds to a lang-team design meeting proposal. It corresponds to a possible topic of discussion that may be scheduled for deeper discussion during one of our design meetings.

tmandry commented 11 months ago

cc @Lokathor

Lokathor commented 11 months ago

Thanks but I never have Wednesday free, so just hold it without me.

RalfJung commented 11 months ago

Simply declaring extern items, even without ever using them, can cause Undefined Behavior.

FWIW this is not a fact of nature, it's an LLVM thing inherited from C. We could also try to work towards fixing that.