add a warning about using safe on extern c-variadic functions
#1839
+6
−0
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
rustbot
added
the
S-waiting-on-review
This comment has been minimized.
This comment has been minimized.
folkertdev
force-pushed
the
c-variadic-unsafe-at-any-speed
branch
2 times, most recently
from
1ba64f4 to
07d289f
Compare
ehuss
force-pushed
the
c-variadic-unsafe-at-any-speed
branch
from
07d289f to
5d90855
Compare
ehuss
added
the
S-waiting-on-stabilization
folkertdev
force-pushed
the
c-variadic-unsafe-at-any-speed
branch
from
5d90855 to
3bd778f
Compare
folkertdev
changed the title
safesafe on extern c-variadic functions
traviscross
removed
the
S-waiting-on-stabilization
traviscross
force-pushed
the
c-variadic-unsafe-at-any-speed
branch
from
3bd778f to
5454946
Compare
Let's adjust this language so that it talks about the guarantees that the function must make, and so that it says what may lead to UB rather than what "is" UB, as the latter implies immediate language UB, when this is actually library UB. Let's also add a `SAFETY` comment to the function in the example.
traviscross
force-pushed
the
c-variadic-unsafe-at-any-speed
branch
from
5454946 to
c13d2d2
Compare
traviscross
approved these changes
Jun 4, 2025
|
Thanks for the PR. Pushed an update to revise a bit, to add a |
jhpratt
added a commit
to jhpratt/rust
that referenced
this pull request
Jun 17, 2025
Update books ## rust-lang/book 1 commits in 634724ea85ebb08a542970bf8871ac8b0f77fd15..4433c9f0cad8460bee05ede040587f8a1fa3f1de 2025-06-03 16:34:00 UTC to 2025-06-03 16:34:00 UTC - Chapter 11 from tech review (rust-lang/book#4391) ## rust-lang/reference 10 commits in 8e0f593a30f3b56ddb0908fb7ab9249974e08738..d4c66b346f4b72d29e70390a3fa3ea7d4e064db1 2025-06-13 17:05:11 UTC to 2025-06-03 21:28:42 UTC - Align pattern destructuring with rest of patterns documentation (rust-lang/reference#1853) - Use extern "system" instead of "stdcall" in example (rust-lang/reference#1854) - Mention that `thiscall` is a 32-bit calling convention (rust-lang/reference#1855) - Add doc for keylocker target features (rust-lang/reference#1829) - Add doc for `sha512`, `sm3` and `sm4` target features (rust-lang/reference#1830) - Fix(typo): 'though' should be 'through' (rust-lang/reference#1850) - intro note: make text more simple (rust-lang/reference#1844) - nit: add missing period (rust-lang/reference#1843) - add a warning about using `safe` on extern c-variadic functions (rust-lang/reference#1839) - remove the `safe` keyword from a c-variadic foreign function. (rust-lang/reference#1838) ## rust-lang/rust-by-example 3 commits in 21f4e32b8b40d36453fae16ec07ad4b857c445b6..9baa9e863116cb9524a177d5a5c475baac18928a 2025-06-11 13:00:27 UTC to 2025-06-10 12:43:14 UTC - introduce new `@media` query to set a higher content width on ultra wide screens (rust-lang/rust-by-example#1937) - Fix syntax highligting (rust-lang/rust-by-example#1935) - fix(rust-lang#1656): update doc tests to use `playground` as the crate name (rust-lang/rust-by-example#1934)
workingjubilee
added a commit
to workingjubilee/rustc
that referenced
this pull request
Jun 17, 2025
Update books ## rust-lang/book 1 commits in 634724ea85ebb08a542970bf8871ac8b0f77fd15..4433c9f0cad8460bee05ede040587f8a1fa3f1de 2025-06-03 16:34:00 UTC to 2025-06-03 16:34:00 UTC - Chapter 11 from tech review (rust-lang/book#4391) ## rust-lang/reference 10 commits in 8e0f593a30f3b56ddb0908fb7ab9249974e08738..d4c66b346f4b72d29e70390a3fa3ea7d4e064db1 2025-06-13 17:05:11 UTC to 2025-06-03 21:28:42 UTC - Align pattern destructuring with rest of patterns documentation (rust-lang/reference#1853) - Use extern "system" instead of "stdcall" in example (rust-lang/reference#1854) - Mention that `thiscall` is a 32-bit calling convention (rust-lang/reference#1855) - Add doc for keylocker target features (rust-lang/reference#1829) - Add doc for `sha512`, `sm3` and `sm4` target features (rust-lang/reference#1830) - Fix(typo): 'though' should be 'through' (rust-lang/reference#1850) - intro note: make text more simple (rust-lang/reference#1844) - nit: add missing period (rust-lang/reference#1843) - add a warning about using `safe` on extern c-variadic functions (rust-lang/reference#1839) - remove the `safe` keyword from a c-variadic foreign function. (rust-lang/reference#1838) ## rust-lang/rust-by-example 3 commits in 21f4e32b8b40d36453fae16ec07ad4b857c445b6..9baa9e863116cb9524a177d5a5c475baac18928a 2025-06-11 13:00:27 UTC to 2025-06-10 12:43:14 UTC - introduce new ``@media`` query to set a higher content width on ultra wide screens (rust-lang/rust-by-example#1937) - Fix syntax highligting (rust-lang/rust-by-example#1935) - fix(rust-lang#1656): update doc tests to use `playground` as the crate name (rust-lang/rust-by-example#1934)
workingjubilee
added a commit
to workingjubilee/rustc
that referenced
this pull request
Jun 17, 2025
Update books ## rust-lang/book 1 commits in 634724ea85ebb08a542970bf8871ac8b0f77fd15..4433c9f0cad8460bee05ede040587f8a1fa3f1de 2025-06-03 16:34:00 UTC to 2025-06-03 16:34:00 UTC - Chapter 11 from tech review (rust-lang/book#4391) ## rust-lang/reference 10 commits in 8e0f593a30f3b56ddb0908fb7ab9249974e08738..d4c66b346f4b72d29e70390a3fa3ea7d4e064db1 2025-06-13 17:05:11 UTC to 2025-06-03 21:28:42 UTC - Align pattern destructuring with rest of patterns documentation (rust-lang/reference#1853) - Use extern "system" instead of "stdcall" in example (rust-lang/reference#1854) - Mention that `thiscall` is a 32-bit calling convention (rust-lang/reference#1855) - Add doc for keylocker target features (rust-lang/reference#1829) - Add doc for `sha512`, `sm3` and `sm4` target features (rust-lang/reference#1830) - Fix(typo): 'though' should be 'through' (rust-lang/reference#1850) - intro note: make text more simple (rust-lang/reference#1844) - nit: add missing period (rust-lang/reference#1843) - add a warning about using `safe` on extern c-variadic functions (rust-lang/reference#1839) - remove the `safe` keyword from a c-variadic foreign function. (rust-lang/reference#1838) ## rust-lang/rust-by-example 3 commits in 21f4e32b8b40d36453fae16ec07ad4b857c445b6..9baa9e863116cb9524a177d5a5c475baac18928a 2025-06-11 13:00:27 UTC to 2025-06-10 12:43:14 UTC - introduce new ```@media``` query to set a higher content width on ultra wide screens (rust-lang/rust-by-example#1937) - Fix syntax highligting (rust-lang/rust-by-example#1935) - fix(rust-lang#1656): update doc tests to use `playground` as the crate name (rust-lang/rust-by-example#1934)
workingjubilee
added a commit
to workingjubilee/rustc
that referenced
this pull request
Jun 17, 2025
Update books ## rust-lang/book 1 commits in 634724ea85ebb08a542970bf8871ac8b0f77fd15..4433c9f0cad8460bee05ede040587f8a1fa3f1de 2025-06-03 16:34:00 UTC to 2025-06-03 16:34:00 UTC - Chapter 11 from tech review (rust-lang/book#4391) ## rust-lang/reference 10 commits in 8e0f593a30f3b56ddb0908fb7ab9249974e08738..d4c66b346f4b72d29e70390a3fa3ea7d4e064db1 2025-06-13 17:05:11 UTC to 2025-06-03 21:28:42 UTC - Align pattern destructuring with rest of patterns documentation (rust-lang/reference#1853) - Use extern "system" instead of "stdcall" in example (rust-lang/reference#1854) - Mention that `thiscall` is a 32-bit calling convention (rust-lang/reference#1855) - Add doc for keylocker target features (rust-lang/reference#1829) - Add doc for `sha512`, `sm3` and `sm4` target features (rust-lang/reference#1830) - Fix(typo): 'though' should be 'through' (rust-lang/reference#1850) - intro note: make text more simple (rust-lang/reference#1844) - nit: add missing period (rust-lang/reference#1843) - add a warning about using `safe` on extern c-variadic functions (rust-lang/reference#1839) - remove the `safe` keyword from a c-variadic foreign function. (rust-lang/reference#1838) ## rust-lang/rust-by-example 3 commits in 21f4e32b8b40d36453fae16ec07ad4b857c445b6..9baa9e863116cb9524a177d5a5c475baac18928a 2025-06-11 13:00:27 UTC to 2025-06-10 12:43:14 UTC - introduce new ````@media```` query to set a higher content width on ultra wide screens (rust-lang/rust-by-example#1937) - Fix syntax highligting (rust-lang/rust-by-example#1935) - fix(rust-lang#1656): update doc tests to use `playground` as the crate name (rust-lang/rust-by-example#1934)
rust-timer
added a commit
to rust-lang/rust
that referenced
this pull request
Jun 17, 2025
Rollup merge of #142585 - rustbot:docs-update, r=ehuss Update books ## rust-lang/book 1 commits in 634724ea85ebb08a542970bf8871ac8b0f77fd15..4433c9f0cad8460bee05ede040587f8a1fa3f1de 2025-06-03 16:34:00 UTC to 2025-06-03 16:34:00 UTC - Chapter 11 from tech review (rust-lang/book#4391) ## rust-lang/reference 10 commits in 8e0f593a30f3b56ddb0908fb7ab9249974e08738..d4c66b346f4b72d29e70390a3fa3ea7d4e064db1 2025-06-13 17:05:11 UTC to 2025-06-03 21:28:42 UTC - Align pattern destructuring with rest of patterns documentation (rust-lang/reference#1853) - Use extern "system" instead of "stdcall" in example (rust-lang/reference#1854) - Mention that `thiscall` is a 32-bit calling convention (rust-lang/reference#1855) - Add doc for keylocker target features (rust-lang/reference#1829) - Add doc for `sha512`, `sm3` and `sm4` target features (rust-lang/reference#1830) - Fix(typo): 'though' should be 'through' (rust-lang/reference#1850) - intro note: make text more simple (rust-lang/reference#1844) - nit: add missing period (rust-lang/reference#1843) - add a warning about using `safe` on extern c-variadic functions (rust-lang/reference#1839) - remove the `safe` keyword from a c-variadic foreign function. (rust-lang/reference#1838) ## rust-lang/rust-by-example 3 commits in 21f4e32b8b40d36453fae16ec07ad4b857c445b6..9baa9e863116cb9524a177d5a5c475baac18928a 2025-06-11 13:00:27 UTC to 2025-06-10 12:43:14 UTC - introduce new ``@media`` query to set a higher content width on ultra wide screens (rust-lang/rust-by-example#1937) - Fix syntax highligting (rust-lang/rust-by-example#1935) - fix(#1656): update doc tests to use `playground` as the crate name (rust-lang/rust-by-example#1934)
github-actions bot
pushed a commit
to rust-lang/miri
that referenced
this pull request
Jun 18, 2025
Update books ## rust-lang/book 1 commits in 634724ea85ebb08a542970bf8871ac8b0f77fd15..4433c9f0cad8460bee05ede040587f8a1fa3f1de 2025-06-03 16:34:00 UTC to 2025-06-03 16:34:00 UTC - Chapter 11 from tech review (rust-lang/book#4391) ## rust-lang/reference 10 commits in 8e0f593a30f3b56ddb0908fb7ab9249974e08738..d4c66b346f4b72d29e70390a3fa3ea7d4e064db1 2025-06-13 17:05:11 UTC to 2025-06-03 21:28:42 UTC - Align pattern destructuring with rest of patterns documentation (rust-lang/reference#1853) - Use extern "system" instead of "stdcall" in example (rust-lang/reference#1854) - Mention that `thiscall` is a 32-bit calling convention (rust-lang/reference#1855) - Add doc for keylocker target features (rust-lang/reference#1829) - Add doc for `sha512`, `sm3` and `sm4` target features (rust-lang/reference#1830) - Fix(typo): 'though' should be 'through' (rust-lang/reference#1850) - intro note: make text more simple (rust-lang/reference#1844) - nit: add missing period (rust-lang/reference#1843) - add a warning about using `safe` on extern c-variadic functions (rust-lang/reference#1839) - remove the `safe` keyword from a c-variadic foreign function. (rust-lang/reference#1838) ## rust-lang/rust-by-example 3 commits in 21f4e32b8b40d36453fae16ec07ad4b857c445b6..9baa9e863116cb9524a177d5a5c475baac18928a 2025-06-11 13:00:27 UTC to 2025-06-10 12:43:14 UTC - introduce new ``@media`` query to set a higher content width on ultra wide screens (rust-lang/rust-by-example#1937) - Fix syntax highligting (rust-lang/rust-by-example#1935) - fix(rust-lang/rust#1656): update doc tests to use `playground` as the crate name (rust-lang/rust-by-example#1934)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
edit: the lang team found an edge case.
An extern c-variadic function can be marked as safe when it does not look at its arguments at all. That is not very useful, but technically allowed.
So, I've now added a warning with this information to the section on extern c-variadic functions.