You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
All of these fixes should be considered either gramatical or implement
uncontroversial minor suggestions from review. In particular, this commit turns
the first two requirements into warnings instead of errors.
Copy file name to clipboardExpand all lines: text/0000-constrained-naked.md
+8-7Lines changed: 8 additions & 7 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -16,11 +16,11 @@ This document seeks to define naked functions in a much more constrained, positi
16
16
17
17
# Naked function definition
18
18
19
-
A naked function is a type of FFI function with a defined calling convention and a body which contains only assembly code which can rely upon the defined calling convention.
19
+
A naked function has a defined calling convention and a body which contains only assembly code which can rely upon the defined calling convention.
20
20
21
21
A naked function is identified by the `#[naked]` attribute and:
22
-
1.must specify a calling convention besides `extern "Rust"`.
23
-
1.must define only FFI-safe arguments and return types.
22
+
1.should specify a calling convention besides `extern "Rust"`.
23
+
1.should define only FFI-safe arguments and return types.
24
24
1. must not specify the `#[inline]` or `#[inline(always)]` attribute.
25
25
1. must have a body which contains only a single `asm!()` statement which:
26
26
1. may be wrapped in an `unsafe` block.
@@ -30,11 +30,12 @@ A naked function is identified by the `#[naked]` attribute and:
30
30
1. must ensure that the requirements of the calling convention are followed.
31
31
32
32
In exchange for the above constraints, the compiler commits to:
33
-
1. produce a clear error if any of the above rules are violated.
33
+
1. produce a clear error if any of the above requirements are violated.
34
+
1. produce a clear warning if any of the above suggestions are not heeded.
34
35
1. never inline the function (implicit `#[inline(never)]`).
35
-
1. emit no instructions to the function body that are not contained in the `asm!()` statement.
36
+
1. emit no additional instructions to the function body before the `asm!()` statement.
36
37
37
-
As a (weaker) correlary to the last compiler commitment, since the compiler generates no additional instructions, the initial state of all registers in the `asm!()` statement conform to the specified calling convention.
38
+
As a (weaker) correlary to the last compiler commitment, the initial state of all registers in the `asm!()` statement conform to the specified calling convention.
38
39
39
40
# Custom Calling Convention
40
41
@@ -90,7 +91,7 @@ The calling convention is defined as `extern "sysv64"`, therefore we know that t
90
91
91
92
# Drawbacks
92
93
93
-
Implementing this will break compatiliby of existing uses of the nightly `#[naked]` attribute. All of these uses likely depend on undefined behavior. If this was a problem, we could simply use a different attribute.
94
+
Implementing this will break compatiliby of existing uses of the nightly `#[naked]` attribute. All of these uses likely depend on undefined behavior. If this is a problem, we could simply use a different attribute.
94
95
95
96
This definition may be overly strict. There is certainly some code that would work without this. The counter argument is that this code relies on undefined behavior and is probably not worth preserving. It might also be possible to reasonably ease the constraints over time.
0 commit comments