-
Notifications
You must be signed in to change notification settings - Fork 13k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Decide whether blocks inside asm
goto should default to safe
#132078
Comments
@rfcbot merge |
Team member @joshtriplett has proposed to merge this. The next step is review by the rest of the tagged team members: No concerns currently listed. Once a majority of reviewers approve (and at most 2 approvals are outstanding), this will enter its final comment period. If you spot a major issue that hasn't been raised at any point in this process, please speak up! cc @rust-lang/lang-advisors: FCP proposed for lang, please feel free to register concerns. |
I don't have a strong preference on defaulting to safe vs making you pick safe vs unsafe. If we add safe blocks later in an upcoming edition we can always require explicitness in the same edition. I like the idea of avoiding an extra set of braces. @rfcbot reviewed |
@rfcbot reviewed This makes sense to me. The ability to have safe blocks makes sense for folks building control-flow abstractions on top of inline-assembly. I am indifferent about whether or not it is the default, but if there is to be a default, I prefer safe ("fails open", as Josh said). |
@rfcbot reviewed |
🔔 This is now entering its final comment period, as per the review above. 🔔 |
The final comment period, with a disposition to merge, as per the review above, is now complete. As the automated representative of the governance process, I would like to thank the author for their work and everyone else who contributed. This will be merged soon. |
Implementation merged: #131544 |
asm
goto requires labeled blocks, likeasm!("...", foo = label { code() });
.We need to decide whether those labeled blocks are safe by default or whether they require explicitly writing
safe
orunsafe
. I'm filing this issue for T-lang to decide which of those we want to go with.Based on discussion with the Rust for Linux folks, I'm going to propose that these blocks should default to safe, and require an explicit
unsafe
if you want them to be unsafe.I'm also going to propose that you shouldn't need nested braces if you want unsafe here:
label unsafe { dangerous_code() }
should work, rather than having to writelabel { unsafe { dangerous_code() } }
.The text was updated successfully, but these errors were encountered: