-
Notifications
You must be signed in to change notification settings - Fork 1.6k
RFC: Changes to target_feature attribute
#3820
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Open
veluca93
wants to merge
1
commit into
rust-lang:master
Choose a base branch
from
veluca93:tft
base: master
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
Changes from all commits
Commits
File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,37 @@ | ||
| - Feature Name: (`target_feature_traits`) | ||
| - Start Date: (2025-05-25) | ||
| - RFC PR: [rust-lang/rfcs#3820](https://github.com/rust-lang/rfcs/pull/3820) | ||
| - Rust Issue: [rust-lang/rust#139368](https://github.com/rust-lang/rust/issues/139368) | ||
|
|
||
| # Summary | ||
| [summary]: #summary | ||
|
|
||
| This RFC proposes the addition of an `unsafe` variant of the existing `target_feature` attribute, and to modify the behaviour of the existing non-`unsafe` attribute to make it more compatible with traits. | ||
|
|
||
| See https://github.com/rust-lang/rust/issues/139368 for the discussion preceding this RFC and overall rationale. | ||
|
|
||
| ### New behaviour of `#[target_feature(enable = "x")]` in traits | ||
|
|
||
| - Target features can be enabled on trait *definition* methods (safe or unsafe). This imposes on the caller the same requirements that calling a concrete function with those features would impose. | ||
| - Target features can be enabled on trait *impl* methods, as long as the corresponding definition enables a superset of the enabled features. | ||
| - Provided methods in traits count as both a definition and an impl, and behave accordingly (i.e. overridden impls can enable any subset of the features specified on the provided method). | ||
|
|
||
| Compared to the current status, this: | ||
| - allows to use target features in safe trait methods | ||
| - disallows using features in a trait impl that were not expected in the trait definition | ||
|
|
||
| For the second case, we plan to emit a lint and to make this into a hard-error in a future edition. | ||
|
|
||
| ### New `#[unsafe(target_feature(force = "x"))]` attribute | ||
|
|
||
| This `unsafe` attribute can be applied to free functions, trait method implementations or trait method definitions. | ||
|
|
||
| It comes with the following soundness requirement: a function with the signature of the function the attribute is applied to must _only be callable if the force-enabled features are guaranteed to be present_ (this can be done, for example, if the function takes arguments that carry appropriate safety invariants). | ||
|
|
||
| Because of the soundness requirement, applying this attribute does not impose additional the requirements for calling this function on the callers (which is why the attribute can be applied to arbitrary trait methods). | ||
|
|
||
| The effect of the attribute is otherwise equivalent to `#[target_feature(enable = "x")]`. | ||
|
|
||
| Note that this version of the attribute can be used in the use-cases where `#[target_feature(enable = "x")]` would no longer be allowed. | ||
|
|
||
| Also note that the safety requirements of `#[unsafe(target_feature(force = "x"))]` only depend on the function's *signature*. This implies that an implementation (whether it is overriding a provided method or implementing a required method) should also be allowed to enable a feature (without needing to discharge any further safety requirements) if the corresponding definition had the `#[unsafe(target_feature(force = "x"))]` applied to it. | ||
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This might benefit from some examples, e.g. proof types:
An expanded version with static dispatch depending on feature would be nice, too
Uh oh!
There was an error while loading. Please reload this page.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
From our earlier thread in rust-lang/rust#139368, here's a worked example of what can be done today, demonstrating the relevant safety analysis:
Playground link