Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

rustc: Allow safe #[target_feature] on wasm #84988

Merged
merged 1 commit into from
Jun 3, 2021

Commits on May 28, 2021

  1. rustc: Allow safe #[target_feature] on wasm

    This commit updates the compiler's handling of the `#[target_feature]`
    attribute when applied to functions on WebAssembly-based targets. The
    compiler in general requires that any functions with `#[target_feature]`
    are marked as `unsafe` as well, but this commit relaxes the restriction
    for WebAssembly targets where the attribute can be applied to safe
    functions as well.
    
    The reason this is done is that the motivation for this feature of the
    compiler is not applicable for WebAssembly targets. In general the
    `#[target_feature]` attribute is used to enhance target CPU features
    enabled beyond the basic level for the rest of the compilation. If done
    improperly this means that your program could execute an instruction
    that the CPU you happen to be running on does not understand. This is
    considered undefined behavior where it is unknown what will happen (e.g.
    it's not a deterministic `SIGILL`).
    
    For WebAssembly, however, the target is different. It is not possible
    for a running WebAssembly program to execute an instruction that the
    engine does not understand. If this were the case then the program would
    not have validated in the first place and would not run at all. Even if
    this were allowed in some hypothetical future where engines have some
    form of runtime feature detection (which they do not right now) any
    implementation of such a feature would generate a trap if a module
    attempts to execute an instruction the module does not understand. This
    deterministic trap behavior would still not fall into the category of
    undefined behavior because the trap is deterministic.
    
    For these reasons the `#[target_feature]` attribute is now allowed on
    safe functions, but only for WebAssembly targets. This notably enables
    the wasm-SIMD intrinsics proposed for stabilization in rust-lang#74372 to be
    marked as safe generally instead of today where they're all `unsafe` due
    to the historical implementation of `#[target_feature]` in the compiler.
    alexcrichton committed May 28, 2021
    Configuration menu
    Copy the full SHA
    7fed92b View commit details
    Browse the repository at this point in the history