From: Alice Ryhl <aliceryhl@google.com>
To: Miguel Ojeda <ojeda@kernel.org>
Cc: "Boqun Feng" <boqun@kernel.org>, "Gary Guo" <gary@garyguo.net>,
"Björn Roy Baron" <bjorn3_gh@protonmail.com>,
"Benno Lossin" <lossin@kernel.org>,
"Andreas Hindborg" <a.hindborg@kernel.org>,
"Trevor Gross" <tmgross@umich.edu>,
"Danilo Krummrich" <dakr@kernel.org>,
"Daniel Almeida" <daniel.almeida@collabora.com>,
"Tamir Duberstein" <tamird@kernel.org>,
"Alexandre Courbot" <acourbot@nvidia.com>,
"Onur Özkan" <work@onurozkan.dev>,
rust-for-linux@vger.kernel.org, Urgau <urgau@numericable.fr>
Subject: Re: [PATCH] rust: allow `suspicious_runtime_symbol_definitions` lint for Rust >= 1.98
Date: Mon, 15 Jun 2026 14:40:41 +0000 [thread overview]
Message-ID: <ajAO6V7Ki0QtwZTl@google.com> (raw)
In-Reply-To: <20260615143225.471756-1-ojeda@kernel.org>
On Mon, Jun 15, 2026 at 04:32:25PM +0200, Miguel Ojeda wrote:
> Starting with Rust 1.98.0 (expected 2026-08-20), Rust is introducing a
> couple new lints, `invalid_runtime_symbol_definitions` (deny-by-default)
> and `suspicious_runtime_symbol_definitions` (warn-by-default), which check
> the signature of items whose symbol name is a runtime symbol expected by
> `core`.
>
> Our build hits the second one, i.e. the warning:
>
> error: suspicious definition of the runtime `strlen` symbol used by the standard library
> --> rust/bindings/bindings_generated.rs:20018:5
> |
> 20018 | pub fn strlen(s: *const ffi::c_char) -> usize;
> | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> |
> = note: expected `unsafe extern "C" fn(*const i8) -> usize`
> found `unsafe extern "C" fn(*const u8) -> usize`
> = help: either fix the signature or remove any attributes like `#[unsafe(no_mangle)]`, `#[unsafe(export_name = "strlen")]`, or `#[link_name = "strlen"]`
> = help: allow this lint if the signature is compatible
> = note: `-D suspicious-runtime-symbol-definitions` implied by `-D warnings`
> = help: to override `-D warnings` add `#[allow(suspicious_runtime_symbol_definitions)]`
>
> error: suspicious definition of the runtime `strlen` symbol used by the standard library
> --> rust/uapi/uapi_generated.rs:14236:5
> |
> 14236 | pub fn strlen(s: *const ffi::c_char) -> usize;
> | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> |
> = note: expected `unsafe extern "C" fn(*const i8) -> usize`
> found `unsafe extern "C" fn(*const u8) -> usize`
> = help: either fix the signature or remove any attributes like `#[unsafe(no_mangle)]`, `#[unsafe(export_name = "strlen")]`, or `#[link_name = "strlen"]`
> = help: allow this lint if the signature is compatible
> = note: `-D suspicious-runtime-symbol-definitions` implied by `-D warnings`
> = help: to override `-D warnings` add `#[allow(suspicious_runtime_symbol_definitions)]`
>
> Thus `allow` the lint in `bindings` and `uapi`.
>
> A more targeted alternative to avoid `allow`ing it would be to pass
> `--blocklist-function strlen` to `bindgen`, but we would perhaps need
> to adjust if other C headers end up adding more (or Rust checking more).
> Since it is just the less critical one that we hit, and since eventually
> this should be properly fixed by getting upstream Rust to provide a flag
> like GCC/Clang's `-funsigned-char` [2][3], just `allow` it for now.
>
> Cc: Urgau <urgau@numericable.fr>
> Link: https://github.com/rust-lang/rust/pull/155521 [1]
> Link: https://github.com/rust-lang/rust/issues/138446 [2]
> Link: https://github.com/Rust-for-Linux/linux/issues/355 [3]
> Signed-off-by: Miguel Ojeda <ojeda@kernel.org>
The change itself LGTM. With below question answered:
Reviewed-by: Alice Ryhl <aliceryhl@google.com>
> #![cfg_attr(CONFIG_RUSTC_HAS_UNNECESSARY_TRANSMUTES, allow(unnecessary_transmutes))]
> +#![cfg_attr(
> + CONFIG_RUSTC_HAS_SUSPICIOUS_RUNTIME_SYMBOL_DEFINITIONS,
> + allow(suspicious_runtime_symbol_definitions)
> +)]
I'm wondering whether the cfg_attr is required? Is there a warning from
specifying an unknown warning otherwise?
Alice
next prev parent reply other threads:[~2026-06-15 14:40 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-06-15 14:32 [PATCH] rust: allow `suspicious_runtime_symbol_definitions` lint for Rust >= 1.98 Miguel Ojeda
2026-06-15 14:40 ` Alice Ryhl [this message]
2026-06-15 15:05 ` Miguel Ojeda
2026-06-15 17:09 ` Gary Guo
2026-06-15 17:14 ` Tamir Duberstein
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ajAO6V7Ki0QtwZTl@google.com \
--to=aliceryhl@google.com \
--cc=a.hindborg@kernel.org \
--cc=acourbot@nvidia.com \
--cc=bjorn3_gh@protonmail.com \
--cc=boqun@kernel.org \
--cc=dakr@kernel.org \
--cc=daniel.almeida@collabora.com \
--cc=gary@garyguo.net \
--cc=lossin@kernel.org \
--cc=ojeda@kernel.org \
--cc=rust-for-linux@vger.kernel.org \
--cc=tamird@kernel.org \
--cc=tmgross@umich.edu \
--cc=urgau@numericable.fr \
--cc=work@onurozkan.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox