ffi: don't use empty enums for opaque types

apoelstra · apoelstra · commit c42a3750e892 · 2025-09-12T22:29:33.000Z
The nomicon doesn't like this. From the bottom of https://doc.rust-lang.org/nomicon/ffi.html "Notice that it is a really bad idea to use an empty enum as FFI type. The compiler relies on empty enums being uninhabited, so handling values of type &Empty is a huge footgun and can lead to buggy program behavior (by triggering undefined behavior)." They give an example that uses a phantom to also remove Send, Sync, and Unpin. I did not do this. I think all these traits are fine, because the type has no self-references and is never mutated by the C code except when it is freed, and then only through a `*mut` pointer.
diff --git a/simplicity-sys/src/c_jets/c_env/elements.rs b/simplicity-sys/src/c_jets/c_env/elements.rs
@@ -130,8 +130,10 @@ pub struct CRawTapEnv {
     pub branch_len: u8,
 }
 
-#[derive(Debug)]
-pub enum CTransaction {}
+#[repr(C)]
+pub struct CTransaction {
+    _data: (),
+}
 
 #[derive(Debug)]
 #[repr(C)]
@@ -143,8 +145,10 @@ pub struct CTxEnv {
     ix: c_uint_fast32_t,
 }
 
-#[derive(Debug)]
-pub enum CTapEnv {}
+#[repr(C)]
+pub struct CTapEnv {
+    _data: (),
+}
 
 extern "C" {
     #[link_name = "rustsimplicity_0_5_c_sizeof_rawElementsBuffer"]
