script_bindings Start wrapping unsafe code in unsafe {} (#38545)

This is useful to better isolate `unsafe` code. Once all unsafe calls
are wrapped we can enable the Rust warning.  This also explicitly
disables the warning for generated code, which is a much more difficult
task. After this change there are 211 warnings left in
`script_bindings`.

Testing: This should not change behavior and is thus covered by existing
tests.

Signed-off-by: Martin Robinson <mrobinson@igalia.com>

components/script_bindings/callback.rs

@@ -96,11 +96,13 @@ impl<D: DomTypes> CallbackObject<D> {
     unsafe fn init(&mut self, cx: JSContext, callback: *mut JSObject) {
         self.callback.set(callback);
         self.permanent_js_root.set(ObjectValue(callback));
-        assert!(AddRawValueRoot(
-            *cx,
-            self.permanent_js_root.get_unsafe(),
-            b"CallbackObject::root\n".as_c_char_ptr()
-        ));
+        unsafe {
+            assert!(AddRawValueRoot(
+                *cx,
+                self.permanent_js_root.get_unsafe(),
+                b"CallbackObject::root\n".as_c_char_ptr()
+            ));
+        }
     }
 }
 
@@ -173,7 +175,7 @@ impl<D: DomTypes> CallbackFunction<D> {
     /// # Safety
     /// `callback` must point to a valid, non-null JSObject.
     pub unsafe fn init(&mut self, cx: JSContext, callback: *mut JSObject) {
-        self.object.init(cx, callback);
+        unsafe { self.object.init(cx, callback) };
     }
 }
 
@@ -205,7 +207,7 @@ impl<D: DomTypes> CallbackInterface<D> {
     /// # Safety
     /// `callback` must point to a valid, non-null JSObject.
     pub unsafe fn init(&mut self, cx: JSContext, callback: *mut JSObject) {
-        self.object.init(cx, callback);
+        unsafe { self.object.init(cx, callback) };
     }
 
     /// Returns the property with the given `name`, if it is a callable object,