chore: Move unsafe operations in unsafe functions to unsafe blocks (#36017)

Signed-off-by: DK Liao <dklassic@gmail.com>
2025-06-06 16:45:39 +00:00 · 2025-03-18 15:19:35 +09:00 · 2025-03-18 15:19:35 +09:00 · bcdd34e2aa
commit bcdd34e2aa
parent eb3c48f9d3
5 changed files with 59 additions and 57 deletions
--- a/components/allocator/Cargo.toml
+++ b/components/allocator/Cargo.toml
@ -23,6 +23,3 @@ windows-sys = { workspace = true, features = ["Win32_System_Memory"] }

 [target.'cfg(target_env = "ohos")'.dependencies]
 libc = { workspace = true }
-
-[lints.rust]
-unsafe_op_in_unsafe_fn = { level = "allow" }
--- a/components/allocator/lib.rs
+++ b/components/allocator/lib.rs
@ -45,10 +45,14 @@ mod platform {
    /// Passing a non-heap allocated pointer to this function results in undefined behavior.
    pub unsafe extern "C" fn usable_size(ptr: *const c_void) -> usize {
        #[cfg(target_vendor = "apple")]
-        return libc::malloc_size(ptr);
+        unsafe {
+            return libc::malloc_size(ptr);
+        }

        #[cfg(not(target_vendor = "apple"))]
-        return libc::malloc_usable_size(ptr as *mut _);
+        unsafe {
+            return libc::malloc_usable_size(ptr as *mut _);
+        }
    }

    pub mod libc_compat {
@ -70,12 +74,14 @@ mod platform {
    ///
    /// Passing a non-heap allocated pointer to this function results in undefined behavior.
    pub unsafe extern "C" fn usable_size(mut ptr: *const c_void) -> usize {
-        let heap = GetProcessHeap();
+        unsafe {
+            let heap = GetProcessHeap();

-        if HeapValidate(heap, 0, ptr) == FALSE {
-            ptr = *(ptr as *const *const c_void).offset(-1)
+            if HeapValidate(heap, 0, ptr) == FALSE {
+                ptr = *(ptr as *const *const c_void).offset(-1)
+            }
+
+            HeapSize(heap, 0, ptr) as usize
        }
-
-        HeapSize(heap, 0, ptr) as usize
    }
 }
--- a/components/background_hang_monitor/Cargo.toml
+++ b/components/background_hang_monitor/Cargo.toml
@ -32,6 +32,3 @@ mach2 = { version = "0.4", optional = true }
 [target.'cfg(all(target_os = "linux", not(any(target_arch = "arm", target_arch = "aarch64", target_env = "ohos", target_env = "musl"))))'.dependencies]
 nix = { workspace = true, features = ["signal"], optional = true }
 unwind-sys = { version = "0.1.4", optional = true }
-
-[lints.rust]
-unsafe_op_in_unsafe_fn = { level = "allow" }
--- a/components/background_hang_monitor/sampler_mac.rs
+++ b/components/background_hang_monitor/sampler_mac.rs
@ -62,7 +62,7 @@ fn check_kern_return(kret: mach2::kern_return::kern_return_t) -> Result<(), ()>

 #[allow(unsafe_code)]
 unsafe fn suspend_thread(thread_id: MonitoredThreadId) -> Result<(), ()> {
-    check_kern_return(mach2::thread_act::thread_suspend(thread_id))
+    check_kern_return(unsafe { mach2::thread_act::thread_suspend(thread_id) })
 }

 #[allow(unsafe_code)]
@ -71,12 +71,14 @@ unsafe fn get_registers(thread_id: MonitoredThreadId) -> Result<Registers, ()> {
    {
        let mut state = mach2::structs::x86_thread_state64_t::new();
        let mut state_count = mach2::structs::x86_thread_state64_t::count();
-        let kret = mach2::thread_act::thread_get_state(
-            thread_id,
-            mach2::thread_status::x86_THREAD_STATE64,
-            (&mut state) as *mut _ as *mut _,
-            &mut state_count,
-        );
+        let kret = unsafe {
+            mach2::thread_act::thread_get_state(
+                thread_id,
+                mach2::thread_status::x86_THREAD_STATE64,
+                (&mut state) as *mut _ as *mut _,
+                &mut state_count,
+            )
+        };
        check_kern_return(kret)?;
        Ok(Registers {
            instruction_ptr: state.__rip as Address,
@ -88,12 +90,14 @@ unsafe fn get_registers(thread_id: MonitoredThreadId) -> Result<Registers, ()> {
    {
        let mut state = mach2::structs::arm_thread_state64_t::new();
        let mut state_count = mach2::structs::arm_thread_state64_t::count();
-        let kret = mach2::thread_act::thread_get_state(
-            thread_id,
-            mach2::thread_status::ARM_THREAD_STATE64,
-            (&mut state) as *mut _ as *mut _,
-            &mut state_count,
-        );
+        let kret = unsafe {
+            mach2::thread_act::thread_get_state(
+                thread_id,
+                mach2::thread_status::ARM_THREAD_STATE64,
+                (&mut state) as *mut _ as *mut _,
+                &mut state_count,
+            )
+        };
        check_kern_return(kret)?;
        Ok(Registers {
            instruction_ptr: state.__pc as Address,
@ -104,7 +108,7 @@ unsafe fn get_registers(thread_id: MonitoredThreadId) -> Result<Registers, ()> {
 }
 #[allow(unsafe_code)]
 unsafe fn resume_thread(thread_id: MonitoredThreadId) -> Result<(), ()> {
-    check_kern_return(mach2::thread_act::thread_resume(thread_id))
+    check_kern_return(unsafe { mach2::thread_act::thread_resume(thread_id) })
 }

 #[allow(unsafe_code)]
@ -112,35 +116,36 @@ unsafe fn frame_pointer_stack_walk(regs: Registers) -> NativeStack {
    // Note: this function will only work with code build with:
    // --dev,
    // or --with-frame-pointer.
-
-    let pthread_t = libc::pthread_self();
-    let stackaddr = libc::pthread_get_stackaddr_np(pthread_t);
-    let stacksize = libc::pthread_get_stacksize_np(pthread_t);
    let mut native_stack = NativeStack::new();
-    let pc = regs.instruction_ptr as *mut std::ffi::c_void;
-    let stack = regs.stack_ptr as *mut std::ffi::c_void;
-    let _ = native_stack.process_register(pc, stack);
-    let mut current = regs.frame_ptr as *mut *mut std::ffi::c_void;
-    while !current.is_null() {
-        if (current as usize) < stackaddr as usize {
-            // Reached the end of the stack.
-            break;
+    unsafe {
+        let pthread_t = libc::pthread_self();
+        let stackaddr = libc::pthread_get_stackaddr_np(pthread_t);
+        let stacksize = libc::pthread_get_stacksize_np(pthread_t);
+        let pc = regs.instruction_ptr as *mut std::ffi::c_void;
+        let stack = regs.stack_ptr as *mut std::ffi::c_void;
+        let _ = native_stack.process_register(pc, stack);
+        let mut current = regs.frame_ptr as *mut *mut std::ffi::c_void;
+        while !current.is_null() {
+            if (current as usize) < stackaddr as usize {
+                // Reached the end of the stack.
+                break;
+            }
+            if current as usize >= stackaddr.add(stacksize * 8) as usize {
+                // Reached the beginning of the stack.
+                // Assumining 64 bit mac(see the stacksize * 8).
+                break;
+            }
+            let next = *current as *mut *mut std::ffi::c_void;
+            let pc = current.add(1);
+            let stack = current.add(2);
+            if let Err(()) = native_stack.process_register(*pc, *stack) {
+                break;
+            }
+            if (next <= current) || (next as usize & 3 != 0) {
+                break;
+            }
+            current = next;
        }
-        if current as usize >= stackaddr.add(stacksize * 8) as usize {
-            // Reached the beginning of the stack.
-            // Assumining 64 bit mac(see the stacksize * 8).
-            break;
-        }
-        let next = *current as *mut *mut std::ffi::c_void;
-        let pc = current.add(1);
-        let stack = current.add(2);
-        if let Err(()) = native_stack.process_register(*pc, *stack) {
-            break;
-        }
-        if (next <= current) || (next as usize & 3 != 0) {
-            break;
-        }
-        current = next;
    }
    native_stack
 }
--- a/ports/servoshell/Cargo.toml
+++ b/ports/servoshell/Cargo.toml
@ -131,6 +131,3 @@ sig = "1.0"
 [target.'cfg(target_os = "windows")'.dependencies]
 windows-sys = { workspace = true, features = ["Win32_Graphics_Gdi"] }
 libservo = { path = "../../components/servo", features = ["no-wgl"] }
-
-[lints.rust]
-unsafe_op_in_unsafe_fn = { level = "allow" }