chore: Move unsafe operations in unsafe functions to unsafe blocks (#36017)

Signed-off-by: DK Liao <dklassic@gmail.com>
2025-06-08 00:23:30 +00:00 · 2025-03-18 15:19:35 +09:00 · 2025-03-18 15:19:35 +09:00 · bcdd34e2aa
commit bcdd34e2aa
parent eb3c48f9d3
5 changed files with 59 additions and 57 deletions
--- a/components/allocator/Cargo.toml
+++ b/components/allocator/Cargo.toml
@ -23,6 +23,3 @@ windows-sys = { workspace = true, features = ["Win32_System_Memory"] }
 [target.'cfg(target_env = "ohos")'.dependencies]
 libc = { workspace = true }
 [lints.rust]
 unsafe_op_in_unsafe_fn = { level = "allow" }
--- a/components/allocator/lib.rs
+++ b/components/allocator/lib.rs
@ -45,10 +45,14 @@ mod platform {
    /// Passing a non-heap allocated pointer to this function results in undefined behavior.
    pub unsafe extern "C" fn usable_size(ptr: *const c_void) -> usize {
        #[cfg(target_vendor = "apple")]
-        return libc::malloc_size(ptr);
+        unsafe {
            return libc::malloc_size(ptr);
        }
        #[cfg(not(target_vendor = "apple"))]
-        return libc::malloc_usable_size(ptr as *mut _);
+        unsafe {
            return libc::malloc_usable_size(ptr as *mut _);
        }
    }
    pub mod libc_compat {
@ -70,12 +74,14 @@ mod platform {
    ///
    /// Passing a non-heap allocated pointer to this function results in undefined behavior.
    pub unsafe extern "C" fn usable_size(mut ptr: *const c_void) -> usize {
-        let heap = GetProcessHeap();
+        unsafe {
            let heap = GetProcessHeap();
-        if HeapValidate(heap, 0, ptr) == FALSE {
+            if HeapValidate(heap, 0, ptr) == FALSE {
-            ptr = *(ptr as *const *const c_void).offset(-1)
+                ptr = *(ptr as *const *const c_void).offset(-1)
            }
            HeapSize(heap, 0, ptr) as usize
        }
        HeapSize(heap, 0, ptr) as usize
    }
 }
--- a/components/background_hang_monitor/Cargo.toml
+++ b/components/background_hang_monitor/Cargo.toml
@ -32,6 +32,3 @@ mach2 = { version = "0.4", optional = true }
 [target.'cfg(all(target_os = "linux", not(any(target_arch = "arm", target_arch = "aarch64", target_env = "ohos", target_env = "musl"))))'.dependencies]
 nix = { workspace = true, features = ["signal"], optional = true }
 unwind-sys = { version = "0.1.4", optional = true }
 [lints.rust]
 unsafe_op_in_unsafe_fn = { level = "allow" }
--- a/components/background_hang_monitor/sampler_mac.rs
+++ b/components/background_hang_monitor/sampler_mac.rs
@ -62,7 +62,7 @@ fn check_kern_return(kret: mach2::kern_return::kern_return_t) -> Result<(), ()>
 #[allow(unsafe_code)]
 unsafe fn suspend_thread(thread_id: MonitoredThreadId) -> Result<(), ()> {
-    check_kern_return(mach2::thread_act::thread_suspend(thread_id))
+    check_kern_return(unsafe { mach2::thread_act::thread_suspend(thread_id) })
 }
 #[allow(unsafe_code)]
@ -71,12 +71,14 @@ unsafe fn get_registers(thread_id: MonitoredThreadId) -> Result<Registers, ()> {
    {
        let mut state = mach2::structs::x86_thread_state64_t::new();
        let mut state_count = mach2::structs::x86_thread_state64_t::count();
-        let kret = mach2::thread_act::thread_get_state(
+        let kret = unsafe {
-            thread_id,
+            mach2::thread_act::thread_get_state(
-            mach2::thread_status::x86_THREAD_STATE64,
+                thread_id,
-            (&mut state) as *mut _ as *mut _,
+                mach2::thread_status::x86_THREAD_STATE64,
-            &mut state_count,
+                (&mut state) as *mut _ as *mut _,
-        );
+                &mut state_count,
            )
        };
        check_kern_return(kret)?;
        Ok(Registers {
            instruction_ptr: state.__rip as Address,
@ -88,12 +90,14 @@ unsafe fn get_registers(thread_id: MonitoredThreadId) -> Result<Registers, ()> {
    {
        let mut state = mach2::structs::arm_thread_state64_t::new();
        let mut state_count = mach2::structs::arm_thread_state64_t::count();
-        let kret = mach2::thread_act::thread_get_state(
+        let kret = unsafe {
-            thread_id,
+            mach2::thread_act::thread_get_state(
-            mach2::thread_status::ARM_THREAD_STATE64,
+                thread_id,
-            (&mut state) as *mut _ as *mut _,
+                mach2::thread_status::ARM_THREAD_STATE64,
-            &mut state_count,
+                (&mut state) as *mut _ as *mut _,
-        );
+                &mut state_count,
            )
        };
        check_kern_return(kret)?;
        Ok(Registers {
            instruction_ptr: state.__pc as Address,
@ -104,7 +108,7 @@ unsafe fn get_registers(thread_id: MonitoredThreadId) -> Result<Registers, ()> {
 }
 #[allow(unsafe_code)]
 unsafe fn resume_thread(thread_id: MonitoredThreadId) -> Result<(), ()> {
-    check_kern_return(mach2::thread_act::thread_resume(thread_id))
+    check_kern_return(unsafe { mach2::thread_act::thread_resume(thread_id) })
 }
 #[allow(unsafe_code)]
@ -112,35 +116,36 @@ unsafe fn frame_pointer_stack_walk(regs: Registers) -> NativeStack {
    // Note: this function will only work with code build with:
    // --dev,
    // or --with-frame-pointer.
    let pthread_t = libc::pthread_self();
    let stackaddr = libc::pthread_get_stackaddr_np(pthread_t);
    let stacksize = libc::pthread_get_stacksize_np(pthread_t);
    let mut native_stack = NativeStack::new();
-    let pc = regs.instruction_ptr as *mut std::ffi::c_void;
+    unsafe {
-    let stack = regs.stack_ptr as *mut std::ffi::c_void;
+        let pthread_t = libc::pthread_self();
-    let _ = native_stack.process_register(pc, stack);
+        let stackaddr = libc::pthread_get_stackaddr_np(pthread_t);
-    let mut current = regs.frame_ptr as *mut *mut std::ffi::c_void;
+        let stacksize = libc::pthread_get_stacksize_np(pthread_t);
-    while !current.is_null() {
+        let pc = regs.instruction_ptr as *mut std::ffi::c_void;
-        if (current as usize) < stackaddr as usize {
+        let stack = regs.stack_ptr as *mut std::ffi::c_void;
-            // Reached the end of the stack.
+        let _ = native_stack.process_register(pc, stack);
-            break;
+        let mut current = regs.frame_ptr as *mut *mut std::ffi::c_void;
        while !current.is_null() {
            if (current as usize) < stackaddr as usize {
                // Reached the end of the stack.
                break;
            }
            if current as usize >= stackaddr.add(stacksize * 8) as usize {
                // Reached the beginning of the stack.
                // Assumining 64 bit mac(see the stacksize * 8).
                break;
            }
            let next = *current as *mut *mut std::ffi::c_void;
            let pc = current.add(1);
            let stack = current.add(2);
            if let Err(()) = native_stack.process_register(*pc, *stack) {
                break;
            }
            if (next <= current) || (next as usize & 3 != 0) {
                break;
            }
            current = next;
        }
        if current as usize >= stackaddr.add(stacksize * 8) as usize {
            // Reached the beginning of the stack.
            // Assumining 64 bit mac(see the stacksize * 8).
            break;
        }
        let next = *current as *mut *mut std::ffi::c_void;
        let pc = current.add(1);
        let stack = current.add(2);
        if let Err(()) = native_stack.process_register(*pc, *stack) {
            break;
        }
        if (next <= current) || (next as usize & 3 != 0) {
            break;
        }
        current = next;
    }
    native_stack
 }
--- a/ports/servoshell/Cargo.toml
+++ b/ports/servoshell/Cargo.toml
@ -131,6 +131,3 @@ sig = "1.0"
 [target.'cfg(target_os = "windows")'.dependencies]
 windows-sys = { workspace = true, features = ["Win32_Graphics_Gdi"] }
 libservo = { path = "../../components/servo", features = ["no-wgl"] }
 [lints.rust]
 unsafe_op_in_unsafe_fn = { level = "allow" }