fix(pal/hermit): deny(unsafe_op_in_unsafe_fn)

mkroening · mkroening · commit 0260e47b16ec · 2024-08-01T12:34:43.000+02:00
Signed-off-by: Martin Kröning &lt;martin.kroening@eonerc.rwth-aachen.de&gt;
diff --git a/std/src/sys/pal/hermit/alloc.rs b/std/src/sys/pal/hermit/alloc.rs
@@ -1,21 +1,28 @@
 use super::hermit_abi;
 use crate::alloc::{GlobalAlloc, Layout, System};
-use crate::ptr;
 
 #[stable(feature = "alloc_system_type", since = "1.28.0")]
 unsafe impl GlobalAlloc for System {
     #[inline]
     unsafe fn alloc(&self, layout: Layout) -> *mut u8 {
-        hermit_abi::malloc(layout.size(), layout.align())
+        let size = layout.size();
+        let align = layout.align();
+        unsafe { hermit_abi::malloc(size, align) }
     }
 
     #[inline]
     unsafe fn dealloc(&self, ptr: *mut u8, layout: Layout) {
-        hermit_abi::free(ptr, layout.size(), layout.align())
+        let size = layout.size();
+        let align = layout.align();
+        unsafe {
+            hermit_abi::free(ptr, size, align);
+        }
     }
 
     #[inline]
     unsafe fn realloc(&self, ptr: *mut u8, layout: Layout, new_size: usize) -> *mut u8 {
-        hermit_abi::realloc(ptr, layout.size(), layout.align(), new_size)
+        let size = layout.size();
+        let align = layout.align();
+        unsafe { hermit_abi::realloc(ptr, size, align, new_size) }
     }
 }
diff --git a/std/src/sys/pal/hermit/fd.rs b/std/src/sys/pal/hermit/fd.rs
@@ -111,7 +111,8 @@ impl FromInner<OwnedFd> for FileDesc {
 
 impl FromRawFd for FileDesc {
     unsafe fn from_raw_fd(raw_fd: RawFd) -> Self {
-        Self { fd: FromRawFd::from_raw_fd(raw_fd) }
+        let fd = unsafe { OwnedFd::from_raw_fd(raw_fd) };
+        Self { fd }
     }
 }
 
diff --git a/std/src/sys/pal/hermit/fs.rs b/std/src/sys/pal/hermit/fs.rs
@@ -484,7 +484,8 @@ impl IntoRawFd for File {
 
 impl FromRawFd for File {
     unsafe fn from_raw_fd(raw_fd: RawFd) -> Self {
-        Self(FromRawFd::from_raw_fd(raw_fd))
+        let file_desc = unsafe { FileDesc::from_raw_fd(raw_fd) };
+        Self(file_desc)
     }
 }
 
diff --git a/std/src/sys/pal/hermit/mod.rs b/std/src/sys/pal/hermit/mod.rs
@@ -13,7 +13,8 @@
 //! compiling for wasm. That way it's a compile time error for something that's
 //! guaranteed to be a runtime error!
 
-#![allow(missing_docs, nonstandard_style, unsafe_op_in_unsafe_fn)]
+#![deny(unsafe_op_in_unsafe_fn)]
+#![allow(missing_docs, nonstandard_style)]
 
 use crate::os::raw::c_char;
 
@@ -78,7 +79,9 @@ pub extern "C" fn __rust_abort() {
 // SAFETY: must be called only once during runtime initialization.
 // NOTE: this is not guaranteed to run, for example when Rust code is called externally.
 pub unsafe fn init(argc: isize, argv: *const *const u8, _sigpipe: u8) {
-    args::init(argc, argv);
+    unsafe {
+        args::init(argc, argv);
+    }
 }
 
 // SAFETY: must be called only once during runtime cleanup.
@@ -99,10 +102,12 @@ pub unsafe extern "C" fn runtime_entry(
     // initialize environment
     os::init_environment(env as *const *const i8);
 
-    let result = main(argc as isize, argv);
+    let result = unsafe { main(argc as isize, argv) };
 
-    crate::sys::thread_local::destructors::run();
-    hermit_abi::exit(result)
+    unsafe {
+        crate::sys::thread_local::destructors::run();
+    }
+    unsafe { hermit_abi::exit(result) }
 }
 
 #[inline]
diff --git a/std/src/sys/pal/hermit/thread.rs b/std/src/sys/pal/hermit/thread.rs
@@ -25,18 +25,22 @@ impl Thread {
         core_id: isize,
     ) -> io::Result<Thread> {
         let p = Box::into_raw(Box::new(p));
-        let tid = hermit_abi::spawn2(
-            thread_start,
-            p.expose_provenance(),
-            hermit_abi::Priority::into(hermit_abi::NORMAL_PRIO),
-            stack,
-            core_id,
-        );
+        let tid = unsafe {
+            hermit_abi::spawn2(
+                thread_start,
+                p.expose_provenance(),
+                hermit_abi::Priority::into(hermit_abi::NORMAL_PRIO),
+                stack,
+                core_id,
+            )
+        };
 
         return if tid == 0 {
             // The thread failed to start and as a result p was not consumed. Therefore, it is
             // safe to reconstruct the box so that it gets deallocated.
-            drop(Box::from_raw(p));
+            unsafe {
+                drop(Box::from_raw(p));
+            }
             Err(io::const_io_error!(io::ErrorKind::Uncategorized, "Unable to create thread!"))
         } else {
             Ok(Thread { tid: tid })
@@ -54,7 +58,9 @@ impl Thread {
     }
 
     pub unsafe fn new(stack: usize, p: Box<dyn FnOnce()>) -> io::Result<Thread> {
-        Thread::new_with_coreid(stack, p, -1 /* = no specific core */)
+        unsafe {
+            Thread::new_with_coreid(stack, p, -1 /* = no specific core */)
+        }
     }
 
     #[inline]

Original file line number	Diff line number	Diff line change
`@@ -111,7 +111,8 @@ impl FromInner<OwnedFd> for FileDesc {`
`111`	`111`
`112`	`112`	`impl FromRawFd for FileDesc {`
`113`	`113`	`unsafe fn from_raw_fd(raw_fd: RawFd) -> Self {`
`114`		`- Self { fd: FromRawFd::from_raw_fd(raw_fd) }`
	`114`	`+ let fd = unsafe { OwnedFd::from_raw_fd(raw_fd) };`
	`115`	`+ Self { fd }`
`115`	`116`	`}`
`116`	`117`	`}`
`117`	`118`
Original file line number	Diff line number	Diff line change
`@@ -484,7 +484,8 @@ impl IntoRawFd for File {`
`484`	`484`
`485`	`485`	`impl FromRawFd for File {`
`486`	`486`	`unsafe fn from_raw_fd(raw_fd: RawFd) -> Self {`
`487`		`- Self(FromRawFd::from_raw_fd(raw_fd))`
	`487`	`+ let file_desc = unsafe { FileDesc::from_raw_fd(raw_fd) };`
	`488`	`+ Self(file_desc)`
`488`	`489`	`}`
`489`	`490`	`}`
`490`	`491`