diff options
| author | Miguel Ojeda <ojeda@kernel.org> | 2024-09-04 22:43:32 +0200 |
|---|---|---|
| committer | Miguel Ojeda <ojeda@kernel.org> | 2024-10-07 21:39:05 +0200 |
| commit | db4f72c904cb116e2bf56afdd67fc5167a607a7b (patch) | |
| tree | 594e72551aeda1a38bbf185f3e10e68443871f7e /rust/kernel/print.rs | |
| parent | 567cdff53e71de56ae67eaf4309db38778b7bcd3 (diff) | |
| download | linux-db4f72c904cb116e2bf56afdd67fc5167a607a7b.tar.gz linux-db4f72c904cb116e2bf56afdd67fc5167a607a7b.tar.bz2 linux-db4f72c904cb116e2bf56afdd67fc5167a607a7b.zip | |
rust: enable `clippy::undocumented_unsafe_blocks` lint
Checking that we are not missing any `// SAFETY` comments in our `unsafe`
blocks is something we have wanted to do for a long time, as well as
cleaning up the remaining cases that were not documented [1].
Back when Rust for Linux started, this was something that could have
been done via a script, like Rust's `tidy`. Soon after, in Rust 1.58.0,
Clippy implemented the `undocumented_unsafe_blocks` lint [2].
Even though the lint has a few false positives, e.g. in some cases where
attributes appear between the comment and the `unsafe` block [3], there
are workarounds and the lint seems quite usable already.
Thus enable the lint now.
We still have a few cases to clean up, so just allow those for the moment
by writing a `TODO` comment -- some of those may be good candidates for
new contributors.
Link: https://github.com/Rust-for-Linux/linux/issues/351 [1]
Link: https://rust-lang.github.io/rust-clippy/master/#/undocumented_unsafe_blocks [2]
Link: https://github.com/rust-lang/rust-clippy/issues/13189 [3]
Reviewed-by: Alice Ryhl <aliceryhl@google.com>
Reviewed-by: Trevor Gross <tmgross@umich.edu>
Tested-by: Gary Guo <gary@garyguo.net>
Reviewed-by: Gary Guo <gary@garyguo.net>
Link: https://lore.kernel.org/r/20240904204347.168520-5-ojeda@kernel.org
Signed-off-by: Miguel Ojeda <ojeda@kernel.org>
Diffstat (limited to 'rust/kernel/print.rs')
| -rw-r--r-- | rust/kernel/print.rs | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/rust/kernel/print.rs b/rust/kernel/print.rs index 508b0221256c..fe53fc469c4f 100644 --- a/rust/kernel/print.rs +++ b/rust/kernel/print.rs @@ -23,6 +23,7 @@ unsafe extern "C" fn rust_fmt_argument( use fmt::Write; // SAFETY: The C contract guarantees that `buf` is valid if it's less than `end`. let mut w = unsafe { RawFormatter::from_ptrs(buf.cast(), end.cast()) }; + // SAFETY: TODO. let _ = w.write_fmt(unsafe { *(ptr as *const fmt::Arguments<'_>) }); w.pos().cast() } @@ -102,6 +103,7 @@ pub unsafe fn call_printk( ) { // `_printk` does not seem to fail in any path. #[cfg(CONFIG_PRINTK)] + // SAFETY: TODO. unsafe { bindings::_printk( format_string.as_ptr() as _, |