rust-lang
unsafe_op_in_unsafe_fn warning in Rust edition 2024
The unsafe_op_in_unsafe_fn lint now warns by default. This warning detects calls to unsafe operations in unsafe functions without an explicit unsafe block.
warning[E0133]: dereference of raw pointer is unsafe and requires unsafe block
--> /origin/home/jmjoy/workspace/rust/phper/target/debug/build/phper-sys-ef5a7a32f49c54c5/out/php_bindings.rs:39:20
|
39 | let byte = *(core::ptr::addr_of!((*this).storage) as *const u8).offset(byte_index as isize);
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ dereference of raw pointer
|
= note: for more information, see <https://doc.rust-lang.org/nightly/edition-guide/rust-2024/unsafe-op-in-unsafe-fn.html>
= note: raw pointers may be null, dangling or unaligned; they can violate aliasing rules and cause data races: all of these are undefined behavior
note: an unsafe function restricts its caller, but its body is safe by default
--> /origin/home/jmjoy/workspace/rust/phper/target/debug/build/phper-sys-ef5a7a32f49c54c5/out/php_bindings.rs:36:5
|
36 | pub unsafe fn raw_get_bit(this: *const Self, index: usize) -> bool {
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
= note: `#[warn(unsafe_op_in_unsafe_fn)]` on by default
Unsafe bitfield raw getters and setters (line 39 in your case) are addressed in https://github.com/rust-lang/rust-bindgen/pull/3124. For other cases, bindgen's --wrap-unsafe-ops option should do the work.
Maybe it makes sense to enable wrap_unsafe_ops by default?
Looks like it was first implemented by #2266 but then it broke building for Rust <1.65, so it was re-implemented as an optional flag.
Maybe it makes sense to enable
wrap_unsafe_opsby default? Looks like it was first implemented by #2266 but then it broke building for Rust <1.65, so it was re-implemented as an optional flag.
Yeah it makes sense to at least enable wrap_unsafe_ops when the target edition is set to 2024.
An example of the warnings; would seem to motivate setting .wrap_unsafe_ops(true) by default to reduce DevX friction.
It would also reduce friction to add an #![allow(dead_code)] to the codegenned file, those splatter the error output as well...
impl VersionRange {
#[inline]
pub unsafe fn Deserialize(&mut self) -> VersionRange {
│ └──── E0133: consider wrapping the function body in an unsafe block: `{ unsafe `, `}`
└──── E0133: an unsafe function restricts its caller, but its body is safe by default
VersionRange_Deserialize(self)
└──── E0133: call to unsafe function `aa::adp::fw_integration_tests::cpp::VersionRange_Deserialize` is unsafe and requires unsafe block
for more information, see <https://doc.rust-lang.org/edition-guide/rust-2024/unsafe-op-in-unsafe-fn.html>
consult the function's documentation for information on how to avoid undefined behavior
`#[warn(unsafe_op_in_unsafe_fn)]` on by default
└──── unsafe_op_in_unsafe_fn: call to unsafe function is unsafe and requires an unsafe function or block
}
}
