-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Macros wrapping expressions in unsafe
blocks when using unsafe_op_in_unsafe_fn
#7323
Comments
I have a case in I would consider that a false positive. I would not see a problem with allowing the lint in this situation, but the lint docs should consider this possibility. |
I am reviewing #7469 and want to raise a question before merging. @flip1995 I think these two things are orthogonal:
The fact that you are in an unsafe function does not make the hidden #[warn(unsafe_op_in_unsafe_fn)]
unsafe fn f() {
unsafe_macro!(); // this is bad
}
fn g() {
unsafe_macro!(); // so isn't this just as bad?
} |
I think it should depend on the For your example in |
I see what you mean. #[allow(unsafe_op_in_unsafe_fn)]
unsafe fn h() {
unsafe_macro!(); // this is ok
} |
I guess this ended up being |
Cc'ing @y21 here as well, in case he wasn't aware of this one, since he implemented |
What it does
For projects using
unsafe_op_in_unsafe_fn
(and specially those requiring// SAFETY
comments), it would be nice to detect cases where a macro is wrapping an expression passed as a parameter in a "hidden"unsafe
block, and thus bypassing the intention ofunsafe_op_in_unsafe_fn
.The logic could be something like:
unsafe fn
...unsafe
block...unsafe_op_in_unsafe_fn
is enabled in this context...unsafe
block.Callers of the macro would need to wrap the entire macro call in an
unsafe
block to avoid hitting the lint (plus perhaps playing with#[allow(unused_unsafe)]
inside the macro to avoid the unneeded nestedunsafe
warning fromrustc
).Categories (optional)
clippy::pedantic
?Drawbacks
None.
Example
Assume
#![deny(unsafe_op_in_unsafe_fn)]
, and thatcontainer_of!
wraps the first parameter in anunsafe
block. Then:Could be written as:
The text was updated successfully, but these errors were encountered: