vexos: add SAFETY comments for FileDesc invariants

tropicaaal · tropicaaal · commit b599f6ccab1e · 2025-09-23T16:44:15.000-05:00
diff --git a/library/std/src/sys/fs/vexos.rs b/library/std/src/sys/fs/vexos.rs
@@ -340,7 +340,10 @@ impl File {
     pub fn read(&self, buf: &mut [u8]) -> io::Result<usize> {
         let len = buf.len() as u32;
         let buf_ptr = buf.as_mut_ptr();
-        let read = unsafe { vex_sdk::vexFileRead(buf_ptr.cast::<c_char>(), 1, len, self.fd.0) };
+        let read = unsafe {
+            // SAFETY: `self.fd` contains a valid pointer to `FIL` for this struct's lifetime.
+            vex_sdk::vexFileRead(buf_ptr.cast::<c_char>(), 1, len, self.fd.0)
+        };
 
         if read < 0 {
             Err(io::const_error!(io::ErrorKind::Other, "Could not read from file"))
@@ -366,6 +369,7 @@ impl File {
         let len = buf.len() as u32;
         let buf_ptr = buf.as_ptr();
         let written = unsafe {
+            // SAFETY: `self.fd` contains a valid pointer to `FIL` for this struct's lifetime.
             vex_sdk::vexFileWrite(buf_ptr.cast_mut().cast::<c_char>(), 1, len, self.fd.0)
         };
 
@@ -387,12 +391,14 @@ impl File {
 
     pub fn flush(&self) -> io::Result<()> {
         unsafe {
+            // SAFETY: `self.fd` contains a valid pointer to `FIL` for this struct's lifetime.
             vex_sdk::vexFileSync(self.fd.0);
         }
         Ok(())
     }
 
     pub fn tell(&self) -> io::Result<u64> {
+        // SAFETY: `self.fd` contains a valid pointer to `FIL` for this struct's lifetime.
         let position = unsafe { vex_sdk::vexFileTell(self.fd.0) };
 
         position.try_into().map_err(|_| {
@@ -418,6 +424,7 @@ impl File {
             })
         }
 
+        // SAFETY: `self.fd` contains a valid pointer to `FIL` for this struct's lifetime.
         match pos {
             SeekFrom::Start(offset) => unsafe {
                 map_fresult(vex_sdk::vexFileSeek(self.fd.0, try_convert_offset(offset)?, SEEK_SET))?
