fix clippy errors in fspy_preload_unix and related Linux crates

- Add SAFETY comments to all unsafe blocks in macro-generated and
  interception code
- Fix format string inlining, unnecessary semicolons, explicit deref
- Convert match-for-equality to if, fix wildcard imports
- Fix assert_eq!(x, true/false) to assert!(x)/assert!(!x) in elf tests
- Fix redundant closure and needless borrow in fspy crate

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

Author: branchseer

crates/fspy/src/unix/mod.rs

@@ -134,7 +134,11 @@ impl SpyImpl {
                 // Stop the supervisor and collect path accesses from it.
                 #[cfg(target_os = "linux")]
                 let arenas = arenas.chain(
-                    supervisor.stop().await?.into_iter().map(|handler| handler.into_arena()),
+                    supervisor
+                        .stop()
+                        .await?
+                        .into_iter()
+                        .map(syscall_handler::SyscallHandler::into_arena),
                 );
                 let arenas = arenas.collect::<Vec<_>>();
 

crates/fspy/tests/static_executable.rs

@@ -26,7 +26,7 @@ const TEST_BIN_CONTENT: &[u8] = include_bytes!(env!("CARGO_BIN_FILE_FSPY_TEST_BI
 fn test_bin_path() -> &'static Path {
     static TEST_BIN_PATH: LazyLock<PathBuf> = LazyLock::new(|| {
         assert_eq!(
-            is_dynamically_linked_to_libc(&TEST_BIN_CONTENT),
+            is_dynamically_linked_to_libc(TEST_BIN_CONTENT),
             Ok(false),
             "Test binary is not a static executable"
         );
@@ -46,7 +46,7 @@ async fn track_test_bin(args: &[&str], cwd: Option<&str>) -> PathAccessIterable
     let mut cmd = fspy::Command::new(test_bin_path());
     if let Some(cwd) = cwd {
         cmd.current_dir(cwd);
-    };
+    }
     cmd.args(args);
     let tracked_child = cmd.spawn().await.unwrap();
 

crates/fspy_preload_unix/src/client/convert.rs

@@ -15,8 +15,8 @@ use nix::unistd::getcwd;
 fn get_fd_path(fd: RawFd) -> nix::Result<Option<PathBuf>> {
     if fd == libc::AT_FDCWD {
         return Ok(Some(getcwd()?));
-    };
-    match nix::fcntl::readlink(CString::new(format!("/proc/self/fd/{}", fd)).unwrap().as_c_str()) {
+    }
+    match nix::fcntl::readlink(CString::new(format!("/proc/self/fd/{fd}")).unwrap().as_c_str()) {
         Ok(path) => Ok(Some(path.into())),
         Err(nix::Error::EBADF | nix::Error::ENOENT) => Ok(None), // invalid fd or no such file (Most likely a stdio fd)
         Err(e) => Err(e),

crates/fspy_preload_unix/src/interceptions/linux_syscall.rs

@@ -9,23 +9,32 @@ use crate::{
 intercept!(syscall(64): unsafe extern "C" fn(c_long, args: ...) -> c_long);
 unsafe extern "C" fn syscall(syscall_no: c_long, mut args: ...) -> c_long {
     // https://github.com/bminor/glibc/blob/efc8642051e6c4fe5165e8986c1338ba2c180de6/sysdeps/unix/sysv/linux/syscall.c#L23
+    // SAFETY: extracting variadic arguments matching the syscall ABI; the caller passes at least 6 c_long arguments
     let a0 = unsafe { args.arg::<c_long>() };
+    // SAFETY: extracting variadic arguments matching the syscall ABI
     let a1 = unsafe { args.arg::<c_long>() };
+    // SAFETY: extracting variadic arguments matching the syscall ABI
     let a2 = unsafe { args.arg::<c_long>() };
+    // SAFETY: extracting variadic arguments matching the syscall ABI
     let a3 = unsafe { args.arg::<c_long>() };
+    // SAFETY: extracting variadic arguments matching the syscall ABI
     let a4 = unsafe { args.arg::<c_long>() };
+    // SAFETY: extracting variadic arguments matching the syscall ABI
     let a5 = unsafe { args.arg::<c_long>() };
 
-    match syscall_no {
-        libc::SYS_statx => {
-            // c-style conversion is expected: (4294967196 -> -100 aka libc::AT_FDCWD)
-            let dirfd = a0 as c_int;
-            let pathname = a1 as *const c_char;
-            unsafe {
-                handle_open(PathAt(dirfd, pathname), AccessMode::READ);
-            }
+    if syscall_no == libc::SYS_statx {
+        // c-style conversion is expected: (4294967196 -> -100 aka libc::AT_FDCWD)
+        #[expect(
+            clippy::cast_possible_truncation,
+            reason = "c-style conversion is expected: (4294967196 -> -100 aka libc::AT_FDCWD)"
+        )]
+        let dirfd = a0 as c_int;
+        let pathname = a1 as *const c_char;
+        // SAFETY: pathname is a valid pointer to a null-terminated C string provided via the syscall arguments
+        unsafe {
+            handle_open(PathAt(dirfd, pathname), AccessMode::READ);
         }
-        _ => {}
     }
+    // SAFETY: forwarding the syscall to the original libc syscall function with the extracted arguments
     unsafe { syscall::original()(syscall_no, a0, a1, a2, a3, a4, a5) }
 }

crates/fspy_preload_unix/src/interceptions/spawn/exec/mod.rs

@@ -23,6 +23,7 @@ pub unsafe fn environ() -> *const *const c_char {
     unsafe extern "C" {
         static environ: *const *const c_char;
     }
+    // SAFETY: environ is a valid global pointer to the process environment, as defined by POSIX
     unsafe { environ }
 }
 
@@ -143,8 +144,18 @@ unsafe extern "C" fn execvp(prog: *const c_char, argv: *const *const c_char) ->
 
 #[cfg(target_os = "linux")]
 mod linux_only {
-    use std::ops::Deref;
-
+    #[expect(
+        clippy::useless_attribute,
+        reason = "allow_attributes on use items is flagged as useless but needed here"
+    )]
+    #[expect(
+        clippy::allow_attributes,
+        reason = "using allow because wildcard_imports may or may not fire depending on build target"
+    )]
+    #[allow(
+        clippy::wildcard_imports,
+        reason = "macro-generated code requires types from parent scope"
+    )]
     use super::*;
     use crate::client::convert::{PathAt, ToAbsolutePath};
 
@@ -158,6 +169,10 @@ mod linux_only {
         argv: *const *const libc::c_char,
         envp: *const *const libc::c_char,
     ) -> c_int {
+        #[expect(
+            clippy::no_effect_underscore_binding,
+            reason = "suppresses unused warning on *::original"
+        )]
         let _unused = execvpe::original;
         handle_exec(ExecResolveConfig::search_path_enabled(None), file, argv, envp)
     }
@@ -175,17 +190,23 @@ mod linux_only {
         envp: *const *mut libc::c_char,
         flags: c_int, // TODO: conform to semantics of flags
     ) -> libc::c_int {
+        #[expect(
+            clippy::no_effect_underscore_binding,
+            reason = "suppresses unused warning on *::original"
+        )]
         let _unused = execveat::original;
+        // SAFETY: PathAt wraps a valid dirfd and pathname pointer from the interposed execveat call
         let abs_path_result = unsafe {
             PathAt(dirfd, pathname).to_absolute_path(|path| {
                 let Some(path) = path else {
                     return Ok(None);
                 };
-                Ok(Some(CString::new(path.deref()).unwrap()))
+                Ok(Some(CString::new(&**path).unwrap()))
             })
         };
         let abs_path = match abs_path_result {
             Ok(None) => {
+                // SAFETY: forwarding the original arguments to the real execveat syscall
                 return unsafe { execveat::original()(dirfd, pathname, argv, envp, flags) };
             }
             Ok(Some(path)) => path.as_ptr(),
@@ -207,8 +228,12 @@ mod linux_only {
         argv: *const *const libc::c_char,
         envp: *const *const libc::c_char,
     ) -> libc::c_int {
+        #[expect(
+            clippy::no_effect_underscore_binding,
+            reason = "suppresses unused warning on *::original"
+        )]
         let _unused = fexecve::original;
-        let prog = format!("/proc/self/fd/{}\0", fd);
+        let prog = format!("/proc/self/fd/{fd}\0");
         let prog = prog.as_ptr();
         handle_exec(ExecResolveConfig::search_path_disabled(), prog.cast(), argv, envp)
     }

crates/fspy_preload_unix/src/macros/linux.rs

@@ -38,10 +38,11 @@ pub(crate) use intercept;
 
 #[cfg(test)]
 #[doc(hidden)]
-pub(crate) fn symbol_exists(name: &str) -> bool {
+pub fn symbol_exists(name: &str) -> bool {
     use std::ffi::CString;
 
     let name = CString::new(name).unwrap();
+    // SAFETY: dlsym with RTLD_DEFAULT searches for the symbol in the default shared object search order
     !unsafe { libc::dlsym(libc::RTLD_DEFAULT, name.as_ptr().cast()) }.is_null()
 }
 
@@ -66,7 +67,11 @@ macro_rules! intercept_inner {
             #[allow(unused_imports, reason = "glob import brings types into scope for macro-generated code")]
             use super::*;
             pub unsafe fn original() -> $fn_sig {
-                static LAZY: std::sync::LazyLock<$fn_sig> = std::sync::LazyLock::new(|| unsafe {
+                static LAZY: std::sync::LazyLock<$fn_sig> = std::sync::LazyLock::new(||
+                    // SAFETY: dlsym with RTLD_NEXT returns the next symbol in the dynamic linking order,
+                    // and transmute converts the resulting function pointer to the expected function signature.
+                    // The caller guarantees the symbol name matches the expected function signature via the macro invocation.
+                    unsafe {
                     ::core::mem::transmute(::libc::dlsym(
                         ::libc::RTLD_NEXT,
                         ::core::concat!(::core::stringify!($name), "\0").as_ptr().cast(),

crates/fspy_shared_unix/src/elf.rs

@@ -49,16 +49,15 @@ mod tests {
     use super::*;
     #[test]
     fn dynamic_executable() {
-        assert_eq!(is_dynamically_linked_to_libc(read("/bin/sh").unwrap()).unwrap(), true);
+        assert!(is_dynamically_linked_to_libc(read("/bin/sh").unwrap()).unwrap());
     }
     #[test]
     fn static_executable() {
         let cat = read("/bin/cat").unwrap();
         let ld_so_path = get_interp(&cat).unwrap().unwrap();
 
-        assert_eq!(
-            is_dynamically_linked_to_libc(read(OsStr::from_bytes(ld_so_path)).unwrap()).unwrap(),
-            false
+        assert!(
+            !is_dynamically_linked_to_libc(read(OsStr::from_bytes(ld_so_path)).unwrap()).unwrap()
         );
     }
 }

crates/fspy_test_bin/src/main.rs

@@ -43,6 +43,6 @@ fn main() {
         "execve" => {
             let _ = std::process::Command::new(path).spawn();
         }
-        _ => panic!("unknown action: {}", action),
+        _ => panic!("unknown action: {action}"),
     }
 }