From 7163d7a40e438b34f36f27f749f7d327f15214c1 Mon Sep 17 00:00:00 2001 From: Ronan Pelliard Date: Mon, 18 Mar 2024 13:51:17 +0100 Subject: [PATCH] make functions unsafe --- src/opts.rs | 54 +++++++++++++++++++++++++++++++++++++++++------------ 1 file changed, 42 insertions(+), 12 deletions(-) diff --git a/src/opts.rs b/src/opts.rs index acac9a5083..5170c900aa 100644 --- a/src/opts.rs +++ b/src/opts.rs @@ -234,7 +234,11 @@ where } /// Get the maximum mmap window size -pub fn get_mwindow_size() -> Result { +/// +/// # Safety +/// This function is reading a C global without synchronization, so it is not +/// thread safe, and should only be called before any thread is spawned. +pub unsafe fn get_mwindow_size() -> Result { crate::init(); let mut size = 0; @@ -250,7 +254,11 @@ pub fn get_mwindow_size() -> Result { } /// Set the maximum mmap window size -pub fn set_mwindow_size(size: libc::size_t) -> Result<(), Error> { +/// +/// # Safety +/// This function is modifying a C global without synchronization, so it is not +/// thread safe, and should only be called before any thread is spawned. +pub unsafe fn set_mwindow_size(size: libc::size_t) -> Result<(), Error> { crate::init(); unsafe { @@ -264,7 +272,11 @@ pub fn set_mwindow_size(size: libc::size_t) -> Result<(), Error> { } /// Get the maximum memory that will be mapped in total by the library -pub fn get_mwindow_mapped_limit() -> Result { +/// +/// # Safety +/// This function is reading a C global without synchronization, so it is not +/// thread safe, and should only be called before any thread is spawned. +pub unsafe fn get_mwindow_mapped_limit() -> Result { crate::init(); let mut limit = 0; @@ -281,7 +293,11 @@ pub fn get_mwindow_mapped_limit() -> Result { /// Set the maximum amount of memory that can be mapped at any time /// by the library. -pub fn set_mwindow_mapped_limit(limit: libc::size_t) -> Result<(), Error> { +/// +/// # Safety +/// This function is modifying a C global without synchronization, so it is not +/// thread safe, and should only be called before any thread is spawned. +pub unsafe fn set_mwindow_mapped_limit(limit: libc::size_t) -> Result<(), Error> { crate::init(); unsafe { @@ -296,7 +312,11 @@ pub fn set_mwindow_mapped_limit(limit: libc::size_t) -> Result<(), Error> { /// Get the maximum number of files that will be mapped at any time by the /// library. -pub fn get_mwindow_file_limit() -> Result { +/// +/// # Safety +/// This function is reading a C global without synchronization, so it is not +/// thread safe, and should only be called before any thread is spawned. +pub unsafe fn get_mwindow_file_limit() -> Result { crate::init(); let mut limit = 0; @@ -313,7 +333,11 @@ pub fn get_mwindow_file_limit() -> Result { /// Set the maximum number of files that can be mapped at any time /// by the library. The default (0) is unlimited. -pub fn set_mwindow_file_limit(limit: libc::size_t) -> Result<(), Error> { +/// +/// # Safety +/// This function is modifying a C global without synchronization, so it is not +/// thread safe, and should only be called before any thread is spawned. +pub unsafe fn set_mwindow_file_limit(limit: libc::size_t) -> Result<(), Error> { crate::init(); unsafe { @@ -337,19 +361,25 @@ mod test { #[test] fn mwindow_size() { - assert!(set_mwindow_size(1024).is_ok()); - assert!(get_mwindow_size().unwrap() == 1024); + unsafe { + assert!(set_mwindow_size(1024).is_ok()); + assert!(get_mwindow_size().unwrap() == 1024); + } } #[test] fn mwindow_mapped_limit() { - assert!(set_mwindow_mapped_limit(1024).is_ok()); - assert!(get_mwindow_mapped_limit().unwrap() == 1024); + unsafe { + assert!(set_mwindow_mapped_limit(1024).is_ok()); + assert!(get_mwindow_mapped_limit().unwrap() == 1024); + } } #[test] fn mwindow_file_limit() { - assert!(set_mwindow_file_limit(1024).is_ok()); - assert!(get_mwindow_file_limit().unwrap() == 1024); + unsafe { + assert!(set_mwindow_file_limit(1024).is_ok()); + assert!(get_mwindow_file_limit().unwrap() == 1024); + } } }