Rollup merge of #114987 - RalfJung:unsound-mmap, r=cjgillot

elaborate a bit on the (lack of) safety in 'Mmap::map'

Sadly none of the callers of this function even consider it worth mentioning in their unsafe block that what they are doing is completely unsound.
This commit is contained in:
Weihang Lo 2023-08-24 22:53:57 +01:00 committed by GitHub
commit 832fb9c072
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -11,9 +11,14 @@
#[cfg(not(target_arch = "wasm32"))]
impl Mmap {
/// # Safety
///
/// The given file must not be mutated (i.e., not written, not truncated, ...) until the mapping is closed.
///
/// However in practice most callers do not ensure this, so uses of this function are likely unsound.
#[inline]
pub unsafe fn map(file: File) -> io::Result<Self> {
// Safety: this is in fact not safe.
// Safety: the caller must ensure that this is safe.
unsafe { memmap2::Mmap::map(&file).map(Mmap) }
}
}