GothenburgBitFactory/taskwarrior
1
0
Fork 0
mirror of https://github.com/GothenburgBitFactory/taskwarrior.git synced 2025-06-26 10:54:26 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

rename trait methods to avoid ambiguity

Browse source
This commit is contained in:
Dustin J. Mitchell 2022-02-13 02:30:17 +00:00
parent 213da88b27
commit c22182cc19
9 changed files with 98 additions and 98 deletions
Download patch file Download diff file Expand all files Collapse all files

6
lib/src/annotation.rs
View file

@ -24,7 +24,7 @@ impl PassByValue for TCAnnotation {
// SAFETY:
// - self is owned, so we can take ownership of this TCString
// - self.description is a valid, non-null TCString (see type docstring)
let description = unsafe { TCString::take_from_arg(self.description) };
let description = unsafe { TCString::take_from_ptr_arg(self.description) };
(entry, description)
}
@ -32,7 +32,7 @@ impl PassByValue for TCAnnotation {
TCAnnotation {
entry: libc::time_t::as_ctype(Some(entry)),
// SAFETY: caller assumes ownership of this value
description: unsafe { description.return_val() },
description: unsafe { description.return_ptr() },
}
}
}
@ -85,7 +85,7 @@ pub unsafe extern "C" fn tc_annotation_free(tcann: *mut TCAnnotation) {
debug_assert!(!tcann.is_null());
// SAFETY:
// - *tcann is a valid TCAnnotation (caller promises to treat it as read-only)
let annotation = unsafe { TCAnnotation::take_from_arg(tcann, TCAnnotation::default()) };
let annotation = unsafe { TCAnnotation::take_val_from_arg(tcann, TCAnnotation::default()) };
drop(annotation);
}

8
lib/src/kv.rs
View file

@ -18,18 +18,18 @@ impl PassByValue for TCKV {
// SAFETY:
// - self is owned, so we can take ownership of this TCString
// - self.key is a valid, non-null TCString (see type docstring)
let key = unsafe { TCString::take_from_arg(self.key) };
let key = unsafe { TCString::take_from_ptr_arg(self.key) };
// SAFETY: (same)
let value = unsafe { TCString::take_from_arg(self.value) };
let value = unsafe { TCString::take_from_ptr_arg(self.value) };
(key, value)
}
fn as_ctype((key, value): Self::RustType) -> Self {
TCKV {
// SAFETY: caller assumes ownership of this value
key: unsafe { key.return_val() },
key: unsafe { key.return_ptr() },
// SAFETY: caller assumes ownership of this value
value: unsafe { value.return_val() },
value: unsafe { value.return_ptr() },
}
}
}

34
lib/src/replica.rs
View file

@ -75,7 +75,7 @@ where
F: FnOnce(&mut Replica) -> anyhow::Result<T>,
{
// SAFETY: see type docstring
let rep: &mut TCReplica = unsafe { TCReplica::from_arg_ref_mut(rep) };
let rep: &mut TCReplica = unsafe { TCReplica::from_ptr_arg_ref_mut(rep) };
if rep.mut_borrowed {
panic!("replica is borrowed and cannot be used");
}
@ -97,7 +97,7 @@ pub unsafe extern "C" fn tc_replica_new_in_memory() -> *mut TCReplica {
.into_storage()
.expect("in-memory always succeeds");
// SAFETY: see type docstring
unsafe { TCReplica::from(Replica::new(storage)).return_val() }
unsafe { TCReplica::from(Replica::new(storage)).return_ptr() }
}
/// Create a new TCReplica with an on-disk database having the given filename. On error, a string
@ -108,7 +108,7 @@ pub unsafe extern "C" fn tc_replica_new_on_disk<'a>(
error_out: *mut *mut TCString,
) -> *mut TCReplica {
// SAFETY: see TCString docstring
let path = unsafe { TCString::take_from_arg(path) };
let path = unsafe { TCString::take_from_ptr_arg(path) };
let storage_res = StorageConfig::OnDisk {
taskdb_dir: path.to_path_buf(),
}
@ -119,7 +119,7 @@ pub unsafe extern "C" fn tc_replica_new_on_disk<'a>(
Err(e) => {
if !error_out.is_null() {
unsafe {
*error_out = err_to_tcstring(e).return_val();
*error_out = err_to_tcstring(e).return_ptr();
}
}
return std::ptr::null_mut();
@ -127,7 +127,7 @@ pub unsafe extern "C" fn tc_replica_new_on_disk<'a>(
};
// SAFETY: see type docstring
unsafe { TCReplica::from(Replica::new(storage)).return_val() }
unsafe { TCReplica::from(Replica::new(storage)).return_ptr() }
}
/// Get a list of all tasks in the replica.
@ -147,9 +147,9 @@ pub unsafe extern "C" fn tc_replica_all_tasks(rep: *mut TCReplica) -> TCTaskList
.map(|(_uuid, t)| {
NonNull::new(
// SAFETY: see TCTask docstring
unsafe { TCTask::from(t).return_val() },
unsafe { TCTask::from(t).return_ptr() },
)
.expect("TCTask::return_val returned NULL")
.expect("TCTask::return_ptr returned NULL")
})
.collect();
Ok(TCTaskList::return_val(tasks))
@ -187,7 +187,7 @@ pub unsafe extern "C" fn tc_replica_working_set(rep: *mut TCReplica) -> *mut TCW
|rep| {
let ws = rep.working_set()?;
// SAFETY: caller promises to free this task
Ok(unsafe { TCWorkingSet::return_val(ws.into()) })
Ok(unsafe { TCWorkingSet::return_ptr(ws.into()) })
},
std::ptr::null_mut(),
)
@ -203,10 +203,10 @@ pub unsafe extern "C" fn tc_replica_get_task(rep: *mut TCReplica, tcuuid: TCUuid
rep,
|rep| {
// SAFETY: see TCUuid docstring
let uuid = unsafe { TCUuid::from_arg(tcuuid) };
let uuid = unsafe { TCUuid::val_from_arg(tcuuid) };
if let Some(task) = rep.get_task(uuid)? {
// SAFETY: caller promises to free this task
Ok(unsafe { TCTask::from(task).return_val() })
Ok(unsafe { TCTask::from(task).return_ptr() })
} else {
Ok(std::ptr::null_mut())
}
@ -225,13 +225,13 @@ pub unsafe extern "C" fn tc_replica_new_task(
description: *mut TCString,
) -> *mut TCTask {
// SAFETY: see TCString docstring
let description = unsafe { TCString::take_from_arg(description) };
let description = unsafe { TCString::take_from_ptr_arg(description) };
wrap(
rep,
|rep| {
let task = rep.new_task(status.into(), description.as_str()?.to_string())?;
// SAFETY: caller promises to free this task
Ok(unsafe { TCTask::from(task).return_val() })
Ok(unsafe { TCTask::from(task).return_ptr() })
},
std::ptr::null_mut(),
)
@ -249,10 +249,10 @@ pub unsafe extern "C" fn tc_replica_import_task_with_uuid(
rep,
|rep| {
// SAFETY: see TCUuid docstring
let uuid = unsafe { TCUuid::from_arg(tcuuid) };
let uuid = unsafe { TCUuid::val_from_arg(tcuuid) };
let task = rep.import_task_with_uuid(uuid)?;
// SAFETY: caller promises to free this task
Ok(unsafe { TCTask::from(task).return_val() })
Ok(unsafe { TCTask::from(task).return_ptr() })
},
std::ptr::null_mut(),
)
@ -325,10 +325,10 @@ pub unsafe extern "C" fn tc_replica_rebuild_working_set(
#[no_mangle]
pub unsafe extern "C" fn tc_replica_error<'a>(rep: *mut TCReplica) -> *mut TCString<'static> {
// SAFETY: see type docstring
let rep: &'a mut TCReplica = unsafe { TCReplica::from_arg_ref_mut(rep) };
let rep: &'a mut TCReplica = unsafe { TCReplica::from_ptr_arg_ref_mut(rep) };
if let Some(tcstring) = rep.error.take() {
// SAFETY: see TCString docstring
unsafe { tcstring.return_val() }
unsafe { tcstring.return_ptr() }
} else {
std::ptr::null_mut()
}
@ -339,7 +339,7 @@ pub unsafe extern "C" fn tc_replica_error<'a>(rep: *mut TCReplica) -> *mut TCStr
#[no_mangle]
pub unsafe extern "C" fn tc_replica_free(rep: *mut TCReplica) {
// SAFETY: see type docstring
let replica = unsafe { TCReplica::take_from_arg(rep) };
let replica = unsafe { TCReplica::take_from_ptr_arg(rep) };
if replica.mut_borrowed {
panic!("replica is borrowed and cannot be freed");
}

14
lib/src/string.rs
View file

@ -194,7 +194,7 @@ pub unsafe extern "C" fn tc_string_borrow(cstr: *const libc::c_char) -> *mut TCS
// - cstr's content will not change before it is destroyed (promised by caller)
let cstr: &CStr = unsafe { CStr::from_ptr(cstr) };
// SAFETY: see docstring
unsafe { TCString::CStr(cstr).return_val() }
unsafe { TCString::CStr(cstr).return_ptr() }
}
/// Create a new TCString by cloning the content of the given C string. The resulting TCString
@ -209,7 +209,7 @@ pub unsafe extern "C" fn tc_string_clone(cstr: *const libc::c_char) -> *mut TCSt
// - cstr's content will not change before it is destroyed (by C convention)
let cstr: &CStr = unsafe { CStr::from_ptr(cstr) };
// SAFETY: see docstring
unsafe { TCString::CString(cstr.into()).return_val() }
unsafe { TCString::CString(cstr.into()).return_ptr() }
}
/// Create a new TCString containing the given string with the given length. This allows creation
@ -246,7 +246,7 @@ pub unsafe extern "C" fn tc_string_clone_with_len(
};
// SAFETY: see docstring
unsafe { tcstring.return_val() }
unsafe { tcstring.return_ptr() }
}
/// Get the content of the string as a regular C string. The given string must not be NULL. The
@ -263,7 +263,7 @@ pub unsafe extern "C" fn tc_string_content(tcstring: *mut TCString) -> *const li
// - tcstring is not NULL (promised by caller)
// - lifetime of tcstring outlives the lifetime of this function
// - lifetime of tcstring outlives the lifetime of the returned pointer (promised by caller)
let tcstring = unsafe { TCString::from_arg_ref_mut(tcstring) };
let tcstring = unsafe { TCString::from_ptr_arg_ref_mut(tcstring) };
// if we have a String, we need to consume it and turn it into
// a CString.
@ -293,7 +293,7 @@ pub unsafe extern "C" fn tc_string_content_with_len(
// - tcstring is not NULL (promised by caller)
// - lifetime of tcstring outlives the lifetime of this function
// - lifetime of tcstring outlives the lifetime of the returned pointer (promised by caller)
let tcstring = unsafe { TCString::from_arg_ref(tcstring) };
let tcstring = unsafe { TCString::from_ptr_arg_ref(tcstring) };
let bytes = tcstring.as_bytes();
@ -301,7 +301,7 @@ pub unsafe extern "C" fn tc_string_content_with_len(
// - len_out is not NULL (promised by caller)
// - len_out points to valid memory (promised by caller)
// - len_out is properly aligned (C convention)
unsafe { usize::to_arg_out(bytes.len(), len_out) };
unsafe { usize::val_to_arg_out(bytes.len(), len_out) };
bytes.as_ptr() as *const libc::c_char
}
@ -312,7 +312,7 @@ pub unsafe extern "C" fn tc_string_free(tcstring: *mut TCString) {
// SAFETY:
// - tcstring is not NULL (promised by caller)
// - caller is exclusive owner of tcstring (promised by caller)
drop(unsafe { TCString::take_from_arg(tcstring) });
drop(unsafe { TCString::take_from_ptr_arg(tcstring) });
}
/// Free a TCStringList instance. The instance, and all TCStringList it contains, must not be used after

60
lib/src/task.rs
View file

@ -63,7 +63,7 @@ impl TCTask {
// - tcreplica is not null (promised by caller)
// - tcreplica outlives the pointer in this variant (promised by caller)
let tcreplica_ref: &mut TCReplica =
unsafe { TCReplica::from_arg_ref_mut(tcreplica) };
unsafe { TCReplica::from_ptr_arg_ref_mut(tcreplica) };
let rep_ref = tcreplica_ref.borrow_mut();
Inner::Mutable(task.into_mut(rep_ref), tcreplica)
}
@ -83,7 +83,7 @@ impl TCTask {
// variant)
// - tcreplica is still alive (promised by caller of to_mut)
let tcreplica_ref: &mut TCReplica =
unsafe { TCReplica::from_arg_ref_mut(tcreplica) };
unsafe { TCReplica::from_ptr_arg_ref_mut(tcreplica) };
tcreplica_ref.release_borrow();
Inner::Immutable(task.into_immut())
}
@ -110,7 +110,7 @@ where
// SAFETY:
// - task is not null (promised by caller)
// - task outlives 'a (promised by caller)
let tctask: &'a mut TCTask = unsafe { TCTask::from_arg_ref_mut(task) };
let tctask: &'a mut TCTask = unsafe { TCTask::from_ptr_arg_ref_mut(task) };
let task: &'a Task = match &tctask.inner {
Inner::Immutable(t) => t,
Inner::Mutable(t, _) => t.deref(),
@ -130,7 +130,7 @@ where
// SAFETY:
// - task is not null (promised by caller)
// - task outlives 'a (promised by caller)
let tctask: &'a mut TCTask = unsafe { TCTask::from_arg_ref_mut(task) };
let tctask: &'a mut TCTask = unsafe { TCTask::from_ptr_arg_ref_mut(task) };
let task: &'a mut TaskMut = match tctask.inner {
Inner::Immutable(_) => panic!("Task is immutable"),
Inner::Mutable(ref mut t, _) => t,
@ -209,7 +209,7 @@ pub unsafe extern "C" fn tc_task_to_mut<'a>(task: *mut TCTask, tcreplica: *mut T
// SAFETY:
// - task is not null (promised by caller)
// - task outlives 'a (promised by caller)
let tctask: &'a mut TCTask = unsafe { TCTask::from_arg_ref_mut(task) };
let tctask: &'a mut TCTask = unsafe { TCTask::from_ptr_arg_ref_mut(task) };
// SAFETY:
// - tcreplica is not NULL (promised by caller)
// - tcreplica lives until later call to to_immut via tc_task_to_immut (promised by caller,
@ -227,7 +227,7 @@ pub unsafe extern "C" fn tc_task_to_immut<'a>(task: *mut TCTask) {
// SAFETY:
// - task is not null (promised by caller)
// - task outlives 'a (promised by caller)
let tctask: &'a mut TCTask = unsafe { TCTask::from_arg_ref_mut(task) };
let tctask: &'a mut TCTask = unsafe { TCTask::from_ptr_arg_ref_mut(task) };
tctask.to_immut();
}
@ -269,7 +269,7 @@ pub unsafe extern "C" fn tc_task_get_description<'a>(task: *mut TCTask) -> *mut
wrap(task, |task| {
let descr: TCString = task.get_description().into();
// SAFETY: see TCString docstring
unsafe { descr.return_val() }
unsafe { descr.return_ptr() }
})
}
@ -308,7 +308,7 @@ pub unsafe extern "C" fn tc_task_is_active(task: *mut TCTask) -> bool {
#[no_mangle]
pub unsafe extern "C" fn tc_task_has_tag<'a>(task: *mut TCTask, tag: *mut TCString) -> bool {
// SAFETY: see TCString docstring
let tcstring = unsafe { TCString::take_from_arg(tag) };
let tcstring = unsafe { TCString::take_from_ptr_arg(tag) };
wrap(task, |task| {
if let Ok(tag) = Tag::try_from(tcstring) {
task.has_tag(&tag)
@ -330,9 +330,9 @@ pub unsafe extern "C" fn tc_task_get_tags<'a>(task: *mut TCTask) -> TCStringList
.map(|t| {
NonNull::new(
// SAFETY: see TCString docstring
unsafe { TCString::from(t.as_ref()).return_val() },
unsafe { TCString::from(t.as_ref()).return_ptr() },
)
.expect("TCString::return_val() returned NULL")
.expect("TCString::return_ptr() returned NULL")
})
.collect();
TCStringList::return_val(vec)
@ -367,12 +367,12 @@ pub unsafe extern "C" fn tc_task_get_uda<'a>(
key: *mut TCString<'a>,
) -> *mut TCString<'static> {
wrap(task, |task| {
if let Ok(ns) = unsafe { TCString::take_from_arg(ns) }.as_str() {
if let Ok(key) = unsafe { TCString::take_from_arg(key) }.as_str() {
if let Ok(ns) = unsafe { TCString::take_from_ptr_arg(ns) }.as_str() {
if let Ok(key) = unsafe { TCString::take_from_ptr_arg(key) }.as_str() {
if let Some(value) = task.get_uda(ns, key) {
// SAFETY:
// - caller will free this string (caller promises)
return unsafe { TCString::return_val(value.into()) };
return unsafe { TCString::return_ptr(value.into()) };
}
}
}
@ -389,11 +389,11 @@ pub unsafe extern "C" fn tc_task_get_legacy_uda<'a>(
key: *mut TCString<'a>,
) -> *mut TCString<'static> {
wrap(task, |task| {
if let Ok(key) = unsafe { TCString::take_from_arg(key) }.as_str() {
if let Ok(key) = unsafe { TCString::take_from_ptr_arg(key) }.as_str() {
if let Some(value) = task.get_legacy_uda(key) {
// SAFETY:
// - caller will free this string (caller promises)
return unsafe { TCString::return_val(value.into()) };
return unsafe { TCString::return_ptr(value.into()) };
}
}
std::ptr::null_mut()
@ -461,7 +461,7 @@ pub unsafe extern "C" fn tc_task_set_description<'a>(
description: *mut TCString,
) -> TCResult {
// SAFETY: see TCString docstring
let description = unsafe { TCString::take_from_arg(description) };
let description = unsafe { TCString::take_from_ptr_arg(description) };
wrap_mut(
task,
|task| {
@ -577,7 +577,7 @@ pub unsafe extern "C" fn tc_task_delete(task: *mut TCTask) -> TCResult {
#[no_mangle]
pub unsafe extern "C" fn tc_task_add_tag(task: *mut TCTask, tag: *mut TCString) -> TCResult {
// SAFETY: see TCString docstring
let tcstring = unsafe { TCString::take_from_arg(tag) };
let tcstring = unsafe { TCString::take_from_ptr_arg(tag) };
wrap_mut(
task,
|task| {
@ -593,7 +593,7 @@ pub unsafe extern "C" fn tc_task_add_tag(task: *mut TCTask, tag: *mut TCString)
#[no_mangle]
pub unsafe extern "C" fn tc_task_remove_tag(task: *mut TCTask, tag: *mut TCString) -> TCResult {
// SAFETY: see TCString docstring
let tcstring = unsafe { TCString::take_from_arg(tag) };
let tcstring = unsafe { TCString::take_from_ptr_arg(tag) };
wrap_mut(
task,
|task| {
@ -613,7 +613,7 @@ pub unsafe extern "C" fn tc_task_add_annotation(
) -> TCResult {
// SAFETY: see TCAnnotation docstring
let (entry, description) =
unsafe { TCAnnotation::take_from_arg(annotation, TCAnnotation::default()) };
unsafe { TCAnnotation::take_val_from_arg(annotation, TCAnnotation::default()) };
wrap_mut(
task,
|task| {
@ -647,11 +647,11 @@ pub unsafe extern "C" fn tc_task_set_uda<'a>(
value: *mut TCString,
) -> TCResult {
// SAFETY: see TCString docstring
let ns = unsafe { TCString::take_from_arg(ns) };
let ns = unsafe { TCString::take_from_ptr_arg(ns) };
// SAFETY: see TCString docstring
let key = unsafe { TCString::take_from_arg(key) };
let key = unsafe { TCString::take_from_ptr_arg(key) };
// SAFETY: see TCString docstring
let value = unsafe { TCString::take_from_arg(value) };
let value = unsafe { TCString::take_from_ptr_arg(value) };
wrap_mut(
task,
|task| {
@ -674,9 +674,9 @@ pub unsafe extern "C" fn tc_task_remove_uda<'a>(
key: *mut TCString,
) -> TCResult {
// SAFETY: see TCString docstring
let ns = unsafe { TCString::take_from_arg(ns) };
let ns = unsafe { TCString::take_from_ptr_arg(ns) };
// SAFETY: see TCString docstring
let key = unsafe { TCString::take_from_arg(key) };
let key = unsafe { TCString::take_from_ptr_arg(key) };
wrap_mut(
task,
|task| {
@ -695,9 +695,9 @@ pub unsafe extern "C" fn tc_task_set_legacy_uda<'a>(
value: *mut TCString,
) -> TCResult {
// SAFETY: see TCString docstring
let key = unsafe { TCString::take_from_arg(key) };
let key = unsafe { TCString::take_from_ptr_arg(key) };
// SAFETY: see TCString docstring
let value = unsafe { TCString::take_from_arg(value) };
let value = unsafe { TCString::take_from_ptr_arg(value) };
wrap_mut(
task,
|task| {
@ -715,7 +715,7 @@ pub unsafe extern "C" fn tc_task_remove_legacy_uda<'a>(
key: *mut TCString,
) -> TCResult {
// SAFETY: see TCString docstring
let key = unsafe { TCString::take_from_arg(key) };
let key = unsafe { TCString::take_from_ptr_arg(key) };
wrap_mut(
task,
|task| {
@ -734,9 +734,9 @@ pub unsafe extern "C" fn tc_task_error<'a>(task: *mut TCTask) -> *mut TCString<'
// SAFETY:
// - task is not null (promised by caller)
// - task outlives 'a (promised by caller)
let task: &'a mut TCTask = unsafe { TCTask::from_arg_ref_mut(task) };
let task: &'a mut TCTask = unsafe { TCTask::from_ptr_arg_ref_mut(task) };
if let Some(tcstring) = task.error.take() {
unsafe { tcstring.return_val() }
unsafe { tcstring.return_ptr() }
} else {
std::ptr::null_mut()
}
@ -751,7 +751,7 @@ pub unsafe extern "C" fn tc_task_free<'a>(task: *mut TCTask) {
// SAFETY:
// - rep is not NULL (promised by caller)
// - caller will not use the TCTask after this (promised by caller)
let mut tctask = unsafe { TCTask::take_from_arg(task) };
let mut tctask = unsafe { TCTask::take_from_ptr_arg(task) };
// convert to immut if it was mutable
tctask.to_immut();

42
lib/src/traits.rs
View file

@ -27,7 +27,7 @@ pub(crate) trait PassByValue: Sized {
///
/// `self` must be a valid instance of Self. This is typically ensured either by requiring
/// that C code not modify it, or by defining the valid values in C comments.
unsafe fn from_arg(arg: Self) -> Self::RustType {
unsafe fn val_from_arg(arg: Self) -> Self::RustType {
// SAFETY:
// - arg is a valid CType (promised by caller)
unsafe { arg.from_ctype() }
@ -38,15 +38,15 @@ pub(crate) trait PassByValue: Sized {
///
/// # Safety
///
/// `*arg` must be a valid CType, as with [`from_arg`].
unsafe fn take_from_arg(arg: *mut Self, mut replacement: Self) -> Self::RustType {
/// `*arg` must be a valid CType, as with [`val_from_arg`].
unsafe fn take_val_from_arg(arg: *mut Self, mut replacement: Self) -> Self::RustType {
// SAFETY:
// - arg is valid (promised by caller)
// - replacement is valid (guaranteed by Rust)
unsafe { std::ptr::swap(arg, &mut replacement) };
// SAFETY:
// - replacement (formerly *arg) is a valid CType (promised by caller)
unsafe { PassByValue::from_arg(replacement) }
unsafe { PassByValue::val_from_arg(replacement) }
}
/// Return a value to C
@ -60,7 +60,7 @@ pub(crate) trait PassByValue: Sized {
///
/// `arg_out` must not be NULL and must be properly aligned and pointing to valid memory
/// of the size of CType.
unsafe fn to_arg_out(val: Self::RustType, arg_out: *mut Self) {
unsafe fn val_to_arg_out(val: Self::RustType, arg_out: *mut Self) {
debug_assert!(!arg_out.is_null());
// SAFETY:
// - arg_out is not NULL (promised by caller, asserted)
@ -81,13 +81,13 @@ pub(crate) trait PassByValue: Sized {
/// - the pointer must not be NULL;
/// - the pointer must be one previously returned from Rust; and
/// - the memory addressed by the pointer must never be modified by C code.
/// - For `from_arg_ref`, the value must not be modified during the call to the Rust function
/// - For `from_arg_ref_mut`, the value must not be accessed (read or write) during the call
/// - For `from_ptr_arg_ref`, the value must not be modified during the call to the Rust function
/// - For `from_ptr_arg_ref_mut`, the value must not be accessed (read or write) during the call
/// (these last two points are trivially ensured by all TC… types being non-threadsafe)
/// - For `take_from_arg`, the pointer becomes invalid and must not be used in _any way_ after it
/// - For `take_from_ptr_arg`, the pointer becomes invalid and must not be used in _any way_ after it
/// is passed to the Rust function.
/// - For `return_val` and `to_arg_out`, it is the C caller's responsibility to later free the value.
/// - For `to_arg_out`, `arg_out` must not be NULL and must be properly aligned and pointing to
/// - For `return_ptr` and `ptr_to_arg_out`, it is the C caller's responsibility to later free the value.
/// - For `ptr_to_arg_out`, `arg_out` must not be NULL and must be properly aligned and pointing to
/// valid memory.
///
/// These requirements should be expressed in the C documentation for the type implementing this
@ -98,7 +98,7 @@ pub(crate) trait PassByPointer: Sized {
/// # Safety
///
/// See trait documentation.
unsafe fn take_from_arg(arg: *mut Self) -> Self {
unsafe fn take_from_ptr_arg(arg: *mut Self) -> Self {
debug_assert!(!arg.is_null());
// SAFETY: see trait documentation
unsafe { *(Box::from_raw(arg)) }
@ -109,7 +109,7 @@ pub(crate) trait PassByPointer: Sized {
/// # Safety
///
/// See trait documentation.
unsafe fn from_arg_ref<'a>(arg: *const Self) -> &'a Self {
unsafe fn from_ptr_arg_ref<'a>(arg: *const Self) -> &'a Self {
debug_assert!(!arg.is_null());
// SAFETY: see trait documentation
unsafe { &*arg }
@ -120,7 +120,7 @@ pub(crate) trait PassByPointer: Sized {
/// # Safety
///
/// See trait documentation.
unsafe fn from_arg_ref_mut<'a>(arg: *mut Self) -> &'a mut Self {
unsafe fn from_ptr_arg_ref_mut<'a>(arg: *mut Self) -> &'a mut Self {
debug_assert!(!arg.is_null());
// SAFETY: see trait documentation
unsafe { &mut *arg }
@ -131,7 +131,7 @@ pub(crate) trait PassByPointer: Sized {
/// # Safety
///
/// See trait documentation.
unsafe fn return_val(self) -> *mut Self {
unsafe fn return_ptr(self) -> *mut Self {
Box::into_raw(Box::new(self))
}
@ -140,10 +140,10 @@ pub(crate) trait PassByPointer: Sized {
/// # Safety
///
/// See trait documentation.
unsafe fn to_arg_out(self, arg_out: *mut *mut Self) {
unsafe fn ptr_to_arg_out(self, arg_out: *mut *mut Self) {
// SAFETY: see trait documentation
unsafe {
*arg_out = self.return_val();
*arg_out = self.return_ptr();
}
}
}
@ -154,7 +154,7 @@ pub(crate) trait PassByPointer: Sized {
/// required trait functions just fetch and set these fields. The PassByValue trait will be
/// implemented automatically, converting between the C type and `Vec<Element>`. For most cases,
/// it is only necessary to implement `tc_.._free` that first calls
/// `PassByValue::take_from_arg(arg, CList::null_value())` to take the existing value and
/// `PassByValue::take_val_from_arg(arg, CList::null_value())` to take the existing value and
/// replace it with the null value; then one of hte `drop_.._list(..)` functions to drop the resulting
/// vector and all of the objects it points to.
///
@ -210,14 +210,14 @@ where
// SAFETY:
// - *list is a valid CL (caller promises to treat it as read-only)
let mut vec = unsafe { CL::take_from_arg(list, CL::null_value()) };
let mut vec = unsafe { CL::take_val_from_arg(list, CL::null_value()) };
// first, drop each of the elements in turn
for e in vec.drain(..) {
// SAFETY:
// - e is a valid Element (caller promisd not to change it)
// - Vec::drain has invalidated this entry (value is owned)
drop(unsafe { PassByValue::from_arg(e) });
drop(unsafe { PassByValue::val_from_arg(e) });
}
// then drop the vector
drop(vec);
@ -240,14 +240,14 @@ where
debug_assert!(!list.is_null());
// SAFETY:
// - *list is a valid CL (caller promises to treat it as read-only)
let mut vec = unsafe { CL::take_from_arg(list, CL::null_value()) };
let mut vec = unsafe { CL::take_val_from_arg(list, CL::null_value()) };
// first, drop each of the elements in turn
for e in vec.drain(..) {
// SAFETY:
// - e is a valid Element (caller promised not to change it)
// - Vec::drain has invalidated this entry (value is owned)
drop(unsafe { PassByPointer::take_from_arg(e.as_ptr()) });
drop(unsafe { PassByPointer::take_from_ptr_arg(e.as_ptr()) });
}
// then drop the vector
drop(vec);

14
lib/src/uda.rs
View file

@ -29,16 +29,16 @@ impl PassByValue for TCUDA {
// SAFETY:
// - self is owned, so we can take ownership of this TCString
// - self.ns is a valid, non-null TCString (NULL just checked)
Some(unsafe { TCString::take_from_arg(self.ns) })
Some(unsafe { TCString::take_from_ptr_arg(self.ns) })
},
// SAFETY:
// - self is owned, so we can take ownership of this TCString
// - self.key is a valid, non-null TCString (see type docstring)
key: unsafe { TCString::take_from_arg(self.key) },
key: unsafe { TCString::take_from_ptr_arg(self.key) },
// SAFETY:
// - self is owned, so we can take ownership of this TCString
// - self.value is a valid, non-null TCString (see type docstring)
value: unsafe { TCString::take_from_arg(self.value) },
value: unsafe { TCString::take_from_ptr_arg(self.value) },
}
}
@ -46,14 +46,14 @@ impl PassByValue for TCUDA {
TCUDA {
// SAFETY: caller assumes ownership of this value
ns: if let Some(ns) = uda.ns {
unsafe { ns.return_val() }
unsafe { ns.return_ptr() }
} else {
std::ptr::null_mut()
},
// SAFETY: caller assumes ownership of this value
key: unsafe { uda.key.return_val() },
key: unsafe { uda.key.return_ptr() },
// SAFETY: caller assumes ownership of this value
value: unsafe { uda.value.return_val() },
value: unsafe { uda.value.return_ptr() },
}
}
}
@ -107,7 +107,7 @@ pub unsafe extern "C" fn tc_uda_free(tcuda: *mut TCUDA) {
debug_assert!(!tcuda.is_null());
// SAFETY:
// - *tcuda is a valid TCUDA (caller promises to treat it as read-only)
let uda = unsafe { TCUDA::take_from_arg(tcuda, TCUDA::default()) };
let uda = unsafe { TCUDA::take_val_from_arg(tcuda, TCUDA::default()) };
drop(uda);
}

10
lib/src/uuid.rs
View file

@ -88,7 +88,7 @@ pub unsafe extern "C" fn tc_uuid_to_buf<'a>(tcuuid: TCUuid, buf: *mut libc::c_ch
};
// SAFETY:
// - tcuuid is a valid TCUuid (all byte patterns are valid)
let uuid: Uuid = unsafe { TCUuid::from_arg(tcuuid) };
let uuid: Uuid = unsafe { TCUuid::val_from_arg(tcuuid) };
uuid.to_hyphenated().encode_lower(buf);
}
@ -98,10 +98,10 @@ pub unsafe extern "C" fn tc_uuid_to_buf<'a>(tcuuid: TCUuid, buf: *mut libc::c_ch
pub unsafe extern "C" fn tc_uuid_to_str(tcuuid: TCUuid) -> *mut TCString<'static> {
// SAFETY:
// - tcuuid is a valid TCUuid (all byte patterns are valid)
let uuid: Uuid = unsafe { TCUuid::from_arg(tcuuid) };
let uuid: Uuid = unsafe { TCUuid::val_from_arg(tcuuid) };
let s = uuid.to_string();
// SAFETY: see TCString docstring
unsafe { TCString::from(s).return_val() }
unsafe { TCString::from(s).return_ptr() }
}
/// Parse the given string as a UUID. Returns TC_RESULT_ERROR on parse failure or if the given
@ -111,13 +111,13 @@ pub unsafe extern "C" fn tc_uuid_from_str<'a>(s: *mut TCString, uuid_out: *mut T
debug_assert!(!s.is_null());
debug_assert!(!uuid_out.is_null());
// SAFETY: see TCString docstring
let s = unsafe { TCString::take_from_arg(s) };
let s = unsafe { TCString::take_from_ptr_arg(s) };
if let Ok(s) = s.as_str() {
if let Ok(u) = Uuid::parse_str(s) {
// SAFETY:
// - uuid_out is not NULL (promised by caller)
// - alignment is not required
unsafe { TCUuid::to_arg_out(u, uuid_out) };
unsafe { TCUuid::val_to_arg_out(u, uuid_out) };
return TCResult::Ok;
}
}

8
lib/src/workingset.rs
View file

@ -25,7 +25,7 @@ where
// SAFETY:
// - ws is not null (promised by caller)
// - ws outlives 'a (promised by caller)
let tcws: &'a TCWorkingSet = unsafe { TCWorkingSet::from_arg_ref(ws) };
let tcws: &'a TCWorkingSet = unsafe { TCWorkingSet::from_ptr_arg_ref(ws) };
f(&tcws.0)
}
@ -55,7 +55,7 @@ pub unsafe extern "C" fn tc_working_set_by_index(
// SAFETY:
// - uuid_out is not NULL (promised by caller)
// - alignment is not required
unsafe { TCUuid::to_arg_out(uuid, uuid_out) };
unsafe { TCUuid::val_to_arg_out(uuid, uuid_out) };
true
} else {
false
@ -70,7 +70,7 @@ pub unsafe extern "C" fn tc_working_set_by_uuid(ws: *mut TCWorkingSet, uuid: TCU
wrap(ws, |ws| {
// SAFETY:
// - tcuuid is a valid TCUuid (all byte patterns are valid)
let uuid: Uuid = unsafe { TCUuid::from_arg(uuid) };
let uuid: Uuid = unsafe { TCUuid::val_from_arg(uuid) };
ws.by_uuid(uuid).unwrap_or(0)
})
}
@ -82,6 +82,6 @@ pub unsafe extern "C" fn tc_working_set_free(ws: *mut TCWorkingSet) {
// SAFETY:
// - rep is not NULL (promised by caller)
// - caller will not use the TCWorkingSet after this (promised by caller)
let ws = unsafe { TCWorkingSet::take_from_arg(ws) };
let ws = unsafe { TCWorkingSet::take_from_ptr_arg(ws) };
drop(ws);
}