From 9c747db4293192dffe659ed741070716caeb43b0 Mon Sep 17 00:00:00 2001
From: Yury Delendik <ydelendik@mozilla.com>
Date: Wed, 18 Sep 2019 09:27:53 -0500
Subject: [PATCH] Make data() unsafe

---
 wasmtime-api/examples/memory.rs | 14 ++++++++------
 wasmtime-api/src/externals.rs   | 10 +++++-----
 2 files changed, 13 insertions(+), 11 deletions(-)

diff --git a/wasmtime-api/examples/memory.rs b/wasmtime-api/examples/memory.rs
index 400c94a3bd..8a9f1f8c54 100644
--- a/wasmtime-api/examples/memory.rs
+++ b/wasmtime-api/examples/memory.rs
@@ -103,9 +103,9 @@ fn main() -> Result<(), Error> {
     println!("Checking memory...");
     check!(memory.borrow().size(), 2u32);
     check!(memory.borrow().data_size(), 0x20000usize);
-    check!(memory.borrow().data()[0], 0);
-    check!(memory.borrow().data()[0x1000], 1);
-    check!(memory.borrow().data()[0x1003], 4);
+    check!(unsafe { memory.borrow().data()[0] }, 0);
+    check!(unsafe { memory.borrow().data()[0x1000] }, 1);
+    check!(unsafe { memory.borrow().data()[0x1003] }, 4);
 
     check!(call!(size_func,), 2);
     check!(call!(load_func, 0), 0);
@@ -116,13 +116,15 @@ fn main() -> Result<(), Error> {
 
     // Mutate memory.
     println!("Mutating memory...");
-    memory.borrow_mut().data()[0x1003] = 5;
+    unsafe {
+        memory.borrow_mut().data()[0x1003] = 5;
+    }
 
     check_ok!(store_func, 0x1002, 6);
     check_trap!(store_func, 0x20000, 0);
 
-    check!(memory.borrow().data()[0x1002], 6);
-    check!(memory.borrow().data()[0x1003], 5);
+    check!(unsafe { memory.borrow().data()[0x1002] }, 6);
+    check!(unsafe { memory.borrow().data()[0x1003] }, 5);
     check!(call!(load_func, 0x1002), 6);
     check!(call!(load_func, 0x1003), 5);
 
diff --git a/wasmtime-api/src/externals.rs b/wasmtime-api/src/externals.rs
index a2296c457b..c06045a3d5 100644
--- a/wasmtime-api/src/externals.rs
+++ b/wasmtime-api/src/externals.rs
@@ -434,11 +434,11 @@ impl Memory {
         }
     }
 
-    pub fn data(&self) -> &mut [u8] {
-        unsafe {
-            let definition = &*self.wasmtime_memory_definition();
-            slice::from_raw_parts_mut(definition.base, definition.current_length)
-        }
+    // Marked unsafe due to posibility that wasmtime can resize internal memory
+    // from other threads.
+    pub unsafe fn data(&self) -> &mut [u8] {
+        let definition = &*self.wasmtime_memory_definition();
+        slice::from_raw_parts_mut(definition.base, definition.current_length)
     }
 
     pub fn data_ptr(&self) -> *mut u8 {