Re: [PATCH v8 4/7] rust: time: Add wrapper for fsleep function

[FUJITA Tomonori]

On Thu, 16 Jan 2025 10:27:02 +0100
Alice Ryhl <aliceryhl@xxxxxxxxxx> wrote:

>> +/// This function can only be used in a nonatomic context.
>> +pub fn fsleep(delta: Delta) {
>> +    // The argument of fsleep is an unsigned long, 32-bit on 32-bit architectures.
>> +    // Considering that fsleep rounds up the duration to the nearest millisecond,
>> +    // set the maximum value to u32::MAX / 2 microseconds.
>> +    const MAX_DURATION: Delta = Delta::from_micros(u32::MAX as i64 >> 1);
> 
> Hmm, is this value correct on 64-bit platforms?

You meant that the maximum can be longer on 64-bit platforms? 2147484
milliseconds is long enough for fsleep's duration?

If you prefer, I use different maximum durations for 64-bit and 32-bit
platforms, respectively.


>> +    let duration = if delta > MAX_DURATION || delta.is_negative() {
>> +        // TODO: add WARN_ONCE() when it's supported.
>> +        MAX_DURATION
>> +    } else {
>> +        delta
>> +    };
>> +
>> +    // SAFETY: FFI call.
>> +    unsafe {
> 
> This safety comment is incomplete. You can say this:
> 
> // SAFETY: It is always safe to call fsleep with any duration.

Thanks, I'll use your safety comment.