From 970c1adcb056cae744f09f73ba3836534e31352a Mon Sep 17 00:00:00 2001
From: taitep <taitep@taitep.se>
Date: Sat, 27 Dec 2025 20:52:32 +0100
Subject: [PATCH] Add checks to make sure that ram has a size that is a
 multiple of 8

---
 src/mem.rs | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/src/mem.rs b/src/mem.rs
index 272641c..6aae337 100644
--- a/src/mem.rs
+++ b/src/mem.rs
@@ -194,6 +194,9 @@ compile_error!("Current RAM implementation requires a little-endian host.");
 
 impl Ram {
     pub fn try_new(size: usize) -> Result<Self, std::io::Error> {
+        if !size.is_multiple_of(8) {
+            return Err(std::io::Error::other("ram size must be a multiple of 8"));
+        }
         Ok(Self {
             buf: MmapMut::map_anon(size)?,
         })
@@ -204,9 +207,13 @@ impl Ram {
     }
 
     /// # Safety
-    /// Safe if T has a size divisible by page size (4kb) (or is known to have a size divisible by the full ram size) and you know that the RAM is made up of valid naturally aligned values of T
+    /// Safe if the size of the memory in bytes is divisible by the size of T
+    /// Assuming try_new is used, RAM size is guaranteed to be a multiple of 8
+    /// meaning anything with size 1, 2, 4, or 8 bytes is valid.
+    /// It must also be known that the contents of RAM are made up of naturally
+    /// aligned valid instances of T.
     #[inline]
-    pub unsafe fn buf_transmuted<T>(&self) -> &[T] {
+    unsafe fn buf_transmuted<T>(&self) -> &[T] {
         debug_assert!(self.buf.len().is_multiple_of(std::mem::size_of::<T>()));
         unsafe {
             std::slice::from_raw_parts(