/rust/registry/src/index.crates.io-6f17d22bba15001f/getrandom-0.3.3/src/util.rs

Source (jump to first uncovered line)
#![allow(dead_code)]
use crate::Error;
use core::{mem::MaybeUninit, ptr, slice};

/// Polyfill for `maybe_uninit_slice` feature's
/// `MaybeUninit::slice_assume_init_mut`. Every element of `slice` must have
/// been initialized.
#[inline(always)]
#[allow(unused_unsafe)] // TODO(MSRV 1.65): Remove this.
pub unsafe fn slice_assume_init_mut<T>(slice: &mut [MaybeUninit<T>]) -> &mut [T] {
    let ptr = ptr_from_mut::<[MaybeUninit<T>]>(slice) as *mut [T];
    // SAFETY: `MaybeUninit<T>` is guaranteed to be layout-compatible with `T`.
    unsafe { &mut *ptr }
}

#[inline]
pub fn uninit_slice_fill_zero(slice: &mut [MaybeUninit<u8>]) -> &mut [u8] {
    unsafe { ptr::write_bytes(slice.as_mut_ptr(), 0, slice.len()) };
    unsafe { slice_assume_init_mut(slice) }
}

#[inline(always)]
pub fn slice_as_uninit<T>(slice: &[T]) -> &[MaybeUninit<T>] {
    let ptr = ptr_from_ref::<[T]>(slice) as *const [MaybeUninit<T>];
    // SAFETY: `MaybeUninit<T>` is guaranteed to be layout-compatible with `T`.
    unsafe { &*ptr }
}

/// View an mutable initialized array as potentially-uninitialized.
///
/// This is unsafe because it allows assigning uninitialized values into
/// `slice`, which would be undefined behavior.
#[inline(always)]
#[allow(unused_unsafe)] // TODO(MSRV 1.65): Remove this.
pub unsafe fn slice_as_uninit_mut<T>(slice: &mut [T]) -> &mut [MaybeUninit<T>] {
    let ptr = ptr_from_mut::<[T]>(slice) as *mut [MaybeUninit<T>];
    // SAFETY: `MaybeUninit<T>` is guaranteed to be layout-compatible with `T`.
    unsafe { &mut *ptr }
}

// TODO: MSRV(1.76.0): Replace with `core::ptr::from_mut`.
fn ptr_from_mut<T: ?Sized>(r: &mut T) -> *mut T {
    r
}

// TODO: MSRV(1.76.0): Replace with `core::ptr::from_ref`.
fn ptr_from_ref<T: ?Sized>(r: &T) -> *const T {
    r
}

/// Default implementation of `inner_u32` on top of `fill_uninit`
#[inline]
pub fn inner_u32() -> Result<u32, Error> {
    let mut res = MaybeUninit::<u32>::uninit();
    // SAFETY: the created slice has the same size as `res`
    let dst = unsafe {
        let p: *mut MaybeUninit<u8> = res.as_mut_ptr().cast();
        slice::from_raw_parts_mut(p, core::mem::size_of::<u32>())
    };
    crate::fill_uninit(dst)?;
    // SAFETY: `dst` has been fully initialized by `imp::fill_inner`
    // since it returned `Ok`.
    Ok(unsafe { res.assume_init() })
}

/// Default implementation of `inner_u64` on top of `fill_uninit`
#[inline]
pub fn inner_u64() -> Result<u64, Error> {
    let mut res = MaybeUninit::<u64>::uninit();
    // SAFETY: the created slice has the same size as `res`
    let dst = unsafe {
        let p: *mut MaybeUninit<u8> = res.as_mut_ptr().cast();
        slice::from_raw_parts_mut(p, core::mem::size_of::<u64>())
    };
    crate::fill_uninit(dst)?;
    // SAFETY: `dst` has been fully initialized by `imp::fill_inner`
    // since it returned `Ok`.
    Ok(unsafe { res.assume_init() })
}

/// Truncates `u64` and returns the lower 32 bits as `u32`
pub(crate) fn truncate(val: u64) -> u32 {
    u32::try_from(val & u64::from(u32::MAX)).expect("The higher 32 bits are masked")
}

Coverage Report

Created: 2025-07-23 06:58

Line	Count	Source (jump to first uncovered line)
1		#![allow(dead_code)]
2		use crate::Error;
3		use core::{mem::MaybeUninit, ptr, slice};
4
5		/// Polyfill for `maybe_uninit_slice` feature's
6		/// `MaybeUninit::slice_assume_init_mut`. Every element of `slice` must have
7		/// been initialized.
8		#[inline(always)]
9		#[allow(unused_unsafe)] // TODO(MSRV 1.65): Remove this.
10	0	pub unsafe fn slice_assume_init_mut<T>(slice: &mut [MaybeUninit<T>]) -> &mut [T] {
11	0	let ptr = ptr_from_mut::<[MaybeUninit<T>]>(slice) as *mut [T];
12	0	// SAFETY: `MaybeUninit<T>` is guaranteed to be layout-compatible with `T`.
13	0	unsafe { &mut *ptr }
14	0	} Unexecuted instantiation: getrandom::util::slice_assume_init_mut::<u8> Unexecuted instantiation: getrandom::util::slice_assume_init_mut::<_>
15
16		#[inline]
17	0	pub fn uninit_slice_fill_zero(slice: &mut [MaybeUninit<u8>]) -> &mut [u8] {
18	0	unsafe { ptr::write_bytes(slice.as_mut_ptr(), 0, slice.len()) };
19	0	unsafe { slice_assume_init_mut(slice) }
20	0	}
21
22		#[inline(always)]
23	0	pub fn slice_as_uninit<T>(slice: &[T]) -> &[MaybeUninit<T>] {
24	0	let ptr = ptr_from_ref::<[T]>(slice) as *const [MaybeUninit<T>];
25	0	// SAFETY: `MaybeUninit<T>` is guaranteed to be layout-compatible with `T`.
26	0	unsafe { &*ptr }
27	0	}
28
29		/// View an mutable initialized array as potentially-uninitialized.
30		///
31		/// This is unsafe because it allows assigning uninitialized values into
32		/// `slice`, which would be undefined behavior.
33		#[inline(always)]
34		#[allow(unused_unsafe)] // TODO(MSRV 1.65): Remove this.
35	0	pub unsafe fn slice_as_uninit_mut<T>(slice: &mut [T]) -> &mut [MaybeUninit<T>] {
36	0	let ptr = ptr_from_mut::<[T]>(slice) as *mut [MaybeUninit<T>];
37	0	// SAFETY: `MaybeUninit<T>` is guaranteed to be layout-compatible with `T`.
38	0	unsafe { &mut *ptr }
39	0	}
40
41		// TODO: MSRV(1.76.0): Replace with `core::ptr::from_mut`.
42	0	fn ptr_from_mut<T: ?Sized>(r: &mut T) -> *mut T {
43	0	r
44	0	} Unexecuted instantiation: getrandom::util::ptr_from_mut::<[core::mem::maybe_uninit::MaybeUninit<u8>]> Unexecuted instantiation: getrandom::util::ptr_from_mut::<_>
45
46		// TODO: MSRV(1.76.0): Replace with `core::ptr::from_ref`.
47	0	fn ptr_from_ref<T: ?Sized>(r: &T) -> *const T {
48	0	r
49	0	}
50
51		/// Default implementation of `inner_u32` on top of `fill_uninit`
52		#[inline]
53	0	pub fn inner_u32() -> Result<u32, Error> {
54	0	let mut res = MaybeUninit::<u32>::uninit();
55	0	// SAFETY: the created slice has the same size as `res`
56	0	let dst = unsafe {
57	0	let p: *mut MaybeUninit<u8> = res.as_mut_ptr().cast();
58	0	slice::from_raw_parts_mut(p, core::mem::size_of::<u32>())
59	0	};
60	0	crate::fill_uninit(dst)?;
61		// SAFETY: `dst` has been fully initialized by `imp::fill_inner`
62		// since it returned `Ok`.
63	0	Ok(unsafe { res.assume_init() })
64	0	}
65
66		/// Default implementation of `inner_u64` on top of `fill_uninit`
67		#[inline]
68	0	pub fn inner_u64() -> Result<u64, Error> {
69	0	let mut res = MaybeUninit::<u64>::uninit();
70	0	// SAFETY: the created slice has the same size as `res`
71	0	let dst = unsafe {
72	0	let p: *mut MaybeUninit<u8> = res.as_mut_ptr().cast();
73	0	slice::from_raw_parts_mut(p, core::mem::size_of::<u64>())
74	0	};
75	0	crate::fill_uninit(dst)?;
76		// SAFETY: `dst` has been fully initialized by `imp::fill_inner`
77		// since it returned `Ok`.
78	0	Ok(unsafe { res.assume_init() })
79	0	} Unexecuted instantiation: getrandom::util::inner_u64 Unexecuted instantiation: getrandom::util::inner_u64
80
81		/// Truncates `u64` and returns the lower 32 bits as `u32`
82	0	pub(crate) fn truncate(val: u64) -> u32 {
83	0	u32::try_from(val & u64::from(u32::MAX)).expect("The higher 32 bits are masked")
84	0	}