util.rs source code [crates/getrandom-0.3.1/src/util.rs]

1	#![allow(dead_code)]
2	use crate::Error;
3	use core::{mem::MaybeUninit, ptr, slice};
4
5	/// Polyfill for `maybe_uninit_slice` feature's
6	/// `MaybeUninit::slice_assume_init_mut`. Every element of `slice` must have
7	/// been initialized.
8	#[inline(always)]
9	#[allow(unused_unsafe)] // TODO(MSRV 1.65): Remove this.
10	pub unsafe fn slice_assume_init_mut<T>(slice: &mut [MaybeUninit<T>]) -> &mut [T] {
11	let ptr: mut [T] = ptr_from_mut::<[MaybeUninit<T>]>(slice) as mut [T];
12	// SAFETY: `MaybeUninit<T>` is guaranteed to be layout-compatible with `T`.
13	unsafe { &mut *ptr }
14	}
15
16	#[inline]
17	pub fn uninit_slice_fill_zero(slice: &mut [MaybeUninit<u8>]) -> &mut [u8] {
18	unsafe { ptr::write_bytes(dst:slice.as_mut_ptr(), val:`0`, count:slice.len()) };
19	unsafe { slice_assume_init_mut(slice) }
20	}
21
22	#[inline(always)]
23	pub fn slice_as_uninit<T>(slice: &[T]) -> &[MaybeUninit<T>] {
24	let ptr: const [MaybeUninit] = ptr_from_ref::<[T]>(slice) as const [MaybeUninit<T>];
25	// SAFETY: `MaybeUninit<T>` is guaranteed to be layout-compatible with `T`.
26	unsafe { &*ptr }
27	}
28
29	/// View an mutable initialized array as potentially-uninitialized.
30	///
31	/// This is unsafe because it allows assigning uninitialized values into
32	/// `slice`, which would be undefined behavior.
33	#[inline(always)]
34	#[allow(unused_unsafe)] // TODO(MSRV 1.65): Remove this.
35	pub unsafe fn slice_as_uninit_mut<T>(slice: &mut [T]) -> &mut [MaybeUninit<T>] {
36	let ptr: mut [MaybeUninit] = ptr_from_mut::<[T]>(slice) as mut [MaybeUninit<T>];
37	// SAFETY: `MaybeUninit<T>` is guaranteed to be layout-compatible with `T`.
38	unsafe { &mut *ptr }
39	}
40
41	// TODO: MSRV(1.76.0): Replace with `core::ptr::from_mut`.
42	fn ptr_from_mut<T: ?Sized>(r: &mut T) -> *mut T {
43	r
44	}
45
46	// TODO: MSRV(1.76.0): Replace with `core::ptr::from_ref`.
47	fn ptr_from_ref<T: ?Sized>(r: &T) -> *const T {
48	r
49	}
50
51	/// Default implementation of `inner_u32` on top of `fill_uninit`
52	pub fn inner_u32() -> Result<u32, Error> {
53	let mut res: MaybeUninit = MaybeUninit::<u32>::uninit();
54	// SAFETY: the created slice has the same size as `res`
55	let dst: &mut [MaybeUninit] = unsafe {
56	let p: *mut MaybeUninit<u8> = res.as_mut_ptr().cast();
57	slice::from_raw_parts_mut(data:p, len:core::mem::size_of::<u32>())
58	};
59	crate::fill_uninit(dest:dst)?;
60	// SAFETY: `dst` has been fully initialized by `imp::fill_inner`
61	// since it returned `Ok`.
62	Ok(unsafe { res.assume_init() })
63	}
64
65	/// Default implementation of `inner_u64` on top of `fill_uninit`
66	pub fn inner_u64() -> Result<u64, Error> {
67	let mut res: MaybeUninit = MaybeUninit::<u64>::uninit();
68	// SAFETY: the created slice has the same size as `res`
69	let dst: &mut [MaybeUninit] = unsafe {
70	let p: *mut MaybeUninit<u8> = res.as_mut_ptr().cast();
71	slice::from_raw_parts_mut(data:p, len:core::mem::size_of::<u64>())
72	};
73	crate::fill_uninit(dest:dst)?;
74	// SAFETY: `dst` has been fully initialized by `imp::fill_inner`
75	// since it returned `Ok`.
76	Ok(unsafe { res.assume_init() })
77	}
78
79	/// Truncates `u64` and returns the lower 32 bits as `u32`
80	pub(crate) fn truncate(val: u64) -> u32 {
81	u32::try_from(val & u64::from(u32::MAX)).expect(msg:"The higher 32 bits are masked")
82	}
83