util.rs source code [crates/getrandom/src/util.rs]

1	#![allow(dead_code)]
2	use crate::Error;
3	use core::{mem::MaybeUninit, ptr, slice};
4
5	/// Polyfill for `maybe_uninit_slice` feature's
6	/// `MaybeUninit::slice_assume_init_mut`. Every element of `slice` must have
7	/// been initialized.
8	#[inline(always)]
9	#[allow(unused_unsafe)] // TODO(MSRV 1.65): Remove this.
10	pub unsafe fn slice_assume_init_mut<T>(slice: &mut [MaybeUninit<T>]) -> &mut [T] {
11	let ptr: mut [T] = ptr_from_mut::<[MaybeUninit<T>]>(slice) as mut [T];
12	// SAFETY: `MaybeUninit<T>` is guaranteed to be layout-compatible with `T`.
13	unsafe { &mut *ptr }
14	}
15
16	#[inline]
17	pub fn uninit_slice_fill_zero(slice: &mut [MaybeUninit<u8>]) -> &mut [u8] {
18	unsafe { ptr::write_bytes(dst:slice.as_mut_ptr(), val:`0`, count:slice.len()) };
19	unsafe { slice_assume_init_mut(slice) }
20	}
21
22	#[inline(always)]
23	pub fn slice_as_uninit<T>(slice: &[T]) -> &[MaybeUninit<T>] {
24	let ptr: const [MaybeUninit] = ptr_from_ref::<[T]>(slice) as const [MaybeUninit<T>];
25	// SAFETY: `MaybeUninit<T>` is guaranteed to be layout-compatible with `T`.
26	unsafe { &*ptr }
27	}
28
29	/// View an mutable initialized array as potentially-uninitialized.
30	///
31	/// This is unsafe because it allows assigning uninitialized values into
32	/// `slice`, which would be undefined behavior.
33	#[inline(always)]
34	#[allow(unused_unsafe)] // TODO(MSRV 1.65): Remove this.
35	pub unsafe fn slice_as_uninit_mut<T>(slice: &mut [T]) -> &mut [MaybeUninit<T>] {
36	let ptr: mut [MaybeUninit] = ptr_from_mut::<[T]>(slice) as mut [MaybeUninit<T>];
37	// SAFETY: `MaybeUninit<T>` is guaranteed to be layout-compatible with `T`.
38	unsafe { &mut *ptr }
39	}
40
41	// TODO: MSRV(1.76.0): Replace with `core::ptr::from_mut`.
42	fn ptr_from_mut<T: ?Sized>(r: &mut T) -> *mut T {
43	r
44	}
45
46	// TODO: MSRV(1.76.0): Replace with `core::ptr::from_ref`.
47	fn ptr_from_ref<T: ?Sized>(r: &T) -> *const T {
48	r
49	}
50
51	/// Default implementation of `inner_u32` on top of `fill_uninit`
52	#[inline]
53	pub fn inner_u32() -> Result<u32, Error> {
54	let mut res: MaybeUninit = MaybeUninit::<u32>::uninit();
55	// SAFETY: the created slice has the same size as `res`
56	let dst: &mut [MaybeUninit] = unsafe {
57	let p: *mut MaybeUninit<u8> = res.as_mut_ptr().cast();
58	slice::from_raw_parts_mut(data:p, len:core::mem::size_of::<u32>())
59	};
60	crate::fill_uninit(dest:dst)?;
61	// SAFETY: `dst` has been fully initialized by `imp::fill_inner`
62	// since it returned `Ok`.
63	Ok(unsafe { res.assume_init() })
64	}
65
66	/// Default implementation of `inner_u64` on top of `fill_uninit`
67	#[inline]
68	pub fn inner_u64() -> Result<u64, Error> {
69	let mut res: MaybeUninit = MaybeUninit::<u64>::uninit();
70	// SAFETY: the created slice has the same size as `res`
71	let dst: &mut [MaybeUninit] = unsafe {
72	let p: *mut MaybeUninit<u8> = res.as_mut_ptr().cast();
73	slice::from_raw_parts_mut(data:p, len:core::mem::size_of::<u64>())
74	};
75	crate::fill_uninit(dest:dst)?;
76	// SAFETY: `dst` has been fully initialized by `imp::fill_inner`
77	// since it returned `Ok`.
78	Ok(unsafe { res.assume_init() })
79	}
80
81	/// Truncates `u64` and returns the lower 32 bits as `u32`
82	pub(crate) fn truncate(val: u64) -> u32 {
83	u32::try_from(val & u64::from(u32::MAX)).expect(msg:"The higher 32 bits are masked")
84	}
85