Fix unsafety: call `MaybeUninit::zeroed()` instead of `uninit()`. PiperOrigin-RevId: 419711437
diff --git a/rs_bindings_from_cc/src_code_gen.rs b/rs_bindings_from_cc/src_code_gen.rs index 0bb047c..af60b47 100644 --- a/rs_bindings_from_cc/src_code_gen.rs +++ b/rs_bindings_from_cc/src_code_gen.rs
@@ -283,14 +283,21 @@ param_idents.iter().skip(1).collect_vec(), param_types.iter().skip(1).collect_vec(), ); - + // SAFETY: A user-defined constructor is not guaranteed to + // initialize all the fields. To make the `assume_init()` call + // below safe, the memory is zero-initialized first. This is safer, + // because zero-initialized memory represents a valid value for the + // currently supported field types (this may change once the + // bindings generator starts supporting reference fields). + // TODO(b/213243309): Double-check if zero-initialization is + // desirable here. let struct_name = make_ident(&record.identifier.identifier); quote! { #doc_comment impl #trait_name for #struct_name { #[inline(always)] fn #method_name #generic_params( #( #param_idents: #param_types ),* ) -> Self { - let mut tmp = std::mem::MaybeUninit::<Self>::uninit(); + let mut tmp = std::mem::MaybeUninit::<Self>::zeroed(); unsafe { crate::detail::#thunk_ident(tmp.as_mut_ptr() #( , #param_idents )* ); tmp.assume_init() @@ -1323,7 +1330,7 @@ impl Default for DefaultedConstructor { #[inline(always)] fn default() -> Self { - let mut tmp = std::mem::MaybeUninit::<Self>::uninit(); + let mut tmp = std::mem::MaybeUninit::<Self>::zeroed(); unsafe { crate::detail::__rust_thunk___ZN20DefaultedConstructorC1Ev( tmp.as_mut_ptr());
diff --git a/rs_bindings_from_cc/test/golden/comment_rs_api.rs b/rs_bindings_from_cc/test/golden/comment_rs_api.rs index 80f2b5e..62e0f4b 100644 --- a/rs_bindings_from_cc/test/golden/comment_rs_api.rs +++ b/rs_bindings_from_cc/test/golden/comment_rs_api.rs
@@ -30,7 +30,7 @@ impl Default for Foo { #[inline(always)] fn default() -> Self { - let mut tmp = std::mem::MaybeUninit::<Self>::uninit(); + let mut tmp = std::mem::MaybeUninit::<Self>::zeroed(); unsafe { crate::detail::__rust_thunk___ZN3FooC1Ev(tmp.as_mut_ptr()); tmp.assume_init() @@ -72,7 +72,7 @@ impl Default for Bar { #[inline(always)] fn default() -> Self { - let mut tmp = std::mem::MaybeUninit::<Self>::uninit(); + let mut tmp = std::mem::MaybeUninit::<Self>::zeroed(); unsafe { crate::detail::__rust_thunk___ZN3BarC1Ev(tmp.as_mut_ptr()); tmp.assume_init() @@ -102,7 +102,7 @@ impl Default for HasNoComments { #[inline(always)] fn default() -> Self { - let mut tmp = std::mem::MaybeUninit::<Self>::uninit(); + let mut tmp = std::mem::MaybeUninit::<Self>::zeroed(); unsafe { crate::detail::__rust_thunk___ZN13HasNoCommentsC1Ev(tmp.as_mut_ptr()); tmp.assume_init()
diff --git a/rs_bindings_from_cc/test/golden/doc_comment_rs_api.rs b/rs_bindings_from_cc/test/golden/doc_comment_rs_api.rs index 25c7f67..562d446 100644 --- a/rs_bindings_from_cc/test/golden/doc_comment_rs_api.rs +++ b/rs_bindings_from_cc/test/golden/doc_comment_rs_api.rs
@@ -26,7 +26,7 @@ impl Default for DocCommentSlashes { #[inline(always)] fn default() -> Self { - let mut tmp = std::mem::MaybeUninit::<Self>::uninit(); + let mut tmp = std::mem::MaybeUninit::<Self>::zeroed(); unsafe { crate::detail::__rust_thunk___ZN17DocCommentSlashesC1Ev(tmp.as_mut_ptr()); tmp.assume_init() @@ -39,7 +39,7 @@ impl From<i32> for DocCommentSlashes { #[inline(always)] fn from(__param_0: i32) -> Self { - let mut tmp = std::mem::MaybeUninit::<Self>::uninit(); + let mut tmp = std::mem::MaybeUninit::<Self>::zeroed(); unsafe { crate::detail::__rust_thunk___ZN17DocCommentSlashesC1Ei(tmp.as_mut_ptr(), __param_0); tmp.assume_init() @@ -80,7 +80,7 @@ impl Default for DocCommentBang { #[inline(always)] fn default() -> Self { - let mut tmp = std::mem::MaybeUninit::<Self>::uninit(); + let mut tmp = std::mem::MaybeUninit::<Self>::zeroed(); unsafe { crate::detail::__rust_thunk___ZN14DocCommentBangC1Ev(tmp.as_mut_ptr()); tmp.assume_init() @@ -113,7 +113,7 @@ impl Default for MultilineCommentTwoStars { #[inline(always)] fn default() -> Self { - let mut tmp = std::mem::MaybeUninit::<Self>::uninit(); + let mut tmp = std::mem::MaybeUninit::<Self>::zeroed(); unsafe { crate::detail::__rust_thunk___ZN24MultilineCommentTwoStarsC1Ev(tmp.as_mut_ptr()); tmp.assume_init() @@ -146,7 +146,7 @@ impl Default for LineComment { #[inline(always)] fn default() -> Self { - let mut tmp = std::mem::MaybeUninit::<Self>::uninit(); + let mut tmp = std::mem::MaybeUninit::<Self>::zeroed(); unsafe { crate::detail::__rust_thunk___ZN11LineCommentC1Ev(tmp.as_mut_ptr()); tmp.assume_init() @@ -179,7 +179,7 @@ impl Default for MultilineOneStar { #[inline(always)] fn default() -> Self { - let mut tmp = std::mem::MaybeUninit::<Self>::uninit(); + let mut tmp = std::mem::MaybeUninit::<Self>::zeroed(); unsafe { crate::detail::__rust_thunk___ZN16MultilineOneStarC1Ev(tmp.as_mut_ptr()); tmp.assume_init()
diff --git a/rs_bindings_from_cc/test/golden/elided_lifetimes_rs_api.rs b/rs_bindings_from_cc/test/golden/elided_lifetimes_rs_api.rs index b961447..e20e8ba 100644 --- a/rs_bindings_from_cc/test/golden/elided_lifetimes_rs_api.rs +++ b/rs_bindings_from_cc/test/golden/elided_lifetimes_rs_api.rs
@@ -33,7 +33,7 @@ impl Default for S { #[inline(always)] fn default<'a>() -> Self { - let mut tmp = std::mem::MaybeUninit::<Self>::uninit(); + let mut tmp = std::mem::MaybeUninit::<Self>::zeroed(); unsafe { crate::detail::__rust_thunk___ZN1SC1Ev(tmp.as_mut_ptr()); tmp.assume_init()
diff --git a/rs_bindings_from_cc/test/golden/item_order_rs_api.rs b/rs_bindings_from_cc/test/golden/item_order_rs_api.rs index 3efb002..aa957ad 100644 --- a/rs_bindings_from_cc/test/golden/item_order_rs_api.rs +++ b/rs_bindings_from_cc/test/golden/item_order_rs_api.rs
@@ -20,7 +20,7 @@ impl Default for FirstStruct { #[inline(always)] fn default() -> Self { - let mut tmp = std::mem::MaybeUninit::<Self>::uninit(); + let mut tmp = std::mem::MaybeUninit::<Self>::zeroed(); unsafe { crate::detail::__rust_thunk___ZN11FirstStructC1Ev(tmp.as_mut_ptr()); tmp.assume_init() @@ -54,7 +54,7 @@ impl Default for SecondStruct { #[inline(always)] fn default() -> Self { - let mut tmp = std::mem::MaybeUninit::<Self>::uninit(); + let mut tmp = std::mem::MaybeUninit::<Self>::zeroed(); unsafe { crate::detail::__rust_thunk___ZN12SecondStructC1Ev(tmp.as_mut_ptr()); tmp.assume_init()
diff --git a/rs_bindings_from_cc/test/golden/private_members_rs_api.rs b/rs_bindings_from_cc/test/golden/private_members_rs_api.rs index 971261f..6b6ca5b 100644 --- a/rs_bindings_from_cc/test/golden/private_members_rs_api.rs +++ b/rs_bindings_from_cc/test/golden/private_members_rs_api.rs
@@ -35,7 +35,7 @@ impl Default for SomeClass { #[inline(always)] fn default() -> Self { - let mut tmp = std::mem::MaybeUninit::<Self>::uninit(); + let mut tmp = std::mem::MaybeUninit::<Self>::zeroed(); unsafe { crate::detail::__rust_thunk___ZN9SomeClassC1Ev(tmp.as_mut_ptr()); tmp.assume_init()
diff --git a/rs_bindings_from_cc/test/golden/static_methods_rs_api.rs b/rs_bindings_from_cc/test/golden/static_methods_rs_api.rs index 002fdf8..0078caf 100644 --- a/rs_bindings_from_cc/test/golden/static_methods_rs_api.rs +++ b/rs_bindings_from_cc/test/golden/static_methods_rs_api.rs
@@ -44,7 +44,7 @@ impl Default for SomeClass { #[inline(always)] fn default() -> Self { - let mut tmp = std::mem::MaybeUninit::<Self>::uninit(); + let mut tmp = std::mem::MaybeUninit::<Self>::zeroed(); unsafe { crate::detail::__rust_thunk___ZN9SomeClassC1Ev(tmp.as_mut_ptr()); tmp.assume_init()
diff --git a/rs_bindings_from_cc/test/golden/trivial_type_rs_api.rs b/rs_bindings_from_cc/test/golden/trivial_type_rs_api.rs index c2c735c..e393a35 100644 --- a/rs_bindings_from_cc/test/golden/trivial_type_rs_api.rs +++ b/rs_bindings_from_cc/test/golden/trivial_type_rs_api.rs
@@ -22,7 +22,7 @@ impl Default for Trivial { #[inline(always)] fn default() -> Self { - let mut tmp = std::mem::MaybeUninit::<Self>::uninit(); + let mut tmp = std::mem::MaybeUninit::<Self>::zeroed(); unsafe { crate::detail::__rust_thunk___ZN7TrivialC1Ev(tmp.as_mut_ptr()); tmp.assume_init() @@ -53,7 +53,7 @@ impl Default for TrivialWithDefaulted { #[inline(always)] fn default() -> Self { - let mut tmp = std::mem::MaybeUninit::<Self>::uninit(); + let mut tmp = std::mem::MaybeUninit::<Self>::zeroed(); unsafe { crate::detail::__rust_thunk___ZN20TrivialWithDefaultedC1Ev(tmp.as_mut_ptr()); tmp.assume_init() @@ -86,7 +86,7 @@ impl Default for TrivialNonfinal { #[inline(always)] fn default() -> Self { - let mut tmp = std::mem::MaybeUninit::<Self>::uninit(); + let mut tmp = std::mem::MaybeUninit::<Self>::zeroed(); unsafe { crate::detail::__rust_thunk___ZN15TrivialNonfinalC1Ev(tmp.as_mut_ptr()); tmp.assume_init()
diff --git a/rs_bindings_from_cc/test/golden/types_rs_api.rs b/rs_bindings_from_cc/test/golden/types_rs_api.rs index 0970ac0..55e5ac7 100644 --- a/rs_bindings_from_cc/test/golden/types_rs_api.rs +++ b/rs_bindings_from_cc/test/golden/types_rs_api.rs
@@ -21,7 +21,7 @@ impl Default for SomeStruct { #[inline(always)] fn default() -> Self { - let mut tmp = std::mem::MaybeUninit::<Self>::uninit(); + let mut tmp = std::mem::MaybeUninit::<Self>::zeroed(); unsafe { crate::detail::__rust_thunk___ZN10SomeStructC1Ev(tmp.as_mut_ptr()); tmp.assume_init()
diff --git a/rs_bindings_from_cc/test/golden/unsupported_rs_api.rs b/rs_bindings_from_cc/test/golden/unsupported_rs_api.rs index 87524ad..3b9f2a1 100644 --- a/rs_bindings_from_cc/test/golden/unsupported_rs_api.rs +++ b/rs_bindings_from_cc/test/golden/unsupported_rs_api.rs
@@ -70,7 +70,7 @@ impl Default for ContainingStruct { #[inline(always)] fn default() -> Self { - let mut tmp = std::mem::MaybeUninit::<Self>::uninit(); + let mut tmp = std::mem::MaybeUninit::<Self>::zeroed(); unsafe { crate::detail::__rust_thunk___ZN16ContainingStructC1Ev(tmp.as_mut_ptr()); tmp.assume_init()
diff --git a/rs_bindings_from_cc/test/golden/user_of_imported_type_rs_api.rs b/rs_bindings_from_cc/test/golden/user_of_imported_type_rs_api.rs index 8ae5005..5b6d898 100644 --- a/rs_bindings_from_cc/test/golden/user_of_imported_type_rs_api.rs +++ b/rs_bindings_from_cc/test/golden/user_of_imported_type_rs_api.rs
@@ -27,7 +27,7 @@ impl Default for UserOfImportedType { #[inline(always)] fn default() -> Self { - let mut tmp = std::mem::MaybeUninit::<Self>::uninit(); + let mut tmp = std::mem::MaybeUninit::<Self>::zeroed(); unsafe { crate::detail::__rust_thunk___ZN18UserOfImportedTypeC1Ev(tmp.as_mut_ptr()); tmp.assume_init()
diff --git a/rs_bindings_from_cc/test/struct/constructors/test.rs b/rs_bindings_from_cc/test/struct/constructors/test.rs index 5bcb9e5..867600f 100644 --- a/rs_bindings_from_cc/test/struct/constructors/test.rs +++ b/rs_bindings_from_cc/test/struct/constructors/test.rs
@@ -46,11 +46,9 @@ #[test] #[allow(clippy::clone_on_copy)] fn test_explicitly_defaulted_constructors() { - // Default constructor should set uninitialized fields to 0 (real testing here - // depends somewhat on MSan). assert_impl_all!(StructWithExplicitlyDefaultedConstructors: Default); let s: StructWithExplicitlyDefaultedConstructors = Default::default(); - assert_eq!(0, s.field_with_no_initializer); + assert_eq!(0, s.field_with_no_initializer); // Using `MaybeUninit<T>::zeroed()`. assert_eq!(123, s.field_with_explicit_initializer); // In some scenarios the bindings generator may be able to ask Rust to