Fix unsafety: call `MaybeUninit::zeroed()` instead of `uninit()`.
PiperOrigin-RevId: 419711437
diff --git a/rs_bindings_from_cc/src_code_gen.rs b/rs_bindings_from_cc/src_code_gen.rs
index 0bb047c..af60b47 100644
--- a/rs_bindings_from_cc/src_code_gen.rs
+++ b/rs_bindings_from_cc/src_code_gen.rs
@@ -283,14 +283,21 @@
param_idents.iter().skip(1).collect_vec(),
param_types.iter().skip(1).collect_vec(),
);
-
+ // SAFETY: A user-defined constructor is not guaranteed to
+ // initialize all the fields. To make the `assume_init()` call
+ // below safe, the memory is zero-initialized first. This is safer,
+ // because zero-initialized memory represents a valid value for the
+ // currently supported field types (this may change once the
+ // bindings generator starts supporting reference fields).
+ // TODO(b/213243309): Double-check if zero-initialization is
+ // desirable here.
let struct_name = make_ident(&record.identifier.identifier);
quote! {
#doc_comment
impl #trait_name for #struct_name {
#[inline(always)]
fn #method_name #generic_params( #( #param_idents: #param_types ),* ) -> Self {
- let mut tmp = std::mem::MaybeUninit::<Self>::uninit();
+ let mut tmp = std::mem::MaybeUninit::<Self>::zeroed();
unsafe {
crate::detail::#thunk_ident(tmp.as_mut_ptr() #( , #param_idents )* );
tmp.assume_init()
@@ -1323,7 +1330,7 @@
impl Default for DefaultedConstructor {
#[inline(always)]
fn default() -> Self {
- let mut tmp = std::mem::MaybeUninit::<Self>::uninit();
+ let mut tmp = std::mem::MaybeUninit::<Self>::zeroed();
unsafe {
crate::detail::__rust_thunk___ZN20DefaultedConstructorC1Ev(
tmp.as_mut_ptr());
diff --git a/rs_bindings_from_cc/test/golden/comment_rs_api.rs b/rs_bindings_from_cc/test/golden/comment_rs_api.rs
index 80f2b5e..62e0f4b 100644
--- a/rs_bindings_from_cc/test/golden/comment_rs_api.rs
+++ b/rs_bindings_from_cc/test/golden/comment_rs_api.rs
@@ -30,7 +30,7 @@
impl Default for Foo {
#[inline(always)]
fn default() -> Self {
- let mut tmp = std::mem::MaybeUninit::<Self>::uninit();
+ let mut tmp = std::mem::MaybeUninit::<Self>::zeroed();
unsafe {
crate::detail::__rust_thunk___ZN3FooC1Ev(tmp.as_mut_ptr());
tmp.assume_init()
@@ -72,7 +72,7 @@
impl Default for Bar {
#[inline(always)]
fn default() -> Self {
- let mut tmp = std::mem::MaybeUninit::<Self>::uninit();
+ let mut tmp = std::mem::MaybeUninit::<Self>::zeroed();
unsafe {
crate::detail::__rust_thunk___ZN3BarC1Ev(tmp.as_mut_ptr());
tmp.assume_init()
@@ -102,7 +102,7 @@
impl Default for HasNoComments {
#[inline(always)]
fn default() -> Self {
- let mut tmp = std::mem::MaybeUninit::<Self>::uninit();
+ let mut tmp = std::mem::MaybeUninit::<Self>::zeroed();
unsafe {
crate::detail::__rust_thunk___ZN13HasNoCommentsC1Ev(tmp.as_mut_ptr());
tmp.assume_init()
diff --git a/rs_bindings_from_cc/test/golden/doc_comment_rs_api.rs b/rs_bindings_from_cc/test/golden/doc_comment_rs_api.rs
index 25c7f67..562d446 100644
--- a/rs_bindings_from_cc/test/golden/doc_comment_rs_api.rs
+++ b/rs_bindings_from_cc/test/golden/doc_comment_rs_api.rs
@@ -26,7 +26,7 @@
impl Default for DocCommentSlashes {
#[inline(always)]
fn default() -> Self {
- let mut tmp = std::mem::MaybeUninit::<Self>::uninit();
+ let mut tmp = std::mem::MaybeUninit::<Self>::zeroed();
unsafe {
crate::detail::__rust_thunk___ZN17DocCommentSlashesC1Ev(tmp.as_mut_ptr());
tmp.assume_init()
@@ -39,7 +39,7 @@
impl From<i32> for DocCommentSlashes {
#[inline(always)]
fn from(__param_0: i32) -> Self {
- let mut tmp = std::mem::MaybeUninit::<Self>::uninit();
+ let mut tmp = std::mem::MaybeUninit::<Self>::zeroed();
unsafe {
crate::detail::__rust_thunk___ZN17DocCommentSlashesC1Ei(tmp.as_mut_ptr(), __param_0);
tmp.assume_init()
@@ -80,7 +80,7 @@
impl Default for DocCommentBang {
#[inline(always)]
fn default() -> Self {
- let mut tmp = std::mem::MaybeUninit::<Self>::uninit();
+ let mut tmp = std::mem::MaybeUninit::<Self>::zeroed();
unsafe {
crate::detail::__rust_thunk___ZN14DocCommentBangC1Ev(tmp.as_mut_ptr());
tmp.assume_init()
@@ -113,7 +113,7 @@
impl Default for MultilineCommentTwoStars {
#[inline(always)]
fn default() -> Self {
- let mut tmp = std::mem::MaybeUninit::<Self>::uninit();
+ let mut tmp = std::mem::MaybeUninit::<Self>::zeroed();
unsafe {
crate::detail::__rust_thunk___ZN24MultilineCommentTwoStarsC1Ev(tmp.as_mut_ptr());
tmp.assume_init()
@@ -146,7 +146,7 @@
impl Default for LineComment {
#[inline(always)]
fn default() -> Self {
- let mut tmp = std::mem::MaybeUninit::<Self>::uninit();
+ let mut tmp = std::mem::MaybeUninit::<Self>::zeroed();
unsafe {
crate::detail::__rust_thunk___ZN11LineCommentC1Ev(tmp.as_mut_ptr());
tmp.assume_init()
@@ -179,7 +179,7 @@
impl Default for MultilineOneStar {
#[inline(always)]
fn default() -> Self {
- let mut tmp = std::mem::MaybeUninit::<Self>::uninit();
+ let mut tmp = std::mem::MaybeUninit::<Self>::zeroed();
unsafe {
crate::detail::__rust_thunk___ZN16MultilineOneStarC1Ev(tmp.as_mut_ptr());
tmp.assume_init()
diff --git a/rs_bindings_from_cc/test/golden/elided_lifetimes_rs_api.rs b/rs_bindings_from_cc/test/golden/elided_lifetimes_rs_api.rs
index b961447..e20e8ba 100644
--- a/rs_bindings_from_cc/test/golden/elided_lifetimes_rs_api.rs
+++ b/rs_bindings_from_cc/test/golden/elided_lifetimes_rs_api.rs
@@ -33,7 +33,7 @@
impl Default for S {
#[inline(always)]
fn default<'a>() -> Self {
- let mut tmp = std::mem::MaybeUninit::<Self>::uninit();
+ let mut tmp = std::mem::MaybeUninit::<Self>::zeroed();
unsafe {
crate::detail::__rust_thunk___ZN1SC1Ev(tmp.as_mut_ptr());
tmp.assume_init()
diff --git a/rs_bindings_from_cc/test/golden/item_order_rs_api.rs b/rs_bindings_from_cc/test/golden/item_order_rs_api.rs
index 3efb002..aa957ad 100644
--- a/rs_bindings_from_cc/test/golden/item_order_rs_api.rs
+++ b/rs_bindings_from_cc/test/golden/item_order_rs_api.rs
@@ -20,7 +20,7 @@
impl Default for FirstStruct {
#[inline(always)]
fn default() -> Self {
- let mut tmp = std::mem::MaybeUninit::<Self>::uninit();
+ let mut tmp = std::mem::MaybeUninit::<Self>::zeroed();
unsafe {
crate::detail::__rust_thunk___ZN11FirstStructC1Ev(tmp.as_mut_ptr());
tmp.assume_init()
@@ -54,7 +54,7 @@
impl Default for SecondStruct {
#[inline(always)]
fn default() -> Self {
- let mut tmp = std::mem::MaybeUninit::<Self>::uninit();
+ let mut tmp = std::mem::MaybeUninit::<Self>::zeroed();
unsafe {
crate::detail::__rust_thunk___ZN12SecondStructC1Ev(tmp.as_mut_ptr());
tmp.assume_init()
diff --git a/rs_bindings_from_cc/test/golden/private_members_rs_api.rs b/rs_bindings_from_cc/test/golden/private_members_rs_api.rs
index 971261f..6b6ca5b 100644
--- a/rs_bindings_from_cc/test/golden/private_members_rs_api.rs
+++ b/rs_bindings_from_cc/test/golden/private_members_rs_api.rs
@@ -35,7 +35,7 @@
impl Default for SomeClass {
#[inline(always)]
fn default() -> Self {
- let mut tmp = std::mem::MaybeUninit::<Self>::uninit();
+ let mut tmp = std::mem::MaybeUninit::<Self>::zeroed();
unsafe {
crate::detail::__rust_thunk___ZN9SomeClassC1Ev(tmp.as_mut_ptr());
tmp.assume_init()
diff --git a/rs_bindings_from_cc/test/golden/static_methods_rs_api.rs b/rs_bindings_from_cc/test/golden/static_methods_rs_api.rs
index 002fdf8..0078caf 100644
--- a/rs_bindings_from_cc/test/golden/static_methods_rs_api.rs
+++ b/rs_bindings_from_cc/test/golden/static_methods_rs_api.rs
@@ -44,7 +44,7 @@
impl Default for SomeClass {
#[inline(always)]
fn default() -> Self {
- let mut tmp = std::mem::MaybeUninit::<Self>::uninit();
+ let mut tmp = std::mem::MaybeUninit::<Self>::zeroed();
unsafe {
crate::detail::__rust_thunk___ZN9SomeClassC1Ev(tmp.as_mut_ptr());
tmp.assume_init()
diff --git a/rs_bindings_from_cc/test/golden/trivial_type_rs_api.rs b/rs_bindings_from_cc/test/golden/trivial_type_rs_api.rs
index c2c735c..e393a35 100644
--- a/rs_bindings_from_cc/test/golden/trivial_type_rs_api.rs
+++ b/rs_bindings_from_cc/test/golden/trivial_type_rs_api.rs
@@ -22,7 +22,7 @@
impl Default for Trivial {
#[inline(always)]
fn default() -> Self {
- let mut tmp = std::mem::MaybeUninit::<Self>::uninit();
+ let mut tmp = std::mem::MaybeUninit::<Self>::zeroed();
unsafe {
crate::detail::__rust_thunk___ZN7TrivialC1Ev(tmp.as_mut_ptr());
tmp.assume_init()
@@ -53,7 +53,7 @@
impl Default for TrivialWithDefaulted {
#[inline(always)]
fn default() -> Self {
- let mut tmp = std::mem::MaybeUninit::<Self>::uninit();
+ let mut tmp = std::mem::MaybeUninit::<Self>::zeroed();
unsafe {
crate::detail::__rust_thunk___ZN20TrivialWithDefaultedC1Ev(tmp.as_mut_ptr());
tmp.assume_init()
@@ -86,7 +86,7 @@
impl Default for TrivialNonfinal {
#[inline(always)]
fn default() -> Self {
- let mut tmp = std::mem::MaybeUninit::<Self>::uninit();
+ let mut tmp = std::mem::MaybeUninit::<Self>::zeroed();
unsafe {
crate::detail::__rust_thunk___ZN15TrivialNonfinalC1Ev(tmp.as_mut_ptr());
tmp.assume_init()
diff --git a/rs_bindings_from_cc/test/golden/types_rs_api.rs b/rs_bindings_from_cc/test/golden/types_rs_api.rs
index 0970ac0..55e5ac7 100644
--- a/rs_bindings_from_cc/test/golden/types_rs_api.rs
+++ b/rs_bindings_from_cc/test/golden/types_rs_api.rs
@@ -21,7 +21,7 @@
impl Default for SomeStruct {
#[inline(always)]
fn default() -> Self {
- let mut tmp = std::mem::MaybeUninit::<Self>::uninit();
+ let mut tmp = std::mem::MaybeUninit::<Self>::zeroed();
unsafe {
crate::detail::__rust_thunk___ZN10SomeStructC1Ev(tmp.as_mut_ptr());
tmp.assume_init()
diff --git a/rs_bindings_from_cc/test/golden/unsupported_rs_api.rs b/rs_bindings_from_cc/test/golden/unsupported_rs_api.rs
index 87524ad..3b9f2a1 100644
--- a/rs_bindings_from_cc/test/golden/unsupported_rs_api.rs
+++ b/rs_bindings_from_cc/test/golden/unsupported_rs_api.rs
@@ -70,7 +70,7 @@
impl Default for ContainingStruct {
#[inline(always)]
fn default() -> Self {
- let mut tmp = std::mem::MaybeUninit::<Self>::uninit();
+ let mut tmp = std::mem::MaybeUninit::<Self>::zeroed();
unsafe {
crate::detail::__rust_thunk___ZN16ContainingStructC1Ev(tmp.as_mut_ptr());
tmp.assume_init()
diff --git a/rs_bindings_from_cc/test/golden/user_of_imported_type_rs_api.rs b/rs_bindings_from_cc/test/golden/user_of_imported_type_rs_api.rs
index 8ae5005..5b6d898 100644
--- a/rs_bindings_from_cc/test/golden/user_of_imported_type_rs_api.rs
+++ b/rs_bindings_from_cc/test/golden/user_of_imported_type_rs_api.rs
@@ -27,7 +27,7 @@
impl Default for UserOfImportedType {
#[inline(always)]
fn default() -> Self {
- let mut tmp = std::mem::MaybeUninit::<Self>::uninit();
+ let mut tmp = std::mem::MaybeUninit::<Self>::zeroed();
unsafe {
crate::detail::__rust_thunk___ZN18UserOfImportedTypeC1Ev(tmp.as_mut_ptr());
tmp.assume_init()
diff --git a/rs_bindings_from_cc/test/struct/constructors/test.rs b/rs_bindings_from_cc/test/struct/constructors/test.rs
index 5bcb9e5..867600f 100644
--- a/rs_bindings_from_cc/test/struct/constructors/test.rs
+++ b/rs_bindings_from_cc/test/struct/constructors/test.rs
@@ -46,11 +46,9 @@
#[test]
#[allow(clippy::clone_on_copy)]
fn test_explicitly_defaulted_constructors() {
- // Default constructor should set uninitialized fields to 0 (real testing here
- // depends somewhat on MSan).
assert_impl_all!(StructWithExplicitlyDefaultedConstructors: Default);
let s: StructWithExplicitlyDefaultedConstructors = Default::default();
- assert_eq!(0, s.field_with_no_initializer);
+ assert_eq!(0, s.field_with_no_initializer); // Using `MaybeUninit<T>::zeroed()`.
assert_eq!(123, s.field_with_explicit_initializer);
// In some scenarios the bindings generator may be able to ask Rust to
