Use AtomicPtr

Author: tamird

src/backends/linux_android_with_fallback.rs

@@ -13,22 +13,22 @@ type GetRandomFn = unsafe extern "C" fn(*mut c_void, libc::size_t, libc::c_uint)
 
 /// Sentinel value which indicates that `libc::getrandom` either not available,
 /// or not supported by kernel.
-const NOT_AVAILABLE: usize = usize::MAX;
+const NOT_AVAILABLE: *mut c_void = usize::MAX as *mut c_void;
 
 #[cold]
 #[inline(never)]
-fn init() -> usize {
+fn init() -> *mut c_void {
     // Use static linking to `libc::getrandom` on MUSL targets and `dlsym` everywhere else
     #[cfg(not(target_env = "musl"))]
-    let fptr = unsafe { libc::dlsym(libc::RTLD_DEFAULT, c"getrandom".as_ptr()) } as usize;
+    let fptr = unsafe { libc::dlsym(libc::RTLD_DEFAULT, c"getrandom".as_ptr()) };
     #[cfg(target_env = "musl")]
     let fptr = {
         let fptr: GetRandomFn = libc::getrandom;
-        unsafe { transmute::<GetRandomFn, usize>(fptr) }
+        unsafe { transmute::<GetRandomFn, *mut c_void>(fptr) }
     };
 
-    let res_ptr = if fptr != 0 {
-        let getrandom_fn = unsafe { transmute::<usize, GetRandomFn>(fptr) };
+    let res_ptr = if !fptr.is_null() {
+        let getrandom_fn = unsafe { transmute::<*mut c_void, GetRandomFn>(fptr) };
         // Check that `getrandom` syscall is supported by kernel
         let res = unsafe { getrandom_fn(ptr::dangling_mut(), 0, 0) };
         if cfg!(getrandom_test_linux_fallback) {
@@ -66,14 +66,14 @@ fn use_file_fallback(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
 
 #[inline]
 pub fn fill_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
-    static GETRANDOM_FN: lazy::LazyUsize = lazy::LazyUsize::new();
+    static GETRANDOM_FN: lazy::LazyPtr<c_void> = lazy::LazyPtr::new();
     let fptr = GETRANDOM_FN.unsync_init(init);
 
     if fptr == NOT_AVAILABLE {
         use_file_fallback(dest)
     } else {
         // note: `transmute` is currently the only way to convert a pointer into a function reference
-        let getrandom_fn = unsafe { transmute::<usize, GetRandomFn>(fptr) };
+        let getrandom_fn = unsafe { transmute::<*mut c_void, GetRandomFn>(fptr) };
         util_libc::sys_fill_exact(dest, |buf| unsafe {
             let ret = getrandom_fn(buf.as_mut_ptr().cast(), buf.len(), 0);
             sanitizer::unpoison_linux_getrandom_result(buf, ret);

src/backends/netbsd.rs

@@ -40,22 +40,23 @@ type GetRandomFn = unsafe extern "C" fn(*mut c_void, libc::size_t, libc::c_uint)
 
 #[cold]
 #[inline(never)]
-fn init() -> usize {
-    let mut ptr = unsafe { libc::dlsym(libc::RTLD_DEFAULT, c"getrandom".as_ptr()) };
+fn init() -> *mut c_void {
+    let ptr = unsafe { libc::dlsym(libc::RTLD_DEFAULT, c"getrandom".as_ptr()) };
     if ptr.is_null() || cfg!(getrandom_test_netbsd_fallback) {
         // Verify `polyfill_using_kern_arand` has the right signature.
         const POLYFILL: GetRandomFn = polyfill_using_kern_arand;
-        ptr = POLYFILL as *mut c_void;
+        POLYFILL as *mut c_void
+    } else {
+        ptr
     }
-    ptr as usize
 }
 
 #[inline]
 pub fn fill_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
-    static GETRANDOM_FN: lazy::LazyUsize = lazy::LazyUsize::new();
+    static GETRANDOM_FN: lazy::LazyPtr<c_void> = lazy::LazyPtr::new();
 
     let fptr = GETRANDOM_FN.unsync_init(init);
-    let fptr = unsafe { mem::transmute::<usize, GetRandomFn>(fptr) };
+    let fptr = unsafe { mem::transmute::<*mut c_void, GetRandomFn>(fptr) };
     util_libc::sys_fill_exact(dest, |buf| unsafe {
         fptr(buf.as_mut_ptr().cast::<c_void>(), buf.len(), 0)
     })

src/lazy.rs

@@ -1,56 +1,52 @@
 //! Helpers built around pointer-sized atomics.
-use core::sync::atomic::{AtomicUsize, Ordering};
-
-// This structure represents a lazily initialized static usize value. Useful
-// when it is preferable to just rerun initialization instead of locking.
-// unsync_init will invoke an init() function until it succeeds, then return the
-// cached value for future calls.
-//
-// unsync_init supports init() "failing". If the init() method returns UNINIT,
-// that value will be returned as normal, but will not be cached.
-//
-// Users should only depend on the _value_ returned by init() functions.
-// Specifically, for the following init() function:
-//      fn init() -> usize {
-//          a();
-//          let v = b();
-//          c();
-//          v
-//      }
-// the effects of c() or writes to shared memory will not necessarily be
-// observed and additional synchronization methods may be needed.
-pub(crate) struct LazyUsize(AtomicUsize);
-
-impl LazyUsize {
-    // The initialization is not completed.
-    const UNINIT: usize = usize::MAX;
-
-    pub const fn new() -> Self {
-        Self(AtomicUsize::new(Self::UNINIT))
-    }
-
-    // Runs the init() function at most once, returning the value of some run of
-    // init(). Multiple callers can run their init() functions in parallel.
-    // init() should always return the same value, if it succeeds.
-    pub fn unsync_init(&self, init: impl FnOnce() -> usize) -> usize {
-        #[cold]
-        fn do_init(this: &LazyUsize, init: impl FnOnce() -> usize) -> usize {
-            let val = init();
-            this.0.store(val, Ordering::Relaxed);
-            val
-        }
-
-        // Relaxed ordering is fine, as we only have a single atomic variable.
-        let val = self.0.load(Ordering::Relaxed);
-        if val != Self::UNINIT {
-            val
-        } else {
-            do_init(self, init)
+use core::{
+    ptr,
+    sync::atomic::{AtomicPtr, AtomicUsize, Ordering},
+};
+
+macro_rules! lazy_atomic {
+    ($name:ident $(<$($gen:ident),+>)?, $atomic:ty, $value:ty, $uninit:expr) => {
+        /// Lazily initialized static value backed by a single atomic.
+        ///
+        /// `unsync_init` will invoke `init` until it returns a value other than
+        /// the sentinel `UNINIT`, then cache that value for subsequent calls.
+        /// Multiple callers may race to run `init`; only the returned value is
+        /// guaranteed to be observed, not any side effects.
+        pub(crate) struct $name$(<$($gen),+>)?($atomic);
+
+        impl<$($($gen),+)? > $name$(<$($gen),+>)? {
+            const UNINIT: $value = $uninit;
+
+            pub const fn new() -> Self {
+                Self(<$atomic>::new(Self::UNINIT))
+            }
+
+            #[cold]
+            fn do_init(&self, init: impl FnOnce() -> $value) -> $value {
+                let val = init();
+                self.0.store(val, Ordering::Relaxed);
+                val
+            }
+
+            #[inline]
+            pub fn unsync_init(&self, init: impl FnOnce() -> $value) -> $value {
+                // Relaxed ordering is fine, as we only have a single atomic variable.
+                let val = self.0.load(Ordering::Relaxed);
+                if val != Self::UNINIT {
+                    val
+                } else {
+                    self.do_init(init)
+                }
+            }
         }
-    }
+    };
 }
 
-// Identical to LazyUsize except with bool instead of usize.
+lazy_atomic!(LazyUsize, AtomicUsize, usize, usize::MAX);
+lazy_atomic!(LazyPtr<T>, AtomicPtr<T>, *mut T, ptr::dangling_mut());
+
+/// Lazily initializes a cached bool; reuses `LazyUsize` to avoid sentinel
+/// issues with `AtomicBool`.
 pub(crate) struct LazyBool(LazyUsize);
 
 impl LazyBool {