chore: increase coverage, handle more decoding crashes (#71)

this handles a few more decoding edge cases, minor code cleanup

Author: nyurik

fuzz/fuzz_targets/rust_decompress_arbitrary.rs

@@ -75,5 +75,7 @@ fuzz_target!(|data: FuzzInput| {
     };
 
     // The decoder must either succeed or return an error.  A panic is a bug.
+    // We are ok if not all data is consumed because it tries to parse
+    // garbage - as long as we don't panic, we are good
     let _ = codec.decompress_to_slice(&compressed, &mut output);
 });

fuzz/justfile

@@ -28,7 +28,7 @@ rust-compress *args: (run 'rust_compress_oracle' args)
 # Run rust_decompress_oracle (uses C++ as oracle)
 rust-decompress *args: (run 'rust_decompress_oracle' args)
 
-# Feed arbitrary bytes directly to the Rust decompressr; runs=0 means run indefinitely (Ctrl-C to stop)
+# Feed arbitrary bytes directly to the Rust decompressor; runs=0 means run indefinitely (Ctrl-C to stop)
 rust-decompress-arbitrary *args: (run 'rust_decompress_arbitrary' args)
 
 # Run cpp_roundtrip (C++ roundtrip)

justfile

@@ -56,7 +56,8 @@ clippy *args:
     cargo clippy --workspace --all-targets --features _all_compatible {{args}}
 
 # Generate code coverage report. Will install `cargo llvm-cov` if missing.
-coverage *args='--no-clean --open':  (cargo-install 'cargo-llvm-cov')
+coverage *args='--open':  (cargo-install 'cargo-llvm-cov')
+    cargo llvm-cov clean --workspace
     cargo llvm-cov --workspace --all-targets --features _all_compatible --include-build-script {{args}}
 
 # Build and open code documentation

src/rust/integer_compression/fastpfor.rs

@@ -1,3 +1,5 @@
+use crate::rust::{FastPForError, FastPForResult};
+
 /// Finds the greatest multiple of `factor` that is less than or equal to `value`.
 pub fn greatest_multiple(value: u32, factor: u32) -> u32 {
     value - value % factor
@@ -9,29 +11,51 @@ pub fn bits(i: u32) -> usize {
     32 - i.leading_zeros() as usize
 }
 
-/// Extracts a byte from an i32 array treated as packed bytes in big-endian order.
-#[expect(dead_code)]
-pub fn grab_byte(input: &[i32], index: u32) -> u8 {
-    (input[(index / 4) as usize] >> (24 - (index % 4) * 8)) as u8
+pub trait AsUsize: Eq + Copy {
+    fn as_usize(self) -> usize;
 }
 
-/// Returns the position of the most significant bit in `x` (1-indexed).
-/// Returns 0 for input 0.
-#[expect(dead_code)]
-pub fn leading_bit_position(x: u32) -> i32 {
-    bitlen(u64::from(x))
+impl AsUsize for usize {
+    #[inline]
+    fn as_usize(self) -> usize {
+        self
+    }
 }
 
-/// Counts the number of leading zeros in `x`.
-fn clz(x: u64) -> u64 {
-    u64::from(x.leading_zeros())
+impl AsUsize for u32 {
+    #[inline]
+    fn as_usize(self) -> usize {
+        const _: () = {
+            // Some day Rust may support usize smaller than u32?
+            assert!(
+                size_of::<u32>() <= size_of::<usize>(),
+                "usize must be able to hold all u32 values"
+            );
+        };
+
+        #[allow(clippy::cast_possible_wrap, clippy::cast_possible_truncation)]
+        {
+            self as usize
+        }
+    }
 }
 
-/// Returns the bit length of `x` (number of bits needed to represent it).
-/// Returns 0 for input 0.
-fn bitlen(x: u64) -> i32 {
-    if x == 0 {
-        return 0;
+pub trait GetWithErr<T> {
+    fn get_val(&self, pos: impl AsUsize) -> FastPForResult<T>;
+}
+
+impl<T: Copy> GetWithErr<T> for &[T] {
+    #[inline]
+    fn get_val(&self, pos: impl AsUsize) -> FastPForResult<T> {
+        self.get(pos.as_usize())
+            .copied()
+            .ok_or(FastPForError::NotEnoughData)
+    }
+}
+
+impl<T: Copy> GetWithErr<T> for Vec<T> {
+    #[inline]
+    fn get_val(&self, pos: impl AsUsize) -> FastPForResult<T> {
+        self.as_slice().get_val(pos)
     }
-    64 - clz(x) as i32
 }

src/rust/integer_compression/helpers.rs

@@ -3,6 +3,7 @@ use std::io::Cursor;
 use bytemuck::{cast_slice, cast_slice_mut};
 
 use crate::rust::cursor::IncrementCursor;
+use crate::rust::integer_compression::helpers::AsUsize;
 use crate::rust::{FastPForError, FastPForResult, Integer, Skippable};
 
 /// Variable-byte encoding codec for integer compression.
@@ -138,7 +139,7 @@ impl Integer<u32> for VariableByte {
         }
 
         // Convert u32 array to byte view
-        let byte_length = (input_length as usize) * 4;
+        let byte_length = (input_length.as_usize()) * 4;
         let input_start = input_offset.position() as usize;
 
         // Create a byte slice view of the input
@@ -232,7 +233,7 @@ impl Integer<i8> for VariableByte {
         }
         let mut out_pos_tmp = output_offset.position();
         for k in input_offset.position() as u32..(input_offset.position() as u32 + input_length) {
-            let val = input[k as usize];
+            let val = input[k.as_usize()];
             if val < (1 << 7) {
                 output[out_pos_tmp as usize] = Self::extract_7bits::<0>(val) as i8;
                 out_pos_tmp += 1;
@@ -287,43 +288,43 @@ impl Integer<i8> for VariableByte {
         let mut tmp_outpos = output_offset.position();
 
         while p < final_p {
-            let mut v = i32::from(input[p as usize] & 0x7F);
-            if input[p as usize] >= 0 {
+            let mut v = i32::from(input[p.as_usize()] & 0x7F);
+            if input[p.as_usize()] >= 0 {
                 // High bit is NOT set, this is the last byte
                 p += 1;
                 output[tmp_outpos as usize] = v as u32;
                 tmp_outpos += 1;
                 continue;
             }
 
-            v |= i32::from(input[p as usize + 1] & 0x7F) << 7;
-            if input[p as usize + 1] >= 0 {
+            v |= i32::from(input[p.as_usize() + 1] & 0x7F) << 7;
+            if input[p.as_usize() + 1] >= 0 {
                 // High bit is NOT set, this is the last byte
                 p += 2;
                 output[tmp_outpos as usize] = v as u32;
                 tmp_outpos += 1;
                 continue;
             }
 
-            v |= i32::from(input[p as usize + 2] & 0x7F) << 14;
-            if input[p as usize + 2] >= 0 {
+            v |= i32::from(input[p.as_usize() + 2] & 0x7F) << 14;
+            if input[p.as_usize() + 2] >= 0 {
                 // High bit is NOT set, this is the last byte
                 p += 3;
                 output[tmp_outpos as usize] = v as u32;
                 tmp_outpos += 1;
                 continue;
             }
 
-            v |= i32::from(input[p as usize + 3] & 0x7F) << 21;
-            if input[p as usize + 3] >= 0 {
+            v |= i32::from(input[p.as_usize() + 3] & 0x7F) << 21;
+            if input[p.as_usize() + 3] >= 0 {
                 // High bit is NOT set, this is the last byte
                 p += 4;
                 output[tmp_outpos as usize] = v as u32;
                 tmp_outpos += 1;
                 continue;
             }
 
-            v |= i32::from(input[p as usize + 4] & 0x0F) << 28;
+            v |= i32::from(input[p.as_usize() + 4] & 0x0F) << 28;
             p += 5;
             output[tmp_outpos as usize] = v as u32;
             tmp_outpos += 1;

src/rust/integer_compression/variable_byte.rs

@@ -1,8 +1,7 @@
 //! Common test utilities for codec compatibility testing.
 
 #![cfg(all(feature = "rust", feature = "cpp"))]
-// This file is shared by several test modules
-#![allow(dead_code)]
+#![allow(dead_code, reason = "This file is shared by several test modules")]
 
 use std::io::Cursor;