76 /// the read length and the next read will start from there. This helps prevent accidentally reading
148     length: usize,  field
152     /// Constructs a user slice from a raw pointer and a length in bytes.
154     /// Constructing a [`UserSlice`] performs no checks on the provided address and length, it can
164     pub fn new(ptr: UserPtr, length: usize) -> Self {  in new()
165         UserSlice { ptr, length }  in new()
179             length: self.length,  in reader()
187             length: self.length,  in writer()
198                 length: self.length,  in reader_writer()
202                 length: self.length,  in reader_writer()
213     length: usize,  field
219     /// Returns an error if skipping more than the length of the buffer.
221         // Update `self.length` first since that's the fallible part of this operation.  in skip()
222         self.length = self.length.checked_sub(num_skip).ok_or(EFAULT)?;  in skip()
236             length: self.length,  in clone_reader()
244         self.length  in len()
249         self.length == 0  in is_empty()
265         if len > self.length {  in read_raw()
268         // SAFETY: `out_ptr` points into a mutable slice of length `len`, so we may write  in read_raw()
275         self.length -= len;  in read_raw()
296         if len > self.length {  in read()
304         // length is a compile-time constant.  in read()
316         self.length -= len;  in read()
326         let len = self.length;  in read_all()
356         // We never read more than `self.length` bytes.  in strcpy_into_buf()
357         if dst.len() > self.length {  in strcpy_into_buf()
358             dst = &mut dst[..self.length];  in strcpy_into_buf()
369             // because we hit the `self.length` limit of this `UserSliceReader`. Since we did not  in strcpy_into_buf()
370             // fill the buffer, we treat this case as if we tried to read past the `self.length`  in strcpy_into_buf()
372             // methods that also return page faults when you exceed `self.length`.  in strcpy_into_buf()
379             // already represents the length including the NUL-terminator.  in strcpy_into_buf()
386         // update `self.length`. This sidesteps concerns such as whether `self.length` should be  in strcpy_into_buf()
403     length: usize,  field
411         self.length  in len()
416         self.length == 0  in is_empty()
427         if len > self.length {  in write_slice()
430         // SAFETY: `data_ptr` points into an immutable slice of length `len`, so we may read  in write_slice()
437         self.length -= len;  in write_slice()
448         if len > self.length {  in write()
455         // kernel pointer. This mirrors the logic on the C side that skips the check when the length  in write()
468         self.length -= len;  in write()
473 /// Reads a nul-terminated string into `dst` and returns the length.