From e1875742d024c9ac52889d26881ca39a2a14cd8e Mon Sep 17 00:00:00 2001
From: Ralf Jung <post@ralfj.de>
Date: Mon, 5 Aug 2019 20:13:59 +0200
Subject: [PATCH 1/3] assume_init: warn about valid != safe

---
 src/libcore/mem/maybe_uninit.rs | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/src/libcore/mem/maybe_uninit.rs b/src/libcore/mem/maybe_uninit.rs
index 64fdf504369f2..20367f724b6f3 100644
--- a/src/libcore/mem/maybe_uninit.rs
+++ b/src/libcore/mem/maybe_uninit.rs
@@ -402,6 +402,13 @@ impl<T> MaybeUninit<T> {
     ///
     /// [inv]: #initialization-invariant
     ///
+    /// On top of that, remember that most types have additional invariants beyond merely
+    /// being considered initialized at the type level. For example, a `1`-initialized [`Vec<T>`]
+    /// is considered initialized because the only requirement the compiler knows about it
+    /// is that the data pointer must be non-null. Creating such a `Vec<T>` does not cause
+    /// *immediate* undefined behavior, but will cause undefined behavior with most
+    /// safe operations (including dropping it).
+    ///
     /// # Examples
     ///
     /// Correct usage of this method:

From 1b9eb4ac4cb5ecc5a16a1ed781a88af4c65bfc2f Mon Sep 17 00:00:00 2001
From: Ralf Jung <post@ralfj.de>
Date: Tue, 6 Aug 2019 09:47:42 +0200
Subject: [PATCH 2/3] be clear that 1-init Vec being valid (but not safe) is
 not a stable guarantee

---
 src/libcore/mem/maybe_uninit.rs | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/libcore/mem/maybe_uninit.rs b/src/libcore/mem/maybe_uninit.rs
index 20367f724b6f3..43c4b491ac89d 100644
--- a/src/libcore/mem/maybe_uninit.rs
+++ b/src/libcore/mem/maybe_uninit.rs
@@ -51,7 +51,8 @@ use crate::mem::ManuallyDrop;
 ///
 /// On top of that, remember that most types have additional invariants beyond merely
 /// being considered initialized at the type level. For example, a `1`-initialized [`Vec<T>`]
-/// is considered initialized because the only requirement the compiler knows about it
+/// is considered initialized (under the current implementation, this does not constitute
+/// a stable guarantee) because the only requirement the compiler knows about it
 /// is that the data pointer must be non-null. Creating such a `Vec<T>` does not cause
 /// *immediate* undefined behavior, but will cause undefined behavior with most
 /// safe operations (including dropping it).
@@ -404,7 +405,8 @@ impl<T> MaybeUninit<T> {
     ///
     /// On top of that, remember that most types have additional invariants beyond merely
     /// being considered initialized at the type level. For example, a `1`-initialized [`Vec<T>`]
-    /// is considered initialized because the only requirement the compiler knows about it
+    /// is considered initialized (under the current implementation, this does not constitute
+    /// a stable guarantee) because the only requirement the compiler knows about it
     /// is that the data pointer must be non-null. Creating such a `Vec<T>` does not cause
     /// *immediate* undefined behavior, but will cause undefined behavior with most
     /// safe operations (including dropping it).

From 1821414b7bb496545ef147644cf5691db433ab5d Mon Sep 17 00:00:00 2001
From: Ralf Jung <post@ralfj.de>
Date: Tue, 6 Aug 2019 10:41:48 +0200
Subject: [PATCH 3/3] clarify

---
 src/libcore/mem/maybe_uninit.rs | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/libcore/mem/maybe_uninit.rs b/src/libcore/mem/maybe_uninit.rs
index 43c4b491ac89d..ff063759cba62 100644
--- a/src/libcore/mem/maybe_uninit.rs
+++ b/src/libcore/mem/maybe_uninit.rs
@@ -51,7 +51,7 @@ use crate::mem::ManuallyDrop;
 ///
 /// On top of that, remember that most types have additional invariants beyond merely
 /// being considered initialized at the type level. For example, a `1`-initialized [`Vec<T>`]
-/// is considered initialized (under the current implementation, this does not constitute
+/// is considered initialized (under the current implementation; this does not constitute
 /// a stable guarantee) because the only requirement the compiler knows about it
 /// is that the data pointer must be non-null. Creating such a `Vec<T>` does not cause
 /// *immediate* undefined behavior, but will cause undefined behavior with most
@@ -405,7 +405,7 @@ impl<T> MaybeUninit<T> {
     ///
     /// On top of that, remember that most types have additional invariants beyond merely
     /// being considered initialized at the type level. For example, a `1`-initialized [`Vec<T>`]
-    /// is considered initialized (under the current implementation, this does not constitute
+    /// is considered initialized (under the current implementation; this does not constitute
     /// a stable guarantee) because the only requirement the compiler knows about it
     /// is that the data pointer must be non-null. Creating such a `Vec<T>` does not cause
     /// *immediate* undefined behavior, but will cause undefined behavior with most