diff --git a/library/core/src/fmt/float.rs b/library/core/src/fmt/float.rs index 52d8349bc9a87..7f9ab5357d697 100644 --- a/library/core/src/fmt/float.rs +++ b/library/core/src/fmt/float.rs @@ -14,11 +14,11 @@ fn float_to_decimal_common_exact( where T: flt2dec::DecodableFloat, { - // SAFETY: Possible undefined behavior, see FIXME(#53491) + // SAFETY: Possible undefined behavior, see FIXME(#76092) unsafe { let mut buf = MaybeUninit::<[u8; 1024]>::uninit(); // enough for f32 and f64 let mut parts = MaybeUninit::<[flt2dec::Part<'_>; 4]>::uninit(); - // FIXME(#53491): This is calling `get_mut` on an uninitialized + // FIXME(#76092): This is calling `assume_init_mut` on an uninitialized // `MaybeUninit` (here and elsewhere in this file). Revisit this once // we decided whether that is valid or not. // We can do this only because we are libstd and coupled to the compiler. @@ -28,8 +28,8 @@ where *num, sign, precision, - buf.get_mut(), - parts.get_mut(), + buf.assume_init_mut(), + parts.assume_init_mut(), ); fmt.pad_formatted_parts(&formatted) } @@ -47,19 +47,19 @@ fn float_to_decimal_common_shortest( where T: flt2dec::DecodableFloat, { - // SAFETY: Possible undefined behavior, see FIXME(#53491) + // SAFETY: Possible undefined behavior, see FIXME(#76092) unsafe { // enough for f32 and f64 let mut buf = MaybeUninit::<[u8; flt2dec::MAX_SIG_DIGITS]>::uninit(); let mut parts = MaybeUninit::<[flt2dec::Part<'_>; 4]>::uninit(); - // FIXME(#53491) + // FIXME(#76092) let formatted = flt2dec::to_shortest_str( flt2dec::strategy::grisu::format_shortest, *num, sign, precision, - buf.get_mut(), - parts.get_mut(), + buf.assume_init_mut(), + parts.assume_init_mut(), ); fmt.pad_formatted_parts(&formatted) } @@ -103,19 +103,19 @@ fn float_to_exponential_common_exact( where T: flt2dec::DecodableFloat, { - // SAFETY: Possible undefined behavior, see FIXME(#53491) + // SAFETY: Possible undefined behavior, see FIXME(#76092) unsafe { let mut buf = MaybeUninit::<[u8; 1024]>::uninit(); // enough for f32 and f64 let mut parts = MaybeUninit::<[flt2dec::Part<'_>; 6]>::uninit(); - // FIXME(#53491) + // FIXME(#76092) let formatted = flt2dec::to_exact_exp_str( flt2dec::strategy::grisu::format_exact, *num, sign, precision, upper, - buf.get_mut(), - parts.get_mut(), + buf.assume_init_mut(), + parts.assume_init_mut(), ); fmt.pad_formatted_parts(&formatted) } @@ -133,20 +133,20 @@ fn float_to_exponential_common_shortest( where T: flt2dec::DecodableFloat, { - // SAFETY: Possible undefined behavior, see FIXME(#53491) + // SAFETY: Possible undefined behavior, see FIXME(#76092) unsafe { // enough for f32 and f64 let mut buf = MaybeUninit::<[u8; flt2dec::MAX_SIG_DIGITS]>::uninit(); let mut parts = MaybeUninit::<[flt2dec::Part<'_>; 6]>::uninit(); - // FIXME(#53491) + // FIXME(#76092) let formatted = flt2dec::to_shortest_exp_str( flt2dec::strategy::grisu::format_shortest, *num, sign, (0, 0), upper, - buf.get_mut(), - parts.get_mut(), + buf.assume_init_mut(), + parts.assume_init_mut(), ); fmt.pad_formatted_parts(&formatted) } diff --git a/library/core/src/mem/maybe_uninit.rs b/library/core/src/mem/maybe_uninit.rs index d2d65fd2fa517..a79d9e25f34fc 100644 --- a/library/core/src/mem/maybe_uninit.rs +++ b/library/core/src/mem/maybe_uninit.rs @@ -369,7 +369,7 @@ impl MaybeUninit { pub fn write(&mut self, val: T) -> &mut T { unsafe { self.value = ManuallyDrop::new(val); - self.get_mut() + self.assume_init_mut() } } @@ -601,7 +601,7 @@ impl MaybeUninit { /// // create a shared reference to it: /// let x: &Vec = unsafe { /// // Safety: `x` has been initialized. - /// x.get_ref() + /// x.assume_init_ref() /// }; /// assert_eq!(x, &vec![1, 2, 3]); /// ``` @@ -613,7 +613,7 @@ impl MaybeUninit { /// use std::mem::MaybeUninit; /// /// let x = MaybeUninit::>::uninit(); - /// let x_vec: &Vec = unsafe { x.get_ref() }; + /// let x_vec: &Vec = unsafe { x.assume_init_ref() }; /// // We have created a reference to an uninitialized vector! This is undefined behavior. ⚠️ /// ``` /// @@ -624,14 +624,14 @@ impl MaybeUninit { /// let b = MaybeUninit::>::uninit(); /// // Initialize the `MaybeUninit` using `Cell::set`: /// unsafe { - /// b.get_ref().set(true); - /// // ^^^^^^^^^^^ - /// // Reference to an uninitialized `Cell`: UB! + /// b.assume_init_ref().set(true); + /// // ^^^^^^^^^^^^^^^ + /// // Reference to an uninitialized `Cell`: UB! /// } /// ``` #[unstable(feature = "maybe_uninit_ref", issue = "63568")] #[inline(always)] - pub unsafe fn get_ref(&self) -> &T { + pub unsafe fn assume_init_ref(&self) -> &T { // SAFETY: the caller must guarantee that `self` is initialized. // This also means that `self` must be a `value` variant. unsafe { @@ -650,7 +650,7 @@ impl MaybeUninit { /// /// Calling this when the content is not yet fully initialized causes undefined /// behavior: it is up to the caller to guarantee that the `MaybeUninit` really - /// is in an initialized state. For instance, `.get_mut()` cannot be used to + /// is in an initialized state. For instance, `.assume_init_mut()` cannot be used to /// initialize a `MaybeUninit`. /// /// # Examples @@ -678,7 +678,7 @@ impl MaybeUninit { /// // the `&mut MaybeUninit<[u8; 2048]>` to a `&mut [u8; 2048]`: /// let buf: &mut [u8; 2048] = unsafe { /// // Safety: `buf` has been initialized. - /// buf.get_mut() + /// buf.assume_init_mut() /// }; /// /// // Now we can use `buf` as a normal slice: @@ -691,7 +691,7 @@ impl MaybeUninit { /// /// ### *Incorrect* usages of this method: /// - /// You cannot use `.get_mut()` to initialize a value: + /// You cannot use `.assume_init_mut()` to initialize a value: /// /// ```rust,no_run /// #![feature(maybe_uninit_ref)] @@ -699,7 +699,7 @@ impl MaybeUninit { /// /// let mut b = MaybeUninit::::uninit(); /// unsafe { - /// *b.get_mut() = true; + /// *b.assume_init_mut() = true; /// // We have created a (mutable) reference to an uninitialized `bool`! /// // This is undefined behavior. ⚠️ /// } @@ -716,8 +716,8 @@ impl MaybeUninit { /// fn read_chunk (reader: &'_ mut dyn io::Read) -> io::Result<[u8; 64]> /// { /// let mut buffer = MaybeUninit::<[u8; 64]>::uninit(); - /// reader.read_exact(unsafe { buffer.get_mut() })?; - /// // ^^^^^^^^^^^^^^^^ + /// reader.read_exact(unsafe { buffer.assume_init_mut() })?; + /// // ^^^^^^^^^^^^^^^^^^^^^^^^ /// // (mutable) reference to uninitialized memory! /// // This is undefined behavior. /// Ok(unsafe { buffer.assume_init() }) @@ -737,23 +737,23 @@ impl MaybeUninit { /// /// let foo: Foo = unsafe { /// let mut foo = MaybeUninit::::uninit(); - /// ptr::write(&mut foo.get_mut().a as *mut u32, 1337); - /// // ^^^^^^^^^^^^^ + /// ptr::write(&mut foo.assume_init_mut().a as *mut u32, 1337); + /// // ^^^^^^^^^^^^^^^^^^^^^ /// // (mutable) reference to uninitialized memory! /// // This is undefined behavior. - /// ptr::write(&mut foo.get_mut().b as *mut u8, 42); - /// // ^^^^^^^^^^^^^ + /// ptr::write(&mut foo.assume_init_mut().b as *mut u8, 42); + /// // ^^^^^^^^^^^^^^^^^^^^^ /// // (mutable) reference to uninitialized memory! /// // This is undefined behavior. /// foo.assume_init() /// }; /// ``` - // FIXME(#53491): We currently rely on the above being incorrect, i.e., we have references + // FIXME(#76092): We currently rely on the above being incorrect, i.e., we have references // to uninitialized data (e.g., in `libcore/fmt/float.rs`). We should make // a final decision about the rules before stabilization. #[unstable(feature = "maybe_uninit_ref", issue = "63568")] #[inline(always)] - pub unsafe fn get_mut(&mut self) -> &mut T { + pub unsafe fn assume_init_mut(&mut self) -> &mut T { // SAFETY: the caller must guarantee that `self` is initialized. // This also means that `self` must be a `value` variant. unsafe { diff --git a/library/std/src/io/util.rs b/library/std/src/io/util.rs index bf289fe040edf..b3df6f49dc490 100644 --- a/library/std/src/io/util.rs +++ b/library/std/src/io/util.rs @@ -52,24 +52,24 @@ where W: Write, { let mut buf = MaybeUninit::<[u8; super::DEFAULT_BUF_SIZE]>::uninit(); - // FIXME(#53491): This is calling `get_mut` and `get_ref` on an uninitialized + // FIXME(#76092): This is calling `get_mut` and `get_ref` on an uninitialized // `MaybeUninit`. Revisit this once we decided whether that is valid or not. // This is still technically undefined behavior due to creating a reference // to uninitialized data, but within libstd we can rely on more guarantees // than if this code were in an external lib. unsafe { - reader.initializer().initialize(buf.get_mut()); + reader.initializer().initialize(buf.assume_init_mut()); } let mut written = 0; loop { - let len = match reader.read(unsafe { buf.get_mut() }) { + let len = match reader.read(unsafe { buf.assume_init_mut() }) { Ok(0) => return Ok(written), Ok(len) => len, Err(ref e) if e.kind() == ErrorKind::Interrupted => continue, Err(e) => return Err(e), }; - writer.write_all(unsafe { &buf.get_ref()[..len] })?; + writer.write_all(unsafe { &buf.assume_init_ref()[..len] })?; written += len as u64; } } diff --git a/library/std/src/lazy.rs b/library/std/src/lazy.rs index 1129f29e94941..845e9d76a772b 100644 --- a/library/std/src/lazy.rs +++ b/library/std/src/lazy.rs @@ -379,13 +379,13 @@ impl SyncOnceCell { /// Safety: The value must be initialized unsafe fn get_unchecked(&self) -> &T { debug_assert!(self.is_initialized()); - (&*self.value.get()).get_ref() + (&*self.value.get()).assume_init_ref() } /// Safety: The value must be initialized unsafe fn get_unchecked_mut(&mut self) -> &mut T { debug_assert!(self.is_initialized()); - (&mut *self.value.get()).get_mut() + (&mut *self.value.get()).assume_init_mut() } }