Auto merge of rust-lang#76047 - Dylan-DPC:rename/maybe, r=RalfJung

rename get_{ref, mut} to assume_init_{ref,mut} in Maybeuninit

References rust-lang#63568

Rework with comments addressed from rust-lang#66174

Have replaced most of the occurrences I've found, hopefully didn't miss out anything

r? @RalfJung

(thanks @danielhenrymantilla for the initial work on this)

library/core/src/fmt/float.rs

@@ -14,11 +14,11 @@ fn float_to_decimal_common_exact<T>(
 where
  T: flt2dec::DecodableFloat,
 {
- // SAFETY: Possible undefined behavior, see FIXME(#53491)
+ // SAFETY: Possible undefined behavior, see FIXME(#76092)
  unsafe {
  let mut buf = MaybeUninit::<[u8; 1024]>::uninit(); // enough for f32 and f64
  let mut parts = MaybeUninit::<[flt2dec::Part<'_>; 4]>::uninit();
- // FIXME(#53491): This is calling `get_mut` on an uninitialized
+ // FIXME(#76092): This is calling `assume_init_mut` on an uninitialized
  // `MaybeUninit` (here and elsewhere in this file). Revisit this once
  // we decided whether that is valid or not.
  // We can do this only because we are libstd and coupled to the compiler.
@@ -28,8 +28,8 @@ where
  *num,
  sign,
  precision,
- buf.get_mut(),
- parts.get_mut(),
+ buf.assume_init_mut(),
+ parts.assume_init_mut(),
  );
  fmt.pad_formatted_parts(&formatted)
  }
@@ -47,19 +47,19 @@ fn float_to_decimal_common_shortest<T>(
 where
  T: flt2dec::DecodableFloat,
 {
- // SAFETY: Possible undefined behavior, see FIXME(#53491)
+ // SAFETY: Possible undefined behavior, see FIXME(#76092)
  unsafe {
  // enough for f32 and f64
  let mut buf = MaybeUninit::<[u8; flt2dec::MAX_SIG_DIGITS]>::uninit();
  let mut parts = MaybeUninit::<[flt2dec::Part<'_>; 4]>::uninit();
- // FIXME(#53491)
+ // FIXME(#76092)
  let formatted = flt2dec::to_shortest_str(
  flt2dec::strategy::grisu::format_shortest,
  *num,
  sign,
  precision,
- buf.get_mut(),
- parts.get_mut(),
+ buf.assume_init_mut(),
+ parts.assume_init_mut(),
  );
  fmt.pad_formatted_parts(&formatted)
  }
@@ -103,19 +103,19 @@ fn float_to_exponential_common_exact<T>(
 where
  T: flt2dec::DecodableFloat,
 {
- // SAFETY: Possible undefined behavior, see FIXME(#53491)
+ // SAFETY: Possible undefined behavior, see FIXME(#76092)
  unsafe {
  let mut buf = MaybeUninit::<[u8; 1024]>::uninit(); // enough for f32 and f64
  let mut parts = MaybeUninit::<[flt2dec::Part<'_>; 6]>::uninit();
- // FIXME(#53491)
+ // FIXME(#76092)
  let formatted = flt2dec::to_exact_exp_str(
  flt2dec::strategy::grisu::format_exact,
  *num,
  sign,
  precision,
  upper,
- buf.get_mut(),
- parts.get_mut(),
+ buf.assume_init_mut(),
+ parts.assume_init_mut(),
  );
  fmt.pad_formatted_parts(&formatted)
  }
@@ -133,20 +133,20 @@ fn float_to_exponential_common_shortest<T>(
 where
  T: flt2dec::DecodableFloat,
 {
- // SAFETY: Possible undefined behavior, see FIXME(#53491)
+ // SAFETY: Possible undefined behavior, see FIXME(#76092)
  unsafe {
  // enough for f32 and f64
  let mut buf = MaybeUninit::<[u8; flt2dec::MAX_SIG_DIGITS]>::uninit();
  let mut parts = MaybeUninit::<[flt2dec::Part<'_>; 6]>::uninit();
- // FIXME(#53491)
+ // FIXME(#76092)
  let formatted = flt2dec::to_shortest_exp_str(
  flt2dec::strategy::grisu::format_shortest,
  *num,
  sign,
  (0, 0),
  upper,
- buf.get_mut(),
- parts.get_mut(),
+ buf.assume_init_mut(),
+ parts.assume_init_mut(),
  );
  fmt.pad_formatted_parts(&formatted)
  }

library/core/src/mem/maybe_uninit.rs

@@ -369,7 +369,7 @@ impl<T> MaybeUninit<T> {
  pub fn write(&mut self, val: T) -> &mut T {
  unsafe {
  self.value = ManuallyDrop::new(val);
- self.get_mut()
+ self.assume_init_mut()
  }
  }
 
@@ -601,7 +601,7 @@ impl<T> MaybeUninit<T> {
  /// // create a shared reference to it:
  /// let x: &Vec<u32> = unsafe {
  /// // Safety: `x` has been initialized.
- /// x.get_ref()
+ /// x.assume_init_ref()
  /// };
  /// assert_eq!(x, &vec![1, 2, 3]);
  /// ```
@@ -613,7 +613,7 @@ impl<T> MaybeUninit<T> {
  /// use std::mem::MaybeUninit;
  ///
  /// let x = MaybeUninit::<Vec<u32>>::uninit();
- /// let x_vec: &Vec<u32> = unsafe { x.get_ref() };
+ /// let x_vec: &Vec<u32> = unsafe { x.assume_init_ref() };
  /// // We have created a reference to an uninitialized vector! This is undefined behavior. ⚠️
  /// ```
  ///
@@ -624,14 +624,14 @@ impl<T> MaybeUninit<T> {
  /// let b = MaybeUninit::<Cell<bool>>::uninit();
  /// // Initialize the `MaybeUninit` using `Cell::set`:
  /// unsafe {
- /// b.get_ref().set(true);
- /// // ^^^^^^^^^^^
- /// // Reference to an uninitialized `Cell<bool>`: UB!
+ /// b.assume_init_ref().set(true);
+ ///  // ^^^^^^^^^^^^^^^
+ ///  // Reference to an uninitialized `Cell<bool>`: UB!
  /// }
  /// ```
  #[unstable(feature = "maybe_uninit_ref", issue = "63568")]
  #[inline(always)]
- pub unsafe fn get_ref(&self) -> &T {
+ pub unsafe fn assume_init_ref(&self) -> &T {
  // SAFETY: the caller must guarantee that `self` is initialized.
  // This also means that `self` must be a `value` variant.
  unsafe {
@@ -650,7 +650,7 @@ impl<T> MaybeUninit<T> {
  ///
  /// Calling this when the content is not yet fully initialized causes undefined
  /// behavior: it is up to the caller to guarantee that the `MaybeUninit<T>` really
- /// is in an initialized state. For instance, `.get_mut()` cannot be used to
+ /// is in an initialized state. For instance, `.assume_init_mut()` cannot be used to
  /// initialize a `MaybeUninit`.
  ///
  /// # Examples
@@ -678,7 +678,7 @@ impl<T> MaybeUninit<T> {
  /// // the `&mut MaybeUninit<[u8; 2048]>` to a `&mut [u8; 2048]`:
  /// let buf: &mut [u8; 2048] = unsafe {
  /// // Safety: `buf` has been initialized.
- /// buf.get_mut()
+ /// buf.assume_init_mut()
  /// };
  ///
  /// // Now we can use `buf` as a normal slice:
@@ -691,15 +691,15 @@ impl<T> MaybeUninit<T> {
  ///
  /// ### *Incorrect* usages of this method:
  ///
- /// You cannot use `.get_mut()` to initialize a value:
+ /// You cannot use `.assume_init_mut()` to initialize a value:
  ///
  /// ```rust,no_run
  /// #![feature(maybe_uninit_ref)]
  /// use std::mem::MaybeUninit;
  ///
  /// let mut b = MaybeUninit::<bool>::uninit();
  /// unsafe {
- /// *b.get_mut() = true;
+ /// *b.assume_init_mut() = true;
  /// // We have created a (mutable) reference to an uninitialized `bool`!
  /// // This is undefined behavior. ⚠️
  /// }
@@ -716,8 +716,8 @@ impl<T> MaybeUninit<T> {
  /// fn read_chunk (reader: &'_ mut dyn io::Read) -> io::Result<[u8; 64]>
  /// {
  /// let mut buffer = MaybeUninit::<[u8; 64]>::uninit();
- /// reader.read_exact(unsafe { buffer.get_mut() })?;
- /// // ^^^^^^^^^^^^^^^^
+ /// reader.read_exact(unsafe { buffer.assume_init_mut() })?;
+ /// // ^^^^^^^^^^^^^^^^^^^^^^^^
  /// // (mutable) reference to uninitialized memory!
  /// // This is undefined behavior.
  /// Ok(unsafe { buffer.assume_init() })
@@ -737,23 +737,23 @@ impl<T> MaybeUninit<T> {
  ///
  /// let foo: Foo = unsafe {
  /// let mut foo = MaybeUninit::<Foo>::uninit();
- /// ptr::write(&mut foo.get_mut().a as *mut u32, 1337);
- /// // ^^^^^^^^^^^^^
+ /// ptr::write(&mut foo.assume_init_mut().a as *mut u32, 1337);
+ /// // ^^^^^^^^^^^^^^^^^^^^^
  /// // (mutable) reference to uninitialized memory!
  /// // This is undefined behavior.
- /// ptr::write(&mut foo.get_mut().b as *mut u8, 42);
- /// // ^^^^^^^^^^^^^
+ /// ptr::write(&mut foo.assume_init_mut().b as *mut u8, 42);
+ /// // ^^^^^^^^^^^^^^^^^^^^^
  /// // (mutable) reference to uninitialized memory!
  /// // This is undefined behavior.
  /// foo.assume_init()
  /// };
  /// ```
- // FIXME(#53491): We currently rely on the above being incorrect, i.e., we have references
+ // FIXME(#76092): We currently rely on the above being incorrect, i.e., we have references
  // to uninitialized data (e.g., in `libcore/fmt/float.rs`). We should make
  // a final decision about the rules before stabilization.
  #[unstable(feature = "maybe_uninit_ref", issue = "63568")]
  #[inline(always)]
- pub unsafe fn get_mut(&mut self) -> &mut T {
+ pub unsafe fn assume_init_mut(&mut self) -> &mut T {
  // SAFETY: the caller must guarantee that `self` is initialized.
  // This also means that `self` must be a `value` variant.
  unsafe {

library/std/src/io/util.rs

@@ -52,24 +52,24 @@ where
  W: Write,
 {
  let mut buf = MaybeUninit::<[u8; super::DEFAULT_BUF_SIZE]>::uninit();
- // FIXME(#53491): This is calling `get_mut` and `get_ref` on an uninitialized
+ // FIXME(#76092): This is calling `get_mut` and `get_ref` on an uninitialized
  // `MaybeUninit`. Revisit this once we decided whether that is valid or not.
  // This is still technically undefined behavior due to creating a reference
  // to uninitialized data, but within libstd we can rely on more guarantees
  // than if this code were in an external lib.
  unsafe {
- reader.initializer().initialize(buf.get_mut());
+ reader.initializer().initialize(buf.assume_init_mut());
  }
 
  let mut written = 0;
  loop {
- let len = match reader.read(unsafe { buf.get_mut() }) {
+ let len = match reader.read(unsafe { buf.assume_init_mut() }) {
  Ok(0) => return Ok(written),
  Ok(len) => len,
  Err(ref e) if e.kind() == ErrorKind::Interrupted => continue,
  Err(e) => return Err(e),
  };
- writer.write_all(unsafe { &buf.get_ref()[..len] })?;
+ writer.write_all(unsafe { &buf.assume_init_ref()[..len] })?;
  written += len as u64;
  }
 }

library/std/src/lazy.rs

@@ -379,13 +379,13 @@ impl<T> SyncOnceCell<T> {
  /// Safety: The value must be initialized
  unsafe fn get_unchecked(&self) -> &T {
  debug_assert!(self.is_initialized());
- (&*self.value.get()).get_ref()
+ (&*self.value.get()).assume_init_ref()
  }
 
  /// Safety: The value must be initialized
  unsafe fn get_unchecked_mut(&mut self) -> &mut T {
  debug_assert!(self.is_initialized());
- (&mut *self.value.get()).get_mut()
+ (&mut *self.value.get()).assume_init_mut()
  }
 }