Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

rename get_{ref, mut} to assume_init_{ref,mut} in Maybeuninit #76047

Merged
merged 5 commits into from
Sep 1, 2020
Merged

rename get_{ref, mut} to assume_init_{ref,mut} in Maybeuninit #76047

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
5e208ef
rename get_{ref, mut} to assume_init_{ref,mut} in Maybeuninit
Dylan-DPC Aug 29, 2020
ea800d5
fix tests
Dylan-DPC Aug 29, 2020
b3d7b7b
update fixmes
Dylan-DPC Aug 30, 2020
6d35f84
fix
Dylan-DPC Aug 31, 2020
943911c
the one left behind
Dylan-DPC Aug 31, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
32 changes: 16 additions & 16 deletions library/core/src/fmt/float.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,11 +14,11 @@ fn float_to_decimal_common_exact<T>(
where
T: flt2dec::DecodableFloat,
{
// SAFETY: Possible undefined behavior, see FIXME(#53491)
// SAFETY: Possible undefined behavior, see FIXME(#76092)
unsafe {
let mut buf = MaybeUninit::<[u8; 1024]>::uninit(); // enough for f32 and f64
let mut parts = MaybeUninit::<[flt2dec::Part<'_>; 4]>::uninit();
// FIXME(#53491): This is calling `get_mut` on an uninitialized
// FIXME(#76092): This is calling `assume_init_mut` on an uninitialized
// `MaybeUninit` (here and elsewhere in this file). Revisit this once
// we decided whether that is valid or not.
// We can do this only because we are libstd and coupled to the compiler.
Expand All @@ -28,8 +28,8 @@ where
*num,
sign,
precision,
buf.get_mut(),
parts.get_mut(),
buf.assume_init_mut(),
parts.assume_init_mut(),
RalfJung marked this conversation as resolved.
Show resolved Hide resolved
);
fmt.pad_formatted_parts(&formatted)
}
Expand All @@ -47,19 +47,19 @@ fn float_to_decimal_common_shortest<T>(
where
T: flt2dec::DecodableFloat,
{
// SAFETY: Possible undefined behavior, see FIXME(#53491)
// SAFETY: Possible undefined behavior, see FIXME(#76092)
unsafe {
// enough for f32 and f64
let mut buf = MaybeUninit::<[u8; flt2dec::MAX_SIG_DIGITS]>::uninit();
let mut parts = MaybeUninit::<[flt2dec::Part<'_>; 4]>::uninit();
// FIXME(#53491)
// FIXME(#76092)
Dylan-DPC-zz marked this conversation as resolved.
Show resolved Hide resolved
let formatted = flt2dec::to_shortest_str(
flt2dec::strategy::grisu::format_shortest,
*num,
sign,
precision,
buf.get_mut(),
parts.get_mut(),
buf.assume_init_mut(),
parts.assume_init_mut(),
);
fmt.pad_formatted_parts(&formatted)
}
Expand Down Expand Up @@ -103,19 +103,19 @@ fn float_to_exponential_common_exact<T>(
where
T: flt2dec::DecodableFloat,
{
// SAFETY: Possible undefined behavior, see FIXME(#53491)
// SAFETY: Possible undefined behavior, see FIXME(#76092)
unsafe {
let mut buf = MaybeUninit::<[u8; 1024]>::uninit(); // enough for f32 and f64
let mut parts = MaybeUninit::<[flt2dec::Part<'_>; 6]>::uninit();
// FIXME(#53491)
// FIXME(#76092)
let formatted = flt2dec::to_exact_exp_str(
flt2dec::strategy::grisu::format_exact,
*num,
sign,
precision,
upper,
buf.get_mut(),
parts.get_mut(),
buf.assume_init_mut(),
parts.assume_init_mut(),
);
fmt.pad_formatted_parts(&formatted)
}
Expand All @@ -133,20 +133,20 @@ fn float_to_exponential_common_shortest<T>(
where
T: flt2dec::DecodableFloat,
{
// SAFETY: Possible undefined behavior, see FIXME(#53491)
// SAFETY: Possible undefined behavior, see FIXME(#76092)
unsafe {
// enough for f32 and f64
let mut buf = MaybeUninit::<[u8; flt2dec::MAX_SIG_DIGITS]>::uninit();
let mut parts = MaybeUninit::<[flt2dec::Part<'_>; 6]>::uninit();
// FIXME(#53491)
// FIXME(#76092)
let formatted = flt2dec::to_shortest_exp_str(
flt2dec::strategy::grisu::format_shortest,
*num,
sign,
(0, 0),
upper,
buf.get_mut(),
parts.get_mut(),
buf.assume_init_mut(),
parts.assume_init_mut(),
);
fmt.pad_formatted_parts(&formatted)
}
Expand Down
38 changes: 19 additions & 19 deletions library/core/src/mem/maybe_uninit.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -369,7 +369,7 @@ impl<T> MaybeUninit<T> {
pub fn write(&mut self, val: T) -> &mut T {
unsafe {
self.value = ManuallyDrop::new(val);
self.get_mut()
self.assume_init_mut()
}
}

Expand Down Expand Up @@ -601,7 +601,7 @@ impl<T> MaybeUninit<T> {
/// // create a shared reference to it:
/// let x: &Vec<u32> = unsafe {
/// // Safety: `x` has been initialized.
/// x.get_ref()
/// x.assume_init_ref()
/// };
/// assert_eq!(x, &vec![1, 2, 3]);
/// ```
Expand All @@ -613,7 +613,7 @@ impl<T> MaybeUninit<T> {
/// use std::mem::MaybeUninit;
///
/// let x = MaybeUninit::<Vec<u32>>::uninit();
/// let x_vec: &Vec<u32> = unsafe { x.get_ref() };
/// let x_vec: &Vec<u32> = unsafe { x.assume_init_ref() };
/// // We have created a reference to an uninitialized vector! This is undefined behavior. ⚠️
/// ```
///
Expand All @@ -624,14 +624,14 @@ impl<T> MaybeUninit<T> {
/// let b = MaybeUninit::<Cell<bool>>::uninit();
/// // Initialize the `MaybeUninit` using `Cell::set`:
/// unsafe {
/// b.get_ref().set(true);
/// // ^^^^^^^^^^^
/// // Reference to an uninitialized `Cell<bool>`: UB!
/// b.assume_init_ref().set(true);
/// // ^^^^^^^^^^^^^^^
/// // Reference to an uninitialized `Cell<bool>`: UB!
/// }
/// ```
#[unstable(feature = "maybe_uninit_ref", issue = "63568")]
#[inline(always)]
pub unsafe fn get_ref(&self) -> &T {
pub unsafe fn assume_init_ref(&self) -> &T {
// SAFETY: the caller must guarantee that `self` is initialized.
// This also means that `self` must be a `value` variant.
unsafe {
Expand All @@ -650,7 +650,7 @@ impl<T> MaybeUninit<T> {
///
/// Calling this when the content is not yet fully initialized causes undefined
/// behavior: it is up to the caller to guarantee that the `MaybeUninit<T>` really
/// is in an initialized state. For instance, `.get_mut()` cannot be used to
/// is in an initialized state. For instance, `.assume_init_mut()` cannot be used to
/// initialize a `MaybeUninit`.
///
/// # Examples
Expand Down Expand Up @@ -678,7 +678,7 @@ impl<T> MaybeUninit<T> {
/// // the `&mut MaybeUninit<[u8; 2048]>` to a `&mut [u8; 2048]`:
/// let buf: &mut [u8; 2048] = unsafe {
/// // Safety: `buf` has been initialized.
/// buf.get_mut()
/// buf.assume_init_mut()
/// };
///
/// // Now we can use `buf` as a normal slice:
Expand All @@ -691,15 +691,15 @@ impl<T> MaybeUninit<T> {
///
/// ### *Incorrect* usages of this method:
///
/// You cannot use `.get_mut()` to initialize a value:
/// You cannot use `.assume_init_mut()` to initialize a value:
///
/// ```rust,no_run
/// #![feature(maybe_uninit_ref)]
/// use std::mem::MaybeUninit;
///
/// let mut b = MaybeUninit::<bool>::uninit();
/// unsafe {
/// *b.get_mut() = true;
/// *b.assume_init_mut() = true;
/// // We have created a (mutable) reference to an uninitialized `bool`!
/// // This is undefined behavior. ⚠️
/// }
Expand All @@ -716,8 +716,8 @@ impl<T> MaybeUninit<T> {
/// fn read_chunk (reader: &'_ mut dyn io::Read) -> io::Result<[u8; 64]>
/// {
/// let mut buffer = MaybeUninit::<[u8; 64]>::uninit();
/// reader.read_exact(unsafe { buffer.get_mut() })?;
/// // ^^^^^^^^^^^^^^^^
/// reader.read_exact(unsafe { buffer.assume_init_mut() })?;
/// // ^^^^^^^^^^^^^^^^^^^^^^^^
/// // (mutable) reference to uninitialized memory!
/// // This is undefined behavior.
/// Ok(unsafe { buffer.assume_init() })
Expand All @@ -737,23 +737,23 @@ impl<T> MaybeUninit<T> {
///
/// let foo: Foo = unsafe {
/// let mut foo = MaybeUninit::<Foo>::uninit();
/// ptr::write(&mut foo.get_mut().a as *mut u32, 1337);
/// // ^^^^^^^^^^^^^
/// ptr::write(&mut foo.assume_init_mut().a as *mut u32, 1337);
/// // ^^^^^^^^^^^^^^^^^^^^^
/// // (mutable) reference to uninitialized memory!
/// // This is undefined behavior.
/// ptr::write(&mut foo.get_mut().b as *mut u8, 42);
/// // ^^^^^^^^^^^^^
/// ptr::write(&mut foo.assume_init_mut().b as *mut u8, 42);
/// // ^^^^^^^^^^^^^^^^^^^^^
/// // (mutable) reference to uninitialized memory!
/// // This is undefined behavior.
/// foo.assume_init()
/// };
/// ```
// FIXME(#53491): We currently rely on the above being incorrect, i.e., we have references
// FIXME(#76092): We currently rely on the above being incorrect, i.e., we have references
// to uninitialized data (e.g., in `libcore/fmt/float.rs`). We should make
// a final decision about the rules before stabilization.
#[unstable(feature = "maybe_uninit_ref", issue = "63568")]
#[inline(always)]
pub unsafe fn get_mut(&mut self) -> &mut T {
pub unsafe fn assume_init_mut(&mut self) -> &mut T {
// SAFETY: the caller must guarantee that `self` is initialized.
// This also means that `self` must be a `value` variant.
unsafe {
Expand Down
8 changes: 4 additions & 4 deletions library/std/src/io/util.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,24 +49,24 @@ where
W: Write,
{
let mut buf = MaybeUninit::<[u8; super::DEFAULT_BUF_SIZE]>::uninit();
// FIXME(#53491): This is calling `get_mut` and `get_ref` on an uninitialized
// FIXME(#76092): This is calling `get_mut` and `get_ref` on an uninitialized
// `MaybeUninit`. Revisit this once we decided whether that is valid or not.
// This is still technically undefined behavior due to creating a reference
// to uninitialized data, but within libstd we can rely on more guarantees
// than if this code were in an external lib.
unsafe {
reader.initializer().initialize(buf.get_mut());
reader.initializer().initialize(buf.assume_init_mut());
RalfJung marked this conversation as resolved.
Show resolved Hide resolved
}

let mut written = 0;
loop {
let len = match reader.read(unsafe { buf.get_mut() }) {
let len = match reader.read(unsafe { buf.assume_init_mut() }) {
Ok(0) => return Ok(written),
Ok(len) => len,
Err(ref e) if e.kind() == ErrorKind::Interrupted => continue,
Err(e) => return Err(e),
};
writer.write_all(unsafe { &buf.get_ref()[..len] })?;
writer.write_all(unsafe { &buf.assume_init_ref()[..len] })?;
written += len as u64;
}
}
Expand Down
4 changes: 2 additions & 2 deletions library/std/src/lazy.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -376,13 +376,13 @@ impl<T> SyncOnceCell<T> {
/// Safety: The value must be initialized
unsafe fn get_unchecked(&self) -> &T {
debug_assert!(self.is_initialized());
(&*self.value.get()).get_ref()
(&*self.value.get()).assume_init_ref()
}

/// Safety: The value must be initialized
unsafe fn get_unchecked_mut(&mut self) -> &mut T {
debug_assert!(self.is_initialized());
(&mut *self.value.get()).get_mut()
(&mut *self.value.get()).assume_init_mut()
}
}

Expand Down