add comments explaining our uses of get_ref/get_mut for MaybeUninit

RalfJung · RalfJung · commit a4f12344c685 · 2018-11-27T16:12:08.000+01:00
diff --git a/src/libcore/fmt/float.rs b/src/libcore/fmt/float.rs
@@ -22,6 +22,9 @@ fn float_to_decimal_common_exact<T>(fmt: &mut Formatter, num: &T,
     unsafe {
         let mut buf = MaybeUninit::<[u8; 1024]>::uninitialized(); // enough for f32 and f64
         let mut parts = MaybeUninit::<[flt2dec::Part; 4]>::uninitialized();
+        // FIXME: Technically, this is calling `get_mut` on an uninitialized
+        // `MaybeUninit` (here and elsewhere in this file).  Revisit this once
+        // we decided whether that is valid or not.
         let formatted = flt2dec::to_exact_fixed_str(flt2dec::strategy::grisu::format_exact,
                                                     *num, sign, precision,
                                                     false, buf.get_mut(), parts.get_mut());
diff --git a/src/libcore/mem.rs b/src/libcore/mem.rs
@@ -1106,6 +1106,9 @@ impl<T> MaybeUninit<T> {
     ///
     /// It is up to the caller to guarantee that the `MaybeUninit` really is in an initialized
     /// state, otherwise this will immediately cause undefined behavior.
+    // FIXME: We currently rely on the above being incorrect, i.e., we have references
+    // to uninitialized data (e.g. in `libstd/sys/windows/mutex.rs`).  We should make
+    // a final decision about the rules before stabilization.
     #[unstable(feature = "maybe_uninit", issue = "53491")]
     #[inline(always)]
     pub unsafe fn get_ref(&self) -> &T {
@@ -1118,6 +1121,9 @@ impl<T> MaybeUninit<T> {
     ///
     /// It is up to the caller to guarantee that the `MaybeUninit` really is in an initialized
     /// state, otherwise this will immediately cause undefined behavior.
+    // FIXME: We currently rely on the above being incorrect, i.e., we have references
+    // to uninitialized data (e.g. in `libcore/fmt/float.rs`).  We should make
+    // a final decision about the rules before stabilization.
     #[unstable(feature = "maybe_uninit", issue = "53491")]
     #[inline(always)]
     pub unsafe fn get_mut(&mut self) -> &mut T {
diff --git a/src/libstd/sys/windows/mutex.rs b/src/libstd/sys/windows/mutex.rs
@@ -168,6 +168,9 @@ impl ReentrantMutex {
     }
 
     pub unsafe fn init(&mut self) {
+        // FIXME: Technically, this is calling `get_ref` on an uninitialized
+        // `MaybeUninit`.  Revisit this once we decided whether that is valid
+        // or not.
         c::InitializeCriticalSection(self.inner.get_ref().get());
     }
 

Original file line number	Diff line number	Diff line change
`@@ -168,6 +168,9 @@ impl ReentrantMutex {`
`168`	`168`	`}`
`169`	`169`
`170`	`170`	`pub unsafe fn init(&mut self) {`
	`171`	+ // FIXME: Technically, this is calling `get_ref` on an uninitialized
	`172`	+ // `MaybeUninit`. Revisit this once we decided whether that is valid
	`173`	`+ // or not.`
`171`	`174`	`c::InitializeCriticalSection(self.inner.get_ref().get());`
`172`	`175`	`}`
`173`	`176`