Commit 6a21874
committed
Auto merge of #28538 - alevy:make_fixedsizearray_unsafe, r=alexcrichton
[breaking-change]
`FixedSizeArray` is meant to be implemented for arrays of fixed size only, but can be implemented for anything at the moment. Marking the trait unsafe would make it more reasonable to write unsafe code which operates on fixed size arrays of any size.
For example, using `uninitialized` to create a fixed size array and immediately filling it with a fixed value is externally safe:
```
pub fn init_with_nones<T, A: FixedSizeArray<Option<T>>>() -> A {
let mut res = unsafe { mem::uninitialized() };
for elm in res.as_mut_slice().iter_mut() {
*elm = None;
}
res
}
```
But the same code is not safe if `FixedSizeArray` is implemented for other types:
```
struct Foo { foo: usize }
impl FixedSizeArray<Option<usize>> for Foo {
fn as_slice(&self) -> &[usize] { &[] }
fn as_mut_slice(&self) -> &mut [usize] { &mut [] }
}
```
now `init_with_nones() : Foo` returns a `Foo` with an undefined value for the field `foo`.1 file changed
+11
-2
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
35 | 35 | | |
36 | 36 | | |
37 | 37 | | |
38 | | - | |
| 38 | + | |
| 39 | + | |
| 40 | + | |
| 41 | + | |
| 42 | + | |
| 43 | + | |
| 44 | + | |
| 45 | + | |
| 46 | + | |
| 47 | + | |
39 | 48 | | |
40 | 49 | | |
41 | 50 | | |
42 | 51 | | |
43 | 52 | | |
44 | 53 | | |
45 | | - | |
| 54 | + | |
46 | 55 | | |
47 | 56 | | |
48 | 57 | | |
| |||
0 commit comments