unsafe-using PR to
at first glance it seems ok
I think this is technically UB, since it can create a slice of uninitialized memory.
IIUC, you want https://github.com/rust-lang/rust/pull/68234 which was stabalized yesterday :-)
It does, but then it immediately uses it for
ptr::write_volatile. perhaps there's no need to ever go to a slice to begin with
One possible course to avoid all that manual multiplication and the unsoundness would be to create a
[MaybeUninit<T>] slice instead, is
And if not, it probably should be.
MaybeUninit<Z>: Zeroize where Z: Zeroize
or more like
MaybeUninit<Z>: Zeroize where Z: DefaultIsZeroes
MaybeUninit<Z>: Zeroize without any conditions.
MaybeUninit::zeroed() is stable as well.
But of course the bound would be sufficient for this case, you can always relax it later if you feel more comfortable with that course.
I guess that's an option
PR updated to work entirely in terms of
I think it looks okay now but...
I wonder if there's a safer way to implement it...
aaaand I think we just got further in the weeds :weary:
I'm failing to see what's "UB" about writing zeros to what is otherwise properly allocated but otherwise uninitialized memory
and then never reading from it until it's initialized
It seems like the argument is: given bugs in the Vec API, and hypothetical changes to the Rust compiler, some ill-defined problem could occur
aah I get it now, it would unsafely expose
mem::zeroed to safe Rust via the type parameter