From 9beb753473482c7f4e8b809aefdcf3300d525267 Mon Sep 17 00:00:00 2001
From: Ralf Jung <post@ralfj.de>
Date: Sat, 16 Nov 2019 09:47:40 +0100
Subject: [PATCH] fix aliasing in drain_range

---
 src/lib.rs | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/src/lib.rs b/src/lib.rs
index 0fea03f..546cf5a 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -600,12 +600,15 @@ impl<A: Array> ArrayVec<A> {
     fn drain_range(&mut self, start: usize, end: usize) -> Drain<A>
     {
         let len = self.len();
-        // bounds check happens here
+
+        // bounds check happens here (before length is changed!)
         let range_slice: *const _ = &self[start..end];
 
+        // Calling `set_len` creates a fresh and thus unique mutable references, making all
+        // older aliases we created invalid. So we cannot call that function.
+        self.len = Index::from(start);
+
         unsafe {
-            // set self.vec length's to start, to be safe in case Drain is leaked
-            self.set_len(start);
             Drain {
                 tail_start: end,
                 tail_len: len - end,