We have a recommendation from the unsafe-wg (no rule yet), that
repr(C) for unions should work this way, so that we can cast from the
union type to one of its fields.
This is the "real" union solution, and ArrayString can use it since its
backing array is Copy. Unfortunately, we'll have to use the Copy bound
on the type, making it "viral" and visible in the user API.
Raw pointer taking should go through the MaybeUninit wrappers around the
arrays anyway, when it is partially uninitialized, which it often is.
The remaining .as_ptr() and .as_slice() methods on Array is only used
on a fully initialized array in ArrayString::from_byte_string
* '0.4' of https://github.com/bluss/arrayvec:
0.4.9
TEST: Add test that ensures the MaybeUninit impl is used on nightly
FIX: Remove use of uninitialized in ArrayString
FEAT: Implement a "MaybeUninit" and use it conditionally
TEST: Add test that Some(ArrayVec<[&_;_]>).is_some()
MAINT: Test the 0.4 branch in travis
We can't fix this properly (MaybeUninit with a union) until we change
the user visible API (we need to require that A: Copy.
As a temporary solution for arrayvec version 0.4.*, we use zeroed to
initialize an array of bytes, instead of using uninitialized. This may
have a negative performance impact, but the fix is to upgrade to future
arrayvec 0.5.
Use a build script to detect if we can use MaybeUninit or NoDrop.
Enabling unstable features automatically is not ideal, but since it's
a soundness issue we should do it.
Use a MaybeUninit-like union on nightly when we can. We use a feature
detection script in build.rs, so that we also go back to the fallback if
the unstable feature changes in an unexpected way.
We need to continue to use NoDrop for best working stable
implementation, but we eagerly use our union solution where we can,
currently only in nightlies.
Rustc feature probe code written by Josh Stone (cuviper),
taken from num-bigint.
Again, stacked borrows model makes the `self.set_len()` call illegal
because we are holding (and are going to use) another raw pointer
derived from self, `tail`.
The benchmark was optimized out totally. We think of that as a good
sign, the new extend became transparent to the compiler and we had to
get smarter in how to fool it.
This simplification -- borrowing self.len instead of self, leads to
an improvement in the extend_from_slice benchmark.
It's also guided by the discussion of stacked borrows; the old code
would be invalid, because the whole self is borrowed while ptr is derived from
self.
This way we cover all users up to 256 at least. The reason these are not
enabled by default is that they slow down the compilation of the crate
by a factor of 2-3x.
bluss