UB dropping slice_deque::IntoIter containing dangling items

Inside this Drop impl:

Lines 2454 to 2458 in 045fb28

    
           unsafe impl<#[may_dangle] T> Drop for IntoIter<T> { 
        
               #[inline] 
        
               fn drop(&mut self) { 
        
                   // destroy the remaining elements 
        
                   for _x in self.by_ref() {}

those _x are of type T, based on:

slice_deque/src/lib.rs

Lines 2363 to 2364 in 045fb28

    
           impl<T> Iterator for IntoIter<T> { 
        
               type Item = T;

However T is may_dangle, so it's UB to touch/pass/return an object of that type by value. Check out rust-lang/unsafe-code-guidelines#283.

Here is an example of code that triggers the problem. We have a SliceDeque<&usize> and drop its IntoIter, which ends up with _x: &'dangling usize inside of that Drop impl.

use slice_deque::SliceDeque;

fn main() {
    let _iter;
    let x = Box::new(0usize);
    let mut deque = SliceDeque::new();
    deque.push_back(&*x);
    _iter = deque.into_iter();

    // x is dropped
    // then _iter is dropped
}

	unsafe impl<#[may_dangle] T> Drop for IntoIter<T> {
	#[inline]
	fn drop(&mut self) {
	// destroy the remaining elements
	for _x in self.by_ref() {}