add safety sections for three functions in mem

Author: hxuhack

library/core/src/mem/mod.rs

@@ -666,6 +666,10 @@ pub const fn needs_drop<T: ?Sized>() -> bool {
 /// This means that, for example, the padding byte in `(u8, u16)` is not
 /// necessarily zeroed.
 ///
+/// # Safety
+///
+/// The all-zero byte-pattern must represent a valid value of some type `T`.
+///
 /// There is no guarantee that an all-zero byte-pattern represents a valid value
 /// of some type `T`. For example, the all-zero byte-pattern is not a valid value
 /// for reference types (`&T`, `&mut T`) and function pointers. Using `zeroed`
@@ -717,6 +721,10 @@ pub const unsafe fn zeroed<T>() -> T {
 /// Bypasses Rust's normal memory-initialization checks by pretending to
 /// produce a value of type `T`, while doing nothing at all.
 ///
+/// # Safety
+///
+/// Do not use; reserved for legacy code only.
+///
 /// **This function is deprecated.** Use [`MaybeUninit<T>`] instead.
 /// It also might be slower than using `MaybeUninit<T>` due to mitigations that were put in place to
 /// limit the potential harm caused by incorrect use of this function in legacy code.
@@ -1027,6 +1035,14 @@ pub const fn copy<T: Copy>(x: &T) -> T {
 /// Interprets `src` as having type `&Dst`, and then reads `src` without moving
 /// the contained value.
 ///
+/// # Safety
+///
+/// * [`size_of::<Src>`][size_of] must be greater than or equal to [`size_of::<Dst>`][size_of].
+/// * The first [`size_of::<Dst>`][size_of] bytes of memory pointed to by `src` must represent
+///   a valid value of type `Dst`.
+/// * Users must ensure that creating the returned value does not violate Rust's aliasing rules.
+///
+///
 /// This function will unsafely assume the pointer `src` is valid for [`size_of::<Dst>`][size_of]
 /// bytes by transmuting `&Src` to `&Dst` and then reading the `&Dst` (except that this is done
 /// in a way that is correct even when `&Dst` has stricter alignment requirements than `&Src`).