unsound core::mem::zeroed()

[Dirbaio]

https://github.com/sajattack/bitbang-hal/blob/6631f50b49c397cda277b8314a048c995adfe7f8/src/spi.rs#L120

This line is unsound. Creating an invalid timer is UB itself, even if the value is never used. The timer could contain types which the zero valued is invalid, such as &T or NonZeroU32.

See https://doc.rust-lang.org/reference/behavior-considered-undefined.html

• Producing an invalid value, even in private fields and locals. “Producing” a value happens any time a value is assigned to or read from a place, passed to a function/primitive operation or returned from a function/primitive operation.

Possible solutions:

• fn timer_mut(&mut self) -> &mut Timer, but then the caller can't reconstruct the timer.
• store a Option<Timer> in Self.

[sajattack]

Option<Timer> seems like a good choice.