diff options
| author | Matthew Jasper <mjjasper1@gmail.com> | 2020-09-25 19:46:06 +0100 |
|---|---|---|
| committer | Matthew Jasper <mjjasper1@gmail.com> | 2020-09-25 19:46:06 +0100 |
| commit | 323a27967abe75da79e44132e449fb36cefd240b (patch) | |
| tree | 93a5b4e7ae6458b8b0f066f9239ff6e06789af62 | |
| parent | 5b9e8864032a3bfefa6f69c33fd99e0383a414af (diff) | |
| download | rust-323a27967abe75da79e44132e449fb36cefd240b.tar.gz rust-323a27967abe75da79e44132e449fb36cefd240b.zip | |
Improve <vec::IntoIter>::get_unchecked` safety comment
| -rw-r--r-- | library/alloc/src/vec.rs | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/library/alloc/src/vec.rs b/library/alloc/src/vec.rs index c54b3aef95e..e973c3287ed 100644 --- a/library/alloc/src/vec.rs +++ b/library/alloc/src/vec.rs @@ -2985,8 +2985,14 @@ impl<T> Iterator for IntoIter<T> { where Self: TrustedRandomAccess, { - // SAFETY: the caller must uphold the contract for - // `Iterator::get_unchecked`. + // SAFETY: the caller must guarantee that `i` is in bounds of the + // `Vec<T>`, so `i` cannot overflow an `isize`, and the `self.ptr.add(i)` + // is guaranteed to pointer to an element of the `Vec<T>` and + // thus guaranteed to be valid to dereference. + // + // Also note the implementation of `Self: TrustedRandomAccess` requires + // that `T: Copy` so reading elements from the buffer doesn't invalidate + // them for `Drop`. unsafe { if mem::size_of::<T>() == 0 { mem::zeroed() } else { ptr::read(self.ptr.add(i)) } } |