diff options
| -rw-r--r-- | library/core/src/intrinsics.rs | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/library/core/src/intrinsics.rs b/library/core/src/intrinsics.rs index 243fc7bfaa5..18b54c8ea3e 100644 --- a/library/core/src/intrinsics.rs +++ b/library/core/src/intrinsics.rs @@ -1901,11 +1901,21 @@ pub unsafe fn copy_nonoverlapping<T>(src: *const T, dst: *mut T, count: usize) { /// ``` /// use std::ptr; /// +/// /// # Safety: +/// /// * `ptr` must be correctly aligned for its type and non-zero. +/// /// * `ptr` must be valid for reads of `elts` contiguous objects of type `T`. +/// /// * Those elements must not be used after calling this function. /// # #[allow(dead_code)] /// unsafe fn from_buf_raw<T>(ptr: *const T, elts: usize) -> Vec<T> { /// let mut dst = Vec::with_capacity(elts); -/// dst.set_len(elts); +/// +/// // SAFETY: Our precondition ensures the source is aligned and valid, +/// // and `Vec::with_capacity` ensures that we have usable space to write them. /// ptr::copy(ptr, dst.as_mut_ptr(), elts); +/// +/// // SAFETY: We created it with this much capacity earlier, +/// // and the previous `copy` has initialized these elements. +/// dst.set_len(elts); /// dst /// } /// ``` |