about summary refs log tree commit diff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--library/std/src/io/buffered/bufwriter.rs16
1 files changed, 10 insertions, 6 deletions
diff --git a/library/std/src/io/buffered/bufwriter.rs b/library/std/src/io/buffered/bufwriter.rs
index 5c5f4467ef9..ef2769d431f 100644
--- a/library/std/src/io/buffered/bufwriter.rs
+++ b/library/std/src/io/buffered/bufwriter.rs
@@ -366,9 +366,11 @@ impl<W: Write> BufWriter<W> {
             // exactly. Doing otherwise would mean flushing the buffer, then writing this
             // input to the inner writer, which in many cases would be a worse strategy.
 
-            // SAFETY: We just called `self.flush_buf()`, so `self.buf.len()` is 0, and
-            // we entered this else block because `buf.len() < self.buf.capacity()`.
-            // Therefore, `buf.len() <= self.buf.capacity() - self.buf.len()`.
+            // SAFETY: There was either enough spare capacity already, or there wasn't and we
+            // flushed the buffer to ensure that there is. In the latter case, we know that there
+            // is because flushing ensured that our entire buffer is spare capacity, and we entered
+            // this block because the input buffer length is less than that capacity. In either
+            // case, it's safe to write the input buffer to our buffer.
             unsafe {
                 self.write_to_buffer_unchecked(buf);
             }
@@ -406,9 +408,11 @@ impl<W: Write> BufWriter<W> {
             // exactly. Doing otherwise would mean flushing the buffer, then writing this
             // input to the inner writer, which in many cases would be a worse strategy.
 
-            // SAFETY: We just called `self.flush_buf()`, so `self.buf.len()` is 0, and
-            // we entered this else block because `buf.len() < self.buf.capacity()`.
-            // Therefore, `buf.len() <= self.buf.capacity() - self.buf.len()`.
+            // SAFETY: There was either enough spare capacity already, or there wasn't and we
+            // flushed the buffer to ensure that there is. In the latter case, we know that there
+            // is because flushing ensured that our entire buffer is spare capacity, and we entered
+            // this block because the input buffer length is less than that capacity. In either
+            // case, it's safe to write the input buffer to our buffer.
             unsafe {
                 self.write_to_buffer_unchecked(buf);
             }
generated by cgit-pink 1.4.1-3-g733a5 (git 2.37.1) at 2026-05-03 22:32:58 +0000