DOC: Promise debug assertions for unsafe methods

Instead of being vague about it, we can promise it. We continue to be a bit vague in ArrayString::set_len. I don't see how to add a char boundary check in ArrayString::set_len unfortunately. It's a tricky issue, checking char boundaries requires reading the memory of the string, and we don't even know if the user of set_len has initialized that area of memory yet (but they hopefully did).
2017-10-26 19:15:11 +02:00
parent f8a19cddd8
commit 895d450366
2 changed files with 8 additions and 7 deletions
@@ -226,7 +226,7 @@ impl<A: Array> ArrayVec<A> {
    /// It is up to the caller to ensure the capacity of the vector is
    /// sufficiently large.
    ///
-    /// This method *may* use debug assertions to check that the arrayvec is not full.
+    /// This method uses *debug assertions* to check that the arrayvec is not full.
    ///
    /// ```
    /// use arrayvec::ArrayVec;
@@ -502,11 +502,11 @@ impl<A: Array> ArrayVec<A> {

    /// Set the vector's length without dropping or moving out elements
    ///
-    /// May use debug assertions to check that `length` is not greater than the
-    /// capacity.
-    ///
-    /// This function is `unsafe` because it changes the notion of the
+    /// This method is `unsafe` because it changes the notion of the
    /// number of “valid” elements in the vector. Use with care.
+    ///
+    /// This method uses *debug assertions* to check that check that `length` is
+    /// not greater than the capacity.
    #[inline]
    pub unsafe fn set_len(&mut self, length: usize) {
        debug_assert!(length <= self.capacity());