| @@ -3,8 +3,8 @@ |
|
|
| 3 |
3 |
//! suggestions from rustc if you get anything slightly wrong in here, and overall |
| 4 |
4 |
//! helps with clarity as we're also referring to `char` intentionally in here. |
| 5 |
5 |
|
| 6 |
|
-use crate::fmt; |
| 7 |
6 |
use crate::mem::transmute; |
|
7 |
+use crate::{assert_unsafe_precondition, fmt}; |
| 8 |
8 |
|
| 9 |
9 |
/// One of the 128 Unicode characters from U+0000 through U+007F, |
| 10 |
10 |
/// often known as the [ASCII] subset. |
| @@ -497,14 +497,18 @@ impl AsciiChar { |
|
|
| 497 |
497 |
/// Notably, it should not be expected to return hex digits, or any other |
| 498 |
498 |
/// reasonable extension of the decimal digits. |
| 499 |
499 |
/// |
| 500 |
|
- /// (This lose safety condition is intended to simplify soundness proofs |
|
500 |
+ /// (This loose safety condition is intended to simplify soundness proofs |
| 501 |
501 |
/// when writing code using this method, since the implementation doesn't |
| 502 |
502 |
/// need something really specific, not to make those other arguments do |
| 503 |
503 |
/// something useful. It might be tightened before stabilization.) |
| 504 |
504 |
#[unstable(feature = "ascii_char", issue = "110998")] |
| 505 |
505 |
#[inline] |
| 506 |
506 |
pub const unsafe fn digit_unchecked(d: u8) -> Self { |
| 507 |
|
-debug_assert!(d < 10); |
|
507 |
+assert_unsafe_precondition!( |
|
508 |
+ check_language_ub, |
|
509 |
+"`AsciiChar::digit_unchecked` input cannot exceed 9.", |
|
510 |
+(d: u8 = d) => d < 10 |
|
511 |
+); |
| 508 |
512 |
|
| 509 |
513 |
// SAFETY: `'0'` through `'9'` are U+00030 through U+0039, |
| 510 |
514 |
// so because `d` must be 64 or less the addition can return at most |