rust: num: bounded: clean __new documentation and comments

Following commit 3a1ec424dd ("rust: num: bounded: mark __new as unsafe"), remove the redundant paragraph in the documentation of __new now that the Safety section explicitly covers the requirement. Additionally, add an INVARIANT comment inside the function body where the Bounded instance is actually constructed to document that the type invariant is upheld. Suggested-by: Miguel Ojeda <ojeda@kernel.org> Link: https://lore.kernel.org/rust-for-linux/CANiq72mUCUh72BWP4eD1PTDpwdb1ML+Xgfom-Ys6thJooqQPwQ@mail.gmail.com/ Signed-off-by: Shivam Kalra <shivamklr@cock.li> Acked-by: Alexandre Courbot <acourbot@nvidia.com> Link: https://patch.msgid.link/20260123132132.53854-1-shivamklr@cock.li [ Reworded slightly. - Miguel ] Signed-off-by: Miguel Ojeda <ojeda@kernel.org>
2026-03-08 01:04:41 +01:00 · 2026-01-23 18:51:13 +05:30 · 2026-01-23 18:51:13 +05:30 · 5016cae970
commit 5016cae970
parent e440bc5c19
1 changed files with 1 additions and 3 deletions
--- a/rust/kernel/num/bounded.rs
+++ b/rust/kernel/num/bounded.rs
@ -282,9 +282,6 @@ where
    /// All instances of [`Bounded`] must be created through this method as it enforces most of the
    /// type invariants.
    ///
-    /// The caller remains responsible for checking, either statically or dynamically, that `value`
-    /// can be represented as a `T` using at most `N` bits.
-    ///
    /// # Safety
    ///
    /// The caller must ensure that `value` can be represented within `N` bits.
@ -297,6 +294,7 @@ where
            assert!(N <= T::BITS);
        }

+        // INVARIANT: The caller ensures `value` fits within `N` bits.
        Self(value)
    }