What Is the Unsafe Contract and How to Document It

The unsafe keyword in Rust allows you to opt out of the compiler's memory safety guarantees to perform low-level operations like dereferencing raw pointers or calling unsafe functions. You document this by wrapping the risky code in an unsafe block and adding a comment explaining why the specific operation is safe in that context.

/// # Safety
/// This is safe because `ptr` is guaranteed to be valid and initialized.
unsafe fn read_raw_pointer(ptr: *const i32) -> i32 {
    *ptr
}

Unsafe Rust is like turning off the safety rails on a train to go faster or access restricted areas. You use it only when you absolutely need to interact with hardware or other languages directly, and you must promise the compiler you know what you are doing. Think of it as a manual override that requires you to sign a waiver before using it.