RS.CLIPPY.UNDOCUMENTED_UNSAFE_BLOCKS
Creating an unsafe block without explaining why it is safe
This checker is a Clippy lint created by The Rust Project Contributors. The documentation shown here is a copy of the original documentation for: undocumented_unsafe_blocks. Copyright ©2025 The Rust Team. All rights reserved.
What it does
Checks for unsafe blocks and impls without a // SAFETY: comment
explaining why the unsafe operations performed inside
the block are safe.
Note the comment must appear on the line(s) preceding the unsafe block with nothing appearing in between. The following is ok:
foo(
// SAFETY:
// This is a valid safety comment
unsafe { *x }
)
But neither of these are:
// SAFETY:
// This is not a valid safety comment
foo(
/* SAFETY: Neither is this */ unsafe { *x },
);
Why restrict this?
Undocumented unsafe blocks and impls can make it difficult to read and maintain code. Writing out the safety justification may help in discovering unsoundness or bugs.
Example
use std::ptr::NonNull;
let a = &mut 42;
let ptr = unsafe { NonNull::new_unchecked(a) };
Use instead:
use std::ptr::NonNull;
let a = &mut 42;
// SAFETY: references are guaranteed to be non-null.
let ptr = unsafe { NonNull::new_unchecked(a) };
Configuration
-
accept-comment-above-attributes: Whether to accept a safety comment to be placed above the attributes for theunsafeblock(default:
true) -
accept-comment-above-statement: Whether to accept a safety comment to be placed above the statement containing theunsafeblock(default:
true)