foeb
diff --git a/‎src/libcore/iter/adapters/zip.rs
+5-2 b/‎src/libcore/iter/adapters/zip.rs
+5-2
diff --git a/‎src/libcore/mem/maybe_uninit.rs
+5-2 b/‎src/libcore/mem/maybe_uninit.rs
+5-2
diff --git a/‎src/libcore/slice/memchr.rs
+6-3 b/‎src/libcore/slice/memchr.rs
+6-3
@@ -1,5 +1,3 @@
-// ignore-tidy-undocumented-unsafe
-
 use crate::cmp;
 
 use super::super::{Iterator, DoubleEndedIterator, ExactSizeIterator, FusedIterator, TrustedLen};
@@ -165,11 +163,13 @@ impl<A, B> ZipImpl<A, B> for Zip<A, B>
         if self.index < self.len {
             let i = self.index;
             self.index += 1;
+            // SAFETY: checked that i < min(a.len(), b.len())
             unsafe {
                 Some((self.a.get_unchecked(i), self.b.get_unchecked(i)))
             }
         } else if A::may_have_side_effect() && self.index < self.a.len() {
             // match the base implementation's potential side effects
+            // SAFETY: checked that index < a.len()
             unsafe {
                 self.a.get_unchecked(self.index);
             }
@@ -194,9 +194,11 @@ impl<A, B> ZipImpl<A, B> for Zip<A, B>
             let i = self.index;
             self.index += 1;
             if A::may_have_side_effect() {
+                // SAFETY: i < end < self.len
                 unsafe { self.a.get_unchecked(i); }
             }
             if B::may_have_side_effect() {
+                // SAFETY: i < end < self.len
                 unsafe { self.b.get_unchecked(i); }
             }
         }
@@ -229,6 +231,7 @@ impl<A, B> ZipImpl<A, B> for Zip<A, B>
         if self.index < self.len {
             self.len -= 1;
             let i = self.len;
+            // SAFETY: i < min(a.len(), b.len())
             unsafe {
                 Some((self.a.get_unchecked(i), self.b.get_unchecked(i)))
             }
 
@@ -1,8 +1,6 @@
 use crate::intrinsics;
 use crate::mem::ManuallyDrop;
 
-// ignore-tidy-undocumented-unsafe
-
 /// A wrapper type to construct uninitialized instances of `T`.
 ///
 /// # Initialization invariant
@@ -292,6 +290,7 @@ impl<T> MaybeUninit<T> {
     #[unstable(feature = "maybe_uninit_uninit_array", issue = "0")]
     #[inline(always)]
     pub fn uninit_array<const LEN: usize>() -> [Self; LEN] {
+        // SAFETY: see type-level documentation
         unsafe {
             MaybeUninit::<[MaybeUninit<T>; LEN]>::uninit().assume_init()
         }
@@ -341,6 +340,7 @@ impl<T> MaybeUninit<T> {
     #[inline]
     pub fn zeroed() -> MaybeUninit<T> {
         let mut u = MaybeUninit::<T>::uninit();
+        // SAFETY: depends on T, see above comment
         unsafe {
             u.as_mut_ptr().write_bytes(0u8, 1);
         }
@@ -354,6 +354,7 @@ impl<T> MaybeUninit<T> {
     #[unstable(feature = "maybe_uninit_extra", issue = "63567")]
     #[inline(always)]
     pub fn write(&mut self, val: T) -> &mut T {
+        // SAFETY: initializes field, and returns reference to the value
         unsafe {
             self.value = ManuallyDrop::new(val);
             self.get_mut()
@@ -394,6 +395,7 @@ impl<T> MaybeUninit<T> {
     #[stable(feature = "maybe_uninit", since = "1.36.0")]
     #[inline(always)]
     pub fn as_ptr(&self) -> *const T {
+        // SAFETY: unsafe if uninitialized
         unsafe { &*self.value as *const T }
     }
 
@@ -431,6 +433,7 @@ impl<T> MaybeUninit<T> {
     #[stable(feature = "maybe_uninit", since = "1.36.0")]
     #[inline(always)]
     pub fn as_mut_ptr(&mut self) -> *mut T {
+        // SAFETY: unsafe if uninitialized
         unsafe { &mut *self.value as *mut T }
     }
 
 
@@ -1,8 +1,6 @@
 // Original implementation taken from rust-memchr.
 // Copyright 2015 Andrew Gallant, bluss and Nicolas Koch
 
-// ignore-tidy-undocumented-unsafe
-
 use crate::cmp;
 use crate::mem;
 
@@ -63,6 +61,9 @@ pub fn memchr(x: u8, text: &[u8]) -> Option<usize> {
 
     if len >= 2 * usize_bytes {
         while offset <= len - 2 * usize_bytes {
+            // SAFETY: both u and v can be read since
+            // ptr + offset + usize_bytes <= ptr + len - usize_bytes < ptr + len
+            // means the pointers are in bounds
             unsafe {
                 let u = *(ptr.add(offset) as *const usize);
                 let v = *(ptr.add(offset + usize_bytes) as *const usize);
@@ -95,7 +96,7 @@ pub fn memrchr(x: u8, text: &[u8]) -> Option<usize> {
     type Chunk = usize;
 
     let (min_aligned_offset, max_aligned_offset) = {
-        // We call this just to obtain the length of the prefix and suffix.
+        // SAFETY: We call this just to obtain the length of the prefix and suffix.
         // In the middle we always process two chunks at once.
         let (prefix, _, suffix) = unsafe { text.align_to::<(Chunk, Chunk)>() };
         (prefix.len(), len - suffix.len())
@@ -113,6 +114,8 @@ pub fn memrchr(x: u8, text: &[u8]) -> Option<usize> {
     let chunk_bytes = mem::size_of::<Chunk>();
 
     while offset > min_aligned_offset {
+        // SAFETY: since offset is always aligned, offset > min_aligned_offset means
+        // that offset - 2 * chunk_bytes is within bounds.
         unsafe {
             let u = *(ptr.offset(offset as isize - 2 * chunk_bytes as isize) as *const Chunk);
             let v = *(ptr.offset(offset as isize - chunk_bytes as isize) as *const Chunk);