SAFETY comments should document preconditions

[jdm]

Reading through

Windows-rust-driver-samples/general/echo/kmdf/exe/src/main.rs

Line 4 in d9cc309

//! The below implementation is a bit of a compromise in trying to help new devs

, I see unsafe blocks labeled with SAFETY comments, which is great! However, the comments focus on why the unsafe block is required (eg. a specific FFI call or unsafe API method), rather than what preconditions ensure the unsafe code is actually safe in practice.

[wmmc88]

Hi @jdm. Yes, I agree with your assessment of the safety comments currently present in the sample driver. We have much stricter enforcement for this on the windows-drivers-rs repo, and I wish to make improvements here in the samples.

That said, we are currently working on safer abstractions for the majority of the API surface covered in the current samples, so we will no longer need these unsafe blocks. Until then though, contributions are welcome 😊