memorysafety/rav1d

Remove `unsafe impl {Send,Sync} for {Rav1dContext,TaskThreadData_delayed_fg}`

Opened this issue · 0 comments

kkysen commented

These were TODOs and are unjustified/unsound.

The types that need to be Send + Sync are:

  • Because of raw ptrs:
    • CArc<T>::stable_ref
    • Rav1dPicAllocator::cookie
    • Rav1dPictureData::allocator_data
    • Dav1dITUTT35::payload
  • Because of UnsafeCell:
    • DisjointMut<T>::inner

For these:

  • Rav1dPicAllocator::cookie
  • Rav1dPictureData::allocator_data
  • Dav1dITUTT35::payload

which are for C APIs, we should just delegate the safety requirements to # Safety docs. A wrapper Send + Sync ptr type might be useful.

For these:

  • CArc<T>::stable_ref
  • DisjointMut<T>::inner

Send + Sync is justified by the type and its API.