Skip to content

mod lf_apply: clean up code and use slices instead of raw pointers #728

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
fbossen merged 26 commits into from
Mar 7, 2024
Merged

mod lf_apply: clean up code and use slices instead of raw pointers #728

fbossen merged 26 commits into from
Mar 7, 2024

Conversation

@fbossen
Copy link
Contributor

@fbossen fbossen commented Feb 5, 2024
edited by kkysen
Loading

@fbossen fbossen mentioned this pull request Feb 5, 2024
Closed
kkysen
kkysen reviewed Feb 6, 2024
View reviewed changes
Copy link
Collaborator

@kkysen kkysen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

By the way, feel free to split this PR up more if it's taking a while, and it's easier to review it in smaller chunks as well.

kkysen
kkysen requested changes Feb 6, 2024
View reviewed changes
Copy link
Collaborator

@kkysen kkysen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This mostly looks good. I had some small comments, as well as a bigger one concerning the "unaligned" reads of lvl, which is UB the way we're currently doing it.

@kkysen kkysen mentioned this pull request Feb 6, 2024
Merged
@folkertdev folkertdev mentioned this pull request Feb 7, 2024
Merged
kkysen added a commit that referenced this pull request Feb 9, 2024
@kkysen
fn unaligned_lvl_slice: Safely encapsulate "unaligned" slices of `l…
b796035 
…vl: &[[u8; 4]]`, as previous accesses were UB (#731)

See:
* #728 (comment)
* #728 (comment)

The current "unaligned" access of `lvl`, added in #726, and a proposed
change in #728, [are UB according to
`miri`](https://play.rust-lang.org/?version=stable&mode=debug&edition=2021&gist=80849f822a890cabd324b3b898b291b8),
as they cast `&[u8; 3]` and `&u8` to `&[u8; 4]`, which is an out of
bounds read of a borrow. This `fn unaligned_lvl_slice` helper `fn` fixes
it and passes `miri` by transmuting (through `.align_to`) to a `&[u8]`,
doing the slice, and then doing a checked cast back to `[u8; 4]`. It
also does correct bounds checking, as the previous ways were off by one
in their bounds checking, as they didn't consider the read of the
unaligned part into the next `[u8; 4]`. Doing it this way also optimizes
just as well as the previous methods.

We could also use a dependency like `zerocopy` to encapsulate the
`unsafe` `.align_to`, but as long as these kinds of "unaligned" array
reads are a one-off, doing it inline here seems better.

Update: Switched to using unstable `fn`s from `std` that make things
fully safe and correct, copied into our codebase for stability.
I already figured out how to fix the UB in reviewing #728, so I just
went ahead and made the fix independently.
@fbossen
Copy link
Contributor Author

fbossen commented Feb 11, 2024

By the way, feel free to split this PR up more if it's taking a while, and it's easier to review it in smaller chunks as well.

The first few commits are now in #739

@fbossen fbossen changed the title WIP: lf_apply.rs: clean up code and use slices instead of raw pointers lf_apply.rs: clean up code and use slices instead of raw pointers Feb 13, 2024
@rinon
Copy link
Collaborator

rinon commented Feb 22, 2024

Is this good to go in now? Seems it needs a rebase but anything else beyond that?

@kkysen
Copy link
Collaborator

kkysen commented Feb 22, 2024

Is this good to go in now? Seems it needs a rebase but anything else beyond that?

I need to re-review it.

@kkysen kkysen self-requested a review February 22, 2024 01:54
@kkysen
Copy link
Collaborator

kkysen commented Feb 26, 2024

Addresses #702

Does this fix and close #702, or just address part of it? If it does, can you use one of the special linking keywords like "fix", "close", or "resolve"?

kkysen
kkysen requested changes Feb 26, 2024
View reviewed changes
Copy link
Collaborator

@kkysen kkysen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just a few little things left. Also, for the previous unresolved comments, if those were .add()s where the resulting pointer is negatively offset later, you can dismiss my comments. I wasn't sure if that was the case for all of them, though it may.

@kkysen kkysen changed the title lf_apply.rs: clean up code and use slices instead of raw pointers mod lf_apply: clean up code and use slices instead of raw pointers Feb 26, 2024
@kkysen kkysen mentioned this pull request Feb 26, 2024
Merged
@kkysen kkysen self-requested a review February 26, 2024 21:49
@fbossen fbossen force-pushed the cleanup-lf-apply branch 3 times, most recently from f5c44bb to 864fb5a Compare March 1, 2024 01:37
@fbossen
Copy link
Contributor Author

fbossen commented Mar 1, 2024

I ran into some issues with borrowing f.lf.mask when rebasing on top of #768 which borrows f.lf. I removed the call to tx_lpf_right_edge() in 1727e4e @randomPoison can you have a look?

@kkysen
Copy link
Collaborator

kkysen commented Mar 1, 2024

I ran into some issues with borrowing f.lf.mask when rebasing on top of #768 which borrows f.lf. I removed the call to tx_lpf_right_edge() in 1727e4e @randomPoison can you have a look?

That looks right. That said, we could put that Vec in its own new type struct and put the method on that. Then the borrowing should work. We should probably do the same for other similar Vecs and their offsets if they have splitting methods.

kkysen
kkysen requested changes Mar 4, 2024
View reviewed changes
@kkysen kkysen mentioned this pull request Mar 4, 2024
Merged
kkysen
kkysen reviewed Mar 4, 2024
View reviewed changes
kkysen
kkysen reviewed Mar 4, 2024
View reviewed changes
kkysen
kkysen reviewed Mar 4, 2024
View reviewed changes
kkysen
kkysen reviewed Mar 4, 2024
View reviewed changes
@fbossen fbossen force-pushed the cleanup-lf-apply branch from 864fb5a to 5eccc3a Compare March 4, 2024 14:22
Frank Bossen added 26 commits March 5, 2024 23:28
fn rav1d_copy_lpf: use slice instead of pointer for src_stride
64c507e
fn rav1d_copy_lpf: use slice instead of pointer for lr_stride
5c37e6c
fn rav1d_copy_lpf: make src parameter a slice reference
d769725
fn rav1d_loopfilter_sbrow_cols: use slice reference instead of raw …
602b043 
…pointer
fn rav1d_loopfilter_sbrow_cols: clean up loops
87342bd 
Use `for` instead of `while`
fn rav1d_loopfilter_sbrow_cols: avoid repeated casts to usize
7935e6e
fn rav1d_loopfilter_sbrow_cols: clean up masks
6e15020 
Define masks as `u16` and simplify code to look more like original
C code.
Use slice instead of raw pointer
3063ae1
fn rav1d_loopfilter_sbrow_cols: make lpf_y and lpf_uv slices
61f83f1
Clean up types and casts
f8daee4
Use references to Rav1dDSPContext object
689fa49
fn rav1d_loopfilter_sbrow_cols: pass slices of samples as argument
b0c447a 
Parameter `p` is changed to be an array of slices. A parameter
`p_offset` is added to indicate the location of the "origin" sample
within the slice. Note that the offset is the same for both chroma
components. Hence `p_offset` has one fewer entries than `p`.
fn filter_plane_cols_y/uv: make dst/u/v arguments a slice
7666d9e 
Offsets `dst_offset` and `uv_offset` are added to point to "origin"
position within slice
lf_apply.rs: use slices instead of raw pointers
78ee731 
Use slices for parameter of `rav1d_loopfilter_sbrow_rows` and
`rav1d_copy_lpf`
fn backup_lpf; use slice as parameter
f0fd40b 
Dimensions of slice initially created had to be adjusted to account
for memory allocation constraints (e.g., sizes of multiples of 128).
Not doing so leeds to invalid access when picture dimensiosn are
odd numbers.
Define inner blocks for computation of p and p_offset
68f0817 
Also rename variables, dropping `data` prefix.
lflvl: use slice instead of raw pointer
789c78f
fn backup_lpf: use slice instead of raw pointer for dst
ad49d8d 
`dst_offset` is also added to enable accessing elements in the slice
that precede the reference position that was pointed to by `dst`
fn filter_plane_rows_y/uv: use slice instead of raw pointer
e4d2966 
Use slice for pixel data. Add an offset parameter to indicate
reference index within slice.
Address comments from review
f54cb43
Copy comments from C code
060574d
Avoid unnecessary type casting when invoking BD::pxstride
793a00f
Reduce number of casts for variable top
47fb8fa
fn backup_lpf: clean up pixel copy
d639377
Remove explicit dereference of dsp
c509c30
Clean up use of split_at_mut and pixel copy
5a24dbd
@fbossen fbossen force-pushed the cleanup-lf-apply branch from 68b9f35 to 5a24dbd Compare March 6, 2024 04:35
@fbossen
Copy link
Contributor Author

fbossen commented Mar 6, 2024

LGTM! Unfortunately there are now merge conflicts from #779. That change was converting pointers to offsets, so hopefully merging them is smooth.

Had to resolve some conflicts but nothing tedious

@fbossen fbossen merged commit f6d4770 into memorysafety:main Mar 7, 2024
@rinon rinon mentioned this pull request Apr 18, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@randomPoison randomPoison randomPoison approved these changes

@kkysen kkysen kkysen approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Cleanup c2rust output in lf_apply.rs

4 participants

@fbossen @rinon @kkysen @randomPoison