From 7ea22693ec8238aaead3fc5d68c18973c5092361 Mon Sep 17 00:00:00 2001
From: Khyber Sen <kkysen@gmail.com>
Date: Wed, 10 Jul 2024 14:43:13 -0700
Subject: [PATCH] `// SAFETY`: Move safety comments to line immediately above
 `unsafe` block to pass `clippy::undocumented_unsafe_blocks`.

Most of these are in closures.
---
 include/dav1d/data.rs    |  6 ++++--
 include/dav1d/picture.rs | 36 ++++++++++++++++++++++++------------
 src/filmgrain.rs         |  7 ++++---
 src/refmvs.rs            |  3 ++-
 4 files changed, 34 insertions(+), 18 deletions(-)

diff --git a/include/dav1d/data.rs b/include/dav1d/data.rs
index 4b0b067aa..731f5cada 100644
--- a/include/dav1d/data.rs
+++ b/include/dav1d/data.rs
@@ -30,8 +30,10 @@ impl From<Dav1dData> for Rav1dData {
             m,
         } = value;
         Self {
-            // SAFETY: `r#ref` is a [`RawCArc`] originally from [`CArc`].
-            data: r#ref.map(|r#ref| unsafe { CArc::from_raw(r#ref) }),
+            data: r#ref.map(|r#ref| {
+                // SAFETY: `r#ref` is a [`RawCArc`] originally from [`CArc`].
+                unsafe { CArc::from_raw(r#ref) }
+            }),
             m: m.into(),
         }
     }
diff --git a/include/dav1d/picture.rs b/include/dav1d/picture.rs
index faa2be23f..9dd919dac 100644
--- a/include/dav1d/picture.rs
+++ b/include/dav1d/picture.rs
@@ -449,24 +449,36 @@ impl From<Dav1dPicture> for Rav1dPicture {
         } = value;
         Self {
             // We don't `.update_rav1d()` [`Rav1dSequenceHeader`] because it's meant to be read-only.
-            // SAFETY: `raw` came from [`RawArc::from_arc`].
-            seq_hdr: seq_hdr_ref.map(|raw| unsafe { raw.into_arc() }),
+            seq_hdr: seq_hdr_ref.map(|raw| {
+                // SAFETY: `raw` came from [`RawArc::from_arc`].
+                unsafe { raw.into_arc() }
+            }),
             // We don't `.update_rav1d()` [`Rav1dFrameHeader`] because it's meant to be read-only.
-            // SAFETY: `raw` came from [`RawArc::from_arc`].
-            frame_hdr: frame_hdr_ref.map(|raw| unsafe { raw.into_arc() }),
-            // SAFETY: `raw` came from [`RawArc::from_arc`].
-            data: data_ref.map(|raw| unsafe { raw.into_arc() }),
+            frame_hdr: frame_hdr_ref.map(|raw| {
+                // SAFETY: `raw` came from [`RawArc::from_arc`].
+                unsafe { raw.into_arc() }
+            }),
+            data: data_ref.map(|raw| {
+                // SAFETY: `raw` came from [`RawArc::from_arc`].
+                unsafe { raw.into_arc() }
+            }),
             stride,
             p: p.into(),
             m: m.into(),
-            // SAFETY: `raw` came from [`RawArc::from_arc`].
-            content_light: content_light_ref.map(|raw| unsafe { raw.into_arc() }),
-            // SAFETY: `raw` came from [`RawArc::from_arc`].
-            mastering_display: mastering_display_ref.map(|raw| unsafe { raw.into_arc() }),
+            content_light: content_light_ref.map(|raw| {
+                // SAFETY: `raw` came from [`RawArc::from_arc`].
+                unsafe { raw.into_arc() }
+            }),
+            mastering_display: mastering_display_ref.map(|raw| {
+                // Safety: `raw` came from [`RawArc::from_arc`].
+                unsafe { raw.into_arc() }
+            }),
             // We don't `.update_rav1d` [`Rav1dITUTT35`] because never read it.
-            // SAFETY: `raw` came from [`RawArc::from_arc`].
             itut_t35: itut_t35_ref
-                .map(|raw| unsafe { raw.into_arc() })
+                .map(|raw| {
+                    // SAFETY: `raw` came from [`RawArc::from_arc`].
+                    unsafe { raw.into_arc() }
+                })
                 .unwrap_or_default(),
         }
     }
diff --git a/src/filmgrain.rs b/src/filmgrain.rs
index de360ceea..e3a61259d 100644
--- a/src/filmgrain.rs
+++ b/src/filmgrain.rs
@@ -881,9 +881,10 @@ unsafe extern "C" fn fguv_32x32xn_c_erased<
     src_row: *const FFISafe<Rav1dPictureDataComponentOffset>,
     luma_row: *const FFISafe<Rav1dPictureDataComponentOffset>,
 ) {
-    // SAFETY: Was passed as `FFISafe::new(_)` in `fguv_32x32xn::Fn::call`.
-    let [dst_row, src_row, luma_row] =
-        [dst_row, src_row, luma_row].map(|row| *unsafe { FFISafe::get(row) });
+    let [dst_row, src_row, luma_row] = [dst_row, src_row, luma_row].map(|row| {
+        // SAFETY: Was passed as `FFISafe::new(_)` in `fguv_32x32xn::Fn::call`.
+        *unsafe { FFISafe::get(row) }
+    });
     let data = &data.clone().into();
     // SAFETY: Casting back to the original type from the `fn` ptr call.
     let scaling = unsafe { &*scaling.cast() };
diff --git a/src/refmvs.rs b/src/refmvs.rs
index 3ab998fb7..fc2c2bc36 100644
--- a/src/refmvs.rs
+++ b/src/refmvs.rs
@@ -318,6 +318,8 @@ impl save_tmvs::Fn {
             if ri > rf.r.len() - R_PAD {
                 return ptr::null();
             }
+
+            const _: () = assert!(mem::size_of::<RefMvsBlock>() * (1 + R_PAD) > 16);
             // SAFETY: `.add` is in-bounds; checked above.
             // Also note that asm may read 12-byte `refmvs_block`s in 16-byte chunks.
             // This is safe because we allocate `rf.r` with an extra `R_PAD` (1) elements.
@@ -326,7 +328,6 @@ impl save_tmvs::Fn {
             // Furthermore, this is provenance safe because
             // we derive the ptrs from `rf.r.as_mut_ptr()`,
             // as opposed to materializing intermediate references.
-            const _: () = assert!(mem::size_of::<RefMvsBlock>() * (1 + R_PAD) > 16);
             unsafe { rf.r.as_mut_ptr().cast_const().add(ri) }
         });