From 0bee77abeeda15f586fab2a6ceec3d2b7b11c904 Mon Sep 17 00:00:00 2001
From: Andrew Poelstra <apoelstra@wpsoftware.net>
Date: Sat, 11 Jan 2025 16:45:57 +0000
Subject: [PATCH] types: implement `Send`/`Sync` for `BoundRef`

Added a block comment inline explaining the safety.
---
 src/types/context.rs | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/src/types/context.rs b/src/types/context.rs
index 5eb628da..3cf9b364 100644
--- a/src/types/context.rs
+++ b/src/types/context.rs
@@ -245,6 +245,19 @@ pub struct BoundRef {
     index: usize,
 }
 
+// SAFETY: The pointer inside `BoundRef` is always (eventually) constructed from Arc::as_ptr
+// from the slab of a type-inference context.
+//
+// Arc will prevent the pointer from ever changing, except to be deallocated when the last
+// Arc goes away. But this occurs only when the context itself goes away, which in turn
+// happens only when every type bound referring to the context goes away.
+//
+// If this were untrue, our use of `BoundRef` would lead to dereferences of a dangling
+// pointer, and `Send`/`Sync` would be the least of our concerns!
+unsafe impl Send for BoundRef {}
+// SAFETY: see comment on `Send`
+unsafe impl Sync for BoundRef {}
+
 impl BoundRef {
     pub fn assert_matches_context(&self, ctx: &Context) {
         assert_eq!(