A new Rust implementation of the AV1 decoder sparks debate over cost, performance, and security in multimedia software
The open-source multimedia software ecosystem has just experienced a new episode of technological tension. FFmpeg, one of the most influential projects in video and audio processing, has made a sarcastic comment about rav1d, an AV1 decoder written in Rust developed by the Prossimo foundation.
The comment arose from a bounty program launched by Prossimo, offering up to $20,000 to anyone who can match the performance of dav1d, the fastest AV1 decoder in the world, which is written in C. According to FFmpeg: “Rust is so good that you can be paid $20,000 to make it as fast as C,” clearly critiquing the performance gap and the approach taken by Prossimo.
What is rav1d?
Rav1d is a Rust implementation of the AV1 decoder, designed as a more secure alternative to dav1d, which is written in C. AV1 is a modern, royalty-free video codec widely used by giants like Netflix, YouTube, and Twitch for efficient video compression on the internet.
Rust has gained traction as a memory-safe language, a critical property for low-level software, especially when it comes to libraries used in millions of devices and systems.
Security vs. Performance
Prossimo’s goal with rav1d is not only to match the performance of dav1d but also to provide a codebase that reduces security errors resulting from manual memory management, which are common in C and C++. The bounty aims to close a 5% performance gap between rav1d and dav1d, which can be significant in the realm of video decoding.
However, the program’s rules exclude a large part of the global development community, limiting participation for legal and regulatory reasons to certain regions. This has raised criticism regarding the inclusivity of the effort.
FFmpeg and Industry Position
The tone of the comment from FFmpeg reflects a current of skepticism about Rust within part of the C developer community. While many acknowledge the advantages of Rust in terms of security, others question its efficiency in projects where performance is paramount and low-level control is essential.
This isn’t the first time Rust has sparked debate. Its inclusion in the Linux kernel has been the subject of intense internal discussions, recently leading to the formalization of a specific policy to avoid conflicts arising from the introduction of the new language.
The Geopolitical Context of Memory Safety
The discussion around rav1d doesn’t happen in a vacuum. In 2024, the White House released an official report urging the adoption of memory-safe languages to reduce exploitable vulnerabilities, explicitly endorsing languages like Rust. Viewed in this light, projects like rav1d represent a natural evolution in the chain of critical software.
Is it Worth Paying to Match C?
The underlying question is whether it’s worth investing tens of thousands of dollars just to match the performance of a C implementation. For those prioritizing safety, the answer is yes: Rust allows for a balance between acceptable performance and reduced risk of catastrophic failures. For others, it’s seen as a duplication of efforts with a still inferior outcome.
Regardless of the stance, the debate remains open, and the industry is witnessing in real-time how the balance between performance, cost, and security in infrastructure software is being redefined.
More Information and Source Code
References: itsfoss and Memory Safety