[FFmpeg-devel] Clang static analyser

Michael Niedermayer michaelni
Sat Apr 18 18:55:25 CEST 2009

On Sat, Apr 18, 2009 at 04:02:33PM +0200, Benjamin Larsson wrote:
> Benjamin Larsson wrote:
> > Hi, I gave the clang static analyzer a test run. Here is the output from
> > todays svn:
> > 
> > http://tranquillity.ath.cx/clang/scan-build-2009-04-17-1/
> > 
> > Most of the logic errors should be real issues that can affect
> > stability. All the dead store things seem to be mostly noise.
> > 
> > MvH
> > Benjamin Larsson
> > 
> I reran the analysis as Michael took a real stab at cleaning up the
> defects found. Almost 50 less defects today.
> http://tranquillity.ath.cx/clang/scan-build-2009-04-18-1/

I found a few problems with CSA, and id love to hear some tips on how to
deal with them

1. There are many cases of technically dead code that we likely do not want
   to remove, like:
1a. code where a variable assignent is done for clarity, that is
        int width = get_bits(5);
        int height= get_bits(5);
   instead of
        skip_bits(5); // width , but we dont need it
        skip_bits(5); // height, but we dont need it
   (this one is of course somewhat debateable if it should be changed, but i
   dont volunteer to deal with these if consensus is to change them, iam sure
   people prefer if i spend my time on higher priority things ...)
1b. work in progress code like
   crc= something()
   //FIXME check crc

2. logic errors that assume execution continues after av_exit()
3. logic errors that assume things like a av_log("internal error") is
   reachable without actually finding out how, that is the logic checker
   seems to assume any code that exists can be reached and then based on
   that axiom shows problems that would cause.
4. logic errors based on variables being in multiple states at the same
   time. (like if stream type was video in the first iteration of th loop
   and then was audio in the second)
Basically i must say the time spend on investigating logic errors seems in
no proportion to any actual errors found, or in other words, none of the
logic errors i looked at appeared real

Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

Opposition brings concord. Out of discord comes the fairest harmony.
-- Heraclitus
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/attachments/20090418/6146feab/attachment.pgp>

More information about the ffmpeg-devel mailing list