From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by master.gitmailbox.com (Postfix) with ESMTP id E0E5C491A5 for ; Mon, 5 Feb 2024 10:21:40 +0000 (UTC) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id A30DA68D109; Mon, 5 Feb 2024 12:21:37 +0200 (EET) Received: from relay6-d.mail.gandi.net (relay6-d.mail.gandi.net [217.70.183.198]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id C2CBA68CDBC for ; Mon, 5 Feb 2024 12:21:31 +0200 (EET) Received: by mail.gandi.net (Postfix) with ESMTPSA id 02ED8C0008 for ; Mon, 5 Feb 2024 10:21:30 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=niedermayer.cc; s=gm1; t=1707128491; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=dzNqKhBma1bChI6RLPBdiy+k3lgvLPMMcjyxH6ind5I=; b=I4I1ZJtaLiSt2PaATT0x/ZShcGIpinQhS1INIMbREVupEPLBjd49mVWJuj7ruy4JxMc7Jc UDr0yhGZRP6zBk1Lz7W2+hxFVG9mtAIO3AUrihN6lJ5GDz6dO8KD7RKPLeDMkn+hRGiXMJ YqPY3QyohuqcjneM/y+YVfKkN32UsPdoRxrqXoL7TaPTZdxfwwj3XmagCNcbZFyqLcxZtk u+Isxy9uBoHSdjaDD034fvFGN1QFcDYWT3n0uQdpBc7WkfPSN9GVdt7FNiMz/TKBCsu2ZD 7QfD7bq8RWBLXCOI59ZO8EyLowSnNur8Yfnea53m6fdvb3R24fbEJJNU9NIunw== Date: Mon, 5 Feb 2024 11:21:30 +0100 From: Michael Niedermayer To: FFmpeg development discussions and patches Message-ID: <20240205102130.GQ6420@pb2> References: <20240128032549.GN6420@pb2> <20240130014821.GJ6420@pb2> <36880d31-320c-419f-ae4d-42a5eade0ebe@gmail.com> MIME-Version: 1.0 In-Reply-To: X-GND-Sasl: michael@niedermayer.cc Subject: Re: [FFmpeg-devel] Sovereign Tech Fund X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Content-Type: multipart/mixed; boundary="===============7098294508659453196==" Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Archived-At: List-Archive: List-Post: --===============7098294508659453196== Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="atWjqWe8F3c45IAu" Content-Disposition: inline --atWjqWe8F3c45IAu Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Jan 31, 2024 at 09:55:00PM +0000, Kieran Kunhya wrote: > On Wed, 31 Jan 2024 at 21:45, Derek Buitenhuis > wrote: >=20 > > On 1/30/2024 1:48 AM, Michael Niedermayer wrote: > > > https://trac.ffmpeg.org/wiki/SponsoringPrograms/STF/2024 > > > > Not to derail this fine thread, but what forks does the Merge Forks > > project refer to? > > > > - Derek > > >=20 > I also added a note that 70 USD for coverity is way too much. I picked a > random issue 1503073 and within a minute saw that it was a false positive. > I don't deserve 70USD for that. I fixed 2 coverity issues yesterday and it took me over 3 hours I cant do this for 70USD per issue (you can see the ML for the 2 patches) In the first, the issue depended on fbw_channels to be 0. If you look at its initialization that is possible if you have a mono LFE channel but is that possible and can the code be reached in that case. For someone who hasnt worked at that specific code it takes some time to build an argument that this should not be possible The second issue, its obvious a bug but how do we even reach that code? No fate tests .... luckily there are examples in the docs but it took me several tries to get the code to execute with similar testcases. now looking at it, i suspect the patch i posted probably should be split so we need a 2nd iteration and looking at the clock when i posted this and when i started yesterday fact is it was 3-4h work for these 2 issues did i pick these randomly? no, i started frm the top and skiped a few i really did not want to work on like the flac parser. Some coverity isssues are dead easy and need seconds to categorize or even fix. But for others its difficult Also to categorize coverity issues one needs to understand the affectd code. coverity telling you that after 355 conditions theres a out of array access, you need to know if the 355 conditions are inconsistant and contradicting. If they contradict its a false positive otherwise its a bug. similar when you check the return code of a function most of the time coverity will create an issue for cases where its not checked. Thats trivial to fix IF you know the code. But IF you do not know the code that can some decent time too. And i think noone knows all code. Either way, iam interrested in helping with coverity work while at the same time this environment where peole finger point and say "is way too much" is something i dont feel comfortable to work in. maybe doing it per hour instead of per issue is a safer way thx [...] --=20 Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB Republics decline into democracies and democracies degenerate into despotisms. -- Aristotle --atWjqWe8F3c45IAu Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iF0EABEIAB0WIQSf8hKLFH72cwut8TNhHseHBAsPqwUCZcC2ogAKCRBhHseHBAsP q+/xAKCLAACo0B/2clQo50KmbuVCyqqcOQCfUzeMokrWePcH0JwV7SXdI69MJEg= =ViCe -----END PGP SIGNATURE----- --atWjqWe8F3c45IAu-- --===============7098294508659453196== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe". --===============7098294508659453196==--