From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by master.gitmailbox.com (Postfix) with ESMTP id 536B74A588 for ; Tue, 2 Jul 2024 12:35:50 +0000 (UTC) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 740A268D8E3; Tue, 2 Jul 2024 15:35:47 +0300 (EEST) Received: from btbn.de (btbn.de [144.76.60.213]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id D02E168D671 for ; Tue, 2 Jul 2024 15:35:40 +0300 (EEST) Received: from [authenticated] by btbn.de (Postfix) with ESMTPSA id F1E0C27FFD4E4 for ; Tue, 2 Jul 2024 14:35:38 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rothenpieler.org; s=mail; t=1719923739; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=JFKHqbKN1k9SEfhYNDdKGO6HClmLCOsa9vGizJS89dY=; b=pHea7zZQdemEfIkhvtH05AEWnn3osc9KcvlGYBUX3N2rCCgB3jckbEZigfHiKdkMgy2Fyn 4a3dUIrXYKhBsyxh+eAI1bbIvET4IEQ6KbXR6mUCO6zP1UsA7t6XPwMw5e0MzqHAnzomY0 mw6TANLUUejbQbD5sTUPGLI7khX9fSA7JSkCwxORqTK7fi+kbkiWP1lGGk3gQE1RRuiSzO 9cLpE5FQaCMuQu5pD+MfB5yYAQuBSEqURXT9BqvrDZsQa4ap82hrcUTIq7VCVXnQEpJYbq EAvxCuI7uG9rhAujdb5DU6mU3r/dT648AmMfPsbDn3Hi4idB87U30v4Qt7iFxA== Message-ID: Date: Tue, 2 Jul 2024 14:36:27 +0200 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird To: ffmpeg-devel@ffmpeg.org References: <20240701133923.GF4991@pb2> <2e923434-4c36-4921-b728-acdc4dd39233@rothenpieler.org> <20240701201931.GI4991@pb2> Content-Language: en-US, de-DE From: Timo Rothenpieler In-Reply-To: <20240701201931.GI4991@pb2> Subject: Re: [FFmpeg-devel] [RFC] av_rescale() coverity X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Archived-At: List-Archive: List-Post: On 01/07/2024 22:19, Michael Niedermayer wrote: > On Mon, Jul 01, 2024 at 08:50:24PM +0200, Timo Rothenpieler wrote: >> On 01.07.2024 15:39, Michael Niedermayer wrote: >>> Hi all >>> >>> coverity seems to have started to do a new thing. Namely if theres a >>> return statement it assumes it can independant of everything occurr >>> >>> an example would be av_rescale() which on overflow returns INT64_MIN >>> >>> also with the right flags av_rescale() will pass INT64_MIN and INT64_MAX through >>> from the input >>> >>> So coverity since a few days seems to treat every av_rescale() call as if it returns >>> INT64_MIN and INT64_MAX. coverity doesnt care if that return statement is reachable or >>> if the flags even include the execution path. >>> >>> An example is this: >>> AVRational time_base_q = AV_TIME_BASE_Q; >>> int64_t next_dts = av_rescale_q(ds->next_dts, time_base_q, av_inv_q(ist->framerate)); >>> ds->next_dts = av_rescale_q(next_dts + 1, av_inv_q(ist->framerate), time_base_q); >>> >>> Here coverity as a initial statement claims next_dts is INT64_MAX >>> and next_dts + 1 would overflow >>> >>> >>> 8. function_return: Function av_rescale_q(ds->next_dts, time_base_q, av_inv_q(ist->framerate)) returns 9223372036854775807. >>> 9. known_value_assign: next_dts = av_rescale_q(ds->next_dts, time_base_q, av_inv_q(ist->framerate)), its value is now 9223372036854775807. >>> 331 int64_t next_dts = av_rescale_q(ds->next_dts, time_base_q, av_inv_q(ist->framerate)); >>> >>> CID 1604545: (#1 of 1): Overflowed constant (INTEGER_OVERFLOW) >>> 10. overflow_const: Expression next_dts + 1LL, which is equal to -9223372036854775808, where next_dts is known to be equal to 9223372036854775807, overflows the type that receives it, a signed integer 64 bits wide. >>> >>> >>> another example is this: >>> >>> #define AV_TIME_BASE 1000000 >>> pts = av_rescale(ds->dts, 1000000, AV_TIME_BASE); >>> >>> coverity hallucinates pts as a tainted negative number here nothing says anything about >>> the input ds->dts (and thats what would matter) >>> >>> In the past coverity provided a detailed list of steps on how a >>> case is reached. One could then check these assumtions and mark things >>> as false positive when one assumtion is wrong. (coverity was most of the time >>> wrong) >>> >>> Now coverity just hallucinates claims out of the blue without any >>> explanation how that can happen. >>> >>> Iam a bit at a loss how to deal with this and also why exactly this >>> new behavior appeared. >>> >>> Has anyone changed any setting or anything in coverity ? >>> >>> The number of issues shot up to over 400 on the 22th june >>> "194 new defect(s) introduced to FFmpeg/FFmpeg found with Coverity Scan." >> >> Do you mean May? >> Cause that's when I enabled also giving a Windows-Build to Coverity: >> https://github.com/FFmpeg/FFmpeg-Coverity/commit/3116e6960406f01f96d934516216bb3b402122fc >> >> Before that, only Linux was analyzed. > > no the 194 appeared in june > > I did saw some other spike of issues appear month? earlier or so but these seemed > mostly old issues that where detected prior already. > and i dont see it in teh numbers coverity mails me > > Only other spike i can find in the numbers was 11 feb 2024 > 103 new defect(s) introduced to FFmpeg/FFmpeg found with Coverity Scan. > > thx > > [...] I do wonder if sending them two builds at once like this is not supported? I found examples of doing it like this though, they even document how to combine report generated on separate hosts. So it really should be possible. Cause I think the huge jumps up and down in detection started only after adding the mingw builds. _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".