[vlc-devel] [PATCH 00/11] es_format_t access cleaning

[Rémi Denis-Courmont]

On jeudi 13 juillet 2017 15:44:33 EEST Steve Lhomme wrote:
> Following the previous set of 9 patches I updated the code to correct issues
> discussed.
> 
> As before the packetizer is now assumed to have the same format on input and
> output. The output being forced to be packetized. With this core change
> packetizers don't need to anything on the fmt_out on init or it's probably
> wrong (this could be enforced with an assert later). The packetized flag is
> before opening the packetizer module(s). On error the packtizer is
> destroyed so it won't matter which value it had.

I don't remember how exactly this works, but IIRC, some packetizers don't 
immediately have an output format, so this might actually be a problem.

> I added es_format_Replace() to specifically tell when an es_format_t copy is
> done on a previously initilaized es_format_t. Meaning it has to be cleaned
> as it may contain various dynamically allocated buffers. I have some code
> instrumentation that can be used to make sure es_format_XXX calls are
> clean, not included in this patchset.

This is a bad idea.

Logically, the replace operation should "fail safe", i.e. not change the 
output on error. But at the same time, existing copy call sites expect to get 
a mostly sane format even on error (possibly losing language, extra data and 
palette).

That leads to intrinsically contradictory requirements. Thus, you are better 
off calling clean and copy explicitly and unambiguously.

-- 
Rémi Denis-Courmont