ref: 5d5875a93a5c15566c6dfbadf7180858705af517
parent: 4a7c9859cbea913e2d024d523cc10f2bd955d540
author: Gregory Maxwell <[email protected]>
date: Mon Oct 3 17:07:39 EDT 2011
Add the noreturn attribute on the assert functions to aid static analysis, improve test_repacketizer error handling, and silence 19 clang static analysis errors with additional assertions.
--- a/celt/arch.h
+++ b/celt/arch.h
@@ -51,6 +51,9 @@
#ifdef ENABLE_ASSERTIONS
#include <stdio.h>
#include <stdlib.h>
+#ifdef __GNUC__
+__attribute__((noreturn))
+#endif
static inline void _celt_fatal(const char *str, const char *file, int line)
{fprintf (stderr, "Fatal (internal) error in %s, line %d: %s\n", file, line, str);
--- a/celt/bands.c
+++ b/celt/bands.c
@@ -403,6 +403,8 @@
int decision;
int hf_sum=0;
+ celt_assert(end>0);
+
N0 = M*m->shortMdctSize;
if (M*(eBands[end]-eBands[end-1]) <= 8)
@@ -457,6 +459,7 @@
*tapset_decision=0;
}
/*printf("%d %d %d\n", hf_sum, *hf_average, *tapset_decision);*/+ celt_assert(nbBands>0); /*M*(eBands[end]-eBands[end-1]) <= 8 assures this*/
sum /= nbBands;
/* Recursive averaging */
sum = (sum+*average)>>1;
@@ -545,6 +548,7 @@
SAVE_STACK;
N = N0*stride;
ALLOC(tmp, N, celt_norm);
+ celt_assert(stride>0);
if (hadamard)
{const int *ordery = ordery_table+stride-2;
--- a/celt/kiss_fft.c
+++ b/celt/kiss_fft.c
@@ -641,7 +641,6 @@
fstride[L+1] = fstride[L]*p;
L++;
} while(m!=1);
- m2 = 1;
m = st->factors[2*L-1];
for (i=L-1;i>=0;i--)
{@@ -694,7 +693,6 @@
fstride[L+1] = fstride[L]*p;
L++;
} while(m!=1);
- m2 = 1;
m = st->factors[2*L-1];
for (i=L-1;i>=0;i--)
{--- a/celt/pitch.c
+++ b/celt/pitch.c
@@ -166,6 +166,8 @@
SAVE_STACK;
+ celt_assert(len>0);
+ celt_assert(max_pitch>0);
lag = len+max_pitch;
ALLOC(x_lp4, len>>2, opus_val16);
--- a/celt/plc.c
+++ b/celt/plc.c
@@ -150,6 +150,8 @@
VARDECL(opus_val16, xx);
SAVE_STACK;
ALLOC(xx, n, opus_val16);
+ celt_assert(n>0);
+ celt_assert(overlap>=0);
for (i=0;i<n;i++)
xx[i] = x[i];
for (i=0;i<overlap;i++)
--- a/celt/quant_bands.c
+++ b/celt/quant_bands.c
@@ -450,6 +450,10 @@
int qi;
opus_val32 q;
opus_val32 tmp;
+ /* It would be better to express this invariant as a
+ test on C at function entry, but that isn't enough
+ to make the static analyzer happy. */
+ celt_assert(c<2);
tell = ec_tell(dec);
if(budget-tell>=15)
{--- a/celt/tests/ectest.c
+++ b/celt/tests/ectest.c
@@ -170,7 +170,6 @@
ec_range_bytes(&enc), (tell_bits+7)/8,seed);
ret=-1;
}
- tell_bits -= 8*ec_range_bytes(&enc);
ec_dec_init(&dec,ptr,DATA_SIZE2);
if(ec_tell_frac(&dec)!=tell[0]){fprintf(stderr,
--- a/silk/NLSF2A.c
+++ b/silk/NLSF2A.c
@@ -77,6 +77,7 @@
opus_int32 maxabs, absval, idx=0, sc_Q16, invGain_Q30;
silk_assert( LSF_COS_TAB_SZ_FIX == 128 );
+ silk_assert( d==6||d==8||d==10||d==12||d==14||d==16 );
/* convert LSFs to 2*cos(LSF), using piecewise linear curve from table */
for( k = 0; k < d; k++ ) {--- a/silk/NSQ_del_dec.c
+++ b/silk/NSQ_del_dec.c
@@ -335,6 +335,8 @@
NSQ_del_dec_struct *psDD;
NSQ_sample_struct *psSS;
+ silk_assert( nStatesDelayedDecision > 0 );
+
shp_lag_ptr = &NSQ->sLTP_shp_Q10[ NSQ->sLTP_shp_buf_idx - lag + HARM_SHAPE_FIR_TAPS / 2 ];
pred_lag_ptr = &sLTP_Q16[ NSQ->sLTP_buf_idx - lag + LTP_ORDER / 2 ];
--- a/silk/float/schur_FLP.c
+++ b/silk/float/schur_FLP.c
@@ -41,6 +41,8 @@
silk_float C[ SILK_MAX_ORDER_LPC + 1 ][ 2 ];
silk_float Ctmp1, Ctmp2, rc_tmp;
+ silk_assert( order==6||order==8||order==10||order==12||order==14||order==16 );
+
/* Copy correlations */
for( k = 0; k < order+1; k++ ) {C[ k ][ 0 ] = C[ k ][ 1 ] = auto_corr[ k ];
--- a/silk/pitch_analysis_core.c
+++ b/silk/pitch_analysis_core.c
@@ -182,8 +182,6 @@
silk_assert( basis_ptr >= frame_4kHz );
silk_assert( basis_ptr + sf_length_8kHz <= frame_4kHz + frame_length_4kHz );
- normalizer = 0;
- cross_corr = 0;
/* Calculate first vector products before loop */
cross_corr = silk_inner_prod_aligned( target_ptr, basis_ptr, sf_length_8kHz );
normalizer = silk_inner_prod_aligned( basis_ptr, basis_ptr, sf_length_8kHz );
--- a/silk/schur.c
+++ b/silk/schur.c
@@ -43,6 +43,8 @@
opus_int32 C[ SILK_MAX_ORDER_LPC + 1 ][ 2 ];
opus_int32 Ctmp1, Ctmp2, rc_tmp_Q15;
+ silk_assert( order==6||order==8||order==10||order==12||order==14||order==16 );
+
/* Get number of leading zeros */
lz = silk_CLZ32( c[ 0 ] );
--- a/silk/schur64.c
+++ b/silk/schur64.c
@@ -43,6 +43,8 @@
opus_int32 C[ SILK_MAX_ORDER_LPC + 1 ][ 2 ];
opus_int32 Ctmp1_Q30, Ctmp2_Q30, rc_tmp_Q31;
+ silk_assert( order==6||order==8||order==10||order==12||order==14||order==16 );
+
/* Check for invalid input */
if( c[ 0 ] <= 0 ) {silk_memset( rc_Q16, 0, order * sizeof( opus_int32 ) );
--- a/silk/typedef.h
+++ b/silk/typedef.h
@@ -85,6 +85,9 @@
# include <stdio.h>
# include <stdlib.h>
#define silk_fatal(str) _silk_fatal(str, __FILE__, __LINE__);
+#ifdef __GNUC__
+__attribute__((noreturn))
+#endif
static inline void _silk_fatal(const char *str, const char *file, int line)
{fprintf (stderr, "Fatal (internal) error in %s, line %d: %s\n", file, line, str);
--- a/src/test_repacketizer.c
+++ b/src/test_repacketizer.c
@@ -47,6 +47,11 @@
if (strcmp(argv[i], "-merge")==0)
{merge = atoi(argv[i+1]);
+ if(merge<1)
+ {+ fprintf(stderr, "-merge parameter must be at least 1.\n");
+ return 1;
+ }
i++;
} else if (strcmp(argv[i], "-split")==0)
split = 1;
@@ -58,7 +63,17 @@
}
}
fin = fopen(argv[argc-2], "r");
+ if(fin==NULL)
+ {+ fprintf(stderr, "Error opening input file: %s\n", argv[argc-2]);
+ return 1;
+ }
fout = fopen(argv[argc-1], "w");
+ if(fout==NULL)
+ {+ fprintf(stderr, "Error opening output file: %s\n", argv[argc-1]);
+ return 1;
+ }
rp = opus_repacketizer_create();
while (!eof)
@@ -75,9 +90,12 @@
if (len[i]>1500 || len[i]<0)
{if (feof(fin))
+ {eof = 1;
- else
+ } else {fprintf(stderr, "Invalid payload length\n");
+ return 1;
+ }
break;
}
err = fread(ch, 1, 4, fin);