[FFmpeg-devel] [PATCH 2/3] lavu/fifo: clarify interaction of AV_FIFO_FLAG_AUTO_GROW with av_fifo_can_write()

Tue Aug 30 17:07:43 EEST 2022

Quoting James Almer (2022-08-30 14:56:45)
> > 
> > I disagree that this is a break.
> > 
> > The issue in my view is that 'can be written' is ambiguous here, so we
> > are interpreting it differently. Your interpretation is apparently
> > 'maximum number of elements for which a write can possibly succeeed',
> > whereas my intended interpretation was 'maximum number of elements for
> > which a write is always guaranteed to succeed'.
> 
> IMO it's not really ambiguous. If you don't state that's the intention, 
> which you're doing in this patch, then "can be written" has one literal 
> meaning.

I would disagree here. Consider an autogrowing fifo in an out-of-memory
situation. What "can be written" into it?

> > One of these interpretations is correct, because it matches the actual
> > behaviour. So the right solution IMO is to clarify the documentation so
> > it is no longer ambiguous, but I do not consider this an API break.
> 
> av_fifo_write() says "In case nb_elems > av_fifo_can_write(f), nothing 
> is written and an error is returned.", which is definitely not 
> ambiguous, and you're changing it in patch 3/3 to include the case where 
> having enabled autogrow could result in the function succeeding when 
> nb_elems > av_fifo_can_write(f).

That is quite clearly a bug in the documentation IMO. That line was not
present in the original patches I sent, but added at some time later in
the development (don't remember whether by myself or Andreas); then
whichever of us added it forgot to update it in the patch adding
AV_FIFO_FLAG_AUTO_GROW.

> The behavior of the function remains intact, but a library user reading 
> the documentation in ffmpeg 5.1 and the documentation in what will be 
> 5.2 after this patch could rightly assume the function was changed and 
> will behave differently between versions (Which is not the case, but to 
> find out you'll have to read the implementation, or the git history, or 
> test code with both versions). So this is technically an API break.

Technically yes, but the unfortunate fact of the matter is that our
API documentation simply is not, and never was, sufficiently complete
and precise to be the sole source of truth. Plenty of things are
missing, obsolete, inconsistent, and sometimes just wrong. I wish it
were otherwise, and I believe the situation is slowly improving, but we
just don't have the resources to make our docs anywhere close to
perfect any time soon. So unfortunately people have to test their code,
and testing in this case would immediately reveal how it actually works.

As a consequence we have to be pragmatic when choosing whether to change
code to match the docs or vice versa.

> 
> > 
> > More generally:
> > - a FIFO conceptually has a well-defined size at any given moment
> > - that size is can_read() + can_write()
> 
> But this could (should?) have been av_fifo_size2(). That way can_write() 
> could effectively become a generic "can write", instead of begin stuck 
> as "can write without the chance of failure".

Maybe, but it's a bit late for that. Actually I remember considering an
av_fifo_size2(), but then decided against it, probably because it could
confuse people into thinking it's like av_fifo_size(), which it most
definitely is not.

-- 
Anton Khirnov