This text is concerned with the development of FFmpeg itself. Information on using the FFmpeg libraries in other programs can be found elsewhere, e.g. in:
For more detailed legal information about the use of FFmpeg in external programs read the ‘LICENSE’ file in the source tree and consult https://ffmpeg.org/legal.html.
If you modify FFmpeg code for your own use case, you are highly encouraged to submit your changes back to us, using this document as a guide. There are both pragmatic and ideological reasons to do so:
All proposed code changes should be submitted for review to the development mailing list, as described in more detail in the Submitting patches chapter. The code should comply with the Development Policy and follow the Coding Rules. The developer making the commit and the author are responsible for their changes and should try to fix issues their commit causes.
FFmpeg is mainly programmed in the ISO C99 language, extended with:
Compiler-specific extensions may be used with good reason, but must not be depended on, i.e. the code must still compile and work with compilers lacking the extension.
The following C99 features must not be used anywhere in the codebase:
As modern compilers are unable to generate efficient SIMD or other performance-critical DSP code from plain C, handwritten assembly is used. Usually such code is isolated in a separate function. Then the standard approach is writing multiple versions of this function – a plain C one that works everywhere and may also be useful for debugging, and potentially multiple architecture-specific optimized implementations. Initialization code then chooses the best available version at runtime and loads it into a function pointer; the function in question is then always called through this pointer.
The specific syntax used for writing assembly is:
A unit testing framework for assembly called checkasm
lives under
‘tests/checkasm’. All new assembly should come with checkasm
tests;
adding tests for existing assembly that lacks them is also strongly encouraged.
Other languages than C may be used in special cases:
There are the following guidelines regarding the indentation in files:
The presentation is one inspired by ’indent -i4 -kr -nut’.
In order to configure Vim to follow FFmpeg formatting conventions, paste the following snippet into your ‘.vimrc’:
" indentation rules for FFmpeg: 4 spaces, no tabs set expandtab set shiftwidth=4 set softtabstop=4 set cindent set cinoptions=(0 " Allow tabs in Makefiles. autocmd FileType make,automake set noexpandtab shiftwidth=8 softtabstop=8 " Trailing whitespace and tabs are forbidden, so highlight them. highlight ForbiddenWhitespace ctermbg=red guibg=red match ForbiddenWhitespace /\s\+$\|\t/ " Do not highlight spaces at the end of line while typing on that line. autocmd InsertEnter * match ForbiddenWhitespace /\t\|\s\+\%#\@<!$/
For Emacs, add these roughly equivalent lines to your ‘.emacs.d/init.el’:
(c-add-style "ffmpeg" '("k&r" (c-basic-offset . 4) (indent-tabs-mode . nil) (show-trailing-whitespace . t) (c-offsets-alist (statement-cont . (c-lineup-assignments +))) ) ) (setq c-default-style "ffmpeg")
Use the JavaDoc/Doxygen format (see examples below) so that code documentation can be generated automatically. All nontrivial functions should have a comment above them explaining what the function does, even if it is just one sentence. All structures and their member variables should be documented, too.
Avoid Qt-style and similar Doxygen syntax with !
in it, i.e. replace
//!
with ///
and similar. Also @ syntax should be employed
for markup commands, i.e. use @param
and not \param
.
/** * @file * MPEG codec. * @author ... */ /** * Summary sentence. * more text ... * ... */ typedef struct Foobar { int var1; /**< var1 description */ int var2; ///< var2 description /** var3 description */ int var3; } Foobar; /** * Summary sentence. * more text ... * ... * @param my_parameter description of my_parameter * @return return value description */ int myfunc(int my_parameter) ...
Names of functions, variables, and struct members must be lowercase, using underscores (_) to separate words. For example, ‘avfilter_get_video_buffer’ is an acceptable function name and ‘AVFilterGetVideo’ is not.
Struct, union, enum, and typedeffed type names must use CamelCase. All structs
and unions should be typedeffed to the same name as the struct/union tag, e.g.
typedef struct AVFoo { ... } AVFoo;
. Enums are typically not
typedeffed.
Enumeration constants and macros must be UPPERCASE, except for macros masquerading as functions, which should use the function naming convention.
All identifiers in the libraries should be namespaced as follows:
ff_
prefix must be used for variables and functions visible outside
of file scope, but only used internally within a single library, e.g.
‘ff_w64_demuxer’. This prevents name collisions when FFmpeg is statically
linked.
avpriv_
as prefix, for example,
‘avpriv_report_missing_feature’.
H264_NAL_SPS
vs. HEVC_NAL_SPS
.
av_
(avformat_
for libavformat,
avcodec_
for libavcodec, swr_
for libswresample, etc).
Check the existing code and choose names accordingly.
AV
, Sws
, or Swr
).
Furthermore, name space reserved for the system should not be invaded.
Identifiers ending in _t
are reserved by
POSIX.
Also avoid names starting with __
or _
followed by an uppercase
letter as they are reserved by the C standard. Names starting with _
are reserved at the file level and may not be used for externally visible
symbols. If in doubt, just avoid names starting with _
altogether.
The code must be valid. It must not crash, abort, access invalid pointers, leak memory, cause data races or signed integer overflow, or otherwise cause undefined behaviour. Error codes should be checked and, when applicable, forwarded to the caller.
Our libraries may be called by multiple independent callers in the same process. These calls may happen from any number of threads and the different call sites may not be aware of each other - e.g. a user program may be calling our libraries directly, and use one or more libraries that also call our libraries. The code must behave correctly under such conditions.
The code must treat as untrusted any bytestream received from a caller or read
from a file, network, etc. It must not misbehave when arbitrary data is sent to
it - typically it should print an error message and return
AVERROR_INVALIDDATA
on encountering invalid input data.
The code must use the av_malloc()
family of functions from
‘libavutil/mem.h’ to perform all memory allocation, except in special cases
(e.g. when interacting with an external library that requires a specific
allocator to be used).
All allocations should be checked and AVERROR(ENOMEM)
returned on
failure. A common mistake is that error paths leak memory - make sure that does
not happen.
Our libraries must not access the stdio streams stdin/stdout/stderr directly
(e.g. via printf()
family of functions), as that is not library-safe. For
logging, use av_log()
.
Contributions should be licensed under the LGPL 2.1, including an "or any later version" clause, or, if you prefer a gift-style license, the ISC or MIT license. GPL 2 including an "or any later version" clause is also acceptable, but LGPL is preferred. If you add a new file, give it a proper license header. Do not copy and paste it from a random place, use an existing file as template.
This means unfinished code which is enabled and breaks compilation, or compiles but does not work/breaks the regression tests. Code which is unfinished but disabled may be permitted under-circumstances, like missing samples or an implementation with a small subset of features. Always check the mailing list for any reviewers with issues and test FATE before you push.
Commit messages are highly important tools for informing other developers on what a given change does and why. Every commit must always have a properly filled out commit message with the following format:
area changed: short 1 line description details describing what and why and giving references.
If the commit addresses a known bug on our bug tracker or other external issue (e.g. CVE), the commit message should include the relevant bug ID(s) or other external identifiers. Note that this should be done in addition to a proper explanation and not instead of it. Comments such as "fixed!" or "Changed it." are not acceptable.
When applying patches that have been discussed at length on the mailing list, reference the thread in the commit message.
If it works for you, others, and passes FATE then it should be OK to commit it, provided it fits the other committing criteria. You should not worry about over-testing things. If your code has problems (portability, triggers compiler bugs, unusual environment etc) they will be reported and eventually fixed.
They should be split them into self-contained pieces. Also do not forget that if part B depends on part A, but A does not depend on B, then A can and should be committed first and separate from B. Keeping changes well split into self-contained parts makes reviewing and understanding them on the commit log mailing list easier. This also helps in case of debugging later on. Also if you have doubts about splitting or not splitting, do not hesitate to ask/discuss it on the developer mailing list.
We refuse source indentation and other cosmetic changes if they are mixed with functional changes, such commits will be rejected and removed. Every developer has his own indentation style, you should not change it. Of course if you (re)write something, you can use your own style, even though we would prefer if the indentation throughout FFmpeg was consistent (Many projects force a given indentation style - we do not.). If you really need to make indentation changes (try to avoid this), separate them strictly from real changes.
NOTE: If you had to put if(){ .. } over a large (> 5 lines) chunk of code, then either do NOT change the indentation of the inner part within (do not move it to the right)! or do so in a separate commit
Make sure the author of the commit is set correctly. (see git commit –author) If you apply a patch, send an answer to ffmpeg-devel (or wherever you got the patch from) saying that you applied the patch.
If a commit/patch fixes an issues found by some researcher, always credit the researcher in the commit message for finding/reporting the issue.
Do NOT commit to code actively maintained by others without permission. Send a patch to ffmpeg-devel. If no one answers within a reasonable time-frame (12h for build failures and security fixes, 3 days small changes, 1 week for big patches) then commit your patch if you think it is OK. Also note, the maintainer can simply ask for more time to review!
Compiler warnings indicate potential bugs or code with bad style. If a type of warning always points to correct and clean code, that warning should be disabled, not the code changed. Thus the remaining warnings can either be bugs or correct code. If it is a bug, the bug has to be fixed. If it is not, the code should be changed to not generate a warning unless that causes a slowdown or obfuscates the code.
Every library in FFmpeg provides a set of public APIs in its installed headers,
which are those listed in the variable HEADERS
in that library’s
‘Makefile’. All identifiers defined in those headers (except for those
explicitly documented otherwise), and corresponding symbols exported from
compiled shared or static libraries are considered public interfaces and must
comply with the API and ABI compatibility rules described in this section.
Public APIs must be backward compatible within a given major version. I.e. any valid user code that compiles and works with a given library version must still compile and work with any later version, as long as the major version number is unchanged. "Valid user code" here means code that is calling our APIs in a documented and/or intended manner and is not relying on any undefined behavior. Incrementing the major version may break backward compatibility, but only to the extent described in Major version bumps.
We also guarantee backward ABI compatibility for shared and static libraries. I.e. it should be possible to replace a shared or static build of our library with a build of any later version (re-linking the user binary in the static case) without breaking any valid user binaries, as long as the major version number remains unchanged.
Any new public identifiers in installed headers are considered new API - this includes new functions, structs, macros, enum values, typedefs, new fields in existing structs, new installed headers, etc. Consider the following guidelines when adding new APIs.
While new APIs can be added relatively easily, changing or removing them is much harder due to abovementioned compatibility requirements. You should then consider carefully whether the functionality you are adding really needs to be exposed to our callers as new public API.
Your new API should have at least one well-established use case outside of the library that cannot be easily achieved with existing APIs. Every library in FFmpeg also has a defined scope - your new API must fit within it.
If your new API is replacing an existing one, it should be strictly superior to it, so that the advantages of using the new API outweight the cost to the callers of changing their code. After adding the new API you should then deprecate the old one and schedule it for removal, as described in Removing interfaces.
If you deem an existing API deficient and want to fix it, the preferred approach in most cases is to add a differently-named replacement and deprecate the existing API rather than modify it. It is important to make the changes visible to our callers (e.g. through compile- or run-time deprecation warnings) and make it clear how to transition to the new API (e.g. in the Doxygen documentation or on the wiki).
The FFmpeg libraries are used by a variety of callers to perform a wide range of multimedia-related processing tasks. You should therefore - within reason - try to design your new API for the broadest feasible set of use cases and avoid unnecessarily limiting it to a specific type of callers (e.g. just media playback or just transcoding).
Check whether similar APIs already exist in FFmpeg. If they do, try to model your new addition on them to achieve better overall consistency.
The naming of your new identifiers should follow the Naming conventions and be aligned with other similar APIs, if applicable.
You should also consider how your API might be extended in the future in a
backward-compatible way. If you are adding a new struct AVFoo
, the
standard approach is requiring the caller to always allocate it through a
constructor function, typically named av_foo_alloc()
. This way new fields
may be added to the end of the struct without breaking ABI compatibility.
Typically you will also want a destructor - av_foo_free(AVFoo**)
that
frees the indirectly supplied object (and its contents, if applicable) and
writes NULL
to the supplied pointer, thus eliminating the potential
dangling pointer in the caller’s memory.
If you are adding new functions, consider whether it might be desirable to tweak their behavior in the future - you may want to add a flags argument, even though it would be unused initially.
All new APIs must be documented as Doxygen-formatted comments above the identifiers you add to the public headers. You should also briefly mention the change in ‘doc/APIchanges’.
Backward-incompatible API or ABI changes require incrementing (bumping) the
major version number, as described in Major version bumps. Major
bumps are significant events that happen on a schedule - so if your change
strictly requires one you should add it under #if
preprocesor guards that
disable it until the next major bump happens.
New APIs that can be added without breaking API or ABI compatibility require bumping the minor version number.
Incrementing the third (micro) version component means a noteworthy binary compatible change (e.g. encoder bug fix that matters for the decoder). The third component always starts at 100 to distinguish FFmpeg from Libav.
Due to abovementioned compatibility guarantees, removing APIs is an involved process that should only be undertaken with good reason. Typically a deficient, restrictive, or otherwise inadequate API is replaced by a superior one, though it does at times happen that we remove an API without any replacement (e.g. when the feature it provides is deemed not worth the maintenance effort, out of scope of the project, fundamentally flawed, etc.).
The removal has two steps - first the API is deprecated and scheduled for removal, but remains present and functional. The second step is actually removing the API - this is described in Major version bumps.
To deprecate an API you should signal to our users that they should stop using
it. E.g. if you intend to remove struct members or functions, you should mark
them with attribute_deprecated
. When this cannot be done, it may be
possible to detect the use of the deprecated API at runtime and print a warning
(though take care not to print it too often). You should also document the
deprecation (and the replacement, if applicable) in the relevant Doxygen
documentation block.
Finally, you should define a deprecation guard along the lines of
#define FF_API_<FOO> (LIBAVBAR_VERSION_MAJOR < XX)
(where XX is the major
version in which the API will be removed) in ‘libavbar/version_major.h’
(‘version.h’ in case of libavutil
). Then wrap all uses of the
deprecated API in #if FF_API_<FOO> .... #endif
, so that the code will
automatically get disabled once the major version reaches XX. You can also use
FF_DISABLE_DEPRECATION_WARNINGS
and FF_ENABLE_DEPRECATION_WARNINGS
to suppress compiler deprecation warnings inside these guards. You should test
that the code compiles and works with the guard macro evaluating to both true
and false.
A major version bump signifies an API and/or ABI compatibility break. To reduce the negative effects on our callers, who are required to adapt their code, backward-incompatible changes during a major bump should be limited to:
It is important to be subscribed to the ffmpeg-devel mailing list. Almost any non-trivial patch is to be sent there for review. Other developers may have comments about your contribution. We expect you see those comments, and to improve it if requested. (N.B. Experienced committers have other channels, and may sometimes skip review for trivial fixes.) Also, discussion here about bug fixes and FFmpeg improvements by other developers may be helpful information for you. Finally, by being a list subscriber, your contribution will be posted immediately to the list, without the moderation hold which messages from non-subscribers experience.
However, it is more important to the project that we receive your patch than that you be subscribed to the ffmpeg-devel list. If you have a patch, and don’t want to subscribe and discuss the patch, then please do send it to the list anyway.
Diffs of all commits are sent to the ffmpeg-cvslog mailing list. Some developers read this list to review all code base changes from all sources. Subscribing to this list is not mandatory.
Update the documentation if you change behavior or add features. If you are unsure how best to do this, send a patch to ffmpeg-devel, the documentation maintainer(s) will review and commit your stuff.
Try to keep important discussions and requests (also) on the public developer mailing list, so that all developers can benefit from them.
Make sure that no parts of the codebase that you maintain are missing from the ‘MAINTAINERS’ file. If something that you want to maintain is missing add it with your name after it. If at some point you no longer want to maintain some code, then please help in finding a new maintainer and also don’t forget to update the ‘MAINTAINERS’ file.
We think our rules are not too hard. If you have comments, contact us.
First, read the Coding Rules above if you did not yet, in particular the rules regarding patch submission.
When you submit your patch, please use git format-patch
or
git send-email
. We cannot read other diffs :-).
Also please do not submit a patch which contains several unrelated changes. Split it into separate, self-contained pieces. This does not mean splitting file by file. Instead, make the patch as small as possible while still keeping it as a logical unit that contains an individual change, even if it spans multiple files. This makes reviewing your patches much easier for us and greatly increases your chances of getting your patch applied.
Use the patcheck tool of FFmpeg to check your patch. The tool is located in the tools directory.
Run the Regression tests before submitting a patch in order to verify it does not cause unexpected problems.
It also helps quite a bit if you tell us what the patch does (for example ’replaces lrint by lrintf’), and why (for example ’*BSD isn’t C99 compliant and has no lrint()’)
Also please if you send several patches, send each patch as a separate mail, do not attach several unrelated patches to the same mail.
Patches should be posted to the
ffmpeg-devel
mailing list. Use git send-email
when possible since it will properly
send patches without requiring extra care. If you cannot, then send patches
as base64-encoded attachments, so your patch is not trashed during
transmission. Also ensure the correct mime type is used
(text/x-diff or text/x-patch or at least text/plain) and that only one
patch is inline or attached per mail.
You can check https://patchwork.ffmpeg.org, if your patch does not show up, its mime type
likely was wrong.
Please see https://git-send-email.io/. For gmail additionally see https://shallowsky.com/blog/tech/email/gmail-app-passwds.html.
Using git send-email
might not be desirable for everyone. The
following trick allows to send patches via email clients in a safe
way. It has been tested with Outlook and Thunderbird (with X-Unsent
extension) and might work with other applications.
Create your patch like this:
git format-patch -s -o "outputfolder" --add-header "X-Unsent: 1" --suffix .eml --to ffmpeg-devel@ffmpeg.org -1 1a2b3c4d
Now you’ll just need to open the eml file with the email application and execute ’Send’.
Your patch will be reviewed on the mailing list. You will likely be asked to make some changes and are expected to send in an improved version that incorporates the requests from the review. This process may go through several iterations. Once your patch is deemed good enough, some developer will pick it up and commit it to the official FFmpeg tree.
Give us a few days to react. But if some time passes without reaction, send a reminder by email. Your patch should eventually be dealt with.
git add
the appropriate files before committing?
configure --disable-everything --enable-decoder=foo
(or --enable-demuxer
or whatever your component is)?
make fate
pass with the patch applied?
git commit -s
)
See Sign your work for the meaning
of sign-off.
All patches posted to ffmpeg-devel will be reviewed, unless they contain a clear note that the patch is not for the git master branch. Reviews and comments will be posted as replies to the patch on the mailing list. The patch submitter then has to take care of every comment, that can be by resubmitting a changed patch or by discussion. Resubmitted patches will themselves be reviewed like any other patch. If at some point a patch passes review with no comments then it is approved, that can for simple and small patches happen immediately while large patches will generally have to be changed and reviewed many times before they are approved. After a patch is approved it will be committed to the repository.
We will review all submitted patches, but sometimes we are quite busy so especially for large patches this can take several weeks.
If you feel that the review process is too slow and you are willing to try to take over maintainership of the area of code you change then just clone git master and maintain the area of code there. We will merge each area from where its best maintained.
When resubmitting patches, please do not make any significant changes not related to the comments received during review. Such patches will be rejected. Instead, submit significant changes or new features as separate patches.
Everyone is welcome to review patches. Also if you are waiting for your patch to be reviewed, please consider helping to review other patches, that is a great way to get everyone’s patches reviewed sooner.
Before submitting a patch (or committing to the repository), you should at least test that you did not break anything.
Running ’make fate’ accomplishes this, please see fate.html for details.
[Of course, some patches may change the results of the regression tests. In this case, the reference results of the regression tests shall be modified accordingly].
If you need a sample uploaded send a mail to samples-request.
When there is no muxer or encoder available to generate test media for a specific test then the media has to be included in the fate-suite. First please make sure that the sample file is as small as possible to test the respective decoder or demuxer sufficiently. Large files increase network bandwidth and disk space requirements. Once you have a working fate test and fate sample, provide in the commit message or introductory message for the patch series that you post to the ffmpeg-devel mailing list, a direct link to download the sample media.
The FFmpeg build system allows visualizing the test coverage in an easy
manner with the coverage tools gcov
/lcov
. This involves
the following steps:
configure --toolchain=gcov
.
make lcov
to generate coverage data in HTML format.
lcov/index.html
in your preferred HTML viewer.
You can use the command make lcov-reset
to reset the coverage
measurements. You will need to rerun make lcov
after running a
new test.
The configure script provides a shortcut for using valgrind to spot bugs
related to memory handling. Just add the option
--toolchain=valgrind-memcheck
or --toolchain=valgrind-massif
to your configure line, and reasonable defaults will be set for running
FATE under the supervision of either the memcheck or the
massif tool of the valgrind suite.
In case you need finer control over how valgrind is invoked, use the
--target-exec='valgrind <your_custom_valgrind_options>
option in
your configure line instead.
FFmpeg maintains a set of release branches, which are the recommended deliverable for system integrators and distributors (such as Linux distributions, etc.). At regular times, a release manager prepares, tests and publishes tarballs on the https://ffmpeg.org website.
There are two kinds of releases:
release/X
, with X
being the release
version number.
Note that we promise to our users that shared libraries from any FFmpeg release never break programs that have been compiled against previous versions of the same release series in any case!
However, from time to time, we do make API changes that require adaptations in applications. Such changes are only allowed in (new) major releases and require further steps such as bumping library version numbers and/or adjustments to the symbol versioning file. Please discuss such changes on the ffmpeg-devel mailing list in time to allow forward planning.
Changes that match the following criteria are valid candidates for inclusion into a point release:
The order for checking the rules is (1 OR 2 OR 3) AND 4.
The release process involves the following steps:
bz2
and gz
formats, and
supplementing files that contain gpg
signatures
nX
, with X
containing the version number.