Re: [FFmpeg-devel] [PATCH] avutil/hwcontext_cuda: check that the SDK defines cuCtxGetCurrent()
On 9/30/2023 11:06 PM, James Almer wrote:
Fixes compilation after 05f8b2ca0f7e28775837a572c65ce9218f534ee2
Signed-off-by: James Almer
---
libavutil/hwcontext_cuda.c | 4
libavutil/hwcontext_cuda_internal.h | 9 +
2 files changed, 13 insertions(+)
diff --git a/libavutil/hwcontext_cuda.c b/libavutil/hwcontext_cuda.c
index 0312d3b9d7..4f55f6441d 100644
--- a/libavutil/hwcontext_cuda.c
+++ b/libavutil/hwcontext_cuda.c
@@ -362,10 +362,14 @@ static int cuda_context_init(AVHWDeviceContext
*device_ctx, int flags) {
if (ret < 0)
return ret;
} else if (flags & AV_CUDA_USE_CURRENT_CONTEXT) {
+#if NVDECAPI_CHECK_VERSION(12, 1)
Actually no, this check is not enough as cuCtxGetCurrent() was added to
ffnvcodec headers after the version bump to 12.1
Either we leave things as is and expect to get people to update their
headers until a new SDK version is released, its changes merged and
version bumped, or revert the implementation bits of 05f8b2ca0f, leaving
only the API in place. AVERROR(ENOSYS) would then be returned any time
AV_CUDA_USE_CURRENT_CONTEXT is requested regardless of what headers are
present at compile time.
ret = CHECK_CU(cu->cuCtxGetCurrent(>cuda_ctx));
if (ret < 0)
return ret;
av_log(device_ctx, AV_LOG_INFO, "Using current CUDA context.\n");
+#else
+return AVERROR(ENOSYS);
+#endif
} else {
ret = CHECK_CU(cu->cuCtxCreate(>cuda_ctx, desired_flags,
hwctx->internal->cuda_device));
diff --git a/libavutil/hwcontext_cuda_internal.h
b/libavutil/hwcontext_cuda_internal.h
index d5633c58d5..fe0963b4e5 100644
--- a/libavutil/hwcontext_cuda_internal.h
+++ b/libavutil/hwcontext_cuda_internal.h
@@ -28,6 +28,15 @@
* FFmpeg internal API for CUDA.
*/
+#if defined(NVDECAPI_MAJOR_VERSION) && defined(NVDECAPI_MINOR_VERSION)
+# define NVDECAPI_CHECK_VERSION(major, minor) \
+((major) < NVDECAPI_MAJOR_VERSION || ((major) == NVDECAPI_MAJOR_VERSION &&
(minor) <= NVDECAPI_MINOR_VERSION))
+#else
+/* version macros were added in SDK 8.1 ffnvcodec */
+# define NVDECAPI_CHECK_VERSION(major, minor) \
+((major) < 8 || ((major) == 8 && (minor) <= 0))
+#endif
+
struct AVCUDADeviceContextInternal {
CudaFunctions *cuda_dl;
int is_allocated;
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-devel] [freezedetect filter] discard frozen frames option ever added?
[Apologies for the cross-post from User list, but in retrospect, I thought
the post was better placed here]
I'm trying to remove frozen frames from a video with gaps in the input
stream, and the freezedetect filter appears to accurately find/list those
sections.
I was hoping to use the results of freezedetect to trim those sections of
video, and there was a freezedetect "discard" ("f") option in the dev
builds a few years back which appears to do exactly that (
https://patchwork.ffmpeg.org/project/ffmpeg/patch/20191008035428.19474-1-lance.lmw...@gmail.com/#46233
)
It doesn't seem to have made its way into any of the builds (including dev
branches) as far as I can find, and it's definitely not in the official
docs.
To my untrained eye, the patch looks complete, though possibly abandoned.
is there any chance of it being incorporated into the mainline source? It
would be quite useful.
--
ub
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-devel] [PATCH] avutil/hwcontext_cuda: check that the SDK defines cuCtxGetCurrent()
Fixes compilation after 05f8b2ca0f7e28775837a572c65ce9218f534ee2
Signed-off-by: James Almer
---
libavutil/hwcontext_cuda.c | 4
libavutil/hwcontext_cuda_internal.h | 9 +
2 files changed, 13 insertions(+)
diff --git a/libavutil/hwcontext_cuda.c b/libavutil/hwcontext_cuda.c
index 0312d3b9d7..4f55f6441d 100644
--- a/libavutil/hwcontext_cuda.c
+++ b/libavutil/hwcontext_cuda.c
@@ -362,10 +362,14 @@ static int cuda_context_init(AVHWDeviceContext
*device_ctx, int flags) {
if (ret < 0)
return ret;
} else if (flags & AV_CUDA_USE_CURRENT_CONTEXT) {
+#if NVDECAPI_CHECK_VERSION(12, 1)
ret = CHECK_CU(cu->cuCtxGetCurrent(>cuda_ctx));
if (ret < 0)
return ret;
av_log(device_ctx, AV_LOG_INFO, "Using current CUDA context.\n");
+#else
+return AVERROR(ENOSYS);
+#endif
} else {
ret = CHECK_CU(cu->cuCtxCreate(>cuda_ctx, desired_flags,
hwctx->internal->cuda_device));
diff --git a/libavutil/hwcontext_cuda_internal.h
b/libavutil/hwcontext_cuda_internal.h
index d5633c58d5..fe0963b4e5 100644
--- a/libavutil/hwcontext_cuda_internal.h
+++ b/libavutil/hwcontext_cuda_internal.h
@@ -28,6 +28,15 @@
* FFmpeg internal API for CUDA.
*/
+#if defined(NVDECAPI_MAJOR_VERSION) && defined(NVDECAPI_MINOR_VERSION)
+# define NVDECAPI_CHECK_VERSION(major, minor) \
+((major) < NVDECAPI_MAJOR_VERSION || ((major) == NVDECAPI_MAJOR_VERSION &&
(minor) <= NVDECAPI_MINOR_VERSION))
+#else
+/* version macros were added in SDK 8.1 ffnvcodec */
+# define NVDECAPI_CHECK_VERSION(major, minor) \
+((major) < 8 || ((major) == 8 && (minor) <= 0))
+#endif
+
struct AVCUDADeviceContextInternal {
CudaFunctions *cuda_dl;
int is_allocated;
--
2.42.0
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
Re: [FFmpeg-devel] [PATCH 12/15] avformat/westwood_vqa: Do not leave vqfl_chunk_size invalid
On Sun, Oct 01, 2023 at 12:30:43AM +0200, Michael Niedermayer wrote: > Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in type > 'int' > Fixes: > 51896/clusterfuzz-testcase-minimized-ffmpeg_dem_WSVQA_fuzzer-4613908817903616 > > Found-by: continuous fuzzing process > https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > Signed-off-by: Michael Niedermayer > --- > libavformat/westwood_vqa.c | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) patch withdrawn, i had written and submitted an alternative patch a year ago and then forgot to apply it it seems [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB Into a blind darkness they enter who follow after the Ignorance, they as if into a greater darkness enter who devote themselves to the Knowledge alone. -- Isha Upanishad signature.asc Description: PGP signature ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-devel] [PATCH 10/15] avformat/wavdec: Check left avio_tell for overflow
Fixes: signed integer overflow: 155 + 9223372036854775655 cannot be represented in type 'long' Fixes: 51896/clusterfuzz-testcase-minimized-ffmpeg_dem_W64_fuzzer-5364032278495232 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer --- libavformat/wavdec.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/libavformat/wavdec.c b/libavformat/wavdec.c index 97e69ab2ee4..b145e980414 100644 --- a/libavformat/wavdec.c +++ b/libavformat/wavdec.c @@ -767,6 +767,8 @@ smv_out: goto smv_retry; return AVERROR_EOF; } +if (INT64_MAX - left < avio_tell(s->pb)) +return AVERROR_INVALIDDATA; wav->data_end = avio_tell(s->pb) + left; } -- 2.17.1 ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-devel] [PATCH 15/15] avcodec/h264_parser: saturate dts a bit
Fixes: signed integer overflow: 0 - -9223372036854775808 cannot be represented
in type 'long'
Fixes:
51896/clusterfuzz-testcase-minimized-ffmpeg_IO_DEMUXER_fuzzer-6112289464123392
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer
---
libavcodec/h264_parser.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/libavcodec/h264_parser.c b/libavcodec/h264_parser.c
index 43abc45f9cd..6ab8f659cb6 100644
--- a/libavcodec/h264_parser.c
+++ b/libavcodec/h264_parser.c
@@ -646,10 +646,10 @@ static int h264_parse(AVCodecParserContext *s,
int64_t num = time_base.num * (int64_t)avctx->pkt_timebase.den;
if (s->dts != AV_NOPTS_VALUE) {
// got DTS from the stream, update reference timestamp
-p->reference_dts = s->dts - av_rescale(s->dts_ref_dts_delta,
num, den);
+p->reference_dts = av_sat_sub64(s->dts,
av_rescale(s->dts_ref_dts_delta, num, den));
} else if (p->reference_dts != AV_NOPTS_VALUE) {
// compute DTS based on reference timestamp
-s->dts = p->reference_dts + av_rescale(s->dts_ref_dts_delta,
num, den);
+s->dts = av_sat_add64(p->reference_dts,
av_rescale(s->dts_ref_dts_delta, num, den));
}
if (p->reference_dts != AV_NOPTS_VALUE && s->pts == AV_NOPTS_VALUE)
--
2.17.1
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-devel] [PATCH 09/15] avformat/tta: Better totalframes check
Fixes: signed integer overflow: 4 * 740491135 cannot be represented in type
'int'
Fixes:
51896/clusterfuzz-testcase-minimized-ffmpeg_dem_TTA_fuzzer-6298893367508992
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer
---
libavformat/tta.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavformat/tta.c b/libavformat/tta.c
index 21830459401..54776540142 100644
--- a/libavformat/tta.c
+++ b/libavformat/tta.c
@@ -91,7 +91,7 @@ static int tta_read_header(AVFormatContext *s)
c->totalframes = nb_samples / c->frame_size + (c->last_frame_size <
c->frame_size);
c->currentframe = 0;
-if(c->totalframes >= UINT_MAX/sizeof(uint32_t) || c->totalframes <= 0){
+if(c->totalframes >= (INT_MAX - 4)/sizeof(uint32_t) || c->totalframes <=
0){
av_log(s, AV_LOG_ERROR, "totalframes %d invalid\n", c->totalframes);
return AVERROR_INVALIDDATA;
}
--
2.17.1
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-devel] [PATCH 14/15] avformat/asfdec_f: Saturate presentation time in marker
Fixes: signed integer overflow: -9223372036315799520 - 3873890816 cannot be represented in type 'long' Fixes: 51896/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5009302746431488 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer --- libavformat/asfdec_f.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libavformat/asfdec_f.c b/libavformat/asfdec_f.c index 54059564670..a579c3e894b 100644 --- a/libavformat/asfdec_f.c +++ b/libavformat/asfdec_f.c @@ -674,7 +674,7 @@ static int asf_read_marker(AVFormatContext *s) avio_rl64(pb); // offset, 8 bytes pres_time = avio_rl64(pb); // presentation time -pres_time -= asf->hdr.preroll * 1; +pres_time = av_sat_sub64(pres_time, asf->hdr.preroll * 1); avio_rl16(pb); // entry length avio_rl32(pb); // send time avio_rl32(pb); // flags -- 2.17.1 ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-devel] [PATCH 08/15] avformat/sbgdec: Check for negative duration or un-representable end pts
Fixes: signed integer overflow: 9230955872951340 - -9223372036854775808 cannot
be represented in type 'long'
Fixes:
51896/clusterfuzz-testcase-minimized-ffmpeg_dem_SBG_fuzzer-6330481893572608
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer
---
libavformat/sbgdec.c | 7 +++
1 file changed, 7 insertions(+)
diff --git a/libavformat/sbgdec.c b/libavformat/sbgdec.c
index 73b5be9007d..b2662ea4188 100644
--- a/libavformat/sbgdec.c
+++ b/libavformat/sbgdec.c
@@ -1447,6 +1447,13 @@ static av_cold int sbg_read_header(AVFormatContext *avf)
st->duration = script.end_ts == AV_NOPTS_VALUE ? AV_NOPTS_VALUE :
av_rescale(script.end_ts - script.start_ts,
sbg->sample_rate, AV_TIME_BASE);
+
+if (st->duration != AV_NOPTS_VALUE && (
+st->duration < 0 || st->start_time > INT64_MAX - st->duration)) {
+r = AVERROR_INVALIDDATA;
+goto fail;
+}
+
sti->cur_dts = st->start_time;
r = encode_intervals(, st->codecpar, );
if (r < 0)
--
2.17.1
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-devel] [PATCH 13/15] avformat/xwma: sanity check bits_per_coded_sample
Fixes: signed integer overflow: 65312 * 524296 cannot be represented in type
'int'
Fixes:
51896/clusterfuzz-testcase-minimized-ffmpeg_dem_XWMA_fuzzer-659597144200
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer
---
libavformat/xwma.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavformat/xwma.c b/libavformat/xwma.c
index 12689f37fd7..b830f9ed75f 100644
--- a/libavformat/xwma.c
+++ b/libavformat/xwma.c
@@ -151,7 +151,7 @@ static int xwma_read_header(AVFormatContext *s)
st->codecpar->ch_layout.nb_channels);
return AVERROR_INVALIDDATA;
}
-if (!st->codecpar->bits_per_coded_sample) {
+if (!st->codecpar->bits_per_coded_sample ||
st->codecpar->bits_per_coded_sample > 64) {
av_log(s, AV_LOG_WARNING, "Invalid bits_per_coded_sample: %d\n",
st->codecpar->bits_per_coded_sample);
return AVERROR_INVALIDDATA;
--
2.17.1
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-devel] [PATCH 07/15] avformat/sbgdec: Check for period overflow
Fixes: signed integer overflow: 448124699617300 - -47785768200 cannot be represented in type 'long' Fixes: 51896/clusterfuzz-testcase-minimized-ffmpeg_dem_SBG_fuzzer-5063670588899328 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer --- libavformat/sbgdec.c | 5 - 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/libavformat/sbgdec.c b/libavformat/sbgdec.c index c1995759a8f..73b5be9007d 100644 --- a/libavformat/sbgdec.c +++ b/libavformat/sbgdec.c @@ -1273,7 +1273,10 @@ static int generate_intervals(void *log, struct sbg_script *s, int sample_rate, /* SBaGen handles the time before and after the extremal events, and the corresponding transitions, as if the sequence were cyclic with a 24-hours period. */ -period = s->events[s->nb_events - 1].ts - s->events[0].ts; +period = s->events[s->nb_events - 1].ts - (uint64_t)s->events[0].ts; +if (period < 0) +return AVERROR_INVALIDDATA; + period = (period + (DAY_TS - 1)) / DAY_TS * DAY_TS; period = FFMAX(period, DAY_TS); -- 2.17.1 ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-devel] [PATCH 12/15] avformat/westwood_vqa: Do not leave vqfl_chunk_size invalid
Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in type
'int'
Fixes:
51896/clusterfuzz-testcase-minimized-ffmpeg_dem_WSVQA_fuzzer-4613908817903616
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer
---
libavformat/westwood_vqa.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/libavformat/westwood_vqa.c b/libavformat/westwood_vqa.c
index e3d2e2668c4..18948d14ccc 100644
--- a/libavformat/westwood_vqa.c
+++ b/libavformat/westwood_vqa.c
@@ -194,8 +194,10 @@ static int wsvqa_read_packet(AVFormatContext *s,
* includes a whole frame as expected. */
wsvqa->vqfl_chunk_pos = avio_tell(pb);
wsvqa->vqfl_chunk_size = (int)(chunk_size);
-if (wsvqa->vqfl_chunk_size < 0 || wsvqa->vqfl_chunk_size > 3 * (1
<< 20))
+if (wsvqa->vqfl_chunk_size < 0 || wsvqa->vqfl_chunk_size > 3 * (1
<< 20)) {
+wsvqa->vqfl_chunk_size = 0;
return AVERROR_INVALIDDATA;
+}
/* We need a big seekback buffer because there can be SNxx, VIEW
and ZBUF
* chunks (<512 KiB total) in the stream before we read VQFR (<256
KiB) and
* seek back here. */
--
2.17.1
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-devel] [PATCH 06/15] avformat/rpl: Check for number_of_chunks overflow
Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int32_t' (aka 'int') Fixes: 51896/clusterfuzz-testcase-minimized-ffmpeg_dem_RPL_fuzzer-6086131095830528 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer --- libavformat/rpl.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/libavformat/rpl.c b/libavformat/rpl.c index 3ef6fda3862..eae0da891bc 100644 --- a/libavformat/rpl.c +++ b/libavformat/rpl.c @@ -268,6 +268,9 @@ static int rpl_read_header(AVFormatContext *s) "Video stream will be broken!\n", av_fourcc2str(vst->codecpar->codec_tag)); number_of_chunks = read_line_and_int(pb, ); // number of chunks in the file +if (number_of_chunks == INT_MAX) +return AVERROR_INVALIDDATA; + // The number in the header is actually the index of the last chunk. number_of_chunks++; -- 2.17.1 ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-devel] [PATCH 11/15] avformat/matroskadec: Check prebuffered_ns for overflow
Fixes: signed integer overflow: 9223372036630775808 + 10 cannot be represented in type 'long' Fixes: 51896/clusterfuzz-testcase-minimized-ffmpeg_dem_WEBM_DASH_MANIFEST_fuzzer-5406131992526848 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer --- libavformat/matroskadec.c | 6 +- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/libavformat/matroskadec.c b/libavformat/matroskadec.c index 941c0bcdc9f..ae8823ae58e 100644 --- a/libavformat/matroskadec.c +++ b/libavformat/matroskadec.c @@ -4537,13 +4537,17 @@ static int64_t webm_dash_manifest_compute_bandwidth(AVFormatContext *s, int64_t int64_t prebuffer_ns = 10; int64_t time_ns = sti->index_entries[i].timestamp * matroska->time_scale; double nano_seconds_per_second = 10.0; -int64_t prebuffered_ns = time_ns + prebuffer_ns; +int64_t prebuffered_ns; double prebuffer_bytes = 0.0; int64_t temp_prebuffer_ns = prebuffer_ns; int64_t pre_bytes, pre_ns; double pre_sec, prebuffer, bits_per_second; CueDesc desc_beg = get_cue_desc(s, time_ns, cues_start); +if (time_ns > INT64_MAX - prebuffer_ns) +return -1; +prebuffered_ns = time_ns + prebuffer_ns; + // Start with the first Cue. CueDesc desc_end = desc_beg; -- 2.17.1 ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-devel] [PATCH 05/15] avformat/mov: compute absolute dts difference without overflow in mov_find_next_sample()
Fixes: signed integer overflow: -9223372036854775808 - 922272641302200
cannot be represented in type 'long'
Fixes:
51896/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-5959420033761280
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer
---
libavformat/mov.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/libavformat/mov.c b/libavformat/mov.c
index 294c864fbd6..369c9b2ffd9 100644
--- a/libavformat/mov.c
+++ b/libavformat/mov.c
@@ -8795,12 +8795,13 @@ static AVIndexEntry
*mov_find_next_sample(AVFormatContext *s, AVStream **st)
if (msc->pb && msc->current_sample < avsti->nb_index_entries) {
AVIndexEntry *current_sample =
>index_entries[msc->current_sample];
int64_t dts = av_rescale(current_sample->timestamp, AV_TIME_BASE,
msc->time_scale);
+uint64_t dtsdiff = best_dts > dts ? best_dts - (uint64_t)dts :
((uint64_t)dts - best_dts);
av_log(s, AV_LOG_TRACE, "stream %d, sample %d, dts %"PRId64"\n",
i, msc->current_sample, dts);
if (!sample || (no_interleave && current_sample->pos <
sample->pos) ||
((s->pb->seekable & AVIO_SEEKABLE_NORMAL) &&
((msc->pb != s->pb && dts < best_dts) || (msc->pb == s->pb &&
dts != AV_NOPTS_VALUE &&
- ((FFABS(best_dts - dts) <= AV_TIME_BASE &&
current_sample->pos < sample->pos) ||
- (FFABS(best_dts - dts) > AV_TIME_BASE && dts <
best_dts)) {
+ ((dtsdiff <= AV_TIME_BASE && current_sample->pos <
sample->pos) ||
+ (dtsdiff > AV_TIME_BASE && dts < best_dts)) {
sample = current_sample;
best_dts = dts;
*st = avst;
--
2.17.1
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-devel] [PATCH 04/15] avformat/jacosubdec: Check timeres
Signed-off-by: Michael Niedermayer
---
libavformat/jacosubdec.c | 11 +++
1 file changed, 7 insertions(+), 4 deletions(-)
diff --git a/libavformat/jacosubdec.c b/libavformat/jacosubdec.c
index 41216081ee0..c6e5b4aa6dc 100644
--- a/libavformat/jacosubdec.c
+++ b/libavformat/jacosubdec.c
@@ -227,14 +227,17 @@ static int jacosub_read_header(AVFormatContext *s)
}
av_bprintf(, "#S %s", p);
break;
-case 'T': // ...but must be placed after TIMERES
-jacosub->timeres = strtol(p, NULL, 10);
-if (!jacosub->timeres)
+case 'T': { // ...but must be placed after TIMERES
+int64_t timeres = strtol(p, NULL, 10);
+if (timeres <= 0 || timeres > UINT32_MAX) {
jacosub->timeres = 30;
-else
+} else {
+jacosub->timeres = timeres;
av_bprintf(, "#T %s", p);
+}
break;
}
+}
}
/* general/essential directives in the extradata */
--
2.17.1
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-devel] [PATCH 03/15] avformat/jacosubdec: avoid signed integer overflows in get_shift()
Fixes: signed integer overflow: 22014562800 * 934633746 cannot be represented
in type 'long'
Fixes:
51896/clusterfuzz-testcase-minimized-ffmpeg_dem_JACOSUB_fuzzer-5189603246866432
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer
---
libavformat/jacosubdec.c | 8 ++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/libavformat/jacosubdec.c b/libavformat/jacosubdec.c
index 42c201f93af..41216081ee0 100644
--- a/libavformat/jacosubdec.c
+++ b/libavformat/jacosubdec.c
@@ -124,7 +124,7 @@ shift_and_ret:
return buf + len;
}
-static int get_shift(int timeres, const char *buf)
+static int get_shift(unsigned timeres, const char *buf)
{
int sign = 1;
int a = 0, b = 0, c = 0, d = 0;
@@ -148,7 +148,11 @@ static int get_shift(int timeres, const char *buf)
case 3: d = c; c = b; b = a; a = 0;
}
-ret = sign * (((int64_t)a*3600 + (int64_t)b*60 + c) * timeres + d);
+ret = (int64_t)a*3600 + (int64_t)b*60 + c;
+if (FFABS(ret) > (INT64_MAX - FFABS(d)) / timeres)
+return 0;
+ret = sign * (ret * timeres + d);
+
if ((int)ret != ret)
ret = 0;
--
2.17.1
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-devel] [PATCH 02/15] avformat/jacosubdec: Factorize code in get_shift() a bit
Signed-off-by: Michael Niedermayer
---
libavformat/jacosubdec.c | 14 +-
1 file changed, 5 insertions(+), 9 deletions(-)
diff --git a/libavformat/jacosubdec.c b/libavformat/jacosubdec.c
index 61b1316dc9b..42c201f93af 100644
--- a/libavformat/jacosubdec.c
+++ b/libavformat/jacosubdec.c
@@ -143,16 +143,12 @@ static int get_shift(int timeres, const char *buf)
ret = 0;
switch (n) {
-case 4:
-ret = sign * (((int64_t)a*3600 + (int64_t)b*60 + c) * timeres + d);
-break;
-case 3:
-ret = sign * (( (int64_t)a*60 + b) * timeres + c);
-break;
-case 2:
-ret = sign * (((int64_t)a) * timeres + b);
-break;
+case 1: a = 0;
+case 2:c = b; b = a; a = 0;
+case 3: d = c; c = b; b = a; a = 0;
}
+
+ret = sign * (((int64_t)a*3600 + (int64_t)b*60 + c) * timeres + d);
if ((int)ret != ret)
ret = 0;
--
2.17.1
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-devel] [PATCH 01/15] avformat/concatdec: Check in/outpoint for overflow
Fixes: signed integer overflow: 9154241445400 - -915424149454600 cannot
be represented in type 'long'
Fixes:
51896/clusterfuzz-testcase-minimized-ffmpeg_dem_CONCAT_fuzzer-4739147999084544
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer
---
libavformat/concatdec.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/libavformat/concatdec.c b/libavformat/concatdec.c
index 5d4f67d0acd..114b6c6564c 100644
--- a/libavformat/concatdec.c
+++ b/libavformat/concatdec.c
@@ -667,7 +667,9 @@ static int concat_read_header(AVFormatContext *avf)
else
time = cat->files[i].start_time;
if (cat->files[i].user_duration == AV_NOPTS_VALUE) {
-if (cat->files[i].inpoint == AV_NOPTS_VALUE ||
cat->files[i].outpoint == AV_NOPTS_VALUE)
+if (cat->files[i].inpoint == AV_NOPTS_VALUE ||
cat->files[i].outpoint == AV_NOPTS_VALUE ||
+cat->files[i].outpoint - (uint64_t)cat->files[i].inpoint !=
av_sat_sub64(cat->files[i].outpoint, cat->files[i].inpoint)
+)
break;
cat->files[i].user_duration = cat->files[i].outpoint -
cat->files[i].inpoint;
}
--
2.17.1
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
Re: [FFmpeg-devel] [PATCH 1/6] avformat/avidec: support huge durations
On Sat, Sep 30, 2023 at 10:18:38PM +0200, Anton Khirnov wrote:
> Quoting Michael Niedermayer (2023-09-30 16:31:43)
> > On Sat, Sep 30, 2023 at 04:04:03PM +0200, Michael Niedermayer wrote:
> > > On Sat, Sep 30, 2023 at 11:35:19AM +0200, Marton Balint wrote:
> > > >
> > > >
> > > > On Sat, 30 Sep 2023, Michael Niedermayer wrote:
> > > >
> > > > > Fixes: signed integer overflow: 109817402400 * 301990077 cannot be
> > > > > represented in type 'long long'
> > > > > Fixes:
> > > > > 51896/clusterfuzz-testcase-minimized-ffmpeg_dem_AVI_fuzzer-6706191715139584
> > > > >
> > > > > Found-by: continuous fuzzing process
> > > > > https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
> > > > > Signed-off-by: Michael Niedermayer
> > > > > ---
> > > > > libavformat/avidec.c | 12 ++--
> > > > > 1 file changed, 10 insertions(+), 2 deletions(-)
> > > > >
> > > > > diff --git a/libavformat/avidec.c b/libavformat/avidec.c
> > > > > index 00bd7a98a9d..cfc693842b7 100644
> > > > > --- a/libavformat/avidec.c
> > > > > +++ b/libavformat/avidec.c
> > > > > @@ -27,6 +27,7 @@
> > > > > #include "libavutil/avstring.h"
> > > > > #include "libavutil/opt.h"
> > > > > #include "libavutil/dict.h"
> > > > > +#include "libavutil/integer.h"
> > > > > #include "libavutil/internal.h"
> > > > > #include "libavutil/intreadwrite.h"
> > > > > #include "libavutil/mathematics.h"
> > > > > @@ -476,7 +477,7 @@ static int calculate_bitrate(AVFormatContext *s)
> > > > > AVStream *st = s->streams[i];
> > > > > FFStream *const sti = ffstream(st);
> > > > > int64_t duration;
> > > > > -int64_t bitrate;
> > > > > +int64_t bitrate = 0;
> > > > >
> > > > > for (j = 0; j < sti->nb_index_entries; j++)
> > > > > len += sti->index_entries[j].size;
> > > > > @@ -484,7 +485,14 @@ static int calculate_bitrate(AVFormatContext *s)
> > > > > if (sti->nb_index_entries < 2 || st->codecpar->bit_rate > 0)
> > > > > continue;
> > > > > duration = sti->index_entries[j-1].timestamp -
> > > > > sti->index_entries[0].timestamp;
> > > > > -bitrate = av_rescale(8*len, st->time_base.den, duration *
> > > > > st->time_base.num);
> > > > > +if (INT64_MAX / duration >= st->time_base.num) {
> > > > > +bitrate = av_rescale(8*len, st->time_base.den, duration
> > > > > * st->time_base.num);
> > > >
> > > > Why not always use the AVInteger version? This is not performance
> > > > sensitive
> > > > as far as I see.
> > >
> > > We can, i will have to fix the rounding though so it matches av_rescale()
> >
> > will apply this with just AVInteger and fixed rounding with my next push
> > probably
>
> This seems MUCH less readable to me.
we can add a av_rescale_2den()
>
> Do we expect such huge durations in actual files rather than fuzzed
> ones?
no, i dont expect that.
> Would it not be better to just not export the duration at all when
> the computation would overflow?
Better ? i dont know
if i scale that idea up and replace EVERY computation with a subset
that seems enough and prettier. I think that would not result in
overall very robust or clean code.
If its better to do it just here i dont know but ill do whatever
people prefer
thx
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
I know you won't believe me, but the highest form of Human Excellence is
to question oneself and others. -- Socrates
signature.asc
Description: PGP signature
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
Re: [FFmpeg-devel] [PATCH 1/6] avformat/avidec: support huge durations
Quoting Michael Niedermayer (2023-09-30 16:31:43)
> On Sat, Sep 30, 2023 at 04:04:03PM +0200, Michael Niedermayer wrote:
> > On Sat, Sep 30, 2023 at 11:35:19AM +0200, Marton Balint wrote:
> > >
> > >
> > > On Sat, 30 Sep 2023, Michael Niedermayer wrote:
> > >
> > > > Fixes: signed integer overflow: 109817402400 * 301990077 cannot be
> > > > represented in type 'long long'
> > > > Fixes:
> > > > 51896/clusterfuzz-testcase-minimized-ffmpeg_dem_AVI_fuzzer-6706191715139584
> > > >
> > > > Found-by: continuous fuzzing process
> > > > https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
> > > > Signed-off-by: Michael Niedermayer
> > > > ---
> > > > libavformat/avidec.c | 12 ++--
> > > > 1 file changed, 10 insertions(+), 2 deletions(-)
> > > >
> > > > diff --git a/libavformat/avidec.c b/libavformat/avidec.c
> > > > index 00bd7a98a9d..cfc693842b7 100644
> > > > --- a/libavformat/avidec.c
> > > > +++ b/libavformat/avidec.c
> > > > @@ -27,6 +27,7 @@
> > > > #include "libavutil/avstring.h"
> > > > #include "libavutil/opt.h"
> > > > #include "libavutil/dict.h"
> > > > +#include "libavutil/integer.h"
> > > > #include "libavutil/internal.h"
> > > > #include "libavutil/intreadwrite.h"
> > > > #include "libavutil/mathematics.h"
> > > > @@ -476,7 +477,7 @@ static int calculate_bitrate(AVFormatContext *s)
> > > > AVStream *st = s->streams[i];
> > > > FFStream *const sti = ffstream(st);
> > > > int64_t duration;
> > > > -int64_t bitrate;
> > > > +int64_t bitrate = 0;
> > > >
> > > > for (j = 0; j < sti->nb_index_entries; j++)
> > > > len += sti->index_entries[j].size;
> > > > @@ -484,7 +485,14 @@ static int calculate_bitrate(AVFormatContext *s)
> > > > if (sti->nb_index_entries < 2 || st->codecpar->bit_rate > 0)
> > > > continue;
> > > > duration = sti->index_entries[j-1].timestamp -
> > > > sti->index_entries[0].timestamp;
> > > > -bitrate = av_rescale(8*len, st->time_base.den, duration *
> > > > st->time_base.num);
> > > > +if (INT64_MAX / duration >= st->time_base.num) {
> > > > +bitrate = av_rescale(8*len, st->time_base.den, duration *
> > > > st->time_base.num);
> > >
> > > Why not always use the AVInteger version? This is not performance
> > > sensitive
> > > as far as I see.
> >
> > We can, i will have to fix the rounding though so it matches av_rescale()
>
> will apply this with just AVInteger and fixed rounding with my next push
> probably
This seems MUCH less readable to me.
Do we expect such huge durations in actual files rather than fuzzed
ones? Would it not be better to just not export the duration at all when
the computation would overflow?
--
Anton Khirnov
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-devel] [PATCH] lavu/float_dsp: avoid reg-stride in R-V V fmul_window
--- libavutil/riscv/float_dsp_rvv.S | 45 ++--- 1 file changed, 25 insertions(+), 20 deletions(-) diff --git a/libavutil/riscv/float_dsp_rvv.S b/libavutil/riscv/float_dsp_rvv.S index 7e9e84d526..91b70bf148 100644 --- a/libavutil/riscv/float_dsp_rvv.S +++ b/libavutil/riscv/float_dsp_rvv.S @@ -75,32 +75,37 @@ endfunc func ff_vector_fmul_window_rvv, zve32f // a0: dst, a1: src0, a2: src1, a3: window, a4: length -addi t0, a4, -1 -addt1, t0, a4 -sh2add a2, t0, a2 -sh2add t0, t1, a0 -sh2add t3, t1, a3 -li t1, -4 // byte stride +vsetvlit0, zero, e16, m4, ta, ma +sh2add a2, a4, a2 +vid.v v0 +sh3add t3, a4, a3 +vadd.viv0, v0, 1 +sh3add t0, a4, a0 1: -vsetvlit2, a4, e32, m4, ta, ma -vle32.vv16, (a1) +vsetvlit2, a4, e16, m2, ta, ma slli t4, t2, 2 -vlse32.v v20, (a2), t1 +vrsub.vx v2, v0, t2 +subt3, t3, t4 +vsetvlizero, zero, e32, m4, ta, ma +suba2, a2, t4 +vle32.vv8, (t3) +subt0, t0, t4 +vle32.vv4, (a2) suba4, a4, t2 -vle32.vv24, (a3) +vrgatherei16.vv v28, v8, v2 +vle32.vv16, (a1) adda1, a1, t4 -vlse32.v v28, (t3), t1 -suba2, a2, t4 -vfmul.vv v0, v16, v28 +vrgatherei16.vv v20, v4, v2 +vle32.vv24, (a3) adda3, a3, t4 -vfmul.vv v8, v16, v24 -subt3, t3, t4 -vfnmsac.vv v0, v20, v24 -vfmacc.vv v8, v20, v28 -vse32.vv0, (a0) +vfmul.vv v12, v16, v28 +vfmul.vv v16, v16, v24 +vfnmsac.vv v12, v20, v24 +vfmacc.vv v16, v20, v28 +vrgatherei16.vv v8, v16, v2 +vse32.vv12, (a0) adda0, a0, t4 -vsse32.v v8, (t0), t1 -subt0, t0, t4 +vse32.vv8, (t0) bnez a4, 1b ret -- 2.42.0 ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-devel] [PATCH 4/4] avcodec/h264_slice: Don't keep AVCodecContext props in sync manually
It is already done generically in update_context_from_thread() before this function is called. Signed-off-by: Andreas Rheinhardt --- libavcodec/h264_slice.c | 4 1 file changed, 4 deletions(-) diff --git a/libavcodec/h264_slice.c b/libavcodec/h264_slice.c index 5657327f0c..24f4690e79 100644 --- a/libavcodec/h264_slice.c +++ b/libavcodec/h264_slice.c @@ -404,10 +404,6 @@ int ff_h264_update_thread_context(AVCodecContext *dst, memcpy(h->block_offset, h1->block_offset, sizeof(h->block_offset)); } -h->avctx->coded_height = h1->avctx->coded_height; -h->avctx->coded_width = h1->avctx->coded_width; -h->avctx->width = h1->avctx->width; -h->avctx->height= h1->avctx->height; h->width_from_caller= h1->width_from_caller; h->height_from_caller = h1->height_from_caller; h->coded_picture_number = h1->coded_picture_number; -- 2.34.1 ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-devel] [PATCH 3/4] avcodec/mpegvideo_dec: Remove commented-out legacy cruft
Added in 80e9e63c946660304fc65fa8141ccfdbe4d196d1 for reasons
unknown to me.
Signed-off-by: Andreas Rheinhardt
---
libavcodec/mpegvideo_dec.c | 4
1 file changed, 4 deletions(-)
diff --git a/libavcodec/mpegvideo_dec.c b/libavcodec/mpegvideo_dec.c
index 617109a1f7..f9fccff518 100644
--- a/libavcodec/mpegvideo_dec.c
+++ b/libavcodec/mpegvideo_dec.c
@@ -419,10 +419,6 @@ FF_ENABLE_DEPRECATION_WARNINGS
ff_thread_report_progress(>next_picture_ptr->tf, INT_MAX, 1);
}
-#if 0 // BUFREF-FIXME
-memset(s->last_picture.f->data, 0, sizeof(s->last_picture.f->data));
-memset(s->next_picture.f->data, 0, sizeof(s->next_picture.f->data));
-#endif
if (s->last_picture_ptr) {
if (s->last_picture_ptr->f->buf[0] &&
(ret = ff_mpeg_ref_picture(s->avctx, >last_picture,
--
2.34.1
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-devel] [PATCH 2/4] avcodec/mpegvideo_dec: Don't memset twice
This has been done for the luma plane of missing FLV1 and H263
references.
Also remove code duplication by reusing gray_frame(), which
has been renamed to color_frame() for this purpose.
Signed-off-by: Andreas Rheinhardt
---
libavcodec/mpegvideo_dec.c | 28 +---
1 file changed, 5 insertions(+), 23 deletions(-)
diff --git a/libavcodec/mpegvideo_dec.c b/libavcodec/mpegvideo_dec.c
index 77d90104f6..617109a1f7 100644
--- a/libavcodec/mpegvideo_dec.c
+++ b/libavcodec/mpegvideo_dec.c
@@ -245,12 +245,12 @@ static int alloc_picture(MpegEncContext *s, Picture *pic)
>linesize, >uvlinesize);
}
-static void gray_frame(AVFrame *frame)
+static void color_frame(AVFrame *frame, int luma)
{
int h_chroma_shift, v_chroma_shift;
for (int i = 0; i < frame->height; i++)
-memset(frame->data[0] + frame->linesize[0] * i, 0x80, frame->width);
+memset(frame->data[0] + frame->linesize[0] * i, luma, frame->width);
if (!frame->data[1])
return;
@@ -365,9 +365,6 @@ FF_ENABLE_DEPRECATION_WARNINGS
if ((!s->last_picture_ptr || !s->last_picture_ptr->f->buf[0]) &&
(s->pict_type != AV_PICTURE_TYPE_I)) {
-int h_chroma_shift, v_chroma_shift;
-av_pix_fmt_get_chroma_sub_sample(s->avctx->pix_fmt,
- _chroma_shift, _chroma_shift);
if (s->pict_type == AV_PICTURE_TYPE_B && s->next_picture_ptr &&
s->next_picture_ptr->f->buf[0])
av_log(avctx, AV_LOG_DEBUG,
"allocating dummy last picture for B frame\n");
@@ -393,23 +390,8 @@ FF_ENABLE_DEPRECATION_WARNINGS
}
if (!avctx->hwaccel) {
-for (int i = 0; i < avctx->height; i++)
-memset(s->last_picture_ptr->f->data[0] +
s->last_picture_ptr->f->linesize[0]*i,
- 0x80, avctx->width);
-if (s->last_picture_ptr->f->data[2]) {
-for (int i = 0; i < AV_CEIL_RSHIFT(avctx->height,
v_chroma_shift); i++) {
-memset(s->last_picture_ptr->f->data[1] +
s->last_picture_ptr->f->linesize[1]*i,
-0x80, AV_CEIL_RSHIFT(avctx->width, h_chroma_shift));
-memset(s->last_picture_ptr->f->data[2] +
s->last_picture_ptr->f->linesize[2]*i,
-0x80, AV_CEIL_RSHIFT(avctx->width, h_chroma_shift));
-}
-}
-
-if (s->codec_id == AV_CODEC_ID_FLV1 || s->codec_id ==
AV_CODEC_ID_H263) {
-for (int i = 0; i < avctx->height; i++)
-memset(s->last_picture_ptr->f->data[0] +
s->last_picture_ptr->f->linesize[0] * i,
- 16, avctx->width);
-}
+int luma_val = s->codec_id == AV_CODEC_ID_FLV1 || s->codec_id ==
AV_CODEC_ID_H263 ? 16 : 0x80;
+color_frame(s->last_picture_ptr->f, luma_val);
}
ff_thread_report_progress(>last_picture_ptr->tf, INT_MAX, 0);
@@ -484,7 +466,7 @@ FF_ENABLE_DEPRECATION_WARNINGS
}
if (s->avctx->debug & FF_DEBUG_NOMC)
-gray_frame(s->current_picture_ptr->f);
+color_frame(s->current_picture_ptr->f, 0x80);
return 0;
}
--
2.34.1
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-devel] [PATCH 1/4] avcodec/mpegvideo_dec: Check for existence of planes before accesses
Fixes segfaults with -debug +nomc -flags +gray (presuming
a build with --enable-gray).
Signed-off-by: Andreas Rheinhardt
---
libavcodec/mpegvideo_dec.c | 6 --
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/libavcodec/mpegvideo_dec.c b/libavcodec/mpegvideo_dec.c
index 7aa46a4e25..77d90104f6 100644
--- a/libavcodec/mpegvideo_dec.c
+++ b/libavcodec/mpegvideo_dec.c
@@ -249,10 +249,12 @@ static void gray_frame(AVFrame *frame)
{
int h_chroma_shift, v_chroma_shift;
-av_pix_fmt_get_chroma_sub_sample(frame->format, _chroma_shift,
_chroma_shift);
-
for (int i = 0; i < frame->height; i++)
memset(frame->data[0] + frame->linesize[0] * i, 0x80, frame->width);
+
+if (!frame->data[1])
+return;
+av_pix_fmt_get_chroma_sub_sample(frame->format, _chroma_shift,
_chroma_shift);
for (int i = 0; i < AV_CEIL_RSHIFT(frame->height, v_chroma_shift); i++) {
memset(frame->data[1] + frame->linesize[1] * i,
0x80, AV_CEIL_RSHIFT(frame->width, h_chroma_shift));
--
2.34.1
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-devel] [PATCH] swscale/rgb2rgb: unroll R-V V interleave_bytes
--- libswscale/riscv/rgb2rgb_rvv.S | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libswscale/riscv/rgb2rgb_rvv.S b/libswscale/riscv/rgb2rgb_rvv.S index ff02eba9bf..56539690bc 100644 --- a/libswscale/riscv/rgb2rgb_rvv.S +++ b/libswscale/riscv/rgb2rgb_rvv.S @@ -82,11 +82,11 @@ func ff_interleave_bytes_rvv, zve32x mv t3, a3 addia4, a4, -1 2: -vsetvlit4, t3, e8, m1, ta, ma +vsetvlit4, t3, e8, m4, ta, ma subt3, t3, t4 vle8.v v8, (t0) addt0, t4, t0 -vle8.v v9, (t1) +vle8.v v12, (t1) addt1, t4, t1 vsseg2e8.v v8, (t2) sh1add t2, t4, t2 -- 2.42.0 ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-devel] [PATCH] lavu/float_dsp: avoid reg-stride in R-V V reverse_fmul
This revectors the inner loop to reverse vectors element in vectors, thus eliminating the negative register stride. Note that RVV does not have a vector reverse instruction, so this uses a gather. --- libavutil/riscv/float_dsp_rvv.S | 17 +++-- 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/libavutil/riscv/float_dsp_rvv.S b/libavutil/riscv/float_dsp_rvv.S index 7cfc890bc2..7e9e84d526 100644 --- a/libavutil/riscv/float_dsp_rvv.S +++ b/libavutil/riscv/float_dsp_rvv.S @@ -125,20 +125,25 @@ func ff_vector_fmul_add_rvv, zve32f ret endfunc +// TODO factor vrsub, separate last iteration? // (a0) = (a1) * reverse(a2) [0..a3-1] func ff_vector_fmul_reverse_rvv, zve32f +vsetvli t0, zero, e16, m4, ta, ma sh2add a2, a3, a2 -li t2, -4 // byte stride -addi a2, a2, -4 +vid.vv0 +vadd.vi v0, v0, 1 1: -vsetvli t0, a3, e32, m8, ta, ma +vsetvli t0, a3, e16, m4, ta, ma slli t1, t0, 2 -vle32.v v16, (a1) +vrsub.vx v4, v0, t0 // v4[i] = [VL-1, VL-2... 1, 0] +sub a2, a2, t1 +vsetvli zero, zero, e32, m8, ta, ma +vle32.v v8, (a2) sub a3, a3, t0 -vlse32.v v24, (a2), t2 +vle32.v v16, (a1) add a1, a1, t1 +vrgatherei16.vv v24, v8, v4 // v24 = reverse(v8) vfmul.vv v16, v16, v24 -sub a2, a2, t1 vse32.v v16, (a0) add a0, a0, t1 bnez a3, 1b -- 2.42.0 ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-devel] [PATCH v2] vulkan_hevc: handle non-contiguous SPS/PPS/VPS ids
Some clips (i.e. SLIST_B_Sony_9) will use PPS 0 and 8, before PPS 1-7.
vulkan_hevc expects {sps,pps,vps}_list to be filled in order, which
causes PPS 8 to not be added to the Vulkan session params when it is
being used by a picture.
This removes the expectation that these lists are filled in order. The
indicies into vps_list are saved since there are multiple usages of it.
This also fixes a bug with some clips (i.e. PPS_A_qualcomm_7) which use
all 64 available PPS slots, causing the old loop to think there are more
than 64 PPS-es.
---
libavcodec/vulkan_hevc.c | 46 +++-
1 file changed, 27 insertions(+), 19 deletions(-)
diff --git a/libavcodec/vulkan_hevc.c b/libavcodec/vulkan_hevc.c
index 52f223ceb2..9685ec14c8 100644
--- a/libavcodec/vulkan_hevc.c
+++ b/libavcodec/vulkan_hevc.c
@@ -70,6 +70,7 @@ typedef struct HEVCHeaderSet {
static int alloc_hevc_header_structs(FFVulkanDecodeContext *s,
int nb_vps,
+ const int
vps_list_idx[HEVC_MAX_VPS_COUNT],
AVBufferRef * const
vps_list[HEVC_MAX_VPS_COUNT])
{
uint8_t *data_ptr;
@@ -77,7 +78,7 @@ static int alloc_hevc_header_structs(FFVulkanDecodeContext *s,
size_t buf_size = sizeof(HEVCHeaderSet) + nb_vps*sizeof(HEVCHeaderVPS);
for (int i = 0; i < nb_vps; i++) {
-const HEVCVPS *vps = (const HEVCVPS *)vps_list[i]->data;
+const HEVCVPS *vps = (const HEVCVPS *)vps_list[vps_list_idx[i]]->data;
buf_size += sizeof(HEVCHeaderVPSSet)*vps->vps_num_hrd_parameters;
}
@@ -96,7 +97,7 @@ static int alloc_hevc_header_structs(FFVulkanDecodeContext *s,
hdr->hvps = (HEVCHeaderVPS *)(data_ptr + sizeof(HEVCHeaderSet));
data_ptr += sizeof(HEVCHeaderSet) + nb_vps*sizeof(HEVCHeaderVPS);
for (int i = 0; i < nb_vps; i++) {
-const HEVCVPS *vps = (const HEVCVPS *)vps_list[i]->data;
+const HEVCVPS *vps = (const HEVCVPS *)vps_list[vps_list_idx[i]]->data;
hdr->hvps[i].sls = (HEVCHeaderVPSSet *)data_ptr;
data_ptr += sizeof(HEVCHeaderVPSSet)*vps->vps_num_hrd_parameters;
}
@@ -655,13 +656,15 @@ static int vk_hevc_create_params(AVCodecContext *avctx,
AVBufferRef **buf)
.videoSessionParametersTemplate = NULL,
};
-int nb_vps = 0;
HEVCHeaderSet *hdr;
+int nb_vps = 0;
+int vps_list_idx[HEVC_MAX_VPS_COUNT];
-for (int i = 0; h->ps.vps_list[i]; i++)
-nb_vps++;
+for (int i = 0; i < HEVC_MAX_VPS_COUNT; i++)
+if (h->ps.vps_list[i])
+vps_list_idx[nb_vps++] = i;
-err = alloc_hevc_header_structs(dec, nb_vps, h->ps.vps_list);
+err = alloc_hevc_header_structs(dec, nb_vps, vps_list_idx, h->ps.vps_list);
if (err < 0)
return err;
@@ -672,26 +675,31 @@ static int vk_hevc_create_params(AVCodecContext *avctx,
AVBufferRef **buf)
h265_params_info.pStdVPSs = hdr->vps;
/* SPS list */
-for (int i = 0; h->ps.sps_list[i]; i++) {
-const HEVCSPS *sps_l = (const HEVCSPS *)h->ps.sps_list[i]->data;
-set_sps(sps_l, i, >hsps[i].scaling, >hsps[i].vui_header,
->hsps[i].vui, >sps[i], hdr->hsps[i].nal_hdr,
-hdr->hsps[i].vcl_hdr, >hsps[i].ptl, >hsps[i].dpbm,
->hsps[i].pal, hdr->hsps[i].str, >hsps[i].ltr);
-h265_params_info.stdSPSCount++;
+for (int i = 0; i < HEVC_MAX_SPS_COUNT; i++) {
+if (h->ps.sps_list[i]) {
+const HEVCSPS *sps_l = (const HEVCSPS *)h->ps.sps_list[i]->data;
+int idx = h265_params_info.stdSPSCount++;
+set_sps(sps_l, i, >hsps[idx].scaling,
>hsps[idx].vui_header,
+>hsps[idx].vui, >sps[idx],
hdr->hsps[idx].nal_hdr,
+hdr->hsps[idx].vcl_hdr, >hsps[idx].ptl,
>hsps[idx].dpbm,
+>hsps[idx].pal, hdr->hsps[idx].str,
>hsps[idx].ltr);
+}
}
/* PPS list */
-for (int i = 0; h->ps.pps_list[i]; i++) {
-const HEVCPPS *pps_l = (const HEVCPPS *)h->ps.pps_list[i]->data;
-const HEVCSPS *sps_l = (const HEVCSPS
*)h->ps.sps_list[pps_l->sps_id]->data;
-set_pps(pps_l, sps_l, >hpps[i].scaling, >pps[i],
>hpps[i].pal);
-h265_params_info.stdPPSCount++;
+for (int i = 0; i < HEVC_MAX_PPS_COUNT; i++) {
+if (h->ps.pps_list[i]) {
+const HEVCPPS *pps_l = (const HEVCPPS *)h->ps.pps_list[i]->data;
+const HEVCSPS *sps_l = (const HEVCSPS
*)h->ps.sps_list[pps_l->sps_id]->data;
+int idx = h265_params_info.stdPPSCount++;
+set_pps(pps_l, sps_l, >hpps[idx].scaling,
+>pps[idx], >hpps[idx].pal);
+}
}
/* VPS list */
for (int i = 0; i < nb_vps; i++) {
-const HEVCVPS *vps_l = (const HEVCVPS *)h->ps.vps_list[i]->data;
+const HEVCVPS *vps_l = (const HEVCVPS
*)h->ps.vps_list[vps_list_idx[i]]->data;
set_vps(vps_l, >vps[i], >hvps[i].ptl,
[FFmpeg-devel] [PATCH] vulkan_hevc: handle non-contiguous SPS/PPS/VPS ids
Some clips (i.e. SLIST_B_Sony_9) will use PPS 0 and 8, before PPS 1-7.
vulkan_hevc expects {sps,pps,vps}_list to be filled in order, which
causes PPS 8 to not be added to the Vulkan session params when it is
being used by a picture.
This removes the expectation that these lists are filled in order. The
indicies into vps_list are saved since there are multiple usages of it.
This also fixes a bug with some clips (i.e. PPS_A_qualcomm_7) which use
all 64 available PPS slots, causing the old loop to think there are more
than 64 PPS-es.
---
libavcodec/vulkan_hevc.c | 47 +++-
1 file changed, 27 insertions(+), 20 deletions(-)
diff --git a/libavcodec/vulkan_hevc.c b/libavcodec/vulkan_hevc.c
index 52f223ceb2..a8265acf32 100644
--- a/libavcodec/vulkan_hevc.c
+++ b/libavcodec/vulkan_hevc.c
@@ -70,6 +70,7 @@ typedef struct HEVCHeaderSet {
static int alloc_hevc_header_structs(FFVulkanDecodeContext *s,
int nb_vps,
+ const int
vps_list_idx[HEVC_MAX_VPS_COUNT],
AVBufferRef * const
vps_list[HEVC_MAX_VPS_COUNT])
{
uint8_t *data_ptr;
@@ -77,7 +78,7 @@ static int alloc_hevc_header_structs(FFVulkanDecodeContext *s,
size_t buf_size = sizeof(HEVCHeaderSet) + nb_vps*sizeof(HEVCHeaderVPS);
for (int i = 0; i < nb_vps; i++) {
-const HEVCVPS *vps = (const HEVCVPS *)vps_list[i]->data;
+const HEVCVPS *vps = (const HEVCVPS *)vps_list[vps_list_idx[i]]->data;
buf_size += sizeof(HEVCHeaderVPSSet)*vps->vps_num_hrd_parameters;
}
@@ -96,7 +97,7 @@ static int alloc_hevc_header_structs(FFVulkanDecodeContext *s,
hdr->hvps = (HEVCHeaderVPS *)(data_ptr + sizeof(HEVCHeaderSet));
data_ptr += sizeof(HEVCHeaderSet) + nb_vps*sizeof(HEVCHeaderVPS);
for (int i = 0; i < nb_vps; i++) {
-const HEVCVPS *vps = (const HEVCVPS *)vps_list[i]->data;
+const HEVCVPS *vps = (const HEVCVPS *)vps_list[vps_list_idx[i]]->data;
hdr->hvps[i].sls = (HEVCHeaderVPSSet *)data_ptr;
data_ptr += sizeof(HEVCHeaderVPSSet)*vps->vps_num_hrd_parameters;
}
@@ -655,13 +656,15 @@ static int vk_hevc_create_params(AVCodecContext *avctx,
AVBufferRef **buf)
.videoSessionParametersTemplate = NULL,
};
-int nb_vps = 0;
HEVCHeaderSet *hdr;
+int nb_vps = 0;
+int vps_list_idx[HEVC_MAX_VPS_COUNT];
-for (int i = 0; h->ps.vps_list[i]; i++)
-nb_vps++;
+for (int i = 0; i < HEVC_MAX_VPS_COUNT; i++)
+if (h->ps.vps_list[i])
+vps_list_idx[nb_vps++] = i;
-err = alloc_hevc_header_structs(dec, nb_vps, h->ps.vps_list);
+err = alloc_hevc_header_structs(dec, nb_vps, vps_list_idx, h->ps.vps_list);
if (err < 0)
return err;
@@ -672,29 +675,33 @@ static int vk_hevc_create_params(AVCodecContext *avctx,
AVBufferRef **buf)
h265_params_info.pStdVPSs = hdr->vps;
/* SPS list */
-for (int i = 0; h->ps.sps_list[i]; i++) {
-const HEVCSPS *sps_l = (const HEVCSPS *)h->ps.sps_list[i]->data;
-set_sps(sps_l, i, >hsps[i].scaling, >hsps[i].vui_header,
->hsps[i].vui, >sps[i], hdr->hsps[i].nal_hdr,
-hdr->hsps[i].vcl_hdr, >hsps[i].ptl, >hsps[i].dpbm,
->hsps[i].pal, hdr->hsps[i].str, >hsps[i].ltr);
-h265_params_info.stdSPSCount++;
+for (int i = 0; i < HEVC_MAX_SPS_COUNT; i++) {
+if (h->ps.sps_list[i]) {
+const HEVCSPS *sps_l = (const HEVCSPS *)h->ps.sps_list[i]->data;
+int idx = h265_params_info.stdSPSCount++;
+set_sps(sps_l, i, >hsps[idx].scaling,
>hsps[idx].vui_header,
+>hsps[idx].vui, >sps[idx],
hdr->hsps[idx].nal_hdr,
+hdr->hsps[idx].vcl_hdr, >hsps[idx].ptl,
>hsps[idx].dpbm,
+>hsps[idx].pal, hdr->hsps[idx].str,
>hsps[idx].ltr);
+}
}
/* PPS list */
-for (int i = 0; h->ps.pps_list[i]; i++) {
-const HEVCPPS *pps_l = (const HEVCPPS *)h->ps.pps_list[i]->data;
-const HEVCSPS *sps_l = (const HEVCSPS
*)h->ps.sps_list[pps_l->sps_id]->data;
-set_pps(pps_l, sps_l, >hpps[i].scaling, >pps[i],
>hpps[i].pal);
-h265_params_info.stdPPSCount++;
+for (int i = 0; i < HEVC_MAX_PPS_COUNT; i++) {
+if (h->ps.pps_list[i]) {
+const HEVCPPS *pps_l = (const HEVCPPS *)h->ps.pps_list[i]->data;
+const HEVCSPS *sps_l = (const HEVCSPS
*)h->ps.sps_list[pps_l->sps_id]->data;
+int idx = h265_params_info.stdPPSCount++;
+set_pps(pps_l, sps_l, >hpps[idx].scaling,
+>pps[idx], >hpps[idx].pal);
+}
}
/* VPS list */
for (int i = 0; i < nb_vps; i++) {
-const HEVCVPS *vps_l = (const HEVCVPS *)h->ps.vps_list[i]->data;
+const HEVCVPS *vps_l = (const HEVCVPS
*)h->ps.vps_list[vps_list_idx[i]]->data;
set_vps(vps_l, >vps[i], >hvps[i].ptl,
Re: [FFmpeg-devel] [PATCH 4/6] avformat/cafdec: saturate start + size into 64bit
On Fri, Sep 29, 2023 at 08:41:23PM -0300, James Almer wrote:
> On 9/29/2023 8:19 PM, Michael Niedermayer wrote:
> > Fixes: signed integer overflow: 64 + 9223372036854775803 cannot be
> > represented in type 'long long'
> > Fixes:
> > 51896/clusterfuzz-testcase-minimized-ffmpeg_dem_CAF_fuzzer-6536881135550464
> >
> > Found-by: continuous fuzzing process
> > https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
> > Signed-off-by: Michael Niedermayer
> > ---
> > libavformat/cafdec.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/libavformat/cafdec.c b/libavformat/cafdec.c
> > index e92e3279fc6..0e50a3cfe68 100644
> > --- a/libavformat/cafdec.c
> > +++ b/libavformat/cafdec.c
> > @@ -435,7 +435,7 @@ static int read_packet(AVFormatContext *s, AVPacket
> > *pkt)
> > /* don't read past end of data chunk */
> > if (caf->data_size > 0) {
> > -left = (caf->data_start + caf->data_size) - avio_tell(pb);
> > +left = av_sat_add64(caf->data_start, caf->data_size) -
> > avio_tell(pb);
>
> avio_tell(pb) here is guaranteed to be bigger than caf->data_start, which is
> the offset where the DATA chunk starts, so the result of this calculation
> will be <= INT64_MAX even if you don't saturate it and instead cast it to
> uint64_t. Nonetheless, if the DATA chunk ends at an offset that would not
> fit in an int64_t, then we can't parse it to begin with due to AVIOContext
> API limitations.
>
> Maybe we should just abort in read_header() if data_start + data_size >
> INT64_MAX, instead of pretending we can parse the file, invalid or not, by
> saturating values.
yes ill try that
thx
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
If you think the mosad wants you dead since a long time then you are either
wrong or dead since a long time.
signature.asc
Description: PGP signature
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-devel] [PATCH 2/2] avcodec/snow: Move dsp helper functions to snow_dwt.h
Signed-off-by: Andreas Rheinhardt
---
libavcodec/snow.h| 38 --
libavcodec/snow_dwt.h| 40
libavcodec/x86/snowdsp.c | 1 -
3 files changed, 40 insertions(+), 39 deletions(-)
diff --git a/libavcodec/snow.h b/libavcodec/snow.h
index 2e61154d0c..a5e2c138cb 100644
--- a/libavcodec/snow.h
+++ b/libavcodec/snow.h
@@ -176,44 +176,6 @@ extern const uint8_t * const ff_obmc_tab[4];
extern const uint8_t ff_qexp[QROOT];
extern int ff_scale_mv_ref[MAX_REF_FRAMES][MAX_REF_FRAMES];
-/* C bits used by mmx/sse2/altivec */
-
-static av_always_inline void snow_interleave_line_header(int * i, int width,
IDWTELEM * low, IDWTELEM * high){
-(*i) = (width) - 2;
-
-if (width & 1){
-low[(*i)+1] = low[((*i)+1)>>1];
-(*i)--;
-}
-}
-
-static av_always_inline void snow_interleave_line_footer(int * i, IDWTELEM *
low, IDWTELEM * high){
-for (; (*i)>=0; (*i)-=2){
-low[(*i)+1] = high[(*i)>>1];
-low[*i] = low[(*i)>>1];
-}
-}
-
-static av_always_inline void snow_horizontal_compose_lift_lead_out(int i,
IDWTELEM * dst, IDWTELEM * src, IDWTELEM * ref, int width, int w, int
lift_high, int mul, int add, int shift){
-for(; i> shift);
-}
-
-if((width^lift_high)&1){
-dst[w] = src[w] - ((mul * 2 * ref[w] + add) >> shift);
-}
-}
-
-static av_always_inline void snow_horizontal_compose_liftS_lead_out(int i,
IDWTELEM * dst, IDWTELEM * src, IDWTELEM * ref, int width, int w){
-for(; i>
W_BS);
-}
-
-if(width&1){
-dst[w] = src[w] + ((2 * ref[w] + W_BO + 4 * src[w]) >> W_BS);
-}
-}
-
/* common code */
int ff_snow_common_init(AVCodecContext *avctx);
diff --git a/libavcodec/snow_dwt.h b/libavcodec/snow_dwt.h
index 15b8a3007b..6e7d22c71a 100644
--- a/libavcodec/snow_dwt.h
+++ b/libavcodec/snow_dwt.h
@@ -24,6 +24,8 @@
#include
#include
+#include "libavutil/attributes.h"
+
struct MpegEncContext;
typedef int DWTELEM;
@@ -91,6 +93,44 @@ typedef struct SnowDWTContext {
: ff_slice_buffer_load_line((slice_buf), \
(line_num)))
+/* C bits used by mmx/sse2/altivec */
+
+static av_always_inline void snow_interleave_line_header(int *i, int width,
IDWTELEM *low, IDWTELEM *high)
+{
+*i = width - 2;
+
+if (width & 1) {
+low[*i + 1] = low[(*i + 1)>>1];
+(*i)--;
+}
+}
+
+static av_always_inline void snow_interleave_line_footer(int *i, IDWTELEM
*low, const IDWTELEM *high)
+{
+for (; *i >= 0; *i -= 2) {
+low[*i + 1] = high[*i >> 1];
+low[*i] = low[*i >> 1];
+}
+}
+
+static av_always_inline void snow_horizontal_compose_lift_lead_out(int i,
IDWTELEM *dst, const IDWTELEM *src, const IDWTELEM *ref, int width, int w, int
lift_high, int mul, int add, int shift)
+{
+for (; i < w; i++)
+dst[i] = src[i] - ((mul * (ref[i] + ref[i + 1]) + add) >> shift);
+
+if ((width ^ lift_high) & 1)
+dst[w] = src[w] - ((mul * 2 * ref[w] + add) >> shift);
+}
+
+static av_always_inline void snow_horizontal_compose_liftS_lead_out(int i,
IDWTELEM *dst, const IDWTELEM *src, const IDWTELEM *ref, int width, int w)
+{
+for (; i < w; i++)
+dst[i] = src[i] + ((ref[i] + ref[(i+1)]+W_BO + 4 * src[i]) >> W_BS);
+
+if (width & 1)
+dst[w] = src[w] + ((2 * ref[w] + W_BO + 4 * src[w]) >> W_BS);
+}
+
int ff_slice_buffer_init(slice_buffer *buf, int line_count,
int max_allocated_lines, int line_width,
IDWTELEM *base_buffer);
diff --git a/libavcodec/x86/snowdsp.c b/libavcodec/x86/snowdsp.c
index bca1f9bd2e..bd0aa766e5 100644
--- a/libavcodec/x86/snowdsp.c
+++ b/libavcodec/x86/snowdsp.c
@@ -24,7 +24,6 @@
#include "libavutil/attributes.h"
#include "libavutil/cpu.h"
#include "libavutil/x86/asm.h"
-#include "libavcodec/snow.h"
#include "libavcodec/snow_dwt.h"
#if HAVE_INLINE_ASM
--
2.34.1
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-devel] [PATCH 1/2] avcodec/snow: Move encoder-only stuff out of SnowContext
Put it into an encoder-specific context with a SnowContext
at its front. This also avoids having to include mpegvideo.h
in snow.c and snowdec.c.
Signed-off-by: Andreas Rheinhardt
---
libavcodec/snow.h| 27 +--
libavcodec/snowenc.c | 448 ---
2 files changed, 254 insertions(+), 221 deletions(-)
diff --git a/libavcodec/snow.h b/libavcodec/snow.h
index 1c87577699..2e61154d0c 100644
--- a/libavcodec/snow.h
+++ b/libavcodec/snow.h
@@ -24,21 +24,18 @@
#include "libavutil/motion_vector.h"
+#include "avcodec.h"
#include "hpeldsp.h"
-#include "me_cmp.h"
-#include "qpeldsp.h"
#include "snow_dwt.h"
#include "rangecoder.h"
#include "mathops.h"
-#include "mpegvideo.h"
#include "h264qpel.h"
+#include "videodsp.h"
#define SNOW_MAX_PLANES 4
-#define FF_ME_ITER 3
-
#define MID_STATE 128
#define MAX_PLANES 4
@@ -117,12 +114,9 @@ typedef struct SnowContext{
AVClass *class;
AVCodecContext *avctx;
RangeCoder c;
-MECmpContext mecc;
HpelDSPContext hdsp;
-QpelDSPContext qdsp;
VideoDSPContext vdsp;
H264QpelContext h264qpel;
-MpegvideoEncDSPContext mpvencdsp;
SnowDWTContext dwt;
AVFrame *input_picture; ///< new_picture with the internal
linesizes
AVFrame *current_picture;
@@ -155,9 +149,6 @@ typedef struct SnowContext{
int spatial_scalability;
int qlog;
int last_qlog;
-int lambda;
-int lambda2;
-int pass1_rc;
int mv_scale;
int last_mv_scale;
int qbias;
@@ -170,18 +161,7 @@ typedef struct SnowContext{
int nb_planes;
Plane plane[MAX_PLANES];
BlockNode *block;
-#define ME_CACHE_SIZE 1024
-unsigned me_cache[ME_CACHE_SIZE];
-unsigned me_cache_generation;
slice_buffer sb;
-int memc_only;
-int no_bitstream;
-int intra_penalty;
-int motion_est;
-int iterative_dia_size;
-int scenechange_threshold;
-
-MpegEncContext m; // needed for motion estimation, should not be used for
anything else, the idea is to eventually make the motion estimation independent
of MpegEncContext, so this will be removed then (FIXME/XXX)
uint8_t *scratchbuf;
uint8_t *emu_edge_buffer;
@@ -189,9 +169,6 @@ typedef struct SnowContext{
AVMotionVector *avmv;
unsigned avmv_size;
int avmv_index;
-uint64_t encoding_error[SNOW_MAX_PLANES];
-
-int pred;
}SnowContext;
/* Tables */
diff --git a/libavcodec/snowenc.c b/libavcodec/snowenc.c
index ab15c4e108..c215215346 100644
--- a/libavcodec/snowenc.c
+++ b/libavcodec/snowenc.c
@@ -30,6 +30,7 @@
#include "internal.h" //For AVCodecInternal.recon_frame
#include "me_cmp.h"
#include "packet_internal.h"
+#include "qpeldsp.h"
#include "snow_dwt.h"
#include "snow.h"
@@ -39,6 +40,34 @@
#include "mpegvideo.h"
#include "h263enc.h"
+#define FF_ME_ITER 3
+
+typedef struct SnowEncContext {
+SnowContext com;
+QpelDSPContext qdsp;
+MpegvideoEncDSPContext mpvencdsp;
+
+int lambda;
+int lambda2;
+int pass1_rc;
+
+int pred;
+int memc_only;
+int no_bitstream;
+int intra_penalty;
+int motion_est;
+int iterative_dia_size;
+int scenechange_threshold;
+
+MECmpContext mecc;
+MpegEncContext m; // needed for motion estimation, should not be used for
anything else, the idea is to eventually make the motion estimation independent
of MpegEncContext, so this will be removed then (FIXME/XXX)
+#define ME_CACHE_SIZE 1024
+unsigned me_cache[ME_CACHE_SIZE];
+unsigned me_cache_generation;
+
+uint64_t encoding_error[SNOW_MAX_PLANES];
+} SnowEncContext;
+
static void init_ref(MotionEstContext *c, const uint8_t *const src[3],
uint8_t *const ref[3], uint8_t *const ref2[3],
int x, int y, int ref_index)
@@ -127,18 +156,20 @@ static int get_encode_buffer(SnowContext *s, AVFrame
*frame)
static av_cold int encode_init(AVCodecContext *avctx)
{
-SnowContext *s = avctx->priv_data;
+SnowEncContext *const enc = avctx->priv_data;
+SnowContext *const s = >com;
+MpegEncContext *const mpv = >m;
int plane_index, ret;
int i;
-if(s->pred == DWT_97
+if (enc->pred == DWT_97
&& (avctx->flags & AV_CODEC_FLAG_QSCALE)
&& avctx->global_quality == 0){
av_log(avctx, AV_LOG_ERROR, "The 9/7 wavelet is incompatible with
lossless mode.\n");
return AVERROR(EINVAL);
}
-s->spatial_decomposition_type= s->pred; //FIXME add decorrelator type r
transform_type
+s->spatial_decomposition_type = enc->pred; //FIXME add decorrelator type r
transform_type
s->mv_scale = (avctx->flags & AV_CODEC_FLAG_QPEL) ? 2 : 4;
s->block_max_depth= (avctx->flags & AV_CODEC_FLAG_4MV ) ? 1 : 0;
@@ -159,11 +190,11 @@ static av_cold int encode_init(AVCodecContext *avctx)
}
#define mcf(dx,dy)\
-s->qdsp.put_qpel_pixels_tab [0][dy+dx/4]=\
-s->qdsp.put_no_rnd_qpel_pixels_tab[0][dy+dx/4]=\
+
Re: [FFmpeg-devel] [PATCH 1/6] avformat/avidec: support huge durations
On Sat, Sep 30, 2023 at 04:04:03PM +0200, Michael Niedermayer wrote:
> On Sat, Sep 30, 2023 at 11:35:19AM +0200, Marton Balint wrote:
> >
> >
> > On Sat, 30 Sep 2023, Michael Niedermayer wrote:
> >
> > > Fixes: signed integer overflow: 109817402400 * 301990077 cannot be
> > > represented in type 'long long'
> > > Fixes:
> > > 51896/clusterfuzz-testcase-minimized-ffmpeg_dem_AVI_fuzzer-6706191715139584
> > >
> > > Found-by: continuous fuzzing process
> > > https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
> > > Signed-off-by: Michael Niedermayer
> > > ---
> > > libavformat/avidec.c | 12 ++--
> > > 1 file changed, 10 insertions(+), 2 deletions(-)
> > >
> > > diff --git a/libavformat/avidec.c b/libavformat/avidec.c
> > > index 00bd7a98a9d..cfc693842b7 100644
> > > --- a/libavformat/avidec.c
> > > +++ b/libavformat/avidec.c
> > > @@ -27,6 +27,7 @@
> > > #include "libavutil/avstring.h"
> > > #include "libavutil/opt.h"
> > > #include "libavutil/dict.h"
> > > +#include "libavutil/integer.h"
> > > #include "libavutil/internal.h"
> > > #include "libavutil/intreadwrite.h"
> > > #include "libavutil/mathematics.h"
> > > @@ -476,7 +477,7 @@ static int calculate_bitrate(AVFormatContext *s)
> > > AVStream *st = s->streams[i];
> > > FFStream *const sti = ffstream(st);
> > > int64_t duration;
> > > -int64_t bitrate;
> > > +int64_t bitrate = 0;
> > >
> > > for (j = 0; j < sti->nb_index_entries; j++)
> > > len += sti->index_entries[j].size;
> > > @@ -484,7 +485,14 @@ static int calculate_bitrate(AVFormatContext *s)
> > > if (sti->nb_index_entries < 2 || st->codecpar->bit_rate > 0)
> > > continue;
> > > duration = sti->index_entries[j-1].timestamp -
> > > sti->index_entries[0].timestamp;
> > > -bitrate = av_rescale(8*len, st->time_base.den, duration *
> > > st->time_base.num);
> > > +if (INT64_MAX / duration >= st->time_base.num) {
> > > +bitrate = av_rescale(8*len, st->time_base.den, duration *
> > > st->time_base.num);
> >
> > Why not always use the AVInteger version? This is not performance sensitive
> > as far as I see.
>
> We can, i will have to fix the rounding though so it matches av_rescale()
will apply this with just AVInteger and fixed rounding with my next push
probably
thx
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
If a bugfix only changes things apparently unrelated to the bug with no
further explanation, that is a good sign that the bugfix is wrong.
signature.asc
Description: PGP signature
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
Re: [FFmpeg-devel] [PATCH v2] avcodec/libkvazaar: Respect codec context color settings.
On Sat, Sep 30, 2023 at 12:12 AM John Mather via ffmpeg-devel wrote: > > This patch makes the libkvazaar encoder respect color settings that are > present on the codec context, including color range, primaries, transfer > function and colorspace. > --- > libavcodec/libkvazaar.c | 9 + > 1 file changed, 9 insertions(+) > > diff --git a/libavcodec/libkvazaar.c b/libavcodec/libkvazaar.c > index 2ef34dd82e..984f78ba65 100644 > --- a/libavcodec/libkvazaar.c > +++ b/libavcodec/libkvazaar.c > @@ -101,6 +101,15 @@ FF_ENABLE_DEPRECATION_WARNINGS > cfg->rc_algorithm = KVZ_LAMBDA; > } > > +if (avctx->color_range != AVCOL_RANGE_UNSPECIFIED) > +cfg->vui.fullrange = avctx->color_range == AVCOL_RANGE_JPEG; > +if (avctx->color_primaries != AVCOL_PRI_UNSPECIFIED) > +cfg->vui.colorprim = avctx->color_primaries; > +if (avctx->color_trc != AVCOL_TRC_UNSPECIFIED) > +cfg->vui.transfer = avctx->color_trc; > +if (avctx->colorspace != AVCOL_SPC_UNSPECIFIED) > +cfg->vui.colormatrix = avctx->colorspace; > + Just one thing that I was going to type on IRC but then didn't have the moment: If kvazaar does support chroma location, please could you add that as well? :) You can see in libx264 wrapper how that is done when just a single field needs to be filled, while libx265 wrapper's 9b2281a4a383677ded522e603514789cc22498fa shows how to handle the case where both the bool and both the internal values have to be written out. Of course is kvazaar doesn't yet support writing this out, then discard this part. Finally, do these VUI entries require a new minimum kvazaar version compared to the current configure check? As in, if you try to build the wrapper with your commit together with... 0.8.1 - does it build successfully? Jan ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
Re: [FFmpeg-devel] [PATCH v2] avcodec/libkvazaar: Respect codec context color settings.
On Sat, Sep 30, 2023 at 12:39 AM Vittorio Giovara wrote: > > On Fri, Sep 29, 2023 at 5:12 PM John Mather via ffmpeg-devel < > ffmpeg-devel@ffmpeg.org> wrote: > > > This patch makes the libkvazaar encoder respect color settings that are > > present on the codec context, including color range, primaries, transfer > > function and colorspace. > > --- > > libavcodec/libkvazaar.c | 9 + > > 1 file changed, 9 insertions(+) > > > > diff --git a/libavcodec/libkvazaar.c b/libavcodec/libkvazaar.c > > index 2ef34dd82e..984f78ba65 100644 > > --- a/libavcodec/libkvazaar.c > > +++ b/libavcodec/libkvazaar.c > > @@ -101,6 +101,15 @@ FF_ENABLE_DEPRECATION_WARNINGS > > cfg->rc_algorithm = KVZ_LAMBDA; > > } > > > > +if (avctx->color_range != AVCOL_RANGE_UNSPECIFIED) > > +cfg->vui.fullrange = avctx->color_range == AVCOL_RANGE_JPEG; > > +if (avctx->color_primaries != AVCOL_PRI_UNSPECIFIED) > > +cfg->vui.colorprim = avctx->color_primaries; > > +if (avctx->color_trc != AVCOL_TRC_UNSPECIFIED) > > +cfg->vui.transfer = avctx->color_trc; > > +if (avctx->colorspace != AVCOL_SPC_UNSPECIFIED) > > +cfg->vui.colormatrix = avctx->colorspace; > > > > since both avcodec and the library follow the same standard, you could > avoid checking for UNSPECIFIED entirely and just assign the value there For the record, both libx264 and libx265 wrappers essentially have the UNSPECIFIED check. For x265 I guess it was due to bEnableColorDescriptionPresentFlag having to be set by the API caller as well, while for x264 this logic was added in 48d39c8786d2a1a36258d8e442602729eef0474c , I wonder if due to x264 having an initial default value in the struct, and checking against that for whether a user set that value or not. Or maybe it was just cargo culted from somewhere else? So if kvazaar has no initial value there in those values of the struct that it uses for checking if a value was set, then the ifs are indeed unnecessary. Jan ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
Re: [FFmpeg-devel] [PATCH 1/6] avformat/avidec: support huge durations
On Sat, Sep 30, 2023 at 11:35:19AM +0200, Marton Balint wrote:
>
>
> On Sat, 30 Sep 2023, Michael Niedermayer wrote:
>
> > Fixes: signed integer overflow: 109817402400 * 301990077 cannot be
> > represented in type 'long long'
> > Fixes:
> > 51896/clusterfuzz-testcase-minimized-ffmpeg_dem_AVI_fuzzer-6706191715139584
> >
> > Found-by: continuous fuzzing process
> > https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
> > Signed-off-by: Michael Niedermayer
> > ---
> > libavformat/avidec.c | 12 ++--
> > 1 file changed, 10 insertions(+), 2 deletions(-)
> >
> > diff --git a/libavformat/avidec.c b/libavformat/avidec.c
> > index 00bd7a98a9d..cfc693842b7 100644
> > --- a/libavformat/avidec.c
> > +++ b/libavformat/avidec.c
> > @@ -27,6 +27,7 @@
> > #include "libavutil/avstring.h"
> > #include "libavutil/opt.h"
> > #include "libavutil/dict.h"
> > +#include "libavutil/integer.h"
> > #include "libavutil/internal.h"
> > #include "libavutil/intreadwrite.h"
> > #include "libavutil/mathematics.h"
> > @@ -476,7 +477,7 @@ static int calculate_bitrate(AVFormatContext *s)
> > AVStream *st = s->streams[i];
> > FFStream *const sti = ffstream(st);
> > int64_t duration;
> > -int64_t bitrate;
> > +int64_t bitrate = 0;
> >
> > for (j = 0; j < sti->nb_index_entries; j++)
> > len += sti->index_entries[j].size;
> > @@ -484,7 +485,14 @@ static int calculate_bitrate(AVFormatContext *s)
> > if (sti->nb_index_entries < 2 || st->codecpar->bit_rate > 0)
> > continue;
> > duration = sti->index_entries[j-1].timestamp -
> > sti->index_entries[0].timestamp;
> > -bitrate = av_rescale(8*len, st->time_base.den, duration *
> > st->time_base.num);
> > +if (INT64_MAX / duration >= st->time_base.num) {
> > +bitrate = av_rescale(8*len, st->time_base.den, duration *
> > st->time_base.num);
>
> Why not always use the AVInteger version? This is not performance sensitive
> as far as I see.
We can, i will have to fix the rounding though so it matches av_rescale()
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
Let us carefully observe those good qualities wherein our enemies excel us
and endeavor to excel them, by avoiding what is faulty, and imitating what
is excellent in them. -- Plutarch
signature.asc
Description: PGP signature
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-devel] [PATCH] avcodec/lcldec: fix uncompressed buffer size calculation
Attached. From efa34f7cd140f4e696641ce730b8e2b97e3d8452 Mon Sep 17 00:00:00 2001 From: Paul B Mahol Date: Sat, 30 Sep 2023 12:33:58 +0200 Subject: [PATCH] avcodec/lcldec: fix uncompressed buffer size calculation The width is truncated to multiple of 2. Signed-off-by: Paul B Mahol --- libavcodec/lcldec.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libavcodec/lcldec.c b/libavcodec/lcldec.c index 11e28683ba..3168f9697f 100644 --- a/libavcodec/lcldec.c +++ b/libavcodec/lcldec.c @@ -248,7 +248,7 @@ static int decode_frame(AVCodecContext *avctx, AVFrame *frame, bppx2 = 0; // will error out below break; } -if (len < ((width * height * bppx2) >> 1)) +if (len < (((width & 0xFFFC) * height * bppx2) >> 1)) return AVERROR_INVALIDDATA; break; } -- 2.42.0 ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
Re: [FFmpeg-devel] [PATCH 07/14] avcodec/vorbis: Use void* logctx instead of AVCodecContext*
Andreas Rheinhardt:
> Signed-off-by: Andreas Rheinhardt
> ---
> libavcodec/vorbis.c | 8 +---
> libavcodec/vorbis.h | 4 +---
> 2 files changed, 6 insertions(+), 6 deletions(-)
>
> diff --git a/libavcodec/vorbis.c b/libavcodec/vorbis.c
> index d0b660b44a..3d85997576 100644
> --- a/libavcodec/vorbis.c
> +++ b/libavcodec/vorbis.c
> @@ -27,8 +27,10 @@
> */
>
> #include "libavutil/common.h"
> +#include "libavutil/error.h"
> +#include "libavutil/log.h"
> +#include "libavutil/macros.h"
>
> -#include "avcodec.h"
> #include "vorbis.h"
> #include "vorbis_data.h"
>
> @@ -104,7 +106,7 @@ int ff_vorbis_len2vlc(uint8_t *bits, uint32_t *codes,
> unsigned num)
> return 0;
> }
>
> -int ff_vorbis_ready_floor1_list(AVCodecContext *avctx,
> +int ff_vorbis_ready_floor1_list(void *logctx,
> vorbis_floor1_entry *list, int values)
> {
> int i;
> @@ -130,7 +132,7 @@ int ff_vorbis_ready_floor1_list(AVCodecContext *avctx,
> int j;
> for (j = i + 1; j < values; j++) {
> if (list[i].x == list[j].x) {
> -av_log(avctx, AV_LOG_ERROR,
> +av_log(logctx, AV_LOG_ERROR,
> "Duplicate value found in floor 1 X coordinates\n");
> return AVERROR_INVALIDDATA;
> }
> diff --git a/libavcodec/vorbis.h b/libavcodec/vorbis.h
> index aa1ec5719d..7190465f0d 100644
> --- a/libavcodec/vorbis.h
> +++ b/libavcodec/vorbis.h
> @@ -23,8 +23,6 @@
>
> #include
>
> -#include "avcodec.h"
> -
> typedef struct vorbis_floor1_entry {
> uint16_t x;
> uint16_t sort;
> @@ -32,7 +30,7 @@ typedef struct vorbis_floor1_entry {
> uint16_t high;
> } vorbis_floor1_entry;
>
> -int ff_vorbis_ready_floor1_list(AVCodecContext *avctx,
> +int ff_vorbis_ready_floor1_list(void *logctx,
> vorbis_floor1_entry *list, int values);
> unsigned int ff_vorbis_nth_root(unsigned int x, unsigned int n); // x^(1/n)
> int ff_vorbis_len2vlc(uint8_t *bits, uint32_t *codes, unsigned num);
Will apply patches 7-14 tomorrow unless there are objections.
- Andreas
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
Re: [FFmpeg-devel] [PATCH 1/6] avformat/avidec: support huge durations
On Sat, 30 Sep 2023, Michael Niedermayer wrote:
Fixes: signed integer overflow: 109817402400 * 301990077 cannot be represented
in type 'long long'
Fixes:
51896/clusterfuzz-testcase-minimized-ffmpeg_dem_AVI_fuzzer-6706191715139584
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer
---
libavformat/avidec.c | 12 ++--
1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/libavformat/avidec.c b/libavformat/avidec.c
index 00bd7a98a9d..cfc693842b7 100644
--- a/libavformat/avidec.c
+++ b/libavformat/avidec.c
@@ -27,6 +27,7 @@
#include "libavutil/avstring.h"
#include "libavutil/opt.h"
#include "libavutil/dict.h"
+#include "libavutil/integer.h"
#include "libavutil/internal.h"
#include "libavutil/intreadwrite.h"
#include "libavutil/mathematics.h"
@@ -476,7 +477,7 @@ static int calculate_bitrate(AVFormatContext *s)
AVStream *st = s->streams[i];
FFStream *const sti = ffstream(st);
int64_t duration;
-int64_t bitrate;
+int64_t bitrate = 0;
for (j = 0; j < sti->nb_index_entries; j++)
len += sti->index_entries[j].size;
@@ -484,7 +485,14 @@ static int calculate_bitrate(AVFormatContext *s)
if (sti->nb_index_entries < 2 || st->codecpar->bit_rate > 0)
continue;
duration = sti->index_entries[j-1].timestamp -
sti->index_entries[0].timestamp;
-bitrate = av_rescale(8*len, st->time_base.den, duration *
st->time_base.num);
+if (INT64_MAX / duration >= st->time_base.num) {
+bitrate = av_rescale(8*len, st->time_base.den, duration *
st->time_base.num);
Why not always use the AVInteger version? This is not performance
sensitive as far as I see.
Regards,
Marton
+} else {
+AVInteger bitrate_i = av_div_i(av_mul_i(av_int2i(8*len),
av_int2i(st->time_base.den)),
+ av_mul_i(av_int2i(duration),
av_int2i(st->time_base.num)));
+if (av_cmp_i(bitrate_i, av_int2i(INT64_MAX)) <= 0)
+bitrate = av_i2int(bitrate_i);
+}
if (bitrate > 0) {
st->codecpar->bit_rate = bitrate;
}
--
2.17.1
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
Re: [FFmpeg-devel] [PATCH] avdevice/lavfi: Fix double-free on error
On 29.09.2023 19:28, Andreas Rheinhardt wrote: After the AVFrame has been wrapped into a buffer, it is owned by the buffer and must not be freed manually any more. Yet this happens on subsequent errors. This bug was introduced in 6ca43a9675d651d7ea47c7ba2fafb1bf831c4d0b. Signed-off-by: Andreas Rheinhardt --- libavdevice/lavfi.c | 9 + 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/libavdevice/lavfi.c b/libavdevice/lavfi.c index ec7ebdbc90..2bfd0b81c7 100644 --- a/libavdevice/lavfi.c +++ b/libavdevice/lavfi.c @@ -365,7 +365,7 @@ static int lavfi_read_packet(AVFormatContext *avctx, AVPacket *pkt) LavfiContext *lavfi = avctx->priv_data; double min_pts = DBL_MAX; int stream_idx, min_pts_sink_idx = 0; -AVFrame *frame; +AVFrame *frame, *frame_to_free; AVDictionary *frame_metadata; int ret, i; AVStream *st; @@ -378,6 +378,7 @@ static int lavfi_read_packet(AVFormatContext *avctx, AVPacket *pkt) frame = av_frame_alloc(); if (!frame) return AVERROR(ENOMEM); +frame_to_free = frame; /* iterate through all the graph sinks. Select the sink with the * minimum PTS */ @@ -423,6 +424,7 @@ static int lavfi_read_packet(AVFormatContext *avctx, AVPacket *pkt) ret = AVERROR(ENOMEM); goto fail; } +frame_to_free = NULL; pkt->data = pkt->buf->data; pkt->size = pkt->buf->size; @@ -463,12 +465,11 @@ FF_DISABLE_DEPRECATION_WARNINGS FF_ENABLE_DEPRECATION_WARNINGS #endif -if (st->codecpar->codec_type != AVMEDIA_TYPE_VIDEO) -av_frame_free(); +av_frame_free(_to_free); return pkt->size; fail: -av_frame_free(); +av_frame_free(_to_free); return ret; } Looks sensible to me ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-devel] [PATCH 3/3] swscale/rgb2rgb: unroll RISC-V V uyvytoyuv422
--- libswscale/riscv/rgb2rgb_rvv.S | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/libswscale/riscv/rgb2rgb_rvv.S b/libswscale/riscv/rgb2rgb_rvv.S index 3200370224..ff02eba9bf 100644 --- a/libswscale/riscv/rgb2rgb_rvv.S +++ b/libswscale/riscv/rgb2rgb_rvv.S @@ -112,14 +112,14 @@ endfunc mv t2, a2 addia5, a5, -1 2: -vsetvlit5, t4, e8, m1, ta, ma +vsetvlit5, t4, e8, m2, ta, ma vlseg2e16.v v16, (t3) subt4, t4, t5 vnsrl.wi v24, v16, \y_shift // Y0 sh2add t3, t5, t3 -vnsrl.wi v25, v18, \y_shift // Y1 +vnsrl.wi v26, v20, \y_shift // Y1 vnsrl.wi v28, v16, 8 - \y_shift // U -vnsrl.wi v30, v18, 8 - \y_shift // V +vnsrl.wi v30, v20, 8 - \y_shift // V vsseg2e8.v v24, (t0) sh1add t0, t5, t0 vse8.v v28, (t1) -- 2.42.0 ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-devel] [PATCH 2/3] swscale/rgb2rgb: avoid S-regs in RISC-V V uyvytoyuv422
We can make do with callee-clobbered registers only now. As an added bonus, this makes the code XLEN-independent. --- libswscale/riscv/rgb2rgb.c | 2 -- libswscale/riscv/rgb2rgb_rvv.S | 10 ++ 2 files changed, 2 insertions(+), 10 deletions(-) diff --git a/libswscale/riscv/rgb2rgb.c b/libswscale/riscv/rgb2rgb.c index 162a4082b0..565f0b77f1 100644 --- a/libswscale/riscv/rgb2rgb.c +++ b/libswscale/riscv/rgb2rgb.c @@ -55,10 +55,8 @@ av_cold void rgb2rgb_init_riscv(void) shuffle_bytes_1230 = ff_shuffle_bytes_1230_rvv; shuffle_bytes_3012 = ff_shuffle_bytes_3012_rvv; interleaveBytes = ff_interleave_bytes_rvv; -#if (__riscv_xlen == 64) uyvytoyuv422 = ff_uyvytoyuv422_rvv; yuyvtoyuv422 = ff_yuyvtoyuv422_rvv; -#endif } #endif } diff --git a/libswscale/riscv/rgb2rgb_rvv.S b/libswscale/riscv/rgb2rgb_rvv.S index 3e7988ca01..3200370224 100644 --- a/libswscale/riscv/rgb2rgb_rvv.S +++ b/libswscale/riscv/rgb2rgb_rvv.S @@ -100,12 +100,9 @@ func ff_interleave_bytes_rvv, zve32x ret endfunc -#if (__riscv_xlen == 64) .macro yuy2_to_i422p y_shift -addisp, sp, -16 -sd s0, (sp) addia4, a4, 1 -lw s0, 16(sp) +lw t6, (sp) sraia4, a4, 1 // pixel width -> chroma width 1: mv t4, a4 @@ -131,14 +128,12 @@ endfunc addt2, t5, t2 bnez t4, 2b -add a3, a3, s0 +add a3, a3, t6 add a0, a0, a6 add a1, a1, a7 add a2, a2, a7 bneza5, 1b -ld s0, (sp) -addisp, sp, 16 ret .endm @@ -149,4 +144,3 @@ endfunc func ff_yuyvtoyuv422_rvv, zve32x yuy2_to_i422p 0 endfunc -#endif -- 2.42.0 ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-devel] [PATCH 1/3] swscale/rgb2rgb: rework RISC-V V uyvytoyuv422
This avoids using relatively slow register strides. --- libswscale/riscv/rgb2rgb_rvv.S | 24 +++- 1 file changed, 11 insertions(+), 13 deletions(-) diff --git a/libswscale/riscv/rgb2rgb_rvv.S b/libswscale/riscv/rgb2rgb_rvv.S index 008f098bfe..3e7988ca01 100644 --- a/libswscale/riscv/rgb2rgb_rvv.S +++ b/libswscale/riscv/rgb2rgb_rvv.S @@ -101,34 +101,33 @@ func ff_interleave_bytes_rvv, zve32x endfunc #if (__riscv_xlen == 64) -.macro yuy2_to_i422p v_y0, v_y1, v_u, v_v +.macro yuy2_to_i422p y_shift addisp, sp, -16 sd s0, (sp) -sd s1, 8(sp) addia4, a4, 1 lw s0, 16(sp) sraia4, a4, 1 // pixel width -> chroma width -li s1, 2 1: mv t4, a4 mv t3, a3 mv t0, a0 -addit6, a0, 1 mv t1, a1 mv t2, a2 addia5, a5, -1 2: vsetvlit5, t4, e8, m1, ta, ma +vlseg2e16.v v16, (t3) subt4, t4, t5 -vlseg4e8.v v8, (t3) +vnsrl.wi v24, v16, \y_shift // Y0 sh2add t3, t5, t3 -vsse8.v\v_y0, (t0), s1 +vnsrl.wi v25, v18, \y_shift // Y1 +vnsrl.wi v28, v16, 8 - \y_shift // U +vnsrl.wi v30, v18, 8 - \y_shift // V +vsseg2e8.v v24, (t0) sh1add t0, t5, t0 -vsse8.v\v_y1, (t6), s1 -sh1add t6, t5, t6 -vse8.v \v_u, (t1) +vse8.v v28, (t1) addt1, t5, t1 -vse8.v \v_v, (t2) +vse8.v v30, (t2) addt2, t5, t2 bnez t4, 2b @@ -138,17 +137,16 @@ endfunc add a2, a2, a7 bneza5, 1b -ld s1, 8(sp) ld s0, (sp) addisp, sp, 16 ret .endm func ff_uyvytoyuv422_rvv, zve32x -yuy2_to_i422p v9, v11, v8, v10 +yuy2_to_i422p 8 endfunc func ff_yuyvtoyuv422_rvv, zve32x -yuy2_to_i422p v8, v10, v9, v11 +yuy2_to_i422p 0 endfunc #endif -- 2.42.0 ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
