See https://trac.ffmpeg.org/ticket/7687
If an encoded frame is returned split over two or more
IL buffers due to the size, then there is a race between
whether get_buffer will fail, return NULL, and a truncated
frame is passed on, or IL will return the remaining part
of the encoded frame.
If get_buffer returns NULL, part of the frame is left behind
in the codec, and will be collected on the next call. That
then leaves a frame stuck in the codec. Repeat enough times
and the codec FIFO is full, and the pipeline stalls.
A performance improvement in the Raspberry Pi firmware means
that the timing has changed, and now frequently drops into the
case where get_buffer returns NULL.
Add code such that should a buffer be received without
OMX_BUFFERFLAG_ENDOFFRAME that get_buffer is called with wait
set, so we wait for the remainder of the frame.
This code has been made conditional on the Pi build in case
other IL implementations don't handle ENDOFFRAME correctly.
Signed-off-by: Dave Stevenson <dave.stevenson@raspberrypi.org>
Signed-off-by: Aman Gupta <aman@tmm1.net>
Signed-off-by: Martin Storsjö <martin@martin.st>
The packet counting based approach caused excessive sdt/pat/pmt for VBR, so
let's use a timestamp based approach instead similar to how we emit PCRs.
SDT/PAT/PMT period should be consistent for both VBR and CBR from now on.
Also change the type of sdt_period and pat_period to AV_OPT_TYPE_DURATION so no
floating point math is necessary.
Fixes ticket #3714.
Signed-off-by: Marton Balint <cus@passwd.hu>
Fixes: signed integer overflow: 2088795537 + 2147254401 cannot be represented in type 'int'
Fixes: signed integer overflow: -1500363496 + -1295351808 cannot be represented in type 'int'
Fixes: signed integer overflow: -79560 * 32640 cannot be represented in type 'int'
Fixes: signed integer overflow: 2088910005 + 2088796058 cannot be represented in type 'int'
Fixes: signed integer overflow: -117258064 - 2088725225 cannot be represented in type 'int'
Fixes: signed integer overflow: 2088725225 - -117258064 cannot be represented in type 'int'
Fixes: 15739/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALAC_fuzzer-5630664122040320
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
If all tables are skipped it would be impossible to encode any
"non black" video.
Fixes: Timeout (78sec -> 1ms)
Fixes: 15821/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SMACKER_fuzzer-5652598838788096
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This is significantly faster
Fixes: Timeout (1sec after this and the previous commit)
Fixes: 15558/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PPM_fuzzer-5705273643106304
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
None of the keys we support is that long and other keys
lead to decoder failure. None of the values is expected
to be longer, they are all numbers or short keywords.
This simplifies the code
Fixes: Timeout (9sec->43ms)
Fixes: 15177/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PAM_fuzzer-5080556716425216
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 3e+47 is outside the range of representable values of type 'int'
Fixes: 16057/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5691111307214848
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Clipping was added in 2009 to avoid crashes.
The clipped case would produce a 2nd slice with 0 input
thus also producing 0 output.
Subsequent checks will cause decoder failure unless both
slices have the same output length. thus the only way this
would not already fail is if the output from both slices
was 0 bytes.
Fixes: Timeout (134sec -> 241ms)
Fixes: 15599/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MSZH_fuzzer-5658127116009472
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
The dimensions are always 320x200 they are hardcoded in the demuxer.
Hardcode them instead in the decoder.
Fixes: Timeout (16sec -> 400ms)
Fixes: 15574/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RL2_fuzzer-5158614072819712
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Reviewed-by: Carl Eugen Hoyos <ceffmpeg@gmail.com>
Signed-off-by: leozhang <leozhang@qiyi.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Current default is 256kbps, which produces inconsistent
results (too high for low-res, too low for hi-res).
Use CRF instead, which will adapt.
Signed-off-by: James Zern <jzern@google.com>
Fix#6591
The content has no rbsp_stop_one_bit for ending the SPS, that
causes the decoding SPS failure, results decoding frame failure as well.
The patch is just adding a retry with complete NALU, copied from the retry in decode_nal_unit()
Signed-off-by: James Almer <jamrial@gmail.com>
Fixes: memleaks
Fixes: 16289/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AAC_LATM_fuzzer-5200695692623872
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: out of array access
Fixes: 16277/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5696629440512000
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
As of LLVM r368102, Clang will set a pointer tag in bits 56-63 of the
address of a global when compiling with -fsanitize=hwaddress. This requires
an adjustment to assembly code that takes the address of such globals: the
code cannot use the regular R_AARCH64_ADR_PREL_PG_HI21 relocation to refer
to the global, since the tag would take the address out of range. Instead,
the code must use the non-checking (_NC) variant of the relocation (the
link-time check is substituted by a runtime check).
This change makes the necessary adjustment in the movrel macro, where it is
needed when compiling with -fsanitize=hwaddress.
Signed-off-by: Peter Collingbourne <pcc@google.com>
Reviewed-by: Martin Storsjö
Reviewed-by: Janne Grunau
Add the usage of tensorflow model in derain filter. Training scripts
as well as scripts for tf/native model generation are provided in the
repository at https://github.com/XueweiMeng/derain_filter.git.
Reviewed-by: Steven Liu <lq@onvideo.cn>
Signed-off-by: Xuewei Meng <xwmeng96@gmail.com>
Fixes: signed integer overflow: 1927975249 - -514719744 cannot be represented in type 'int'
Fixes: 16413/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALS_fuzzer-5651206856245248
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Thilo Borgmann <thilo.borgmann@mail.de>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This allows decoding more als reference samples
Suggested-by: Thilo Borgmann <thilo.borgmann@mail.de>
Reviewed-by: Thilo Borgmann <thilo.borgmann@mail.de>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
There seems to be no limit in the specification and upto 64k could be stored
512 is choosen as limit as thats the maximum in a conformance sample
An alternative to this patch would be a max_channels variable
Fixes: OOM
Fixes: 16200/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALS_fuzzer-5764788793114624
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Suggested-by: Thilo Borgmann <thilo.borgmann@mail.de>
Reviewed-by: Thilo Borgmann <thilo.borgmann@mail.de>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Dave Stevenson
Aman Gupta
Marton Balint
Michael Niedermayer
leozhang
elliottk
Jun Li
James Almer
Jarek Samic
Peter Collingbourne
Xuewei Meng
Paul B Mahol
Steven Liu
Zhong Li