The current design, where
- proper init is called for the first per-thread context
- first thread's private data is copied into private data for all the
other threads
- a "fixup" function is called for all the other threads to e.g.
allocate dynamically allocated data
is very fragile and hard to follow, so it is abandoned. Instead, the
same init function is used to init each per-thread context. Where
necessary, AVCodecInternal.is_copy can be used to differentiate between
the first thread and the other ones (e.g. for decoding the extradata
just once).
This also fixes several integer overflows by checking each value before
use.
Fixes: 662/clusterfuzz-testcase-4898131432964096
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Failing earlier causes the context to be insufficiently initialized which
can break decoding future frames with threads
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Avoids leaving stale pointers
Fixes: signal_sigabrt_7ffff70eccc9_819_sabtriple.rm with memlimit 536870912
Found-by: Samuel Groß, Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* commit 'da0c8664b4dc906696803685f7e53ade68594ab8':
mpegvideo: Move various temporary buffers to a separate context
Conflicts:
libavcodec/mpegvideo.c
libavcodec/mpegvideo_enc.c
libavcodec/mpegvideo_motion.c
libavcodec/rv34.c
libavcodec/vc1_mc.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* commit 'dc4b2e7d33903a6b9380e8a84b22b3a20facbb08':
rv34: use ff_mpeg_update_thread_context only when decoder is fully initialized
Merged-by: Michael Niedermayer <michaelni@gmx.at>
MpegEncContext based decoders are only fully initialized after the first
ff_thread_get_buffer() call. The RV30/40 decoders may fail before a frame
buffer was requested. ff_mpeg_update_thread_context() fails on half
initialized MpegEncContexts. Since this can only happen before a the
first frame was decoded there is no need to call
ff_mpeg_update_thread_context().
Based on patches by John Stebbins and tested by John Stebbins.
CC: libav-stable@libav.org
* commit '7b9ef8d701c319c26f7d0664fe977e176764c74e':
mpeg: Split error resilience bits off into a separate file
Conflicts:
configure
libavcodec/Makefile
libavcodec/mpegvideo.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
The most interesting parts are initialization in ff_MPV_common_init() and
uninitialization in ff_MPV_common_end().
ff_mpeg_unref_picture and ff_thread_release_buffer have additional NULL
checks for Picture.f, because these functions can be called on
uninitialized or partially initialized Pictures.
NULL pointer checks are added to ff_thread_release_buffer() stub function.
Signed-off-by: Vittorio Giovara <vittorio.giovara@gmail.com>
* commit 'ebfe622bb1ca57cecb932e42926745cba7161913':
mpegvideo: drop support for real (non-emulated) edges
Conflicts:
libavcodec/mpegvideo.c
libavcodec/mpegvideo_motion.c
libavcodec/wmv2.c
If this is slower on a major platform then it should be investigated
and potentially reverted.
See: 8fc52a5ef9
See: 3969b4b861
Merged-by: Michael Niedermayer <michaelni@gmx.at>
Several decoders disable those anyway and they are not measurably faster
on x86. They might be somewhat faster on other platforms due to missing
emu edge SIMD, but the gain is not large enough (and those decoders
relevant enough) to justify the added complexity.
Fixes use of uninitialized memory
Fixes: msan_uninit-mem_7f75e2a55b88_4146_brokenaudio.rmvb
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
* commit '458446acfa1441d283dacf9e6e545beb083b8bb0':
lavc: Edge emulation with dst/src linesize
Conflicts:
libavcodec/cavs.c
libavcodec/h264.c
libavcodec/hevc.c
libavcodec/mpegvideo_enc.c
libavcodec/mpegvideo_motion.c
libavcodec/rv34.c
libavcodec/svq3.c
libavcodec/vc1dec.c
libavcodec/videodsp.h
libavcodec/videodsp_template.c
libavcodec/vp3.c
libavcodec/vp8.c
libavcodec/wmv2.c
libavcodec/x86/videodsp.asm
libavcodec/x86/videodsp_init.c
Changes to the asm are not merged, they are left for volunteers or
in their absence for later.
The changes this merge introduces are reordering of the function
arguments
See: face578d56
Merged-by: Michael Niedermayer <michaelni@gmx.at>
Allow supporting files for which the image stride is smaller than
the maximum block size + number of subpel mc taps, e.g. a 64x64 VP9
file or a 16x16 VP8 file with -fflags +emu_edge.
This allows supporting files for which the image stride is smaller than
the max. block size + number of subpel mc taps, e.g. a 64x64 VP9 file
or a 16x16 VP8 file with -fflags +emu_edge.
* commit 'b3ea76624ad1baab0b6bcc13f3f856be2f958110':
vf_aspect: use the name 's' for the pointer to the private context
Remove commented-out debug #define cruft
Conflicts:
libavcodec/4xm.c
libavcodec/dvdsubdec.c
libavcodec/ituh263dec.c
libavcodec/mpeg12.c
libavfilter/avfilter.c
libavfilter/vf_aspect.c
libavfilter/vf_fieldorder.c
libavformat/rtmpproto.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
