Age | Commit message (Collapse) | Author |
|
Instead of creating a new decoder instance when restarting all threads
after they were shut down, re-create threads on the new flag.
BUG=webm:1577
Change-Id: I6272ecaa1b586afdaa5ed8d6eab80aff8f5eb673
|
|
If decoder keeps going, threads will be brought up.
BUG=902650,webm:1577
Change-Id: I7765ba134aeed76ec0f58bd05e3a35383e6861c3
|
|
Change-Id: I2793a1b65164946eb7d67d80ccba9e798db3d9af
|
|
Take the original loopfilter multi-thread optimization
(dafe064289a917977439ab6f4f002b9946496084) along with the fixes for bugs
1558 and 1562.
BUG=webm:1558
BUG=webm:1562
Change-Id: Ibbf6bd13f4ffff0e79184ccfd6b85a49e067a6d8
|
|
This reverts commit bf6299010e815e111d7326530c249e9d99611f34.
segfaults, causes an assertion failure with corrupt input:
get_uv_tx_size: Assertion `mi->sb_type < BLOCK_8X8 ||
ss_size_lookup[mi->sb_type][pd->subsampling_x][pd->subsampling_y] !=
BLOCK_INVALID
BUG=webm:1562
Change-Id: I05a711cad3d8e7f1a8e64422b4356bdf4edb3d12
|
|
This reverts commit 753fd86e86ac727dccac88376260b8f54502f2a3.
This also has the fix for the DoS reported in bug 1558.
BUG=webm:1558
Change-Id: I65ea84e0c11d6bd40d8cb0587dfe934b3ac11dce
|
|
BUG=webm:1495
Change-Id: Ibaee35aa5e8e00847c61e707f2c9b4c0cff23673
|
|
In the process of fixing a ubsan warning:
commit 738b829b8cdf079a5fa48c74a28a177c9567d212
Fix incorrect size reading
the inferred check of start < end was removed. This causes fuzzed files
to get a little further and segfault in vp8dx_start_decode.
Change-Id: I316e23058753ba42dbcc46d27eb575f51c8a9e9a
|
|
Exposed by fuzz test in high bitdepth.
The bug is introduced in commit 64653fa.
BUG=webm:1466
Change-Id: Idd77d5c6a60efb9241471611ce1aba0646cb6ff5
|
|
Change-Id: If4c3e8a396d0fcb304f407b44e28cac3219f038c
|
|
the check for error correction being disabled was overriding the data
length checks. this avoids returning incorrect information (width /
height) for the decoded frame which could result in inconsistent sizes
returned in to an application causing it to read beyond the bounds of
the frame allocation.
BUG=webm:1443
BUG=b/62458770
Change-Id: I063459674e01b57c0990cb29372e0eb9a1fbf342
|
|
best_sub8x8[1] won't be used meaningfully when is_compound is false, but
may trigger an msan warning as the value is copied around and later
clamped.
BUG=667044
Change-Id: Icc24c3b72cdb550bebea44d4aaa4ff8bf3fbab56
|
|
vp9_init_macroblockd() resets the error_info to cm's global copy; this
needs to be set to the thread-level target to avoid jumping to the
incorrect stack, resulting in hang or crash.
broken since:
1f4a6c8 vp9/tile_worker_hook: add multiple tile decoding
includes v1.5.0, v1.6.0
BUG=629481
Change-Id: Icbf1696b25ba8c479e845fbf227b3c3ca73542f5
|
|
with --disable-vp9
Change-Id: I81bd603b02ee5d1b45a50aa9e7534f9da498b0e0
|
|
when decoding an invalid bitstream with --enable-vp9-highbitdepth
BUG=webm:1297
Change-Id: I401d87033b4293f2ca595bc51678aad9951ecf15
|
|
present when --disable-vp8(-decoder) or --disable-vp9(-decoder) was used
Change-Id: I31ebb7a55c6f1af3c744982f56b78e80116cc845
|
|
decoding the same invalid keyframe twice would result in a crash as the
second time through the decoder would be assumed to have been
initialized as there was no resolution change. in this case the
resolution was itself invalid (0x6), but vp8_peek_si() was only failing
in the case of 0x0.
invalid-vp80-00-comprehensive-018.ivf.2kf_0x6.ivf tests this case by
duplicating the first keyframe and additionally adds a valid one to
ensure decoding can resume without error.
BUG=b/30593765
Change-Id: If0859035908b7870d67a7f3f646b5a080252eb6d
|
|
this fixes a crash in vp9_dec_setup_mi() via
vp9_init_context_buffers() should decoding continue and the decoder
resyncs on a smaller frame
BUG=b/30593752
Change-Id: I9ce8d94abe89bcd058697e8bd8599690e61bd380
|
|
prevents leak warnings on ASSERT*() failures
Change-Id: I1d3edbdbb18dbbe3b17691971348a8121cf09afa
|
|
Change-Id: I0d9ab85855eb723f653a7bb09b3d0d31dd6cfd2f
|
|
The serial decode check is too strict for tile-threaded decoding as
there is no guarantee on the decode order nor which specific error
will take precedence. Currently a tile-level error is not forwarded so
the frame will simply be marked corrupt.
Change-Id: I51cf1e39e44bedeac93746154b36a4ccb2f059b1
|
|
Change-Id: Icf06d35ca347713253d1eba341a894b51efa81a9
|
|
For vp9 decoder build without profile 2 and profile 3 support, this
commit changes to report error "Unsupported bitstream profile" for
input streams in profile 2 or 3, rather than other misleading error
information.
In addition, one of the invalid files in unit tests is actually coded
profile 2, this commit makes it tested only when the decoder is built
with vp9-highbitdepth.
This fixes issue #1028.
Change-Id: I8b6c1210787c8f89c703a546687dcf973ac20fc0
|
|
cm->frame_bufs[].idx values were made consistent in:
61c5e94 Use -1 consistently as invalid buffer idx
update the initialization in swap_frame_buffers() to match.
additionally:
- remove some shadowed variables in the former and marked them volatile
Change-Id: Ie3f9636c405bd822112bb56bd22d28024ae98909
|
|
This patch was to fix the vpxdec fuzzing3 test failure. When an
error occurs, setjmp() is invoked, which calls the decoder
removing routine. In multiple thread situation, other threads
could try to access the frame context memory that is already
deallocated, thus causing a segfault.
An invalid unit test was added for this issue.
Change-Id: Ida7442154f3d89759483f0f4fe0324041fffb952
|
|
don't bother decoding any further after receiving an earlier decode
error until a key/intra-only frame is encountered.
Change-Id: I381917b70d7a9e6f8d6de42e3d181bb113a4cec4
|
|
Change-Id: I46472a524f5188b293332946be943bd15cfc8777
|
|
allocations within vp9_alloc_context_buffers() rely on mi_rows/mi_cols
individually, use those to determine whether to realloc rather than
stride and stride * rows. this fixes a crash with some fuzzed files for
invalid accesses into last_frame_seg_map and above_context.
Change-Id: I7b9f40dcf170d443890f3bd2acd285507943c7d4
|
|
proceeding using a corrupt (incompletely decoded) frame reference may
lead to incorrect assumptions about allocation sizes leading to a crash.
Change-Id: I76e74f2e1be127c2e2c7e1174bb3307497dfd23d
|
|
store the number of allocated rows in VP9LfSync, the calculated values
can not be relied on when dealing with corrupt material.
Change-Id: I13b8bcec9738c299a71df726772ab7ac05511e5b
|
|
attempting to decode a frame after the previous frame failed has the
potential of interrupting an earlier loop filter task
Change-Id: I6f2b1ddcdf5b89c3e2ee8caf5289dada2a087d66
|
|
if the first frame was corrupt and loop filter not called, the next call
would assume the necessary allocations had been done and segfault when
accessing a NULL pointer
Change-Id: Ib6ef505e5c594e6f0fe65ab0700172bcf06b92a6
|
|
restore const lost in:
f0f9ab6 invalid_file_test.cc: remove unused param warnings
Change-Id: I0c5318f84c81e3dd7bb44468463faf9edd6bc18a
|
|
|
|
Change-Id: Ifde2849f45acb59fbcf29c8735ef0a10d4d9041e
|
|
0-initializes [1] and removes a warning for missing initializer fields
[1] http://en.cppreference.com/w/cpp/language/value_initialization
Change-Id: I364248010c8fa663c71d8f06a9999c730e92db4c
|
|
|
|
Separates HBD profile int two profiles (2 and 3) consistent with the
highbitdepth branch. This patch is ported from the original highbitdepth
branch patch: https://gerrit.chromium.org/gerrit/#/c/70460/
Two of the invalid file tests needed to be updated.
Change-Id: I6a4acd2f7a60b1fb4cbcc8e0dad4eab4248431e3
|
|
Improves the --gtest_list_tests output and avoids a valgrind warning in
gtest's testing::internal2::PrintBytesInObjectTo() due to padding in the
structure.
old:
VP9/InvalidFileTest.
ReturnCode/0 # GetParam() = (0x9d5308, 16-byte object <01-00 00-00 00-00 00-00 37-02 73-00 00-00 00-00>)
new:
VP9/InvalidFileTest.
ReturnCode/0 # GetParam() = (0x9d5308, threads: 1 file: invalid-vp90-01-v2.webm)
Change-Id: Ifb9c66fba2e72272bd591a3f6273aeb6bda6af4a
|
|
fixes visual studio 9 + apple clang builds where the template type is
interpreted as char[] rather than const char*:
::f1_' : cannot specify explicit initializer for arrays
error: array initializer must be an initializer list or string literal
Change-Id: I27286ce341b2f7a09b6202caffd6b72f64fd2234
|
|
Also fix bugs related with corrupted frame handling.
Return VPX_CODEC_CORRUPT_FRAME when getting corrupted
block.
Change-Id: I7207ccc7c68c4df2b40b561315d16e49ccf7ff41
|
|
Change-Id: I6abf139961fbb6a46db740dc023e26ac1e8e9305
|
|
Change-Id: I3d95fbe9a8098256582b5386881d5b7bbdb317ed
|
|
This patch checks that a decoder never tries to reference frame that's
outside the range of 2x to 1/16th the size of this frame. Any attempt
to do so causes a failure.
Change-Id: I5c98fa7bb95ac4f29146f29dd92b62fe96164e4c
|
|
the max is 6. there are assumptions throughout the decode regarding
this; fixes a crash with a fuzzed bitstream
$ zzuf -s 5861 -r 0.01:0.05 -b 6- \
< vp90-2-00-quantizer-00.webm.ivf \
| dd of=invalid-vp90-2-00-quantizer-00.webm.ivf.s5861_r01-05_b6-.ivf \
bs=1 count=81883
Change-Id: I6af41bb34252e88bc156a4c27c80d505d45f5642
|
|
This patch insures that the last byte of a chunk that contains a
valid superframe marker byte, actually has a proper superframe index.
If not it returns an error.
As part of doing that the file : vp90-2-15-fuzz-flicker.webm now fails
to decode properly and moves to the invalid file test from the test
vector suite.
Change-Id: I5f1da7eb37282ec0c6394df5c73251a2df9c1744
|
|
See: https://code.google.com/p/chromium/issues/detail?id=362697
The code properly catches an invalid stream but seg faults instead of
returning an error due to a buffer not having been initialized. This
code fixes that.
Change-Id: I695595e742cb08807e1dfb2f00bc097b3eae3a9b
|
|
This patch adds a mechanism for insuring error checking on invalid files
by creating a unit test that runs the decoder and tests that the error
code matches what's expected on each frame in the decoder.
Disabled for now as this unit test will segfault with existing code.
Change-Id: I896f9686d9ebcbf027426933adfbea7b8c5d956e
|