avcodec/apedec: Check length in long_filter_high_3800()
Fixes out of array read Fixes: 0a7ff0c1d93da9cef28a315ec91b692a/asan_heap-oob_4a52e5_3604_9c56dbb20e308f4faeef7b35f688521a.ape Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Claudio Freire [Tue, 1 Dec 2015 06:28:36 +0000 (03:28 -0300)]
AAC encoder: improve SF range utilization
This patch does 4 things, all of which interact and thus it
woudln't be possible to commit them separately without causing
either quality regressions or assertion failures.
Fate comparison targets don't all reflect improvements in
quality, yet listening tests show substantially improved quality
and stability.
1. Increase SF range utilization.
The spec requires SF delta values to be constrained within the
range -60..60. The previous code was applying that range to
the whole SF array and not only the deltas of consecutive values,
because doing so requires smarter code: zeroing or otherwise
skipping a band may invalidate lots of SF choices.
This patch implements that logic to allow the coders to utilize
the full dynamic range of scalefactors, increasing quality quite
considerably, and fixing delta-SF-related assertion failures,
since now the limitation is enforced rather than asserted.
2. PNS tweaks
The previous modification makes big improvements in twoloop's
efficiency, and every time that happens PNS logic needs to be
tweaked accordingly to avoid it from stepping all over twoloop's
decisions. This patch includes modifications of the sort.
3. Account for lowpass cutoff during PSY analysis
The closer PSY's allocation is to final allocation the better
the quality is, and given these modifications, twoloop is now
very efficient at avoiding holes. Thus, to compute accurate
thresholds, PSY needs to account for the lowpass applied
implicitly during twoloop (by zeroing high bands).
This patch makes twoloop set the cutoff in psymodel's context
the first time it runs, and makes PSY account for it during
threshold computation, making PE and threshold computations
closer to the final allocation and thus achieving better
subjective quality.
4. Tweaks to RC lambda tracking loop in relation to PNS
Without this tweak some corner cases cause quality regressions.
Basically, lambda needs to react faster to overall bitrate
efficiency changes since now PNS can be quite successful in
enforcing maximum bitrates, when PSY allocates too many bits
to the lower bands, suppressing the signals RC logic uses to
lower lambda in those cases and causing aggressive PNS.
This tweak makes PNS much less aggressive, though it can still
use some further tweaks.
Also update MIPS specializations and adjust fuzz
Also in lavc/mips/aacpsy_mips.h: remove trailing whitespace
Aaron Colwell [Mon, 23 Nov 2015 20:06:14 +0000 (12:06 -0800)]
avformat/matroskadec: Fix sample_aspect_ratio for stereo matroska content
matroskaenc.c applies divisors to the display width/height when generating
stereo content. This patch adds the corresponding multipliers to matroskadec.c
so that the original sample aspect ratio can be recovered.
avformat/mp3dec: prefer "fast_seek" to TOC seek for CBR files.
"Fast seek" uses linear interpolation to find the position of the
requested seek time. For CBR this is more direct than using the
mp3 TOC and bypassing the TOC avoids problems with TOC precision.
(see https://crbug.com/545914#c13)
For VBR, fast seek is not precise, so continue to prefer the TOC
when available (the lesser of two evils).
Also, some re-ordering of the logic in mp3_seek to simplify and
give usetoc=1 precedence over fastseek flag.
avcodec/mpegaudio_tablegen: more dynamic table creation speedups
This further speeds up runtime initialization, with identical generated tables.
Sample benchmark (x86-64, Haswell, GNU/Linux):
old: 34441423 decicycles in mpegaudio_tableinit, 8192 runs, 0 skips
new: 10776291 decicycles in mpegaudio_tableinit, 8192 runs, 0 skips
Most low hanging fruit is taken care of here. For some idea, note that
83,064 array elements totalling 233,722 bytes need to be initialized.
Thus, with this patch, we average ~ 12.9 cycles per element or ~ 4.6
cycles per byte.
avcodec/mpegaudio_tablegen: speed up dynamic table creation
This does some miscellaneous stuff mainly avoiding the usage of pow to
achieve significant speedups. This is not speed critical, but is
unnecessary latency and cycles wasted for a user.
All tables tested and are identical to the old ones
(bit-exact even in floating point case).
avutil/mathematics: Do not treat INT64_MIN as positive in av_rescale_rnd
The code expects actual positive numbers and gives completely wrong
results if INT64_MIN is treated as positive
Instead clip it into the valid range that is add 1 and treat it as
negative
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
The table in question is a 253 byte one. In fact, it turns out that
dynamic generation of the table results in an increased binary size.
Code compiled with GCC 5.2.0, x86-64 (size in bytes), before and after
patch:
old: 62321064 libavcodec/libavcodec.so.57
new: 62320536 libavcodec/libavcodec.so.57
Thus, it always make sense to statically allocate this.
Tested with FATE with/without --enable-hardcoded-tables.
Will Kelleher [Tue, 27 Oct 2015 17:08:45 +0000 (12:08 -0500)]
qsvenc: write a53 caption data to SEI
Signed-off-by: Will Kelleher <wkelleher@gogoair.com>
Previous version reviewed-by: Ivan Uskov <ivan.uskov@nablet.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: ==13287== Invalid read of size 4
==13287== at 0x45161A: flush_buffer (aviobuf.c:143)
==13287== by 0x451971: avio_flush (aviobuf.c:200)
==13287== by 0x512CCF: av_write_trailer (mux.c:1016)
==13287== by 0x41A5E0: close_connection (ffserver.c:853)
==13287== by 0x421EDC: rtsp_cmd_interrupt (ffserver.c:3245)
==13287== by 0x420B9C: rtsp_parse_request (ffserver.c:2854)
==13287== by 0x41A9C2: handle_connection (ffserver.c:930)
==13287== by 0x41A04B: http_server (ffserver.c:700)
==13287== by 0x423A60: main (ffserver.c:3897)
==13287== Address 0xb6cd258 is 88 bytes inside a block of size 192 free'd
==13287== at 0x4C2B5D9: free (vg_replace_malloc.c:446)
==13287== by 0x1004DAC: av_free (mem.c:239)
==13287== by 0x454835: avio_close_dyn_buf (aviobuf.c:1170)
==13287== by 0x41F385: http_prepare_data (ffserver.c:2368)
==13287== by 0x41F59B: http_send_data (ffserver.c:2416)
==13287== by 0x41ABE2: handle_connection (ffserver.c:986)
==13287== by 0x41A04B: http_server (ffserver.c:700)
==13287== by 0x423A60: main (ffserver.c:3897)
Reviewed-by: "Reynaldo H. Verdejo Pinochet" <reynaldo@osg.samsung.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
avcodec/mpeg4videodec: Check available data before reading custom matrix
Fixes: out of array read Fixes: 76c515fc3779d1b838667c61ea13ce92/asan_heap-oob_1fc0d07_8913_794a4629a264ebdb25b58d3a94ed1785.bit Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
The DC VLC table used is too small, fixing this requires a sample,
thus request a sample.
Some samples are said to work even though the table has the wrong size, thus
this is left enabled if the user enables experimental features.
Fixes: 2abd25478c62a675f335fac00b467023/asan_static-oob_10aff98_1227_8811480c6ef1e970a7977ceb7e5a9958.mxf Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Approved-by: kurosu Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Claudio Freire [Sun, 29 Nov 2015 18:03:45 +0000 (15:03 -0300)]
AAC encoder: make pe.min a local minimum
As noted in a comment, pe.min in the reference encoder
is centered around current pe. The bit reservoir algo
needs pe.min to be a local minimum, because it can only
account for local PE variations. If it's set to a global
minimum as was being done, bit reservoir logic doesn't
work as efficiently.
This patch tries to forget old minimums and converge to
a local minimum without losing the stability of the
previous solution. Listening tests until now suggest this
solves numerous RC issues.
Paul B Mahol [Sun, 29 Nov 2015 11:37:48 +0000 (12:37 +0100)]
avfilter/avf_showvolume: fix several issues
Fix color fading: previously color could fade to red when
volume level for red color was actually never reached.
Display volume value on right side.
Use red color only if clipping is needed.
Hendrik Leppkes [Mon, 16 Nov 2015 23:28:58 +0000 (00:28 +0100)]
avformat/mlpdec: consider all valid mlp access units when probing
Fixes probing of truehd/mlp files with a lot of frames in between the
major sync frames. The spec allows a distance of up to 128 frames in
between major sync frames, which leads to the probing code not reaching
the desired score.
avcodec/h264_refs: Check that long references match before use
Fixes out of array read Fixes: 59bb925e90201fa0f87f0a31945d43b5/asan_heap-oob_4a52e5_3388_66027f11e3d072f1e02401ecc6193361.jvt Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
avcodec/utils: Clear dimensions in ff_get_buffer() on failure
Fixes out of array access Fixes: 482d8f2fd17c9f532b586458a33f267c/asan_heap-oob_4a52b6_7417_1d08d477736d66cdadd833d146bb8bae.mov Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes out of array read Fixes: 2f95ddd996db8a6281d2e18c184595a7/asan_heap-oob_192fe91_3330_58e4441181e30a66c19f743dcb392347.bit Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes out of array access Fixes: 08664a2a7921ef48172f26495c7455be/asan_heap-oob_23036c6_3301_523388ef84285a0270caf67a43247b59.bit Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
ff_aac_tableinit is a macro in the case of hardcoded tables, so wrap
that up in a function (similar to how the decoder template does it) and
use that as the argument for ff_thread_once().
avcodec/jpeg2000dwt: Check ndeclevels before calling dwt_decode*()
Fixes out of array access Fixes: 01859c9a9ac6cd60a008274123275574/asan_heap-oob_1dff571_8250_50d3d1611e294c3519fd1fa82198b69b.avi Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes out of array read Fixes: 007c4a36608ebdf27ee260ad60a81184/asan_heap-oob_32076b4_2243_116b1cb29d91cc4974d6680e3d10bd91.bit Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Since the ff_aac_tableinit() can be called by both the encoder and
the decoder (in case of transcoding) this commit shares the AVOnce
variable to prevent this.
avcodec/aac_tablegen: speed up table initialization
This speeds up aac_tablegen to a ludicruous degree (~97%), i.e to the point
where it can be argued that runtime initialization can always be done instead of
hard-coded tables. The only cost is essentially a trivial increase in
the stack size.
Even if one does not care about this, the patch also improves accuracy
as detailed below.
Performance:
Benchmark obtained by looping 10^4 times over ff_aac_tableinit.
Sample benchmark (x86-64, Haswell, GNU/Linux):
old: 1295292 decicycles in ff_aac_tableinit, 512 runs, 0 skips 1275981 decicycles in ff_aac_tableinit, 1024 runs, 0 skips 1272932 decicycles in ff_aac_tableinit, 2048 runs, 0 skips 1262164 decicycles in ff_aac_tableinit, 4096 runs, 0 skips 1256720 decicycles in ff_aac_tableinit, 8192 runs, 0 skips
new:
21112 decicycles in ff_aac_tableinit, 511 runs, 1 skips
21269 decicycles in ff_aac_tableinit, 1023 runs, 1 skips
21352 decicycles in ff_aac_tableinit, 2043 runs, 5 skips
21386 decicycles in ff_aac_tableinit, 4080 runs, 16 skips
21299 decicycles in ff_aac_tableinit, 8173 runs, 19 skips
Matthieu Bouron [Tue, 24 Nov 2015 13:14:54 +0000 (14:14 +0100)]
lavf/utils: avoid decoding a frame to get the codec parameters
Avoid decoding a frame to get the codec parameters while the codec
supports FF_CODEC_CAP_SKIP_FRAME_FILL_PARAM. This is particulary useful
to avoid decoding twice images (once in avformat_find_stream_info and
once when the actual decode is made).
aac_ltp: actually signal LTP as off during EIGHT_SHORT windows
This hugely reduces the echo which was introduced with the previous
commit (though likely because previously everything was broken).
Makes LTP actually worthwhile now.