While the FATE suite contains a sample file for Musepack 8, it did not
use it to test the decoder; it is only used in the mpc8-demux test that
tests the demuxer via streamcopy. Therefore this commit adds an actual
encoder test.
The test uses the framecrc output, because Musepack SV8 is an encoder
that returns multiple frames for a single packet, so that timing
information in the test output is valueable. Output seeking has been
used in order to limit the size of the ref file as well as to test this
codepath for the first time.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
avformat/rsd: Check size and start before computing duration
Fixes: signed integer overflow: 100794754 * 28 cannot be represented in type 'int' Fixes: 26474/clusterfuzz-testcase-minimized-ffmpeg_dem_RSD_fuzzer-5181797606096896 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
avformat/vividas: better check of current_sb_entry
This is the simplest fix for the problem, it is possible to instead check
this when the variables are set and propagate errors and then fail earlier
Fixes: out of array access Fixes: 26490/clusterfuzz-testcase-minimized-ffmpeg_dem_VIVIDAS_fuzzer-5723367078100992 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
avcodec/utils: Check sample rate before use for AV_CODEC_ID_BINKAUDIO_DCT in get_audio_frame_duration()
Fixes: shift exponent 95 is too large for 32-bit type 'int' Fixes: 26590/clusterfuzz-testcase-minimized-ffmpeg_dem_SMACKER_fuzzer-5120609937522688 Reviewed-by: Peter Ross <pross@xvid.org> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Jan Ekström [Sun, 20 Sep 2020 18:00:52 +0000 (21:00 +0300)]
ffmpeg: move field order decision making to encoder initialization
We now have the possibility of getting AVFrames here, and we should
not touch the muxer's codecpar after writing the header.
Results of FATE tests change as the MXF and Matroska muxers actually
write down the field/frame coding type of a stream in their
respective headers. Before this change, these values in codecpar
would only be set after the muxer was initialized. Now, the
information is also available for encoder and muxer initialization.
Jan Ekström [Thu, 10 Sep 2020 21:36:23 +0000 (00:36 +0300)]
ffmpeg: pass decoded or filtered AVFrame to output stream initialization
Additionally, reap the first rewards by being able to set the
color related encoding values based on the passed AVFrame.
The only tests that seem to have changed their results with this
change seem to be the MXF tests. There, the muxer writes the
limited/full range flag to the output container if the encoder
is not set to "unspecified".
Jan Ekström [Thu, 10 Sep 2020 21:25:21 +0000 (00:25 +0300)]
ffmpeg: move A/V non-streamcopy initialization to a later point
- For video, this means a single initialization point in do_video_out.
- For audio we unfortunately need to do it in two places just
before the buffer sink is utilized (if av_buffersink_get_samples
would still work according to its specification after a call to
avfilter_graph_request_oldest was made, we could at least remove
the one in transcode_step).
Other adjustments to make things work:
- As the AVFrame PTS adjustment to encoder time base needs the encoder
to be initialized, so it is now moved to do_{video,audio}_out,
right after the encoder has been initialized. Due to this,
the additional parameter in do_video_out is removed as it is no
longer necessary.
Jan Ekström [Thu, 15 Oct 2020 18:21:05 +0000 (21:21 +0300)]
ffmpeg: add a data size threshold for muxing queue size
This way the old max queue size limit based behavior for streams
where each individual packet is large is kept, while for smaller
streams more packets can be buffered (current default is at 50
megabytes per stream).
For some explanation, by default ffmpeg copies packets from before
the appointed seek point/start time and puts them into the local
muxing queue. Before, it getting utilized was much less likely
since as soon as the filter chain was initialized, the encoder
(and thus output stream) was also initialized.
Now, since we will be pushing the encoder initialization to when the
first AVFrame is decoded and filtered - which only happens after
the exact seek point is hit as packets are ignored until then -
this queue will be seeing much more usage.
In more layman's terms, this attempts to fix cases such as where:
- seek point ends up being 5 seconds before requested time.
- audio is set to copy, and thus immediately begins filling the
muxing queue.
- video is being encoded, and thus all received packets are skipped
until the requested time is hit.
The Canopus Lossless decoder uses several VLCs and if initializing the
ith VLC fails, all the VLCs 0..i have been freed; the ith VLC's table is
initialized to NULL for this purpose. Yet it is totally unnecessary to
free the ith VLC table at all: ff_init_vlc_sparse() cleans up after
itself on error and if an error happens before ff_init_vlc_sparse(),
the ith VLC hasn't been touched yet and doesn't need freeing.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
ruiquan.crq [Sat, 17 Oct 2020 15:17:14 +0000 (23:17 +0800)]
lavf/url: fix relative url parsing when the query string or fragment has a colon
This disallows the usage of ? and # in libavformat specific scheme options
(e.g. subfile,,start,32815239,end,0,,:video.ts) but this change was considered
acceptable.
James Almer [Tue, 20 Oct 2020 21:20:24 +0000 (18:20 -0300)]
avcodec/cbs_av1: infer segmentation parameters from reference frames
Partially implements setup_past_independence() and load_previous().
These ensures they are always set, even if the values were not coded
in the input bitstream and will not be coded in the output bitstream.
Reviewed-by: Mark Thompson <sw@jkqxz.net> Signed-off-by: James Almer <jamrial@gmail.com>
James Almer [Tue, 20 Oct 2020 20:48:31 +0000 (17:48 -0300)]
avcodec/cbs_av1: infer loop filter delta parameters from reference frames
Partially implements setup_past_independence() and load_previous().
These ensures they are always set, even if the values were not coded
in the input bitstream and will not be coded in the output bitstream.
Reviewed-by: Mark Thompson <sw@jkqxz.net> Signed-off-by: James Almer <jamrial@gmail.com>
Anton Khirnov [Fri, 9 Oct 2020 07:22:36 +0000 (09:22 +0200)]
lavf: move AVStream.*index_entries* to AVStreamInternal
Those are private fields, no reason to have them exposed in a public
header. Since there are some (semi-)public fields located after these,
even though this section is supposed to be private, keep some dummy
padding there until the next major bump to preserve ABI compatibility.
Anton Khirnov [Fri, 9 Oct 2020 06:15:27 +0000 (08:15 +0200)]
lavf: move AVStream.info to AVStreamInternal
This struct is for internal use of avformat_find_stream_info(), so it
should not be exposed in public headers. Keep a stub pointer in its
place to avoid changing AVStream layout, since e.g. ffmpeg.c accesses
some fields located after it (even though they are marked as private).
Anton Khirnov [Mon, 26 Oct 2020 12:36:06 +0000 (13:36 +0100)]
put_bits: make avpriv_align_put_bits() inline
This function is so extremely simple that it is preferable to make it
inline rather than deal with all the complications arising from it being
an exported symbol.
Keep avpriv_align_put_bits() around until the next major bump to
preserve ABI compatibility.
Anton Khirnov [Mon, 26 Oct 2020 12:04:33 +0000 (13:04 +0100)]
lavf/latmenc: fix units mismatch
avpriv_copy_bits() takes the size in bits, not bytes. According to a736eb4a605f46d5ff96c7b32e55710ecd9cce89, nobody is quite sure whether
this code produces working files.
avcodec/bitstream: Stop allocating one VLCcode more than needed
Allocating one temporary entry more than needed was made necessary by
the COPY loop below writing an element before having checked that it
should be written at all. But given that this behaviour changed, the
need for overallocating is gone.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Xu Guangxin [Fri, 16 Oct 2020 13:57:34 +0000 (21:57 +0800)]
avcodec/hevcdec: constrained intra predict, do not check top left IS_INTRA if it's not available
fix ticket: 8932
For poc 2, we have tile boundary at x = 640.
When we predict cu(640,912),the top left pixel is not avaliable to the cu.
So, we can not check it's intra or not. We need set top[-1] = top[0] directly.
see 8.4.4.2.1 for details
Signed-off-by: Xu Guangxin <oddstone@gmail.com> Signed-off-by: Linjie Fu <linjie.justin.fu@gmail.com>
They are always in the range 0..15, so using an int is not necessary.
Furthermore, using an int would not work if sizeof(int) != 4 as
ff_init_vlc_sparse() can only handle uint8_t, uint16_t and uint32_t
lengths.
Reviewed-by: zhilizhao(赵志立) <quinkblack@foxmail.com> Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
avcodec/bitstream: Consistently treat symbol as VLC_TYPE
If a static VLC table gets initialized a second time (or concurrently by
two threads) and if said VLC table uses symbols that have the sign bit
of VLC_TYPE (a typedef for int16_t) set, initializing the VLC fails. The
reason is that the type of the symbol in the temporary array is an
uint16_t and so comparing it to the symbol read from the VLC table will
fail, because only the lower 16bits coincide. Said failure triggers an
assert.
Reviewed-by: Lynne <dev@lynne.ee> Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
The longest code of any of the VLC tables used is eight bits long, so
using nine bits long VLC tables is wasteful. Furthermore, there are only
seven VLC tables used, yet the code up until now made it look like there
should be eight. This has been corrected, too.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
avcodec/dirac_parser: do not offset AV_NOPTS_OFFSET
Fixes: signed integer overflow: -9223372036854775807 - 48000 cannot be represented in type 'long long' Fixes: 26521/clusterfuzz-testcase-minimized-ffmpeg_dem_DIRAC_fuzzer-5635536506847232 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Lynne <dev@lynne.ee> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Even though the length of these codes is > 8, only the lowest seven bits
are ever set (because the long codes are on the left of the tree), so
one can use an uint8_t for them, saving space.
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc> Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
avcodec/mobiclip: Reduce size of VLCs, inline constants
The longest motion vector VLC for mobiclip is six bits long, so using
eight bits for the VLC table is wasteful. Furthermore, the length can be
inlined.
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc> Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
For both RealVideo 3.0 as well as RealVideo 4.0 the VLC table to use
depends upon the slice's quantization parameter; these are coded on five
bits in the bitstream and are therefore in the range of 0..31; yet the
last element here is not valid and therefore the quantizer is clipped to
the range 0..30 to get the index. But this is unnecessary: One can just
add one element more to the relevant array to avoid the clipping.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
avcodec/rv34: Don't needlessly copy VLC length and symbol arrays
Most of the VLCs used by RealVideo 3 and 4 obey three simple rules:
Shorter codes are on the left of the tree, for each length, the symbols
are ascending from left to right and the symbols either form a
permutation of 1..size or 0..(size - 1). For the latter case, one just
needs to store the length of each symbol and create the codes according
to the other rules; no explicit code or symbol array must be stored.
The former case is also treated in much the same way by artificially
assigning a length of zero to the symbol 0; when a length of zero was
encountered, the element was ignored except that the symbol counter was
still incremented. If the length was nonzero, the symbol would be
assigned via the symbol counter and the length copied over into a new
array.
Yet this is unnecessary, as ff_init_vlc_sparse() follows exactly the
same pattern: If a length of zero is encountered, the element is ignored
and only the symbol counter incremented. So one can directly forward the
length array and also need not create a symbol table oneself, because
ff_init_vlc_sparse() will infer the same symbol table in this case.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
avcodec/vp3: Make parsing Theora Huffman tables more spec-compliant
Theora allows to use custom Huffman tables which are coded in the
bitstream as a tree: Whether the next node is a leaf or not is coded
in a bit; each node itself contains a five bit token. Each tree can
contain at most 32 leafs; typically they contain exactly 32 with the 32
symbols forming a permutation of 0..31. Yet the standard does not impose
either of these requirements. It explicitly allows less than 32 leafs
and multiple codes with the same token.
But our decoder used an algorithm that required the codes->token mapping
to be injective and that also presumed that there be at least two leafs:
Instead of using an array for codes, tokens and code lengths, the
decoder only had arrays for codes and code lengths. The code and length
for a given token were stored in entry[token]. As no symbols table was
used when initializing the VLC, the default one applied and therefore
the entry[token] got the symbol token (if the length of said entry is >0).
Yet if multiple codes had the same token, the codes and lengths from the
later token would overwrite the earlier codes and lengths.
Furthermore, less than 32 leafs could also lead to problems: Namely if
this was not the first time Huffman tables have been parsed in which
case the array is not zeroed initially so that old entries could make
the new table invalid.
libtheora seems to always use 32 leafs and no duplicate tokens; I am not
aware of any existing valid files that do not.
This is fixed by using a codes, symbols and lengths array when
initializing the VLC. In order to reduce the amount of stuff kept in the
context only the symbols and lengths (which both fit into an uint8_t)
are kept in the context; the codes are derived from the lengths
immediately before creating the tables.
There is now only one thing left which is not spec-compliant: Trees with
only one node (which has length zero) are not supported by
ff_init_vlc_sparse() yet.
Reviewed-by: Peter Ross <pross@xvid.org> Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Steven Liu [Mon, 19 Oct 2020 06:05:36 +0000 (14:05 +0800)]
tests/audiomatch: removes a warning when compiling tests/audiomatch
the warning message:
warning: using floating point absolute value function
'fabs' when argument is of integer type
use FFABS to set the absolute value.
Fixes: signed integer overflow: 1347551268 * 14 cannot be represented in type 'int' Fixes: 26458/clusterfuzz-testcase-minimized-ffmpeg_dem_RM_fuzzer-5655364324032512 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: signed integer overflow: 321 * 8746632 cannot be represented in type 'int' Fixes: 26461/clusterfuzz-testcase-minimized-ffmpeg_dem_PVF_fuzzer-6326427831762944 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: signed integer overflow: 7111111111111531010 - -7335632962598013506 cannot be represented in type 'long' Fixes: 26463/clusterfuzz-testcase-minimized-ffmpeg_dem_LRC_fuzzer-6015558333759488 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
avutil/mathematics: Use av_sat_add64() for the last addition in av_add_stable()
Fixes: signed integer overflow: 9223372036854770375 + 5450 cannot be represented in type 'long' Fixes: 26471/clusterfuzz-testcase-minimized-ffmpeg_dem_MXG_fuzzer-6229617557635072 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
avformat/electronicarts: Check for EOF in each iteration of the loop in ea_read_packet()
Fixes: timeout(>20sec -> 1ms) Fixes: 26526/clusterfuzz-testcase-minimized-ffmpeg_dem_EA_fuzzer-5672328069120000 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Peter Ross <pross@xvid.org> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>