On Tue, Aug 17, 2021 at 09:54:56PM +0200, Niklas Haas wrote: > From: Niklas Haas <g...@haasn.dev> > > Because we need access to ref frames without film grain applied, we have > to add an extra AVFrame to H264Picture to avoid messing with the > original. This requires some amount of overhead to make the reference > moves work out, but it allows us to benefit from frame multithreading > for film grain application "for free". > > Unfortunately, this approach requires twice as much RAM to be constantly > allocated for ref frames, due to the need for an extra buffer per > H264Picture. In theory, we could get away with freeing up this memory as > soon as it's no longer needed (since ref frames do not need film grain > buffers any longer), but trying to call ff_thread_release_buffer() from > output_frame() conflicts with possible later accesses to that same frame > and I'm not sure how to synchronize that well. > > Tested on all three cases of (no fg), (fg present but exported) and (fg > present and not exported), with and without threading. > > Signed-off-by: Niklas Haas <g...@haasn.dev> > --- > libavcodec/h264_picture.c | 35 +++++++++++++++++++++++-- > libavcodec/h264_slice.c | 16 ++++++++++-- > libavcodec/h264dec.c | 55 ++++++++++++++++++++++++++------------- > libavcodec/h264dec.h | 6 +++++ > 4 files changed, 90 insertions(+), 22 deletions(-)
This causes aborts (tested latest git master as of this mail)
Assertion sd failed at libavcodec/h264_picture.c:255
==26500== ERROR: libFuzzer: deadly signal
#0 0x49f9d1 in __sanitizer_print_stack_trace
/b/swarming/w/ir/cache/builder/src/third_party/llvm/compiler-rt/lib/asan/asan_stack.cc:86:3
#1 0x18c45de in fuzzer::Fuzzer::CrashCallback()
/home/michael/libfuzzer-2017-10-newclang/Fuzzer/build/../FuzzerLoop.cpp:196:5
#2 0x18c45ad in fuzzer::Fuzzer::StaticCrashSignalCallback()
/home/michael/libfuzzer-2017-10-newclang/Fuzzer/build/../FuzzerLoop.cpp:175:6
#3 0x7f200a40997f (/lib/x86_64-linux-gnu/libpthread.so.0+0x1297f)
#4 0x7f2008b31fb6 in __libc_signal_restore_set
/build/glibc-S9d2JN/glibc-2.27/signal/../sysdeps/unix/sysv/linux/nptl-signals.h:80
#5 0x7f2008b31fb6 in gsignal
/build/glibc-S9d2JN/glibc-2.27/signal/../sysdeps/unix/sysv/linux/raise.c:48
#6 0x7f2008b33920 in abort /build/glibc-S9d2JN/glibc-2.27/stdlib/abort.c:79
#7 0xafcd86 in ff_h264_field_end
/home/michael/ffmpeg-git/ffmpeg/libavcodec/h264_picture.c:255:9
#8 0x5514da in h264_decode_frame
/home/michael/ffmpeg-git/ffmpeg/libavcodec/h264dec.c:1041:20
#9 0x523712 in decode_simple_internal
/home/michael/ffmpeg-git/ffmpeg/libavcodec/decode.c:326:15
#10 0x502a21 in decode_simple_receive_frame
/home/michael/ffmpeg-git/ffmpeg/libavcodec/decode.c:517:15
#11 0x502a21 in decode_receive_frame_internal
/home/michael/ffmpeg-git/ffmpeg/libavcodec/decode.c:537
#12 0x50204f in avcodec_send_packet
/home/michael/ffmpeg-git/ffmpeg/libavcodec/decode.c:604:15
#13 0x4cc093 in LLVMFuzzerTestOneInput
/home/michael/ffmpeg-git/ffmpeg/tools/target_dec_fuzzer.c:387:25
#14 0x18c55cd in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*,
unsigned long)
/home/michael/libfuzzer-2017-10-newclang/Fuzzer/build/../FuzzerLoop.cpp:495:13
#15 0x18ba1a2 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned
long)
/home/michael/libfuzzer-2017-10-newclang/Fuzzer/build/../FuzzerDriver.cpp:273:6
#16 0x18bf3a1 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char
const*, unsigned long))
/home/michael/libfuzzer-2017-10-newclang/Fuzzer/build/../FuzzerDriver.cpp:690:9
#17 0x18b9e80 in main
/home/michael/libfuzzer-2017-10-newclang/Fuzzer/build/../FuzzerMain.cpp:20:10
#18 0x7f2008b14bf6 in __libc_start_main
/build/glibc-S9d2JN/glibc-2.27/csu/../csu/libc-start.c:310
#19 0x41f129 in _start
(/home/michael/ffmpeg-git/ffmpeg/tools/target_dec_h264_fuzzer+0x41f129)
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
What does censorship reveal? It reveals fear. -- Julian Assange
signature.asc
Description: PGP signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
