From 8b4c31584eb22e944975207e37a7f0d5f1eaecb4 Mon Sep 17 00:00:00 2001 From: James Zern Date: Thu, 18 Aug 2016 15:29:56 -0700 Subject: [PATCH] vp9_alloc_context_buffers: clear cm->mi* on failure this fixes a crash in vp9_dec_setup_mi() via vp9_init_context_buffers() should decoding continue and the decoder resyncs on a smaller frame BUG=b/30593752 Change-Id: I9ce8d94abe89bcd058697e8bd8599690e61bd380 --- test/invalid_file_test.cc | 6 ++++++ test/test-data.mk | 2 ++ test/test-data.sha1 | 2 ++ vp9/common/vp9_alloccommon.c | 2 ++ 4 files changed, 12 insertions(+) diff --git a/test/invalid_file_test.cc b/test/invalid_file_test.cc index d5dc8405e..f3ac4a7b9 100644 --- a/test/invalid_file_test.cc +++ b/test/invalid_file_test.cc @@ -128,6 +128,12 @@ const DecodeParam kVP9InvalidFileTests[] = { { 1, "invalid-vp90-03-v3.webm" }, { 1, "invalid-vp90-2-00-quantizer-11.webm.ivf.s52984_r01-05_b6-.ivf" }, { 1, "invalid-vp90-2-00-quantizer-11.webm.ivf.s52984_r01-05_b6-z.ivf" }, +// This file will cause a large allocation which is expected to fail in 32-bit +// environments. Test x86 for coverage purposes as the allocation failure will +// be in platform agnostic code. +#if ARCH_X86 + { 1, "invalid-vp90-2-00-quantizer-63.ivf.kf_65527x61446.ivf" }, +#endif { 1, "invalid-vp90-2-12-droppable_1.ivf.s3676_r01-05_b6-.ivf" }, { 1, "invalid-vp90-2-05-resize.ivf.s59293_r01-05_b6-.ivf" }, { 1, "invalid-vp90-2-09-subpixel-00.ivf.s20492_r01-05_b6-.v2.ivf" }, diff --git a/test/test-data.mk b/test/test-data.mk index 05a0885ed..80af6e3dc 100644 --- a/test/test-data.mk +++ b/test/test-data.mk @@ -742,6 +742,8 @@ LIBVPX_TEST_DATA-$(CONFIG_VP9_DECODER) += invalid-vp90-2-00-quantizer-11.webm.iv LIBVPX_TEST_DATA-$(CONFIG_VP9_DECODER) += invalid-vp90-2-00-quantizer-11.webm.ivf.s52984_r01-05_b6-.ivf.res LIBVPX_TEST_DATA-$(CONFIG_VP9_DECODER) += invalid-vp90-2-00-quantizer-11.webm.ivf.s52984_r01-05_b6-z.ivf LIBVPX_TEST_DATA-$(CONFIG_VP9_DECODER) += invalid-vp90-2-00-quantizer-11.webm.ivf.s52984_r01-05_b6-z.ivf.res +LIBVPX_TEST_DATA-$(CONFIG_VP9_DECODER) += invalid-vp90-2-00-quantizer-63.ivf.kf_65527x61446.ivf +LIBVPX_TEST_DATA-$(CONFIG_VP9_DECODER) += invalid-vp90-2-00-quantizer-63.ivf.kf_65527x61446.ivf.res LIBVPX_TEST_DATA-$(CONFIG_VP9_DECODER) += invalid-vp90-2-03-size-202x210.webm.ivf.s113306_r01-05_b6-.ivf LIBVPX_TEST_DATA-$(CONFIG_VP9_DECODER) += invalid-vp90-2-03-size-202x210.webm.ivf.s113306_r01-05_b6-.ivf.res LIBVPX_TEST_DATA-$(CONFIG_VP9_DECODER) += invalid-vp90-2-03-size-224x196.webm.ivf.s44156_r01-05_b6-.ivf diff --git a/test/test-data.sha1 b/test/test-data.sha1 index a4ed1742f..18a877307 100644 --- a/test/test-data.sha1 +++ b/test/test-data.sha1 @@ -834,3 +834,5 @@ f6856f19236ee46ed462bd0a2e7e72b9c3b9cea6 *vp90-2-21-resize_inter_640x480_5_1-2.w 7739bfca167b1b43fea72f807f01e097b7cb98d8 *vp90-2-21-resize_inter_640x480_7_1-2.webm.md5 7291af354b4418917eee00e3a7e366086a0b7a10 *vp90-2-21-resize_inter_640x480_7_3-4.webm 4a18b09ccb36564193f0215f599d745d95bb558c *vp90-2-21-resize_inter_640x480_7_3-4.webm.md5 +a000d568431d07379dd5a8ec066061c07e560b47 invalid-vp90-2-00-quantizer-63.ivf.kf_65527x61446.ivf +1e75aad3433c5c21c194a7b53fc393970f0a8d7f invalid-vp90-2-00-quantizer-63.ivf.kf_65527x61446.ivf.res diff --git a/vp9/common/vp9_alloccommon.c b/vp9/common/vp9_alloccommon.c index 602fec2bf..66aa733b9 100644 --- a/vp9/common/vp9_alloccommon.c +++ b/vp9/common/vp9_alloccommon.c @@ -169,6 +169,8 @@ int vp9_alloc_context_buffers(VP9_COMMON *cm, int width, int height) { return 0; fail: + // clear the mi_* values to force a realloc on resync + vp9_set_mb_mi(cm, 0, 0); vp9_free_context_buffers(cm); return 1; }