'isvce_svc_rc_params_validate' was not being invoked prior to
call to 'isvce_rc_init'. This resulted in an erroneous state
within RC's context wherein the instantaneous estimate for the
texture bits for the frame being processed exceeded INT_MAX.
'isvce_svc_rc_params_validate' has code that detects such a
state and is now being correctly invoked where apprpriate.
Bug = ossfuzz:63175
Test: svc_enc_fuzzer
The following lines of code have been removed to improve coverage -
[x] Functions -
- isvc_interleaved_copy
- isvc_16bit_interleaved_copy
- isvc_16bit_interleaved_memset
- isvc_iquant_itrans_recon_chroma_4x4_neon
- isvc_iquant_itrans_recon_chroma_4x4_sse42
- isvc_iquant_itrans_recon_4x4_dc_with_res_output_neon
- isvc_iquant_itrans_recon_res_dc_4x4_sse42
- isvc_iquant_itrans_recon_4x4_dc_with_res_accumulate_neon
- isvc_iquant_itrans_recon_res_dc_with_res_acc_4x4_sse42
- isvce_wait_for_thread
[x] Function pointer initialisations for the functions above
Test: svc_enc_fuzzer
RC uses int32_t to store bitrates and other
parameters internally. For specific magnitudes of
bitrate, framerate, and GOP period, this can
result in signed integer overflow. This is now
detected before calls to RC init.
Note that calls to the 'ISVCE_CMD_CTL_SET_BITRATE' API can also
result in this behaviour but it will be appropriately handled
by 'isvce_svc_frame_params_validate'.
Bug = ossfuzz:63053
Test: svc_enc_fuzzer
There were cases where errors in a process thread
executing the last MB row would result in the entropy
job list without a terminnating entry, which would
result in a call to ih264_list_dequeue blocking infinitely.
The enum 'ISVCE_ENTROPY_THREAD_STATES_T' is now used to
monitor the eecution state of the entropy thread and handle
the situation described appropriately.
Bug = ossfuzz:62786
Test: svc_enc_fuzzer
This commit does not introduce any new functionality w.r.t previous
commit. But it fixes few things. They are listed below:
1. Guard Bands in header files are fixed
2. Header files contains function definition comments. These are same
as in source file. Maintaining same comment at two locations is
unnecessary. These are removed.
3. Improved consistency and code indentation
4. Removed comments that dont align with implementation
5. Grouped headers of a workspace together
A 'consumption ratio' is computed fr every MB when
in-frame RC is enabled. This computation can result in
divide-by-zeros in certain circumstances. Such cases
are now appropriately handled.
Bug: ossFuzz:60828
Test: svc_enc_fuzzer
The ILP MV struct pointer will be set to NULL for I slices and
for spatial layer ID 0. A NULL check ought to be used in all places
that access this pointer. This was missing in 2 places and has been
added.
Test: svc_enc_fuzzer
RC uses int32_t for storing multiple quantities related to
bits in a given period.
'isvce_svc_frame_params_validate' has been added, which queries
RC API for the relevant quantities and returns with and error
if computations involving those quantities exceed INT32_MAX.
Bug: 274221347
Bug: 274265498
Test: svc_enc_fuzzer
If 'u4_strm_buf_offset < 4' when 'isvce_cabac_flush' is called,
then EPB could not have been inserted into the stream buffer.
BUG = ossfuzz:56816
Test: svc_enc_fuzzer
If 'u4_strm_buf_offset == 0' when 'isvce_cabac_flush' is called,
then 'carry' is implicitly 0.
'u4_strm_buf_offset == 0' implies stream buffer is empty.
Invocation of 'isvce_cabac_flush' implies all MB's in a slice
have been encoded.
BUG = ossfuzz:56137
Test: svc_enc_fuzzer
For certain configurations of the fuzzer input, the minimum
output buffer size is insufficient.
The minimum value has been doubled in this commit.
BUG=oss-fuzz:55797
Test: svc_enc_fuzzer
Added support for encoding 'Scalable Baseline' profile, corresponding to
profile_idc of 83 in 'Rec. ITU-T H.264 (11/2007)'.
Bug: 248891908
Test: svcenc -c enc.cfg
Change-Id: Ib12ca4c4a8c0e674738ae2af01558a08cefe0929
