[FFmpeg-devel] [PATCH 2/2] configure: Use -fno-sanitize-recover
Vitaly Buka
vitalybuka at google.com
Thu Jan 16 21:18:36 EET 2025
I assume "recover" mode is there unintentionally.
"-fno-sanitize-recover" helps to keep the code clean.
On Thu, Jan 16, 2025 at 11:13 AM Vitaly Buka <vitalybuka at google.com> wrote:
> UBSAN by default is just prints a mesage and
> moves on. This hides a few UBs in fate-suite.
>
> Signed-off-by: Vitaly Buka <vitalybuka at google.com>
> ---
> configure | 4 ++--
> libavcodec/aacenc_pred.c | 1 +
> libavcodec/ffv1dec.c | 1 +
> libavcodec/ffv1enc_template.c | 1 +
> libavcodec/get_bits.h | 1 +
> libavcodec/indeo3.c | 2 +-
> libavcodec/motion_est.c | 1 +
> libavcodec/mss2dsp.c | 1 +
> libavcodec/opus/dec.c | 1 +
> libavcodec/snow.h | 1 +
> libavcodec/svq1enc.c | 1 +
> libavfilter/vf_curves.c | 1 +
> libavfilter/vf_overlay.c | 1 +
> libavformat/mov.c | 1 +
> libswscale/input.c | 6 ++++++
> libswscale/output.c | 4 ++++
> libswscale/swscale_unscaled.c | 3 +++
> 17 files changed, 28 insertions(+), 3 deletions(-)
>
> diff --git a/configure b/configure
> index 3a1e72e1c6..f2b4fd2c62 100755
> --- a/configure
> +++ b/configure
> @@ -4568,7 +4568,7 @@ set >> $logfile
> test -n "$valgrind" && toolchain="valgrind-memcheck"
>
> enabled ossfuzz && ! echo $CFLAGS | grep -q -- "-fsanitize=" && ! echo
> $CFLAGS | grep -q -- "-fcoverage-mapping" &&{
> - add_cflags -fsanitize=address,undefined
> -fsanitize-coverage=trace-pc-guard,trace-cmp -fno-omit-frame-pointer
> + add_cflags -fsanitize=address,undefined
> -fsanitize-coverage=trace-pc-guard,trace-cmp -fno-omit-frame-pointer
> -fno-sanitize-recover=all
> add_ldflags -fsanitize=address,undefined
> -fsanitize-coverage=trace-pc-guard,trace-cmp
> }
>
> @@ -4591,7 +4591,7 @@ add_sanitizer_flags(){
> add_ldflags -fsanitize=thread
> ;;
> usan)
> - add_cflags -fsanitize=undefined
> + add_cflags -fsanitize=undefined -fno-sanitize-recover=all
> add_ldflags -fsanitize=undefined
> ;;
> ?*)
> diff --git a/libavcodec/aacenc_pred.c b/libavcodec/aacenc_pred.c
> index a486c44d42..9fd119852c 100644
> --- a/libavcodec/aacenc_pred.c
> +++ b/libavcodec/aacenc_pred.c
> @@ -148,6 +148,7 @@ static inline int
> update_counters(IndividualChannelStream *ics, int inc)
> return 0;
> }
>
> +__attribute__((no_sanitize("bounds"))) // FIXME: Remove.
> void ff_aac_adjust_common_pred(AACEncContext *s, ChannelElement *cpe)
> {
> int start, w, w2, g, i, count = 0;
> diff --git a/libavcodec/ffv1dec.c b/libavcodec/ffv1dec.c
> index 7845815873..c0e29dcac1 100644
> --- a/libavcodec/ffv1dec.c
> +++ b/libavcodec/ffv1dec.c
> @@ -263,6 +263,7 @@ static void slice_set_damaged(FFV1Context *f,
> FFV1SliceContext *sc)
> f->frame_damaged = 1;
> }
>
> +__attribute__((no_sanitize("pointer-overflow"))) // FIXME: Remove.
> static int decode_slice(AVCodecContext *c, void *arg)
> {
> FFV1Context *f = c->priv_data;
> diff --git a/libavcodec/ffv1enc_template.c b/libavcodec/ffv1enc_template.c
> index bc14926ab9..786402b9f7 100644
> --- a/libavcodec/ffv1enc_template.c
> +++ b/libavcodec/ffv1enc_template.c
> @@ -22,6 +22,7 @@
>
> #include "ffv1_template.c"
>
> +__attribute__((no_sanitize("pointer-overflow"))) // FIXME: Remove.
> static av_always_inline int
> RENAME(encode_line)(FFV1Context *f, FFV1SliceContext *sc,
> void *logctx,
> diff --git a/libavcodec/get_bits.h b/libavcodec/get_bits.h
> index fe2f6378b4..7829a8ce1b 100644
> --- a/libavcodec/get_bits.h
> +++ b/libavcodec/get_bits.h
> @@ -511,6 +511,7 @@ static inline unsigned int
> show_bits_long(GetBitContext *s, int n)
> * @param bit_size the size of the buffer in bits
> * @return 0 on success, AVERROR_INVALIDDATA if the buffer_size would
> overflow.
> */
> +__attribute__((no_sanitize("pointer-overflow"))) // FIXME: Remove.
> static inline int init_get_bits(GetBitContext *s, const uint8_t *buffer,
> int bit_size)
> {
> diff --git a/libavcodec/indeo3.c b/libavcodec/indeo3.c
> index fbabd4b6ad..bd976f2854 100644
> --- a/libavcodec/indeo3.c
> +++ b/libavcodec/indeo3.c
> @@ -427,7 +427,7 @@ if (*data_ptr >= last_ptr) \
> (AV_RN16(dst + row_offset + 2) +
> delta_tab->deltas[dyad2]) & 0x7F7F);\
> }
>
> -
> +__attribute__((no_sanitize("pointer-overflow"))) // FIXME: Remove.
> static int decode_cell_data(Indeo3DecodeContext *ctx, Cell *cell,
> uint8_t *block, uint8_t *ref_block,
> ptrdiff_t row_offset, int h_zoom, int v_zoom,
> int mode,
> diff --git a/libavcodec/motion_est.c b/libavcodec/motion_est.c
> index e4f17fb2d8..d618425a44 100644
> --- a/libavcodec/motion_est.c
> +++ b/libavcodec/motion_est.c
> @@ -79,6 +79,7 @@ static int minima_cmp(const void *a, const void *b){
> #define FLAG_CHROMA 2
> #define FLAG_DIRECT 4
>
> +__attribute__((no_sanitize("pointer-overflow"))) // FIXME: Remove.
> static inline void init_ref(MotionEstContext *c, uint8_t *const src[3],
> uint8_t *const ref[3], uint8_t *const ref2[3],
> int x, int y, int ref_index)
> diff --git a/libavcodec/mss2dsp.c b/libavcodec/mss2dsp.c
> index cc39dd637f..90fe325647 100644
> --- a/libavcodec/mss2dsp.c
> +++ b/libavcodec/mss2dsp.c
> @@ -26,6 +26,7 @@
> #include "mss2dsp.h"
> #include "libavutil/common.h"
>
> +__attribute__((no_sanitize("pointer-overflow"))) // FIXME: Remove.
> static av_always_inline void mss2_blit_wmv9_template(uint8_t *dst,
> ptrdiff_t dst_stride,
> int gray,
> diff --git a/libavcodec/opus/dec.c b/libavcodec/opus/dec.c
> index 6c59dc1f46..74c417d3a8 100644
> --- a/libavcodec/opus/dec.c
> +++ b/libavcodec/opus/dec.c
> @@ -475,6 +475,7 @@ finish:
> return output_samples;
> }
>
> +__attribute__((no_sanitize("pointer-overflow"))) // FIXME: Remove.
> static int opus_decode_packet(AVCodecContext *avctx, AVFrame *frame,
> int *got_frame_ptr, AVPacket *avpkt)
> {
> diff --git a/libavcodec/snow.h b/libavcodec/snow.h
> index a5e2c138cb..bec33a1709 100644
> --- a/libavcodec/snow.h
> +++ b/libavcodec/snow.h
> @@ -217,6 +217,7 @@ static av_always_inline int same_block(BlockNode *a,
> BlockNode *b){
>
> //FIXME name cleanup (b_w, block_w, b_width stuff)
> //XXX should we really inline it?
> +__attribute__((no_sanitize("pointer-overflow"))) // FIXME: Remove.
> static av_always_inline void add_yblock(SnowContext *s, int sliced,
> slice_buffer *sb, IDWTELEM *dst, uint8_t *dst8, const uint8_t *obmc, int
> src_x, int src_y, int b_w, int b_h, int w, int h, int dst_stride, int
> src_stride, int obmc_stride, int b_x, int b_y, int add, int offset_dst, int
> plane_index){
> const int b_width = s->b_width << s->block_max_depth;
> const int b_height= s->b_height << s->block_max_depth;
> diff --git a/libavcodec/svq1enc.c b/libavcodec/svq1enc.c
> index d969be25c1..b65da15b6d 100644
> --- a/libavcodec/svq1enc.c
> +++ b/libavcodec/svq1enc.c
> @@ -138,6 +138,7 @@ static void svq1_write_header(SVQ1EncContext *s,
> PutBitContext *pb, int frame_ty
> #define QUALITY_THRESHOLD 100
> #define THRESHOLD_MULTIPLIER 0.6
>
> +__attribute__((no_sanitize("pointer-overflow"))) // FIXME: Remove.
> static int encode_block(SVQ1EncContext *s, uint8_t *src, uint8_t *ref,
> uint8_t *decoded, int stride, unsigned level,
> int threshold, int lambda, int intra)
> diff --git a/libavfilter/vf_curves.c b/libavfilter/vf_curves.c
> index 4f302209e6..f28104c274 100644
> --- a/libavfilter/vf_curves.c
> +++ b/libavfilter/vf_curves.c
> @@ -792,6 +792,7 @@ static int filter_slice_packed(AVFilterContext *ctx,
> void *arg, int jobnr, int n
> return 0;
> }
>
> +__attribute__((no_sanitize("pointer-overflow"))) // FIXME: Remove.
> static int filter_slice_planar(AVFilterContext *ctx, void *arg, int
> jobnr, int nb_jobs)
> {
> int x, y;
> diff --git a/libavfilter/vf_overlay.c b/libavfilter/vf_overlay.c
> index 528b845c6c..e601ba6884 100644
> --- a/libavfilter/vf_overlay.c
> +++ b/libavfilter/vf_overlay.c
> @@ -451,6 +451,7 @@ static av_always_inline void
> blend_slice_packed_rgb(AVFilterContext *ctx,
> }
>
> #define DEFINE_BLEND_PLANE(depth, nbits)
> \
> +__attribute__((no_sanitize("pointer-overflow"))) /* FIXME: Remove. */
> \
> static av_always_inline void
> blend_plane_##depth##_##nbits##bits(AVFilterContext *ctx,
> \
> AVFrame *dst, const AVFrame
> *src, \
> int src_w, int src_h,
> \
> diff --git a/libavformat/mov.c b/libavformat/mov.c
> index c016ce8e41..38407295e0 100644
> --- a/libavformat/mov.c
> +++ b/libavformat/mov.c
> @@ -1230,6 +1230,7 @@ static int mov_read_wfex(MOVContext *c, AVIOContext
> *pb, MOVAtom atom)
> return ret;
> }
>
> +__attribute__((no_sanitize("float-cast-overflow"))) // FIXME: Remove.
> static int mov_read_clap(MOVContext *c, AVIOContext *pb, MOVAtom atom)
> {
> AVStream *st;
> diff --git a/libswscale/input.c b/libswscale/input.c
> index 9f9410f922..1059e64f14 100644
> --- a/libswscale/input.c
> +++ b/libswscale/input.c
> @@ -1089,6 +1089,7 @@ static void rgb24ToUV_half_c(uint8_t *_dstU, uint8_t
> *_dstV, const uint8_t *unus
> }
> }
>
> +__attribute__((no_sanitize("signed-integer-overflow"))) // FIXME: Remove.
> static void planar_rgb_to_y(uint8_t *_dst, const uint8_t *src[4], int
> width, int32_t *rgb2yuv, void *opq)
> {
> uint16_t *dst = (uint16_t *)_dst;
> @@ -1111,6 +1112,7 @@ static void planar_rgb_to_a(uint8_t *_dst, const
> uint8_t *src[4], int width, int
> dst[i] = src[3][i] << 6;
> }
>
> +__attribute__((no_sanitize("signed-integer-overflow"))) // FIXME: Remove.
> static void planar_rgb_to_uv(uint8_t *_dstU, uint8_t *_dstV, const
> uint8_t *src[4], int width, int32_t *rgb2yuv, void *opq)
> {
> uint16_t *dstU = (uint16_t *)_dstU;
> @@ -1130,6 +1132,7 @@ static void planar_rgb_to_uv(uint8_t *_dstU, uint8_t
> *_dstV, const uint8_t *src[
>
> #define rdpx(src) \
> (is_be ? AV_RB16(src) : AV_RL16(src))
> +__attribute__((no_sanitize("signed-integer-overflow"))) // FIXME: Remove.
> static av_always_inline void planar_rgb16_to_y(uint8_t *_dst, const
> uint8_t *_src[4],
> int width, int bpc, int
> is_be, int32_t *rgb2yuv)
> {
> @@ -1160,6 +1163,7 @@ static av_always_inline void
> planar_rgb16_to_a(uint8_t *_dst, const uint8_t *_sr
> }
> }
>
> +__attribute__((no_sanitize("signed-integer-overflow"))) // FIXME: Remove.
> static av_always_inline void planar_rgb16_to_uv(uint8_t *_dstU, uint8_t
> *_dstV,
> const uint8_t *_src[4],
> int width,
> int bpc, int is_be,
> int32_t *rgb2yuv)
> @@ -1195,6 +1199,7 @@ static av_always_inline void
> planar_rgbf32_to_a(uint8_t *_dst, const uint8_t *_s
> }
> }
>
> +__attribute__((no_sanitize("signed-integer-overflow"))) // FIXME: Remove.
> static av_always_inline void planar_rgbf32_to_uv(uint8_t *_dstU, uint8_t
> *_dstV, const uint8_t *_src[4], int width, int is_be, int32_t *rgb2yuv)
> {
> int i;
> @@ -1214,6 +1219,7 @@ static av_always_inline void
> planar_rgbf32_to_uv(uint8_t *_dstU, uint8_t *_dstV,
> }
> }
>
> +__attribute__((no_sanitize("signed-integer-overflow"))) // FIXME: Remove.
> static av_always_inline void planar_rgbf32_to_y(uint8_t *_dst, const
> uint8_t *_src[4], int width, int is_be, int32_t *rgb2yuv)
> {
> int i;
> diff --git a/libswscale/output.c b/libswscale/output.c
> index 21c3bdc307..a231472317 100644
> --- a/libswscale/output.c
> +++ b/libswscale/output.c
> @@ -1047,6 +1047,7 @@ yuv2ya16_1_c_template(SwsInternal *c, const int32_t
> *buf0,
> }
>
> static av_always_inline void
> +__attribute__((no_sanitize("signed-integer-overflow"))) // FIXME: Remove.
> yuv2rgba64_X_c_template(SwsInternal *c, const int16_t *lumFilter,
> const int32_t **lumSrc, int lumFilterSize,
> const int16_t *chrFilter, const int32_t **chrUSrc,
> @@ -1130,6 +1131,7 @@ yuv2rgba64_X_c_template(SwsInternal *c, const
> int16_t *lumFilter,
> }
>
> static av_always_inline void
> +__attribute__((no_sanitize("signed-integer-overflow"))) // FIXME: Remove.
> yuv2rgba64_2_c_template(SwsInternal *c, const int32_t *buf[2],
> const int32_t *ubuf[2], const int32_t *vbuf[2],
> const int32_t *abuf[2], uint16_t *dest, int dstW,
> @@ -1196,6 +1198,7 @@ yuv2rgba64_2_c_template(SwsInternal *c, const
> int32_t *buf[2],
> }
>
> static av_always_inline void
> +__attribute__((no_sanitize("signed-integer-overflow"))) // FIXME: Remove.
> yuv2rgba64_1_c_template(SwsInternal *c, const int32_t *buf0,
> const int32_t *ubuf[2], const int32_t *vbuf[2],
> const int32_t *abuf0, uint16_t *dest, int dstW,
> @@ -2270,6 +2273,7 @@ YUV2RGBWRAPPER(yuv2, rgb_full, x2rgb10_full,
> AV_PIX_FMT_X2RGB10LE, 0)
> YUV2RGBWRAPPER(yuv2, rgb_full, x2bgr10_full, AV_PIX_FMT_X2BGR10LE, 0)
>
> static void
> +__attribute__((no_sanitize("signed-integer-overflow"))) // FIXME: Remove.
> yuv2gbrp_full_X_c(SwsInternal *c, const int16_t *lumFilter,
> const int16_t **lumSrc, int lumFilterSize,
> const int16_t *chrFilter, const int16_t **chrUSrc,
> diff --git a/libswscale/swscale_unscaled.c b/libswscale/swscale_unscaled.c
> index dae3f45df9..0cb1c02cfa 100644
> --- a/libswscale/swscale_unscaled.c
> +++ b/libswscale/swscale_unscaled.c
> @@ -677,6 +677,7 @@ static int palToGbrpWrapper(SwsInternal *c, const
> uint8_t *const src[],
> return srcSliceH;
> }
>
> +__attribute__((no_sanitize("pointer-overflow"))) // FIXME: Remove.
> static void packed16togbra16(const uint8_t *src, int srcStride,
> uint16_t *dst[], const int dstStride[], int
> srcSliceH,
> int src_alpha, int swap, int shift, int
> width)
> @@ -811,6 +812,7 @@ static void packed16togbra16(const uint8_t *src, int
> srcStride,
> }
> }
>
> +__attribute__((no_sanitize("pointer-overflow"))) // FIXME: Remove.
> static void packed30togbra10(const uint8_t *src, int srcStride,
> uint16_t *dst[], const int dstStride[], int
> srcSliceH,
> int swap, int bpc, int width)
> @@ -882,6 +884,7 @@ static void packed30togbra10(const uint8_t *src, int
> srcStride,
> }
> }
>
> +__attribute__((no_sanitize("pointer-overflow"))) // FIXME: Remove.
> static int Rgb16ToPlanarRgb16Wrapper(SwsInternal *c, const uint8_t *const
> src[],
> const int srcStride[], int
> srcSliceY, int srcSliceH,
> uint8_t *const dst[], const int
> dstStride[])
> --
> 2.48.0.rc2.279.g1de40edade-goog
>
>
More information about the ffmpeg-devel
mailing list