in addition to checking the environment for "MALLOC_LIMIT"; the
environment will still take precedence.
this is in preparation for adding extreme config value coverage to
advanced_api_fuzzer
Bug: chromium:1196850
Change-Id: Ibe22f5e39e030a422fd6e383269bde35252d3fae
avoids integer overflow in extreme cases:
src/dsp/rescaler.c:45:32: runtime error: signed integer overflow: 129 *
16777215 cannot be represented in type 'int'
#0 0x556bde3538e3 in WebPRescalerImportRowExpand_C src/dsp/rescaler.c:45:32
#1 0x556bde357465 in RescalerImportRowExpand_SSE2 src/dsp/rescaler_sse2.c:56:5
...
Bug: chromium:1196850
Change-Id: I4f923807f106713e113f3eec62a1d1c346066345
after the check using 64-bit math we used a signed integer in the
multiplication. previously unsigned integer max was tested.
fixes cases like:
src/dec/buffer_dec.c:108:16: runtime error: signed integer overflow:
944731466 * 4 cannot be represented in type 'int'
#0 0x55e56187dc1d in AllocateBuffer src/dec/buffer_dec.c:108:16
#1 0x55e56187dc1d in WebPAllocateDecBuffer src/dec/buffer_dec.c:216:12
...
Bug: chromium:1196850
Change-Id: I6e5b3e5d1d5b50b5c98c39bbf9813a63fedc5ca7
replace with more inclusive terms or remove the comment entirely if the
meaning was already clear.
Bug: webp:507
Change-Id: Ica3bbf751ebf79f6668df6e6209af770248ff4ca
enc is allocated with WebPSafeCalloc so there's no need to clear the
pointers afterward.
this has the side-effect of removing a non-inclusive term.
Bug: webp:507
Change-Id: I82f82954936638c4c15d33b2d6f0497a6a13571f
This reverts commit b6513fbaa8.
This change can produce files that can cause decode failures in some
versions of chrome and safari/ios/macos.
https://chromium-review.googlesource.com/c/chromium/src/+/2876279
The chrome fix will be available in M92. This change can be revisited
after it and the mac updates are more widely deployed.
Bug: b/186640109,b/188702956
Change-Id: I296b8fe88c6c48219e3edf532226c4f972f1605b
though the max chunk/payload sizes were checked and would fail the
padded size was being calculated beforehand which could result in a
(harmless) unsigned int overflow warning.
Bug: webp:508
Change-Id: I4fa30ded2b027c1577b03049a2deeb7bf75e5472
fixes conversion warnings in visual studio after:
b1674240 Add modified Zeng's method to palette sorting.
src\enc\vp8l_enc.c(296) : warning C4244: '=' : conversion from 'const
uint16_t' to 'uint8_t', possible loss of data
src\enc\vp8l_enc.c(299) : warning C4244: '=' : conversion from 'const
uint16_t' to 'uint8_t', possible loss of data
Change-Id: I981b1ba4912edbbafbd49f1f5b1043bf12266920
large values of x_add and y_add may rollover an int causing a later
assertion to fail in WebPRescalerExportRow due to fxy_scale incorrectly
being set to 0.
fixes:
src/dsp/rescaler.c:178: void WebPRescalerExportRow(WebPRescaler *const):
Assertion `wrk->src_height == wrk->dst_height && wrk->x_add == 1'
failed.
Bug: chromium:1196480
Change-Id: I2c00f015d61a1257033d8edb1edd4d060d6878b7
this matches the description in WebPDecoderOptions and prevents a
mismatch between the user supplied options and the ones used by io.
Bug: chromium:1196773, chromium:1196775, chromium:1196480
Change-Id: I3603b806884cfc6969b093d06b7980b0cc13199b
this matches the description in WebPDecoderOptions and prevents a
mismatch between the user supplied options and the ones used by io.
Bug: chromium:1196480
Change-Id: Id464f999d737078078f9d21afe25b349317f5ab4
and avoid integer overflow in test of x/width and y/height parameters
against the image width/height
Bug: chromium:1196778, chromium:1196777, chromium:1196480
Change-Id: I7b8f1f4dbebfe073b1ba260b8317979488655dcc
With palette+predictors, cross-color was forced (because of predictors).
No need for cross-color for palettes as R/B==0.
This saves 10 bytes per image that uses palette+predictors.
Change-Id: If2184d16cdabe1e8498009062284ad3e37ef1342
if bypass_filtering was set to 1 in the user provided options it
shouldn't be reset in the use_scaling pass even if the image satisfies
the scaling requirements.
Change-Id: I036029907886acb63748872d5f8763954a7c607b
VerticalUnfilter_SSE2 has long been disabled due to a crash in an
Android emulator that hasn't reproduced elsewhere (crbug.com/654974).
this synchronizes the code for now to avoid needing to locally edit the
file on import.
Bug: 1141126
Change-Id: Ib61aeab93caaff1759606566b9e499eaac1576cf
this function produces different results from the C code due to
use of double/float resulting in output differences when compared to
-noasm.
Bug: webp:499
Change-Id: Ia039b168c0a66da723fb434656657ba1948db8ae
It's explicitly safe (and recommended!) to plug external data into
the pic->y/u/v/argb fields. They are guaranteed to be preserved
by the encoding process if no conversion is needed.
Change-Id: I325ca41a6a834f7f028431c605dddef67e9542cc
- Add `-msimd128` to flags to actually enable WebAssembly SIMD
when performing SIMD detection. It's currently required in
addition to `-msse*` / `-mfpu=neon` flags which only perform
translation of corresponding intrinsics to Wasm SIMD ones.
See a discussion at emscripten-core/emscripten#12714 for
automating this and making easier in the future.
- Remove compilation branch that prevented definitions of
`WEBP_USE_SSE` and `WEBP_USE_NEON` on Emscripten even when
SIMD support was detected at compile-time.
- Add an implementation of `VP8GetCPUInfo` for Emscripten which
uses static `WEBP_USE_*` flags to determine if a corresponding
SIMD instruction is supported. This is because Wasm doesn't
have proper feature detection (yet) and requires making separate
build for SIMD version anyway.
Change-Id: I77592081b91fd0e4cbc9242f5600ce905184f506
The offset *can* be negative, but the sanitizer reports strange
address behaviour when row_offset is unsigned size_t.
For safety, use int64_t instead (probably overkill. int32_t is probably ok).
Change-Id: I1bd424bfdb5447b3839f40679581d6bdea075320
After ParseAnimationFrame() calls StoreFrame(), check if StoreFrame() reads
more than anmf_payload_size bytes from dmux->mem_. Treat that as PARSE_ERROR.
Change-Id: I0d03885c19d32792af78de7bed1a944ca01f1dc6
with WebPReplaceTransparentPixels() function signature:
src\enc\picture_tools_enc.c(86): warning C4028: formal parameter 1
different from declaration
Change-Id: I0140d61b0dfebcbb4189707e8f2f4b1af802a4d7
this provides stronger synchronization when pthreads are available as
was done in 'd77bf512 add WEBP_DSP_INIT / WEBP_DSP_INIT_FUNC' for the
other init functions.
Change-Id: I2ffe4e24454d276c2411ece34dca38d23d4756d5
Fix another pessimization found by the pingo image compressor.
Refactoring is necessary to make LZ77 computation
common to cache or no-cache analysis.
Slower by 1.7x instead of 2x
Change-Id: I396701ea6e88543dbfe9471eb552877f6c8ce1e3
qmin / qmax are now using the pad[] spot at the end of the struct,
and we don't need to bump the ABI major number.
Change-Id: I41adcaf1600b29a5a05c9fe380bfd977cf425124
this was not giving a good alpha value, making the method 5/6 a little
blurrier than method 4 (!).
Change-Id: I69b9890dea21499c1af1753e87d9f7adf8b433de
This is particularly useful for multi-pass search (but not only),
to prevent the search from going over or below a reasonable threshold.
E.g.: 'cwebp -qrange 50 80 ...' will prevent any unreasonable degradation.
new cwebp option: -qrange min max
Change-Id: I59f394533535fc20b6996bc0895f4301476d5eff
PredictorSub0_SSE2 doesn't use 'upper' (neither does
VP8LPredictorsSub_C[0]); just pass NULL when dealing with trailing
pixels to avoid undefined behavior when offsetting a NULL pointer
BUG=chromium:1026858,oss-fuzz:19430
Change-Id: I08be8899ed2e34f26aaee34defe68dbd0fe216d3
some toolchains may implement vcreate_u64 as an assignment to a vector
causing a type mismatch:
invalid conversion between vector type 'uint64x1_t' (vector of 1
'uint64_t' value) and integer type 'unsigned int' of different size
const uint64x1_t LKJI____ = vcreate_u64(L | (K << 8) | (J << 16) | (I << 24));
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Change-Id: I5c7b0076ad66d4b3fcdcb7ee9f59bbaa6f19b783
The workaround for GCC ARM must not be applied when another toolchain
(like MSVC) is used for the build.
Change-Id: I11ec4558902063ccb085d3f435e24b3a60739dd5
'upper' could be NULL and it would be increased.
But that is for predictor zero that does not use 'upper'.
Change-Id: Icd4ae6792cc55ea021b4f828c3dbdb5f03e120d8
Since people seem to write "2 ^ X" hoping that it means "1 << X", clang
recently added a warning for this pattern.
It incorrectly fires on this file. To suppress it, restructure the code
to be less clever. (Alternatively we could use "xor" instead of "^" or
write "0x2" instead of "2" but both seem worse.)
No intended behavior change.
Bug: chromium:995200
Change-Id: I64744345be5f5a8cd1f4aaeaf0982da239b378a7
sometimes, the last rows of the alpha plane contain more than NUM_ARGB_CACHE_ROWS
rows to process. But ExtractAlphaRows() was repeatedly calling ApplyInverseTransforms()
without updating the dec->last_row_ field, which is the starting row used as starting
point.
Fix would consist of either updating correctly dec->last_row_ before calling
ApplyInverseTransforms(). Or pass the starting row explicitly, which is simpler.
BUG=webp:439
Change-Id: Id99f2c28662d02b2b866cb79e666050be9d59e04
For some exact resonance the over-quantization was exactly
compensating the under-quantization, leading to resonance
and strange patterns.
-> we special-handle the very flat blocks, hopefully for the
greater good (and not just the bad-resonance case).
For 'fast mode' (-m 3 or less), we just pay special attention
to the border of the image, where the oscillation / instability
usually starts. For the inner part of the image, since we're not
doing rd-opt, it's harder to fix anything.
Overall, on 'regular' images, the change is written the noise,
often leading to overall faster encoding (because of the short-cut).
BUG=webp:432
Change-Id: Ifaa8286499add80fd77daecf8e347abbff7c3a15
missed in a788b49
with clang7+ quiets conversion warnings like:
implicit conversion from type 'int' of value -114 (32-bit, signed) to
type 'uint8_t' (aka 'unsigned char') changed the value to 142 (8-bit,
unsigned)
Change-Id: I52dcd9cd613107f5424177c277785b92430bffb7
with clang7+ quiets conversion warnings like:
implicit conversion from type 'int' of value -114 (32-bit, signed) to
type 'uint8_t' (aka 'unsigned char') changed the value to 142 (8-bit,
unsigned)
Change-Id: I7f08a836ddcf777454dfd5b877a81b62b2abac86
with clang7+ quiets conversion warnings like:
implicit conversion from type 'int' of value -12 (32-bit, signed) to
type 'uint8_t' (aka 'unsigned char') changed the value to 244 (8-bit,
unsigned)
Change-Id: I053c92301e55dcb0cae89a7733636283da942176
no change in object code
from clang-7 integer sanitizer:
implicit conversion from type 'uint32_t' (aka 'unsigned int') of value
1955895199 (32-bit, unsigned) to type 'uint8_t' (aka 'unsigned char')
changed the value to 159 (8-bit, unsigned)
Change-Id: I0c3022339e34b9c9af03167ab827ade677973644
_mm_set1_epi16 takes a short argument
from clang-7 integer sanitizer:
implicit conversion from type 'int' of value 65280 (32-bit, signed) to
type 'short' changed the value to -256 (16-bit, signed)
Change-Id: Iad64f6209a8c130a7df67515451ded45b3f91702
_mm_set1_epi8() takes a char argument
_mm_insert_epi16 takes a short argument
from clang-7 integer sanitizer:
implicit conversion from type 'int' of value 189 (32-bit, signed) to
type 'char' changed the value to -67 (8-bit, signed)
implicit conversion from type 'int' of value 128 (32-bit, signed) to
type 'char' changed the value to -128 (8-bit, signed)
implicit conversion from type 'int' of value 33909 (32-bit, signed) to
type 'short' changed the value to -31627 (16-bit, signed)
Change-Id: Id6b191b2c06881e27d447eeb1ff5bb2c1857b6ba
holding the associated mutex while signaling a condition variable isn't
necessary and in some implementations will reduce performance as the
woken thread may test the mutex, fail and go back to sleep.
Change-Id: Id685a47b0c76fc4a1c5acedcb6623e8c55056415
_mm_set1_epi8() takes a char argument
_mm_insert_epi16 takes a short argument
from clang-7 integer sanitizer:
implicit conversion from type 'int' of value 255 (32-bit, signed) to
type 'char' changed the value to -1 (8-bit, signed)
implicit conversion from type 'int' of value 33153 (32-bit, signed) to
type 'short' changed the value to -32383 (16-bit, signed)
Change-Id: Ic88c8ef3d00146d34f53a560582db673f818370d
no change in object code
from clang-7 -fsanitize=implicit-integer-truncation
implicit conversion from type 'int' of value -16 (32-bit, signed) to
type 'uint8_t' (aka 'unsigned char') changed the value to 240 (8-bit,
unsigned)
Change-Id: Ia7cbaad247ab22b505b7f98b1247219c024f6db0
no change in object code
from clang-7 -fsanitize=implicit-integer-truncation
implicit conversion from type 'int32_t' (aka 'int') of value 287
(32-bit, signed) to type 'uint8_t' (aka 'unsigned char') changed the
value to 31 (8-bit, unsigned)
Change-Id: I692368bcc2f41412697b8ae51e53078831072891
no change in object code
from clang-7 -fsanitize=implicit-integer-truncation
implicit conversion from type 'int' of value 39736 (32-bit, signed) to type 'uint8_t' (aka 'unsigned char') changed the value to 56 (8-bit, unsigned)
Change-Id: I0ecf24c5b1b11e056c58b3b85ea529c30cdadf57
"implicit conversion from type 'uint32_t' (aka 'unsigned int') of value xxxxx (32-bit, unsigned) to type 'uint8_t' (aka 'unsigned char') changed the value to xx (8-bit, unsigned)"
and same with signed -> unsigned conversion with truncation.
Change-Id: I50cae41a9ce7edcfcc814cc3ee2556b927064f43
We saturate the result to [0..255]
It's the easiest and safest, given the wide variety of scaling
range we cover: we're not using floats, so precision is always
an issue at one end or the other of the scaling spectrum.
we also use:
round(a - floor(b))
instead of:
floor(a - round(b))
to handle difficult cases (ratio ~= .99, e.g.)
MIPS code is still disabled (and wrong)
Change-Id: I18d3f5ddc4c524879c257b928329b1c648fa7fb5
previously if the mappings allocation failed histo_queue->queue would be
uninitialized; split the conditionals
Change-Id: I1b50b987e734393893dc8a83a3f314522ccd0c83
note that config.exact defaults to 0 and point users to WebPEncode() if
the default isn't acceptable.
BUG=webp:424
Change-Id: I179c34649834aeadc1606d0856f33e8255048ea1
This is to prevent resizing to dimension 0
+ added some safety checks about src_width > 0 and src_height > 0
BUG=webp:418
Change-Id: Ic04a53ad26455d80538bc8681882a554fca2a340
Taking the comments from the internal ParseHeadersInternal.
(which is called by GetFeatures).
BUG=webp:411
Change-Id: I9999b4a183805e2db1456610a30024a0d8be4d00
It's safer to clip the passed param instead of doing 32b arithmetic
and clipping afterward.
Output is unchanged, but code no longer rely on UB.
Change-Id: Ia5b4de6e8863981753f1d17f062965a6a5da5bed
dst->cur_ was not set.
The bug occurred only with several VP8LBitWriter instances
(thread_level > 0) and in 32-bit (in 64-bit, src->cur_ was
always 0 in VP8LBitWriterClone()).
BUG=chromium:917029
Change-Id: I0d94a3d8e62b247fd616eebe1009868dc8a5ed2e
Move IsFlat to its own header. This allows it to continue to be
inlined. Using the RTCD and creating a distinct function slows down arm
builds.
flower mug
C 3.59 2.12
NEON 3.47 2.01
BUG=b/118740850
Change-Id: Id77e8f76d9e9790c498806e7070bbe37c10bc2e9
thresh is defined by FLATNESS_LIMIT_* which ranges from 2-10.
score_t is int64 which is a touch overkill.
Change-Id: I308bd440bf11643665d3642fe361495a257b6e52
Direct copy of sse2. Slight improvement because neon has
abs().
flower.ppm had minimal improvement. Somewhat expected because
GetResidualCost_C is only ~3.6%
mug.ppm had a better improvement because GetResidualCost_C is
almost 9%.
C 2.150
NEON 2.130
BUG=b/118740850
Change-Id: Ibc0dd97a81596635f5599cf568205974b4fd2597
Much faster with aarch64. Still somewhat faster without vmaxv.
C: 3.700s
ArmV7: 3.675
aarch64: 3.600
BUG=b/118740850
Change-Id: I3be852da89633eca4bddce443c87f5e4a2f55868
The old code simply did not make sense.
The effect is that the pair would be popped from the
queue no matter what; as the queue is small, it does
not matter that much on the results.
But it will matter for a later CL.
Change-Id: If50c9fa9d7f3ac3c48bb7336d81479287d4944c4
(cherry picked from commit 485ff86fbb)
The old code simply did not make sense.
The effect is that the pair would be popped from the
queue no matter what; as the queue is small, it does
not matter that much on the results.
But it will matter for a later CL.
Change-Id: If50c9fa9d7f3ac3c48bb7336d81479287d4944c4
Also, histograms in a HistogramSet can be initialized all
at once.
Change-Id: Ibbfa6034dce58dca8bb9113487e2ae507222ce7d
(cherry picked from commit 6752904b2f)
When histograms are empty, it is easy to add them.
They should also not be considered when merging histograms
(it is a waste of CPU).
This does not change the compression performance,
just the speed.
Change-Id: I42c721ca0f9c5ea067e73b792aa3db6d5e71d01f
(cherry picked from commit decf6f6b87)
When histograms are empty, it is easy to add them.
They should also not be considered when merging histograms
(it is a waste of CPU).
This does not change the compression performance,
just the speed.
Change-Id: I42c721ca0f9c5ea067e73b792aa3db6d5e71d01f
We should be using 'floor' when doing the final divide.
-> new MACRO is MULT_FIX_FLOOR()
XXX*** Mips code is DISABLED for now ***XXX
I'll update and re-enable it in a later
patch, since this code needs some refactoring first.
BUG=oss-fuzz:9179
Change-Id: Ic0693cdca4e71f5beab1029475e35c4d06b12d13
* Assert chunklist
* fix potential memory leak and
* fix null pointer access
There should not be several alpha_ or img_ chunks in SynthesizeBitstream. Use ChunkListDelete in MuxImageRelease to be safe.
A null pointer accessed in WebPMuxPushFrame triggered a harmless runtime error.
Change-Id: I3027f8752093652bd41f55e667d041c0de77ab6e
The chunk list only has two operations: append and set
to one element. The two operations are split and the append
one is sped up by storing the last element.
Corrupted data could make a very long list to search through.
BUG=oss-fuzz:9190
Change-Id: I1aa813ca629df29efaa3b46dbd4c4c42dbeaa34c
The standard allows for Huffman images with any coefficients.
Hence potentially big memory allocations. The previous workaround
was "trying" things out, the new one is more rigorous and
only allocates what is needed, modifying the Huffman image
to contain the minimal set of coefficients.
BUG=oss-fuzz:8623,oss-fuzz:9111,oss-fuzz:9134
Change-Id: I6a972e90e4ae509c15cb41ee22c58b775fa3f4aa