* [FFmpeg-devel] rebase bugs?
@ 2025-08-08 23:09 Michael Niedermayer
2025-08-08 23:18 ` James Almer
0 siblings, 1 reply; 4+ messages in thread
From: Michael Niedermayer @ 2025-08-08 23:09 UTC (permalink / raw)
To: FFmpeg development discussions and patches
[-- Attachment #1.1: Type: text/plain, Size: 2486 bytes --]
Hi all
it didnt take long for something interresting to happen:
Heres my local pr/20134
git log origin/master..fforge/pr/20134 --oneline
a99fa230adb (fforge/pr/20134, fforge-michaelni/ff-tmp-uninit-ut-vlc-ffv1) avcodec/ffv1: Clear state on alloc
006125030a0 avcodec/utvideodec: Set B for the width= 1 case
also
git log --grep "Set B for" fforge/pr/20134 --oneline
006125030a0 avcodec/utvideodec: Set B for the width= 1 case
git log --grep "Clear state on alloc" fforge/pr/20134 --oneline
a99fa230adb (fforge/pr/20134, fforge-michaelni/ff-tmp-uninit-ut-vlc-ffv1) avcodec/ffv1: Clear state on alloc
so far so good
explain this:
git log --grep "Set B for" origin/master --oneline
27a541bb4cc avcodec/utvideodec: Set B for the width= 1 case
032dfe8584c avcodec/utvideodec: Set B for the width= 1 case
git log --grep "Clear state on alloc" origin/master --oneline
85a2beaa811 avcodec/ffv1: Clear state on alloc
70fc46d1856 avcodec/ffv1: Clear state on alloc
also not signed, not even with forgejos key:
git log --show-signature --grep "Clear state on alloc" origin/master --pretty=fuller
commit 85a2beaa811cda7ddfb1f5be133268e364395f0e
Author: Michael Niedermayer <michael@niedermayer.cc>
AuthorDate: Wed Aug 6 13:36:06 2025 +0200
Commit: michaelni <michael@niedermayer.cc>
CommitDate: Thu Aug 7 19:45:04 2025 +0000
avcodec/ffv1: Clear state on alloc
Fixes: use of uninitialized memory
Fixes: 428969823/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FFV1_DEC_fuzzer-5909681623334912
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
commit 70fc46d185663dbea0995bf868d66b58b388119e
Author: Michael Niedermayer <michael@niedermayer.cc>
AuthorDate: Wed Aug 6 13:36:06 2025 +0200
Commit: michaelni <michael@niedermayer.cc>
CommitDate: Thu Aug 7 19:44:59 2025 +0000
avcodec/ffv1: Clear state on alloc
Fixes: use of uninitialized memory
Fixes: 428969823/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FFV1_DEC_fuzzer-5909681623334912
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
No snowflake in an avalanche ever feels responsible. -- Voltaire
[-- Attachment #1.2: signature.asc --]
[-- Type: application/pgp-signature, Size: 195 bytes --]
[-- Attachment #2: Type: text/plain, Size: 251 bytes --]
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [FFmpeg-devel] rebase bugs?
2025-08-08 23:09 [FFmpeg-devel] rebase bugs? Michael Niedermayer
@ 2025-08-08 23:18 ` James Almer
2025-08-08 23:28 ` Michael Niedermayer
0 siblings, 1 reply; 4+ messages in thread
From: James Almer @ 2025-08-08 23:18 UTC (permalink / raw)
To: ffmpeg-devel
[-- Attachment #1.1.1: Type: text/plain, Size: 421 bytes --]
On 8/8/2025 8:09 PM, Michael Niedermayer wrote:
> git log --grep "Clear state on alloc" origin/master --oneline
> 85a2beaa811 avcodec/ffv1: Clear state on alloc
> 70fc46d1856 avcodec/ffv1: Clear state on alloc
Yeah, that's not good. The second commit is an empty duplicate.
>
> also not signed, not even with forgejos key:
It only signs commits if they were signed in the PR prior to rebasing, i
think.
[-- Attachment #1.2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 495 bytes --]
[-- Attachment #2: Type: text/plain, Size: 251 bytes --]
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [FFmpeg-devel] rebase bugs?
2025-08-08 23:18 ` James Almer
@ 2025-08-08 23:28 ` Michael Niedermayer
2025-08-09 5:02 ` Kacper Michajlow
0 siblings, 1 reply; 4+ messages in thread
From: Michael Niedermayer @ 2025-08-08 23:28 UTC (permalink / raw)
To: FFmpeg development discussions and patches
[-- Attachment #1.1: Type: text/plain, Size: 3887 bytes --]
On Fri, Aug 08, 2025 at 08:18:43PM -0300, James Almer wrote:
> On 8/8/2025 8:09 PM, Michael Niedermayer wrote:
> > git log --grep "Clear state on alloc" origin/master --oneline
> > 85a2beaa811 avcodec/ffv1: Clear state on alloc
> > 70fc46d1856 avcodec/ffv1: Clear state on alloc
>
> Yeah, that's not good. The second commit is an empty duplicate.
but how did this happen ?
the webpage lists 70fc46d185 (https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20134)
is this some sort multithreading feature where it spwns independant workers
for each and then maybe end up with 2 for one pr ? iam just speculating i have
not looked at one single line of forgejo code
if thats the case it should have stoped when it realized the comits are empty
>
> >
> > also not signed, not even with forgejos key:
> It only signs commits if they were signed in the PR prior to rebasing, i
> think.
git log fforge/pr/20134 -2 --show-signature
commit a99fa230adbe52504e6fadc1a3f85b5c30154349 (fforge/pr/20134, fforge-michaelni/ff-tmp-uninit-ut-vlc-ffv1)
gpg: Signature made Thu 07 Aug 2025 06:33:14 PM CEST
gpg: using EDDSA key DD1EC9E8DE085C629B3E1846B18E8928B3948D64
gpg: Good signature from "Michael Niedermayer <michael-git@niedermayer.cc>" [ultimate]
gpg: aka "Michael Niedermayer (key used for git commits) <michael@niedermayer.cc>" [ultimate]
Author: Michael Niedermayer <michael@niedermayer.cc>
Date: Wed Aug 6 13:36:06 2025 +0200
avcodec/ffv1: Clear state on alloc
Fixes: use of uninitialized memory
Fixes: 428969823/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FFV1_DEC_fuzzer-5909681623334912
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
commit 006125030a0c360539c615fa6b5881c9bd78e637
gpg: Signature made Thu 07 Aug 2025 06:33:13 PM CEST
gpg: using EDDSA key DD1EC9E8DE085C629B3E1846B18E8928B3948D64
gpg: Good signature from "Michael Niedermayer <michael-git@niedermayer.cc>" [ultimate]
gpg: aka "Michael Niedermayer (key used for git commits) <michael@niedermayer.cc>" [ultimate]
Author: Michael Niedermayer <michael@niedermayer.cc>
Date: Wed Aug 6 13:09:26 2025 +0200
avcodec/utvideodec: Set B for the width= 1 case
Fixes: use of uninitialized meory
Fixes: 428034093/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_UTVIDEO_DEC_fuzzer-6195630160805888
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
btw: (not sure thats the same issue or a genuine typo, its not empty seem like a genuine typo)
git log -2 8b5db38dc6d
commit 8b5db38dc6d0bec05ce7e4c1451986055032ed9c
Author: Kacper Michajłow <kasper93@gmail.com>
Date: Sat Jul 26 05:00:11 2025 +0200
avcodec/qcelpdec: set missing sample rate
Commit f566032bfda2fee4fb6388d5906d1957a1ed868a added frame validation.
Since then this decoder has been failing validation of sample rate
value.
Found by OSS-Fuzz.
Signed-off-by: Kacper Michajłow <kasper93@gmail.com>
commit 7f5db34f3b02ea5c1a951e65f04e313841ee888e
Author: Kacper Michajłow <kasper93@gmail.com>
Date: Sat Jul 26 04:59:44 2025 +0200
avcodec/qcelpdec: set missing sample rate
Commit f566032bfda2fee4fb6388d5906d1957a1ed868a added frame validation.
Since then this decoder has been failing validation of sample rate
value.
Found by OSS-Fuzz.
Signed-off-by: Kacper Michajłow <kasper93@gmail.com>
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
I am the wisest man alive, for I know one thing, and that is that I know
nothing. -- Socrates
[-- Attachment #1.2: signature.asc --]
[-- Type: application/pgp-signature, Size: 195 bytes --]
[-- Attachment #2: Type: text/plain, Size: 251 bytes --]
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [FFmpeg-devel] rebase bugs?
2025-08-08 23:28 ` Michael Niedermayer
@ 2025-08-09 5:02 ` Kacper Michajlow
0 siblings, 0 replies; 4+ messages in thread
From: Kacper Michajlow @ 2025-08-09 5:02 UTC (permalink / raw)
To: FFmpeg development discussions and patches
On Sat, 9 Aug 2025 at 01:29, Michael Niedermayer <michael@niedermayer.cc> wrote:
>
> On Fri, Aug 08, 2025 at 08:18:43PM -0300, James Almer wrote:
> > On 8/8/2025 8:09 PM, Michael Niedermayer wrote:
> > > git log --grep "Clear state on alloc" origin/master --oneline
> > > 85a2beaa811 avcodec/ffv1: Clear state on alloc
> > > 70fc46d1856 avcodec/ffv1: Clear state on alloc
> >
> > Yeah, that's not good. The second commit is an empty duplicate.
>
> but how did this happen ?
>
> the webpage lists 70fc46d185 (https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20134)
> is this some sort multithreading feature where it spwns independant workers
> for each and then maybe end up with 2 for one pr ? iam just speculating i have
> not looked at one single line of forgejo code
>
> if thats the case it should have stoped when it realized the comits are empty
Hard to guess what has happened. But it definitely looks like Forgejo
"merged" this PR twice and the 2nd time it applied empty commits.
It looks really amateur on this side of Forgejo. Not only the race
condition (probably) that executed merge twice, but also allowing
empty commits by default, which git normally warns about. Forgejo
should abort at this point... or never do it twice.
Quite surprising, because this is a very basic scenario and we are
already finding bugs. This is also why my initial intuition in the
GitLab vs Forgejo discussion was that GitLab is battle tested and in a
corporate environment, things like that would never happen in more
mature software. But that's a discussion for another mail thread, my
list of forgejo issues is getting longer and longer...
> >
> > >
> > > also not signed, not even with forgejos key:
> > It only signs commits if they were signed in the PR prior to rebasing, i
> > think.
>
> git log fforge/pr/20134 -2 --show-signature
> commit a99fa230adbe52504e6fadc1a3f85b5c30154349 (fforge/pr/20134, fforge-michaelni/ff-tmp-uninit-ut-vlc-ffv1)
> gpg: Signature made Thu 07 Aug 2025 06:33:14 PM CEST
> gpg: using EDDSA key DD1EC9E8DE085C629B3E1846B18E8928B3948D64
> gpg: Good signature from "Michael Niedermayer <michael-git@niedermayer.cc>" [ultimate]
> gpg: aka "Michael Niedermayer (key used for git commits) <michael@niedermayer.cc>" [ultimate]
> Author: Michael Niedermayer <michael@niedermayer.cc>
> Date: Wed Aug 6 13:36:06 2025 +0200
>
> avcodec/ffv1: Clear state on alloc
>
> Fixes: use of uninitialized memory
> Fixes: 428969823/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FFV1_DEC_fuzzer-5909681623334912
>
> Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
>
> commit 006125030a0c360539c615fa6b5881c9bd78e637
> gpg: Signature made Thu 07 Aug 2025 06:33:13 PM CEST
> gpg: using EDDSA key DD1EC9E8DE085C629B3E1846B18E8928B3948D64
> gpg: Good signature from "Michael Niedermayer <michael-git@niedermayer.cc>" [ultimate]
> gpg: aka "Michael Niedermayer (key used for git commits) <michael@niedermayer.cc>" [ultimate]
> Author: Michael Niedermayer <michael@niedermayer.cc>
> Date: Wed Aug 6 13:09:26 2025 +0200
>
> avcodec/utvideodec: Set B for the width= 1 case
>
> Fixes: use of uninitialized meory
> Fixes: 428034093/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_UTVIDEO_DEC_fuzzer-6195630160805888
>
> Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
As far as I've seen Forgejo is only able to sign commits that it
produced, like when you create an initial community or edit something
in web ui.
I've tested a few days ago and neither rebases, nor merge commits were
signed by Forgejo and instead all signatures are stripped.
And this happens even though Forgejo explicitly says besides the
"merge" button, that commit will be signed by key <path>. Never seen
this work.
> btw: (not sure thats the same issue or a genuine typo, its not empty seem like a genuine typo)
Yes, this is my bad, sorry.
- Kacper
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2025-08-09 5:03 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2025-08-08 23:09 [FFmpeg-devel] rebase bugs? Michael Niedermayer
2025-08-08 23:18 ` James Almer
2025-08-08 23:28 ` Michael Niedermayer
2025-08-09 5:02 ` Kacper Michajlow
Git Inbox Mirror of the ffmpeg-devel mailing list - see https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
This inbox may be cloned and mirrored by anyone:
git clone --mirror https://master.gitmailbox.com/ffmpegdev/0 ffmpegdev/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 ffmpegdev ffmpegdev/ https://master.gitmailbox.com/ffmpegdev \
ffmpegdev@gitmailbox.com
public-inbox-index ffmpegdev
Example config snippet for mirrors.
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git