From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ffbox0-bg.ffmpeg.org (ffbox0-bg.ffmpeg.org [79.124.17.100]) by master.gitmailbox.com (Postfix) with ESMTPS id 0F7194F2E6 for ; Mon, 16 Jun 2025 08:55:30 +0000 (UTC) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.ffmpeg.org (Postfix) with ESMTP id 47F2868DB5E; Mon, 16 Jun 2025 11:55:27 +0300 (EEST) Received: from EUR05-AM6-obe.outbound.protection.outlook.com (mail-am6eur05olkn2086.outbound.protection.outlook.com [40.92.91.86]) by ffbox0-bg.ffmpeg.org (Postfix) with ESMTPS id 94B2D68D6D1 for ; Mon, 16 Jun 2025 11:55:20 +0300 (EEST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=kM1pTewhPjbbdR++wrllzrm5q35bN7+12GtVlvz0zK2LT26xdep6/8esNXd2m3jLNbMO4sbZ/AMt0x63u3Up4ZBBPM8gHHSsXUR/JgDKiBEDfxMEtESqmmQZSTZz4YKVNqicYHgFwfZqH65AvAuoIye6W9bXh1Bv1/e34PrhqKqz0L1nlVkb8zLV7nKHF53hb1WhjoH5LMfQhweQkZkqdYfl49w1kK6KU3GXsZckBOwVeBW80n1mwIedsK4bOu6muhUPeZgPt2YZ4gM084vYziw92h/JcYOBmbVPcp7W5l2MLpv4CD9bsvkkS3dM0S7/VbVCVR2lJB7sDKSMpgDKxA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=5iGMpuawGkp9I3fQgDool5xFyCJwA/qlzExNO54efjc=; b=GlFC5EYCZgrxYuflZu/a5tuuCk2IHHdrJ4Pef5nFaO6hTa3cF/Yy1VrI9zkFuC4FGAvwcTrTnsfutVRYMTvk9SBw1kI15m+X5x7iNixik0HtyCXf05P3xufJqeunUucs1l6QaRgbR4OUPVEy7ePebK0klGAzBQIpFHCBRjO+zZGKgas+RwS73LGx+0oldAparwbLfkNnGTjXaVpdQecYZ/iqAObOMhOsZG5TSG93KtdKMm01Z3re+xREl+K9qzyQiTmgQvKCk8sgwdLkG+wIRge7HICDzrQWav99gFt/swURZVCS89BztvRxFrN3ri9zSJBNLjNiQ9sY3X5Pd5hYWA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=5iGMpuawGkp9I3fQgDool5xFyCJwA/qlzExNO54efjc=; b=ZkzxwM5JWH+JlOrscRDEU0M+JvxeAK00acwcz4WPtNc3G+bvt+dRGUWhuh5c6oP/rxGTm6qs8mOp8SsF2whCfjMlDNMSrdFcuZwglUD/+lh5YUXw43fwcGY9+FoAW5uaYNKl4mb9SU5G4wJ9qw9VsteqmzW59Jwk6Sg+zFqvU+VNj28B1TCG0Mcs0SDtm8EaIpNWyTd+kWQv3JaXsNeogTJTDs3eOpYAgO7T4shA/ytC4qFr3HjKMwY6nBQvmQlHL+zUyFkO6NTP5gGhvxTWX2fTkAA3XRJKxIWJhNzDaY+Sd3MlRsNnktFh8cfv1RO3SmY7DRO3PgDzCuJsGpF1EA== Received: from GV1P250MB0737.EURP250.PROD.OUTLOOK.COM (2603:10a6:150:8e::17) by DU0P250MB0722.EURP250.PROD.OUTLOOK.COM (2603:10a6:10:3c9::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8835.29; Mon, 16 Jun 2025 08:55:19 +0000 Received: from GV1P250MB0737.EURP250.PROD.OUTLOOK.COM ([fe80::d6a1:e3af:a5f1:b614]) by GV1P250MB0737.EURP250.PROD.OUTLOOK.COM ([fe80::d6a1:e3af:a5f1:b614%7]) with mapi id 15.20.8835.027; Mon, 16 Jun 2025 08:55:19 +0000 Message-ID: Date: Mon, 16 Jun 2025 10:55:17 +0200 User-Agent: Mozilla Thunderbird To: ffmpeg-devel@ffmpeg.org References: Content-Language: en-US From: Andreas Rheinhardt In-Reply-To: X-ClientProxiedBy: FR4P281CA0186.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:ca::16) To GV1P250MB0737.EURP250.PROD.OUTLOOK.COM (2603:10a6:150:8e::17) X-Microsoft-Original-Message-ID: <01880c66-58b3-40d8-b884-1356daf9a6f3@outlook.com> MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: GV1P250MB0737:EE_|DU0P250MB0722:EE_ X-MS-Office365-Filtering-Correlation-Id: 5c59a699-4142-403d-0f22-08ddacb38503 X-MS-Exchange-SLBlob-MailProps: AZnQBsB9XmpirIBHktUo1qChFBbx+NYsLZnFljaGuZIBA6F+NbgPPjau8Fyg0Mgmi5vLP64+b+LNKLRVefCogDeZA5y/gMagc/jmw6zVSGdWAqA4uYarBInwTYug/yprFUMAjVSjkmnHBrSfC7WPiq80ZzF9hvURia/asdx6tEiTddYcqoZqZnVsKLw8R77gm4uC8VOqYt2mOd4HWEjmaNa/f+ZoRKQ6BiCiO3MYN2XKhGSD4YHaGhrI1VIOudlv1UzcfaLja+aF5KnlmI5u9N4tvw8rGcOrpT+VTv8dW72psNASmtrGEH+p2Rb2fhrhXJLyNnPQbpEmyA3fa+hdmgA5QgujAmEhCmOsZR+HI1JUvCXlUfa5jNYusYCddwIIlm91u+fTu4MtBbglzJNfpHulhKPlt4UpwplfZz/NjTFWGMHfRtuXLjGmEdUjGxkHedfL7+Z1nwO+HnObUx7MoVXcS8BIgTTac2bSGu07LrnI2wFOLnUP1tCEIo3NT7diYqfBNuH1VcprX89UP8XvuvI1TVbp091tzq/Vuibm1cUB4fvvsYIb5/HOkW5Mt1U8AfAzOsHX/3D/MO+i+Jfgtlr33Ps0lEkAwTdciMY9UY2bsofkLKkLDnZMCayGcioe9g77vLl9d7xt4ZIDrOF9AL+dJpKz8Q3zw2ScuwDMlROc3JJ+vgEIC94cuQEkCpm2BYEiqo3fptC4Frk1Sp16pmZox7fKKSnFMi9JxvfLYjXhFwMbUqnnnMGV+PdV6ynN3sUpi8/DAzM= X-Microsoft-Antispam: BCL:0; ARA:14566002|5072599009|6090799003|8060799009|461199028|7092599006|19110799006|15080799009|440099028|3412199025|40105399003; X-Microsoft-Antispam-Message-Info: =?utf-8?B?NHNVdTFBdlozd0pCUDN3ZThnR2dXWm92N2pQalp3VFhKWE1zWlNuS01sT1BU?= =?utf-8?B?RWZ4U0pmZ2NuWWhpc0M3TkVQVUszUTRDMWVrRTdPUTBtelRSS1RLNFYyRjVD?= =?utf-8?B?b0Fna0g1bDVrZHkybjFLNXNVcEhBL1dpS1FUVjhGZjVVWWtJZjlyVDFQK1dF?= =?utf-8?B?WERCUEc3bng3QVBwWVZHd0N2K2M2dXdKQTJSenRVbVZQbERzdjRia0JTT0NH?= =?utf-8?B?RWhiYUU5NGMzTFFzSi9VYlY4ZlNPRTh0d1k4RXpGSkhYSzhucjRiN1NKa3pZ?= =?utf-8?B?WXpWV3BXYk53b0s3bFFtYlpkU05nVU1ZRzJ0TjNjbnNBQ2FRQ21pZkpTdHV5?= =?utf-8?B?ckRpb2hzaU1hVGFVYXVhM3I1TXhlRE9xZlNkanJqV1F5aFJrTVI5eDd3bVAy?= =?utf-8?B?UmpBdlEyNHhveEkwQXUwTlBXR3NWcUdLLy9GSVVobDJTd3J0eE8wcVdiUDVD?= =?utf-8?B?cWxHZmVmMFplZEY2cXhvMW5zSFFpR254VUQwOXNUbElrVzdHb1FmMFhpeVVZ?= =?utf-8?B?dVdXazBIQUIwRmVLNmtBdlJFTjNmTDYrMkZiY3Zhd2V5d1dIaWh2MXNMU2hp?= =?utf-8?B?WXloT1dUS21yUHdxV3FqZTlUSVNZWk5wSDRUcktuRHdYVGZKMHBoUmtnZnpG?= =?utf-8?B?Tjlzd2krL2ZTeU92NEUzejVBencyTWZybnljMWJsT0YwM0hDTThKTzdvZU95?= =?utf-8?B?TWxDVlVDd2c2NUo2L2p5Z3V3K3ZmRDVzNnJTUVdWRlZIMmkzMFFFVURSRndX?= =?utf-8?B?dGJXWUhEZ3lKd3RNSEZqakx5S0YvM3laUUNTeGE1RjR5K2JaWVJUTFl2Ritv?= =?utf-8?B?dEpqK2duTi9saTNLVDFITUFDc2lKWkdSY1hHZWp2eVJoNUpSeENLZktGaXgr?= =?utf-8?B?TVZIT3pkU3ZxYkFNTTdqN1lwUXJrYjUwSjB3Z0xlUGhHMUVQTktrRzBIcG1j?= =?utf-8?B?L1hreHFHSGlwcko1SW9tZmE1NHJHb1g4OWxJMlRUcWFORlRKbk5MYWlhUGNv?= =?utf-8?B?SmR0RXRkcXlUV3Z0WHNSK0xuV2R5ZlJ2V3VtRldMQVVYMnV1emcxSXhHbzFv?= =?utf-8?B?dUg0V1lVUmoxVG9CTnd4Y1Z3WUI1dVBpTUM2SUFMWitSY3RqdW9pZkZPbTNJ?= =?utf-8?B?clVkNEh5aGVvS3dmWHR3Z3FoZHlNWkdQUzlFRmJIRVVaUUUrZzZubHVCWURm?= =?utf-8?B?azhrUVR3cnR4Z2JzN3dySGtnSHoyRVAxcS9FRUtwSldqbzNjckI3b0E0RjV0?= =?utf-8?B?dzFMQmZxRHdDMnBqTlZuYTFydzBFVjBiSVJscFlIYWZaeVJRZVliQmxoY3cw?= =?utf-8?B?VXpXK0RoQTBoajZrbDd5UjQrTVllYVNLVy9qemcycnJCWERvV3REQisxdnhK?= =?utf-8?B?NHpwTEZzT2pMYWlrd212Zy9jT29sajREWmc5aGVPb3g3bmM0QndNZFVxck1N?= =?utf-8?B?aytMR3NIdG9YaFR5bFpzOG9XRHkzTTRSckVLM3hoYU1iRUIycnMvMVhBeDJF?= =?utf-8?B?ZGtoMmVNN2pvTTZFLzV3R1JiTkQ1OUJjMmMyV1Z5T2VlaEppOFNuR3Zkd1g3?= =?utf-8?Q?KzlUrQBRm/a6+dyfeKu571jQc=3D?= X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?RXVIZnk4WHd1bVBjWWxWa1NLazFFQkVKdEV3RzB0QUJrdzJSVis4cXE5U28r?= =?utf-8?B?UjBoU0p4YXAwNHR1OGFlbFVrM1JPZ2lvNSt1UVFoRTFyTlA4NUE1OTV5ZW1E?= =?utf-8?B?cmlhTTJ6RzNzOHREcHlKa2k4Tkh3azlkS2VNc2pBMWZ0SlZKbFkwTGlIQkFI?= =?utf-8?B?aDVQNUJFN2V1VzBzcm5sdFNDQU1NbkZtZGcwRjUvajljK2c5SnNXN2FsMkZ0?= =?utf-8?B?WmY5T0x0WFRScllVL0dQMFpFUjc5R2xnQm5DR0R6bGJGSjF1M0diT1RPaFlw?= =?utf-8?B?VlZ6SUNTWFNtaEUwck5jUFh1Yldia25UVW5HNXZPWllxdlVJVVBodC9pZVhz?= =?utf-8?B?NG9Ga3lPcUc4UmdCSW54T0xkY0g2YzRIUFJNcGdlekQrajI4RmpLTXNaZVJG?= =?utf-8?B?TklZSnVHcWxWZWZ0U3VnU0VieG1GL3Y0Q1pUU2luVHpQRGw2a1U3TEhWL204?= =?utf-8?B?ZTRBNXp1cjdweFpLQnpuUTBDWXVkWU40UnE0M3hHMlJLVEh5b1NmRVZKNU9D?= =?utf-8?B?OUdhZWJpdDQ1WnozdzZERzdLR1krSTRXL0czdHpER2VlUmNpM0tRN3BJN2R3?= =?utf-8?B?R2lsdkhGd3JVSG9PTHpxMGh6d3BvdUhFYkc2OWVtTXIzNjRIRGt2aEZQYWNV?= =?utf-8?B?WEEvT0lmNldhdjRscEkydGtvZnZ5SndTelZMSSt4MUlQMm1WWWVCK1Bkc1Zt?= =?utf-8?B?amJTWW1KNVlaWjlEangxQ0lNYi9xc25JeEFYUUM1eVExNFFyMVFYb0wxdUF6?= =?utf-8?B?dHZ4VGlJWGVFb0E2MjROL0FFeEF2a3l3VFpjRGorTmlLajZVWGkrRXVRU0kr?= =?utf-8?B?SnFkMDFocjB6bVZuVFZlTDJJSEg0TU9WU2o1cnJURlVDai9KSnIrNDE0VzlM?= =?utf-8?B?T2xRK0U2Z2piZFFUZm1ZNXB5SFowWU1NTTJIM1YzWW50MllQUXg2MjNzckZY?= =?utf-8?B?TlFjSG1OeEdRMG85b0VGVHVuU1A4ZHhnd3hDbkJzK3VCUUF3MnVyZzRFbGRP?= =?utf-8?B?TmpRUG52SVJmY3VZWWhNZUxraTMrbWlXQ2c1Nm8rem53UitmTEhBbjR6YVpt?= =?utf-8?B?UVZoOHVGdEJuV3MxNGxyWDNGMmJRc3E4VWtUbnFBUGdmQXVXVFA1UG40aHpk?= =?utf-8?B?dkJ3OC9rakNPWmJwRHBSQWtYWG1Bbll0Q0NvVXRaRi9oTTJqMXZrSXZWZjh1?= =?utf-8?B?aTRQc1dDSUlpQkFRMk15a0pTZmN2WTlSRXM0dUFLRlhpRnUweDhxU1FUYmR3?= =?utf-8?B?TyttK0tFNGQvSC90TmtKR1ZhZ2lmbjl4djdPT0dxNmo5VDNYd2lOcXdtc0FQ?= =?utf-8?B?cTV0SGNHSGNKMnhJSVdtQjJFWnhHNTZZT1RaaWJkVUhYZDRsTDQxaWJEeCt1?= =?utf-8?B?NVZNQ3FtTk9LcFFIMDJnY2YrYkRFVGN3TjJuOTNLOUdhVm5KcXVWdnhqTWx5?= =?utf-8?B?TWtxQ3NVN0IzNXZsaHRYSE5vbEMzU09oejhHdU5mRlkrMEtyczJXbUZ3K2VL?= =?utf-8?B?UnZGRkR6SEd0cU1kbzRjWEJscGpMYTh0ZG8zVjFzZTBZa1FCbkZEeThlN0hF?= =?utf-8?B?Z29zaERzNXBLTkNwaFBTM2xuaFdPVk9yZm1zNFd1T3J4ZDQ4NTZJU3hDcXhO?= =?utf-8?B?UDF6cURYVUY1MStFU21YWktLOXlXdEN0U0h6ZnFjNXpzZWdGWjJEdVVjcUg1?= =?utf-8?B?Q3N3QmlHUkMyemRhNWhvc2dweGVSRk1UOWJFdnZVbUtLU2gvVnk3QTltOE9X?= =?utf-8?B?ZEVVTlBwN0ptL3Q1UDcrM3pPTXMvajNhVzhuOHVvNGZITDVzRkYySllZd2tv?= =?utf-8?B?LzdSZUJnbUxwdHpVMlliQT09?= X-OriginatorOrg: outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 5c59a699-4142-403d-0f22-08ddacb38503 X-MS-Exchange-CrossTenant-AuthSource: GV1P250MB0737.EURP250.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Jun 2025 08:55:18.9817 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-Transport-CrossTenantHeadersStamped: DU0P250MB0722 Subject: Re: [FFmpeg-devel] [PATCH] checkasm/h264dsp: Fix stack overflow in check_idct_dequant X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Archived-At: List-Archive: List-Post: Zhao Zhili: > > >> On Jun 16, 2025, at 15:16, Andreas Rheinhardt wrote: >> >> Zhao Zhili: >>> From: Zhao Zhili >>> >>> --- >>> tests/checkasm/h264dsp.c | 14 ++++++++++---- >>> 1 file changed, 10 insertions(+), 4 deletions(-) >>> >>> diff --git a/tests/checkasm/h264dsp.c b/tests/checkasm/h264dsp.c >>> index f5f9650224..006532e08b 100644 >>> --- a/tests/checkasm/h264dsp.c >>> +++ b/tests/checkasm/h264dsp.c >>> @@ -328,7 +328,7 @@ static void check_idct_multiple(void) >>> static void check_idct_dequant(void) >>> { >>> static const int depths[5] = { 8, 9, 10, 12, 14 }; >>> - LOCAL_ALIGNED_16(int16_t, src, [16]); >>> + LOCAL_ALIGNED_16(int16_t, src, [16 * 2]); >>> /* Ensure dst buffers are large enough to hold dctcoefs of all bit-depths. */ >>> LOCAL_ALIGNED_16(uint8_t, dst0, [16 * 16 * sizeof(int32_t)]); >>> LOCAL_ALIGNED_16(uint8_t, dst1, [16 * 16 * sizeof(int32_t)]); >>> @@ -338,15 +338,21 @@ static void check_idct_dequant(void) >>> int bit_depth, i, qmul; >>> declare_func_emms(AV_CPU_FLAG_MMX | AV_CPU_FLAG_SSE2, void, int16_t *output, int16_t *input, int qmul); >>> >>> - for (int j = 0; j < 16; j++) >>> - src[j] = (rnd() % 512) - 256; >>> - >>> qmul = rnd() % 4096; >>> >>> for (i = 0; i < FF_ARRAY_ELEMS(depths); i++) { >>> bit_depth = depths[i]; >>> ff_h264dsp_init(&h, bit_depth, 1); >>> >>> + if (bit_depth == 8) { >>> + for (int j = 0; j < 16; j++) >>> + src[j] = (rnd() % 512) - 256; >>> + } else { >>> + int32_t *p = (int32_t *)src; >>> + for (int j = 0; j < 16; j++) >>> + p[j] = (rnd() % (1 << (bit_depth + 1))) - (1 << bit_depth); >> >> This is an effective type violation and therefore UB. > > Yes. And the template functions are UB. Only if the 32bit values read in the >8 bit depth case have actually been written as int16_t or vice versa. > >> Furthermore, >> increasing the size of the array has the downside that stack overflows >> in the 8 bit codepath may go undetected. So better add a >> LOCAL_ALIGNED_16(int32_t, src32, [16]) and use that for the >8 bit tests. > > I think this is still UB by pass it as argument to h264_luma_dc_dequant_idct, > due to the function prototype. > > I have no idea other than union or separate test case. > Converting a pointer to a different pointer type, passing that to a function which converts it back to the original type and uses it is allowed (as long as the pointee is suitably aligned for all the pointed-to types; otherwise it is UB*). The effective type rules only care about the types of the accesses, not on the chain of pointer conversions that the pointer used for the access went through. Anyway, C has a generic pointer: void*. - Andreas *: My guess is that this limitation stems from the fact that the underlying object representation of different pointer types need not be the same (i.e. converting a pointer need not be a no-op; IIRC there used to be some long-obsolete systems where this is so). Anyway, imagine a type T with alignment four; then it would be legal for pointers to this type to have this backed in the sense that converting a char* to T* would shift right by two bits. Converting back would then of course shift left and this only works when the char* is suitably aligned. _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".