Opened 4 days ago

Last modified 3 days ago

#11325 new defect

VVC decoder for streams with ALF and no CC-ALF

Reported by: Chris Warrington Owned by:
Priority: normal Component: avcodec
Version: 7.1 Keywords: vvc
Cc: Blocked By:
Blocking: Reproduced by developer: yes
Analyzed by developer: no

Description

Summary of the bug:
The VVC decoder is using some uninitialized variables when decoding a VVC stream containing ALF, but without CC-ALF.

This is easiest to observe via valgrind.

% valgrind ffmpeg_g -i vvc_without_ccalf.mp4 -vcodec copy -f rawvideo -y /dev/null
ffmpeg version n7.1 Copyright (c) 2000-2024 the FFmpeg developers
built with gcc 11 (GCC)

...

==333109== Conditional jump or move depends on uninitialised value(s)
==333109==    at 0x1165DEA: ff_vvc_alf_filter (filter.c:1233)
==333109==    by 0xE8C6EE: run_alf (thread.c:598)
==333109==    by 0xE8D15F: task_run_stage (thread.c:647)
==333109==    by 0xE8D15F: task_run (thread.c:674)
==333109==    by 0x12F148A: run_one_task (executor.c:90)
==333109==    by 0x12F1843: av_executor_execute (executor.c:217)
==333109==    by 0xE8EBDE: ff_vvc_frame_submit (thread.c:825)
==333109==    by 0xE4E8B1: submit_frame (dec.c:942)
==333109==    by 0xE4E8B1: vvc_decode_frame (dec.c:1006)
==333109==    by 0x99030A: decode_simple_internal (decode.c:442)
==333109==    by 0x99030A: decode_simple_receive_frame (decode.c:612)
==333109==    by 0x99030A: ff_decode_receive_frame_internal (decode.c:648)
==333109==    by 0x990854: decode_receive_frame_internal (decode.c:665)
==333109==    by 0x990B19: avcodec_send_packet (decode.c:752)
==333109==    by 0x75F67A: try_decode_frame (demux.c:2156)
==333109==    by 0x7642CB: avformat_find_stream_info (demux.c:2840)

The below patch fixes the issue. The CC-ALF indexes are initialized to 0 always instead of only when CC-ALF enabled, as alf->ctb_cc_idc is used unconditionally without checking if CC-ALF is on in a couple places.

diff --git a/libavcodec/vvc/ctu.c b/libavcodec/vvc/ctu.c
index b33ad576cf..d369ce8fbf 100644
--- a/libavcodec/vvc/ctu.c
+++ b/libavcodec/vvc/ctu.c
@@ -2286,6 +2286,7 @@ static void alf_params(VVCLocalContext *lc, const int rx, const int ry)
     ALFParams *alf                = &CTB(fc->tab.alf, rx, ry);

     alf->ctb_flag[LUMA] = alf->ctb_flag[CB] = alf->ctb_flag[CR] = 0;
+    alf->ctb_cc_idc[0] = alf->ctb_cc_idc[1] = 0;
     if (sh->sh_alf_enabled_flag) {
         alf->ctb_flag[LUMA] = ff_vvc_alf_ctb_flag(lc, rx, ry, LUMA);
         if (alf->ctb_flag[LUMA]) {
@@ -2316,7 +2317,6 @@ static void alf_params(VVCLocalContext *lc, const int rx, const int ry)
         const uint8_t cc_enabled[] = { sh->sh_alf_cc_cb_enabled_flag, sh->sh_alf_cc_cr_enabled_flag };
         const uint8_t cc_aps_id[]  = { sh->sh_alf_cc_cb_aps_id, sh->sh_alf_cc_cr_aps_id };
         for (int i = 0; i < 2; i++) {
-            alf->ctb_cc_idc[i] = 0;
             if (cc_enabled[i]) {
                 const VVCALF *aps = fc->ps.alf_list[cc_aps_id[i]];
                 alf->ctb_cc_idc[i] = ff_vvc_alf_ctb_cc_idc(lc, rx, ry, i, aps->num_cc_filters[i]);

Attachments (1)

vvc_without_ccalf.266 (208.4 KB ) - added by Chris Warrington 4 days ago.
VVC stream with ALF enabled and CC-ALF disabled

Download all attachments as: .zip

Change History (4)

by Chris Warrington, 4 days ago

Attachment: vvc_without_ccalf.266 added

VVC stream with ALF enabled and CC-ALF disabled

comment:1 by Chris Warrington, 4 days ago

Summary: VVC decoderVVC decoder for streams with ALF and no CC-ALF

comment:2 by Frank Plowman, 3 days ago

Hi Chris, thanks for reporting this.

I can reproduce the issue and confirm that your patch fixes it. Could you please send the patch to the mailing list?

Thanks again,
Frank

Last edited 3 days ago by Frank Plowman (previous) (diff)

comment:3 by Frank Plowman, 3 days ago

Reproduced by developer: set
Note: See TracTickets for help on using tickets.