Commit eb53911fc8 for aom
commit eb53911fc8d85b8153986786d188caa27fdf24a1
Author: Wan-Teh Chang <wtc@google.com>
Date: Thu May 21 14:03:32 2026 -0700
Increase ctx->cx_data_sz to 2.5x uncomp frame size
Increase ctx->cx_data_sz (the size in bytes of the ctx->cx_data buffer)
to 2.5 times the uncompressed frame size because 2 times the
uncompressed frame size has been shown to be too small for multithreaded
bitstream packing.
Follow up to https://aomedia-review.googlesource.com/131861.
Bug: oss-fuzz:514006304
Change-Id: I0aa67ea1b1a4ffaf13b8f8e5481a2dec1006e9ed
diff --git a/av1/av1_cx_iface.c b/av1/av1_cx_iface.c
index a8ff8cced7..6b4b74f5a1 100644
--- a/av1/av1_cx_iface.c
+++ b/av1/av1_cx_iface.c
@@ -3318,15 +3318,21 @@ static aom_codec_err_t encoder_encode(aom_codec_alg_priv_t *ctx,
//
// For pseudo random input, the compressed frame size is seen to exceed
// the uncompressed frame size, but is less than 2 times the uncompressed
- // frame size. Hence the size of the buffer is chosen as 2 times the
- // uncompressed frame size.
- int multiplier = 8;
+ // frame size. https://issues.oss-fuzz.com/issues/514006304 further shows
+ // that multithreaded bitstream packing may need more than 2 times the
+ // uncompressed frame size. Hence the size of the buffer is chosen as 2.5
+ // times the uncompressed frame size.
+ aom_rational_t multiplier;
+ multiplier.num = 8;
+ multiplier.den = 1;
if (ppi->cpi->oxcf.kf_cfg.key_freq_max == 0 &&
- !ppi->cpi->oxcf.kf_cfg.fwd_kf_enabled)
- multiplier = 2;
- if (uncompressed_frame_sz > SIZE_MAX / multiplier)
+ !ppi->cpi->oxcf.kf_cfg.fwd_kf_enabled) {
+ multiplier.num = 5;
+ multiplier.den = 2;
+ }
+ if (uncompressed_frame_sz > SIZE_MAX / multiplier.num)
return AOM_CODEC_MEM_ERROR;
- size_t data_sz = uncompressed_frame_sz * multiplier;
+ size_t data_sz = uncompressed_frame_sz * multiplier.num / multiplier.den;
if (data_sz < kMinCompressedSize) data_sz = kMinCompressedSize;
if (ctx->cx_data == NULL || ctx->cx_data_sz < data_sz) {
ctx->cx_data_sz = data_sz;