Bound the total allocated memory of frame buffers. By setting a debugger breakpoint in aom_memalign() (called by both aom_malloc() and aom_calloc()) for 'size' greater than 10 MB, I found that the frame buffer pool is one of the two biggest consumers of heap memory in the decoder. This CL tries to bound the memory consumption of the frame buffer pool. We could define a new macro for the maximum frame buffer pool size, but for now I am borrowing the existing AOM_MAX_ALLOCABLE_MEMORY macro for this purpose. Tested: cmake ../aom -DCONFIG_PIC=1 -DCONFIG_LOWBITDEPTH=1 -DCONFIG_SIZE_LIMIT=1 -DDECODE_HEIGHT_LIMIT=12288 -DDECODE_WIDTH_LIMIT=12288 -DAOM_EXTRA_C_FLAGS="-DAOM_MAX_ALLOCABLE_MEMORY=536870912 -DDO_RANGE_CHECK_CLAMP=1" make ./test_libaom --gtest_filter=*TestVectorTest* BUG=oss-fuzz:9678 BUG=oss-fuzz:9697 BUG=oss-fuzz:9956 BUG=oss-fuzz:9992 BUG=oss-fuzz:9993 Change-Id: Iab894920bb5e85aa13d92598fd18e88c84ae64fd
diff --git a/aom_scale/generic/yv12config.c b/aom_scale/generic/yv12config.c index ca448db..5cfba88 100644 --- a/aom_scale/generic/yv12config.c +++ b/aom_scale/generic/yv12config.c
@@ -14,6 +14,7 @@ #include "aom_mem/aom_mem.h" #include "aom_ports/mem.h" #include "aom_scale/yv12config.h" +#include "av1/common/enums.h" /**************************************************************************** * Exports @@ -74,6 +75,17 @@ uint8_t *buf = NULL; +#if defined AOM_MAX_ALLOCABLE_MEMORY + // The size of ybf->buffer_alloc. + uint64_t alloc_size = frame_size; + // The size of ybf->y_buffer_8bit. + if (use_highbitdepth) alloc_size += yplane_size; + // The decoder may allocate REF_FRAMES frame buffers in the frame buffer + // pool. Bound the total amount of allocated memory as if these REF_FRAMES + // frame buffers were allocated in a single allocation. + if (alloc_size > AOM_MAX_ALLOCABLE_MEMORY / REF_FRAMES) return -1; +#endif + if (cb != NULL) { const int align_addr_extra_size = 31; const uint64_t external_frame_size = frame_size + align_addr_extra_size;