dariomanesku / cmft Goto Github PK
View Code? Open in Web Editor NEWCross-platform open-source command-line cubemap filtering tool.
License: Other
cmft's People
Contributors
Stargazers
Watchers
Forkers
silky mmxix davidlee80 bagobor plepers uikit0 fourks dogdirt2000 wuyakuma ezhangle yy-yyaa grimtraveller robertomalatesta eiffeloberon jcant0n leegoonz fyoudine masmirnoff shadercoder vr3d pixelnerve lealzhan bradparks echofourpapa kenziemac130 momose-d maval zhouha huomm23 alainlompo shuchongqj lucasassislar digideskio bkaradzic adrianatgoogle onixus74 iorange victorique-gosick benoitjacquier xsli corybloyd kacprzak netwarm007 qipa kael0930 cmaughan yazici boblchen yuripourre-forks cjun714 happy-ferret p-brain division rodrigobmg aimoonchen gameatp fanzhiyu7410 0x4d3342 aurodev nickburyak itbestbear ejulien zspark xiguangtanpei danfengzi elix22 po826017 skysnows timgates42 waleedyaser wdcodr7 yanivams strogo kennycaiguo cforfang bcextreme jianguita ajunlonglive xgreat catdogengine msoft1115 daverin shackleslayer deeparsdk hyc0612 jopadan hengle shimakaze09cmft's Issues
Saving to RGBA32F outputs DXT1?
I'm trying to save 32f HDR CubeMap with dds,rgba32f,cubemap and get the message
Saving GracieReflection3 [DDS 256x256 RGBA32F Cubemap 6-faces 9-mips].
But the resulting file has FOURCC code of 808540228 which is DXT1. Shouldn't RGBA32F be RAW data?
My config tested both on OSX and Win
eval $CMFT $@ --input "grace_cross.hdr" \
--filter radiance \
--srcFaceSize 256 \
--dstFaceSize 256 \
--excludeBase false \
--mipCount 9 \
--glossScale 10 \
--glossBias 1 \
--lightingModel phongbrdf \
--useOpenCL false \
--numCpuProcessingThreads 4 \
--inputGammaNumerator 1.0 \
--inputGammaDenominator 1.0 \
--outputGammaNumerator 1.0 \
--outputGammaDenominator 1.0 \
--generateMipChain true \
--outputNum 1 \
--output0 "GracieReflection3" \
--output0params dds,rgba32f,cubemap
Segmentation fault (ASAN: SEGV on unknown address)
Hi,
Our fuzzer found a crash due to a SEGV on unknown address bug on the function cmft::imageLoadStb. I built cmft (the latest commit 06a3516 on master) using the configuration "release64" on Ubuntu 16.04 (64-bit).
PoC_sua: https://github.com/strongcourage/PoCs/blob/master/cmft_06a3516/PoC_sua
cmftRelease --input PoC_sua --output0 /dev/null
CMFT WARNING: Non-supported Tga pixel depth - 16.
Segmentation fault
ASAN says:
cmftRelease-asan --input PoC_sua --output0 /dev/null
CMFT WARNING: Non-supported Tga pixel depth - 16.
ASAN:SIGSEGV
=================================================================
==11646==ERROR: AddressSanitizer: SEGV on unknown address 0x7f99cffd28e0 (pc 0x0000004686a5 bp 0x0000a1ec70e0 sp 0x7ffcf8de7b50 T0)
#0 0x4686a4 in stbi__tga_load ../../dependency/stb/stb_image.h:5250
#1 0x4686a4 in stbi__load_main ../../dependency/stb/stb_image.h:972
#2 0x46d0f9 in stbi__load_flip ../../dependency/stb/stb_image.h:980
#3 0x46d0f9 in stbi_load_from_file ../../dependency/stb/stb_image.h:1056
#4 0x46d0f9 in stbi_load ../../dependency/stb/stb_image.h:1046
#5 0x434b59 in cmft::imageLoadStb(cmft::Image&, char const*, cmft::TextureFormat::Enum, cmft::AllocatorI*) ../../src/cmft/image.cpp:5081
#6 0x475574 in cmftMain(int, char const* const*) ../../src/cmft_cli/cmft_cli.h:896
#7 0x7f9cd275f82f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
#8 0x403608 in _start (/home/dungnguyen/PoCs/cmft_06a3516/cmftRelease-asan+0x403608)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV ../../dependency/stb/stb_image.h:5250 stbi__tga_load
==11646==ABORTING
Thanks,
Manh Dung
outputParams seem to be ignored
Using the commandline:
cmft.exe --input "MonValley_G_DirtRoad_3k.hdr" --filter radiance --lightingModel phongbrdf --outputNum 1 --output0 "test_rad" --outputParams ktx,rgba16,latlong
I expect an ktx file output in rgba16 format. However cmft says:
Saving test_rad.dds [DDS 2160x1080 BGRA8 LatLong 1-faces 9-mips].
It seems the tool always outputs dds, BGRA8 - is this a known issue?
Segmentation fault (ASAN: heap-buffer-overflow) on cmft::bgr8ToRgba32f
Hi,
Our fuzzer found a crash due to a heap buffer overflow on the function cmft::bgr8ToRgba32f. I built cmft (the latest commit 06a3516 on master) using the configuration "release64" on Ubuntu 16.04 (64-bit).
PoC_hbo_bgr8ToRgba32f: https://github.com/strongcourage/PoCs/blob/master/cmft_06a3516/PoC_hbo_bgr8ToRgba32f
cmftRelease --input PoC_hbo_bgr8ToRgba32f --output0 /dev/null
Segmentation fault
ASAN says:
cmftRelease-asan --input PoC_hbo_bgr8ToRgba32f --output0 /dev/null
=================================================================
==17004==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60200000eff2 at pc 0x00000041d225 bp 0x7ffe04d76830 sp 0x7ffe04d76820
READ of size 1 at 0x60200000eff2 thread T0
#0 0x41d224 in cmft::bgr8ToRgba32f(float*, unsigned char const*) ../../src/cmft/image.cpp:1457
#1 0x41d224 in cmft::imageToRgba32f(cmft::Image&, cmft::Image const&, cmft::AllocatorI*) ../../src/cmft/image.cpp:1594
#2 0x420cba in cmft::imageConvert(cmft::Image&, cmft::TextureFormat::Enum, cmft::Image const&, cmft::AllocatorI*) ../../src/cmft/image.cpp:2017
#3 0x434550 in cmft::imageConvert(cmft::Image&, cmft::TextureFormat::Enum, cmft::AllocatorI*) ../../src/cmft/image.cpp:2049
#4 0x434550 in cmft::imageLoad(cmft::Image&, cmft::Rw*, cmft::TextureFormat::Enum, cmft::AllocatorI*) ../../src/cmft/image.cpp:5051
#5 0x4348a9 in cmft::imageLoad(cmft::Image&, char const*, cmft::TextureFormat::Enum, cmft::AllocatorI*) ../../src/cmft/image.cpp:5062
#6 0x475600 in cmftMain(int, char const* const*) ../../src/cmft_cli/cmft_cli.h:895
#7 0x7f236f49f82f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
#8 0x403608 in _start (/home/dungnguyen/PoCs/cmft_06a3516/cmftRelease-asan+0x403608)
0x60200000eff2 is located 1 bytes to the right of 1-byte region [0x60200000eff0,0x60200000eff1)
allocated by thread T0 here:
#0 0x7f23707ab602 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x98602)
#1 0x433f18 in cmft::imageLoadTga(cmft::Image&, cmft::Rw*, cmft::AllocatorI*) ../../src/cmft/image.cpp:4899
SUMMARY: AddressSanitizer: heap-buffer-overflow ../../src/cmft/image.cpp:1457 cmft::bgr8ToRgba32f(float*, unsigned char const*)
Shadow bytes around the buggy address:
0x0c047fff9da0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff9db0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff9dc0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff9dd0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff9de0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
=>0x0c047fff9df0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa[01]fa
0x0c047fff9e00: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff9e10: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff9e20: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff9e30: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff9e40: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Heap right redzone: fb
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack partial redzone: f4
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
==17004==ABORTING
Thanks,
Manh Dung
White HDR images/Memory corruption in readLine() (fix included)
How the problem manifests
We've been running cmft for a long time now to convert hdr cubemaps into dds. Recently we've noticed that one particular cubemap after exporting got all rgba32f values pretty much messed up to values like 1e+28f or so when it's supposed to be a regular image with reasonable color ranges. It looked pretty much black and white. After a bit of debugging it turned out that problem only manifested with x86 release version of cmft, built with recent visual studio 2015 and was particularly difficult to debug because it did not repro in debug configuration.
What causes the problem
In image.cpp, function
bool imageLoadHdr(Image& _image, Rw* _rw, AllocatorI* _allocator)
around line 4720 it reads a chunk of 64 chars:
char buf[64];
readLine(_rw, seekFn, readFn, buf, sizeof(buf));
and inside readLine() there's:
const char* eol = cmft::streol(_out);
const char* nl = cmft::strnl(eol);
implementations of both those functions assume that the string is null-terminated which in case of our 64-byte chunk is not true. For example streol has this:
const char* eol = strnstr(_str, "\r\n", 1024);
Apparently it reads extra 960 bytes on stack looking for a null terminator and sometimes finds it. Sometimes it does not.
What can be done
As a workaround I just did this:
char buf[64];
buf[sizeof(buf) - 1] = 0;
readLine(_rw, seekFn, readFn, buf, sizeof(buf) - 1);
to ensure that buf is always null-terminated. However, you might find a better solution to maybe prevent similar problems in other places.
Can't use cross cubemap as input
Hello there!
I tried this today and wow, this software is really promising. There are still a lot of issues though.
One of those issues is I can't use cross cubemap as input. It always exiting. I use Windows x64.
Do this feature haven't implemented yet?
Anyway, thank you for your time developing this software.
[not an issue] Turning a spherical map into a horizontal cross map
First of all, this is not an issue with the program, but I don't really know where to ask my question.
I am trying to use command-line cmft to transform a spherical map into a horizontal cross map.
Here's what I am typing :
cmftRelease --input Probes\uffizi_probe.hdr --filter none --outputNum 1 --output0 aaa --output0params hdr,rgbe,hcross
The problem is that the result is not correct (see the files attached). What is wrong ?
input_output.zip
is there a way to encode dds in rgba8 texture format?
Hi,
As we seen in the helper document of cmft cli, the encoding of dds only supports bgr8,bgra8,rgba16,rgba16f,rgba32f texture format, is it possible to support rgba8 as well?
Is there any documents or paper for cubemap filtering in cmft?
Is it possible to output DDS not in DX10 format ?
Hello,
I noticed that no matter input file is in DX10 format or not, output dds is always in DX10 format.
Which I found not able to be opened by "DirectX Texture Tool" within DirectX SDK, as well as some legacy library.
I wander if there is an option or some hint on modifying the source to achieve that ?
I am aware that there is another issue discussing about similar problem.
At the moment it is a bit difficult here to add DX10 support for DDS loading.
Thank you for your marvelous work.
Segmentation fault (ASAN: negative-size-param)
Hi,
Our fuzzer found a crash due to a negative size parameter bug on the function cmft::imageLoadStb. I built cmft (the latest commit 06a3516 on master) using the configuration "release64" on Ubuntu 16.04 (64-bit).
PoC_nsp: https://github.com/strongcourage/PoCs/blob/master/cmft_06a3516/PoC_nsp
cmftRelease --input PoC_nsp --output0 /dev/null
Segmentation fault
ASAN says:
cmftRelease-asan --input PoC_nsp --output0 /dev/null
=================================================================
==17058==ERROR: AddressSanitizer: negative-size-param: (size=-766683904)
#0 0x7f0df0c789a1 in __asan_memcpy (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x8c9a1)
#1 0x441212 in memcpy /usr/include/x86_64-linux-gnu/bits/string3.h:53
#2 0x441212 in stbi__getn ../../dependency/stb/stb_image.h:1285
#3 0x46761a in stbi__pnm_load ../../dependency/stb/stb_image.h:6433
#4 0x46761a in stbi__load_main ../../dependency/stb/stb_image.h:959
#5 0x46d0f9 in stbi__load_flip ../../dependency/stb/stb_image.h:980
#6 0x46d0f9 in stbi_load_from_file ../../dependency/stb/stb_image.h:1056
#7 0x46d0f9 in stbi_load ../../dependency/stb/stb_image.h:1046
#8 0x434b59 in cmft::imageLoadStb(cmft::Image&, char const*, cmft::TextureFormat::Enum, cmft::AllocatorI*) ../../src/cmft/image.cpp:5081
#9 0x475574 in cmftMain(int, char const* const*) ../../src/cmft_cli/cmft_cli.h:896
#10 0x7f0def97882f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
#11 0x403608 in _start (/home/dungnguyen/PoCs-git/cmft_06a3516/cmftRelease-asan+0x403608)
Address 0x7ffc9d992ec2 is located in stack of thread T0 at offset 194 in frame
#0 0x46cf9f in stbi_load ../../dependency/stb/stb_image.h:1042
This frame has 1 object(s):
[32, 248) 's' <== Memory access at offset 194 partially overflows this variable
HINT: this may be a false positive if your program uses some custom stack unwind mechanism or swapcontext
(longjmp and C++ exceptions *are* supported)
SUMMARY: AddressSanitizer: negative-size-param ??:0 __asan_memcpy
==17058==ABORTING
Thanks,
Manh Dung
Addition of a build system generator
I suggest to reuse a higher level build system than your current make file so that powerful checks for software features will become easier.
+Z face not writing?
Thanks for releasing the cmft program!
I wrote a beckmann-phong convolver for OpenEXR's envmap program
(https://github.com/meshula/openexr/tree/master/OpenEXR/exrenvmap2)
but I am preferring cmft, because of it's greater variety of options and fantastic speed.
I'm running into an issue though, have you seen an issue with the +Z face not writing?
Here is my input file, slightly modified from your sample.
eval
::Filter options
--filter radiance
--srcFaceSize 256
--excludeBase false
--mipCount 9
--glossScale 10
--glossBias 1
--lightingModel phongbrdf
--dstFaceSize 256
::Processing devices
--numCpuProcessingThreads 4
--useOpenCL true
--clVendor anyGpuVendor
--deviceType gpu
--deviceIndex 0
::Aditional operations
--inputGammaNumerator 1.0
--inputGammaDenominator 1.0
--outputGammaNumerator 1.0
--outputGammaDenominator 1.0
--generateMipChain false
::Output
--outputNum 3
--output0 "okretnica_pmrem"
--output0params tga,bgra8,cubecross
--output1 "okretnica_pmrem"
--output1params ktx,rgba8,cubemap
--output2 "okretnica_pmrem"
--output2params hdr,rgbe,hstrip
Here is the output. Hstrip also lacks +z. I tried a few different formats, all of them are missing the +z face.
Regards to "odd" formats, build options
Hey, thanks for a great tool!
I am using it in my game engine, and I have patched it to be able to spit out custom "Kit Engine" cubemap .asset files! I'm wondering if you would accept this if I do a pull request?
With the addition of adding a new output type (kitasset), output format (kitcubemap), I have also had to patch the build files (get rid of the no-rtti and set C++ standard to C++14). I have also created a #define to enable building with support for it, as it depends on the kit engines C++ library (for stuff like data i/o and asset enums etc).
Would this be way "off-target" for this project? I'm thinking about integrating cmft into my editor (by forking a cmft-cli process and showing progress output in a textbox basically) and make it an "official" part of the toolset, so it would really benefit the kit project if this functionality could be pushed in the official repo, since I wouldn't have to patch it everytime you do a commit :)
Again, thank you a ton for this tool, you are doing the world a favour! Cheers
Are there any plans to port to Metal2 GPGPU for macOS ?
HDR
I'm noticing some issues with hdr:
- Saving to hdr vcross (perhaps other modes too?) is offset slightly, causing a seam in cubemaps.
- I can't seem to export any images that have hdr values preserved.
Thanks
LatLong to cubemap
Not an issue as such more of a how do I...
I have an equirectangular image and would like to extract a cubemap as 6 separate images from it using cmft on the command line. It seems there would be a way to do it but I got lost in all the options.
Can you get me started?
Thanks.
mipchain is incomplete
Hello,
I'm trying to implement PBR in our open source x-platform engine minko (http://minko.io). So CMFT is a really amazing tool to work on cubemaps: thank you!
Still, I encountered a few issues: when I use the "radiance" filter, the mipchain is not complete.
- From a 2048x1536 hcross cubemap, I get a mipchain with the first level is missing or already blurred despite using
--excludeBase false. The mipchain loads fine though, but the visual result is not as expected for roughness close to 0. - From a 2048x1024 latlong texture, I get a 2048x2046 latlong output. The last line of that output mipmap chain is expected to be a 1x1 mipmap, but instead it's a 4x2 mipmap. As a result, the mipchain cannot be loaded.
Is this a bug or did I miss something?
Please advise,
Windows 10 build fails (workaround included)
I have tested this on windows 10, regular command prompt (win+r -> cmd). Upon launching make in cmft project dir I get this error:
process_begin: CreateProcess(NULL, uname -s, ...) failed.
./dependency/bx/tools/bin/darwin/genie --file=scripts/main.lua xcode4
process_begin: CreateProcess(d:\Suslik\SkyboxPipeline\src\cmftStudio-master\dependency\bx\tools\bin\darwin\genie, ./dependency/bx/tools/bin/darwin/genie --file=scripts/main.lua xcode4, ...) failed.
make (e=193): Error 193
make: *** [all] Error 193
A little bit of debugging has shown that OS version is not determined correctly. This bit of makefile code:
UNAME := $(shell uname -s)
returns an empty string, then this code:
ifeq ($(UNAME),$(filter $(UNAME),Linux Darwin))
ifeq ($(UNAME),$(filter $(UNAME),Darwin))
OS=darwin
else
OS=linux
endif
else
OS=windows
endif
produces OS=darwin and the code crashes spectacularly since it assumes it's running under darwin environment.
Clearly the UNAME thing is not working as intended and as a workaround to build the thing under windows I have simply bypassed all these checks by replacing them with simple
OS=windows
However I assume it might be reasonable to make it run out of the box.
"--edgeFixup warp" does not work without "--filter radiance"
So I'm using cmft to generate cubemaps from latlong images like this:
cmft.exe --input someInputFile.hdr --outputNum 1 --output0params dds,rgba32f,cubemap --generateMipChain true --dstFaceSize 128 --output0 someOutputFile.dds
And I encountered a problem of significant seams especially on lower mip levels when sampling this cubemap in shader. Conveniently enough, there is already a fix for that, so I tried adding "--edgeFixup warp" flag but it seemed to do nothing. According to documentation it only works with "--filter radiance" which is a shame because this filter produces significantly blurrier cubemap.
Is there a way to generate non-blurry cubemap with seamless sampling?
PS Once again, thanks a lot for the great tool, Dario. It has been of great help to me.
Does not build on Alpine 3.14 inside Docker container
Hello. Thank you for your work.
I'm trying to build the binary on Alpine based Docker image, but running make fails with pretty unexplainable error:
./dependency/bx/tools/bin/linux/genie --file=scripts/main.lua xcode4
make: ./dependency/bx/tools/bin/linux/genie: No such file or directory
make: *** [Makefile:29: all] Error 127
All files are in place, I've tried replacing path to genie with absolute path, but it didn't work.
I was assuming it may be related to using sh (default in Alpine) instead of bash shell, but not sure.
Could anyone please advise?
Segmentation fault (ASAN: heap-buffer-overflow) on cmft::imageLoadStb
Hi,
Our fuzzer found a crash due to a heap buffer overflow on the function cmft::imageLoadStb. I built cmft (the latest commit 06a3516 on master) using the configuration "release64" on Ubuntu 16.04 (64-bit).
PoC_hbo_imageLoadStb: https://github.com/strongcourage/PoCs/blob/master/cmft_06a3516/PoC_hbo_imageLoadStb
cmftRelease --input PoC_hbo_imageLoadStb --output0 /dev/null
CMFT WARNING: Non-supported Tga pixel depth - 16.
Segmentation fault
ASAN says:
cmftRelease-asan --input PoC_hbo_imageLoadStb --output0 /dev/null
CMFT WARNING: Non-supported Tga pixel depth - 16.
=================================================================
==23686==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x7f2300b067c0 at pc 0x00000046aa09 bp 0x7ffd0f70a460 sp 0x7ffd0f70a450
READ of size 1 at 0x7f2300b067c0 thread T0
#0 0x46aa08 in stbi__tga_load ../../dependency/stb/stb_image.h:5250
#1 0x46aa08 in stbi__load_main ../../dependency/stb/stb_image.h:972
#2 0x46d0f9 in stbi__load_flip ../../dependency/stb/stb_image.h:980
#3 0x46d0f9 in stbi_load_from_file ../../dependency/stb/stb_image.h:1056
#4 0x46d0f9 in stbi_load ../../dependency/stb/stb_image.h:1046
#5 0x434b59 in cmft::imageLoadStb(cmft::Image&, char const*, cmft::TextureFormat::Enum, cmft::AllocatorI*) ../../src/cmft/image.cpp:5081
#6 0x475574 in cmftMain(int, char const* const*) ../../src/cmft_cli/cmft_cli.h:896
#7 0x7f24122b182f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
#8 0x403608 in _start (/home/dungnguyen/PoCs/cmft_06a3516/cmftRelease-asan+0x403608)
0x7f2300b067c0 is located 64 bytes to the left of 4547643200-byte region [0x7f2300b06800,0x7f240fbfef40)
allocated by thread T0 here:
#0 0x7f24135bd602 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x98602)
#1 0x468316 in stbi__malloc ../../dependency/stb/stb_image.h:900
#2 0x468316 in stbi__tga_load ../../dependency/stb/stb_image.h:5146
#3 0x468316 in stbi__load_main ../../dependency/stb/stb_image.h:972
#4 0x7ffd0f70aa2f (<unknown module>)
#5 0x7ffd0f70a93f (<unknown module>)
#6 0x7ffd0f70aedf (<unknown module>)
SUMMARY: AddressSanitizer: heap-buffer-overflow ../../dependency/stb/stb_image.h:5250 stbi__tga_load
Shadow bytes around the buggy address:
0x0fe4e0158ca0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0fe4e0158cb0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0fe4e0158cc0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0fe4e0158cd0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0fe4e0158ce0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
=>0x0fe4e0158cf0: fa fa fa fa fa fa fa fa[fa]fa fa fa fa fa fa fa
0x0fe4e0158d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0fe4e0158d10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0fe4e0158d20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0fe4e0158d30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0fe4e0158d40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Heap right redzone: fb
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack partial redzone: f4
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
==23686==ABORTING
Thanks,
Manh Dung
SEGV (ASAN: heap-buffer-overflow) on cmft::rgba8ToRgba32f
Hi,
Our fuzzer found a crash due to a heap buffer overflow on the function cmft::rgba8ToRgba32f. I built cmft (the latest commit 06a3516 on master) using the configuration "release64" on Ubuntu 16.04 (64-bit).
PoC: https://github.com/strongcourage/PoCs/blob/master/cmft_06a3516/PoC_hbo_rgba8ToRgba32f
cmftRelease --input $PoC --output0 /dev/null
Segmentation fault
ASAN says:
cmftRelease-asan --input $PoC --output0 /dev/null
=================================================================
==22401==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60200000eff1 at pc 0x00000041d0b7 bp 0x7fff0e747ca0 sp 0x7fff0e747c90
READ of size 1 at 0x60200000eff1 thread T0
#0 0x41d0b6 in cmft::rgba8ToRgba32f(float*, unsigned char const*) ../../src/cmft/image.cpp:1482
#1 0x41d0b6 in cmft::imageToRgba32f(cmft::Image&, cmft::Image const&, cmft::AllocatorI*) ../../src/cmft/image.cpp:1671
#2 0x420cba in cmft::imageConvert(cmft::Image&, cmft::TextureFormat::Enum, cmft::Image const&, cmft::AllocatorI*) ../../src/cmft/image.cpp:2017
#3 0x434be1 in cmft::imageLoadStb(cmft::Image&, char const*, cmft::TextureFormat::Enum, cmft::AllocatorI*) ../../src/cmft/image.cpp:5102
#4 0x475574 in cmftMain(int, char const* const*) ../../src/cmft_cli/cmft_cli.h:896
#5 0x7fa6a02d082f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
#6 0x403608 in _start (/home/dungnguyen/PoCs/cmft_06a3516/cmftRelease-asan+0x403608)
0x60200000eff1 is located 0 bytes to the right of 1-byte region [0x60200000eff0,0x60200000eff1)
allocated by thread T0 here:
#0 0x7fa6a15dc602 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x98602)
#1 0x44a207 in stbi__malloc ../../dependency/stb/stb_image.h:900
#2 0x44a207 in stbi__bmp_load ../../dependency/stb/stb_image.h:4846
SUMMARY: AddressSanitizer: heap-buffer-overflow ../../src/cmft/image.cpp:1482 cmft::rgba8ToRgba32f(float*, unsigned char const*)
Shadow bytes around the buggy address:
0x0c047fff9da0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff9db0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff9dc0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff9dd0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff9de0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
=>0x0c047fff9df0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa[01]fa
0x0c047fff9e00: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff9e10: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff9e20: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff9e30: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff9e40: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Heap right redzone: fb
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack partial redzone: f4
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
==22401==ABORTING
Thanks,
Manh Dung
Fix for rgba16f support
Tiny patch to fix rgba16f support.
@@ -138,7 +139,7 @@ static const CliOptionMap s_validTextureFormats[] =
{ "bgra8", TextureFormat::BGRA8 },
{ "rgba8", TextureFormat::RGBA8 },
{ "rgba16", TextureFormat::RGBA16 },
- { "rgba16", TextureFormat::RGBA16F },
+ { "rgba16f", TextureFormat::RGBA16F },
{ "rgba32f", TextureFormat::RGBA32F },
CLI_OPTION_MAP_TERMINATOR,
};
Crash with enabled OpenCL in x64 on windows
With this command line:
--input "test.hdr" --outputNum 1 --output0params dds,rgba32f,cubemap --filter radiance --dstFaceSize 128 --output0 "out"
I get a crash in processFilterArea() here:
const float dotProduct = vec3Dot(normalPtr, _tapVec);
(cubemapfilter.cpp @ line 817)
Crash does not repro if I add --useOpenCL false. Also does not happen on x86. Seems to be independent of input image I'm using, but if needed I can provide specific images that I was testing with. I'm using windows 10 and visual studio 2015.
Can also run additional tests, make a stack dump or something.
How to build this?
How can I build this program?I can't find any execution file after make.
Mipmaps are not saved for TGA output formats
So, after using CmftStudio (fantastic work guys!) i decided to automate things a little by using its command line variant. Whereas the gui version saved the mipmaps in files of the form 'filename-<mipnum>-<resX>x<resY>.tga, the command line version just writes the first mipmap while outputing this:
CMFT info: Saving out/indoors_rad.tga [TGA 1024x768 BGR8 HCross 1-faces 9-mips].
CMFT WARNING: Image seems to be containing more than one mip map. Only the first one will be saved due to the limits of TGA format.
The portion of the script that generates the radiance map is this:
%cmft% --input "%outd%/%~n1_cross.tga" ^
::Filter options ^
--filter radiance ^
--srcFaceSize 256 ^
--excludeBase false ^
--mipCount 6 ^
--generateMipChain true ^
--glossScale 10 ^
--glossBias 3 ^
--lightingModel blinnbrdf ^
--edgeFixup none ^
--dstFaceSize 256 ^
::Processing devices ^
--numCpuProcessingThreads 4 ^
--useOpenCL true ^
--clVendor anyGpuVendor ^
--deviceType gpu ^
--deviceIndex 0 ^
::Aditional operations ^
--inputGammaNumerator 2.2 ^
--inputGammaDenominator 1.0 ^
--outputGammaNumerator 1.0 ^
--outputGammaDenominator 2.2 ^
::Output ^
--output0 "%outd%/%~n1_rad" ^
--output0params tga,bgr8,hcross
As far as i inspected the saving code the command line tool should be able to do this to:
https://github.com/dariomanesku/cmft/blob/master/src/cmft/image.cpp#L5218
So i am either missing some params, or the correct m_numMips does not reach the imageSave function i suppose.
SEGV on cmft::imageIsCubeCross
Hi,
Our fuzzer found a crash due to a SEGV on unknown address bug on the function cmft::imageIsCubeCross. I built cmft (the latest commit 06a3516 on master) using the configuration "release64" on Ubuntu 16.04 (64-bit).
PoC: https://github.com/strongcourage/PoCs/blob/master/cmft_06a3516/PoC_sua_cmft::imageIsCubeCross
ASAN says:
cmftRelease-asan --input $PoC --output0 /dev/null
ASAN:SIGSEGV
=================================================================
==32113==ERROR: AddressSanitizer: SEGV on unknown address 0x7f98bb46a880 (pc 0x000000416918 bp 0x0fffb21b3ede sp 0x7ffd90d9f6d0 T0)
#0 0x416917 in cmft::imageIsCubeCross(cmft::Image const&, bool) ../../src/cmft/image.cpp:2972
#1 0x475ae2 in cmftMain(int, char const* const*) ../../src/cmft_cli/cmft_cli.h:938
#2 0x7f97b996382f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
#3 0x403608 in _start (/home/dungnguyen/PoCs/cmft_06a3516/cmftRelease-asan+0x403608)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV ../../src/cmft/image.cpp:2972 cmft::imageIsCubeCross(cmft::Image const&, bool)
==32113==ABORTING
Thanks,
Manh Dung
Segmentation fault (ASAN: memcpy-param-overlap)
Hi,
Our fuzzer found a crash due to a memory param overlap bug on the function cmft::imageTransformArg. I built cmft (the latest commit 06a3516 on master) using the configuration "release64" on Ubuntu 16.04 (64-bit).
PoC_mpo: https://github.com/strongcourage/PoCs/blob/master/cmft_06a3516/PoC_mpo
cmftRelease --input PoC_mpo --output0 /dev/null
Segmentation fault
ASAN says:
cmftRelease-asan --input PoC_mpo --output0 /dev/null
=================================================================
==32654==ERROR: AddressSanitizer: memcpy-param-overlap: memory ranges [0x7f38896b4864,0x7f38896d5878) and [0x7f38896bfc88, 0x7f38896e0c9c) overlap
#0 0x7f38886df662 in __asan_memcpy (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x8c662)
#1 0x42885f in memcpy /usr/include/x86_64-linux-gnu/bits/string3.h:53
#2 0x42885f in swap ../../src/cmft/common/utils.h:132
#3 0x42885f in cmft::imageTransformArg(cmft::Image&, __va_list_tag*) ../../src/cmft/image.cpp:2485
#4 0x429a91 in cmft::imageTransformUseMacroInstead(cmft::Image*, ...) ../../src/cmft/image.cpp:2321
#5 0x4340d2 in cmft::imageLoadTga(cmft::Image&, cmft::Rw*, cmft::AllocatorI*) ../../src/cmft/image.cpp:4972
#6 0x4344b3 in cmft::imageLoad(cmft::Image&, cmft::Rw*, cmft::TextureFormat::Enum, cmft::AllocatorI*) ../../src/cmft/image.cpp:5039
#7 0x4348a9 in cmft::imageLoad(cmft::Image&, char const*, cmft::TextureFormat::Enum, cmft::AllocatorI*) ../../src/cmft/image.cpp:5062
#8 0x475600 in cmftMain(int, char const* const*) ../../src/cmft_cli/cmft_cli.h:895
#9 0x7f38873df82f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
#10 0x403608 in _start (/home/dungnguyen/PoCs/cmft_06a3516/cmftRelease-asan+0x403608)
0x7f38896b4864 is located 675940 bytes inside of 1533184-byte region [0x7f388960f800,0x7f3889785d00)
allocated by thread T0 here:
#0 0x7f38886eb602 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x98602)
#1 0x433f18 in cmft::imageLoadTga(cmft::Image&, cmft::Rw*, cmft::AllocatorI*) ../../src/cmft/image.cpp:4899
0x7f38896bfc88 is located 722056 bytes inside of 1533184-byte region [0x7f388960f800,0x7f3889785d00)
allocated by thread T0 here:
#0 0x7f38886eb602 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x98602)
#1 0x433f18 in cmft::imageLoadTga(cmft::Image&, cmft::Rw*, cmft::AllocatorI*) ../../src/cmft/image.cpp:4899
SUMMARY: AddressSanitizer: memcpy-param-overlap ??:0 __asan_memcpy
==32654==ABORTING
Thanks,
Manh Dung
DdsPixelFormat
Hey i noticed this small problem, when getting the fourcc value here for BGR8 & BGRA8 https://github.com/dariomanesku/cmft/blob/master/src/cmft/image.cpp#L625-L626 it is using D3DFMT_R8G8B8 | D3DFMT_A8B8G8R8 . This is causing amd compressonator and nvidia dds photoshop plugin to not recognize the format. Just checking with MS DxTex tool, it writes the fourcc for those two formats as 0. Doing this makes both amd compressonator and nvidia dds photoshop plugin to be able to read them. Here is a link for MS one where they write the fourcc as 0 for those particular formats https://github.com/Microsoft/DirectXTex/blob/master/DirectXTex/DDS.h#L101-L102.
Errors in Windows .zip file
The .zip files containing the Windows binaries has an error, see attached screenshot
!
This is using 7-Zip 16.02 64bit for extraing the archive.
Heap buffer overflow on cmft::imageTransformArg
Hi,
Our fuzzer found a crash due to a heap buffer overflow on the function cmft::imageTransformArg. I built cmft (the latest commit 06a3516 on master) using the configuration "release64" on Ubuntu 16.04 (64-bit).
PoC_hbo_imageTransformArg: https://github.com/strongcourage/PoCs/blob/master/cmft_06a3516/PoC_hbo_imageTransformArg
cmftRelease --input PoC_hbo_imageTransformArg --output0 /dev/null
*** Error in `./cmftRelease': free(): invalid next size (fast): 0x00000000014d3e60 ***
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(+0x777e5)[0x7f0dcf26a7e5]
/lib/x86_64-linux-gnu/libc.so.6(+0x8037a)[0x7f0dcf27337a]
/lib/x86_64-linux-gnu/libc.so.6(cfree+0x4c)[0x7f0dcf27753c]
./cmftRelease[0x41dbc1]
./cmftRelease[0x40c667]
./cmftRelease[0x41a4a2]
./cmftRelease[0x41a5e3]
./cmftRelease[0x43c6f8]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf0)[0x7f0dcf213830]
./cmftRelease[0x402269]
======= Memory map: ========
00400000-0044e000 r-xp 00000000 103:01 3678247 /home/dungnguyen/PoCs/cmft_06a3516/cmftRelease
0064d000-0064e000 r--p 0004d000 103:01 3678247 /home/dungnguyen/PoCs/cmft_06a3516/cmftRelease
0064e000-0064f000 rw-p 0004e000 103:01 3678247 /home/dungnguyen/PoCs/cmft_06a3516/cmftRelease
0064f000-006a2000 rw-p 00000000 00:00 0
014c1000-014f3000 rw-p 00000000 00:00 0 [heap]
7f0dc8000000-7f0dc8021000 rw-p 00000000 00:00 0
7f0dc8021000-7f0dcc000000 ---p 00000000 00:00 0
7f0dcf1f3000-7f0dcf3b3000 r-xp 00000000 103:03 4718690 /lib/x86_64-linux-gnu/libc-2.23.so
7f0dcf3b3000-7f0dcf5b3000 ---p 001c0000 103:03 4718690 /lib/x86_64-linux-gnu/libc-2.23.so
7f0dcf5b3000-7f0dcf5b7000 r--p 001c0000 103:03 4718690 /lib/x86_64-linux-gnu/libc-2.23.so
7f0dcf5b7000-7f0dcf5b9000 rw-p 001c4000 103:03 4718690 /lib/x86_64-linux-gnu/libc-2.23.so
7f0dcf5b9000-7f0dcf5bd000 rw-p 00000000 00:00 0
7f0dcf5bd000-7f0dcf5d3000 r-xp 00000000 103:03 4723208 /lib/x86_64-linux-gnu/libgcc_s.so.1
7f0dcf5d3000-7f0dcf7d2000 ---p 00016000 103:03 4723208 /lib/x86_64-linux-gnu/libgcc_s.so.1
7f0dcf7d2000-7f0dcf7d3000 rw-p 00015000 103:03 4723208 /lib/x86_64-linux-gnu/libgcc_s.so.1
7f0dcf7d3000-7f0dcf8db000 r-xp 00000000 103:03 4723188 /lib/x86_64-linux-gnu/libm-2.23.so
7f0dcf8db000-7f0dcfada000 ---p 00108000 103:03 4723188 /lib/x86_64-linux-gnu/libm-2.23.so
7f0dcfada000-7f0dcfadb000 r--p 00107000 103:03 4723188 /lib/x86_64-linux-gnu/libm-2.23.so
7f0dcfadb000-7f0dcfadc000 rw-p 00108000 103:03 4723188 /lib/x86_64-linux-gnu/libm-2.23.so
7f0dcfadc000-7f0dcfc4e000 r-xp 00000000 103:03 5376129 /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21
7f0dcfc4e000-7f0dcfe4e000 ---p 00172000 103:03 5376129 /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21
7f0dcfe4e000-7f0dcfe58000 r--p 00172000 103:03 5376129 /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21
7f0dcfe58000-7f0dcfe5a000 rw-p 0017c000 103:03 5376129 /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21
7f0dcfe5a000-7f0dcfe5e000 rw-p 00000000 00:00 0
7f0dcfe5e000-7f0dcfe76000 r-xp 00000000 103:03 4718677 /lib/x86_64-linux-gnu/libpthread-2.23.so
7f0dcfe76000-7f0dd0075000 ---p 00018000 103:03 4718677 /lib/x86_64-linux-gnu/libpthread-2.23.so
7f0dd0075000-7f0dd0076000 r--p 00017000 103:03 4718677 /lib/x86_64-linux-gnu/libpthread-2.23.so
7f0dd0076000-7f0dd0077000 rw-p 00018000 103:03 4718677 /lib/x86_64-linux-gnu/libpthread-2.23.so
7f0dd0077000-7f0dd007b000 rw-p 00000000 00:00 0
7f0dd007b000-7f0dd007e000 r-xp 00000000 103:03 4718675 /lib/x86_64-linux-gnu/libdl-2.23.so
7f0dd007e000-7f0dd027d000 ---p 00003000 103:03 4718675 /lib/x86_64-linux-gnu/libdl-2.23.so
7f0dd027d000-7f0dd027e000 r--p 00002000 103:03 4718675 /lib/x86_64-linux-gnu/libdl-2.23.so
7f0dd027e000-7f0dd027f000 rw-p 00003000 103:03 4718675 /lib/x86_64-linux-gnu/libdl-2.23.so
7f0dd027f000-7f0dd0286000 r-xp 00000000 103:03 4718609 /lib/x86_64-linux-gnu/librt-2.23.so
7f0dd0286000-7f0dd0485000 ---p 00007000 103:03 4718609 /lib/x86_64-linux-gnu/librt-2.23.so
7f0dd0485000-7f0dd0486000 r--p 00006000 103:03 4718609 /lib/x86_64-linux-gnu/librt-2.23.so
7f0dd0486000-7f0dd0487000 rw-p 00007000 103:03 4718609 /lib/x86_64-linux-gnu/librt-2.23.so
7f0dd0487000-7f0dd04ad000 r-xp 00000000 103:03 4718676 /lib/x86_64-linux-gnu/ld-2.23.so
7f0dd05fb000-7f0dd0683000 rw-p 00000000 00:00 0
7f0dd06ab000-7f0dd06ac000 rw-p 00000000 00:00 0
7f0dd06ac000-7f0dd06ad000 r--p 00025000 103:03 4718676 /lib/x86_64-linux-gnu/ld-2.23.so
7f0dd06ad000-7f0dd06ae000 rw-p 00026000 103:03 4718676 /lib/x86_64-linux-gnu/ld-2.23.so
7f0dd06ae000-7f0dd06af000 rw-p 00000000 00:00 0
7ffdfd266000-7ffdfd29b000 rw-p 00000000 00:00 0 [stack]
7ffdfd2eb000-7ffdfd2ee000 r--p 00000000 00:00 0 [vvar]
7ffdfd2ee000-7ffdfd2f0000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Aborted
ASAN says:
cmftRelease-asan --input PoC_hbo_imageTransformArg --output0 /dev/null
=================================================================
==10155==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60200000eff1 at pc 0x7f49a188e935 bp 0x7ffca76070c0 sp 0x7ffca7606868
READ of size 3 at 0x60200000eff1 thread T0
#0 0x7f49a188e934 in __asan_memcpy (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x8c934)
#1 0x428adf in memcpy /usr/include/x86_64-linux-gnu/bits/string3.h:53
#2 0x428adf in swap ../../src/cmft/common/utils.h:131
#3 0x428adf in cmft::imageTransformArg(cmft::Image&, __va_list_tag*) ../../src/cmft/image.cpp:2506
#4 0x429a91 in cmft::imageTransformUseMacroInstead(cmft::Image*, ...) ../../src/cmft/image.cpp:2321
#5 0x4340d2 in cmft::imageLoadTga(cmft::Image&, cmft::Rw*, cmft::AllocatorI*) ../../src/cmft/image.cpp:4972
#6 0x4344b3 in cmft::imageLoad(cmft::Image&, cmft::Rw*, cmft::TextureFormat::Enum, cmft::AllocatorI*) ../../src/cmft/image.cpp:5039
#7 0x4348a9 in cmft::imageLoad(cmft::Image&, char const*, cmft::TextureFormat::Enum, cmft::AllocatorI*) ../../src/cmft/image.cpp:5062
#8 0x475600 in cmftMain(int, char const* const*) ../../src/cmft_cli/cmft_cli.h:895
#9 0x7f49a058e82f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
#10 0x403608 in _start (/home/dungnguyen/PoCs/cmft_06a3516/cmftRelease-asan+0x403608)
0x60200000eff1 is located 0 bytes to the right of 1-byte region [0x60200000eff0,0x60200000eff1)
allocated by thread T0 here:
#0 0x7f49a189a602 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x98602)
#1 0x433f18 in cmft::imageLoadTga(cmft::Image&, cmft::Rw*, cmft::AllocatorI*) ../../src/cmft/image.cpp:4899
SUMMARY: AddressSanitizer: heap-buffer-overflow ??:0 __asan_memcpy
Shadow bytes around the buggy address:
0x0c047fff9da0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff9db0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff9dc0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff9dd0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff9de0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
=>0x0c047fff9df0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa[01]fa
0x0c047fff9e00: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff9e10: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff9e20: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff9e30: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff9e40: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Heap right redzone: fb
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack partial redzone: f4
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
==10155==ABORTING
Thanks,
Manh Dung
Does not build on Arch Linux x64
As the title states.
Output:
[fredrik@fredrik-laptop cmft]$ make linux-release64
make -R -C _projects/gmake-linux config=release64
make[1]: Entering directory '/home/fredrik/ports/cmft/_projects/gmake-linux'
==== Building cmft_cli (release64) ====
stb_image.cpp
In file included from /usr/include/c++/6.1.1/cmath:43:0,
from /usr/include/c++/6.1.1/math.h:36,
from ../../dependency/stb/stb_image.h:566,
from ../../src/cmft/base/stb_image.cpp:15:
/usr/include/c++/6.1.1/ext/type_traits.h:162:35: error: ‘stb::__gnu_cxx::__is_null_pointer’ declared as an ‘inline’ variable
__is_null_pointer(std::nullptr_t)
^
/usr/include/c++/6.1.1/ext/type_traits.h:162:35: error: ‘bool stb::__gnu_cxx::__is_null_pointer’ redeclared as different kind of symbol
/usr/include/c++/6.1.1/ext/type_traits.h:157:5: note: previous declaration ‘template<class _Type> bool stb::__gnu_cxx::__is_null_pointer(_Type)’
__is_null_pointer(_Type)
^~~~~~~~~~~~~~~~~
/usr/include/c++/6.1.1/ext/type_traits.h:162:21: error: ‘nullptr_t’ is not a member of ‘stb::std’
__is_null_pointer(std::nullptr_t)
^~~
/usr/include/c++/6.1.1/ext/type_traits.h:162:21: note: suggested alternatives:
In file included from /usr/include/c++/6.1.1/cstdlib:41:0,
from /usr/include/c++/6.1.1/stdlib.h:36,
from ../../dependency/bx/include/bx/bx.h:10,
from ../../dependency/bx/include/bx/macros.h:9,
from ../../src/cmft/base/stb_image.h:9,
from ../../src/cmft/base/stb_image.cpp:6:
/usr/include/c++/6.1.1/x86_64-pc-linux-gnu/bits/c++config.h:202:29: note: ‘std::nullptr_t’
typedef decltype(nullptr) nullptr_t;
^~~~~~~~~
In file included from ../../dependency/stb/stb_image.h:561:0,
from ../../src/cmft/base/stb_image.cpp:15:
/usr/lib/gcc/x86_64-pc-linux-gnu/6.1.1/include/stddef.h:436:29: note: ‘stb::nullptr_t’
typedef decltype(nullptr) nullptr_t;
^~~~~~~~~
In file included from /usr/include/c++/6.1.1/math.h:36:0,
from ../../dependency/stb/stb_image.h:566,
from ../../src/cmft/base/stb_image.cpp:15:
/usr/include/c++/6.1.1/cmath:106:11: error: ‘::acos’ has not been declared
using ::acos;
^~~~
/usr/include/c++/6.1.1/cmath:125:11: error: ‘::asin’ has not been declared
using ::asin;
^~~~
/usr/include/c++/6.1.1/cmath:144:11: error: ‘::atan’ has not been declared
using ::atan;
^~~~
/usr/include/c++/6.1.1/cmath:163:11: error: ‘::atan2’ has not been declared
using ::atan2;
^~~~~
/usr/include/c++/6.1.1/cmath:184:11: error: ‘::ceil’ has not been declared
using ::ceil;
^~~~
/usr/include/c++/6.1.1/cmath:203:11: error: ‘::cos’ has not been declared
using ::cos;
^~~
/usr/include/c++/6.1.1/cmath:222:11: error: ‘::cosh’ has not been declared
using ::cosh;
^~~~
/usr/include/c++/6.1.1/cmath:241:11: error: ‘::exp’ has not been declared
using ::exp;
^~~
/usr/include/c++/6.1.1/cmath:260:11: error: ‘::fabs’ has not been declared
using ::fabs;
^~~~
/usr/include/c++/6.1.1/cmath:279:11: error: ‘::floor’ has not been declared
using ::floor;
^~~~~
/usr/include/c++/6.1.1/cmath:298:11: error: ‘::fmod’ has not been declared
using ::fmod;
^~~~
/usr/include/c++/6.1.1/cmath:319:11: error: ‘::frexp’ has not been declared
using ::frexp;
^~~~~
/usr/include/c++/6.1.1/cmath:338:11: error: ‘::ldexp’ has not been declared
using ::ldexp;
^~~~~
/usr/include/c++/6.1.1/cmath:357:11: error: ‘::log’ has not been declared
using ::log;
^~~
/usr/include/c++/6.1.1/cmath:376:11: error: ‘::log10’ has not been declared
using ::log10;
^~~~~
/usr/include/c++/6.1.1/cmath:395:11: error: ‘::modf’ has not been declared
using ::modf;
^~~~
/usr/include/c++/6.1.1/cmath:407:11: error: ‘::pow’ has not been declared
using ::pow;
^~~
/usr/include/c++/6.1.1/cmath:444:11: error: ‘::sin’ has not been declared
using ::sin;
^~~
/usr/include/c++/6.1.1/cmath:463:11: error: ‘::sinh’ has not been declared
using ::sinh;
^~~~
/usr/include/c++/6.1.1/cmath:482:11: error: ‘::sqrt’ has not been declared
using ::sqrt;
^~~~
/usr/include/c++/6.1.1/cmath:501:11: error: ‘::tan’ has not been declared
using ::tan;
^~~
/usr/include/c++/6.1.1/cmath:520:11: error: ‘::tanh’ has not been declared
using ::tanh;
^~~~
/usr/include/c++/6.1.1/cmath:1077:11: error: ‘::double_t’ has not been declared
using ::double_t;
^~~~~~~~
/usr/include/c++/6.1.1/cmath:1078:11: error: ‘::float_t’ has not been declared
using ::float_t;
^~~~~~~
/usr/include/c++/6.1.1/cmath:1081:11: error: ‘::acosh’ has not been declared
using ::acosh;
^~~~~
/usr/include/c++/6.1.1/cmath:1082:11: error: ‘::acoshf’ has not been declared
using ::acoshf;
^~~~~~
/usr/include/c++/6.1.1/cmath:1083:11: error: ‘::acoshl’ has not been declared
using ::acoshl;
^~~~~~
/usr/include/c++/6.1.1/cmath:1085:11: error: ‘::asinh’ has not been declared
using ::asinh;
^~~~~
/usr/include/c++/6.1.1/cmath:1086:11: error: ‘::asinhf’ has not been declared
using ::asinhf;
^~~~~~
/usr/include/c++/6.1.1/cmath:1087:11: error: ‘::asinhl’ has not been declared
using ::asinhl;
^~~~~~
/usr/include/c++/6.1.1/cmath:1089:11: error: ‘::atanh’ has not been declared
using ::atanh;
^~~~~
/usr/include/c++/6.1.1/cmath:1090:11: error: ‘::atanhf’ has not been declared
using ::atanhf;
^~~~~~
/usr/include/c++/6.1.1/cmath:1091:11: error: ‘::atanhl’ has not been declared
using ::atanhl;
^~~~~~
/usr/include/c++/6.1.1/cmath:1093:11: error: ‘::cbrt’ has not been declared
using ::cbrt;
^~~~
/usr/include/c++/6.1.1/cmath:1094:11: error: ‘::cbrtf’ has not been declared
using ::cbrtf;
^~~~~
/usr/include/c++/6.1.1/cmath:1095:11: error: ‘::cbrtl’ has not been declared
using ::cbrtl;
^~~~~
/usr/include/c++/6.1.1/cmath:1097:11: error: ‘::copysign’ has not been declared
using ::copysign;
^~~~~~~~
/usr/include/c++/6.1.1/cmath:1098:11: error: ‘::copysignf’ has not been declared
using ::copysignf;
^~~~~~~~~
/usr/include/c++/6.1.1/cmath:1099:11: error: ‘::copysignl’ has not been declared
using ::copysignl;
^~~~~~~~~
/usr/include/c++/6.1.1/cmath:1101:11: error: ‘::erf’ has not been declared
using ::erf;
^~~
/usr/include/c++/6.1.1/cmath:1102:11: error: ‘::erff’ has not been declared
using ::erff;
^~~~
/usr/include/c++/6.1.1/cmath:1103:11: error: ‘::erfl’ has not been declared
using ::erfl;
^~~~
/usr/include/c++/6.1.1/cmath:1105:11: error: ‘::erfc’ has not been declared
using ::erfc;
^~~~
/usr/include/c++/6.1.1/cmath:1106:11: error: ‘::erfcf’ has not been declared
using ::erfcf;
^~~~~
/usr/include/c++/6.1.1/cmath:1107:11: error: ‘::erfcl’ has not been declared
using ::erfcl;
^~~~~
/usr/include/c++/6.1.1/cmath:1109:11: error: ‘::exp2’ has not been declared
using ::exp2;
^~~~
/usr/include/c++/6.1.1/cmath:1110:11: error: ‘::exp2f’ has not been declared
using ::exp2f;
^~~~~
/usr/include/c++/6.1.1/cmath:1111:11: error: ‘::exp2l’ has not been declared
using ::exp2l;
^~~~~
/usr/include/c++/6.1.1/cmath:1113:11: error: ‘::expm1’ has not been declared
using ::expm1;
^~~~~
/usr/include/c++/6.1.1/cmath:1114:11: error: ‘::expm1f’ has not been declared
using ::expm1f;
^~~~~~
/usr/include/c++/6.1.1/cmath:1115:11: error: ‘::expm1l’ has not been declared
using ::expm1l;
^~~~~~
/usr/include/c++/6.1.1/cmath:1117:11: error: ‘::fdim’ has not been declared
using ::fdim;
^~~~
/usr/include/c++/6.1.1/cmath:1118:11: error: ‘::fdimf’ has not been declared
using ::fdimf;
^~~~~
/usr/include/c++/6.1.1/cmath:1119:11: error: ‘::fdiml’ has not been declared
using ::fdiml;
^~~~~
/usr/include/c++/6.1.1/cmath:1121:11: error: ‘::fma’ has not been declared
using ::fma;
^~~
/usr/include/c++/6.1.1/cmath:1122:11: error: ‘::fmaf’ has not been declared
using ::fmaf;
^~~~
/usr/include/c++/6.1.1/cmath:1123:11: error: ‘::fmal’ has not been declared
using ::fmal;
^~~~
/usr/include/c++/6.1.1/cmath:1125:11: error: ‘::fmax’ has not been declared
using ::fmax;
^~~~
/usr/include/c++/6.1.1/cmath:1126:11: error: ‘::fmaxf’ has not been declared
using ::fmaxf;
^~~~~
/usr/include/c++/6.1.1/cmath:1127:11: error: ‘::fmaxl’ has not been declared
using ::fmaxl;
^~~~~
/usr/include/c++/6.1.1/cmath:1129:11: error: ‘::fmin’ has not been declared
using ::fmin;
^~~~
/usr/include/c++/6.1.1/cmath:1130:11: error: ‘::fminf’ has not been declared
using ::fminf;
^~~~~
/usr/include/c++/6.1.1/cmath:1131:11: error: ‘::fminl’ has not been declared
using ::fminl;
^~~~~
/usr/include/c++/6.1.1/cmath:1133:11: error: ‘::hypot’ has not been declared
using ::hypot;
^~~~~
/usr/include/c++/6.1.1/cmath:1134:11: error: ‘::hypotf’ has not been declared
using ::hypotf;
^~~~~~
/usr/include/c++/6.1.1/cmath:1135:11: error: ‘::hypotl’ has not been declared
using ::hypotl;
^~~~~~
/usr/include/c++/6.1.1/cmath:1137:11: error: ‘::ilogb’ has not been declared
using ::ilogb;
^~~~~
/usr/include/c++/6.1.1/cmath:1138:11: error: ‘::ilogbf’ has not been declared
using ::ilogbf;
^~~~~~
/usr/include/c++/6.1.1/cmath:1139:11: error: ‘::ilogbl’ has not been declared
using ::ilogbl;
^~~~~~
/usr/include/c++/6.1.1/cmath:1141:11: error: ‘::lgamma’ has not been declared
using ::lgamma;
^~~~~~
/usr/include/c++/6.1.1/cmath:1142:11: error: ‘::lgammaf’ has not been declared
using ::lgammaf;
^~~~~~~
/usr/include/c++/6.1.1/cmath:1143:11: error: ‘::lgammal’ has not been declared
using ::lgammal;
^~~~~~~
/usr/include/c++/6.1.1/cmath:1145:11: error: ‘::llrint’ has not been declared
using ::llrint;
^~~~~~
/usr/include/c++/6.1.1/cmath:1146:11: error: ‘::llrintf’ has not been declared
using ::llrintf;
^~~~~~~
/usr/include/c++/6.1.1/cmath:1147:11: error: ‘::llrintl’ has not been declared
using ::llrintl;
^~~~~~~
/usr/include/c++/6.1.1/cmath:1149:11: error: ‘::llround’ has not been declared
using ::llround;
^~~~~~~
/usr/include/c++/6.1.1/cmath:1150:11: error: ‘::llroundf’ has not been declared
using ::llroundf;
^~~~~~~~
/usr/include/c++/6.1.1/cmath:1151:11: error: ‘::llroundl’ has not been declared
using ::llroundl;
^~~~~~~~
/usr/include/c++/6.1.1/cmath:1153:11: error: ‘::log1p’ has not been declared
using ::log1p;
^~~~~
/usr/include/c++/6.1.1/cmath:1154:11: error: ‘::log1pf’ has not been declared
using ::log1pf;
^~~~~~
/usr/include/c++/6.1.1/cmath:1155:11: error: ‘::log1pl’ has not been declared
using ::log1pl;
^~~~~~
/usr/include/c++/6.1.1/cmath:1157:11: error: ‘::log2’ has not been declared
using ::log2;
^~~~
/usr/include/c++/6.1.1/cmath:1158:11: error: ‘::log2f’ has not been declared
using ::log2f;
^~~~~
/usr/include/c++/6.1.1/cmath:1159:11: error: ‘::log2l’ has not been declared
using ::log2l;
^~~~~
/usr/include/c++/6.1.1/cmath:1161:11: error: ‘::logb’ has not been declared
using ::logb;
^~~~
/usr/include/c++/6.1.1/cmath:1162:11: error: ‘::logbf’ has not been declared
using ::logbf;
^~~~~
/usr/include/c++/6.1.1/cmath:1163:11: error: ‘::logbl’ has not been declared
using ::logbl;
^~~~~
/usr/include/c++/6.1.1/cmath:1165:11: error: ‘::lrint’ has not been declared
using ::lrint;
^~~~~
/usr/include/c++/6.1.1/cmath:1166:11: error: ‘::lrintf’ has not been declared
using ::lrintf;
^~~~~~
/usr/include/c++/6.1.1/cmath:1167:11: error: ‘::lrintl’ has not been declared
using ::lrintl;
^~~~~~
/usr/include/c++/6.1.1/cmath:1169:11: error: ‘::lround’ has not been declared
using ::lround;
^~~~~~
/usr/include/c++/6.1.1/cmath:1170:11: error: ‘::lroundf’ has not been declared
using ::lroundf;
^~~~~~~
/usr/include/c++/6.1.1/cmath:1171:11: error: ‘::lroundl’ has not been declared
using ::lroundl;
^~~~~~~
/usr/include/c++/6.1.1/cmath:1173:11: error: ‘::nan’ has not been declared
using ::nan;
^~~
/usr/include/c++/6.1.1/cmath:1174:11: error: ‘::nanf’ has not been declared
using ::nanf;
^~~~
/usr/include/c++/6.1.1/cmath:1175:11: error: ‘::nanl’ has not been declared
using ::nanl;
^~~~
/usr/include/c++/6.1.1/cmath:1177:11: error: ‘::nearbyint’ has not been declared
using ::nearbyint;
^~~~~~~~~
/usr/include/c++/6.1.1/cmath:1178:11: error: ‘::nearbyintf’ has not been declared
using ::nearbyintf;
^~~~~~~~~~
/usr/include/c++/6.1.1/cmath:1179:11: error: ‘::nearbyintl’ has not been declared
using ::nearbyintl;
^~~~~~~~~~
/usr/include/c++/6.1.1/cmath:1181:11: error: ‘::nextafter’ has not been declared
using ::nextafter;
^~~~~~~~~
/usr/include/c++/6.1.1/cmath:1182:11: error: ‘::nextafterf’ has not been declared
using ::nextafterf;
^~~~~~~~~~
/usr/include/c++/6.1.1/cmath:1183:11: error: ‘::nextafterl’ has not been declared
using ::nextafterl;
^~~~~~~~~~
/usr/include/c++/6.1.1/cmath:1185:11: error: ‘::nexttoward’ has not been declared
using ::nexttoward;
^~~~~~~~~~
/usr/include/c++/6.1.1/cmath:1186:11: error: ‘::nexttowardf’ has not been declared
using ::nexttowardf;
^~~~~~~~~~~
/usr/include/c++/6.1.1/cmath:1187:11: error: ‘::nexttowardl’ has not been declared
using ::nexttowardl;
^~~~~~~~~~~
/usr/include/c++/6.1.1/cmath:1189:11: error: ‘::remainder’ has not been declared
using ::remainder;
^~~~~~~~~
/usr/include/c++/6.1.1/cmath:1190:11: error: ‘::remainderf’ has not been declared
using ::remainderf;
^~~~~~~~~~
/usr/include/c++/6.1.1/cmath:1191:11: error: ‘::remainderl’ has not been declared
using ::remainderl;
^~~~~~~~~~
/usr/include/c++/6.1.1/cmath:1193:11: error: ‘::remquo’ has not been declared
using ::remquo;
^~~~~~
/usr/include/c++/6.1.1/cmath:1194:11: error: ‘::remquof’ has not been declared
using ::remquof;
^~~~~~~
/usr/include/c++/6.1.1/cmath:1195:11: error: ‘::remquol’ has not been declared
using ::remquol;
^~~~~~~
/usr/include/c++/6.1.1/cmath:1197:11: error: ‘::rint’ has not been declared
using ::rint;
^~~~
/usr/include/c++/6.1.1/cmath:1198:11: error: ‘::rintf’ has not been declared
using ::rintf;
^~~~~
/usr/include/c++/6.1.1/cmath:1199:11: error: ‘::rintl’ has not been declared
using ::rintl;
^~~~~
/usr/include/c++/6.1.1/cmath:1201:11: error: ‘::round’ has not been declared
using ::round;
^~~~~
/usr/include/c++/6.1.1/cmath:1202:11: error: ‘::roundf’ has not been declared
using ::roundf;
^~~~~~
/usr/include/c++/6.1.1/cmath:1203:11: error: ‘::roundl’ has not been declared
using ::roundl;
^~~~~~
/usr/include/c++/6.1.1/cmath:1205:11: error: ‘::scalbln’ has not been declared
using ::scalbln;
^~~~~~~
/usr/include/c++/6.1.1/cmath:1206:11: error: ‘::scalblnf’ has not been declared
using ::scalblnf;
^~~~~~~~
/usr/include/c++/6.1.1/cmath:1207:11: error: ‘::scalblnl’ has not been declared
using ::scalblnl;
^~~~~~~~
/usr/include/c++/6.1.1/cmath:1209:11: error: ‘::scalbn’ has not been declared
using ::scalbn;
^~~~~~
/usr/include/c++/6.1.1/cmath:1210:11: error: ‘::scalbnf’ has not been declared
using ::scalbnf;
^~~~~~~
/usr/include/c++/6.1.1/cmath:1211:11: error: ‘::scalbnl’ has not been declared
using ::scalbnl;
^~~~~~~
/usr/include/c++/6.1.1/cmath:1213:11: error: ‘::tgamma’ has not been declared
using ::tgamma;
^~~~~~
/usr/include/c++/6.1.1/cmath:1214:11: error: ‘::tgammaf’ has not been declared
using ::tgammaf;
^~~~~~~
/usr/include/c++/6.1.1/cmath:1215:11: error: ‘::tgammal’ has not been declared
using ::tgammal;
^~~~~~~
/usr/include/c++/6.1.1/cmath:1217:11: error: ‘::trunc’ has not been declared
using ::trunc;
^~~~~
/usr/include/c++/6.1.1/cmath:1218:11: error: ‘::truncf’ has not been declared
using ::truncf;
^~~~~~
/usr/include/c++/6.1.1/cmath:1219:11: error: ‘::truncl’ has not been declared
using ::truncl;
^~~~~~
In file included from ../../src/cmft/base/stb_image.cpp:15:0:
../../dependency/stb/stb_image.h: In function ‘unsigned char* stb::stbi__convert_format(unsigned char*, int, int, unsigned int, unsigned int)’:
../../dependency/stb/stb_image.h:1338:44: warning: this ‘for’ clause does not guard... [-Wmisleading-indentation]
#define CASE(a,b) case COMBO(a,b): for(i=x-1; i >= 0; --i, src += a, dest += b)
^
../../dependency/stb/stb_image.h:1342:10: note: in expansion of macro ‘CASE’
CASE(1,2) dest[0]=src[0], dest[1]=255; break;
^~~~
../../dependency/stb/stb_image.h:1342:49: note: ...this statement, but the latter is misleadingly indented as if it is guarded by the ‘for’
CASE(1,2) dest[0]=src[0], dest[1]=255; break;
^~~~~
../../dependency/stb/stb_image.h:1338:44: warning: this ‘for’ clause does not guard... [-Wmisleading-indentation]
#define CASE(a,b) case COMBO(a,b): for(i=x-1; i >= 0; --i, src += a, dest += b)
^
../../dependency/stb/stb_image.h:1343:10: note: in expansion of macro ‘CASE’
CASE(1,3) dest[0]=dest[1]=dest[2]=src[0]; break;
^~~~
../../dependency/stb/stb_image.h:1343:52: note: ...this statement, but the latter is misleadingly indented as if it is guarded by the ‘for’
CASE(1,3) dest[0]=dest[1]=dest[2]=src[0]; break;
^~~~~
../../dependency/stb/stb_image.h:1338:44: warning: this ‘for’ clause does not guard... [-Wmisleading-indentation]
#define CASE(a,b) case COMBO(a,b): for(i=x-1; i >= 0; --i, src += a, dest += b)
^
../../dependency/stb/stb_image.h:1344:10: note: in expansion of macro ‘CASE’
CASE(1,4) dest[0]=dest[1]=dest[2]=src[0], dest[3]=255; break;
^~~~
../../dependency/stb/stb_image.h:1344:65: note: ...this statement, but the latter is misleadingly indented as if it is guarded by the ‘for’
CASE(1,4) dest[0]=dest[1]=dest[2]=src[0], dest[3]=255; break;
^~~~~
../../dependency/stb/stb_image.h:1338:44: warning: this ‘for’ clause does not guard... [-Wmisleading-indentation]
#define CASE(a,b) case COMBO(a,b): for(i=x-1; i >= 0; --i, src += a, dest += b)
^
../../dependency/stb/stb_image.h:1345:10: note: in expansion of macro ‘CASE’
CASE(2,1) dest[0]=src[0]; break;
^~~~
../../dependency/stb/stb_image.h:1345:36: note: ...this statement, but the latter is misleadingly indented as if it is guarded by the ‘for’
CASE(2,1) dest[0]=src[0]; break;
^~~~~
../../dependency/stb/stb_image.h:1338:44: warning: this ‘for’ clause does not guard... [-Wmisleading-indentation]
#define CASE(a,b) case COMBO(a,b): for(i=x-1; i >= 0; --i, src += a, dest += b)
^
../../dependency/stb/stb_image.h:1346:10: note: in expansion of macro ‘CASE’
CASE(2,3) dest[0]=dest[1]=dest[2]=src[0]; break;
^~~~
../../dependency/stb/stb_image.h:1346:52: note: ...this statement, but the latter is misleadingly indented as if it is guarded by the ‘for’
CASE(2,3) dest[0]=dest[1]=dest[2]=src[0]; break;
^~~~~
../../dependency/stb/stb_image.h:1338:44: warning: this ‘for’ clause does not guard... [-Wmisleading-indentation]
#define CASE(a,b) case COMBO(a,b): for(i=x-1; i >= 0; --i, src += a, dest += b)
^
../../dependency/stb/stb_image.h:1347:10: note: in expansion of macro ‘CASE’
CASE(2,4) dest[0]=dest[1]=dest[2]=src[0], dest[3]=src[1]; break;
^~~~
../../dependency/stb/stb_image.h:1347:68: note: ...this statement, but the latter is misleadingly indented as if it is guarded by the ‘for’
CASE(2,4) dest[0]=dest[1]=dest[2]=src[0], dest[3]=src[1]; break;
^~~~~
../../dependency/stb/stb_image.h:1338:44: warning: this ‘for’ clause does not guard... [-Wmisleading-indentation]
#define CASE(a,b) case COMBO(a,b): for(i=x-1; i >= 0; --i, src += a, dest += b)
^
../../dependency/stb/stb_image.h:1348:10: note: in expansion of macro ‘CASE’
CASE(3,4) dest[0]=src[0],dest[1]=src[1],dest[2]=src[2],dest[3]=255; break;
^~~~
../../dependency/stb/stb_image.h:1348:78: note: ...this statement, but the latter is misleadingly indented as if it is guarded by the ‘for’
CASE(3,4) dest[0]=src[0],dest[1]=src[1],dest[2]=src[2],dest[3]=255; break;
^~~~~
../../dependency/stb/stb_image.h:1338:44: warning: this ‘for’ clause does not guard... [-Wmisleading-indentation]
#define CASE(a,b) case COMBO(a,b): for(i=x-1; i >= 0; --i, src += a, dest += b)
^
../../dependency/stb/stb_image.h:1349:10: note: in expansion of macro ‘CASE’
CASE(3,1) dest[0]=stbi__compute_y(src[0],src[1],src[2]); break;
^~~~
../../dependency/stb/stb_image.h:1349:67: note: ...this statement, but the latter is misleadingly indented as if it is guarded by the ‘for’
CASE(3,1) dest[0]=stbi__compute_y(src[0],src[1],src[2]); break;
^~~~~
../../dependency/stb/stb_image.h:1338:44: warning: this ‘for’ clause does not guard... [-Wmisleading-indentation]
#define CASE(a,b) case COMBO(a,b): for(i=x-1; i >= 0; --i, src += a, dest += b)
^
../../dependency/stb/stb_image.h:1350:10: note: in expansion of macro ‘CASE’
CASE(3,2) dest[0]=stbi__compute_y(src[0],src[1],src[2]), dest[1] = 255; break;
^~~~
../../dependency/stb/stb_image.h:1350:82: note: ...this statement, but the latter is misleadingly indented as if it is guarded by the ‘for’
CASE(3,2) dest[0]=stbi__compute_y(src[0],src[1],src[2]), dest[1] = 255; break;
^~~~~
../../dependency/stb/stb_image.h:1338:44: warning: this ‘for’ clause does not guard... [-Wmisleading-indentation]
#define CASE(a,b) case COMBO(a,b): for(i=x-1; i >= 0; --i, src += a, dest += b)
^
../../dependency/stb/stb_image.h:1351:10: note: in expansion of macro ‘CASE’
CASE(4,1) dest[0]=stbi__compute_y(src[0],src[1],src[2]); break;
^~~~
../../dependency/stb/stb_image.h:1351:67: note: ...this statement, but the latter is misleadingly indented as if it is guarded by the ‘for’
CASE(4,1) dest[0]=stbi__compute_y(src[0],src[1],src[2]); break;
^~~~~
../../dependency/stb/stb_image.h:1338:44: warning: this ‘for’ clause does not guard... [-Wmisleading-indentation]
#define CASE(a,b) case COMBO(a,b): for(i=x-1; i >= 0; --i, src += a, dest += b)
^
../../dependency/stb/stb_image.h:1352:10: note: in expansion of macro ‘CASE’
CASE(4,2) dest[0]=stbi__compute_y(src[0],src[1],src[2]), dest[1] = src[3]; break;
^~~~
../../dependency/stb/stb_image.h:1352:85: note: ...this statement, but the latter is misleadingly indented as if it is guarded by the ‘for’
CASE(4,2) dest[0]=stbi__compute_y(src[0],src[1],src[2]), dest[1] = src[3]; break;
^~~~~
../../dependency/stb/stb_image.h:1338:44: warning: this ‘for’ clause does not guard... [-Wmisleading-indentation]
#define CASE(a,b) case COMBO(a,b): for(i=x-1; i >= 0; --i, src += a, dest += b)
^
../../dependency/stb/stb_image.h:1353:10: note: in expansion of macro ‘CASE’
CASE(4,3) dest[0]=src[0],dest[1]=src[1],dest[2]=src[2]; break;
^~~~
../../dependency/stb/stb_image.h:1353:66: note: ...this statement, but the latter is misleadingly indented as if it is guarded by the ‘for’
CASE(4,3) dest[0]=src[0],dest[1]=src[1],dest[2]=src[2]; break;
^~~~~
../../dependency/stb/stb_image.h: In function ‘void stb::stbi__build_fast_ac(stb::stbi__int16*, stb::stbi__huffman*)’:
../../dependency/stb/stb_image.h:1557:36: warning: left shift of negative value [-Wshift-negative-value]
if (k < m) k += (-1 << magbits) + 1;
^~~~~~~
../../dependency/stb/stb_image.h: In function ‘int stb::stbi__create_png_image_raw(stb::stbi__png*, stb::stbi_uc*, stb::stbi__uint32, int, stb::stbi__uint32, stb::stbi__uint32, int, int)’:
../../dependency/stb/stb_image.h:4027:17: warning: this ‘for’ clause does not guard... [-Wmisleading-indentation]
for (k=0; k < nk; ++k)
^
../../dependency/stb/stb_image.h:4031:13: note: in expansion of macro ‘CASE’
CASE(STBI__F_sub) cur[k] = STBI__BYTECAST(raw[k] + cur[k-filter_bytes]); break;
^~~~
../../dependency/stb/stb_image.h:4031:95: note: ...this statement, but the latter is misleadingly indented as if it is guarded by the ‘for’
CASE(STBI__F_sub) cur[k] = STBI__BYTECAST(raw[k] + cur[k-filter_bytes]); break;
^~~~~
../../dependency/stb/stb_image.h:4027:17: warning: this ‘for’ clause does not guard... [-Wmisleading-indentation]
for (k=0; k < nk; ++k)
^
../../dependency/stb/stb_image.h:4032:13: note: in expansion of macro ‘CASE’
CASE(STBI__F_up) cur[k] = STBI__BYTECAST(raw[k] + prior[k]); break;
^~~~
../../dependency/stb/stb_image.h:4032:84: note: ...this statement, but the latter is misleadingly indented as if it is guarded by the ‘for’
CASE(STBI__F_up) cur[k] = STBI__BYTECAST(raw[k] + prior[k]); break;
^~~~~
../../dependency/stb/stb_image.h:4027:17: warning: this ‘for’ clause does not guard... [-Wmisleading-indentation]
for (k=0; k < nk; ++k)
^
../../dependency/stb/stb_image.h:4033:13: note: in expansion of macro ‘CASE’
CASE(STBI__F_avg) cur[k] = STBI__BYTECAST(raw[k] + ((prior[k] + cur[k-filter_bytes])>>1)); break;
^~~~
../../dependency/stb/stb_image.h:4033:113: note: ...this statement, but the latter is misleadingly indented as if it is guarded by the ‘for’
CASE(STBI__F_avg) cur[k] = STBI__BYTECAST(raw[k] + ((prior[k] + cur[k-filter_bytes])>>1)); break;
^~~~~
../../dependency/stb/stb_image.h:4027:17: warning: this ‘for’ clause does not guard... [-Wmisleading-indentation]
for (k=0; k < nk; ++k)
^
../../dependency/stb/stb_image.h:4034:13: note: in expansion of macro ‘CASE’
CASE(STBI__F_paeth) cur[k] = STBI__BYTECAST(raw[k] + stbi__paeth(cur[k-filter_bytes],prior[k],prior[k-filter_bytes])); break;
^~~~
../../dependency/stb/stb_image.h:4034:139: note: ...this statement, but the latter is misleadingly indented as if it is guarded by the ‘for’
CASE(STBI__F_paeth) cur[k] = STBI__BYTECAST(raw[k] + stbi__paeth(cur[k-filter_bytes],prior[k],prior[k-filter_bytes])); break;
^~~~~
../../dependency/stb/stb_image.h:4027:17: warning: this ‘for’ clause does not guard... [-Wmisleading-indentation]
for (k=0; k < nk; ++k)
^
../../dependency/stb/stb_image.h:4035:13: note: in expansion of macro ‘CASE’
CASE(STBI__F_avg_first) cur[k] = STBI__BYTECAST(raw[k] + (cur[k-filter_bytes] >> 1)); break;
^~~~
../../dependency/stb/stb_image.h:4035:102: note: ...this statement, but the latter is misleadingly indented as if it is guarded by the ‘for’
CASE(STBI__F_avg_first) cur[k] = STBI__BYTECAST(raw[k] + (cur[k-filter_bytes] >> 1)); break;
^~~~~
../../dependency/stb/stb_image.h:4027:17: warning: this ‘for’ clause does not guard... [-Wmisleading-indentation]
for (k=0; k < nk; ++k)
^
../../dependency/stb/stb_image.h:4036:13: note: in expansion of macro ‘CASE’
CASE(STBI__F_paeth_first) cur[k] = STBI__BYTECAST(raw[k] + stbi__paeth(cur[k-filter_bytes],0,0)); break;
^~~~
../../dependency/stb/stb_image.h:4036:112: note: ...this statement, but the latter is misleadingly indented as if it is guarded by the ‘for’
CASE(STBI__F_paeth_first) cur[k] = STBI__BYTECAST(raw[k] + stbi__paeth(cur[k-filter_bytes],0,0)); break;
^~~~~
../../dependency/stb/stb_image.h:4045:20: warning: this ‘for’ clause does not guard... [-Wmisleading-indentation]
for (k=0; k < img_n; ++k)
^
../../dependency/stb/stb_image.h:4047:13: note: in expansion of macro ‘CASE’
CASE(STBI__F_none) cur[k] = raw[k]; break;
^~~~
../../dependency/stb/stb_image.h:4047:57: note: ...this statement, but the latter is misleadingly indented as if it is guarded by the ‘for’
CASE(STBI__F_none) cur[k] = raw[k]; break;
^~~~~
../../dependency/stb/stb_image.h:4045:20: warning: this ‘for’ clause does not guard... [-Wmisleading-indentation]
for (k=0; k < img_n; ++k)
^
../../dependency/stb/stb_image.h:4048:13: note: in expansion of macro ‘CASE’
CASE(STBI__F_sub) cur[k] = STBI__BYTECAST(raw[k] + cur[k-out_n]); break;
^~~~
../../dependency/stb/stb_image.h:4048:88: note: ...this statement, but the latter is misleadingly indented as if it is guarded by the ‘for’
CASE(STBI__F_sub) cur[k] = STBI__BYTECAST(raw[k] + cur[k-out_n]); break;
^~~~~
../../dependency/stb/stb_image.h:4045:20: warning: this ‘for’ clause does not guard... [-Wmisleading-indentation]
for (k=0; k < img_n; ++k)
^
../../dependency/stb/stb_image.h:4049:13: note: in expansion of macro ‘CASE’
CASE(STBI__F_up) cur[k] = STBI__BYTECAST(raw[k] + prior[k]); break;
^~~~
../../dependency/stb/stb_image.h:4049:84: note: ...this statement, but the latter is misleadingly indented as if it is guarded by the ‘for’
CASE(STBI__F_up) cur[k] = STBI__BYTECAST(raw[k] + prior[k]); break;
^~~~~
../../dependency/stb/stb_image.h:4045:20: warning: this ‘for’ clause does not guard... [-Wmisleading-indentation]
for (k=0; k < img_n; ++k)
^
../../dependency/stb/stb_image.h:4050:13: note: in expansion of macro ‘CASE’
CASE(STBI__F_avg) cur[k] = STBI__BYTECAST(raw[k] + ((prior[k] + cur[k-out_n])>>1)); break;
^~~~
../../dependency/stb/stb_image.h:4050:106: note: ...this statement, but the latter is misleadingly indented as if it is guarded by the ‘for’
CASE(STBI__F_avg) cur[k] = STBI__BYTECAST(raw[k] + ((prior[k] + cur[k-out_n])>>1)); break;
^~~~~
../../dependency/stb/stb_image.h:4045:20: warning: this ‘for’ clause does not guard... [-Wmisleading-indentation]
for (k=0; k < img_n; ++k)
^
../../dependency/stb/stb_image.h:4051:13: note: in expansion of macro ‘CASE’
CASE(STBI__F_paeth) cur[k] = STBI__BYTECAST(raw[k] + stbi__paeth(cur[k-out_n],prior[k],prior[k-out_n])); break;
^~~~
../../dependency/stb/stb_image.h:4051:125: note: ...this statement, but the latter is misleadingly indented as if it is guarded by the ‘for’
CASE(STBI__F_paeth) cur[k] = STBI__BYTECAST(raw[k] + stbi__paeth(cur[k-out_n],prior[k],prior[k-out_n])); break;
^~~~~
../../dependency/stb/stb_image.h:4045:20: warning: this ‘for’ clause does not guard... [-Wmisleading-indentation]
for (k=0; k < img_n; ++k)
^
../../dependency/stb/stb_image.h:4052:13: note: in expansion of macro ‘CASE’
CASE(STBI__F_avg_first) cur[k] = STBI__BYTECAST(raw[k] + (cur[k-out_n] >> 1)); break;
^~~~
../../dependency/stb/stb_image.h:4052:95: note: ...this statement, but the latter is misleadingly indented as if it is guarded by the ‘for’
CASE(STBI__F_avg_first) cur[k] = STBI__BYTECAST(raw[k] + (cur[k-out_n] >> 1)); break;
^~~~~
../../dependency/stb/stb_image.h:4045:20: warning: this ‘for’ clause does not guard... [-Wmisleading-indentation]
for (k=0; k < img_n; ++k)
^
../../dependency/stb/stb_image.h:4053:13: note: in expansion of macro ‘CASE’
CASE(STBI__F_paeth_first) cur[k] = STBI__BYTECAST(raw[k] + stbi__paeth(cur[k-out_n],0,0)); break;
^~~~
../../dependency/stb/stb_image.h:4053:105: note: ...this statement, but the latter is misleadingly indented as if it is guarded by the ‘for’
CASE(STBI__F_paeth_first) cur[k] = STBI__BYTECAST(raw[k] + stbi__paeth(cur[k-out_n],0,0)); break;
^~~~~
make[2]: *** [cmft_cli.make:204: ../../_build/linux64_gcc/obj/x64/Release/cmft_cli/src/cmft/base/stb_image.o] Error 1
make[1]: *** [Makefile:17: cmft_cli] Error 2
make[1]: Leaving directory '/home/fredrik/ports/cmft/_projects/gmake-linux'
make: *** [Makefile:107: linux-release64] Error 2
input image limit - 268 435 456 pixels does not allow 32K panorama conversion)
23000*11500 max input image resolution is high enough in most cases, but 8K output requires 32K input)
Minor issue. CMFT is amazing - super fast
*latlong to cubemap; tga; bgr8; separate faces; no filters
*maybe due to allocation buffer size
changing uint32_t to uint64_t in "image.cpp" lines: 1573, 1575, 3145, 3146, 3153 helps for resolutions up to 29300*14650 but still issues with higher resolutions
osx build failed
$ make osx-release64
./dependency/bx/tools/bin/darwin/genie --file=scripts/main.lua --gcc=osx gmake
Building configurations...
Running action 'gmake'...
Generating _projects/gmake-osx/Makefile...
Generating _projects/gmake-osx/cmft_cli.make...
Generating _projects/gmake-osx/cmft.make...
Done.
make -R -C _projects/gmake-osx config=release64
==== Building cmft_cli (release64) ====
Creating ../../_build/osx64_clang/bin
Creating ../../_build/osx64_clang/obj/x64/Release/cmft_cli
allocator.cpp
clcontext.cpp
cubemapfilter.cpp
../../src/cmft/cubemapfilter.cpp:2150:54: fatal error: no matching constructor for initialization of 'std::thread'
cpuThreads[activeCpuThreads++] = std::thread(radianceFilterCpu, (void*)&taskList);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/Library/Developer/CommandLineTools/usr/include/c++/v1/thread:391:9: note: candidate constructor template not viable: requires single argument '__f', but 2 arguments
were provided
thread::thread(_Fp __f)
^
/Library/Developer/CommandLineTools/usr/include/c++/v1/thread:286:5: note: candidate constructor not viable: requires 1 argument, but 2 were provided
thread(const thread&);
^
/Library/Developer/CommandLineTools/usr/include/c++/v1/thread:293:5: note: candidate constructor not viable: requires 0 arguments, but 2 were provided
thread() _NOEXCEPT : __t_(0) {}
^
1 error generated.
make[2]: *** [../../_build/osx64_clang/obj/x64/Release/cmft_cli/src/cmft/cubemapfilter.o] Error 1
make[1]: *** [cmft_cli] Error 2
make: *** [osx-release64] Error 2
g++ --version
Configured with: --prefix=/Library/Developer/CommandLineTools/usr --with-gxx-include-dir=/usr/include/c++/4.2.1
Apple LLVM version 9.0.0 (clang-900.0.38)
Target: x86_64-apple-darwin16.7.0
Thread model: posix
InstalledDir: /Library/Developer/CommandLineTools/usr/bin
Do I need brew gnu g++?
Causing Maya crashed when importing dds image generated from cmft
I use this tool to generated a mipmap chain for my irradiance map, and exported as a single DDS file, which can be viewed correctly in pvrTexTool. However, when I try to import the DDS image into Maya, the program crashed immediately. Is there any solution?
Stack buffer overflow in function cmft::rwReadFile
Hi,all.
I use Clang 6.0 and AddressSanitizer to build cmft, this file can cause stack buffer overflow when executing this command:
./cmftRelease --input ./down-reference.ktx --output0 1This is the ASAN information:
==22471==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffdd8490e18 at pc 0x00000049eccc bp 0x7ffdd8490b60 sp 0x7ffdd8490310
WRITE of size 49152 at 0x7ffdd8490e18 thread T0
AddressSanitizer:DEADLYSIGNAL
AddressSanitizer: nested bug in the same thread, aborting.This is the debug information:
#0 __interceptor_fread (ptr=0x7ffffffe4c50, size=1, nmemb=49152,
file=0x616000000080)
at /home/fouzhe/llvm/llvm/projects/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:973
#1 0x000000000054b0a6 in cmft::rwReadFile (_src=0x7ffffffe4f80,
_data=0x7ffffffe4c50, _size=49152) at ../../src/cmft/image.cpp:238
#2 0x00000000005b24b7 in cmft::imageLoadKtx (_image=..., _rw=<optimized out>,
_allocator=0x96bb80 <cmft::g_crtAllocator>) at ../../src/cmft/image.cpp:4587
#3 0x00000000005bcb08 in cmft::imageLoad (_image=..., _rw=<optimized out>,
_convertTo=cmft::TextureFormat::RGBA32F,
_allocator=0x96bb80 <cmft::g_crtAllocator>) at ../../src/cmft/image.cpp:5030
#4 0x00000000005bd53c in cmft::imageLoad (_image=..., _filePath=<optimized out>,
_convertTo=<optimized out>, _allocator=<optimized out>)
at ../../src/cmft/image.cpp:5057
#5 0x0000000000716df0 in cmftMain (_argc=<optimized out>, _argv=<optimized out>)
at ../../src/cmft_cli/cmft_cli.h:895
#6 0x00007ffff6b63830 in __libc_start_main (
main=0x71b6f0 <main(int, char const* const*)>, argc=5, argv=0x7fffffffdd88,
init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>,
stack_end=0x7fffffffdd78) at ../csu/libc-start.c:291
#7 0x000000000041bb29 in _start ()
Typo in RGBM encoding?
Line 2672 in cad5f31
The float m value is overrided in the next line.
According to http://graphicrants.blogspot.com/2009/04/rgbm-color-encoding.html, it should be something like:
rgbm[3] = fsaturate(fmaxf(fmaxf(rgbm[0], rgbm[1]), fmaxf(rgbm[2], 1e-6f)));
float m = ceil(rgbm[3] * 255.0f) / 255.0f;
Please correct me if I'm wrong.
Artifacts at low gloss scales
When outputing to 'latlong' format, I get substantial artifacts when using low gloss scales. Doesn't seem to matter which lighting model I use. The artifacts (vertical bars) get worse as the gloss scale decreases.
Is this a known issue?
Heap buffer overflow on cmft::imageLoadTga
Hi,
Our fuzzer found a crash due to a heap buffer overflow on the function cmft::imageLoadTga. I built cmft (the latest commit 06a3516 on master) using the configuration "release64" on Ubuntu 16.04 (64-bit).
PoC_hbo_imageLoadTga: https://github.com/strongcourage/PoCs/blob/master/cmft_06a3516/PoC_hbo_imageLoadTga
cmftRelease --input PoC_hbo_imageLoadTga --output0 /dev/null
CMFT info: Converting octant image to cubemap.
*** Error in `./cmftRelease': free(): invalid next size (normal): 0x0000000002513ea0 ***
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(+0x777e5)[0x7fd312c387e5]
/lib/x86_64-linux-gnu/libc.so.6(+0x8037a)[0x7fd312c4137a]
/lib/x86_64-linux-gnu/libc.so.6(cfree+0x4c)[0x7fd312c4553c]
./cmftRelease[0x41dbc1]
./cmftRelease[0x41812a]
./cmftRelease[0x43cc05]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf0)[0x7fd312be1830]
./cmftRelease[0x402269]
======= Memory map: ========
00400000-0044e000 r-xp 00000000 103:01 3678247 /home/dungnguyen/PoCs/cmft_06a3516/cmftRelease
0064d000-0064e000 r--p 0004d000 103:01 3678247 /home/dungnguyen/PoCs/cmft_06a3516/cmftRelease
0064e000-0064f000 rw-p 0004e000 103:01 3678247 /home/dungnguyen/PoCs/cmft_06a3516/cmftRelease
0064f000-006a2000 rw-p 00000000 00:00 0
02501000-02533000 rw-p 00000000 00:00 0 [heap]
7fd30c000000-7fd30c021000 rw-p 00000000 00:00 0
7fd30c021000-7fd310000000 ---p 00000000 00:00 0
7fd312bc1000-7fd312d81000 r-xp 00000000 103:03 4718690 /lib/x86_64-linux-gnu/libc-2.23.so
7fd312d81000-7fd312f81000 ---p 001c0000 103:03 4718690 /lib/x86_64-linux-gnu/libc-2.23.so
7fd312f81000-7fd312f85000 r--p 001c0000 103:03 4718690 /lib/x86_64-linux-gnu/libc-2.23.so
7fd312f85000-7fd312f87000 rw-p 001c4000 103:03 4718690 /lib/x86_64-linux-gnu/libc-2.23.so
7fd312f87000-7fd312f8b000 rw-p 00000000 00:00 0
7fd312f8b000-7fd312fa1000 r-xp 00000000 103:03 4723208 /lib/x86_64-linux-gnu/libgcc_s.so.1
7fd312fa1000-7fd3131a0000 ---p 00016000 103:03 4723208 /lib/x86_64-linux-gnu/libgcc_s.so.1
7fd3131a0000-7fd3131a1000 rw-p 00015000 103:03 4723208 /lib/x86_64-linux-gnu/libgcc_s.so.1
7fd3131a1000-7fd3132a9000 r-xp 00000000 103:03 4723188 /lib/x86_64-linux-gnu/libm-2.23.so
7fd3132a9000-7fd3134a8000 ---p 00108000 103:03 4723188 /lib/x86_64-linux-gnu/libm-2.23.so
7fd3134a8000-7fd3134a9000 r--p 00107000 103:03 4723188 /lib/x86_64-linux-gnu/libm-2.23.so
7fd3134a9000-7fd3134aa000 rw-p 00108000 103:03 4723188 /lib/x86_64-linux-gnu/libm-2.23.so
7fd3134aa000-7fd31361c000 r-xp 00000000 103:03 5376129 /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21
7fd31361c000-7fd31381c000 ---p 00172000 103:03 5376129 /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21
7fd31381c000-7fd313826000 r--p 00172000 103:03 5376129 /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21
7fd313826000-7fd313828000 rw-p 0017c000 103:03 5376129 /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21
7fd313828000-7fd31382c000 rw-p 00000000 00:00 0
7fd31382c000-7fd313844000 r-xp 00000000 103:03 4718677 /lib/x86_64-linux-gnu/libpthread-2.23.so
7fd313844000-7fd313a43000 ---p 00018000 103:03 4718677 /lib/x86_64-linux-gnu/libpthread-2.23.so
7fd313a43000-7fd313a44000 r--p 00017000 103:03 4718677 /lib/x86_64-linux-gnu/libpthread-2.23.so
7fd313a44000-7fd313a45000 rw-p 00018000 103:03 4718677 /lib/x86_64-linux-gnu/libpthread-2.23.so
7fd313a45000-7fd313a49000 rw-p 00000000 00:00 0
7fd313a49000-7fd313a4c000 r-xp 00000000 103:03 4718675 /lib/x86_64-linux-gnu/libdl-2.23.so
7fd313a4c000-7fd313c4b000 ---p 00003000 103:03 4718675 /lib/x86_64-linux-gnu/libdl-2.23.so
7fd313c4b000-7fd313c4c000 r--p 00002000 103:03 4718675 /lib/x86_64-linux-gnu/libdl-2.23.so
7fd313c4c000-7fd313c4d000 rw-p 00003000 103:03 4718675 /lib/x86_64-linux-gnu/libdl-2.23.so
7fd313c4d000-7fd313c54000 r-xp 00000000 103:03 4718609 /lib/x86_64-linux-gnu/librt-2.23.so
7fd313c54000-7fd313e53000 ---p 00007000 103:03 4718609 /lib/x86_64-linux-gnu/librt-2.23.so
7fd313e53000-7fd313e54000 r--p 00006000 103:03 4718609 /lib/x86_64-linux-gnu/librt-2.23.so
7fd313e54000-7fd313e55000 rw-p 00007000 103:03 4718609 /lib/x86_64-linux-gnu/librt-2.23.so
7fd313e55000-7fd313e7b000 r-xp 00000000 103:03 4718676 /lib/x86_64-linux-gnu/ld-2.23.so
7fd31404a000-7fd314051000 rw-p 00000000 00:00 0
7fd314079000-7fd31407a000 rw-p 00000000 00:00 0
7fd31407a000-7fd31407b000 r--p 00025000 103:03 4718676 /lib/x86_64-linux-gnu/ld-2.23.so
7fd31407b000-7fd31407c000 rw-p 00026000 103:03 4718676 /lib/x86_64-linux-gnu/ld-2.23.so
7fd31407c000-7fd31407d000 rw-p 00000000 00:00 0
7ffe419b8000-7ffe419da000 rw-p 00000000 00:00 0 [stack]
7ffe419dd000-7ffe419e0000 r--p 00000000 00:00 0 [vvar]
7ffe419e0000-7ffe419e2000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Aborted
ASAN says:
cmftRelease-asan --input PoC_hbo_imageLoadTga --output0 /dev/null
=================================================================
==18117==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60400000e000 at pc 0x7f26c41d7904 bp 0x7fff6b3bb500 sp 0x7fff6b3baca8
WRITE of size 3 at 0x60400000e000 thread T0
#0 0x7f26c41d7903 in __asan_memcpy (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x8c903)
#1 0x434027 in memcpy /usr/include/x86_64-linux-gnu/bits/string3.h:53
#2 0x434027 in cmft::imageLoadTga(cmft::Image&, cmft::Rw*, cmft::AllocatorI*) ../../src/cmft/image.cpp:4942
#3 0x4344b3 in cmft::imageLoad(cmft::Image&, cmft::Rw*, cmft::TextureFormat::Enum, cmft::AllocatorI*) ../../src/cmft/image.cpp:5039
#4 0x4348a9 in cmft::imageLoad(cmft::Image&, char const*, cmft::TextureFormat::Enum, cmft::AllocatorI*) ../../src/cmft/image.cpp:5062
#5 0x475600 in cmftMain(int, char const* const*) ../../src/cmft_cli/cmft_cli.h:895
#6 0x7f26c2ed782f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
#7 0x403608 in _start (/home/dungnguyen/PoCs/cmft_06a3516/cmftRelease-asan+0x403608)
0x60400000e000 is located 0 bytes to the right of 48-byte region [0x60400000dfd0,0x60400000e000)
allocated by thread T0 here:
#0 0x7f26c41e3602 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x98602)
#1 0x433f18 in cmft::imageLoadTga(cmft::Image&, cmft::Rw*, cmft::AllocatorI*) ../../src/cmft/image.cpp:4899
SUMMARY: AddressSanitizer: heap-buffer-overflow ??:0 __asan_memcpy
Shadow bytes around the buggy address:
0x0c087fff9bb0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c087fff9bc0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c087fff9bd0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c087fff9be0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c087fff9bf0: fa fa fa fa fa fa fa fa fa fa 00 00 00 00 00 00
=>0x0c087fff9c00:[fa]fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c087fff9c10: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c087fff9c20: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c087fff9c30: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c087fff9c40: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c087fff9c50: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Heap right redzone: fb
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack partial redzone: f4
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
==18117==ABORTING
Thanks,
Manh Dung
stack-buffer-overflow
Hello.
I found a stack-buffer-overflow bug in cmft.
Please confirm.
Thanks.
OS: CentOS 7 64bit
Version: commit 4fe3a34
PoC Download: poc.zip
Steps to reproduce:
1.Download the .POC files.
2.Execute the following command
: ./cmft --input $FILE --output0 /dev/null
==2406== Invalid read of size 4
==2406== at 0x5DDA881: fseeko (fseeko.c:35)
==2406== by 0x10B41B: cmft::rwSeekFile(cmft::Rw*, long, cmft::Whence::Enum) (image.cpp:198)
==2406== by 0x116A2D: cmft::imageLoadKtx(cmft::Image&, cmft::Rw*, cmft::AllocatorI*) (image.cpp:4606)
==2406== by 0xFFFFFFFFFFFFFFFE: ???
==2406== by 0xFFFFFFFFFFFFFFFE: ???
==2406== by 0xFFFFFFFFFFFFFFFE: ???
==2406== by 0xFFFFFFFFFFFFFFFE: ???
==2406== by 0xFFFFFFFFFFFFFFFE: ???
==2406== by 0xFFFFFFFFFFFFFFFE: ???
==2406== by 0xFFFFFFFFFFFFFFFE: ???
==2406== by 0xFFFFFFFFFFFFFFFE: ???
==2406== by 0xFFFFFFFFFFFFFFFE: ???
==2406== Address 0xffffffffffffffff is not stack'd, malloc'd or (recently) free'd
==2406==
==2406==
==2406== Process terminating with default action of signal 11 (SIGSEGV)
==2406== Access not within mapped region at address 0xFFFFFFFFFFFFFFFF
==2406== at 0x5DDA881: fseeko (fseeko.c:35)
==2406== by 0x10B41B: cmft::rwSeekFile(cmft::Rw*, long, cmft::Whence::Enum) (image.cpp:198)
==2406== by 0x116A2D: cmft::imageLoadKtx(cmft::Image&, cmft::Rw*, cmft::AllocatorI*) (image.cpp:4606)
==2406== by 0xFFFFFFFFFFFFFFFE: ???
==2406== by 0xFFFFFFFFFFFFFFFE: ???
==2406== by 0xFFFFFFFFFFFFFFFE: ???
==2406== by 0xFFFFFFFFFFFFFFFE: ???
==2406== by 0xFFFFFFFFFFFFFFFE: ???
==2406== by 0xFFFFFFFFFFFFFFFE: ???
==2406== by 0xFFFFFFFFFFFFFFFE: ???
==2406== by 0xFFFFFFFFFFFFFFFE: ???
==2406== by 0xFFFFFFFFFFFFFFFE: ???
Heap Corruption when creating RGB16F images?
It seems that the following code triggers a Debug Error: HEAP CORRUPTION DETECTED (at least it does in Visual Studio) :
cmft::Image output;
cmft::imageCreate( output, 512, 512, 0x0, 1, 1, cmft::TextureFormat::RGB16F );
cmft::imageUnload( output );I've not found the culprit yet, but could it have anything to do with the fact that imageCreate assumes the texture format to have 4 channels? The weird thing is that it also seems to be exclusive to RGB16F because other 3 channels formats I've tried don't seem to produce this error.
I'm doing some tests with application verifier and windbg but can't seem to find the leak yet (if there is any). I'll send a PR if I do find something!
KTX roundng
Thanks for an excellent tool. I am using it in the cubemap examples for my Vulkan helper library, Vookoo.
I have seen a potential bug in the KTX write code when rounding is following
GL_UNPACK_ALIGNMENT
The image size does not seem to take account of the change in row pitch due to rounding and reports a smaller value that required. This may just be a misunderstanding of the KTX format, so please ignore
this if it is an incorrect assumption.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.