[FFmpeg-devel] [PATCH] vp4: prevent unaligned memory access in loop filter
Peter Ross
pross at xvid.org
Fri Jun 21 00:52:31 EEST 2019
VP4 applies a loop filter during motion compensation, causing the block offset
will often by unaligned. This produces a bus error on some platforms, namely
ARMv7 NEON.
This patch adds a unaligned version of the loop filter function pointer
to VP3DSPContext.
Reported-by: Mike Melanson <mike at multimedia.cx>
---
libavcodec/vp3.c | 10 ++++++++--
libavcodec/vp3dsp.c | 4 ++--
libavcodec/vp3dsp.h | 2 ++
libavcodec/x86/vp3dsp_init.c | 4 ++--
4 files changed, 14 insertions(+), 6 deletions(-)
diff --git a/libavcodec/vp3.c b/libavcodec/vp3.c
index a6f759ebf5..822d95b4e9 100644
--- a/libavcodec/vp3.c
+++ b/libavcodec/vp3.c
@@ -2025,11 +2025,17 @@ static int vp4_mc_loop_filter(Vp3DecodeContext *s, int plane, int motion_x, int
plane_width,
plane_height);
+#define safe_loop_filter(name, ptr, stride, bounding_values) \
+ if ((uintptr_t)(ptr) & 7) \
+ s->vp3dsp.name##_unaligned(ptr, stride, bounding_values); \
+ else \
+ s->vp3dsp.name(ptr, stride, bounding_values);
+
if (x_offset)
- s->vp3dsp.h_loop_filter(loop + loop_stride + x_offset + 1, loop_stride, bounding_values);
+ safe_loop_filter(h_loop_filter, loop + loop_stride + x_offset + 1, loop_stride, bounding_values);
if (y_offset)
- s->vp3dsp.v_loop_filter(loop + (y_offset + 1)*loop_stride + 1, loop_stride, bounding_values);
+ safe_loop_filter(v_loop_filter, loop + (y_offset + 1)*loop_stride + 1, loop_stride, bounding_values);
}
for (i = 0; i < 9; i++)
diff --git a/libavcodec/vp3dsp.c b/libavcodec/vp3dsp.c
index ac4c57441c..f485fba1f6 100644
--- a/libavcodec/vp3dsp.c
+++ b/libavcodec/vp3dsp.c
@@ -449,8 +449,8 @@ av_cold void ff_vp3dsp_init(VP3DSPContext *c, int flags)
c->idct_put = vp3_idct_put_c;
c->idct_add = vp3_idct_add_c;
c->idct_dc_add = vp3_idct_dc_add_c;
- c->v_loop_filter = vp3_v_loop_filter_8_c;
- c->h_loop_filter = vp3_h_loop_filter_8_c;
+ c->v_loop_filter = c->v_loop_filter_unaligned = vp3_v_loop_filter_8_c;
+ c->h_loop_filter = c->h_loop_filter_unaligned = vp3_h_loop_filter_8_c;
if (ARCH_ARM)
ff_vp3dsp_init_arm(c, flags);
diff --git a/libavcodec/vp3dsp.h b/libavcodec/vp3dsp.h
index 32b2cad0ef..3b849ec05d 100644
--- a/libavcodec/vp3dsp.h
+++ b/libavcodec/vp3dsp.h
@@ -43,6 +43,8 @@ typedef struct VP3DSPContext {
void (*idct_dc_add)(uint8_t *dest, ptrdiff_t stride, int16_t *block);
void (*v_loop_filter)(uint8_t *src, ptrdiff_t stride, int *bounding_values);
void (*h_loop_filter)(uint8_t *src, ptrdiff_t stride, int *bounding_values);
+ void (*v_loop_filter_unaligned)(uint8_t *src, ptrdiff_t stride, int *bounding_values);
+ void (*h_loop_filter_unaligned)(uint8_t *src, ptrdiff_t stride, int *bounding_values);
} VP3DSPContext;
void ff_vp3dsp_v_loop_filter_12(uint8_t *first_pixel, ptrdiff_t stride, int *bounding_values);
diff --git a/libavcodec/x86/vp3dsp_init.c b/libavcodec/x86/vp3dsp_init.c
index 1ba9576431..ba47e1c6cd 100644
--- a/libavcodec/x86/vp3dsp_init.c
+++ b/libavcodec/x86/vp3dsp_init.c
@@ -59,8 +59,8 @@ av_cold void ff_vp3dsp_init_x86(VP3DSPContext *c, int flags)
c->idct_dc_add = ff_vp3_idct_dc_add_mmxext;
if (!(flags & AV_CODEC_FLAG_BITEXACT)) {
- c->v_loop_filter = ff_vp3_v_loop_filter_mmxext;
- c->h_loop_filter = ff_vp3_h_loop_filter_mmxext;
+ c->v_loop_filter = c->v_loop_filter_unaligned = ff_vp3_v_loop_filter_mmxext;
+ c->h_loop_filter = c->v_loop_filter_unaligned = ff_vp3_h_loop_filter_mmxext;
}
}
--
2.20.1
-- Peter
(A907 E02F A6E5 0CD2 34CD 20D2 6760 79C5 AC40 DD6B)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20190621/cb950e6c/attachment.sig>
More information about the ffmpeg-devel
mailing list