diff mbox

[FFmpeg-devel] vp4: prevent unaligned memory access in loop filter

Message ID b2f31e5ab70f7da8251768f1e851d19aa1eb6adf.1561067349.git.pross@xvid.org
State Accepted
Commit fd172185580c1ccdcfb90bbfdb59fa806fad3117
Headers show

Commit Message

Peter Ross June 20, 2019, 9:52 p.m. UTC 
VP4 applies a loop filter during motion compensation, causing the block offset
will often by unaligned. This produces a bus error on some platforms, namely
ARMv7 NEON.

This patch adds a unaligned version of the loop filter function pointer
to VP3DSPContext.

Reported-by: Mike Melanson <mike@multimedia.cx>
---
 libavcodec/vp3.c             | 10 ++++++++--
 libavcodec/vp3dsp.c          |  4 ++--
 libavcodec/vp3dsp.h          |  2 ++
 libavcodec/x86/vp3dsp_init.c |  4 ++--
 4 files changed, 14 insertions(+), 6 deletions(-)

Comments

Michael Niedermayer Oct. 30, 2019, 9:09 a.m. UTC | #1 
On Fri, Jun 21, 2019 at 07:52:31AM +1000, Peter Ross wrote:
> VP4 applies a loop filter during motion compensation, causing the block offset
> will often by unaligned. This produces a bus error on some platforms, namely
> ARMv7 NEON.
> 
> This patch adds a unaligned version of the loop filter function pointer
> to VP3DSPContext.
> 
> Reported-by: Mike Melanson <mike@multimedia.cx>
> ---
>  libavcodec/vp3.c             | 10 ++++++++--
>  libavcodec/vp3dsp.c          |  4 ++--
>  libavcodec/vp3dsp.h          |  2 ++
>  libavcodec/x86/vp3dsp_init.c |  4 ++--
>  4 files changed, 14 insertions(+), 6 deletions(-)

will apply

thx

[...]
diff mbox

Patch

diff --git a/libavcodec/vp3.c b/libavcodec/vp3.c
index a6f759ebf5..822d95b4e9 100644
--- a/libavcodec/vp3.c
+++ b/libavcodec/vp3.c
@@ -2025,11 +2025,17 @@  static int vp4_mc_loop_filter(Vp3DecodeContext *s, int plane, int motion_x, int
              plane_width,
              plane_height);
 
+#define safe_loop_filter(name, ptr, stride, bounding_values) \
+    if ((uintptr_t)(ptr) & 7) \
+        s->vp3dsp.name##_unaligned(ptr, stride, bounding_values); \
+    else \
+        s->vp3dsp.name(ptr, stride, bounding_values);
+
         if (x_offset)
-            s->vp3dsp.h_loop_filter(loop + loop_stride + x_offset + 1, loop_stride, bounding_values);
+            safe_loop_filter(h_loop_filter, loop + loop_stride + x_offset + 1, loop_stride, bounding_values);
 
         if (y_offset)
-            s->vp3dsp.v_loop_filter(loop + (y_offset + 1)*loop_stride + 1, loop_stride, bounding_values);
+            safe_loop_filter(v_loop_filter, loop + (y_offset + 1)*loop_stride + 1, loop_stride, bounding_values);
     }
 
     for (i = 0; i < 9; i++)
diff --git a/libavcodec/vp3dsp.c b/libavcodec/vp3dsp.c
index ac4c57441c..f485fba1f6 100644
--- a/libavcodec/vp3dsp.c
+++ b/libavcodec/vp3dsp.c
@@ -449,8 +449,8 @@  av_cold void ff_vp3dsp_init(VP3DSPContext *c, int flags)
     c->idct_put      = vp3_idct_put_c;
     c->idct_add      = vp3_idct_add_c;
     c->idct_dc_add   = vp3_idct_dc_add_c;
-    c->v_loop_filter = vp3_v_loop_filter_8_c;
-    c->h_loop_filter = vp3_h_loop_filter_8_c;
+    c->v_loop_filter = c->v_loop_filter_unaligned = vp3_v_loop_filter_8_c;
+    c->h_loop_filter = c->h_loop_filter_unaligned = vp3_h_loop_filter_8_c;
 
     if (ARCH_ARM)
         ff_vp3dsp_init_arm(c, flags);
diff --git a/libavcodec/vp3dsp.h b/libavcodec/vp3dsp.h
index 32b2cad0ef..3b849ec05d 100644
--- a/libavcodec/vp3dsp.h
+++ b/libavcodec/vp3dsp.h
@@ -43,6 +43,8 @@  typedef struct VP3DSPContext {
     void (*idct_dc_add)(uint8_t *dest, ptrdiff_t stride, int16_t *block);
     void (*v_loop_filter)(uint8_t *src, ptrdiff_t stride, int *bounding_values);
     void (*h_loop_filter)(uint8_t *src, ptrdiff_t stride, int *bounding_values);
+    void (*v_loop_filter_unaligned)(uint8_t *src, ptrdiff_t stride, int *bounding_values);
+    void (*h_loop_filter_unaligned)(uint8_t *src, ptrdiff_t stride, int *bounding_values);
 } VP3DSPContext;
 
 void ff_vp3dsp_v_loop_filter_12(uint8_t *first_pixel, ptrdiff_t stride, int *bounding_values);
diff --git a/libavcodec/x86/vp3dsp_init.c b/libavcodec/x86/vp3dsp_init.c
index 1ba9576431..ba47e1c6cd 100644
--- a/libavcodec/x86/vp3dsp_init.c
+++ b/libavcodec/x86/vp3dsp_init.c
@@ -59,8 +59,8 @@  av_cold void ff_vp3dsp_init_x86(VP3DSPContext *c, int flags)
         c->idct_dc_add = ff_vp3_idct_dc_add_mmxext;
 
         if (!(flags & AV_CODEC_FLAG_BITEXACT)) {
-            c->v_loop_filter = ff_vp3_v_loop_filter_mmxext;
-            c->h_loop_filter = ff_vp3_h_loop_filter_mmxext;
+            c->v_loop_filter = c->v_loop_filter_unaligned = ff_vp3_v_loop_filter_mmxext;
+            c->h_loop_filter = c->v_loop_filter_unaligned = ff_vp3_h_loop_filter_mmxext;
         }
     }