This fixes out of array reads and/or infinite loops.
30 is the maximum number of bits that can be read into
coeff_abs below.
CC: libav-stable@libav.org
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Martin Storsjö <martin@martin.st>
* commit '277ff7f5dc134f1c2dfc4ea0ef3540340482e3d2':
lavu: move internal define to the only places where it is used
Conflicts:
libavcodec/h264_cabac.c
libavutil/internal.h
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* commit '23e85be58fc64b2e804e68b0034a08a6d257e523':
h264: add a parameter to the CHROMA444 macro.
h264: add a parameter to the CHROMA422 macro.
Conflicts:
libavcodec/h264.c
libavcodec/h264.h
libavcodec/h264_cavlc.c
libavcodec/h264_loopfilter.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* commit '6d2b6f21eb45ffbda1103c772060303648714832':
h264: add a parameter to the CABAC macro.
h264: add a parameter to the FIELD_OR_MBAFF_PICTURE macro.
Conflicts:
libavcodec/h264.c
libavcodec/h264_cabac.c
libavcodec/h264_cavlc.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* commit '7fa00653a550c0d24b3951c0f9fed6350ecf5ce4':
h264: add a parameter to the FIELD_PICTURE macro.
h264: add a parameter to the FRAME_MBAFF macro.
Conflicts:
libavcodec/h264.c
libavcodec/h264_loopfilter.c
libavcodec/h264_refs.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* commit 'da6be8fcec16a94d8084bda8bb8a0a411a96bcf7':
h264: add a parameter to the MB_FIELD macro.
h264: add a parameter to the MB_MBAFF macro.
Conflicts:
libavcodec/h264.c
libavcodec/h264_cabac.c
libavcodec/h264_cavlc.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
Instead, keep them in the bitstream buffer until we read them verbatim,
this saves a memcpy() and a subsequent clearing of the target buffer.
decode_cabac+decode_mb for a sample file (CAPM3_Sony_D.jsv) goes from
6121.4 to 6095.5 cycles, i.e. 26 cycles faster.
Signed-off-by: Martin Storsjö <martin@martin.st>
Instead, keep them in the bitstream buffer until we read them verbatim,
this saves a memcpy() and a subsequent clearing of the target buffer.
decode_cabac+decode_mb for a sample file (CAPM3_Sony_D.jsv) goes from
6121.4 to 6095.5 cycles, i.e. 26 cycles faster.
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Most of the changes are just trivial are just trivial replacements of
fields from MpegEncContext with equivalent fields in H264Context.
Everything in h264* other than h264.c are those trivial changes.
The nontrivial parts are:
1) extracting a simplified version of the frame management code from
mpegvideo.c. We don't need last/next_picture anymore, since h264 uses
its own more complex system already and those were set only to appease
the mpegvideo parts.
2) some tables that need to be allocated/freed in appropriate places.
3) hwaccels -- mostly trivial replacements.
for dxva, the draw_horiz_band() call is moved from
ff_dxva2_common_end_frame() to per-codec end_frame() callbacks,
because it's now different for h264 and MpegEncContext-based
decoders.
4) svq3 -- it does not use h264 complex reference system, so I just
added some very simplistic frame management instead and dropped the
use of ff_h264_frame_start(). Because of this I also had to move some
initialization code to svq3.
Additional fixes for chroma format and bit depth changes by
Janne Grunau <janne-libav@jannau.net>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
The variable is copied to subsequent threads at the same time, so this
may cause wrong ref_count[] values to be copied to subsequent threads.
This bug was found using TSAN and Helgrind.
Original patch by Ronald, adapted with a local_ref_count by Clément,
following the suggestion of Michael Niedermayer.
Signed-off-by: Clément Bœsch <clement.boesch@smartjog.com>
* qatar/master:
log: Only include unistd.h if configure found it
ape: create audio stream before reading tags.
mov: make a length variable larger.
image2: Add "start_number" private option to the demuxer
image2: Add "start_number" private option to the muxer
avconv: remove a forgotten debugging printf.
avconv: use more descriptive names for hardcoded filters.
avconv: remove redundant handling of async.
doc/filters: fix typo.
h264: use asm cabac reader under a generic condition
Conflicts:
ffmpeg.c
libavformat/img2dec.c
libavformat/img2enc.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
This removes a dependency on implementation details from generic
code and allows easy addition of the equivalent optimisation for
other architectures than x86.
Signed-off-by: Mans Rullgard <mans@mansr.com>
This adds a hand-optimized assembly version for get_cabac much like the
existing one, but it works if the table offsets are RIP-relative.
Compared to the non-RIP-relative version this adds 2 lea instructions
and it needs one extra register.
There is a surprisingly large performance improvement over the c version (more
so than the generated assembly seems to suggest) just in get_cabac, I measured
roughly 40% faster for get_cabac on a K8. However, overall the difference is
not that big, I measured roughly 5% on a test clip on a K8 and a Core2.
Hopefully it still compiles on x86 32bit...
Now that only one table is used, there's some chance even darwin as compiles
this (apparently the label arithmetic used previously doesn't work if it
involves symbols defined in a different file, thanks to Ronald S. Bultje for
helping me with this).
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
The reason is this is easier for PIC code (in particular on darwin...).
Keep the old names as pointers (static in cabac_functions.h so gcc
knows these are just immediate offsets) so the c code can nicely stay the same
(alternatively could use offsets directly in the functions needing the
tables). This should produce the same code as before with non-pic and better
code (confirmed) with pic.
The assembly uses the new table but still won't work for PIC case.
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
This adds a hand-optimized assembly version for get_cabac much like the
existing one, but it works if the table offsets are RIP-relative.
Compared to the non-RIP-relative version this adds 2 lea instructions
and it needs one extra register. get_cabac() gets about 40% faster, for
an overall speedup of about 5%.
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
The reason is this is easier for PIC code (in particular on darwin...).
Keep the old names as pointers (static in cabac_functions.h so gcc
knows these are just immediate offsets) so the c code can nicely stay the same
(alternatively could use offsets directly in the functions needing the
tables). This should produce the same code as before with non-pic and better
code (confirmed) with pic.
The assembly uses the new table but still won't work for PIC case.
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
This adds a hand-optimized assembly version for get_cabac much like the
existing one, but it works if the table offsets are RIP-relative.
Compared to the non-RIP-relative version this adds 2 lea instructions
and it needs one extra register.
There is a surprisingly large performance improvement over the c version (more
so than the generated assembly seems to suggest) just in get_cabac, I measured
roughly 40% faster for get_cabac on a K8. However, overall the difference is
not that big, I measured roughly 5% on a test clip on a K8 and a Core2.
Hopefully it still compiles on x86 32bit...
v2: incorporated feedback from Loren Merritt to avoid rip-relative movs
for every table, and got rid of unnecessary @GOTPCREL.
v3: apply similar fixes to the the decode_significance functions, and use
same macro arguments for non-pic case.
v4: prettify inline asm arguments, add a non-fast-cmov version (as I expect
the c code to be faster otherwise since both cmov and sbb suck hard on a
Prescott, even can't construct the mask with a 64bit shift as that's just as
terrible - it's quite difficult to find usable instructions on that chip...).
This is tested to work but not on a P4, in theory it _should_ be fast there.
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
* qatar/master:
h264: Factorize declaration of mb_sizes array.
vsrc_buffer: when no frame is available, return an error instead of segfaulting.
configure: add dl to frei0r extralibs.
dsputil x86: use SSE float instruction instead of SSE2 integer equivalent
dsputil x86: remove deprecated parameter from scalarproduct_int16 prototype
vp8dsp x86: perform rounding shift with a single instruction
fate: add BMP tests.
swscale: handle complete dimensions for monoblack/white.
aacenc: Mark deinterleave_input_samples argument as const.
vf_unsharp: Mark readonly variable as const.
h264: fix 4:2:2 PCM-macroblocks decoding
Conflicts:
configure
libavcodec/h264.h
libavcodec/x86/dsputil_mmx.c
libavfilter/vf_unsharp.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* qatar/master: (58 commits)
amrnbdec: check frame size before decoding.
cscd: use negative error values to indicate decode_init() failures.
h264: prevent overreads in intra PCM decoding.
FATE: do not decode audio in the nuv test.
dxa: set audio stream time base using the sample rate
psx-str: do not allow seeking by bytes
asfdec: Do not set AVCodecContext.frame_size
vqf: set packet parameters after av_new_packet()
mpegaudiodec: use DSPUtil.butterflies_float().
FATE: add mp3 test for sample that exhibited false overreads
fate: add cdxl test for bit line plane arrangement
vmnc: return error on decode_init() failure.
libvorbis: add/update error messages
libvorbis: use AVFifoBuffer for output packet buffer
libvorbis: remove unneeded e_o_s check
libvorbis: check return values for functions that can return errors
libvorbis: use float input instead of s16
libvorbis: do not flush libvorbis analysis if dsp state was not initialized
libvorbis: use VBR by default, with default quality of 3
libvorbis: fix use of minrate/maxrate AVOptions
...
Conflicts:
Changelog
doc/APIchanges
libavcodec/avcodec.h
libavcodec/dpxenc.c
libavcodec/libvorbis.c
libavcodec/vmnc.c
libavformat/asfdec.c
libavformat/id3v2enc.c
libavformat/internal.h
libavformat/mp3enc.c
libavformat/utils.c
libavformat/version.h
libswscale/utils.c
tests/fate/video.mak
tests/ref/fate/nuv
tests/ref/fate/prores-alpha
tests/ref/lavf/ffm
tests/ref/vsynth1/prores
tests/ref/vsynth2/prores
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* qatar/master: (38 commits)
v210enc: remove redundant check for pix_fmt
wavpack: allow user to disable CRC checking
v210enc: Use Bytestream2 functions
cafdec: Check return value of avio_seek and avoid modifying state if it fails
yop: Check return value of avio_seek and avoid modifying state if it fails
tta: Check return value of avio_seek and avoid modifying state if it fails
tmv: Check return value of avio_seek and avoid modifying state if it fails
r3d: Check return value of avio_seek and avoid modifying state if it fails
nsvdec: Check return value of avio_seek and avoid modifying state if it fails
mpc8: Check return value of avio_seek and avoid modifying state if it fails
jvdec: Check return value of avio_seek and avoid modifying state if it fails
filmstripdec: Check return value of avio_seek and avoid modifying state if it fails
ffmdec: Check return value of avio_seek and avoid modifying state if it fails
dv: Check return value of avio_seek and avoid modifying state if it fails
bink: Check return value of avio_seek and avoid modifying state if it fails
Check AVCodec.pix_fmts in avcodec_open2()
svq3: Prevent illegal reads while parsing extradata.
remove ParseContext1
vc1: use ff_parse_close
mpegvideo parser: move specific fields into private context
...
Conflicts:
libavcodec/4xm.c
libavcodec/aacdec.c
libavcodec/h264.c
libavcodec/h264.h
libavcodec/h264_cabac.c
libavcodec/h264_cavlc.c
libavcodec/mpeg4video_parser.c
libavcodec/svq3.c
libavcodec/v210enc.c
libavformat/cafdec.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
Conversion of the luma intra prediction mode to one of the constrained
("alzheimer") ones can happen by crafting special bitstreams, causing
a crash because we'll call a NULL function pointer for 16x16 block intra
prediction, since constrained intra prediction functions are only
implemented for chroma (8x8 blocks).
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
* qatar/master:
FATE: add tests for targa
ARM: fix Thumb-mode simple_idct_arm
ARM: 4-byte align start of all asm functions
rgb2rgb: rgb12to15()
swscale-test: fix stack overread.
swscale: fix invalid conversions and memory problems.
cabac: split cabac.h into declarations and function definitions
cabac: Mark ff_h264_mps_state array as static, it is only used within cabac.c.
cabac: Remove ff_h264_lps_state array.
Conflicts:
libswscale/rgb2rgb.h
libswscale/swscale_unscaled.c
tests/fate/image.mak
Merged-by: Michael Niedermayer <michaelni@gmx.at>
This fixes standalone compilation of some decoders with --disable-optimizations.
cabac.h defines some inline functions that use symbols from cabac.c. Without
optimizations these inline functions are not eliminated and linking fails with
references to non-existing symbols.
Splitting the inline functions off into their own header and only #including
it in the places where the inline functions are used allows #including cabac.h
from anywhere without ill effects.
* qatar/master:
mpegvideo_enc: K&R cosmetics
doxygen: remove unreplaced variables from custom header and footer
threads: test for sys/param.h and include it for sysctl on OpenBSD
v4l2: remove unneded linux specific asm/types.h include
x86: Fix constraints for decode_significance*_x86
Conflicts:
libavcodec/mpegvideo_enc.c
libavdevice/v4l2.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
Originally, prior to 8742a4ff8, the caller code was compiled
within this condition:
ARCH_X86 && HAVE_7REGS && HAVE_EBX_AVAILABLE && !defined(BROKEN_RELOCATIONS)
Since HAVE_7REGS is defined as
(ARCH_X86_64 || (HAVE_EBX_AVAILABLE && HAVE_EBP_AVAILABLE))
the subcondition HAVE_7REGS && HAVE_EBX_AVAILABLE is equal
to HAVE_7REGS (for 32 bit at least). The correct simplification
of the original condition thus is HAVE_7REGS, not
HAVE_EBX_AVAILABLE.
This fixes compilation in some cases where HAVE_EBP_AVAILABLE = 0
and HAVE_EBX_AVAILABLE = 1.
Signed-off-by: Martin Storsjö <martin@martin.st>
* qatar/master: (27 commits)
asfdec: add side data to ASFStream packet instead of output packet.
idroqdec: set AVFMTCTX_NOHEADER and create streams as they occur.
nellymoserdec: Indicate that the decoder can handle changed parameters
libavcodec: Apply parameter change side data when decoding audio
flvdec: Add param change side data if the sample rate or channels have changed
libavformat: Add a utility function for adding parameter change side data
libavcodec: Define a side data type for parameter changes
aacdec: Handle new extradata passed as side data
flvdec: Export new AAC/H.264 extradata as side data on the next packet
libavcodec: Define a side data type for new extradata
flacdec: skip all track indices at once instead of looping.
mxf: Add PictureEssenceCoding UL for V210.
mxfdec: consider QuantizationBits between 17 and 24 to be pcm_s24*
mxfenc: Add support for MPEG-2 MP@HL-14 in mxf container.
mxf: H.264/MPEG-4 AVC Intra support
configure: Show whether the safe bitstream reader is enabled
x86: Tighten register constraints for decode_significance*_x86.
Replace Subversion revisions in comments by Git hashes.
h264_cabac: synchronize decode_significance_*_x86 conditionals
w32threads: wait for the waked thread in pthread_cond_signal.
...
Conflicts:
libavcodec/avcodec.h
libavcodec/version.h
libavformat/flvdec.c
libavformat/utils.c
tests/ref/lavfi/pixdesc
tests/ref/lavfi/pixfmts_copy
tests/ref/lavfi/pixfmts_null
tests/ref/lavfi/pixfmts_scale
tests/ref/lavfi/pixfmts_vflip
Merged-by: Michael Niedermayer <michaelni@gmx.at>
On 32-bit OS X with gcc 4.0/4.2 and shared libraries enabled, the ebx register
is not available, but required to assemble the functions.
This reverts commit 8742a4f to a simplified version of the original constraints.
* qatar/master:
ulti: Fix invalid reads
lavf: dealloc private options in av_write_trailer
yadif: support 10bit YUV
vc1: mark with ER_MB_ERROR bits overconsumption
lavc: introduce ER_MB_END and ER_MB_ERROR
error_resilience: use the ER_ namespace
build: move inclusion of subdir.mak to main subdir loop
rv34: NEON optimised 4x4 dequant
rv34: move 4x4 dequant to RV34DSPContext
aacdec: Use intfloat.h rather than local punning union.
Conflicts:
libavcodec/h264.c
libavcodec/vc1dec.c
libavfilter/vf_yadif.c
libavformat/Makefile
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* qatar/master: (35 commits)
flvdec: Do not call parse_keyframes_index with a NULL stream
libspeexdec: include system headers before local headers
libspeexdec: return meaningful error codes
libspeexdec: cosmetics: reindent
libspeexdec: decode one frame at a time.
swscale: fix signed shift overflows in ff_yuv2rgb_c_init_tables()
Move timefilter code from lavf to lavd.
mov: add support for hdvd and pgapmetadata atoms
mov: rename function _stik, some indentation cosmetics
mov: rename function _int8 to remove ambiguity, some indentation cosmetics
mov: parse the gnre atom
mp3on4: check for allocation failures in decode_init_mp3on4()
mp3on4: create a separate flush function for MP3onMP4.
mp3on4: ensure that the frame channel count does not exceed the codec channel count.
mp3on4: set channel layout
mp3on4: fix the output channel order
mp3on4: allocate temp buffer with av_malloc() instead of on the stack.
mp3on4: copy MPADSPContext from first context to all contexts.
fmtconvert: port float_to_int16_interleave() 2-channel x86 inline asm to yasm
fmtconvert: port int32_to_float_fmul_scalar() x86 inline asm to yasm
...
Conflicts:
libavcodec/arm/h264dsp_init_arm.c
libavcodec/h264.c
libavcodec/h264.h
libavcodec/h264_cabac.c
libavcodec/h264_cavlc.c
libavcodec/h264_ps.c
libavcodec/h264dsp_template.c
libavcodec/h264idct_template.c
libavcodec/h264pred.c
libavcodec/h264pred_template.c
libavcodec/x86/h264dsp_mmx.c
libavdevice/Makefile
libavdevice/jack_audio.c
libavformat/Makefile
libavformat/flvdec.c
libavformat/flvenc.c
libavutil/pixfmt.h
libswscale/utils.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* qatar/master:
h263dec: Propagate AV_LOG_ERRORs from slice decoding through frame decoding with sufficient error recognition
x86: cabac: don't load/store context values in asm
H.264: optimize CABAC x86 asm for Atom
vp3/theora: flush after seek.
doc/fftools-common-opts: wording fixes missing from the previous commit.
doc: document using AVOptions in fftools.
cmdutils: add codec_opts parameter to setup_find_stream_info_opts()
cmdutils: clarify documentation for filter_codec_opts()
cmdutils: clarify documentation for setup_find_stream_info_opts()
lavf: add forgotten attribute_deprecated to av_find_stream_info()
Merged-by: Michael Niedermayer <michaelni@gmx.at>
FF_COMMON_FRAME holds the contents of the AVFrame structure and is also copied
to struct Picture. Replace by an embedded AVFrame structure in struct Picture.
* qatar/master: (22 commits)
H.264: fix filter_mb_fast with 4:4:4 + 8x8dct
alsa: limit buffer_size to 32768 frames.
alsa: fallback to buffer_size/4 for period_size.
doc: replace @pxref by @ref where appropriate
mpeg1video: don't abort if thread_count is too high.
segafilm: add support for videos with cri adx adpcm
gxf: Fix 25 fps DV material in GXF being misdetected as 50 fps
libxvid: Add const qualifier to silence compiler warning.
H.264: improve qp_thresh check
H.264: use fill_rectangle in CABAC decoding
H.264: Remove redundant hl_motion_16/8 code
H.264: merge fill_rectangle into P-SKIP MV prediction, to match B-SKIP
H.264: faster P-SKIP decoding
H.264: av_always_inline some more functions
H.264: Add x86 assembly for 10-bit H.264 predict functions
swscale: rename uv_off/uv_off2 to uv_off_px/byte.
swscale: implement error dithering in planarCopyWrapper.
swscale: error dithering for 16/9/10-bit to 8-bit.
swscale: fix overflow in 16-bit vertical scaling.
swscale: fix crash in 8-bpc bilinear output without alpha.
...
Conflicts:
doc/developer.texi
libavdevice/alsa-audio.h
libavformat/gxf.c
libswscale/swscale.c
libswscale/swscale_internal.h
libswscale/swscale_unscaled.c
libswscale/x86/swscale_template.c
tests/ref/lavfi/pixdesc
tests/ref/lavfi/pixfmts_copy
tests/ref/lavfi/pixfmts_crop
tests/ref/lavfi/pixfmts_hflip
tests/ref/lavfi/pixfmts_null
tests/ref/lavfi/pixfmts_scale
tests/ref/lavfi/pixfmts_vflip
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* qatar/master: (40 commits)
H.264: template left MB handling
H.264: faster fill_decode_caches
H.264: faster write_back_*
H.264: faster fill_filter_caches
H.264: make filter_mb_fast support the case of unavailable top mb
Do not include log.h in avutil.h
Do not include pixfmt.h in avutil.h
Do not include rational.h in avutil.h
Do not include mathematics.h in avutil.h
Do not include intfloat_readwrite.h in avutil.h
Remove return statements following infinite loops without break
RTSP: Doxygen comment cleanup
doxygen: Escape '\' in Doxygen documentation.
md5: cosmetics
md5: use AV_WL32 to write result
md5: add fate test
md5: include correct headers
md5: fix test program
doxygen: Drop array size declarations from Doxygen parameter names.
doxygen: Fix parameter names to match the function prototypes.
...
Conflicts:
libavcodec/x86/dsputil_mmx.c
libavformat/flvenc.c
libavformat/oggenc.c
libavformat/wtv.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>