Fixes: out of array access
Fixes: ffmpeg_bof_4.avi
Fixes: ffmpeg_bof_5.avi
Fixes: ffmpeg_bof_6.avi
Found-by: Thuan Pham, Marcel Böhme, Andrew Santosa and Alexandru Razvan Caciulescu with AFLSmart
Reviewed-by: Jerome Borsboom <jerome.borsboom@carpalis.nl>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
The overlap filter needs to cover a full macroblock vertical edge when the
FIELDTX value for two neighbouring macroblocks is not equal. By changing
the internal ordering of the blocks from row major to column major, we do
not need to reinterlace a FIELDTX coded macroblock before running the overlap
filter.
Signed-off-by: Jerome Borsboom <jerome.borsboom@carpalis.nl>
Simple and Main Profile also need unsigned put_pixels_clamped. Add an argument
to choose between signed and unsigned put_pixels and change function name to
vc1_put_blocks_clamped.
Signed-off-by: Jerome Borsboom <jerome.borsboom@carpalis.nl>
Simple and Main profile also need unsigned put_pixels_clamped. Add an argument
to choose between signed and unsigned put_pixels and change function name to
vc1_put_blocks_clamped.
Signed-off-by: Jerome Borsboom <jerome.borsboom@carpalis.nl>
Direct prediction for interlace frame B pictures references the mv in the
second block in an MB in the backward reference frame for the twomv case.
When the backward reference frame is an I frame, this value may be unset.
Signed-off-by: Jerome Borsboom <jerome.borsboom@carpalis.nl>
For interlace field pictures s->mb_height indicates the height of the full
picture in MBs, i.e. the two fields combined. A single field is half this
size. When calculating mquant for interlace field pictures, the bottom edge
is the last MB row of the field.
Signed-off-by: Jerome Borsboom <jerome.borsboom@carpalis.nl>
DIRECTBIT was decoded before the intra/inter MB branching when decoding
interlace frame B pictures. Resulting in mistakenly also decoding it for intra
MBs where this syntax element is not present.
Signed-off-by: Jerome Borsboom <jerome.borsboom@carpalis.nl>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
In vc1_decode_i_blocks_adv mquant needs to be reset to its default value for
each macroblock, instead of once at the beginning of the slice.
DQPROFILE specifies which macroblocks can have an alternative quantizer step
size. When DQPROFILE specifies edges, the selection is applicable to the edges
of the picture. Slice edges are not selected by DQPROFILE.
Signed-off-by: Jerome Borsboom <jerome.borsboom@carpalis.nl>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
HALFQP should only be added to the inverse quantizer when the block is
coded with PQUANT. When PQUANT is equal to ALTPQUANT, the original test
for the addition of HALFQP fails. A negative value for mquant indicates
that the value was derived from VOPDQUANT.
Fixes#4372
Signed-off-by: Jerome Borsboom <jerome.borsboom@carpalis.nl>
HALFQP should only be added to the inverse quantizer when the block is
coded with PQUANT. See 8.1.3.8 in VC-1 spec.
Signed-off-by: Jerome Borsboom <jerome.borsboom@carpalis.nl>
Add previously omitted overlap smooting and loop filtering for
frame/field-interlace pictures. For progressive pictures switch to the
re-implemented versions of overlap smooting and loop filtering.
Signed-off-by: Jerome Borsboom <jerome.borsboom@carpalis.nl>
The existing implementation only used vc1_put_signed_blocks_clamped for I and
BI frames. This rewritten version is also applicable to P frame both
progressive and frame/field-interlace.
Signed-off-by: Jerome Borsboom <jerome.borsboom@carpalis.nl>
The new overlap smooting filter smoothes image pixels stored in v->block.
Switch to v->block instead of s->block for storing decoded image pixels for P
frames. Additionally, we must take incrementing *_blk_idx out of the
vc1_put_signed_blocks_clamped function.
Signed-off-by: Jerome Borsboom <jerome.borsboom@carpalis.nl>
also fixes: runtime error: index 1456 out of bounds for type 'int16_t [16]'
Found-by: durandal_1707
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
The intrax8 decoding process does not imply any kind of error
resilience, and the only call present is more related to how mpegvideo
works rather than anything else.
Therefore have the parent decoders carry out er when actually needed.
9127 -> 8936 decicycles (fate-suite/vc1/SA10143.vc1)
13855 -> 10976 decicycles (fate-suite/vc1/SA20021.vc1)
tests done by the author over this function but with the whole
patchset applied not just this commit
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Keep the code as similar as possible across the codepaths to
ease spotting it for factorization.
Based on a patch from Michael Niedermayer <michaelni@gmx.at>.
The code currently set the information in at least 4 places, spare
some pointless loops.
Make the code in the loop a little uniform to make easier factorize
it out later.
Michael Niedermayer
Jerome Borsboom
Carl Eugen Hoyos
Alexandra Hájková
Vittorio Giovara
Paolo Bizzarri
Carl Eugen Hoyos
Michael Niedermayer
zhaoxiu.zeng
Luca Barbato