ref: 29071a418e1a12fb2f614f962c24f1417153d7fc
parent: c731d6a4f19eea861ceb2ff31399420b2452eb74
author: Alexander Voronov <avoronov@graphics.cs.msu.ru>
date: Tue Sep 9 10:56:00 EDT 2014
Fix invalid memory access on 2x downscale. The issue was discovered on bitstream with 2x vertical downscale. For zero MVs, y_pad is set to 1 only when vertical convolution is required. The original code assumes that for y_step_q4 == 32 we don't perform vertical convolution. But vp9_setup_scale_factors_for_frame() sets convolve functions so that when x_step and y_step are both not equal to 16, convolve in both directions is performed. And convolve() unconditionally subtracts one stride from source pointer when calls convolve_horiz(). This leads to invalid memory access. Change-Id: I882dfa6081a58e172b5ffa55842bfcd6727f10bf
--- a/vp9/common/vp9_reconinter.c
+++ b/vp9/common/vp9_reconinter.c
@@ -376,13 +376,13 @@
int y1 = ((y0_16 + (h - 1) * ys) >> SUBPEL_BITS) + 1;
int x_pad = 0, y_pad = 0;
- if (subpel_x || (sf->x_step_q4 & SUBPEL_MASK)) {+ if (subpel_x || (sf->x_step_q4 != 16)) {x0 -= VP9_INTERP_EXTEND - 1;
x1 += VP9_INTERP_EXTEND;
x_pad = 1;
}
- if (subpel_y || (sf->y_step_q4 & SUBPEL_MASK)) {+ if (subpel_y || (sf->y_step_q4 != 16)) {y0 -= VP9_INTERP_EXTEND - 1;
y1 += VP9_INTERP_EXTEND;
y_pad = 1;