[MPlayer-users] Re: [Ffmpeg-devel] svq3 decoding broken, sig11

[D Richard Felker III]

On Thu, Oct 30, 2003 at 09:21:01PM -0500, D Richard Felker III wrote:
> #0  0x8271a1b in put_pixels16_mmx (block=0x851c240 '\001' <repeats 200 times>...,
>     pixels=0x851c240 '\001' <repeats 200 times>..., line_size=320, h=0) at i386/dsputil_mmx.c:357
                                                                     ^^^

Here's what causes the crash! Not sure how put_pixels16_mmx is getting
called with h=0 though... Anyway, the following patch eliminates the
crash...

-------------------------------------------------------------------------------
Index: libavcodec/i386/dsputil_mmx.c
===================================================================
RCS file: /cvsroot/ffmpeg/ffmpeg/libavcodec/i386/dsputil_mmx.c,v
retrieving revision 1.62
diff -u -r1.62 dsputil_mmx.c
--- libavcodec/i386/dsputil_mmx.c	23 Oct 2003 23:24:38 -0000	1.62
+++ libavcodec/i386/dsputil_mmx.c	31 Oct 2003 04:53:41 -0000
@@ -345,7 +345,7 @@
 	 "addl %%eax, %1		\n\t"
 	 "addl %%eax, %2       		\n\t"
 	 "subl $4, %0			\n\t"
-	 "jnz 1b			\n\t"
+	 "jge 1b			\n\t"
 	 : "+g"(h), "+r" (pixels),  "+r" (block)
 	 : "r"(line_size)
 	 : "%eax", "memory"
@@ -379,7 +379,7 @@
 	 "addl %%eax, %1		\n\t"
 	 "addl %%eax, %2       		\n\t"
 	 "subl $4, %0			\n\t"
-	 "jnz 1b			\n\t"
+	 "jge 1b			\n\t"
 	 : "+g"(h), "+r" (pixels),  "+r" (block)
 	 : "r"(line_size)
 	 : "%eax", "memory"
-------------------------------------------------------------------------------

...but after applying this, assert(0) is reached in h264.c's
fill_rectangle since height=0.

Michael, any idea what's wrong?

Rich