[libdv-dev] [ libdv-Bugs-558590 ] crash when decoding dv stream

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Bugs item #558590, was opened at 2002-05-21 01:46
You can respond by visiting: 
http://sourceforge.net/tracker/?func=detail&atid=104393&aid=558590&group_id=4393

Category: None
Group: None
Status: Open
Resolution: None
Priority: 5
Submitted By: Nobody/Anonymous (nobody)
Assigned to: Nobody/Anonymous (nobody)
Summary: crash when decoding dv stream

Initial Comment:
Hi,

maybe it's the same as #231580.

I have a dv stream from a sony dv camera, which is 
probably buggy.
You can download it from 
http://ns1.2serve.de/example/crash68m.dv.bz2 .
It crashes after the man with the yellow boots is 
standing some seconds in the picture.
Even on the display of the camera which recorded the 
stream are errors.

Here's the bt when compiled "normally":

Program received signal SIGSEGV, Segmentation fault.
0x402c0952 in dv_decode_vlc () from 
/opt/andi/lib/libdv.so.1
(gdb) bt
#0  0x402c0952 in dv_decode_vlc () from 
/opt/andi/lib/libdv.so.1
#1  0x402c67a9 in dv_reorder () from 
/opt/andi/lib/libdv.so.1
#2  0x5 in __strtol_internal (nptr=Cannot access 
memory at address 0x10007
) at eval.c:35
Cannot access memory at address 0xffff
(gdb) q

This bt I got when I compiled dv_decode_vlc() as the 
C version and not the assembler version.

Program received signal SIGSEGV, Segmentation fault.
0x402b0a80 in dv_decode_vlc (bits=1076650752, 
maxbits=0, result=0x0) at 
vlc.c:800
800       klass = dv_vlc_classes[maxbits][(bits & 
(dv_vlc_class_index_mask[maxbits])) >> 
(dv_vlc_class_index_rshift[maxbits])];
(gdb) bt
#0  0x402b0a80 in dv_decode_vlc (bits=1076650752, 
maxbits=0, result=0x0) at 
vlc.c:800
#1  0x403e59a0 in _IO_2_1_stderr_ () from 
/lib/libc.so.6
#2  0x402c61e0 in dv_vlc_class_broken () from 
/opt/andi/lib/libdv.so.1
#3  0x201 in ?? () at eval.c:88
Cannot access memory at address 0x1010100

When I compiled with --disable-asm, it didn't crash, 
but the picture was disturbed.
When compiling void dv_parse_ac_coeffs_pass0() and 
int dv_parse_video_segment() both as C 
versions and the rest in the assembler versions, it 
also didn't crash, but the 
picture is disturbed.

Since e.g. dv_vlc_class_broken seems to be an array 
and not a function, it might be some stack corruption 
in one of the assembler routines ?

Bye
Alex

----------------------------------------------------------------------

You can respond by visiting: 
http://sourceforge.net/tracker/?func=detail&atid=104393&aid=558590&group_id=4393