GNOME Bugzilla – Bug 142613
asfdemux segfaulting with gst-launch & gst-player but not with totem
Last modified: 2004-12-22 21:47:04 UTC
trying to play a really bad asf/wmv file segfaults in comment->tags extraction code gst/asfdemux/gstasfdemux.c around line 540 what seems to be breaking is : for (n = 0; n < lengths[i] / 2 - 1; n++) ((gint16 *) data)[n] = GUINT16_FROM_LE (((gint16 *) data)[n]); looks silly but it does really segfault on this byteswap function anyone has a clue why ? file to reproduce this is on my gst FTP, ask ronald (or me on irc) for login/pass/host
i added some debug around those lines yesterday : - for (n = 0; n < lengths[i] / 2 - 1; n++) - ((gint16 *) data)[n] = GUINT16_FROM_LE (((gint16 *) data)[n]); utf8_comments[i] = g_convert (data, lengths[i], + for (n = 0; n < lengths[i] / 2 - 1; n++) { +printf("6a : i=%d, n=%d\n",i,n); +printf("1 data[%d] = %04X\n", n, ((guint16 *) data)[n]); +printf("2 data[%d] = %04X\n", n, GUINT16_FROM_LE (((guint16 *) data)[n])); + ((guint16 *) data)[n] = GUINT16_FROM_LE (((guint16 *) data)[n]); +printf("3 data[%d] = %04X\n", n, ((guint16 *) data)[n]); +printf("6b : i=%d, n=%d\n",i,n); +} gst-launch-0.8 and gst-player give : 6a : i=0, n=0 1 data[0] = 0057 2 data[0] = 0057 Erreur de segmentation totem gives : 6a : i=0, n=0 1 data[0] = 0057 2 data[0] = 0057 3 data[0] = 0057 6b : i=0, n=0 6a : i=0, n=1 1 data[1] = 0057 2 data[1] = 0057 3 data[1] = 0057 6b : i=0, n=1 ... (and doesn't segfault at all)
from a chat session with Company : * Company bets it crashes because we operate on READ_ONLY data <Company> filesrc gives you mmapped data <Company> totem uses gnomevfssrc, so it's not read only <LeRoutier> arf, would explain the "bad permission" that valgrind said <LeRoutier> <LeRoutier> valgrinds tells me : dumping core, Bad permissions for mapped region at address ..
fix0red