Emard writes: > [1 <text/plain; us-ascii (7bit)>] > > I don't know exactly why it crashes for you (your dump rather > > points to an out of bounds *buf I think) but ts_pid() can only return values > > <=0x1fff. There should be no check needed. > > Neither do I, but it might be gcc optimizer bug. > ts_pid returns u16 value, and gcc during optimization might > have forgotten to extend it properly to 32 bits, what is > required for index offset calculation. > Perhaps declaring it u32 ts_pid(u8 *buf) would be sufficient.
Did you test printing out the value when it is >0x1fff? Does it really happen? Your ksymoops dump in your last mail seems to indicate that the oops occurs when the second TS byte (lower 8 bit of PID) is fetched. It is not when pid2feed[] is referenced. Compare it to a disassembly of the demuxer object file. > If you don't believe it could crash for me, edit your vpeirq/fidbirq > and use dmapos[whatever] != 0x47 check and also offset dma pointer > few bytes in advance dmapointer = (dmapointer + 441) % TS_BUFLEN, to > see this and all the other crashes in matter of minutes or even seconds, > depending on the transponder activity. Hmmm, the: if (dmapos >= TS_BUFLEN) in fidb/vpeirq should maybe be: if (dmapos > TS_BUFLEN) This might explain some of the errors you get. Ralph -- Info: To unsubscribe send a mail to [EMAIL PROTECTED] with "unsubscribe linux-dvb" as subject.
