Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Bug#859008: dvb-tools: dvbv5-scan segfaults with DVB-T2 HD service that just started in Germany
89 views
Skip to first unread message
Tino Mettler
Mar 29, 2017, 9:50:03 AM3/29/17
to
Package: dvb-tools
Version: 1.12.3-1
Severity: normal
Dear Maintainer,
I get this failure every time I try to scan for channels.
$ gdb --args dvbv5-scan -w1 init2
GNU gdb (Debian 7.12-6) 7.12.0.20161007-git
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from dvbv5-scan...Reading symbols from /usr/lib/debug/.build-id/ee/ae027c5261711a1b1bd9177ecd105d0e25d705.debug...done.
done.
(gdb) run
Starting program: /usr/bin/dvbv5-scan -w1 init2
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Scanning frequency #1 554000000
Lock (0x1f) C/N= 23.75dB
Service Das Erste HD, provider BR: reserved
Service arte HD, provider BR: reserved
Service PHOENIX HD, provider BR: reserved
Service tagesschau24 HD, provider BR: reserved
Service ONE HD, provider BR: reserved
New transponder/channel found: #11: -1776415946
New transponder/channel found: #12: 504706590
New transponder/channel found: #13: 523640360
New transponder/channel found: #14: 907948854
New transponder/channel found: #15: -397832490
New transponder/channel found: #16: 0
New transponder/channel found: #17: 0
New transponder/channel found: #18: 0
New transponder/channel found: #19: 0
New transponder/channel found: #20: 0
New transponder/channel found: #21: 0
New transponder/channel found: #22: 0
New transponder/channel found: #23: 0
New transponder/channel found: #24: 0
New transponder/channel found: #25: 0
New transponder/channel found: #26: 0
New transponder/channel found: #27: 0
New transponder/channel found: #28: 0
New transponder/channel found: #29: 0
New transponder/channel found: #30: 0
New transponder/channel found: #31: 0
New transponder/channel found: #32: 0
New transponder/channel found: #33: 0
New transponder/channel found: #34: 0
New transponder/channel found: #35: 0
New transponder/channel found: #36: 0
New transponder/channel found: #37: 0
New transponder/channel found: #38: 0
New transponder/channel found: #39: 0
New transponder/channel found: #40: 0
New transponder/channel found: #41: 0
New transponder/channel found: #42: 0
New transponder/channel found: #43: 0
New transponder/channel found: #44: 0
New transponder/channel found: #45: 0
New transponder/channel found: #46: 0
New transponder/channel found: #47: 0
New transponder/channel found: #48: 0
New transponder/channel found: #49: 0
New transponder/channel found: #50: 0
New transponder/channel found: #51: 0
New transponder/channel found: #52: 0
New transponder/channel found: #53: 0
New transponder/channel found: #54: 0
New transponder/channel found: #55: 0
New transponder/channel found: #56: 0
New transponder/channel found: #57: 0
New transponder/channel found: #58: 0
New transponder/channel found: #59: 0
New transponder/channel found: #60: 0
New transponder/channel found: #61: 0
New transponder/channel found: #62: 0
New transponder/channel found: #63: 0
New transponder/channel found: #64: 0
New transponder/channel found: #65: 0
New transponder/channel found: #66: 0
New transponder/channel found: #67: 0
New transponder/channel found: #68: 0
New transponder/channel found: #69: 0
New transponder/channel found: #70: 0
New transponder/channel found: #71: 0
New transponder/channel found: #72: 0
New transponder/channel found: #73: 0
New transponder/channel found: #74: 0
New transponder/channel found: #75: 0
Scanning frequency #2 650000000
(0x00) Signal= -69.00dBm
Scanning frequency #3 738000000
(0x00) Signal= -77.00dBm
Scanning frequency #4 578000000
Lock (0x1f) Signal= -77.00dBm C/N= 24.50dB
*** Error in `/usr/bin/dvbv5-scan': malloc(): memory corruption: 0x00005555557649a0 ***
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(+0x70bcb)[0x7ffff755ebcb]
/lib/x86_64-linux-gnu/libc.so.6(+0x76f96)[0x7ffff7564f96]
/lib/x86_64-linux-gnu/libc.so.6(+0x78f69)[0x7ffff7566f69]
/lib/x86_64-linux-gnu/libc.so.6(__libc_calloc+0x27b)[0x7ffff756999b]
/usr/lib/x86_64-linux-gnu/libdvbv5.so.0(dvb_desc_t2_delivery_init+0x16d)[0x7ffff78b5bbd]
/usr/lib/x86_64-linux-gnu/libdvbv5.so.0(dvb_extension_descriptor_init+0x88)[0x7ffff78b6848]
/usr/lib/x86_64-linux-gnu/libdvbv5.so.0(dvb_desc_parse+0xdc)[0x7ffff78b103c]
/usr/lib/x86_64-linux-gnu/libdvbv5.so.0(dvb_table_nit_init+0x197)[0x7ffff78b2017]
/usr/lib/x86_64-linux-gnu/libdvbv5.so.0(dvb_read_sections+0x42d)[0x7ffff78aee2d]
/usr/lib/x86_64-linux-gnu/libdvbv5.so.0(dvb_read_section_with_id+0x3a)[0x7ffff78af42a]
/usr/lib/x86_64-linux-gnu/libdvbv5.so.0(dvb_read_section+0x1a)[0x7ffff78af46a]
/usr/lib/x86_64-linux-gnu/libdvbv5.so.0(dvb_get_ts_tables+0x240)[0x7ffff78af780]
/usr/lib/x86_64-linux-gnu/libdvbv5.so.0(dvb_scan_transponder+0x12f)[0x7ffff78afd3f]
/usr/lib/x86_64-linux-gnu/libdvbv5.so.0(+0x189fd)[0x7ffff78a49fd]
/usr/bin/dvbv5-scan(+0x207e)[0x55555555607e]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf1)[0x7ffff750e2b1]
/usr/bin/dvbv5-scan(+0x240a)[0x55555555640a]
======= Memory map: ========
555555554000-555555558000 r-xp 00000000 fe:01 140970 /usr/bin/dvbv5-scan
555555758000-555555759000 r--p 00004000 fe:01 140970 /usr/bin/dvbv5-scan
555555759000-55555575a000 rw-p 00005000 fe:01 140970 /usr/bin/dvbv5-scan
55555575a000-5555557f0000 rw-p 00000000 00:00 0 [heap]
7ffff0000000-7ffff0021000 rw-p 00000000 00:00 0
7ffff0021000-7ffff4000000 ---p 00000000 00:00 0
7ffff6746000-7ffff675c000 r-xp 00000000 08:01 33421 /lib/x86_64-linux-gnu/libgcc_s.so.1
7ffff675c000-7ffff695b000 ---p 00016000 08:01 33421 /lib/x86_64-linux-gnu/libgcc_s.so.1
7ffff695b000-7ffff695c000 r--p 00015000 08:01 33421 /lib/x86_64-linux-gnu/libgcc_s.so.1
7ffff695c000-7ffff695d000 rw-p 00016000 08:01 33421 /lib/x86_64-linux-gnu/libgcc_s.so.1
7ffff695d000-7ffff695f000 r-xp 00000000 fe:01 6828 /usr/lib/x86_64-linux-gnu/gconv/ISO8859-15.so
7ffff695f000-7ffff6b5e000 ---p 00002000 fe:01 6828 /usr/lib/x86_64-linux-gnu/gconv/ISO8859-15.so
7ffff6b5e000-7ffff6b5f000 r--p 00001000 fe:01 6828 /usr/lib/x86_64-linux-gnu/gconv/ISO8859-15.so
7ffff6b5f000-7ffff6b60000 rw-p 00002000 fe:01 6828 /usr/lib/x86_64-linux-gnu/gconv/ISO8859-15.so
7ffff6b60000-7ffff6b62000 r-xp 00000000 fe:01 7652 /usr/lib/x86_64-linux-gnu/gconv/ISO8859-9.so
7ffff6b62000-7ffff6d61000 ---p 00002000 fe:01 7652 /usr/lib/x86_64-linux-gnu/gconv/ISO8859-9.so
7ffff6d61000-7ffff6d62000 r--p 00001000 fe:01 7652 /usr/lib/x86_64-linux-gnu/gconv/ISO8859-9.so
7ffff6d62000-7ffff6d63000 rw-p 00002000 fe:01 7652 /usr/lib/x86_64-linux-gnu/gconv/ISO8859-9.so
7ffff6d63000-7ffff70c9000 r--p 00000000 fe:01 146067 /usr/lib/locale/locale-archive
7ffff70c9000-7ffff70e1000 r-xp 00000000 08:01 33682 /lib/x86_64-linux-gnu/libpthread-2.24.so
7ffff70e1000-7ffff72e0000 ---p 00018000 08:01 33682 /lib/x86_64-linux-gnu/libpthread-2.24.so
7ffff72e0000-7ffff72e1000 r--p 00017000 08:01 33682 /lib/x86_64-linux-gnu/libpthread-2.24.so
7ffff72e1000-7ffff72e2000 rw-p 00018000 08:01 33682 /lib/x86_64-linux-gnu/libpthread-2.24.so
7ffff72e2000-7ffff72e6000 rw-p 00000000 00:00 0
7ffff72e6000-7ffff72ed000 r-xp 00000000 08:01 33715 /lib/x86_64-linux-gnu/librt-2.24.so
7ffff72ed000-7ffff74ec000 ---p 00007000 08:01 33715 /lib/x86_64-linux-gnu/librt-2.24.so
7ffff74ec000-7ffff74ed000 r--p 00006000 08:01 33715 /lib/x86_64-linux-gnu/librt-2.24.so
7ffff74ed000-7ffff74ee000 rw-p 00007000 08:01 33715 /lib/x86_64-linux-gnu/librt-2.24.so
7ffff74ee000-7ffff7683000 r-xp 00000000 08:01 33370 /lib/x86_64-linux-gnu/libc-2.24.so
7ffff7683000-7ffff7882000 ---p 00195000 08:01 33370 /lib/x86_64-linux-gnu/libc-2.24.so
7ffff7882000-7ffff7886000 r--p 00194000 08:01 33370 /lib/x86_64-linux-gnu/libc-2.24.so
7ffff7886000-7ffff7888000 rw-p 00198000 08:01 33370 /lib/x86_64-linux-gnu/libc-2.24.so
7ffff7888000-7ffff788c000 rw-p 00000000 00:00 0
7ffff788c000-7ffff78c8000 r-xp 00000000 fe:01 47723 /usr/lib/x86_64-linux-gnu/libdvbv5.so.0.0.0
7ffff78c8000-7ffff7ac8000 ---p 0003c000 fe:01 47723 /usr/lib/x86_64-linux-gnu/libdvbv5.so.0.0.0
7ffff7ac8000-7ffff7ad2000 r--p 0003c000 fe:01 47723 /usr/lib/x86_64-linux-gnu/libdvbv5.so.0.0.0
7ffff7ad2000-7ffff7ad5000 rw-p 00046000 fe:01 47723 /usr/lib/x86_64-linux-gnu/libdvbv5.so.0.0.0
7ffff7ad5000-7ffff7bd8000 r-xp 00000000 08:01 33456 /lib/x86_64-linux-gnu/libm-2.24.so
7ffff7bd8000-7ffff7dd7000 ---p 00103000 08:01 33456 /lib/x86_64-linux-gnu/libm-2.24.so
7ffff7dd7000-7ffff7dd8000 r--p 00102000 08:01 33456 /lib/x86_64-linux-gnu/libm-2.24.so
7ffff7dd8000-7ffff7dd9000 rw-p 00103000 08:01 33456 /lib/x86_64-linux-gnu/libm-2.24.so
7ffff7dd9000-7ffff7dfc000 r-xp 00000000 08:01 33225 /lib/x86_64-linux-gnu/ld-2.24.so
7ffff7faa000-7ffff7faf000 rw-p 00000000 00:00 0
7ffff7faf000-7ffff7fce000 r-xp 00000000 08:01 32792 /lib/x86_64-linux-gnu/libudev.so.1.6.5
7ffff7fce000-7ffff7fcf000 r--p 0001e000 08:01 32792 /lib/x86_64-linux-gnu/libudev.so.1.6.5
7ffff7fcf000-7ffff7fd0000 rw-p 0001f000 08:01 32792 /lib/x86_64-linux-gnu/libudev.so.1.6.5
7ffff7fed000-7ffff7fee000 rw-p 00000000 00:00 0
7ffff7fee000-7ffff7ff5000 r--s 00000000 fe:01 24377 /usr/lib/x86_64-linux-gnu/gconv/gconv-modules.cache
7ffff7ff5000-7ffff7ff8000 rw-p 00000000 00:00 0
7ffff7ff8000-7ffff7ffa000 r--p 00000000 00:00 0 [vvar]
7ffff7ffa000-7ffff7ffc000 r-xp 00000000 00:00 0 [vdso]
7ffff7ffc000-7ffff7ffd000 r--p 00023000 08:01 33225 /lib/x86_64-linux-gnu/ld-2.24.so
7ffff7ffd000-7ffff7ffe000 rw-p 00024000 08:01 33225 /lib/x86_64-linux-gnu/ld-2.24.so
7ffff7ffe000-7ffff7fff000 rw-p 00000000 00:00 0
7ffffffde000-7ffffffff000 rw-p 00000000 00:00 0 [stack]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Program received signal SIGABRT, Aborted.
__GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:58
58 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) thread apply all bt full
Thread 1 (Thread 0x7ffff7faa740 (LWP 3261)):
#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:58
set = {__val = {0, 3395749441387372576, 6860733171187738988, 8679965255892022326, 7091318039360988973, 3346019691551614069,
7365366939112582705, 3487584252112299622, 7378697628691542064, 2319406791624255031, 3472328228581767026, 4048771456345073201,
4122819179045793850, 2314885530818453554, 2314885530818453536, 3395749441387372576}}
pid = <optimized out>
tid = <optimized out>
#1 0x00007ffff752240a in __GI_abort () at abort.c:89
save_stage = 2
act = {__sigaction_handler = {sa_handler = 0x3766666666372d30, sa_sigaction = 0x3766666666372d30}, sa_mask = {__val = {
8223625903106778726, 3472328295963438381, 4192904167887482928, 2314885531086893104, 2314885530818453536,
2314885530818453536, 8528445641706184736, 7378645557150114166, 3472382405132117606, 3991990709698112816,
8223625903106909798, 3472328295963457581, 4192904167887482928, 2314885531086893104, 2314885530818453536, 140737488345792}},
sa_flags = 88, sa_restorer = 0x7fffffffdac0}
sigs = {__val = {32, 0 <repeats 15 times>}}
#2 0x00007ffff755ebd0 in __libc_message (do_abort=do_abort@entry=2, fmt=fmt@entry=0x7ffff7653c30 "*** Error in `%s': %s: 0x%s ***\n")
at ../sysdeps/posix/libc_fatal.c:175
ap = {{gp_offset = 40, fp_offset = 0, overflow_arg_area = 0x7fffffffdad0, reg_save_area = 0x7fffffffda60}}
fd = 5
on_2 = <optimized out>
list = <optimized out>
nlist = <optimized out>
cp = <optimized out>
written = <optimized out>
#3 0x00007ffff7564f96 in malloc_printerr (action=3, str=0x7ffff765082b "malloc(): memory corruption", ptr=<optimized out>,
ar_ptr=<optimized out>) at malloc.c:5046
buf = "00005555557649a0"
cp = <optimized out>
ar_ptr = <optimized out>
ptr = <optimized out>
str = 0x7ffff765082b "malloc(): memory corruption"
action = 3
#4 0x00007ffff7566f69 in _int_malloc (av=av@entry=0x7ffff7886b00 <main_arena>, bytes=bytes@entry=392) at malloc.c:3509
iters = 0
nb = 400
idx = 25
bin = <optimized out>
victim = 0x555555764990
size = <optimized out>
victim_index = <optimized out>
remainder = <optimized out>
remainder_size = <optimized out>
block = <optimized out>
bit = <optimized out>
map = <optimized out>
fwd = <optimized out>
bck = 0x20040c065034602
errstr = 0x0
__func__ = "_int_malloc"
#5 0x00007ffff756999b in __libc_calloc (n=<optimized out>, elem_size=<optimized out>) at malloc.c:3271
av = 0x7ffff7886b00 <main_arena>
oldtop = 0x5555557cf1e0
p = <optimized out>
bytes = 392
sz = 392
csz = <optimized out>
oldtopsize = 134688
mem = <optimized out>
clearsize = <optimized out>
nclears = <optimized out>
d = <optimized out>
hook = <optimized out>
__func__ = "__libc_calloc"
#6 0x00007ffff78b5bbd in dvb_desc_t2_delivery_init (parms=0x55555575c070, buf=<optimized out>, ext=<optimized out>, desc=0x555555764980)
at descriptors/desc_t2_delivery.c:65
d = 0x555555764980
p = 0x55555575ed90 "1\377\002\323D@\002\337y@\002\353\256@\003\064\354@\003e\300@\003~*@\003\212_@\003\226\224@\003\242\311@\003\307h@\004\004q@\003q\365@l\264\002AC1\a\225\"", <incomplete sequence \307>
desc_len = <optimized out>
len = <optimized out>
i = <optimized out>
__func__ = "dvb_desc_t2_delivery_init"
#7 0x00007ffff78b6848 in dvb_extension_descriptor_init (parms=parms@entry=0x55555575c070, buf=buf@entry=0x55555575ed4a "\004",
desc=desc@entry=0x555555764940) at descriptors/desc_extension.c:155
ext = 0x555555764940
p = 0x55555575ed4b ""
desc_type = <optimized out>
size = <optimized out>
desc_len = 68
init = 0x7ffff78b5a50 <dvb_desc_t2_delivery_init>
#8 0x00007ffff78b103c in dvb_desc_parse (parms=parms@entry=0x55555575c070, buf=buf@entry=0x55555575ed48 "\177E\004",
buflen=buflen@entry=321, head_desc=0x555555764966) at descriptors.c:194
desc_type = 127 '\177'
desc_len = 69 'E'
size = <optimized out>
init = 0x7ffff78b67c0 <dvb_extension_descriptor_init>
ptr = 0x55555575ed4a "\004"
endbuf = 0x55555575ee89 "q8\314j"
current = 0x555555764940
last = 0x0
__func__ = "dvb_desc_parse"
#9 0x00007ffff78b2017 in dvb_table_nit_init (parms=0x55555575c070, buf=0x55555575ed30 "@\361Z0", <incomplete sequence \351>,
buflen=<optimized out>, table=<optimized out>) at tables/nit.c:116
desc_length = 321
transport = 0x555555764960
p = 0x55555575ed48 "\177E\004"
endbuf = 0x55555575ee89 "q8\314j"
nit = <optimized out>
head = 0x55555576496e
head_desc = <optimized out>
size = 2
__func__ = "dvb_table_nit_init"
#10 0x00007ffff78aee2d in dvb_parse_section (buf_length=349, buf=0x55555575ed30 "@\361Z0", <incomplete sequence \351>,
sect=0x7fffffffde80, parms=0x55555575c070) at dvb-scan.c:275
ext = 0x5555557646c0
tid = <optimized out>
i = <optimized out>
h = {table_id = 64 '@', {bitfield = 61786, {section_length = 346, one = 3 '\003', zero = 1 '\001', syntax = 1 '\001'}},
id = 12290, current_next = 1 '\001', version = 20 '\024', one2 = 3 '\003', section_id = 0 '\000', last_section = 0 '\000'}
priv = <optimized out>
new = <optimized out>
#11 dvb_read_sections (__p=0x55555575c070, dmx_fd=4, sect=0x7fffffffde80, timeout=<optimized out>) at dvb-scan.c:374
crc = <optimized out>
parms = 0x55555575c070
ret = <optimized out>
mask = 255 '\377'
timeout = <optimized out>
sect = 0x7fffffffde80
dmx_fd = 4
__p = 0x55555575c070
parms = 0x55555575c070
mask = 255 '\377'
#12 0x00007ffff78af42a in dvb_read_section_with_id (parms=parms@entry=0x55555575c070, dmx_fd=dmx_fd@entry=4, tid=tid@entry=64 '@',
pid=pid@entry=16, ts_id=ts_id@entry=-1, table=table@entry=0x555555771e10, timeout=12) at dvb-scan.c:399
tab = {tid = 64 '@', pid = 16, ts_id = -1, table = 0x555555771e10, allow_section_gaps = 0, priv = 0x555555766970}
#13 0x00007ffff78af46a in dvb_read_section (parms=parms@entry=0x55555575c070, dmx_fd=dmx_fd@entry=4, tid=tid@entry=64 '@',
pid=pid@entry=16, table=table@entry=0x555555771e10, timeout=timeout@entry=12) at dvb-scan.c:102
No locals.
#14 0x00007ffff78af780 in dvb_get_ts_tables (__p=__p@entry=0x55555575c070, dmx_fd=dmx_fd@entry=4, delivery_system=<optimized out>,
other_nit=other_nit@entry=0, timeout_multiply=timeout_multiply@entry=1) at dvb-scan.c:572
parms = 0x55555575c070
rc = <optimized out>
pat_pmt_time = <optimized out>
sdt_time = 2
nit_time = 12
vct_time = 2
atsc_filter = <optimized out>
num_pmt = 5
dvb_scan_handler = 0x555555771de0
#15 0x00007ffff78afd3f in dvb_scan_transponder (__p=0x55555575c070, entry=0x555555766f80, dmx_fd=4,
check_frontend=0x555555556ca0 <check_frontend>, args=0x7fffffffe060, other_nit=0, timeout_multiply=1) at dvb-scan.c:680
parms = 0x55555575c070
dvb_scan_handler = 0x0
freq = 578000000
delsys = 16
i = <optimized out>
rc = <optimized out>
#16 0x00007ffff78a49fd in dvb_local_scan (open_dev=<optimized out>, entry=<optimized out>, check_frontend=<optimized out>,
args=<optimized out>, other_nit=<optimized out>, timeout_multiply=<optimized out>) at dvb-dev-local.c:723
dev = <optimized out>
dvb = <optimized out>
parms = <optimized out>
desc = <optimized out>
fd = <optimized out>
#17 0x000055555555607e in run_scan (dvb=0x55555575bf70, args=0x7fffffffe060) at dvbv5-scan.c:298
dvb_scan_handler = 0x0
stream_id = 0
dvb_file = 0x55555575dc30
freq = 578000000
sys = <optimized out>
parms = 0x55555575c070
dvb_file_new = 0x55555575fe50
entry = 0x555555766f80
dmx_fd = 0x555555771250
count = <optimized out>
shift = <optimized out>
pol = POLARIZATION_OFF
#18 main (argc=<optimized out>, argv=<optimized out>) at dvbv5-scan.c:562
args = {confname = 0x7fffffffe4b5 "init2", lnb_name = 0x0, output = 0x555555556fa1 "dvb_channel.conf",
demux_dev = 0x555555771490 "dvb0.demux0", adapter = 4294967295, n_adapter = 0, adapter_fe = 0, adapter_dmx = 0, frontend = 0,
demux = 0, get_detected = 0, get_nit = 0, lna = 1, lnb = 0, sat_number = -1, freq_bpf = 0, diseqc_wait = 0,
dont_add_new_freqs = 0, timeout_multiply = 1, other_nit = 0, input_format = FILE_DVBV5, output_format = FILE_DVBV5, cc = 0x0,
n_status_lines = 1}
err = <optimized out>
lnb = <optimized out>
idx = 2
dvb = 0x55555575bf70
dvb_dev = <optimized out>
parms = <optimized out>
argp = {options = 0x5555557589a0 <options>, parser = 0x555555556610 <parse_opt>, args_doc = 0x555555556f76 "<initial file>",
doc = 0x555555557418 "scan DVB services using the channel file", children = 0x0, help_filter = 0x0, argp_domain = 0x0}
(gdb)
-- System Information:
Debian Release: 9.0
APT prefers unstable-debug
APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.10.2 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages dvb-tools depends on:
ii libc6 2.24-9
ii libdvbv5-0 1.12.3-1
ii libudev1 232-21
dvb-tools recommends no packages.
dvb-tools suggests no packages.
-- debconf-show failed
Version: 1.12.3-1
Severity: normal
Dear Maintainer,
I get this failure every time I try to scan for channels.
$ gdb --args dvbv5-scan -w1 init2
GNU gdb (Debian 7.12-6) 7.12.0.20161007-git
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from dvbv5-scan...Reading symbols from /usr/lib/debug/.build-id/ee/ae027c5261711a1b1bd9177ecd105d0e25d705.debug...done.
done.
(gdb) run
Starting program: /usr/bin/dvbv5-scan -w1 init2
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Scanning frequency #1 554000000
Lock (0x1f) C/N= 23.75dB
Service Das Erste HD, provider BR: reserved
Service arte HD, provider BR: reserved
Service PHOENIX HD, provider BR: reserved
Service tagesschau24 HD, provider BR: reserved
Service ONE HD, provider BR: reserved
New transponder/channel found: #11: -1776415946
New transponder/channel found: #12: 504706590
New transponder/channel found: #13: 523640360
New transponder/channel found: #14: 907948854
New transponder/channel found: #15: -397832490
New transponder/channel found: #16: 0
New transponder/channel found: #17: 0
New transponder/channel found: #18: 0
New transponder/channel found: #19: 0
New transponder/channel found: #20: 0
New transponder/channel found: #21: 0
New transponder/channel found: #22: 0
New transponder/channel found: #23: 0
New transponder/channel found: #24: 0
New transponder/channel found: #25: 0
New transponder/channel found: #26: 0
New transponder/channel found: #27: 0
New transponder/channel found: #28: 0
New transponder/channel found: #29: 0
New transponder/channel found: #30: 0
New transponder/channel found: #31: 0
New transponder/channel found: #32: 0
New transponder/channel found: #33: 0
New transponder/channel found: #34: 0
New transponder/channel found: #35: 0
New transponder/channel found: #36: 0
New transponder/channel found: #37: 0
New transponder/channel found: #38: 0
New transponder/channel found: #39: 0
New transponder/channel found: #40: 0
New transponder/channel found: #41: 0
New transponder/channel found: #42: 0
New transponder/channel found: #43: 0
New transponder/channel found: #44: 0
New transponder/channel found: #45: 0
New transponder/channel found: #46: 0
New transponder/channel found: #47: 0
New transponder/channel found: #48: 0
New transponder/channel found: #49: 0
New transponder/channel found: #50: 0
New transponder/channel found: #51: 0
New transponder/channel found: #52: 0
New transponder/channel found: #53: 0
New transponder/channel found: #54: 0
New transponder/channel found: #55: 0
New transponder/channel found: #56: 0
New transponder/channel found: #57: 0
New transponder/channel found: #58: 0
New transponder/channel found: #59: 0
New transponder/channel found: #60: 0
New transponder/channel found: #61: 0
New transponder/channel found: #62: 0
New transponder/channel found: #63: 0
New transponder/channel found: #64: 0
New transponder/channel found: #65: 0
New transponder/channel found: #66: 0
New transponder/channel found: #67: 0
New transponder/channel found: #68: 0
New transponder/channel found: #69: 0
New transponder/channel found: #70: 0
New transponder/channel found: #71: 0
New transponder/channel found: #72: 0
New transponder/channel found: #73: 0
New transponder/channel found: #74: 0
New transponder/channel found: #75: 0
Scanning frequency #2 650000000
(0x00) Signal= -69.00dBm
Scanning frequency #3 738000000
(0x00) Signal= -77.00dBm
Scanning frequency #4 578000000
Lock (0x1f) Signal= -77.00dBm C/N= 24.50dB
*** Error in `/usr/bin/dvbv5-scan': malloc(): memory corruption: 0x00005555557649a0 ***
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(+0x70bcb)[0x7ffff755ebcb]
/lib/x86_64-linux-gnu/libc.so.6(+0x76f96)[0x7ffff7564f96]
/lib/x86_64-linux-gnu/libc.so.6(+0x78f69)[0x7ffff7566f69]
/lib/x86_64-linux-gnu/libc.so.6(__libc_calloc+0x27b)[0x7ffff756999b]
/usr/lib/x86_64-linux-gnu/libdvbv5.so.0(dvb_desc_t2_delivery_init+0x16d)[0x7ffff78b5bbd]
/usr/lib/x86_64-linux-gnu/libdvbv5.so.0(dvb_extension_descriptor_init+0x88)[0x7ffff78b6848]
/usr/lib/x86_64-linux-gnu/libdvbv5.so.0(dvb_desc_parse+0xdc)[0x7ffff78b103c]
/usr/lib/x86_64-linux-gnu/libdvbv5.so.0(dvb_table_nit_init+0x197)[0x7ffff78b2017]
/usr/lib/x86_64-linux-gnu/libdvbv5.so.0(dvb_read_sections+0x42d)[0x7ffff78aee2d]
/usr/lib/x86_64-linux-gnu/libdvbv5.so.0(dvb_read_section_with_id+0x3a)[0x7ffff78af42a]
/usr/lib/x86_64-linux-gnu/libdvbv5.so.0(dvb_read_section+0x1a)[0x7ffff78af46a]
/usr/lib/x86_64-linux-gnu/libdvbv5.so.0(dvb_get_ts_tables+0x240)[0x7ffff78af780]
/usr/lib/x86_64-linux-gnu/libdvbv5.so.0(dvb_scan_transponder+0x12f)[0x7ffff78afd3f]
/usr/lib/x86_64-linux-gnu/libdvbv5.so.0(+0x189fd)[0x7ffff78a49fd]
/usr/bin/dvbv5-scan(+0x207e)[0x55555555607e]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf1)[0x7ffff750e2b1]
/usr/bin/dvbv5-scan(+0x240a)[0x55555555640a]
======= Memory map: ========
555555554000-555555558000 r-xp 00000000 fe:01 140970 /usr/bin/dvbv5-scan
555555758000-555555759000 r--p 00004000 fe:01 140970 /usr/bin/dvbv5-scan
555555759000-55555575a000 rw-p 00005000 fe:01 140970 /usr/bin/dvbv5-scan
55555575a000-5555557f0000 rw-p 00000000 00:00 0 [heap]
7ffff0000000-7ffff0021000 rw-p 00000000 00:00 0
7ffff0021000-7ffff4000000 ---p 00000000 00:00 0
7ffff6746000-7ffff675c000 r-xp 00000000 08:01 33421 /lib/x86_64-linux-gnu/libgcc_s.so.1
7ffff675c000-7ffff695b000 ---p 00016000 08:01 33421 /lib/x86_64-linux-gnu/libgcc_s.so.1
7ffff695b000-7ffff695c000 r--p 00015000 08:01 33421 /lib/x86_64-linux-gnu/libgcc_s.so.1
7ffff695c000-7ffff695d000 rw-p 00016000 08:01 33421 /lib/x86_64-linux-gnu/libgcc_s.so.1
7ffff695d000-7ffff695f000 r-xp 00000000 fe:01 6828 /usr/lib/x86_64-linux-gnu/gconv/ISO8859-15.so
7ffff695f000-7ffff6b5e000 ---p 00002000 fe:01 6828 /usr/lib/x86_64-linux-gnu/gconv/ISO8859-15.so
7ffff6b5e000-7ffff6b5f000 r--p 00001000 fe:01 6828 /usr/lib/x86_64-linux-gnu/gconv/ISO8859-15.so
7ffff6b5f000-7ffff6b60000 rw-p 00002000 fe:01 6828 /usr/lib/x86_64-linux-gnu/gconv/ISO8859-15.so
7ffff6b60000-7ffff6b62000 r-xp 00000000 fe:01 7652 /usr/lib/x86_64-linux-gnu/gconv/ISO8859-9.so
7ffff6b62000-7ffff6d61000 ---p 00002000 fe:01 7652 /usr/lib/x86_64-linux-gnu/gconv/ISO8859-9.so
7ffff6d61000-7ffff6d62000 r--p 00001000 fe:01 7652 /usr/lib/x86_64-linux-gnu/gconv/ISO8859-9.so
7ffff6d62000-7ffff6d63000 rw-p 00002000 fe:01 7652 /usr/lib/x86_64-linux-gnu/gconv/ISO8859-9.so
7ffff6d63000-7ffff70c9000 r--p 00000000 fe:01 146067 /usr/lib/locale/locale-archive
7ffff70c9000-7ffff70e1000 r-xp 00000000 08:01 33682 /lib/x86_64-linux-gnu/libpthread-2.24.so
7ffff70e1000-7ffff72e0000 ---p 00018000 08:01 33682 /lib/x86_64-linux-gnu/libpthread-2.24.so
7ffff72e0000-7ffff72e1000 r--p 00017000 08:01 33682 /lib/x86_64-linux-gnu/libpthread-2.24.so
7ffff72e1000-7ffff72e2000 rw-p 00018000 08:01 33682 /lib/x86_64-linux-gnu/libpthread-2.24.so
7ffff72e2000-7ffff72e6000 rw-p 00000000 00:00 0
7ffff72e6000-7ffff72ed000 r-xp 00000000 08:01 33715 /lib/x86_64-linux-gnu/librt-2.24.so
7ffff72ed000-7ffff74ec000 ---p 00007000 08:01 33715 /lib/x86_64-linux-gnu/librt-2.24.so
7ffff74ec000-7ffff74ed000 r--p 00006000 08:01 33715 /lib/x86_64-linux-gnu/librt-2.24.so
7ffff74ed000-7ffff74ee000 rw-p 00007000 08:01 33715 /lib/x86_64-linux-gnu/librt-2.24.so
7ffff74ee000-7ffff7683000 r-xp 00000000 08:01 33370 /lib/x86_64-linux-gnu/libc-2.24.so
7ffff7683000-7ffff7882000 ---p 00195000 08:01 33370 /lib/x86_64-linux-gnu/libc-2.24.so
7ffff7882000-7ffff7886000 r--p 00194000 08:01 33370 /lib/x86_64-linux-gnu/libc-2.24.so
7ffff7886000-7ffff7888000 rw-p 00198000 08:01 33370 /lib/x86_64-linux-gnu/libc-2.24.so
7ffff7888000-7ffff788c000 rw-p 00000000 00:00 0
7ffff788c000-7ffff78c8000 r-xp 00000000 fe:01 47723 /usr/lib/x86_64-linux-gnu/libdvbv5.so.0.0.0
7ffff78c8000-7ffff7ac8000 ---p 0003c000 fe:01 47723 /usr/lib/x86_64-linux-gnu/libdvbv5.so.0.0.0
7ffff7ac8000-7ffff7ad2000 r--p 0003c000 fe:01 47723 /usr/lib/x86_64-linux-gnu/libdvbv5.so.0.0.0
7ffff7ad2000-7ffff7ad5000 rw-p 00046000 fe:01 47723 /usr/lib/x86_64-linux-gnu/libdvbv5.so.0.0.0
7ffff7ad5000-7ffff7bd8000 r-xp 00000000 08:01 33456 /lib/x86_64-linux-gnu/libm-2.24.so
7ffff7bd8000-7ffff7dd7000 ---p 00103000 08:01 33456 /lib/x86_64-linux-gnu/libm-2.24.so
7ffff7dd7000-7ffff7dd8000 r--p 00102000 08:01 33456 /lib/x86_64-linux-gnu/libm-2.24.so
7ffff7dd8000-7ffff7dd9000 rw-p 00103000 08:01 33456 /lib/x86_64-linux-gnu/libm-2.24.so
7ffff7dd9000-7ffff7dfc000 r-xp 00000000 08:01 33225 /lib/x86_64-linux-gnu/ld-2.24.so
7ffff7faa000-7ffff7faf000 rw-p 00000000 00:00 0
7ffff7faf000-7ffff7fce000 r-xp 00000000 08:01 32792 /lib/x86_64-linux-gnu/libudev.so.1.6.5
7ffff7fce000-7ffff7fcf000 r--p 0001e000 08:01 32792 /lib/x86_64-linux-gnu/libudev.so.1.6.5
7ffff7fcf000-7ffff7fd0000 rw-p 0001f000 08:01 32792 /lib/x86_64-linux-gnu/libudev.so.1.6.5
7ffff7fed000-7ffff7fee000 rw-p 00000000 00:00 0
7ffff7fee000-7ffff7ff5000 r--s 00000000 fe:01 24377 /usr/lib/x86_64-linux-gnu/gconv/gconv-modules.cache
7ffff7ff5000-7ffff7ff8000 rw-p 00000000 00:00 0
7ffff7ff8000-7ffff7ffa000 r--p 00000000 00:00 0 [vvar]
7ffff7ffa000-7ffff7ffc000 r-xp 00000000 00:00 0 [vdso]
7ffff7ffc000-7ffff7ffd000 r--p 00023000 08:01 33225 /lib/x86_64-linux-gnu/ld-2.24.so
7ffff7ffd000-7ffff7ffe000 rw-p 00024000 08:01 33225 /lib/x86_64-linux-gnu/ld-2.24.so
7ffff7ffe000-7ffff7fff000 rw-p 00000000 00:00 0
7ffffffde000-7ffffffff000 rw-p 00000000 00:00 0 [stack]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Program received signal SIGABRT, Aborted.
__GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:58
58 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) thread apply all bt full
Thread 1 (Thread 0x7ffff7faa740 (LWP 3261)):
#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:58
set = {__val = {0, 3395749441387372576, 6860733171187738988, 8679965255892022326, 7091318039360988973, 3346019691551614069,
7365366939112582705, 3487584252112299622, 7378697628691542064, 2319406791624255031, 3472328228581767026, 4048771456345073201,
4122819179045793850, 2314885530818453554, 2314885530818453536, 3395749441387372576}}
pid = <optimized out>
tid = <optimized out>
#1 0x00007ffff752240a in __GI_abort () at abort.c:89
save_stage = 2
act = {__sigaction_handler = {sa_handler = 0x3766666666372d30, sa_sigaction = 0x3766666666372d30}, sa_mask = {__val = {
8223625903106778726, 3472328295963438381, 4192904167887482928, 2314885531086893104, 2314885530818453536,
2314885530818453536, 8528445641706184736, 7378645557150114166, 3472382405132117606, 3991990709698112816,
8223625903106909798, 3472328295963457581, 4192904167887482928, 2314885531086893104, 2314885530818453536, 140737488345792}},
sa_flags = 88, sa_restorer = 0x7fffffffdac0}
sigs = {__val = {32, 0 <repeats 15 times>}}
#2 0x00007ffff755ebd0 in __libc_message (do_abort=do_abort@entry=2, fmt=fmt@entry=0x7ffff7653c30 "*** Error in `%s': %s: 0x%s ***\n")
at ../sysdeps/posix/libc_fatal.c:175
ap = {{gp_offset = 40, fp_offset = 0, overflow_arg_area = 0x7fffffffdad0, reg_save_area = 0x7fffffffda60}}
fd = 5
on_2 = <optimized out>
list = <optimized out>
nlist = <optimized out>
cp = <optimized out>
written = <optimized out>
#3 0x00007ffff7564f96 in malloc_printerr (action=3, str=0x7ffff765082b "malloc(): memory corruption", ptr=<optimized out>,
ar_ptr=<optimized out>) at malloc.c:5046
buf = "00005555557649a0"
cp = <optimized out>
ar_ptr = <optimized out>
ptr = <optimized out>
str = 0x7ffff765082b "malloc(): memory corruption"
action = 3
#4 0x00007ffff7566f69 in _int_malloc (av=av@entry=0x7ffff7886b00 <main_arena>, bytes=bytes@entry=392) at malloc.c:3509
iters = 0
nb = 400
idx = 25
bin = <optimized out>
victim = 0x555555764990
size = <optimized out>
victim_index = <optimized out>
remainder = <optimized out>
remainder_size = <optimized out>
block = <optimized out>
bit = <optimized out>
map = <optimized out>
fwd = <optimized out>
bck = 0x20040c065034602
errstr = 0x0
__func__ = "_int_malloc"
#5 0x00007ffff756999b in __libc_calloc (n=<optimized out>, elem_size=<optimized out>) at malloc.c:3271
av = 0x7ffff7886b00 <main_arena>
oldtop = 0x5555557cf1e0
p = <optimized out>
bytes = 392
sz = 392
csz = <optimized out>
oldtopsize = 134688
mem = <optimized out>
clearsize = <optimized out>
nclears = <optimized out>
d = <optimized out>
hook = <optimized out>
__func__ = "__libc_calloc"
#6 0x00007ffff78b5bbd in dvb_desc_t2_delivery_init (parms=0x55555575c070, buf=<optimized out>, ext=<optimized out>, desc=0x555555764980)
at descriptors/desc_t2_delivery.c:65
d = 0x555555764980
p = 0x55555575ed90 "1\377\002\323D@\002\337y@\002\353\256@\003\064\354@\003e\300@\003~*@\003\212_@\003\226\224@\003\242\311@\003\307h@\004\004q@\003q\365@l\264\002AC1\a\225\"", <incomplete sequence \307>
desc_len = <optimized out>
len = <optimized out>
i = <optimized out>
__func__ = "dvb_desc_t2_delivery_init"
#7 0x00007ffff78b6848 in dvb_extension_descriptor_init (parms=parms@entry=0x55555575c070, buf=buf@entry=0x55555575ed4a "\004",
desc=desc@entry=0x555555764940) at descriptors/desc_extension.c:155
ext = 0x555555764940
p = 0x55555575ed4b ""
desc_type = <optimized out>
size = <optimized out>
desc_len = 68
init = 0x7ffff78b5a50 <dvb_desc_t2_delivery_init>
#8 0x00007ffff78b103c in dvb_desc_parse (parms=parms@entry=0x55555575c070, buf=buf@entry=0x55555575ed48 "\177E\004",
buflen=buflen@entry=321, head_desc=0x555555764966) at descriptors.c:194
desc_type = 127 '\177'
desc_len = 69 'E'
size = <optimized out>
init = 0x7ffff78b67c0 <dvb_extension_descriptor_init>
ptr = 0x55555575ed4a "\004"
endbuf = 0x55555575ee89 "q8\314j"
current = 0x555555764940
last = 0x0
__func__ = "dvb_desc_parse"
#9 0x00007ffff78b2017 in dvb_table_nit_init (parms=0x55555575c070, buf=0x55555575ed30 "@\361Z0", <incomplete sequence \351>,
buflen=<optimized out>, table=<optimized out>) at tables/nit.c:116
desc_length = 321
transport = 0x555555764960
p = 0x55555575ed48 "\177E\004"
endbuf = 0x55555575ee89 "q8\314j"
nit = <optimized out>
head = 0x55555576496e
head_desc = <optimized out>
size = 2
__func__ = "dvb_table_nit_init"
#10 0x00007ffff78aee2d in dvb_parse_section (buf_length=349, buf=0x55555575ed30 "@\361Z0", <incomplete sequence \351>,
sect=0x7fffffffde80, parms=0x55555575c070) at dvb-scan.c:275
ext = 0x5555557646c0
tid = <optimized out>
i = <optimized out>
h = {table_id = 64 '@', {bitfield = 61786, {section_length = 346, one = 3 '\003', zero = 1 '\001', syntax = 1 '\001'}},
id = 12290, current_next = 1 '\001', version = 20 '\024', one2 = 3 '\003', section_id = 0 '\000', last_section = 0 '\000'}
priv = <optimized out>
new = <optimized out>
#11 dvb_read_sections (__p=0x55555575c070, dmx_fd=4, sect=0x7fffffffde80, timeout=<optimized out>) at dvb-scan.c:374
crc = <optimized out>
parms = 0x55555575c070
ret = <optimized out>
mask = 255 '\377'
timeout = <optimized out>
sect = 0x7fffffffde80
dmx_fd = 4
__p = 0x55555575c070
parms = 0x55555575c070
mask = 255 '\377'
#12 0x00007ffff78af42a in dvb_read_section_with_id (parms=parms@entry=0x55555575c070, dmx_fd=dmx_fd@entry=4, tid=tid@entry=64 '@',
pid=pid@entry=16, ts_id=ts_id@entry=-1, table=table@entry=0x555555771e10, timeout=12) at dvb-scan.c:399
tab = {tid = 64 '@', pid = 16, ts_id = -1, table = 0x555555771e10, allow_section_gaps = 0, priv = 0x555555766970}
#13 0x00007ffff78af46a in dvb_read_section (parms=parms@entry=0x55555575c070, dmx_fd=dmx_fd@entry=4, tid=tid@entry=64 '@',
pid=pid@entry=16, table=table@entry=0x555555771e10, timeout=timeout@entry=12) at dvb-scan.c:102
No locals.
#14 0x00007ffff78af780 in dvb_get_ts_tables (__p=__p@entry=0x55555575c070, dmx_fd=dmx_fd@entry=4, delivery_system=<optimized out>,
other_nit=other_nit@entry=0, timeout_multiply=timeout_multiply@entry=1) at dvb-scan.c:572
parms = 0x55555575c070
rc = <optimized out>
pat_pmt_time = <optimized out>
sdt_time = 2
nit_time = 12
vct_time = 2
atsc_filter = <optimized out>
num_pmt = 5
dvb_scan_handler = 0x555555771de0
#15 0x00007ffff78afd3f in dvb_scan_transponder (__p=0x55555575c070, entry=0x555555766f80, dmx_fd=4,
check_frontend=0x555555556ca0 <check_frontend>, args=0x7fffffffe060, other_nit=0, timeout_multiply=1) at dvb-scan.c:680
parms = 0x55555575c070
dvb_scan_handler = 0x0
freq = 578000000
delsys = 16
i = <optimized out>
rc = <optimized out>
#16 0x00007ffff78a49fd in dvb_local_scan (open_dev=<optimized out>, entry=<optimized out>, check_frontend=<optimized out>,
args=<optimized out>, other_nit=<optimized out>, timeout_multiply=<optimized out>) at dvb-dev-local.c:723
dev = <optimized out>
dvb = <optimized out>
parms = <optimized out>
desc = <optimized out>
fd = <optimized out>
#17 0x000055555555607e in run_scan (dvb=0x55555575bf70, args=0x7fffffffe060) at dvbv5-scan.c:298
dvb_scan_handler = 0x0
stream_id = 0
dvb_file = 0x55555575dc30
freq = 578000000
sys = <optimized out>
parms = 0x55555575c070
dvb_file_new = 0x55555575fe50
entry = 0x555555766f80
dmx_fd = 0x555555771250
count = <optimized out>
shift = <optimized out>
pol = POLARIZATION_OFF
#18 main (argc=<optimized out>, argv=<optimized out>) at dvbv5-scan.c:562
args = {confname = 0x7fffffffe4b5 "init2", lnb_name = 0x0, output = 0x555555556fa1 "dvb_channel.conf",
demux_dev = 0x555555771490 "dvb0.demux0", adapter = 4294967295, n_adapter = 0, adapter_fe = 0, adapter_dmx = 0, frontend = 0,
demux = 0, get_detected = 0, get_nit = 0, lna = 1, lnb = 0, sat_number = -1, freq_bpf = 0, diseqc_wait = 0,
dont_add_new_freqs = 0, timeout_multiply = 1, other_nit = 0, input_format = FILE_DVBV5, output_format = FILE_DVBV5, cc = 0x0,
n_status_lines = 1}
err = <optimized out>
lnb = <optimized out>
idx = 2
dvb = 0x55555575bf70
dvb_dev = <optimized out>
parms = <optimized out>
argp = {options = 0x5555557589a0 <options>, parser = 0x555555556610 <parse_opt>, args_doc = 0x555555556f76 "<initial file>",
doc = 0x555555557418 "scan DVB services using the channel file", children = 0x0, help_filter = 0x0, argp_domain = 0x0}
(gdb)
-- System Information:
Debian Release: 9.0
APT prefers unstable-debug
APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.10.2 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages dvb-tools depends on:
ii libc6 2.24-9
ii libdvbv5-0 1.12.3-1
ii libudev1 232-21
dvb-tools recommends no packages.
dvb-tools suggests no packages.
-- debconf-show failed
Gregor Jasny
Mar 29, 2017, 10:20:02 AM3/29/17
to
Hello,
could you please re-try with a debug build?
git clone git://linuxtv.org/v4l-utils.git
cd v4l-utils
./bootstrap.sh
./configure --enable-static --disable-shared CFLAGS="-O0 -g"
CXXFLAGS="-O0 -g"
make -j4
utils/dvb/dvbv5-scan
Thanks,
Gregor
could you please re-try with a debug build?
git clone git://linuxtv.org/v4l-utils.git
cd v4l-utils
./bootstrap.sh
./configure --enable-static --disable-shared CFLAGS="-O0 -g"
CXXFLAGS="-O0 -g"
make -j4
utils/dvb/dvbv5-scan
Thanks,
Gregor
Tino Mettler
Mar 29, 2017, 10:50:04 AM3/29/17
to
Hi,
see below.
Regards,
Tino
$ gdb --args ./utils/dvb/dvbv5-scan ~/tmp/dvb-t2/init2
(gdb) run
Starting program: /home/scorpion/build/9643/v4l-utils/utils/dvb/dvbv5-scan /home/scorpion/tmp/dvb-t2/init2
(0x00) Signal= -76.00dBm
Scanning frequency #4 578000000
Lock (0x1f) Signal= -76.00dBm C/N= 27.25dB
*** Error in `/home/scorpion/build/9643/v4l-utils/utils/dvb/dvbv5-scan': malloc(): memory corruption: 0x00005555557a6b70 ***
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(+0x70bcb)[0x7ffff759fbcb]
/lib/x86_64-linux-gnu/libc.so.6(+0x76f96)[0x7ffff75a5f96]
/lib/x86_64-linux-gnu/libc.so.6(+0x78f69)[0x7ffff75a7f69]
/lib/x86_64-linux-gnu/libc.so.6(__libc_calloc+0x27b)[0x7ffff75aa99b]
/home/scorpion/build/9643/v4l-utils/utils/dvb/dvbv5-scan(+0x29e81)[0x55555557de81]
/home/scorpion/build/9643/v4l-utils/utils/dvb/dvbv5-scan(+0x2b39b)[0x55555557f39b]
/home/scorpion/build/9643/v4l-utils/utils/dvb/dvbv5-scan(+0x24513)[0x555555578513]
/home/scorpion/build/9643/v4l-utils/utils/dvb/dvbv5-scan(+0x25dff)[0x555555579dff]
/home/scorpion/build/9643/v4l-utils/utils/dvb/dvbv5-scan(+0x21ba4)[0x555555575ba4]
/home/scorpion/build/9643/v4l-utils/utils/dvb/dvbv5-scan(+0x22010)[0x555555576010]
/home/scorpion/build/9643/v4l-utils/utils/dvb/dvbv5-scan(+0x220b4)[0x5555555760b4]
/home/scorpion/build/9643/v4l-utils/utils/dvb/dvbv5-scan(+0x214fd)[0x5555555754fd]
/home/scorpion/build/9643/v4l-utils/utils/dvb/dvbv5-scan(+0x22759)[0x555555576759]
/home/scorpion/build/9643/v4l-utils/utils/dvb/dvbv5-scan(+0x22c7b)[0x555555576c7b]
/home/scorpion/build/9643/v4l-utils/utils/dvb/dvbv5-scan(+0x15348)[0x555555569348]
/home/scorpion/build/9643/v4l-utils/utils/dvb/dvbv5-scan(+0x132fa)[0x5555555672fa]
/home/scorpion/build/9643/v4l-utils/utils/dvb/dvbv5-scan(+0x11ec7)[0x555555565ec7]
/home/scorpion/build/9643/v4l-utils/utils/dvb/dvbv5-scan(+0x12941)[0x555555566941]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf1)[0x7ffff754f2b1]
/home/scorpion/build/9643/v4l-utils/utils/dvb/dvbv5-scan(+0x113ea)[0x5555555653ea]
======= Memory map: ========
555555554000-55555558f000 r-xp 00000000 00:19 6669022 /home/scorpion/build/9643/v4l-utils/utils/dvb/dvbv5-scan
55555578e000-555555798000 r--p 0003a000 00:19 6669022 /home/scorpion/build/9643/v4l-utils/utils/dvb/dvbv5-scan
555555798000-55555579c000 rw-p 00044000 00:19 6669022 /home/scorpion/build/9643/v4l-utils/utils/dvb/dvbv5-scan
55555579c000-555555832000 rw-p 00000000 00:00 0 [heap]
7ffff69a5000-7ffff6ba4000 ---p 00016000 08:01 33517 /lib/x86_64-linux-gnu/libgcc_s.so.1
7ffff6ba4000-7ffff6ba5000 r--p 00015000 08:01 33517 /lib/x86_64-linux-gnu/libgcc_s.so.1
7ffff6ba5000-7ffff6ba6000 rw-p 00016000 08:01 33517 /lib/x86_64-linux-gnu/libgcc_s.so.1
7ffff6ba6000-7ffff6ba8000 r-xp 00000000 fe:01 6828 /usr/lib/x86_64-linux-gnu/gconv/ISO8859-15.so
7ffff6ba8000-7ffff6da7000 ---p 00002000 fe:01 6828 /usr/lib/x86_64-linux-gnu/gconv/ISO8859-15.so
7ffff6da7000-7ffff6da8000 r--p 00001000 fe:01 6828 /usr/lib/x86_64-linux-gnu/gconv/ISO8859-15.so
7ffff6da8000-7ffff6da9000 rw-p 00002000 fe:01 6828 /usr/lib/x86_64-linux-gnu/gconv/ISO8859-15.so
7ffff6da9000-7ffff6dab000 r-xp 00000000 fe:01 7652 /usr/lib/x86_64-linux-gnu/gconv/ISO8859-9.so
7ffff6dab000-7ffff6faa000 ---p 00002000 fe:01 7652 /usr/lib/x86_64-linux-gnu/gconv/ISO8859-9.so
7ffff6faa000-7ffff6fab000 r--p 00001000 fe:01 7652 /usr/lib/x86_64-linux-gnu/gconv/ISO8859-9.so
7ffff6fab000-7ffff6fac000 rw-p 00002000 fe:01 7652 /usr/lib/x86_64-linux-gnu/gconv/ISO8859-9.so
7ffff6fac000-7ffff7312000 r--p 00000000 fe:01 146067 /usr/lib/locale/locale-archive
7ffff7312000-7ffff732a000 r-xp 00000000 08:01 33682 /lib/x86_64-linux-gnu/libpthread-2.24.so
7ffff732a000-7ffff7529000 ---p 00018000 08:01 33682 /lib/x86_64-linux-gnu/libpthread-2.24.so
7ffff7529000-7ffff752a000 r--p 00017000 08:01 33682 /lib/x86_64-linux-gnu/libpthread-2.24.so
7ffff752a000-7ffff752b000 rw-p 00018000 08:01 33682 /lib/x86_64-linux-gnu/libpthread-2.24.so
7ffff752b000-7ffff752f000 rw-p 00000000 00:00 0
7ffff752f000-7ffff76c4000 r-xp 00000000 08:01 33370 /lib/x86_64-linux-gnu/libc-2.24.so
7ffff76c4000-7ffff78c3000 ---p 00195000 08:01 33370 /lib/x86_64-linux-gnu/libc-2.24.so
7ffff78c3000-7ffff78c7000 r--p 00194000 08:01 33370 /lib/x86_64-linux-gnu/libc-2.24.so
7ffff78c7000-7ffff78c9000 rw-p 00198000 08:01 33370 /lib/x86_64-linux-gnu/libc-2.24.so
7ffff78c9000-7ffff78cd000 rw-p 00000000 00:00 0
7ffff78cd000-7ffff78d4000 r-xp 00000000 08:01 33715 /lib/x86_64-linux-gnu/librt-2.24.so
7ffff78d4000-7ffff7ad3000 ---p 00007000 08:01 33715 /lib/x86_64-linux-gnu/librt-2.24.so
7ffff7ad3000-7ffff7ad4000 r--p 00006000 08:01 33715 /lib/x86_64-linux-gnu/librt-2.24.so
7ffff7ad4000-7ffff7ad5000 rw-p 00007000 08:01 33715 /lib/x86_64-linux-gnu/librt-2.24.so
3472382405132117606, 3467895052413575216, 2319406791620833328, 2319389199435444272, 2314885530818453536, 2314885530818453536,
2314885530818453536, 746878876138232608, 7378645952437315127, 7378645706714656865}}
save_stage = 2
act = {__sigaction_handler = {sa_handler = 0x666666370a6f732e, sa_sigaction = 0x666666370a6f732e}, sa_mask = {__val = {3472328524770457446,
7365468305578407725, 8606977229197436518, 3472328296226648109, 3475143045726351408, 7378645556122361904, 3472386794591774310,
7378697629480725808, 8223625903107106406, 3472328295963438455, 4192904167887482928, 2314885531086893104, 2314885530818453536,
2314885530818453536, 8312272859592400928, 140737488345280}}, sa_flags = 125, sa_restorer = 0x7fffffffd8c0}
at ../sysdeps/posix/libc_fatal.c:175
ap = {{gp_offset = 40, fp_offset = 32767, overflow_arg_area = 0x7fffffffd8d0, reg_save_area = 0x7fffffffd860}}
at malloc.c:5046
buf = "00005555557a6b70"
action = 3
#4 0x00007ffff75a7f69 in _int_malloc (av=av@entry=0x7ffff78c7b00 <main_arena>, bytes=bytes@entry=392) at malloc.c:3509
av = 0x7ffff78c7b00 <main_arena>
oldtop = 0x555555811240
at descriptors/desc_t2_delivery.c:65
d = 0x5555557a6b50
p = 0x5555557a0df0 "1\377\002\323D@\002\337y@\002\353\256@\003\064\354@\003e\300@\003~*@\003\212_@\003\226\224@\003\242\311@\003\307h@\004\004q@\003q\365@l\264\002AC1\a\225\"", <incomplete sequence \307>
desc_len = 68
len = 63
len2 = 5
i = 21845
__func__ = "dvb_desc_t2_delivery_init"
#7 0x000055555557f39b in dvb_extension_descriptor_init (parms=0x55555579e0c0, buf=0x5555557a0daa "\004", desc=0x5555557a6b10)
at descriptors/desc_extension.c:155
ext = 0x5555557a6b10
p = 0x5555557a0dab ""
desc_type = 4
size = 23
desc_len = 68
init = 0x55555557dcf1 <dvb_desc_t2_delivery_init>
#8 0x0000555555578513 in dvb_desc_parse (parms=0x55555579e0c0, buf=0x5555557a0da8 "\177E\004", buflen=321, head_desc=0x5555557a6b36)
init = 0x55555557f1bb <dvb_extension_descriptor_init>
ptr = 0x5555557a0daa "\004"
endbuf = 0x5555557a0ee9 "q8\314j"
current = 0x5555557a6b10
table=0x5555557b4170) at tables/nit.c:116
desc_length = 321
transport = 0x5555557a6b30
p = 0x5555557a0da8 "\177E\004"
endbuf = 0x5555557a0ee9 "q8\314j"
nit = 0x5555557a6a90
head = 0x5555557a6b3e
head_desc = 0x5555557a6a9a
size = 6
__func__ = "dvb_table_nit_init"
#10 0x0000555555575ba4 in dvb_parse_section (parms=0x55555579e0c0, sect=0x7fffffffdcc0, buf=0x5555557a0d90 "@\361Z0", <incomplete sequence \351>,
buf_length=349) at dvb-scan.c:275
ext = 0x5555557b3eb0
tid = 64 '@'
i = 0
new = 1
__func__ = "dvb_parse_section"
#11 0x0000555555576010 in dvb_read_sections (__p=0x55555579e0c0, dmx_fd=4, sect=0x7fffffffdcc0, timeout=12) at dvb-scan.c:374
available = 1
crc = 0
buf_length = 349
parms = 0x55555579e0c0
ret = 0
buf = 0x5555557a0d90 "@\361Z0", <incomplete sequence \351>
mask = 255 '\377'
__func__ = "dvb_read_sections"
#12 0x00005555555760b4 in dvb_read_section_with_id (parms=0x55555579e0c0, dmx_fd=4, tid=64 '@', pid=16, ts_id=-1, table=0x5555557b4170, timeout=12)
at dvb-scan.c:399
tab = {tid = 64 '@', pid = 16, ts_id = -1, table = 0x5555557b4170, allow_section_gaps = 0, priv = 0x5555557a89f0}
#13 0x00005555555754fd in dvb_read_section (parms=0x55555579e0c0, dmx_fd=4, tid=64 '@', pid=16, table=0x5555557b4170, timeout=12) at dvb-scan.c:102
No locals.
#14 0x0000555555576759 in dvb_get_ts_tables (__p=0x55555579e0c0, dmx_fd=4, delivery_system=16, other_nit=0, timeout_multiply=1) at dvb-scan.c:572
parms = 0x55555579e0c0
rc = 0
pat_pmt_time = 1
atsc_filter = 0
num_pmt = 5
dvb_scan_handler = 0x5555557b4140
#15 0x0000555555576c7b in dvb_scan_transponder (__p=0x55555579e0c0, entry=0x5555557a8fe0, dmx_fd=4, check_frontend=0x555555565a93 <check_frontend>,
args=0x7fffffffdff0, other_nit=0, timeout_multiply=1) at dvb-scan.c:680
parms = 0x55555579e0c0
rc = 0
#16 0x0000555555569348 in dvb_local_scan (open_dev=0x5555557b3fe0, entry=0x5555557a8fe0, check_frontend=0x555555565a93 <check_frontend>,
args=0x7fffffffdff0, other_nit=0, timeout_multiply=1) at dvb-dev-local.c:734
dev = 0x5555557a84e0
dvb = 0x55555579df90
parms = 0x55555579e0c0
desc = 0x0
fd = 4
#17 0x00005555555672fa in dvb_dev_scan (open_dev=0x5555557b3fe0, entry=0x5555557a8fe0, check_frontend=0x555555565a93 <check_frontend>,
args=0x7fffffffdff0, other_nit=0, timeout_multiply=1) at dvb-dev.c:317
dvb = 0x55555579df90
ops = 0x55555579dfa8
#18 0x0000555555565ec7 in run_scan (args=0x7fffffffdff0, dvb=0x55555579df90) at dvbv5-scan.c:298
dvb_file = 0x55555579fc90
dvb_file_new = 0x5555557b33a0
entry = 0x5555557a8fe0
dmx_fd = 0x5555557b3fe0
count = 4
shift = 1000000
freq = 578000000
sys = 0
pol = POLARIZATION_OFF
#19 0x0000555555566941 in main (argc=2, argv=0x7fffffffe188) at dvbv5-scan.c:562
args = {confname = 0x7fffffffe459 "/home/scorpion/tmp/dvb-t2/init2", lnb_name = 0x0, output = 0x555555582de4 "dvb_channel.conf",
demux_dev = 0x5555557b34f0 "dvb0.demux0", adapter = 4294967295, n_adapter = 0, adapter_fe = 0, adapter_dmx = 0, frontend = 0, demux = 0,
get_detected = 0, get_nit = 0, lna = -1, lnb = 0, sat_number = -1, freq_bpf = 0, diseqc_wait = 0, dont_add_new_freqs = 0,
lnb = -1
idx = 1
dvb = 0x55555579df90
dvb_dev = 0x5555557a8570
parms = 0x55555579e0c0
argp = {options = 0x55555578e7c0 <options>, parser = 0x555555565fd9 <parse_opt>, args_doc = 0x555555582d88 "<initial file>",
doc = 0x555555582d98 "scan DVB services using the channel file", children = 0x0, help_filter = 0x0, argp_domain = 0x0}
(gdb)
see below.
Regards,
Tino
$ gdb --args ./utils/dvb/dvbv5-scan ~/tmp/dvb-t2/init2
GNU gdb (Debian 7.12-6) 7.12.0.20161007-git
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from ./utils/dvb/dvbv5-scan...done.
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
(gdb) run
Starting program: /home/scorpion/build/9643/v4l-utils/utils/dvb/dvbv5-scan /home/scorpion/tmp/dvb-t2/init2
Scanning frequency #4 578000000
Lock (0x1f) Signal= -76.00dBm C/N= 27.25dB
*** Error in `/home/scorpion/build/9643/v4l-utils/utils/dvb/dvbv5-scan': malloc(): memory corruption: 0x00005555557a6b70 ***
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(+0x70bcb)[0x7ffff759fbcb]
/lib/x86_64-linux-gnu/libc.so.6(+0x76f96)[0x7ffff75a5f96]
/lib/x86_64-linux-gnu/libc.so.6(+0x78f69)[0x7ffff75a7f69]
/lib/x86_64-linux-gnu/libc.so.6(__libc_calloc+0x27b)[0x7ffff75aa99b]
/home/scorpion/build/9643/v4l-utils/utils/dvb/dvbv5-scan(+0x29e81)[0x55555557de81]
/home/scorpion/build/9643/v4l-utils/utils/dvb/dvbv5-scan(+0x2b39b)[0x55555557f39b]
/home/scorpion/build/9643/v4l-utils/utils/dvb/dvbv5-scan(+0x24513)[0x555555578513]
/home/scorpion/build/9643/v4l-utils/utils/dvb/dvbv5-scan(+0x25dff)[0x555555579dff]
/home/scorpion/build/9643/v4l-utils/utils/dvb/dvbv5-scan(+0x21ba4)[0x555555575ba4]
/home/scorpion/build/9643/v4l-utils/utils/dvb/dvbv5-scan(+0x22010)[0x555555576010]
/home/scorpion/build/9643/v4l-utils/utils/dvb/dvbv5-scan(+0x220b4)[0x5555555760b4]
/home/scorpion/build/9643/v4l-utils/utils/dvb/dvbv5-scan(+0x214fd)[0x5555555754fd]
/home/scorpion/build/9643/v4l-utils/utils/dvb/dvbv5-scan(+0x22759)[0x555555576759]
/home/scorpion/build/9643/v4l-utils/utils/dvb/dvbv5-scan(+0x22c7b)[0x555555576c7b]
/home/scorpion/build/9643/v4l-utils/utils/dvb/dvbv5-scan(+0x15348)[0x555555569348]
/home/scorpion/build/9643/v4l-utils/utils/dvb/dvbv5-scan(+0x132fa)[0x5555555672fa]
/home/scorpion/build/9643/v4l-utils/utils/dvb/dvbv5-scan(+0x11ec7)[0x555555565ec7]
/home/scorpion/build/9643/v4l-utils/utils/dvb/dvbv5-scan(+0x12941)[0x555555566941]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf1)[0x7ffff754f2b1]
/home/scorpion/build/9643/v4l-utils/utils/dvb/dvbv5-scan(+0x113ea)[0x5555555653ea]
======= Memory map: ========
555555554000-55555558f000 r-xp 00000000 00:19 6669022 /home/scorpion/build/9643/v4l-utils/utils/dvb/dvbv5-scan
55555578e000-555555798000 r--p 0003a000 00:19 6669022 /home/scorpion/build/9643/v4l-utils/utils/dvb/dvbv5-scan
555555798000-55555579c000 rw-p 00044000 00:19 6669022 /home/scorpion/build/9643/v4l-utils/utils/dvb/dvbv5-scan
55555579c000-555555832000 rw-p 00000000 00:00 0 [heap]
7ffff0000000-7ffff0021000 rw-p 00000000 00:00 0
7ffff0021000-7ffff4000000 ---p 00000000 00:00 0
7ffff698f000-7ffff69a5000 r-xp 00000000 08:01 33517 /lib/x86_64-linux-gnu/libgcc_s.so.1
7ffff0021000-7ffff4000000 ---p 00000000 00:00 0
7ffff69a5000-7ffff6ba4000 ---p 00016000 08:01 33517 /lib/x86_64-linux-gnu/libgcc_s.so.1
7ffff6ba4000-7ffff6ba5000 r--p 00015000 08:01 33517 /lib/x86_64-linux-gnu/libgcc_s.so.1
7ffff6ba5000-7ffff6ba6000 rw-p 00016000 08:01 33517 /lib/x86_64-linux-gnu/libgcc_s.so.1
7ffff6ba6000-7ffff6ba8000 r-xp 00000000 fe:01 6828 /usr/lib/x86_64-linux-gnu/gconv/ISO8859-15.so
7ffff6ba8000-7ffff6da7000 ---p 00002000 fe:01 6828 /usr/lib/x86_64-linux-gnu/gconv/ISO8859-15.so
7ffff6da7000-7ffff6da8000 r--p 00001000 fe:01 6828 /usr/lib/x86_64-linux-gnu/gconv/ISO8859-15.so
7ffff6da8000-7ffff6da9000 rw-p 00002000 fe:01 6828 /usr/lib/x86_64-linux-gnu/gconv/ISO8859-15.so
7ffff6da9000-7ffff6dab000 r-xp 00000000 fe:01 7652 /usr/lib/x86_64-linux-gnu/gconv/ISO8859-9.so
7ffff6dab000-7ffff6faa000 ---p 00002000 fe:01 7652 /usr/lib/x86_64-linux-gnu/gconv/ISO8859-9.so
7ffff6faa000-7ffff6fab000 r--p 00001000 fe:01 7652 /usr/lib/x86_64-linux-gnu/gconv/ISO8859-9.so
7ffff6fab000-7ffff6fac000 rw-p 00002000 fe:01 7652 /usr/lib/x86_64-linux-gnu/gconv/ISO8859-9.so
7ffff6fac000-7ffff7312000 r--p 00000000 fe:01 146067 /usr/lib/locale/locale-archive
7ffff7312000-7ffff732a000 r-xp 00000000 08:01 33682 /lib/x86_64-linux-gnu/libpthread-2.24.so
7ffff732a000-7ffff7529000 ---p 00018000 08:01 33682 /lib/x86_64-linux-gnu/libpthread-2.24.so
7ffff7529000-7ffff752a000 r--p 00017000 08:01 33682 /lib/x86_64-linux-gnu/libpthread-2.24.so
7ffff752a000-7ffff752b000 rw-p 00018000 08:01 33682 /lib/x86_64-linux-gnu/libpthread-2.24.so
7ffff752b000-7ffff752f000 rw-p 00000000 00:00 0
7ffff752f000-7ffff76c4000 r-xp 00000000 08:01 33370 /lib/x86_64-linux-gnu/libc-2.24.so
7ffff76c4000-7ffff78c3000 ---p 00195000 08:01 33370 /lib/x86_64-linux-gnu/libc-2.24.so
7ffff78c3000-7ffff78c7000 r--p 00194000 08:01 33370 /lib/x86_64-linux-gnu/libc-2.24.so
7ffff78c7000-7ffff78c9000 rw-p 00198000 08:01 33370 /lib/x86_64-linux-gnu/libc-2.24.so
7ffff78c9000-7ffff78cd000 rw-p 00000000 00:00 0
7ffff78cd000-7ffff78d4000 r-xp 00000000 08:01 33715 /lib/x86_64-linux-gnu/librt-2.24.so
7ffff78d4000-7ffff7ad3000 ---p 00007000 08:01 33715 /lib/x86_64-linux-gnu/librt-2.24.so
7ffff7ad3000-7ffff7ad4000 r--p 00006000 08:01 33715 /lib/x86_64-linux-gnu/librt-2.24.so
7ffff7ad4000-7ffff7ad5000 rw-p 00007000 08:01 33715 /lib/x86_64-linux-gnu/librt-2.24.so
7ffff7ad5000-7ffff7bd8000 r-xp 00000000 08:01 33456 /lib/x86_64-linux-gnu/libm-2.24.so
7ffff7bd8000-7ffff7dd7000 ---p 00103000 08:01 33456 /lib/x86_64-linux-gnu/libm-2.24.so
7ffff7dd7000-7ffff7dd8000 r--p 00102000 08:01 33456 /lib/x86_64-linux-gnu/libm-2.24.so
7ffff7dd8000-7ffff7dd9000 rw-p 00103000 08:01 33456 /lib/x86_64-linux-gnu/libm-2.24.so
7ffff7dd9000-7ffff7dfc000 r-xp 00000000 08:01 33225 /lib/x86_64-linux-gnu/ld-2.24.so
7ffff7fad000-7ffff7faf000 rw-p 00000000 00:00 0
7ffff7bd8000-7ffff7dd7000 ---p 00103000 08:01 33456 /lib/x86_64-linux-gnu/libm-2.24.so
7ffff7dd7000-7ffff7dd8000 r--p 00102000 08:01 33456 /lib/x86_64-linux-gnu/libm-2.24.so
7ffff7dd8000-7ffff7dd9000 rw-p 00103000 08:01 33456 /lib/x86_64-linux-gnu/libm-2.24.so
7ffff7dd9000-7ffff7dfc000 r-xp 00000000 08:01 33225 /lib/x86_64-linux-gnu/ld-2.24.so
7ffff7faf000-7ffff7fce000 r-xp 00000000 08:01 32792 /lib/x86_64-linux-gnu/libudev.so.1.6.5
7ffff7fce000-7ffff7fcf000 r--p 0001e000 08:01 32792 /lib/x86_64-linux-gnu/libudev.so.1.6.5
7ffff7fcf000-7ffff7fd0000 rw-p 0001f000 08:01 32792 /lib/x86_64-linux-gnu/libudev.so.1.6.5
7ffff7fed000-7ffff7fee000 rw-p 00000000 00:00 0
7ffff7fee000-7ffff7ff5000 r--s 00000000 fe:01 24377 /usr/lib/x86_64-linux-gnu/gconv/gconv-modules.cache
7ffff7ff5000-7ffff7ff8000 rw-p 00000000 00:00 0
7ffff7ff8000-7ffff7ffa000 r--p 00000000 00:00 0 [vvar]
7ffff7ffa000-7ffff7ffc000 r-xp 00000000 00:00 0 [vdso]
7ffff7ffc000-7ffff7ffd000 r--p 00023000 08:01 33225 /lib/x86_64-linux-gnu/ld-2.24.so
7ffff7ffd000-7ffff7ffe000 rw-p 00024000 08:01 33225 /lib/x86_64-linux-gnu/ld-2.24.so
7ffff7ffe000-7ffff7fff000 rw-p 00000000 00:00 0
7ffffffde000-7ffffffff000 rw-p 00000000 00:00 0 [stack]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Program received signal SIGABRT, Aborted.
__GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:58
58 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) thread apply all bt full
Thread 1 (Thread 0x7ffff7fae480 (LWP 725)):
7ffff7fce000-7ffff7fcf000 r--p 0001e000 08:01 32792 /lib/x86_64-linux-gnu/libudev.so.1.6.5
7ffff7fcf000-7ffff7fd0000 rw-p 0001f000 08:01 32792 /lib/x86_64-linux-gnu/libudev.so.1.6.5
7ffff7fed000-7ffff7fee000 rw-p 00000000 00:00 0
7ffff7fee000-7ffff7ff5000 r--s 00000000 fe:01 24377 /usr/lib/x86_64-linux-gnu/gconv/gconv-modules.cache
7ffff7ff5000-7ffff7ff8000 rw-p 00000000 00:00 0
7ffff7ff8000-7ffff7ffa000 r--p 00000000 00:00 0 [vvar]
7ffff7ffa000-7ffff7ffc000 r-xp 00000000 00:00 0 [vdso]
7ffff7ffc000-7ffff7ffd000 r--p 00023000 08:01 33225 /lib/x86_64-linux-gnu/ld-2.24.so
7ffff7ffd000-7ffff7ffe000 rw-p 00024000 08:01 33225 /lib/x86_64-linux-gnu/ld-2.24.so
7ffff7ffe000-7ffff7fff000 rw-p 00000000 00:00 0
7ffffffde000-7ffffffff000 rw-p 00000000 00:00 0 [stack]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Program received signal SIGABRT, Aborted.
__GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:58
58 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) thread apply all bt full
#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:58
set = {__val = {0, 3472310978873881120, 3467824696600309808, 729636054439574064, 7378645952437315127, 7378645706714656824,
3472382405132117606, 3467895052413575216, 2319406791620833328, 2319389199435444272, 2314885530818453536, 2314885530818453536,
2314885530818453536, 746878876138232608, 7378645952437315127, 7378645706714656865}}
pid = <optimized out>
tid = <optimized out>
#1 0x00007ffff756340a in __GI_abort () at abort.c:89
tid = <optimized out>
save_stage = 2
act = {__sigaction_handler = {sa_handler = 0x666666370a6f732e, sa_sigaction = 0x666666370a6f732e}, sa_mask = {__val = {3472328524770457446,
7365468305578407725, 8606977229197436518, 3472328296226648109, 3475143045726351408, 7378645556122361904, 3472386794591774310,
7378697629480725808, 8223625903107106406, 3472328295963438455, 4192904167887482928, 2314885531086893104, 2314885530818453536,
2314885530818453536, 8312272859592400928, 140737488345280}}, sa_flags = 125, sa_restorer = 0x7fffffffd8c0}
sigs = {__val = {32, 0 <repeats 15 times>}}
#2 0x00007ffff759fbd0 in __libc_message (do_abort=do_abort@entry=2, fmt=fmt@entry=0x7ffff7694c30 "*** Error in `%s': %s: 0x%s ***\n")
at ../sysdeps/posix/libc_fatal.c:175
ap = {{gp_offset = 40, fp_offset = 32767, overflow_arg_area = 0x7fffffffd8d0, reg_save_area = 0x7fffffffd860}}
fd = 5
on_2 = <optimized out>
list = <optimized out>
nlist = <optimized out>
cp = <optimized out>
written = <optimized out>
#3 0x00007ffff75a5f96 in malloc_printerr (action=3, str=0x7ffff769182b "malloc(): memory corruption", ptr=<optimized out>, ar_ptr=<optimized out>)
on_2 = <optimized out>
list = <optimized out>
nlist = <optimized out>
cp = <optimized out>
written = <optimized out>
at malloc.c:5046
buf = "00005555557a6b70"
cp = <optimized out>
ar_ptr = <optimized out>
ptr = <optimized out>
str = 0x7ffff769182b "malloc(): memory corruption"
ar_ptr = <optimized out>
ptr = <optimized out>
action = 3
#4 0x00007ffff75a7f69 in _int_malloc (av=av@entry=0x7ffff78c7b00 <main_arena>, bytes=bytes@entry=392) at malloc.c:3509
iters = 0
nb = 400
idx = 25
bin = <optimized out>
victim = 0x5555557a6b60
nb = 400
idx = 25
bin = <optimized out>
size = <optimized out>
victim_index = <optimized out>
remainder = <optimized out>
remainder_size = <optimized out>
block = <optimized out>
bit = <optimized out>
map = <optimized out>
fwd = <optimized out>
bck = 0x20040c065034602
errstr = 0x0
__func__ = "_int_malloc"
#5 0x00007ffff75aa99b in __libc_calloc (n=<optimized out>, elem_size=<optimized out>) at malloc.c:3271
victim_index = <optimized out>
remainder = <optimized out>
remainder_size = <optimized out>
block = <optimized out>
bit = <optimized out>
map = <optimized out>
fwd = <optimized out>
bck = 0x20040c065034602
errstr = 0x0
__func__ = "_int_malloc"
av = 0x7ffff78c7b00 <main_arena>
oldtop = 0x555555811240
p = <optimized out>
bytes = 392
sz = 392
csz = <optimized out>
oldtopsize = 134592
bytes = 392
sz = 392
csz = <optimized out>
mem = <optimized out>
clearsize = <optimized out>
nclears = <optimized out>
d = <optimized out>
hook = <optimized out>
__func__ = "__libc_calloc"
#6 0x000055555557de81 in dvb_desc_t2_delivery_init (parms=0x55555579e0c0, buf=0x5555557a0dab "", ext=0x5555557a6b10, desc=0x5555557a6b50)
clearsize = <optimized out>
nclears = <optimized out>
d = <optimized out>
hook = <optimized out>
__func__ = "__libc_calloc"
at descriptors/desc_t2_delivery.c:65
d = 0x5555557a6b50
p = 0x5555557a0df0 "1\377\002\323D@\002\337y@\002\353\256@\003\064\354@\003e\300@\003~*@\003\212_@\003\226\224@\003\242\311@\003\307h@\004\004q@\003q\365@l\264\002AC1\a\225\"", <incomplete sequence \307>
desc_len = 68
len = 63
len2 = 5
i = 21845
__func__ = "dvb_desc_t2_delivery_init"
#7 0x000055555557f39b in dvb_extension_descriptor_init (parms=0x55555579e0c0, buf=0x5555557a0daa "\004", desc=0x5555557a6b10)
at descriptors/desc_extension.c:155
ext = 0x5555557a6b10
p = 0x5555557a0dab ""
desc_type = 4
size = 23
desc_len = 68
init = 0x55555557dcf1 <dvb_desc_t2_delivery_init>
#8 0x0000555555578513 in dvb_desc_parse (parms=0x55555579e0c0, buf=0x5555557a0da8 "\177E\004", buflen=321, head_desc=0x5555557a6b36)
at descriptors.c:194
desc_type = 127 '\177'
desc_len = 69 'E'
size = 19
desc_type = 127 '\177'
desc_len = 69 'E'
init = 0x55555557f1bb <dvb_extension_descriptor_init>
ptr = 0x5555557a0daa "\004"
endbuf = 0x5555557a0ee9 "q8\314j"
current = 0x5555557a6b10
last = 0x0
__func__ = "dvb_desc_parse"
#9 0x0000555555579dff in dvb_table_nit_init (parms=0x55555579e0c0, buf=0x5555557a0d90 "@\361Z0", <incomplete sequence \351>, buflen=345,
__func__ = "dvb_desc_parse"
table=0x5555557b4170) at tables/nit.c:116
desc_length = 321
transport = 0x5555557a6b30
p = 0x5555557a0da8 "\177E\004"
endbuf = 0x5555557a0ee9 "q8\314j"
nit = 0x5555557a6a90
head = 0x5555557a6b3e
head_desc = 0x5555557a6a9a
size = 6
__func__ = "dvb_table_nit_init"
#10 0x0000555555575ba4 in dvb_parse_section (parms=0x55555579e0c0, sect=0x7fffffffdcc0, buf=0x5555557a0d90 "@\361Z0", <incomplete sequence \351>,
buf_length=349) at dvb-scan.c:275
h = {table_id = 64 '@', {bitfield = 61786, {section_length = 346, one = 3 '\003', zero = 1 '\001', syntax = 1 '\001'}}, id = 12290,
current_next = 1 '\001', version = 20 '\024', one2 = 3 '\003', section_id = 0 '\000', last_section = 0 '\000'}
priv = 0x5555557a89f0
current_next = 1 '\001', version = 20 '\024', one2 = 3 '\003', section_id = 0 '\000', last_section = 0 '\000'}
ext = 0x5555557b3eb0
tid = 64 '@'
i = 0
new = 1
__func__ = "dvb_parse_section"
#11 0x0000555555576010 in dvb_read_sections (__p=0x55555579e0c0, dmx_fd=4, sect=0x7fffffffdcc0, timeout=12) at dvb-scan.c:374
available = 1
crc = 0
buf_length = 349
parms = 0x55555579e0c0
ret = 0
buf = 0x5555557a0d90 "@\361Z0", <incomplete sequence \351>
mask = 255 '\377'
__func__ = "dvb_read_sections"
#12 0x00005555555760b4 in dvb_read_section_with_id (parms=0x55555579e0c0, dmx_fd=4, tid=64 '@', pid=16, ts_id=-1, table=0x5555557b4170, timeout=12)
at dvb-scan.c:399
tab = {tid = 64 '@', pid = 16, ts_id = -1, table = 0x5555557b4170, allow_section_gaps = 0, priv = 0x5555557a89f0}
#13 0x00005555555754fd in dvb_read_section (parms=0x55555579e0c0, dmx_fd=4, tid=64 '@', pid=16, table=0x5555557b4170, timeout=12) at dvb-scan.c:102
No locals.
#14 0x0000555555576759 in dvb_get_ts_tables (__p=0x55555579e0c0, dmx_fd=4, delivery_system=16, other_nit=0, timeout_multiply=1) at dvb-scan.c:572
parms = 0x55555579e0c0
rc = 0
pat_pmt_time = 1
sdt_time = 2
nit_time = 12
vct_time = 1434050752
nit_time = 12
atsc_filter = 0
num_pmt = 5
dvb_scan_handler = 0x5555557b4140
#15 0x0000555555576c7b in dvb_scan_transponder (__p=0x55555579e0c0, entry=0x5555557a8fe0, dmx_fd=4, check_frontend=0x555555565a93 <check_frontend>,
args=0x7fffffffdff0, other_nit=0, timeout_multiply=1) at dvb-scan.c:680
parms = 0x55555579e0c0
dvb_scan_handler = 0x0
freq = 578000000
delsys = 16
i = 11
freq = 578000000
delsys = 16
rc = 0
#16 0x0000555555569348 in dvb_local_scan (open_dev=0x5555557b3fe0, entry=0x5555557a8fe0, check_frontend=0x555555565a93 <check_frontend>,
args=0x7fffffffdff0, other_nit=0, timeout_multiply=1) at dvb-dev-local.c:734
dev = 0x5555557a84e0
dvb = 0x55555579df90
parms = 0x55555579e0c0
desc = 0x0
fd = 4
#17 0x00005555555672fa in dvb_dev_scan (open_dev=0x5555557b3fe0, entry=0x5555557a8fe0, check_frontend=0x555555565a93 <check_frontend>,
args=0x7fffffffdff0, other_nit=0, timeout_multiply=1) at dvb-dev.c:317
dvb = 0x55555579df90
ops = 0x55555579dfa8
#18 0x0000555555565ec7 in run_scan (args=0x7fffffffdff0, dvb=0x55555579df90) at dvbv5-scan.c:298
dvb_scan_handler = 0x0
stream_id = 0
parms = 0x55555579e0c0
stream_id = 0
dvb_file = 0x55555579fc90
dvb_file_new = 0x5555557b33a0
entry = 0x5555557a8fe0
dmx_fd = 0x5555557b3fe0
count = 4
shift = 1000000
freq = 578000000
sys = 0
pol = POLARIZATION_OFF
#19 0x0000555555566941 in main (argc=2, argv=0x7fffffffe188) at dvbv5-scan.c:562
args = {confname = 0x7fffffffe459 "/home/scorpion/tmp/dvb-t2/init2", lnb_name = 0x0, output = 0x555555582de4 "dvb_channel.conf",
demux_dev = 0x5555557b34f0 "dvb0.demux0", adapter = 4294967295, n_adapter = 0, adapter_fe = 0, adapter_dmx = 0, frontend = 0, demux = 0,
get_detected = 0, get_nit = 0, lna = -1, lnb = 0, sat_number = -1, freq_bpf = 0, diseqc_wait = 0, dont_add_new_freqs = 0,
timeout_multiply = 1, other_nit = 0, input_format = FILE_DVBV5, output_format = FILE_DVBV5, cc = 0x0, n_status_lines = 1}
err = 0
lnb = -1
idx = 1
dvb = 0x55555579df90
dvb_dev = 0x5555557a8570
parms = 0x55555579e0c0
argp = {options = 0x55555578e7c0 <options>, parser = 0x555555565fd9 <parse_opt>, args_doc = 0x555555582d88 "<initial file>",
doc = 0x555555582d98 "scan DVB services using the channel file", children = 0x0, help_filter = 0x0, argp_domain = 0x0}
(gdb)
Gregor Jasny
Mar 29, 2017, 2:50:03 PM3/29/17
to
Hello Mauro & list,
could you please have a look at the dvbv5-scan crash report below?
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859008
Is there anything else you need to debug this?
Thanks,
Gregor
could you please have a look at the dvbv5-scan crash report below?
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859008
Is there anything else you need to debug this?
Thanks,
Gregor
Frank Heckenbach
Mar 30, 2017, 3:40:05 PM3/30/17
to
I got the same problem, only on some channels though, e.g. ZDF using
this input:
[CH34]
DELIVERY_SYSTEM = DVBT2
FREQUENCY = 578000000
BANDWIDTH_HZ = 8000000
MODULATION = QAM/16
*** Error in `dvbv5-scan': malloc(): memory corruption: 0x0000000000fe13c0 ***
I did some debugging with gdb and valgrind (using the upstream
version v4l-utils-1.12.3.tar.bz2 since I needed to recompile anyway
to get debug info).
I found an invalid access in descriptors/desc_t2_delivery.c:55
memcpy(&d->centre_frequency, p, len);
Before this, dvb_extension_descriptor_init had
desc_type == 4 (T2_delivery_system_descriptor)
and
dvb_ext_descriptors[4].size == sizeof(struct dvb_desc_t2_delivery) (23)
so it allocated only 23 bytes, but didn't change desc_len which was
still 68, causing the overflow.
Setting desc_len to 23 didn't help, but just allocating 68 bytes
did:
--- v4l-utils-1.12.3/lib/libdvbv5/descriptors/desc_extension.c
+++ v4l-utils-1.12.3/lib/libdvbv5/descriptors/desc_extension.c
@@ -149,7 +149,7 @@
if (!size)
size = desc_len;
- ext->descriptor = calloc(1, size);
+ ext->descriptor = calloc(1, desc_len);
if (init) {
if (init(parms, p, ext, ext->descriptor) != 0)
NOTE: This is probably not a proper fix, just a bandaid. Since
scanning channels is mostly a one-off job, I'm happy now that I got
my channels list and don't plan to invest more time resarching the
issue.
this input:
[CH34]
DELIVERY_SYSTEM = DVBT2
FREQUENCY = 578000000
BANDWIDTH_HZ = 8000000
MODULATION = QAM/16
*** Error in `dvbv5-scan': malloc(): memory corruption: 0x0000000000fe13c0 ***
I did some debugging with gdb and valgrind (using the upstream
version v4l-utils-1.12.3.tar.bz2 since I needed to recompile anyway
to get debug info).
I found an invalid access in descriptors/desc_t2_delivery.c:55
memcpy(&d->centre_frequency, p, len);
Before this, dvb_extension_descriptor_init had
desc_type == 4 (T2_delivery_system_descriptor)
and
dvb_ext_descriptors[4].size == sizeof(struct dvb_desc_t2_delivery) (23)
so it allocated only 23 bytes, but didn't change desc_len which was
still 68, causing the overflow.
Setting desc_len to 23 didn't help, but just allocating 68 bytes
did:
--- v4l-utils-1.12.3/lib/libdvbv5/descriptors/desc_extension.c
+++ v4l-utils-1.12.3/lib/libdvbv5/descriptors/desc_extension.c
@@ -149,7 +149,7 @@
if (!size)
size = desc_len;
- ext->descriptor = calloc(1, size);
+ ext->descriptor = calloc(1, desc_len);
if (init) {
if (init(parms, p, ext, ext->descriptor) != 0)
NOTE: This is probably not a proper fix, just a bandaid. Since
scanning channels is mostly a one-off job, I'm happy now that I got
my channels list and don't plan to invest more time resarching the
issue.
Gregor Jasny
Mar 30, 2017, 4:00:03 PM3/30/17
to
Hello Mauro,
could you please take a look?
Thanks,
Gregor
could you please take a look?
Thanks,
Gregor
Mauro Carvalho Chehab
Mar 30, 2017, 4:30:03 PM3/30/17
to
Hi Gregor,
Em Wed, 29 Mar 2017 20:45:06 +0200
Gregor Jasny <gja...@googlemail.com> escreveu:
> Hello Mauro & list,
>
> could you please have a look at the dvbv5-scan crash report below?
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859008
>
> Is there anything else you need to debug this?
I'm able to reproduce it on a Debian machine here too, but so far,
I was unable to discover what's causing it. I'll try to find some time
to take a better look on it.
--
Thanks,
Mauro
Em Wed, 29 Mar 2017 20:45:06 +0200
Gregor Jasny <gja...@googlemail.com> escreveu:
> Hello Mauro & list,
>
> could you please have a look at the dvbv5-scan crash report below?
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859008
>
> Is there anything else you need to debug this?
I was unable to discover what's causing it. I'll try to find some time
to take a better look on it.
Thanks,
Mauro
Tino Mettler
Apr 18, 2017, 7:00:02 AM4/18/17
to
On Thu, Mar 30, 2017 at 17:13:34 -0300, Mauro Carvalho Chehab wrote:
> Hi Gregor,
>
> Em Wed, 29 Mar 2017 20:45:06 +0200
> Gregor Jasny <gja...@googlemail.com> escreveu:
>
> > Hello Mauro & list,
> >
> > could you please have a look at the dvbv5-scan crash report below?
> > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859008
> >
> > Is there anything else you need to debug this?
>
> I'm able to reproduce it on a Debian machine here too, but so far,
> I was unable to discover what's causing it. I'll try to find some time
> to take a better look on it.
Hi,
> Hi Gregor,
>
> Em Wed, 29 Mar 2017 20:45:06 +0200
> Gregor Jasny <gja...@googlemail.com> escreveu:
>
> > Hello Mauro & list,
> >
> > could you please have a look at the dvbv5-scan crash report below?
> > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859008
> >
> > Is there anything else you need to debug this?
>
> I'm able to reproduce it on a Debian machine here too, but so far,
> I was unable to discover what's causing it. I'll try to find some time
> to take a better look on it.
can I help in some way to find the cause of crash?
Regards,
Tino
Reinhard Speyerer
May 2, 2017, 3:20:03 AM5/2/17
to
with the patch below in addition to commit b514d615166bdc0901a4c71261b87db31e89f464
("libdvbv5: T2 delivery descriptor: fix wrong size of bandwidth field") applied
to v4l-utils 1.12.3 sources dvbv5-scan no longer segfaults for me.
Manually replacing PID_24 with VIDEO_PID in the created dvb_channel.conf
as described in a german DVB-T2 forum is required to make dvbv5-zap also
record the video.
Regards,
Reinhard
Subject: [PATCH] libdvbv5: fix T2 delivery descriptor parsing in dvb_desc_t2_delivery_init()
Fix T2 delivery descriptor parsing by proper use of memcpy()/bswap16()
on struct dvb_desc_t2_delivery *d, only skipping the cell_id instead of
the remaining descriptor and using the correct d->tfs_flag check
to avoid dvbv5-scan segfaults observed with the DVB-T2 HD service that
was started in Germany.
Signed-off-by: Reinhard Speyerer <rs...@arcor.de>
---
lib/libdvbv5/descriptors/desc_t2_delivery.c | 20 ++++++++++++--------
1 file changed, 12 insertions(+), 8 deletions(-)
diff --git a/lib/libdvbv5/descriptors/desc_t2_delivery.c b/lib/libdvbv5/descriptors/desc_t2_delivery.c
index 56e8d43..3831ac1 100644
--- a/lib/libdvbv5/descriptors/desc_t2_delivery.c
+++ b/lib/libdvbv5/descriptors/desc_t2_delivery.c
@@ -40,7 +40,7 @@ int dvb_desc_t2_delivery_init(struct dvb_v5_fe_parms *parms,
return -1;
}
if (desc_len < len2) {
- memcpy(p, buf, len);
+ memcpy(d, buf, len);
bswap16(d->system_id);
if (desc_len != len)
@@ -48,19 +48,23 @@ int dvb_desc_t2_delivery_init(struct dvb_v5_fe_parms *parms,
return -2;
}
- memcpy(p, buf, len2);
+ memcpy(d, buf, len2);
+ bswap16(d->system_id);
+ bswap16(d->bitfield);
p += len2;
- len = desc_len - (p - buf);
- memcpy(&d->centre_frequency, p, len);
- p += len;
+ if (desc_len - (p - buf) < sizeof(uint16_t)) {
+ dvb_logwarn("T2 delivery descriptor is truncated");
+ return -2;
+ }
+ p += sizeof(uint16_t);
- if (d->tfs_flag)
- d->frequency_loop_length = 1;
- else {
+ if (d->tfs_flag) {
d->frequency_loop_length = *p;
p++;
}
+ else
+ d->frequency_loop_length = 1;
d->centre_frequency = calloc(d->frequency_loop_length,
sizeof(*d->centre_frequency));
0 new messages