Rockbox

When opening a normally sized MPEG in mpegplayer, crash. According to valgrind, it’s a write to location 0.

I’m not sure if it’s a bug in mpegplayer (it shouldn’t write to location 0, even if the file is incorrect), or whether it’s also a bug in the nano2 firmware (it shouldn’t hose the flash just because a plugin writes through a NULL pointer).

Here’s the relevant part of the valgrind log:

==16394== Invalid write of size 1
==16394== at 0xF7A2941: MC_put_o_16 (motion_comp_c.c:33)
==16394== by 0xF7A7E6F: motion_fr_frame_420 (slice.c:2188)
==16394== by 0xF7B0935: mpeg2_slice (slice.c:2652)
==16394== by 0xF79E108: mpeg2_parse (decode.c:233)
==16394== by 0xF7B408C: sync_decoder (video_thread.c:287)
==16394== by 0xF7B49AC: video_thread_msg (video_thread.c:563)
==16394== by 0xF7B4C5E: video_thread (video_thread.c:689)
==16394== by 0x466E40: runthread (thread-sdl.c:468)
==16394== by 0x4E37976: ??? (in /usr/lib/libSDL-1.2.so.0.11.2)
==16394== by 0x4E7E468: ??? (in /usr/lib/libSDL-1.2.so.0.11.2)
==16394== by 0x64A4739: start_thread (in /lib/libpthread-2.10.1.so)
==16394== by 0x51AB2FC: clone (in /lib/libc-2.10.1.so)
==16394== Address 0×0 is not stack’d, malloc’d or (recently) free’d

Using SVN from 1.12.2009.

–Juliusz