Conversation
cfsmp3
left a comment
cfsmp3
left a comment
There was a problem hiding this comment.
Thanks for working on improving the robustness of the CEA-708 decoder initialization!
The concept is good - handling allocation failures gracefully instead of panicking. However, there are several issues that need to be fixed before this can be merged:
1. CRLF Line Endings Breaking Linux Builds
All files in this PR have Windows-style CRLF line endings instead of Unix LF:
decoder/mod.rs: ASCII text, with CRLF line terminators
pre-build.sh: ASCII text, with CRLF line terminators
This breaks the Linux build - shell scripts with CRLF don't work on Unix systems. This is why the CI is failing:
build_shell- FAILUREbuild_autoconf- FAILUREformat_rust- FAILURE
Fix: Configure your git to handle line endings properly:
git config --global core.autocrlf inputThen convert the files:
dos2unix src/rust/src/decoder/mod.rs linux/pre-build.shOr rebase your branch on a fresh master checkout.
2. Unrelated Changes from PR #2045
This PR includes changes from #2045 (userdata.rs documentation and debug logging). These should be in a separate PR - #2045 is already pending review.
Please remove src/rust/src/es/userdata.rs from this PR.
3. Messy Commit History
The commits include "retry the test" and "restore all changes" which don't describe the actual changes. Consider squashing into a clean commit with a descriptive message.
4. Minor: Trailing Whitespace
continue;
} // <-- extra spaces hereThe Actual Fix Looks Good
Once the above issues are fixed, the core change is reasonable:
// Before: panic on allocation failure
panic!("Failed to allocate dtvcc_tv_screen");
// After: log and gracefully skip the service
debug!(msg_type = DebugMessageFlag::DECODER_708;
"DTVCC: Failed to allocate tv_screen for service {}, disabling service", i + 1);
continue;The cleanup of the already-allocated tv_screen when decoder allocation fails is also correct:
unsafe {
std::alloc::dealloc(tv_ptr as *mut u8, tv_layout);
}Summary
Please:
- Fix line endings (dos2unix or fresh checkout)
- Remove userdata.rs changes (belongs in #2045)
- Squash commits into clean history
- Push updated branch
Looking forward to the updated PR!
pranavshar223
force-pushed
the
fix/dtvcc-allocation-panic
branch
from
9b1126b to
6b99a30
Compare
cfsmp3
left a comment
cfsmp3
left a comment
There was a problem hiding this comment.
Thanks for the cleanup — the branch is much better now (single commit, CRLF fixed, unrelated changes removed).
The concept is correct: replacing panic!() with graceful degradation is the right approach. However, there's a double-free bug in the second allocation failure path that needs to be fixed.
The bug
When the decoder_ptr allocation fails (line 306), your code does this:
// Line 297: Box takes ownership of tv_ptr's memory
let mut tv_screen = unsafe { Box::from_raw(tv_ptr) };
tv_screen.cc_count = 0;
tv_screen.service_number = i as i32 + 1;
// ... decoder_ptr alloc fails ...
// Line 312-314: You manually free tv_ptr's memory
unsafe {
std::alloc::dealloc(tv_ptr as *mut u8, tv_layout);
}
// Line 315: continue causes tv_screen to go out of scope
continue;
// ^^^ Box::drop runs here, calling dealloc on the SAME pointer again → double-free!The problem is that Box::from_raw(tv_ptr) on line 297 already transferred ownership of that memory to tv_screen. When continue executes, tv_screen goes out of scope, and its Drop implementation will call dealloc on the same pointer you already freed manually. This is undefined behavior (double-free).
The fix
Simply remove the manual dealloc block (lines 312-314). You don't need it — the continue will drop tv_screen, which will correctly free the memory through the Box destructor:
if decoder_ptr.is_null() {
debug!(
msg_type = DebugMessageFlag::DECODER_708;
"DTVCC: Failed to allocate service decoder {}, disabling service",
i + 1
);
continue; // tv_screen drops here, Box::drop frees the memory correctly
}That's the only change needed. Everything else in this PR looks good.
pranavshar223
force-pushed
the
fix/dtvcc-allocation-panic
branch
from
6b99a30 to
983735f
Compare
pranavshar223
force-pushed
the
fix/dtvcc-allocation-panic
branch
from
983735f to
925193b
Compare
CCExtractor CI platform finished running the test files on linux. Below is a summary of the test results, when compared to test for commit ba873ed...:
Your PR breaks these cases:
Congratulations: Merging this PR would fix the following tests:
It seems that not all tests were passed completely. This is an indication that the output of some files is not as expected (but might be according to you). Check the result page for more info. |
CCExtractor CI platform finished running the test files on windows. Below is a summary of the test results, when compared to test for commit ba873ed...:
Your PR breaks these cases:
Congratulations: Merging this PR would fix the following tests:
It seems that not all tests were passed completely. This is an indication that the output of some files is not as expected (but might be according to you). Check the result page for more info. |
3 participants
In raising this pull request, I confirm the following (please check boxes):
My familiarity with the project is as follows (check one):
This PR removes panics from the CEA-708 decoder initialization path.
Previously, allocation failures for dtvcc_tv_screen or
dtvcc_service_decoder would cause a hard panic, crashing CCExtractor.
Instead, allocation failures are now handled gracefully by logging
a debug message and disabling the affected service decoder while
allowing processing to continue.
This improves robustness and aligns Rust behavior with the legacy C
implementation.