MSAN: use-of-uninitialized-value in ISM BR switching decoding to BINAURAL_ROOM_IR with frameloss/JBM
Basic info
- Commit SHA: b6db33cb
Bug description
Clang MSAN sanitizer reports an error:
Frames processed: 8446 ==194227==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0xfe946f in limiter_process /local/knj/ivas-codec/lib_rend/ivas_limiter.c:265:18
#1 0xfe8298 in ivas_limiter_dec /local/knj/ivas-codec/lib_rend/ivas_limiter.c:207:5
#2 0x827202 in ivas_jbm_dec_flush_renderer /local/knj/ivas-codec/lib_dec/ivas_jbm_dec.c:1795:13
#3 0x77f1df in ivas_ism_bitrate_switching_dec /local/knj/ivas-codec/lib_dec/ivas_ism_dec.c:151:28
#4 0x77abfd in ivas_ism_dec_config /local/knj/ivas-codec/lib_dec/ivas_ism_dec.c:433:36
#5 0x735dfc in ivas_dec_setup /local/knj/ivas-codec/lib_dec/ivas_init_dec.c:339:28
#6 0x4e9243 in IVAS_DEC_Setup /local/knj/ivas-codec/lib_dec/lib_dec.c:1262:28
#7 0x4e5f99 in IVAS_DEC_GetSamples /local/knj/ivas-codec/lib_dec/lib_dec.c:936:28
#8 0x50618a in IVAS_DEC_VoIP_GetSamples /local/knj/ivas-codec/lib_dec/lib_dec.c:2685:28
#9 0x4ba70e in decodeVoIP /local/knj/ivas-codec/apps/decoder.c:3231:24
#10 0x4a734d in main /local/knj/ivas-codec/apps/decoder.c:829:17
#11 0x7fb4eb47f249 in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
#12 0x7fb4eb47f304 in __libc_start_main csu/../csu/libc-start.c:360:3
#13 0x421530 in _start (/local/knj/ivas-codec/IVAS_dec+0x421530)
Uninitialized value was stored to memory at
#0 0xfe93d5 in limiter_process /local/knj/ivas-codec/lib_rend/ivas_limiter.c:264:17
#1 0xfe8298 in ivas_limiter_dec /local/knj/ivas-codec/lib_rend/ivas_limiter.c:207:5
#2 0x827202 in ivas_jbm_dec_flush_renderer /local/knj/ivas-codec/lib_dec/ivas_jbm_dec.c:1795:13
#3 0x77f1df in ivas_ism_bitrate_switching_dec /local/knj/ivas-codec/lib_dec/ivas_ism_dec.c:151:28
#4 0x77abfd in ivas_ism_dec_config /local/knj/ivas-codec/lib_dec/ivas_ism_dec.c:433:36
#5 0x735dfc in ivas_dec_setup /local/knj/ivas-codec/lib_dec/ivas_init_dec.c:339:28
#6 0x4e9243 in IVAS_DEC_Setup /local/knj/ivas-codec/lib_dec/lib_dec.c:1262:28
#7 0x4e5f99 in IVAS_DEC_GetSamples /local/knj/ivas-codec/lib_dec/lib_dec.c:936:28
#8 0x50618a in IVAS_DEC_VoIP_GetSamples /local/knj/ivas-codec/lib_dec/lib_dec.c:2685:28
#9 0x4ba70e in decodeVoIP /local/knj/ivas-codec/apps/decoder.c:3231:24
#10 0x4a734d in main /local/knj/ivas-codec/apps/decoder.c:829:17
#11 0x7fb4eb47f249 in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
Uninitialized value was stored to memory at
#0 0x1e4beae in mvr2r /local/knj/ivas-codec/lib_com/tools.c:330:18
#1 0xe735ea in ivas_rend_crendProcessSubframe /local/knj/ivas-codec/lib_rend/ivas_crend.c:2013:9
#2 0x822170 in ivas_jbm_dec_flush_renderer /local/knj/ivas-codec/lib_dec/ivas_jbm_dec.c:1653:36
#3 0x77f1df in ivas_ism_bitrate_switching_dec /local/knj/ivas-codec/lib_dec/ivas_ism_dec.c:151:28
#4 0x77abfd in ivas_ism_dec_config /local/knj/ivas-codec/lib_dec/ivas_ism_dec.c:433:36
#5 0x735dfc in ivas_dec_setup /local/knj/ivas-codec/lib_dec/ivas_init_dec.c:339:28
#6 0x4e9243 in IVAS_DEC_Setup /local/knj/ivas-codec/lib_dec/lib_dec.c:1262:28
#7 0x4e5f99 in IVAS_DEC_GetSamples /local/knj/ivas-codec/lib_dec/lib_dec.c:936:28
#8 0x50618a in IVAS_DEC_VoIP_GetSamples /local/knj/ivas-codec/lib_dec/lib_dec.c:2685:28
#9 0x4ba70e in decodeVoIP /local/knj/ivas-codec/apps/decoder.c:3231:24
#10 0x4a734d in main /local/knj/ivas-codec/apps/decoder.c:829:17
#11 0x7fb4eb47f249 in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
Uninitialized value was created by an allocation of 'pcm_tmp' in the stack frame of function 'ivas_rend_crendProcessSubframe'
#0 0xe6e930 in ivas_rend_crendProcessSubframe /local/knj/ivas-codec/lib_rend/ivas_crend.c:1849Ways to reproduce
Activate origin-tracking (more detailed traceback about where the undefined value came from) by appending
-fsanitize-memory-track-originsin the Makefile at lines 71 and 72. Note that this may increase runtime heavily.
Using the scripts:
python3 scripts/IvasBuildAndRunChecks.py --checks CLANG1 -m ISM3_ball_fb_rs -p /path/to/my/local/ci_linux_ltv_local.json -J dly_profile.deor directly:
make clean
make -j CLANG=1
./IVAS_cod -ism 3 NULL NULL NULL -max_band fb scripts/switchPaths/sw_32k_384k.bin 48 ltv48_3ISM.wav bit
networkSimulator_g192 dly_profile.dat bit bit_err trace_dump 1
./IVAS_dec -VOIP BINAURAL_ROOM_IR 48 bit out.wav