[CLANG-18] MSAN: st->element not initialized for EVS modes
Basic info
- Commit SHA: 00b5cd44
Bug description
After fixing #1482 (closed), Clang 18 MSAN reveals another bug with the same decoder testcase:
==18551==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x56081d30086e in reconfig_decoder_LPD /ivas-codec/lib_dec/core_dec_reconf.c:92:24
#1 0x56081cf99305 in mode_switch_decoder_LPD /ivas-codec/lib_dec/core_dec_switch.c:155:5
#2 0x56081cfc3cb9 in decode_frame_type /ivas-codec/lib_dec/dec_acelp_tcx_main.c:201:13
#3 0x56081cfba419 in dec_acelp_tcx_frame /ivas-codec/lib_dec/dec_acelp_tcx_main.c:320:9
#4 0x56081c3b29bc in evs_dec /ivas-codec/lib_dec/evs_dec.c:522:9
#5 0x56081c0a3119 in evs_dec_main /ivas-codec/lib_dec/lib_dec.c:4861:28
#6 0x56081c09c62e in IVAS_DEC_GetSamplesDecoder /ivas-codec/lib_dec/lib_dec.c:1194:28
#7 0x56081c066591 in decodeG192 /ivas-codec/apps/decoder.c:2601:32
#8 0x56081c03c565 in main /ivas-codec/apps/decoder.c:790:17
#9 0x7f2303e951c9 in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
#10 0x7f2303e9528a in __libc_start_main csu/../csu/libc-start.c:360:3
#11 0x56081bf9b634 in _start (/ivas-codec/IVAS_dec+0x3a634) (BuildId: 1325f60c656e4d91e3a852dce6ce6b9e6cfc4c5d)
Uninitialized value was stored to memory at
#0 0x56081d300867 in reconfig_decoder_LPD /ivas-codec/lib_dec/core_dec_reconf.c:92:61
#1 0x56081cf99305 in mode_switch_decoder_LPD /ivas-codec/lib_dec/core_dec_switch.c:155:5
#2 0x56081cfc3cb9 in decode_frame_type /ivas-codec/lib_dec/dec_acelp_tcx_main.c:201:13
#3 0x56081cfba419 in dec_acelp_tcx_frame /ivas-codec/lib_dec/dec_acelp_tcx_main.c:320:9
#4 0x56081c3b29bc in evs_dec /ivas-codec/lib_dec/evs_dec.c:522:9
#5 0x56081c0a3119 in evs_dec_main /ivas-codec/lib_dec/lib_dec.c:4861:28
#6 0x56081c09c62e in IVAS_DEC_GetSamplesDecoder /ivas-codec/lib_dec/lib_dec.c:1194:28
#7 0x56081c066591 in decodeG192 /ivas-codec/apps/decoder.c:2601:32
#8 0x56081c03c565 in main /ivas-codec/apps/decoder.c:790:17
#9 0x7f2303e951c9 in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
#10 0x7f2303e9528a in __libc_start_main csu/../csu/libc-start.c:360:3
#11 0x56081bf9b634 in _start (/ivas-codec/IVAS_dec+0x3a634) (BuildId: 1325f60c656e4d91e3a852dce6ce6b9e6cfc4c5d)
Uninitialized value was created by a heap allocation
#0 0x56081bfd72a6 in malloc (/ivas-codec/IVAS_dec+0x762a6) (BuildId: 1325f60c656e4d91e3a852dce6ce6b9e6cfc4c5d)
#1 0x56081c899a89 in create_sce_dec /ivas-codec/lib_dec/ivas_sce_dec.c:363:35
#2 0x56081c4e789f in ivas_init_decoder /ivas-codec/lib_dec/ivas_init_dec.c:1569:24
#3 0x56081c095361 in IVAS_DEC_FeedFrame_Serial /ivas-codec/lib_dec/lib_dec.c:888:28
#4 0x56081c0659f6 in decodeG192 /ivas-codec/apps/decoder.c:2573:32
#5 0x56081c03c565 in main /ivas-codec/apps/decoder.c:790:17
#6 0x7f2303e951c9 in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
#7 0x7f2303e9528a in __libc_start_main csu/../csu/libc-start.c:360:3
#8 0x56081bf9b634 in _start (/ivas-codec/IVAS_dec+0x3a634) (BuildId: 1325f60c656e4d91e3a852dce6ce6b9e6cfc4c5d)
SUMMARY: MemorySanitizer: use-of-uninitialized-value /ivas-codec/lib_dec/core_dec_reconf.c:92:24 in reconfig_decoder_LPDThe reason is that st->element_brate is never initialized in EVS mode as it is never accessed there. In frame 162 it is passed to a function, though, which triggers the memory sanitizer in Clang v18.
Ways to reproduce
Activate origin-tracking (more detailed traceback about where the undefined value came from) by appending
-fsanitize-memory-track-originsin the Makefile at lines 71 and 72. Note that this may increase runtime heavily.
or directly:
git checkout 00b5cd44d4288ff5409fb1f2f564373ab21dd5dd
make clean
make -j CLANG=1
./IVAS_dec -fr 20 48 bit out.wavEdited by Jan Kiene