Skip to content

MSAN: ISM3 decoding hits SEGV in setting output buffers to zero

Basic info

  • Commit SHA: 8988cbf3 (sanitiser test was run for this)
  • Platform: all

Bug description

Scheduled sanitiser run for ISM3 brings a pretty serious SEGV for all decodings. Error is also for ASAN. This is the output:

/home/gitlab-runner/builds/rZGLsUF2/0/rep/ivas-codec-pc/ivas-codec/CLANG1/IVAS_dec MONO 16 /home/gitlab-runner/builds/rZGLsUF2/0/rep/ivas-codec-pc/ivas-codec/CLANG1/enc/ltv48_3ISM_ISM+3_b32_wb_cbr_fer_ep_015_g192.192 /home/gitlab-runner/builds/rZGLsUF2/0/rep/ivas-codec-pc/ivas-codec/CLANG1/dec/ltv48_3ISM_ISM+3_b32_wb_cbr_fer_ep_015_g192.dec.MONO.wav
==================================================================================================
 IVAS Codec Baseline
 
 Based on EVS Codec (Floating Point) 3GPP TS26.443 Nov 04, 2021,
 Version 12.14.0 / 13.10.0 / 14.6.0 / 15.4.0 / 16.3.0
==================================================================================================

MemorySanitizer:DEADLYSIGNAL
==2402362==ERROR: MemorySanitizer: SEGV on unknown address 0x000000000000 (pc 0x000001245025 bp 0x7ffc1f622b70 sp 0x7ffc1f622b20 T2402362)
==2402362==The signal is caused by a WRITE memory access.
==2402362==Hint: address points to the zero page.
    #0 0x1245025 in set_f /home/gitlab-runner/builds/rZGLsUF2/0/rep/ivas-codec-pc/ivas-codec/lib_com/tools.c:270:14
    #1 0x503099 in ivas_dec /home/gitlab-runner/builds/rZGLsUF2/0/rep/ivas-codec-pc/ivas-codec/lib_dec/ivas_dec.c:185:13
    #2 0x4c21d1 in IVAS_DEC_GetSamples /home/gitlab-runner/builds/rZGLsUF2/0/rep/ivas-codec-pc/ivas-codec/lib_dec/lib_dec.c:850:24
    #3 0x4b2772 in decodeG192 /home/gitlab-runner/builds/rZGLsUF2/0/rep/ivas-codec-pc/ivas-codec/apps/decoder.c:2057:24
    #4 0x4a0c1a in main /home/gitlab-runner/builds/rZGLsUF2/0/rep/ivas-codec-pc/ivas-codec/apps/decoder.c:731:17
    #5 0x7f8c53b91082 in __libc_start_main /build/glibc-SzIz7B/glibc-2.31/csu/../csu/libc-start.c:308:16
    #6 0x41d57d in _start (/home/gitlab-runner/builds/rZGLsUF2/0/rep/ivas-codec-pc/ivas-codec/CLANG1/IVAS_dec+0x41d57d)

MemorySanitizer can not provide additional info.
SUMMARY: MemorySanitizer: SEGV /home/gitlab-runner/builds/rZGLsUF2/0/rep/ivas-codec-pc/ivas-codec/lib_com/tools.c:270:14 in set_f
==2402362==ABORTING

That points to setting output buffers to zero. This might be something that has been existing already before but now that the memory is reserved only for what is used, these kind of problems pop up as illegal access crashes the system.

Ways to reproduce

The job was run here and you can take look at the logs that are stored there.

https://forge.3gpp.org/rep/ivas-codec-pc/ivas-codec/-/jobs/136865