Opened 7 years ago
Closed 7 years ago
#6388 closed defect (invalid)
MSan: use-of-uninitialized-value in ff_get_cpu_flags_x86()
Reported by: | tsmith | Owned by: | |
---|---|---|---|
Priority: | normal | Component: | avutil |
Version: | git-master | Keywords: | |
Cc: | Blocked By: | ||
Blocking: | Reproduced by developer: | no | |
Analyzed by developer: | no |
Description
How to reproduce:
Built with MSan or run with Valgrind
% ffmpeg -f ivf -i <test_case> -f null - ffmpeg version N-86050-g0fbc7a2 Copyright (c) 2000-2017 the FFmpeg developers built with clang version 3.8.0-2ubuntu4 (tags/RELEASE_380/final) configuration: --cc=clang --cxx=clang++ --disable-libxcb --disable-xlib --disable-logging --disable-ffprobe --disable-ffplay --disable-sdl2 --disable-ffserver --disable-doc --disable-pthreads --disable-network --disable-d3d11va --disable-dxva2 --disable-vaapi --disable-vda --disable-vdpau --disable-stripping --disable-runtime-cpudetect --disable-postproc --disable-securetransport --disable-iconv --disable-swscale --disable-avdevice --disable-videotoolbox --disable-everything --enable-encoder=wrapped_avframe --disable-lzma --enable-protocol='file,pipe' --enable-muxer=null --enable-demuxer=ivf --enable-parser=vp9 --enable-decoder=vp9 --disable-pic % ffmpeg -f ivf -i <test_case> -f null - ffmpeg version N-86050-g0fbc7a2 Copyright (c) 2000-2017 the FFmpeg developers built with clang version 3.8.0-2ubuntu4 (tags/RELEASE_380/final) configuration: --cc=clang --cxx=clang++ --disable-libxcb --disable-xlib --disable-logging --disable-ffprobe --disable-ffplay --disable-sdl2 --disable-ffserver --disable-doc --disable-pthreads --disable-network --disable-d3d11va --disable-dxva2 --disable-vaapi --disable-vda --disable-vdpau --disable-stripping --disable-runtime-cpudetect --disable-postproc --disable-securetransport --disable-iconv --disable-swscale --disable-avdevice --disable-videotoolbox --disable-everything --enable-encoder=wrapped_avframe --disable-lzma --enable-protocol='file,pipe' --enable-muxer=null --enable-demuxer=ivf --enable-parser=vp9 --enable-decoder=vp9 --disable-pic ==21976==WARNING: MemorySanitizer: use-of-uninitialized-value #0 0xea6be0 in ff_get_cpu_flags_x86 FFmpeg/libavutil/x86/cpu.c:106:9 #1 0xdd3651 in get_cpu_flags FFmpeg/libavutil/cpu.c:59:16 #2 0xdd3651 in av_get_cpu_flags FFmpeg/libavutil/cpu.c:93 #3 0xc2d18b in ff_vp9dsp_init_x86 FFmpeg/libavcodec/x86/vp9dsp_init.c:230:17 #4 0x7bfbe0 in update_size FFmpeg/libavcodec/vp9.c:205:9 #5 0x7bfbe0 in decode_frame_header FFmpeg/libavcodec/vp9.c:645 #6 0x7a77d8 in vp9_decode_frame FFmpeg/libavcodec/vp9.c:1113:16 #7 0x744fdc in decode_simple_internal FFmpeg/libavcodec/decode.c:417:15 #8 0x744fdc in decode_simple_receive_frame FFmpeg/libavcodec/decode.c:620 #9 0x744fdc in decode_receive_frame_internal FFmpeg/libavcodec/decode.c:638 #10 0x741daa in avcodec_send_packet FFmpeg/libavcodec/decode.c:678:15 #11 0x6edb60 in try_decode_frame FFmpeg/libavformat/utils.c:3004:19 #12 0x6d98dc in avformat_find_stream_info FFmpeg/libavformat/utils.c:3821:9 #13 0x4baedc in open_input_file FFmpeg/ffmpeg_opt.c:1013:11 #14 0x4b608c in open_files FFmpeg/ffmpeg_opt.c:3214:15 #15 0x4b521d in ffmpeg_parse_options FFmpeg/ffmpeg_opt.c:3254:11 #16 0x525f67 in main FFmpeg/ffmpeg.c:4771:11 #17 0x7fab6e3dd82f in __libc_start_main /build/glibc-9tT8Do/glibc-2.23/csu/../csu/libc-start.c:291 #18 0x41a6a8 in _start (FFmpeg/ffmpeg+0x41a6a8) Uninitialized value was created by an allocation of 'max_std_level' in the stack frame of function 'ff_get_cpu_flags_x86' #0 0xea5740 in ff_get_cpu_flags_x86 FFmpeg/libavutil/x86/cpu.c:91 built on Ubuntu 16.04 x64 with clang 3.8
Attachments (1)
Change History (2)
by , 7 years ago
Attachment: | test_case.ivf added |
---|
comment:1 by , 7 years ago
Resolution: | → invalid |
---|---|
Status: | new → closed |
Note:
See TracTickets
for help on using tickets.
For future tickets: Please always use unpatched FFmpeg source and provide the complete, uncut console output, not the excerpt that you consider useful. (Your configure line does not allow me to reproduce, I tested with
--toolchain=clang-msan
.)I cannot reproduce with valgrind.
The false positive with the clang memory sanitizer can be easily reproduced with
make libavutil/tests/cpu && libavutil/tests/cpu
. I guess the reason is that initializations through external assembler code are not visible to the memory sanitizer. A possible work-around for you is to compile with--disable-yasm
, the internal assembler code is correctly analyzed. Given that the yasm-code isn't covered by your tests anyway (or is it?), I believe this is the sanest solution.