dr_libs
dr_libs copied to clipboard
Published
20 hours ago •
mackron
mackron
Use of uninitialised values
Hi. I am investigating using dr_mp3.h for my project. There are a few issues, some which I am not sure yet if my fault or not. But one that I see right away through valgrind is reading "uninitialized value" (though it seems like it is just reading from invalid parts of memory)
==1812776== Use of uninitialised value of size 8
==1812776== at 0x824112: drmp3_L3_huffman (dr_mp3.h:1364)
==1812776== by 0x826344: drmp3_L3_decode (dr_mp3.h:1745)
==1812776== by 0x829DD7: drmp3dec_decode_frame (dr_mp3.h:2270)
==1812776== by 0x82ACE3: drmp3_decode_next_frame_ex__callbacks (dr_mp3.h:2693)
==1812776== by 0x82B0F0: drmp3_decode_next_frame_ex (dr_mp3.h:2779)
==1812776== by 0x82B142: drmp3_decode_next_frame (dr_mp3.h:2786)
==1812776== by 0x82C558: drmp3_read_pcm_frames_raw (dr_mp3.h:3636)
==1812776== by 0x82C5C0: drmp3_read_pcm_frames_f32 (dr_mp3.h:3653)
==1812776== by 0x82C8B3: drmp3_seek_forward_by_pcm_frames__brute_force (dr_mp3.h:3757)
==1812776== by 0x82C99A: drmp3_seek_to_pcm_frame__brute_force (dr_mp3.h:3788)
==1812776== by 0x82CCE9: drmp3_seek_to_pcm_frame (dr_mp3.h:3887)
==1812776== by 0x82E2FC: ad_seek_minimp3 (ad_dr_mp3.c:82)
==1812776==
==1812776== Use of uninitialised value of size 8
==1812776== at 0x824155: drmp3_L3_huffman (dr_mp3.h:1367)
==1812776== by 0x826344: drmp3_L3_decode (dr_mp3.h:1745)
==1812776== by 0x829DD7: drmp3dec_decode_frame (dr_mp3.h:2270)
==1812776== by 0x82ACE3: drmp3_decode_next_frame_ex__callbacks (dr_mp3.h:2693)
==1812776== by 0x82B0F0: drmp3_decode_next_frame_ex (dr_mp3.h:2779)
==1812776== by 0x82B142: drmp3_decode_next_frame (dr_mp3.h:2786)
==1812776== by 0x82C558: drmp3_read_pcm_frames_raw (dr_mp3.h:3636)
==1812776== by 0x82C5C0: drmp3_read_pcm_frames_f32 (dr_mp3.h:3653)
==1812776== by 0x82C8B3: drmp3_seek_forward_by_pcm_frames__brute_force (dr_mp3.h:3757)
==1812776== by 0x82C99A: drmp3_seek_to_pcm_frame__brute_force (dr_mp3.h:3788)
==1812776== by 0x82CCE9: drmp3_seek_to_pcm_frame (dr_mp3.h:3887)
==1812776== by 0x82E2FC: ad_seek_minimp3 (ad_dr_mp3.c:82)
==1812776==
==1812776== Use of uninitialised value of size 8
==1812776== at 0x824038: drmp3_L3_huffman (dr_mp3.h:1352)
==1812776== by 0x826344: drmp3_L3_decode (dr_mp3.h:1745)
==1812776== by 0x829DD7: drmp3dec_decode_frame (dr_mp3.h:2270)
==1812776== by 0x82ACE3: drmp3_decode_next_frame_ex__callbacks (dr_mp3.h:2693)
==1812776== by 0x82B0F0: drmp3_decode_next_frame_ex (dr_mp3.h:2779)
==1812776== by 0x82B142: drmp3_decode_next_frame (dr_mp3.h:2786)
==1812776== by 0x82C558: drmp3_read_pcm_frames_raw (dr_mp3.h:3636)
==1812776== by 0x82C5C0: drmp3_read_pcm_frames_f32 (dr_mp3.h:3653)
==1812776== by 0x82C8B3: drmp3_seek_forward_by_pcm_frames__brute_force (dr_mp3.h:3757)
==1812776== by 0x82C99A: drmp3_seek_to_pcm_frame__brute_force (dr_mp3.h:3788)
==1812776== by 0x82CCE9: drmp3_seek_to_pcm_frame (dr_mp3.h:3887)
==1812776== by 0x82E2FC: ad_seek_minimp3 (ad_dr_mp3.c:82)
==1812776==
==1812776== Use of uninitialised value of size 8
==1812776== at 0x823E99: drmp3_L3_huffman (dr_mp3.h:1323)
==1812776== by 0x826344: drmp3_L3_decode (dr_mp3.h:1745)
==1812776== by 0x829DD7: drmp3dec_decode_frame (dr_mp3.h:2270)
==1812776== by 0x82ACE3: drmp3_decode_next_frame_ex__callbacks (dr_mp3.h:2693)
==1812776== by 0x82B0F0: drmp3_decode_next_frame_ex (dr_mp3.h:2779)
==1812776== by 0x82B142: drmp3_decode_next_frame (dr_mp3.h:2786)
==1812776== by 0x82C558: drmp3_read_pcm_frames_raw (dr_mp3.h:3636)
==1812776== by 0x82C5C0: drmp3_read_pcm_frames_f32 (dr_mp3.h:3653)
==1812776== by 0x82C8B3: drmp3_seek_forward_by_pcm_frames__brute_force (dr_mp3.h:3757)
==1812776== by 0x82C99A: drmp3_seek_to_pcm_frame__brute_force (dr_mp3.h:3788)
==1812776== by 0x82CCE9: drmp3_seek_to_pcm_frame (dr_mp3.h:3887)
==1812776== by 0x82E2FC: ad_seek_minimp3 (ad_dr_mp3.c:82)
==1812776==
==1812776== Use of uninitialised value of size 8
==1812776== at 0x823F9D: drmp3_L3_huffman (dr_mp3.h:1340)
==1812776== by 0x826344: drmp3_L3_decode (dr_mp3.h:1745)
==1812776== by 0x829DD7: drmp3dec_decode_frame (dr_mp3.h:2270)
==1812776== by 0x82ACE3: drmp3_decode_next_frame_ex__callbacks (dr_mp3.h:2693)
==1812776== by 0x82B0F0: drmp3_decode_next_frame_ex (dr_mp3.h:2779)
==1812776== by 0x82B142: drmp3_decode_next_frame (dr_mp3.h:2786)
==1812776== by 0x82C558: drmp3_read_pcm_frames_raw (dr_mp3.h:3636)
==1812776== by 0x82C5C0: drmp3_read_pcm_frames_f32 (dr_mp3.h:3653)
==1812776== by 0x82C8B3: drmp3_seek_forward_by_pcm_frames__brute_force (dr_mp3.h:3757)
==1812776== by 0x82C99A: drmp3_seek_to_pcm_frame__brute_force (dr_mp3.h:3788)
==1812776== by 0x82CCE9: drmp3_seek_to_pcm_frame (dr_mp3.h:3887)
==1812776== by 0x82E2FC: ad_seek_minimp3 (ad_dr_mp3.c:82)
==1812776==
what can I do to dig deeper into this?
I'm not sure what would be causing these to get triggered. The drmp3_L3_huffman() function is from minimp3 which is what dr_mp3 wraps around and is not maintained by me. However, that top one on line 1364 looks fine from what I can see. The only thing I can see that is 8 bytes is the codebook_count1 variable and that's initialized just fine.
I noticed that all of these are coming from a seek. Are you getting the error when reading like normal with drmp3_read_pcm_frames_*()?
Sorry for late response, yes, I simply use that function for seeking and see the valgrind warning. Seems to me the issue is not the variables not being uninitialized, but rather that it reads data out of bounds. The code in question is here https://github.com/falkTX/Carla/blob/main/source/modules/audio_decoder/ad_dr_mp3.c#L86 Which is called from https://github.com/falkTX/Carla/blob/main/source/native-plugins/audio-base.hpp#L516 (This is my rough way of making a "preview" of the audio signal peaks)
I tried it again as I did a few general fixes, and get the same results:
==2805937== Use of uninitialised value of size 8
==2805937== at 0x823FE2: drmp3_L3_huffman (dr_mp3.h:1364)
==2805937== by 0x826214: drmp3_L3_decode (dr_mp3.h:1745)
==2805937== by 0x829CA7: drmp3dec_decode_frame (dr_mp3.h:2270)
==2805937== by 0x82ABB3: drmp3_decode_next_frame_ex__callbacks (dr_mp3.h:2693)
==2805937== by 0x82AFC0: drmp3_decode_next_frame_ex (dr_mp3.h:2779)
==2805937== by 0x82CAB2: drmp3_seek_to_pcm_frame__seek_table (dr_mp3.h:3856)
==2805937== by 0x82CBA4: drmp3_seek_to_pcm_frame (dr_mp3.h:3885)
==2805937== by 0x82E230: ad_seek_dr_mp3 (ad_dr_mp3.c:90)
==2805937== by 0x83A97D: ad_seek (ad_plugin.c:106)
==2805937== by 0x84205B: AudioFileReader::readFilePreview(unsigned int, float*) (audio-base.hpp:534)
==2805937== by 0x84192E: AudioFileReader::loadFilename(char const*, unsigned int, unsigned int, float*) (audio-base.hpp:407)
==2805937== by 0x8447D1: AudioFilePlugin::loadFilename(char const*) (audio-file.cpp:665)
==2805937==
==2805937== Use of uninitialised value of size 8
==2805937== at 0x824025: drmp3_L3_huffman (dr_mp3.h:1367)
==2805937== by 0x826214: drmp3_L3_decode (dr_mp3.h:1745)
==2805937== by 0x829CA7: drmp3dec_decode_frame (dr_mp3.h:2270)
==2805937== by 0x82ABB3: drmp3_decode_next_frame_ex__callbacks (dr_mp3.h:2693)
==2805937== by 0x82AFC0: drmp3_decode_next_frame_ex (dr_mp3.h:2779)
==2805937== by 0x82B012: drmp3_decode_next_frame (dr_mp3.h:2786)
==2805937== by 0x82C428: drmp3_read_pcm_frames_raw (dr_mp3.h:3636)
==2805937== by 0x82C490: drmp3_read_pcm_frames_f32 (dr_mp3.h:3653)
==2805937== by 0x82C783: drmp3_seek_forward_by_pcm_frames__brute_force (dr_mp3.h:3757)
==2805937== by 0x82CB16: drmp3_seek_to_pcm_frame__seek_table (dr_mp3.h:3870)
==2805937== by 0x82CBA4: drmp3_seek_to_pcm_frame (dr_mp3.h:3885)
==2805937== by 0x82E230: ad_seek_dr_mp3 (ad_dr_mp3.c:90)
==2805937==
==2805937== Use of uninitialised value of size 8
==2805937== at 0x823F08: drmp3_L3_huffman (dr_mp3.h:1352)
==2805937== by 0x826214: drmp3_L3_decode (dr_mp3.h:1745)
==2805937== by 0x829CA7: drmp3dec_decode_frame (dr_mp3.h:2270)
==2805937== by 0x82ABB3: drmp3_decode_next_frame_ex__callbacks (dr_mp3.h:2693)
==2805937== by 0x82AFC0: drmp3_decode_next_frame_ex (dr_mp3.h:2779)
==2805937== by 0x82B012: drmp3_decode_next_frame (dr_mp3.h:2786)
==2805937== by 0x82C428: drmp3_read_pcm_frames_raw (dr_mp3.h:3636)
==2805937== by 0x82C490: drmp3_read_pcm_frames_f32 (dr_mp3.h:3653)
==2805937== by 0x82C783: drmp3_seek_forward_by_pcm_frames__brute_force (dr_mp3.h:3757)
==2805937== by 0x82CB16: drmp3_seek_to_pcm_frame__seek_table (dr_mp3.h:3870)
==2805937== by 0x82CBA4: drmp3_seek_to_pcm_frame (dr_mp3.h:3885)
==2805937== by 0x82E230: ad_seek_dr_mp3 (ad_dr_mp3.c:90)
==2805937==
==2805937== Use of uninitialised value of size 8
==2805937== at 0x823D69: drmp3_L3_huffman (dr_mp3.h:1323)
==2805937== by 0x826214: drmp3_L3_decode (dr_mp3.h:1745)
==2805937== by 0x829CA7: drmp3dec_decode_frame (dr_mp3.h:2270)
==2805937== by 0x82ABB3: drmp3_decode_next_frame_ex__callbacks (dr_mp3.h:2693)
==2805937== by 0x82AFC0: drmp3_decode_next_frame_ex (dr_mp3.h:2779)
==2805937== by 0x82B012: drmp3_decode_next_frame (dr_mp3.h:2786)
==2805937== by 0x82C428: drmp3_read_pcm_frames_raw (dr_mp3.h:3636)
==2805937== by 0x82C490: drmp3_read_pcm_frames_f32 (dr_mp3.h:3653)
==2805937== by 0x82C783: drmp3_seek_forward_by_pcm_frames__brute_force (dr_mp3.h:3757)
==2805937== by 0x82CB16: drmp3_seek_to_pcm_frame__seek_table (dr_mp3.h:3870)
==2805937== by 0x82CBA4: drmp3_seek_to_pcm_frame (dr_mp3.h:3885)
==2805937== by 0x82E230: ad_seek_dr_mp3 (ad_dr_mp3.c:90)
==2805937==
==2805937== Use of uninitialised value of size 8
==2805937== at 0x823E6D: drmp3_L3_huffman (dr_mp3.h:1340)
==2805937== by 0x826214: drmp3_L3_decode (dr_mp3.h:1745)
==2805937== by 0x829CA7: drmp3dec_decode_frame (dr_mp3.h:2270)
==2805937== by 0x82ABB3: drmp3_decode_next_frame_ex__callbacks (dr_mp3.h:2693)
==2805937== by 0x82AFC0: drmp3_decode_next_frame_ex (dr_mp3.h:2779)
==2805937== by 0x82B012: drmp3_decode_next_frame (dr_mp3.h:2786)
==2805937== by 0x82C428: drmp3_read_pcm_frames_raw (dr_mp3.h:3636)
==2805937== by 0x82C490: drmp3_read_pcm_frames_f32 (dr_mp3.h:3653)
==2805937== by 0x82E292: ad_read_dr_mp3 (ad_dr_mp3.c:97)
==2805937== by 0x83A9D3: ad_read (ad_plugin.c:112)
==2805937== by 0x8426F1: AudioFileReader::readPoll() (audio-base.hpp:681)
==2805937== by 0x84487F: AudioFilePlugin::loadFilename(char const*) (audio-file.cpp:678)
==2805937==
Closing this one. This is coming from minimp3 which I don't maintain. If it's ever fixed there I'll update dr_mp3.