Opened 16 years ago
Last modified 13 years ago
#1205 new defect
Error in Video Decoding: Conditional jump or move depends on uninitialised value(s)
| Reported by: | Owned by: | reimar | |
|---|---|---|---|
| Priority: | normal | Component: | vd |
| Version: | HEAD | Severity: | normal |
| Keywords: | Cc: | catchconv-bugreports@… | |
| Blocked By: | Blocking: | ||
| Reproduced by developer: | no | Analyzed by developer: | no |
Description
The following report is for the SUPERB-TRUST 2008, the cyber security project.
#Error found at test case .mp4 file for mplayer version (dev-SVN-r27305-4.1.2)
valgrind report the Invalid Read.
#The test case is "mp3audioproblem.mp4" can be found at the URL
*http://www.eecs.berkeley.edu/~sckhan/mp3audioproblem.mp4
#Reproducible with the following command
*valgrind mplayer
Can also be run as:
*valgrind --log-file=log27 mplayer mp3audioproblem.mp4
#OS: Debian Etch Linux
#Valgrind output:
==11977== Memcheck, a memory error detector.
==11977== Copyright (C) 2002-2007, and GNU GPL'd, by Julian Seward et al.
==11977== Using LibVEX rev 1854, a library for dynamic binary translation.
==11977== Copyright (C) 2004-2007, and GNU GPL'd, by OpenWorks LLP.
==11977== Using valgrind-3.3.1, a dynamic binary instrumentation framework.
==11977== Copyright (C) 2000-2007, and GNU GPL'd, by Julian Seward et al.
==11977== For more details, rerun with: -v
==11977==
==11977== My PID = 11977, parent PID = 3044. Prog and args are:
==11977== mplayer
==11977== mp3audioproblem.mp4
==11977==
==11977== Conditional jump or move depends on uninitialised value(s)
==11977== Stack hash: 3093939245
==11977== at 0x8455BB2: decode_seq_parameter_set (golomb.h:60)
==11977== by 0x8457407: decode_nal_units (h264.c:7615)
==11977== by 0x84587BC: decode_frame (h264.c:7745)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Conditional jump or move depends on uninitialised value(s)
==11977== Stack hash: 2418701129
==11977== at 0x8455BEE: decode_seq_parameter_set (golomb.h:60)
==11977== by 0x8457407: decode_nal_units (h264.c:7615)
==11977== by 0x84587BC: decode_frame (h264.c:7745)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Use of uninitialised value of size 4
==11977== Stack hash: 1875999343
==11977== at 0x8433B07: get_cabac_noinline (cabac.h:572)
==11977== by 0x843616A: decode_cabac_intra_mb_type (h264.c:5030)
==11977== by 0x843F8B7: decode_mb_cabac (h264.c:5054)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Use of uninitialised value of size 4
==11977== Stack hash: 1521277126
==11977== at 0x8433B16: get_cabac_noinline (cabac.h:575)
==11977== by 0x843616A: decode_cabac_intra_mb_type (h264.c:5030)
==11977== by 0x843F8B7: decode_mb_cabac (h264.c:5054)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Conditional jump or move depends on uninitialised value(s)
==11977== Stack hash: 165672563
==11977== at 0x8433B2B: get_cabac_noinline (cabac.h:578)
==11977== by 0x843616A: decode_cabac_intra_mb_type (h264.c:5030)
==11977== by 0x843F8B7: decode_mb_cabac (h264.c:5054)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Conditional jump or move depends on uninitialised value(s)
==11977== Stack hash: 447205999
==11977== at 0x843616D: decode_cabac_intra_mb_type (h264.c:5030)
==11977== by 0x843F8B7: decode_mb_cabac (h264.c:5054)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Conditional jump or move depends on uninitialised value(s)
==11977== Stack hash: 4027596732
==11977== at 0x8433C46: get_cabac_terminate (cabac.h:694)
==11977== by 0x8436178: decode_cabac_intra_mb_type (h264.c:5038)
==11977== by 0x843F8B7: decode_mb_cabac (h264.c:5054)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Conditional jump or move depends on uninitialised value(s)
==11977== Stack hash: 1671109823
==11977== at 0x8433C61: get_cabac_terminate (cabac.h:369)
==11977== by 0x8436178: decode_cabac_intra_mb_type (h264.c:5038)
==11977== by 0x843F8B7: decode_mb_cabac (h264.c:5054)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Use of uninitialised value of size 4
==11977== Stack hash: 382755805
==11977== at 0x8433ADA: get_cabac_noinline (cabac.h:544)
==11977== by 0x8436201: decode_cabac_intra_mb_type (h264.c:5042)
==11977== by 0x843F8B7: decode_mb_cabac (h264.c:5054)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Use of uninitialised value of size 4
==11977== Stack hash: 3613556450
==11977== at 0x8433B07: get_cabac_noinline (cabac.h:572)
==11977== by 0x8436201: decode_cabac_intra_mb_type (h264.c:5042)
==11977== by 0x843F8B7: decode_mb_cabac (h264.c:5054)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Use of uninitialised value of size 4
==11977== Stack hash: 3258834233
==11977== at 0x8433B16: get_cabac_noinline (cabac.h:575)
==11977== by 0x8436201: decode_cabac_intra_mb_type (h264.c:5042)
==11977== by 0x843F8B7: decode_mb_cabac (h264.c:5054)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Conditional jump or move depends on uninitialised value(s)
==11977== Stack hash: 1903229670
==11977== at 0x8433B2B: get_cabac_noinline (cabac.h:578)
==11977== by 0x8436201: decode_cabac_intra_mb_type (h264.c:5042)
==11977== by 0x843F8B7: decode_mb_cabac (h264.c:5054)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Use of uninitialised value of size 4
==11977== Stack hash: 3548653008
==11977== at 0x8433ADA: get_cabac_noinline (cabac.h:544)
==11977== by 0x8436218: decode_cabac_intra_mb_type (h264.c:5043)
==11977== by 0x843F8B7: decode_mb_cabac (h264.c:5054)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Use of uninitialised value of size 4
==11977== Stack hash: 2484486357
==11977== at 0x8433B07: get_cabac_noinline (cabac.h:572)
==11977== by 0x8436218: decode_cabac_intra_mb_type (h264.c:5043)
==11977== by 0x843F8B7: decode_mb_cabac (h264.c:5054)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Use of uninitialised value of size 4
==11977== Stack hash: 2129764140
==11977== at 0x8433B16: get_cabac_noinline (cabac.h:575)
==11977== by 0x8436218: decode_cabac_intra_mb_type (h264.c:5043)
==11977== by 0x843F8B7: decode_mb_cabac (h264.c:5054)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Conditional jump or move depends on uninitialised value(s)
==11977== Stack hash: 774159577
==11977== at 0x8433B2B: get_cabac_noinline (cabac.h:578)
==11977== by 0x8436218: decode_cabac_intra_mb_type (h264.c:5043)
==11977== by 0x843F8B7: decode_mb_cabac (h264.c:5054)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Conditional jump or move depends on uninitialised value(s)
==11977== Stack hash: 1055693013
==11977== at 0x843621B: decode_cabac_intra_mb_type (h264.c:5043)
==11977== by 0x843F8B7: decode_mb_cabac (h264.c:5054)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Use of uninitialised value of size 4
==11977== Stack hash: 1446426676
==11977== at 0x8433ADA: get_cabac_noinline (cabac.h:544)
==11977== by 0x843622C: decode_cabac_intra_mb_type (h264.c:5045)
==11977== by 0x843F8B7: decode_mb_cabac (h264.c:5054)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Use of uninitialised value of size 4
==11977== Stack hash: 382260025
==11977== at 0x8433B07: get_cabac_noinline (cabac.h:572)
==11977== by 0x843622C: decode_cabac_intra_mb_type (h264.c:5045)
==11977== by 0x843F8B7: decode_mb_cabac (h264.c:5054)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Use of uninitialised value of size 4
==11977== Stack hash: 27537808
==11977== at 0x8433B16: get_cabac_noinline (cabac.h:575)
==11977== by 0x843622C: decode_cabac_intra_mb_type (h264.c:5045)
==11977== by 0x843F8B7: decode_mb_cabac (h264.c:5054)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Conditional jump or move depends on uninitialised value(s)
==11977== Stack hash: 2966900541
==11977== at 0x8433B2B: get_cabac_noinline (cabac.h:578)
==11977== by 0x843622C: decode_cabac_intra_mb_type (h264.c:5045)
==11977== by 0x843F8B7: decode_mb_cabac (h264.c:5054)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Use of uninitialised value of size 4
==11977== Stack hash: 2341625988
==11977== at 0x8433ADA: get_cabac_noinline (cabac.h:544)
==11977== by 0x843623C: decode_cabac_intra_mb_type (h264.c:5046)
==11977== by 0x843F8B7: decode_mb_cabac (h264.c:5054)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Use of uninitialised value of size 4
==11977== Stack hash: 1277459337
==11977== at 0x8433B07: get_cabac_noinline (cabac.h:572)
==11977== by 0x843623C: decode_cabac_intra_mb_type (h264.c:5046)
==11977== by 0x843F8B7: decode_mb_cabac (h264.c:5054)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Use of uninitialised value of size 4
==11977== Stack hash: 922737120
==11977== at 0x8433B16: get_cabac_noinline (cabac.h:575)
==11977== by 0x843623C: decode_cabac_intra_mb_type (h264.c:5046)
==11977== by 0x843F8B7: decode_mb_cabac (h264.c:5054)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Conditional jump or move depends on uninitialised value(s)
==11977== Stack hash: 3862099853
==11977== at 0x8433B2B: get_cabac_noinline (cabac.h:578)
==11977== by 0x843623C: decode_cabac_intra_mb_type (h264.c:5046)
==11977== by 0x843F8B7: decode_mb_cabac (h264.c:5054)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Conditional jump or move depends on uninitialised value(s)
==11977== Stack hash: 3949238742
==11977== at 0x843F8BF: decode_mb_cabac (h264.c:5671)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Use of uninitialised value of size 4
==11977== Stack hash: 1322776356
==11977== at 0x843EDCD: decode_mb_cabac (h264.c:5696)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Use of uninitialised value of size 4
==11977== Stack hash: 2723641072
==11977== at 0x8433ADA: get_cabac_noinline (cabac.h:544)
==11977== by 0x843F197: decode_mb_cabac (h264.c:5172)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Use of uninitialised value of size 4
==11977== Stack hash: 141115473
==11977== at 0x8433B07: get_cabac_noinline (cabac.h:572)
==11977== by 0x843F197: decode_mb_cabac (h264.c:5172)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Use of uninitialised value of size 4
==11977== Stack hash: 711929372
==11977== at 0x8433B16: get_cabac_noinline (cabac.h:575)
==11977== by 0x843F197: decode_mb_cabac (h264.c:5172)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Conditional jump or move depends on uninitialised value(s)
==11977== Stack hash: 3229055749
==11977== at 0x8433B2B: get_cabac_noinline (cabac.h:578)
==11977== by 0x843F197: decode_mb_cabac (h264.c:5172)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Conditional jump or move depends on uninitialised value(s)
==11977== Stack hash: 915060817
==11977== at 0x843F19A: decode_mb_cabac (h264.c:5172)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Use of uninitialised value of size 4
==11977== Stack hash: 1843701245
==11977== at 0x8433ADA: get_cabac_noinline (cabac.h:544)
==11977== by 0x843FF44: decode_mb_cabac (h264.c:5224)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Use of uninitialised value of size 4
==11977== Stack hash: 3556142942
==11977== at 0x8433B07: get_cabac_noinline (cabac.h:572)
==11977== by 0x843FF44: decode_mb_cabac (h264.c:5224)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Use of uninitialised value of size 4
==11977== Stack hash: 4126956841
==11977== at 0x8433B16: get_cabac_noinline (cabac.h:575)
==11977== by 0x843FF44: decode_mb_cabac (h264.c:5224)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Conditional jump or move depends on uninitialised value(s)
==11977== Stack hash: 2349115922
==11977== at 0x8433B2B: get_cabac_noinline (cabac.h:578)
==11977== by 0x843FF44: decode_mb_cabac (h264.c:5224)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Conditional jump or move depends on uninitialised value(s)
==11977== Stack hash: 35120990
==11977== at 0x843FF47: decode_mb_cabac (h264.c:5224)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Use of uninitialised value of size 4
==11977== Stack hash: 3961630655
==11977== at 0x8433B7A: get_cabac (cabac.h:544)
==11977== by 0x84365FA: decode_cabac_residual (h264.c:5451)
==11977== by 0x844183C: decode_mb_cabac (h264.c:6037)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Use of uninitialised value of size 4
==11977== Stack hash: 2897464004
==11977== at 0x8433BA7: get_cabac (cabac.h:572)
==11977== by 0x84365FA: decode_cabac_residual (h264.c:5451)
==11977== by 0x844183C: decode_mb_cabac (h264.c:6037)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Use of uninitialised value of size 4
==11977== Stack hash: 2542741787
==11977== at 0x8433BB6: get_cabac (cabac.h:575)
==11977== by 0x84365FA: decode_cabac_residual (h264.c:5451)
==11977== by 0x844183C: decode_mb_cabac (h264.c:6037)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Conditional jump or move depends on uninitialised value(s)
==11977== Stack hash: 1187137224
==11977== at 0x8433BCB: get_cabac (cabac.h:578)
==11977== by 0x84365FA: decode_cabac_residual (h264.c:5451)
==11977== by 0x844183C: decode_mb_cabac (h264.c:6037)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Conditional jump or move depends on uninitialised value(s)
==11977== Stack hash: 957407012
==11977== at 0x84365FD: decode_cabac_residual (h264.c:5451)
==11977== by 0x844183C: decode_mb_cabac (h264.c:6037)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Conditional jump or move depends on uninitialised value(s)
==11977== Stack hash: 1163056892
==11977== at 0x8433C46: get_cabac_terminate (cabac.h:694)
==11977== by 0x8455226: decode_slice (h264.c:6840)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Conditional jump or move depends on uninitialised value(s)
==11977== Stack hash: 935449783
==11977== at 0x8433C61: get_cabac_terminate (cabac.h:369)
==11977== by 0x8455226: decode_slice (h264.c:6840)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Use of uninitialised value of size 4
==11977== Stack hash: 2940165994
==11977== at 0x8433ADA: get_cabac_noinline (cabac.h:544)
==11977== by 0x843616A: decode_cabac_intra_mb_type (h264.c:5030)
==11977== by 0x843F8B7: decode_mb_cabac (h264.c:5054)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Use of uninitialised value of size 4
==11977== Stack hash: 206514695
==11977== at 0x8433AC5: get_cabac_noinline (cabac.h:543)
==11977== by 0x843F197: decode_mb_cabac (h264.c:5172)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Conditional jump or move depends on uninitialised value(s)
==11977== Stack hash: 1205889693
==11977== at 0x8436B0D: decode_cabac_residual (cabac.h:643)
==11977== by 0x8440085: decode_mb_cabac (h264.c:6061)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Use of uninitialised value of size 4
==11977== Stack hash: 2554279040
==11977== at 0x8433B07: get_cabac_noinline (cabac.h:572)
==11977== by 0x843EAA6: decode_mb_cabac (h264.c:5639)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Use of uninitialised value of size 4
==11977== Stack hash: 3125092939
==11977== at 0x8433B16: get_cabac_noinline (cabac.h:575)
==11977== by 0x843EAA6: decode_mb_cabac (h264.c:5639)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Conditional jump or move depends on uninitialised value(s)
==11977== Stack hash: 1347252020
==11977== at 0x8433B2B: get_cabac_noinline (cabac.h:578)
==11977== by 0x843EAA6: decode_mb_cabac (h264.c:5639)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== Conditional jump or move depends on uninitialised value(s)
==11977== Stack hash: 3328224384
==11977== at 0x843EAA9: decode_mb_cabac (h264.c:5641)
==11977== by 0x845506B: decode_slice (h264.c:6826)
==11977== by 0x845551B: execute_decode_slices (h264.c:7455)
==11977== by 0x8457C31: decode_nal_units (h264.c:7641)
==11977== by 0x8458834: decode_frame (h264.c:7772)
==11977== by 0x82ECCEF: avcodec_decode_video (utils.c:897)
==11977== by 0x8199049: decode (vd_ffmpeg.c:781)
==11977== by 0x80DB6CA: decode_video (dec_video.c:369)
==11977== by 0x80786B6: main (mplayer.c:1761)
==11977==
==11977== ERROR SUMMARY: 447 errors from 51 contexts (suppressed: 19 from 1)
==11977== malloc/free: in use at exit: 73,692 bytes in 47 blocks.
==11977== malloc/free: 5,086 allocs, 5,039 frees, 51,992,606 bytes allocated.
==11977== For counts of detected errors, rerun with: -v
==11977== searching for pointers to 47 not-freed blocks.
==11977== checked 2,936,764 bytes.
==11977==
==11977== LEAK SUMMARY:
==11977== definitely lost: 30 bytes in 3 blocks.
==11977== possibly lost: 0 bytes in 0 blocks.
==11977== still reachable: 73,662 bytes in 44 blocks.
==11977== suppressed: 0 bytes in 0 blocks.
==11977== Rerun with --leak-check=full to see details of leaked memory.
*This report to inform the error found in Mplayer using the test case: 4-mp3audioproblem.mp4 with Stack hash: 3328224384 and back-trace
at: decode_mb_cabac (h264.c:5641).
#The bug is found in making comparison of the fuzzing tools and is a part of
the metafuzz project.
*URL at: metafuzz.com
