For this .mp3 file, valgrind reports UninitValue, UninitCondition.

[xuecongli@…]

This bug was found as part of the metafuzz project, see ​http://www.metafuzz.com

For this .mp3 file, valgrind reports UninitValue, UninitCondition.

System Info:

MPlayer dev-SVN-r27496-4.1.2 (C) 2000-2008 MPlayer Team
CPU: Intel Pentium 4/Celeron 4 Northwood; Pentium 4 EE/Xeon Prestonia,Gallatin (Family: 15, Model: 2, Stepping: 7)
CPUflags: MMX: 1 MMX2: 1 3DNow: 0 3DNow2: 0 SSE: 1 SSE2: 1
Compiled for x86 CPU with extensions: MMX MMX2 3DNow 3DNowEx SSE SSE2

Playing 199-song0004.mp3.

##############################################################

to reproduce:
wget ​http://www.metafuzz.com/testcases/664852-199-311034112-result256.tgz
tar xzf 664852-199-311034112-result256.tgz
valgrind mplayer 199-song0004.mp3

::::::::::::::::::::Valgrind result:::::::::::::::::::::::::::::

==1295== Memcheck, a memory error detector.
==1295== Copyright (C) 2002-2007, and GNU GPL'd, by Julian Seward et al.
==1295== Using LibVEX rev 1715, a library for dynamic binary translation.
==1295== Copyright (C) 2004-2007, and GNU GPL'd, by OpenWorks LLP.
==1295== Using valgrind-3.2.2, a dynamic binary instrumentation framework.
==1295== Copyright (C) 2000-2007, and GNU GPL'd, by Julian Seward et al.
==1295== For more details, rerun with: -v
==1295==
==1295== My PID = 1295, parent PID = 1294. Prog and args are:
==1295== mplayer
==1295== 199-song0004.mp3
==1295==
==1295== Use of uninitialised value of size 4
==1295== Stack hash: 1139837953
==1295== at 0x8474A76: huffman_decode (mpegaudiodec.c:1558)
==1295== by 0x84757DD: mp_decode_layer3 (mpegaudiodec.c:2280)
==1295== by 0x8477211: mp_decode_frame (mpegaudiodec.c:2336)
==1295== by 0x8479178: decode_frame (mpegaudiodec.c:2432)
==1295== by 0x82E883A: avcodec_decode_audio2 (utils.c:955)
==1295== by 0x82618A5: av_find_stream_info (utils.c:1888)
==1295== by 0x81C4906: demux_open_lavf (demux_lavf.c:476)
==1295== by 0x811DCDC: demux_open_stream (demuxer.c:871)
==1295== by 0x811DF94: demux_open (demuxer.c:998)
==1295== by 0x80799BC: main (mplayer.c:3237)
==1295==
==1295== Use of uninitialised value of size 4
==1295== Stack hash: 2294023456
==1295== at 0x8474AC9: huffman_decode (mpegaudiodec.c:1568)
==1295== by 0x84757DD: mp_decode_layer3 (mpegaudiodec.c:2280)
==1295== by 0x8477211: mp_decode_frame (mpegaudiodec.c:2336)
==1295== by 0x8479178: decode_frame (mpegaudiodec.c:2432)
==1295== by 0x82E883A: avcodec_decode_audio2 (utils.c:955)
==1295== by 0x82618A5: av_find_stream_info (utils.c:1888)
==1295== by 0x81C4906: demux_open_lavf (demux_lavf.c:476)
==1295== by 0x811DCDC: demux_open_stream (demuxer.c:871)
==1295== by 0x811DF94: demux_open (demuxer.c:998)
==1295== by 0x80799BC: main (mplayer.c:3237)
==1295==
==1295== Use of uninitialised value of size 4
==1295== Stack hash: 3324746826
==1295== at 0x8474E6B: huffman_decode (mpegaudiodec.c:231)
==1295== by 0x84757DD: mp_decode_layer3 (mpegaudiodec.c:2280)
==1295== by 0x8477211: mp_decode_frame (mpegaudiodec.c:2336)
==1295== by 0x8479178: decode_frame (mpegaudiodec.c:2432)
==1295== by 0x82E883A: avcodec_decode_audio2 (utils.c:955)
==1295== by 0x82618A5: av_find_stream_info (utils.c:1888)
==1295== by 0x81C4906: demux_open_lavf (demux_lavf.c:476)
==1295== by 0x811DCDC: demux_open_stream (demuxer.c:871)
==1295== by 0x811DF94: demux_open (demuxer.c:998)
==1295== by 0x80799BC: main (mplayer.c:3237)
==1295==
==1295== Use of uninitialised value of size 4
==1295== Stack hash: 1300477421
==1295== at 0x8474E72: huffman_decode (mpegaudiodec.c:232)
==1295== by 0x84757DD: mp_decode_layer3 (mpegaudiodec.c:2280)
==1295== by 0x8477211: mp_decode_frame (mpegaudiodec.c:2336)
==1295== by 0x8479178: decode_frame (mpegaudiodec.c:2432)
==1295== by 0x82E883A: avcodec_decode_audio2 (utils.c:955)
==1295== by 0x82618A5: av_find_stream_info (utils.c:1888)
==1295== by 0x81C4906: demux_open_lavf (demux_lavf.c:476)
==1295== by 0x811DCDC: demux_open_stream (demuxer.c:871)
==1295== by 0x811DF94: demux_open (demuxer.c:998)
==1295== by 0x80799BC: main (mplayer.c:3237)
==1295==
==1295== Conditional jump or move depends on uninitialised value(s)
==1295== Stack hash: 2844447559
==1295== at 0x8474E84: huffman_decode (mpegaudiodec.c:235)
==1295== by 0x84757DD: mp_decode_layer3 (mpegaudiodec.c:2280)
==1295== by 0x8477211: mp_decode_frame (mpegaudiodec.c:2336)
==1295== by 0x8479178: decode_frame (mpegaudiodec.c:2432)
==1295== by 0x82E883A: avcodec_decode_audio2 (utils.c:955)
==1295== by 0x82618A5: av_find_stream_info (utils.c:1888)
==1295== by 0x81C4906: demux_open_lavf (demux_lavf.c:476)
==1295== by 0x811DCDC: demux_open_stream (demuxer.c:871)
==1295== by 0x811DF94: demux_open (demuxer.c:998)
==1295== by 0x80799BC: main (mplayer.c:3237)
==1295==
==1295== Use of uninitialised value of size 4
==1295== Stack hash: 2819332149
==1295== at 0x8474E1A: huffman_decode (mpegaudiodec.c:231)
==1295== by 0x84757DD: mp_decode_layer3 (mpegaudiodec.c:2280)
==1295== by 0x8477211: mp_decode_frame (mpegaudiodec.c:2336)
==1295== by 0x8479178: decode_frame (mpegaudiodec.c:2432)
==1295== by 0x82E883A: avcodec_decode_audio2 (utils.c:955)
==1295== by 0x82618A5: av_find_stream_info (utils.c:1888)
==1295== by 0x81C4906: demux_open_lavf (demux_lavf.c:476)
==1295== by 0x811DCDC: demux_open_stream (demuxer.c:871)
==1295== by 0x811DF94: demux_open (demuxer.c:998)
==1295== by 0x80799BC: main (mplayer.c:3237)
==1295==
==1295== Use of uninitialised value of size 4
==1295== Stack hash: 795062744
==1295== at 0x8474E21: huffman_decode (mpegaudiodec.c:232)
==1295== by 0x84757DD: mp_decode_layer3 (mpegaudiodec.c:2280)
==1295== by 0x8477211: mp_decode_frame (mpegaudiodec.c:2336)
==1295== by 0x8479178: decode_frame (mpegaudiodec.c:2432)
==1295== by 0x82E883A: avcodec_decode_audio2 (utils.c:955)
==1295== by 0x82618A5: av_find_stream_info (utils.c:1888)
==1295== by 0x81C4906: demux_open_lavf (demux_lavf.c:476)
==1295== by 0x811DCDC: demux_open_stream (demuxer.c:871)
==1295== by 0x811DF94: demux_open (demuxer.c:998)
==1295== by 0x80799BC: main (mplayer.c:3237)
==1295==
==1295== Conditional jump or move depends on uninitialised value(s)
==1295== Stack hash: 717105817
==1295== at 0x8474E2E: huffman_decode (mpegaudiodec.c:235)
==1295== by 0x84757DD: mp_decode_layer3 (mpegaudiodec.c:2280)
==1295== by 0x8477211: mp_decode_frame (mpegaudiodec.c:2336)
==1295== by 0x8479178: decode_frame (mpegaudiodec.c:2432)
==1295== by 0x82E883A: avcodec_decode_audio2 (utils.c:955)
==1295== by 0x82618A5: av_find_stream_info (utils.c:1888)
==1295== by 0x81C4906: demux_open_lavf (demux_lavf.c:476)
==1295== by 0x811DCDC: demux_open_stream (demuxer.c:871)
==1295== by 0x811DF94: demux_open (demuxer.c:998)
==1295== by 0x80799BC: main (mplayer.c:3237)
==1295==
==1295== Use of uninitialised value of size 4
==1295== Stack hash: 4247672245
==1295== at 0x8474D9A: huffman_decode (mpegaudiodec.c:1581)
==1295== by 0x84757DD: mp_decode_layer3 (mpegaudiodec.c:2280)
==1295== by 0x8477211: mp_decode_frame (mpegaudiodec.c:2336)
==1295== by 0x8479178: decode_frame (mpegaudiodec.c:2432)
==1295== by 0x82E883A: avcodec_decode_audio2 (utils.c:955)
==1295== by 0x82618A5: av_find_stream_info (utils.c:1888)
==1295== by 0x81C4906: demux_open_lavf (demux_lavf.c:476)
==1295== by 0x811DCDC: demux_open_stream (demuxer.c:871)
==1295== by 0x811DF94: demux_open (demuxer.c:998)
==1295== by 0x80799BC: main (mplayer.c:3237)
==1295==
==1295== ERROR SUMMARY: 422 errors from 9 contexts (suppressed: 21 from 1)
==1295== malloc/free: in use at exit: 32,908 bytes in 12 blocks.
==1295== malloc/free: 6,463 allocs, 6,451 frees, 4,239,463 bytes allocated.
==1295== For counts of detected errors, rerun with: -v
==1295== searching for pointers to 12 not-freed blocks.
==1295== checked 3,250,212 bytes.
==1295==
==1295== LEAK SUMMARY:
==1295== definitely lost: 0 bytes in 0 blocks.
==1295== possibly lost: 0 bytes in 0 blocks.
==1295== still reachable: 32,908 bytes in 12 blocks.
==1295== suppressed: 0 bytes in 0 blocks.
==1295== Reachable blocks (those to which a pointer was found) are not shown.
==1295== To see them, rerun with: --leak-check=full --show-reachable=yes