Use of uninitialised value in iclip() intops.h
Reproduced with commit c0351e1b
Steps to reproduce:
- build dav1d with CFLAGS="-Og -g"
- replay testcase with
valgrind -q ./dav1d_fuzzer testcase.ivf
Conditional jump or move depends on uninitialised value(s)
at 0x12B518: iclip (intops.h:44)
by 0x12B518: iclip_u8 (intops.h:48)
by 0x12B518: upsample_edge (ipred_tmpl.c:365)
by 0x12BE46: ipred_z2_c (ipred_tmpl.c:450)
by 0x13B086: dav1d_recon_b_intra_8bpc (recon_tmpl.c:982)
by 0x112E75: decode_b (decode.c:1096)
by 0x11924D: decode_sb (decode.c:1994)
by 0x118FCA: decode_sb (decode.c:1920)
by 0x118D16: decode_sb (decode.c:1837)
by 0x118D16: decode_sb (decode.c:1837)
by 0x11A230: dav1d_decode_tile_sbrow (decode.c:2323)
by 0x11B3B1: dav1d_decode_frame (decode.c:2668)
by 0x11C5D5: dav1d_submit_frame (decode.c:3040)
by 0x10EFA3: dav1d_parse_obus (obu.c:1137)
Conditional jump or move depends on uninitialised value(s)
at 0x12BEBD: iclip (intops.h:44)
by 0x12BEBD: iclip_u8 (intops.h:48)
by 0x12BEBD: ipred_z2_c (ipred_tmpl.c:488)
by 0x13B086: dav1d_recon_b_intra_8bpc (recon_tmpl.c:982)
by 0x112E75: decode_b (decode.c:1096)
by 0x11924D: decode_sb (decode.c:1994)
by 0x118FCA: decode_sb (decode.c:1920)
by 0x118D16: decode_sb (decode.c:1837)
by 0x118D16: decode_sb (decode.c:1837)
by 0x11A230: dav1d_decode_tile_sbrow (decode.c:2323)
by 0x11B3B1: dav1d_decode_frame (decode.c:2668)
by 0x11C5D5: dav1d_submit_frame (decode.c:3040)
by 0x10EFA3: dav1d_parse_obus (obu.c:1137)
by 0x10B2AB: dav1d_decode (lib.c:201)
...