Skip to content

oss-fuzz: Assertion 'a >= 0 && a < (1 << bits)' in get_relative_dist src/ref_mvs.c

Reproduced with commit acde4240

Steps to reproduce:

  1. replay testcase with ./dav1d_fuzzer clusterfuzz-testcase-dav1d_fuzzer-5679083342528512

clusterfuzz-testcase-dav1d_fuzzer-5679083342528512

==1==ERROR: AddressSanitizer: ABRT on unknown address 0x000000000001 (pc 0x7f4217e72428 bp 0x000000698800 sp 0x7ffee4223248 T0)
    #0 0x7f4217e72427 in gsignal /build/glibc-Cl5G7W/glibc-2.23/sysdeps/unix/sysv/linux/raise.c:54
    #1 0x7f4217e74029 in abort /build/glibc-Cl5G7W/glibc-2.23/stdlib/abort.c:89
    #2 0x7f4217e6abd6 in __assert_fail_base /build/glibc-Cl5G7W/glibc-2.23/assert/assert.c:92
    #3 0x7f4217e6ac81 in __assert_fail /build/glibc-Cl5G7W/glibc-2.23/assert/assert.c:101
    #4 0x57574f in get_relative_dist src/ref_mvs.c:613:3
    #5 0x57523f in av1_init_ref_mv_common src/ref_mvs.c:2121:42
    #6 0x54a0ba in dav1d_decode_frame src/decode.c:2526:25
    #7 0x55088e in dav1d_submit_frame src/decode.c:3041:20
    #8 0x5384ef in dav1d_parse_obus src/obu.c:1110:20
    #9 0x5356a6 in dav1d_decode src/lib.c:201:20
    #10 0x53209b in LLVMFuzzerTestOneInput tests/libfuzzer/dav1d_fuzzer.c:83:19
    #11 0x53003e in ExecuteFilesOnyByOne(int, char**) /src/libfuzzer/afl/afl_driver.cpp:301:5
    #12 0x5305ae in main /src/libfuzzer/afl/afl_driver.cpp:339:12
Edited by Tyson Smith
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

VideoLAN code repository instance