oss-fuzz: failed assert(!cdf[n_symbols - 1])
Steps to reproduce
- run
./tests/dav1d_fuzzer_mtrepeatedly with attached test case
clusterfuzz-testcase-minimized-dav1d_fuzzer_mt-5700248035393536
dav1d_fuzzer_mt: ../../src/dav1d/src/msac.c:79: unsigned int msac_decode_symbol(MsacContext *const, const uint16_t *const, const unsigned int): Assertion `!cdf[n_symbols - 1]' failed.
UndefinedBehaviorSanitizer:DEADLYSIGNAL
==1==ERROR: UndefinedBehaviorSanitizer: ABRT on unknown address 0x000000000001 (pc 0x7f797c702428 bp 0x0000005b05eb sp 0x7f797a247a88 T12)
#0 0x7f797c702427 in gsignal /build/glibc-Cl5G7W/glibc-2.23/sysdeps/unix/sysv/linux/raise.c:54
#1 0x7f797c704029 in abort /build/glibc-Cl5G7W/glibc-2.23/stdlib/abort.c:89
#2 0x7f797c6fabd6 in __assert_fail_base /build/glibc-Cl5G7W/glibc-2.23/assert/assert.c:92
#3 0x7f797c6fac81 in __assert_fail /build/glibc-Cl5G7W/glibc-2.23/assert/assert.c:101
#4 0x45f047 in msac_decode_symbol /src/dav1d/src/msac.c:79:5
#5 0x45fadd in msac_decode_symbol_adapt /src/dav1d/src/msac.c:159:26
#6 0x43c3ce in decode_sb /src/dav1d/src/decode.c:1940:18
#7 0x43b664 in dav1d_decode_tile_sbrow /src/dav1d/src/decode.c:2464:13
#8 0x432d6e in dav1d_tile_task /src/dav1d/src/thread_task.c:89:29
#9 0x7f797d3c96b9 in start_thread