Skip to content

shift exponent is negative in get_poc_diff() src/env.h

Found with commit 6ac49461

This issue is hit frequently when fuzzing.

Steps to reproduce:

  1. build dav1d with UndefinedBehaviorSanitizer (-fsanitize=shift)
  2. replay testcase with dav1d fuzzer

testcase.ivf

src/env.h:296:24: runtime error: shift exponent -1 is negative
    #0 0x54510a in get_poc_diff src/env.h:296:24
    #1 0x54510a in dav1d_decode_frame src/decode.c:2555
    #2 0x54c4c7 in dav1d_submit_frame src/decode.c:3032:20
    #3 0x51d6c4 in dav1d_parse_obus src/obu.c:1079:20
    #4 0x517fc4 in dav1d_decode src/lib.c:193:20
    #5 0x51299e in LLVMFuzzerTestOneInput tests/libfuzzer/dav1d_fuzzer.c:75:19
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

VideoLAN code repository instance