[oss-fuzz 4757451963695104] Null dereference in DVD SPU
Ref.:
INFO: Running with entropic power schedule (0xFF, 100).
INFO: Seed: 2194890610
INFO: Loaded 1 modules (74301 inline 8-bit counters): 74301 [0x5d2c77dada88, 0x5d2c77dbfcc5),
INFO: Loaded 1 PC tables (74301 PCs): 74301 [0x5d2c77dbfcc8,0x5d2c77ee2098),
/mnt/scratch0/clusterfuzz/bot/builds/clusterfuzz-builds_vlc_8f98ce4aa4498db36bdafd2ab37989a4592ed90c/revisions/vlc-demux-dec-libfuzzer: Running 1 inputs 100 time(s) each.
Running: /mnt/scratch0/clusterfuzz/bot/inputs/fuzzer-testcases/crash-a5c50f431402b5404e182132d1ad640dc9aad951
AddressSanitizer:DEADLYSIGNAL
=================================================================
==402==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000090 (pc 0x5d2c77924099 bp 0x7fff8f271eb0 sp 0x7fff8f271b60 T0)
==402==The signal is caused by a READ memory access.
==402==Hint: address points to the zero page.
#0 0x5d2c77924099 in ParsePXCTLI /src/vlc/modules/codec/spudec/parse.c:110:35
#1 0x5d2c77924099 in OutputPicture /src/vlc/modules/codec/spudec/parse.c:274:9
#2 0x5d2c77924099 in ParseControlSeq /src/vlc/modules/codec/spudec/parse.c:570:17
#3 0x5d2c77924099 in ParsePacket /src/vlc/modules/codec/spudec/parse.c:340:9
#4 0x5d2c77920925 in Decode /src/vlc/modules/codec/spudec/spudec.c:166:5
#5 0x5d2c774c2eb0 in test_decoder_process /src/vlc/test/src/input/decoder.c:253:23
#6 0x5d2c774c1353 in EsOutSend /src/vlc/test/src/input/demux-run.c:115:9
#7 0x5d2c775e5aaa in es_out_Send /src/vlc/include/vlc_es_out.h:157:12
#8 0x5d2c775e5aaa in Demux /src/vlc/modules/demux/mpeg/ps.c:698:17
#9 0x5d2c774c09fb in demux_process_stream /src/vlc/test/src/input/demux-run.c:312:19
#10 0x5d2c774c00ef in LLVMFuzzerTestOneInput /src/vlc/test/vlc-demux-libfuzzer.c:63:5
#11 0x5d2c7735d8bd in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:619:13
#12 0x5d2c77348632 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:329:6
#13 0x5d2c7734e500 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:865:9
#14 0x5d2c7737a032 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
#15 0x78817de0b082 in __libc_start_main /build/glibc-LcI20x/glibc-2.31/csu/libc-start.c:308:16
#16 0x5d2c7734171d in _start
==402==Register values:
rax = 0x0000000000000012 rbx = 0x00007fff8f271b60 rcx = 0x000075e17d2e12a8 rdx = 0x0000000000000047
rdi = 0x0000000000000090 rsi = 0x000078817ddbb0d0 rbp = 0x00007fff8f271eb0 rsp = 0x00007fff8f271b60
r8 = 0x0000000000000200 r9 = 0x000076c17d2e6000 r10 = 0x00007fffffffff01 r11 = 0x0000000000000001
r12 = 0xf8f8f8f8f8f8f8f8 r13 = 0x00000000ffffffff r14 = 0x0000000000000001 r15 = 0x00000e90af892000
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (/mnt/scratch0/clusterfuzz/bot/builds/clusterfuzz-builds_vlc_8f98ce4aa4498db36bdafd2ab37989a4592ed90c/revisions/vlc-demux-dec-libfuzzer+0x910099)
==402==ABORTINGSamples: