ASTERISK-26532: [UBSAN] codec_g726.c:runtime error: left shift of negative value -12

[Home]

Summary: ASTERISK-26532: [UBSAN] codec_g726.c:runtime error: left shift of negative value -12

Reporter: Badalian Vyacheslav (slavon) Labels:

Date Opened: 2016-10-30 14:06:21 Date Closed: 2016-10-30 14:33:54

Priority: Major Regression?

Status: Closed/Complete Components:

Versions: 13.12.1 14.1.1 GIT Frequency of
Occurrence

Related
Issues:

Environment: Attachments:

Description: {code}
codec_g726.c:678:25: runtime error: left shift of negative value -12
#0 0x7fe47cafef91 (/tmp/asterisk-testsuite/86ef220a01cc7fa06596ddd595bec9bf/run_1/ast1/usr/lib/asterisk/modules/codec_g726.so+0x10f91)
#1 0x7fe47cb002fc (/tmp/asterisk-testsuite/86ef220a01cc7fa06596ddd595bec9bf/run_1/ast1/usr/lib/asterisk/modules/codec_g726.so+0x122fc)
#2 0x9605d1 in framein /usr/src/asterisk/main/translate.c:423
#3 0x962d93 in generate_computational_cost /usr/src/asterisk/main/translate.c:672
#4 0x96857e in __ast_register_translator /usr/src/asterisk/main/translate.c:1217
#5 0x7fe47cb0083e (/tmp/asterisk-testsuite/86ef220a01cc7fa06596ddd595bec9bf/run_1/ast1/usr/lib/asterisk/modules/codec_g726.so+0x1283e)
#6 0x76089c in start_resource /usr/src/asterisk/main/loader.c:1029
#7 0x763941 in load_resource_list /usr/src/asterisk/main/loader.c:1293
#8 0x764e6e in load_modules /usr/src/asterisk/main/loader.c:1454
#9 0x4bf34f in asterisk_daemon /usr/src/asterisk/main/asterisk.c:4616
#10 0x4be642 in main /usr/src/asterisk/main/asterisk.c:4373
#11 0x7fe4ad989b44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21b44)
#12 0x433918 (/usr/sbin/asterisk+0x433918)
{code}

second place:
{code}
codec_g726.c:621:25: runtime error: left shift of negative value -12
#0 0x7fe47cafeb01 (/tmp/asterisk-testsuite/86ef220a01cc7fa06596ddd595bec9bf/run_1/ast1/usr/lib/asterisk/modules/codec_g726.so+0x10b01)
#1 0x7fe47caffdd1 (/tmp/asterisk-testsuite/86ef220a01cc7fa06596ddd595bec9bf/run_1/ast1/usr/lib/asterisk/modules/codec_g726.so+0x11dd1)
#2 0x9605d1 in framein /usr/src/asterisk/main/translate.c:423
#3 0x962d93 in generate_computational_cost /usr/src/asterisk/main/translate.c:672
#4 0x96857e in __ast_register_translator /usr/src/asterisk/main/translate.c:1217
#5 0x7fe47cb007e0 (/tmp/asterisk-testsuite/86ef220a01cc7fa06596ddd595bec9bf/run_1/ast1/usr/lib/asterisk/modules/codec_g726.so+0x127e0)
#6 0x76089c in start_resource /usr/src/asterisk/main/loader.c:1029
#7 0x763941 in load_resource_list /usr/src/asterisk/main/loader.c:1293
#8 0x764e6e in load_modules /usr/src/asterisk/main/loader.c:1454
#9 0x4bf34f in asterisk_daemon /usr/src/asterisk/main/asterisk.c:4616
#10 0x4be642 in main /usr/src/asterisk/main/asterisk.c:4373
#11 0x7fe4ad989b44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21b44)
#12 0x433918 (/usr/sbin/asterisk+0x433918)
{code}

{code}
root@0bfa9456f68a:/usr/src/asterisk# git log
commit 6b1c55dc9be90904363dbcf958a9fcc243c85629
Author: George Joseph <gjoseph@digium.com>
Date: Fri Oct 28 15:59:19 2016 -0600

pjproject_bundled: Fix issue where "/version.mak" wasn't found

root@0bfa9456f68a:/usr/src/asterisk# git branch
* 13

{code}

on module load...

Comments: By: Asterisk Team (asteriskteam) 2016-10-30 14:06:21.541-0500

Thanks for creating a report! The issue has entered the triage process. That means the issue will wait in this status until a Bug Marshal has an opportunity to review the issue. Once the issue has been reviewed you will receive comments regarding the next steps towards resolution.

A good first step is for you to review the [Asterisk Issue Guidelines|https://wiki.asterisk.org/wiki/display/AST/Asterisk+Issue+Guidelines] if you haven't already. The guidelines detail what is expected from an Asterisk issue report.

Then, if you are submitting a patch, please review the [Patch Contribution Process|https://wiki.asterisk.org/wiki/display/AST/Patch+Contribution+Process].
By: Corey Farrell (coreyfarrell) 2016-10-30 14:33:54.399-0500

This is not necessarily a bug. Left shift of a negative value may not make sense from human mathematical rules, but that doesn't automatically make it invalid for a computer algorithm.

For this ticket to be reopened I would want to see a reproducible example of the codec translation introducing an audio problem (distortion, clicks, change of audio tone). Without proof of a real world problem the risk of changing this is too high.
By: Badalian Vyacheslav (slavon) 2016-10-30 15:01:03.005-0500

I think will need to add
{code}
__attribute__((no_sanitize("integer")))
{code}
By: Asterisk Team (asteriskteam) 2016-10-30 15:01:03.279-0500

This issue has been reopened as a result of your commenting on it as the reporter. It will be triaged once again as applicable.
By: Corey Farrell (coreyfarrell) 2016-10-30 19:44:47.818-0500

Please give it a try, verify it resolves the issue for you. To merge it I think we'll need a configure.ac check to see if the no_sanitize attribute is supported.
By: Asterisk Team (asteriskteam) 2016-11-18 12:00:01.439-0600

Suspended due to lack of activity. This issue will be automatically re-opened if the reporter posts a comment. If you are not the reporter and would like this re-opened please create a new issue instead. If the new issue is related to this one a link will be created during the triage process. Further information on issue tracker usage can be found in the Asterisk Issue Guidlines [1].

[1] https://wiki.asterisk.org/wiki/display/AST/Asterisk+Issue+Guidelines