[sr-dev] [kamailio/kamailio] permissions: crash during a RPC reload of trusted (Issue #2909)
Victor Seva
notifications at github.com
Fri Oct 29 11:51:51 CEST 2021
### Description
We are having several customers with crashes during calls to RPC `permissions.trustedReload` even after introducing the basic safety for concurrent RPC reload https://github.com/kamailio/kamailio/commit/c87f5202d778cf110ce0fbbc554310c148e997cb
### Possible solution
It seems that we need to implement locking in order to be sure the memory is not gone in the middle of a read.
#### Reproduction
It's quite difficult to reproduce since `match_hash_table` call has to happen during a RPC reload
#### Debugging Data
```
(gdb) bt full
#0 match_hash_table (table=<optimized out>, msg=msg at entry=0x7fc3d800a808, src_ip_c_str=src_ip_c_str at entry=0x7fc3d7f217b8 "A.A.A.A", proto=proto at entry=1,
from_uri=from_uri at entry=0x7fc3d7f1b750 "sip:fake at B.B.B.B") at hash.c:280
__func__ = "match_hash_table"
ruri = <optimized out>
ruri_string = "sip:41584006001 at B.B.B.B:5060\000\264{\224\377\177\000\000\000\240\200\331\302\177\000\000\300\000\000\000\000\000\000\000\332\003\000\000\000\000\000\000\300\067~\372PV\000\000\000\220
\324m,\233߁\260\341D\334\302\177\000\000\260go\372PV\000\000P\343!\332\302\177\000\000\004\340{\372PV\000\000`;~\372PV\000\000\300\067~\372PV\000\000@\024\000\000\000\000\000\000`\342!\332\302\177\000\000\001\00
0\000\000\000\000\000\000\310\066\204\331\302\177\000\000\000\240\200\331\302\177\000\000\300\000\000\000\000\000\000\000\300\067~\372PV\000\000`;~\372PV\000\000\332\003\000\000\000\000\000\000\000"...
preg = {__buffer = 0x0, __allocated = 0, __used = 224, __syntax = 16843462, __fastmap = 0x0, __translate = 0x0, re_nsub = 0, __can_be_null = 0, __regs_allocated = 0, __fastmap_accurate = 1,
__no_sub = 1, __not_bol = 0, __not_eol = 0, __newline_anchor = 0}
np = 0x455449564e492035
src_ip = {s = 0x7fc3d7f217b8 "A.A.A.A", len = <optimized out>}
val = <optimized out>
count = 0
#1 0x00007fc3d2362765 in allow_trusted (msg=msg at entry=0x7fc3d800a808, src_ip=0x7fc3d7f217b8 "A.A.A.A", proto=proto at entry=1, from_uri=from_uri at entry=0x7fc3d7f1b750 "sip:fake at B.B.B.B")
at trusted.c:499
__func__ = "allow_trusted"
result = <optimized out>
res = 0x0
keys = {0x7fc3d7f1b750}
vals = {{type = 3595139888, nul = 32707, free = -671045624, val = {int_val = -1803829520, ll_val = 140735684525808, double_val = 6.9532666868153257e-310, time_val = 140735684525808,
string_val = 0x7fff947bbef0 "\001", str_val = {s = 0x7fff947bbef0 "\001", len = -94468017}, blob_val = {s = 0x7fff947bbef0 "\001", len = -94468017}, bitmap_val = 2491137776,
uint_val = 2491137776, ull_val = 140735684525808}}}
cols = {0x0, 0x5650fa650c25 <pv_printf+229>, 0x7fff947bb670, 0x0}
#2 0x00007fc3d2363ef3 in allow_trusted_furi (_msg=_msg at entry=0x7fc3d800a808, _src_ip_sp=_src_ip_sp at entry=0x7fc3d6494340 "xEI\326\303\177", _proto_sp=_proto_sp at entry=0x7fc3d64925e0 "\330\375H\326\303\177",
from_uri=0x7fc3d7f1b750 "sip:fake at B.B.B.B") at trusted.c:590
src_ip = {s = 0x7fc3d7f217b8 "A.A.A.A", len = 11}
proto = {s = 0x7fc3d7f27820 "udp", len = 3}
proto_int = 1
__func__ = "allow_trusted_furi"
#3 0x00007fc3d23647d0 in allow_trusted_3 (_msg=0x7fc3d800a808, _src_ip_sp=0x7fc3d6494340 "xEI\326\303\177", _proto_sp=0x7fc3d64925e0 "\330\375H\326\303\177", _from_uri=<optimized out>) at trusted.c:634
from_uri = {s = 0x7fc3d7f1b750 "sip:fake at B.B.B.B", len = 34}
__func__ = "allow_trusted_3"
#4 0x00005650fa513319 in do_action (h=h at entry=0x7fff947bbef0, a=a at entry=0x7fc3d6497b30, msg=msg at entry=0x7fc3d800a808) at core/action.c:1085
```
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/2909
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-dev/attachments/20211029/3aa98640/attachment.htm>
More information about the sr-dev
mailing list