[sr-dev] [kamailio/kamailio] Regression on app_lua after ASLR enable (Issue #3202)

Boris Korzun notifications at github.com
Wed Jul 27 11:04:28 CEST 2022 

### Description

There's a regression after enabling Address Space Layout Randomization (ASLR). Kamailio causes SIGSEGV while loading `app_lua` (or other KEMI Interpreters probably).

### Troubleshooting

#### Reproduction

The regression has appeared after update FreeBSD kernel to https://github.com/freebsd/freebsd-src/commit/10192e77cfacd1f27601882af61883be4d3ec58d

Kamailio falls after `loadmodule "app_lua.so"` in `kamailio.cfg`.

#### Debugging Data

```
root at server:/usr/jails/containers/kamailio/var/coredump/986# jexec kamailio lldb -c /var/coredump/986/kamailio.13521.core -- /usr/local/sbin/kamailio
(lldb) target create "/usr/local/sbin/kamailio" --core "/var/coredump/986/kamailio.13521.core"
Core file '/var/coredump/986/kamailio.13521.core' (x86_64) was loaded.
(lldb) bt all
* thread #1, name = 'kamailio', stop reason = signal SIGSEGV
  * frame #0: 0x0000000825b61350 libc.so.7`strncmp(s1=<unavailable>, s2=<unavailable>, n=<unavailable>) at strncmp.c:47:7
    frame #1: 0x00000000003fc394 kamailio`sr_kemi_modules_add(klist=0x0000000861afb410) at kemi.c:3392:8
    frame #2: 0x0000000861ae6154 app_lua.so`mod_register(path="/usr/local/lib/kamailio/modules/app_lua.so", dlflags=0x0000000821805b48, p1=0x0000000000000000, p2=0x0000000000000000) at app_lua_mod.c:605:2
    frame #3: 0x00000000005e4b30 kamailio`load_module(mod_path="app_lua.so") at sr_module.c:592:7
    frame #4: 0x0000000000885936 kamailio`yyparse at cfg.y:1965:8
    frame #5: 0x00000000002ff384 kamailio`main(argc=7, argv=0x000000082180a848) at main.c:2506:6
    frame #6: 0x00000000002ddd90 kamailio`_start(ap=<unavailable>, cleanup=<unavailable>) at crt1_c.c:75:7
```

`_sr_kemi_modules[].mname.s` for `app_lua` points to incorrect data after second call `mod_register()@app_lua_mod.c` from `load_module()@sr_module.c` (reloading the module for setting correct `dlflags`).

#### Log Messages

```
08:35:53.689647 DEBUG: <core> [core/cfg.y:1964]: yyparse(): loading module kemix.so
08:35:53.689684 DEBUG: <core> [core/sr_module.c:516]: ksr_locate_module(): found module to load </usr/local/lib/kamailio/modules/kemix.so>
08:35:53.689698 DEBUG: <core> [core/sr_module.c:566]: load_module(): trying to load </usr/local/lib/kamailio/modules/kemix.so>
08:35:53.689796 DEBUG: <core> [core/kemi.c:3398]: sr_kemi_modules_add(): adding module: kx
08:35:53.689847 DEBUG: <core> [core/cfg.lex:2039]: pp_define(): defining id: MOD_kemix
08:35:53.689895 DEBUG: <core> [core/cfg.y:1964]: yyparse(): loading module app_lua.so
08:35:53.689931 DEBUG: <core> [core/sr_module.c:516]: ksr_locate_module(): found module to load </usr/local/lib/kamailio/modules/app_lua.so>
08:35:53.689948 DEBUG: <core> [core/sr_module.c:566]: load_module(): trying to load </usr/local/lib/kamailio/modules/app_lua.so>
08:35:53.690418 DEBUG: <core> [core/kemi.c:3494]: sr_kemi_eng_register(): registered config routing enginge [lua]
08:35:53.690444 DEBUG: <core> [core/kemi.c:3398]: sr_kemi_modules_add(): adding module: app_lua
```

### Possible Solutions

Temporary solution is disabling ASLR, ex. FreeBSD:
```
# sysctl kern.elf64.aslr.enable=0
# sysctl kern.elf64.aslr.pie_enable=0
``` 

### Additional Information

  * **Kamailio Version** - output of `kamailio -v`

```
version: kamailio 5.6.1 (x86_64/freebsd) b36a13
flags: USE_TCP, USE_TLS, USE_SCTP, TLS_HOOKS, USE_RAW_SOCKS, DISABLE_NAGLE, USE_MCAST, DNS_IP_HACK, SHM_MMAP, PKG_MALLOC, Q_MALLOC, F_MALLOC, TLSF_MALLOC, DBG_SR_MEMORY, FAST_LOCK-ADAPTIVE_WAIT, USE_DNS_CACHE, USE_DNS_FAILOVER, USE_NAPTR, USE_DST_BLOCKLIST, HAVE_RESOLV_RES, TLS_PTHREAD_MUTEX_SHARED
ADAPTIVE_WAIT_LOOPS 1024, MAX_RECV_BUFFER_SIZE 262144, MAX_URI_SIZE 1024, BUF_SIZE 65535, DEFAULT PKG_SIZE 8MB
poll method support: poll, select, kqueue.
id: b36a13 
compiled on 08:12:34 Jul 27 2022 with cc FreeBSD clang version 14.0.5 (https://github.com/llvm/llvm-project.git llvmorg-14.0.5-0-gc12386ae247c)
```

5.5.4 is affected too

* **Operating System**:

```
FreeBSD 13/stable
```


-- 
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/3202
You are receiving this because you are subscribed to this thread.

Message ID: <kamailio/kamailio/issues/3202 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-dev/attachments/20220727/263924a0/attachment.htm>

More information about the sr-dev mailing list