[OpenSIPS-Users] Fwd: uac_auth() segfault

Bogdan-Andrei Iancu bogdan at opensips.org
Mon Mar 24 11:24:59 CET 2014 

Hello Justin,

Thank you for the backtrace. In gdb, in frame 1, could you do:
     p uac_auth_api
     p auth

Thanks and Regards,

Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
http://www.opensips-solutions.com

On 20.03.2014 22:32, Justin Zondagh wrote:
> Hi Bogdan,
>
> Bt below:
>
> warning: Can't read pathname for load map: Input/output error.
> [Thread debugging using libthread_db enabled]
> Using host libthread_db library "/lib/i386-linux-gnu/libthread_db.so.1".
> Core was generated by `/usr/src/opensips_1_10/opensips -w /tmp/'.
> Program terminated with signal 11, Segmentation fault.
> #0  0x00000000 in ?? ()
> (gdb) bt full
> #0  0x00000000 in ?? ()
> No symbol table info available.
> #1  0xb6e8770f in uac_auth (msg=0xb6fced80) at auth.c:156
>       auth = <optimized out>
>       auth_nc_cnonce = {nc = 0x0, cnonce = 0x0}
>       crd = <optimized out>
>       code = 401
>       branch = 0
>       rpl = <optimized out>
>       t = 0xb5003910
>       response = 
> "\000\060Y\034\b\000\000\000\000\377\377\377\377\001\001\001\001P\215q\267\000\001\001\001\001\001\001\001\206\377\377\377" 
>
>       new_hdr = <optimized out>
>       __FUNCTION__ = "uac_auth"
> #2  0xb6e8d6ad in w_uac_auth (msg=0xb6fced80, str=0x0, str2=0x0) at 
> uac.c:451
> No locals.
[....]
>
> *
> *
> *Justin Zondagh
> *zondagh at gmail.com <mailto:zondagh at gmail.com>
>
> Cape Town | South Africa
> skype: jrzondagh
> m: +27 72 598 4887 | f: +27 86 546 1405
> uk:**+44 20 328 99610
>
>
> On Sun, Feb 9, 2014 at 7:55 PM, Bogdan-Andrei Iancu 
> <bogdan at opensips.org <mailto:bogdan at opensips.org>> wrote:
>
>     Hello,
>
>     Do you have still have the corefile ? Are you able to extract a
>     backtrace from it . See:
>     http://www.opensips.org/Documentation/TroubleShooting-Crash
>
>     Regards,
>
>     Bogdan-Andrei Iancu
>     OpenSIPS Founder and Developer
>     http://www.opensips-solutions.com
>
>     On 21.01.2014 15:35, Justin Zondagh wrote:
>>     Hi All,
>>
>>     I'm running a compiled version of openSIPS 1.10 on Ubuntu 12.04.
>>
>>     I'm getting a segfault in the uac_auth() function and not too
>>     sure why. I am setting the username, password and realm avps
>>     before I call it.
>>
>>     The 401 comes in back from the UAS and then hits the
>>     failure_route[1], does some stuff and then crashes in what seems
>>     like uac_auth()...
>>
>>     ==== Extract from CFG ====
>>
>>
>>     route[1] {
>>
>>     xlog("L_INFO", "[$ci] Routing this Request");
>>
>>     # for INVITEs enable some additional helper routes
>>     if (is_method("INVITE|SUBSCRIBE|PUBLISH|INFO|MESSAGE|NOTIFY")) {
>>     t_on_branch("2");
>>     t_on_reply("2");
>>     t_on_failure("1");
>>     }
>>
>>     if (!t_relay()) {
>>     sl_reply_error();
>>     }
>>
>>     exit;
>>     }
>>
>>     failure_route[1] {
>>
>>
>>     if (t_check_status("401")) {
>>     xlog("L_INFO","[$ci] Got 401 from Porta \n");
>>                     avp_db_query("select username from
>>     registrant_ip_map where external_ip =
>>     '$(avp(ext_si){s.escape.common})'","$avp(authuser)");
>>
>>     xlog("L_INFO","[$ci] Auth User [$avp(authuser)]");
>>
>>     avp_db_query("select password from registrant where username =
>>     '$(avp(authuser){s.escape.common})'","$avp(authpass)");
>>     $avp(authrealm) = "";
>>
>>     $avp(www) = $(<reply>hdr(WWW-Authenticate));
>>     avp_subst("$avp(www)", "/Digest\s//");
>>     #Get the realm from the www-auth header
>>     $var(numkvp) = $(avp(www){csv.count});
>>     $var(i) = 0;
>>     while($var(i) < $var(numkvp)) {
>>     $var(temp) = $(avp(www){s.select,$var(i),,});
>>     if ($var(temp) =~ "realm.*") {
>>     $avp(authrealm) = $var(temp);
>>     avp_subst("$avp(authrealm)","/(realm=\")(.*)(\")/\2/");
>>     }
>>
>>     $var(i) = $var(i) + 1;
>>     }
>>                     xlog("L_INFO","[$ci] authrealm is
>>     [$avp(authrealm)], authuser is [$avp(authuser)], authpass is
>>     [$avp(authpass)]\n");
>>
>>     #No need for loop prevention as Porta sends 183 early media
>>     recording saying password is wrong, then sends 603
>>     if (uac_auth()) {
>>     xlog("L_INFO","[$ci] Built auth, sending back to Porta\n");
>>
>>     t_on_failure("1");
>>     t_relay();
>>     xlog("L_INFO","[$ci] Relay Auth in INVITE\n");
>>     }
>>     }
>>     if (t_was_cancelled()) {
>>     exit;
>>     }
>>
>>
>>
>>     }
>>
>>
>>     ==== EXTRACT FROM syslog =====
>>
>>     Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
>>     [NjMzOGYxMGJjMGI5NzQzNTE3OWQ1NDBhYzcxMjcxOGU] Auth User [27877009000]
>>     Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
>>     DBG:avpops:ops_dbquery_avps: query [select password from
>>     registrant where username = '27877009000 <tel:27877009000>']
>>     Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
>>     DBG:db_mysql:mysql_raise_event: MySQL status has not changed:
>>     connected
>>     Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
>>     DBG:core:db_new_result: allocate 28 bytes for result set at
>>     0xb73d9a5c
>>     Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
>>     DBG:db_mysql:db_mysql_get_columns: 1 columns returned from the query
>>     Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
>>     DBG:core:db_allocate_columns: allocate 16 bytes for result
>>     columns at 0xb73d9a88
>>     Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
>>     DBG:db_mysql:db_mysql_get_columns:
>>     RES_NAMES(0xb73d9a8c)[0]=[password]
>>     Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
>>     DBG:db_mysql:db_mysql_get_columns: use DB_STRING result type
>>     Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
>>     DBG:core:db_allocate_rows: allocate 28 bytes for result rows and
>>     values at 0xb73d9aa4
>>     Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
>>     DBG:db_mysql:db_mysql_str2val: converting STRING [xxxxxxxx]
>>     Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
>>     DBG:avpops:db_query_avp: rows [1]
>>     Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
>>     DBG:avpops:db_query_avp: row [0]
>>     Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
>>     DBG:avpops:db_close_query: close avp query
>>     Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
>>     DBG:core:db_free_columns: freeing result columns at 0xb73d9a88
>>     Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
>>     DBG:core:db_free_rows: freeing 1 rows
>>     Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
>>     DBG:core:db_free_row: freeing row values at 0xb73d9aac
>>     Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
>>     DBG:core:db_free_rows: freeing rows at 0xb73d9aa4
>>     Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
>>     DBG:core:db_free_result: freeing result set at 0xb73d9a5c
>>     Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
>>     DBG:core:pv_get_spec_value: Found context function 0xb6fa4abd
>>     Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
>>     DBG:core:parse_headers: flags=ffffffffffffffff
>>     Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
>>     DBG:core:get_hdr_field: content_length=0
>>     Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
>>     DBG:core:get_hdr_field: found end of header
>>     Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
>>     DBG:core:subst_run: running. r=0
>>     Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
>>     DBG:core:subst_run: matched (0, 7): [Digest ]
>>     Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
>>     DBG:avpops:ops_subst: subst to 1 avps
>>     Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
>>     DBG:core:parse_csv: Parsing csv for :
>>     [realm="196.28.136.80",nonce="0a88ebc4eb91e7a1e2910f35e76191b6c66f"]
>>     Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
>>     DBG:core:comp_scriptvar: int 26 : 0 / 2
>>     Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
>>     DBG:core:subst_run: running. r=0
>>     Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
>>     DBG:core:subst_run: matched (0, 21): [realm="196.28.136.80"]
>>     Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
>>     DBG:avpops:ops_subst: subst to 1 avps
>>     Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
>>     DBG:core:comp_scriptvar: int 26 : 1 / 2
>>     Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
>>     DBG:core:comp_scriptvar: int 26 : 2 / 2
>>     Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
>>     [NjMzOGYxMGJjMGI5NzQzNTE3OWQ1NDBhYzcxMjcxOGU] authrealm is
>>     [196.28.136.80], authuser is [27877009000], authpass is [xxxxxxxx]
>>     Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
>>     DBG:uac:uac_auth: picked reply is 0xb73ca714, code 401
>>     Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
>>     DBG:core:parse_authenticate_body: <realm>="196.28.136.80" state=2
>>     Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
>>     DBG:core:parse_authenticate_body:
>>     <nonce>="0a88ebc4eb91e7a1e2910f35e76191b6c66f" state=3
>>     Jan 17 12:52:24 opensips4 kernel: [  249.123055] show_signal_msg:
>>     15 callbacks suppressed
>>     Jan 17 12:52:24 opensips4 kernel: [  249.123060] opensips[1939]:
>>     segfault at 0 ip   (null) sp bfde82ec error 14 in
>>     opensips[8048000+1a6000]
>>     Jan 17 12:52:25 opensips4 /usr/src/opensips_1_10/opensips[1956]:
>>     DBG:tm:utimer_routine: timer routine:4,tl=0xb5003a5c next=(nil),
>>     timeout=4600000
>>     Jan 17 12:52:25 opensips4 /usr/src/opensips_1_10/opensips[1968]:
>>     CRITICAL:core:receive_fd: EOF on 21
>>     Jan 17 12:52:25 opensips4 /usr/src/opensips_1_10/opensips[1968]:
>>     DBG:core:handle_ser_child: dead child 10, pid 1939 (shutting down?)
>>     Jan 17 12:52:25 opensips4 /usr/src/opensips_1_10/opensips[1968]:
>>     DBG:core:io_watch_del: io_watch_del op on index -1 21 (0x8213340,
>>     21, -1, 0x0,0x1) fd_no=27 called
>>     Jan 17 12:52:25 opensips4 /usr/src/opensips_1_10/opensips[1967]:
>>     INFO:core:sig_usr: signal 15 received
>>     Jan 17 12:52:25 opensips4 /usr/src/opensips_1_10/opensips[1966]:
>>     INFO:core:sig_usr: signal 15 received
>>     Jan 17 12:52:25 opensips4 /usr/src/opensips_1_10/opensips[1965]:
>>     INFO:core:sig_usr: signal 15 received
>>
>>     ==== Back trace =====
>>
>>     available upon request
>>
>>
>>
>>     Any ideas?
>>
>>     Regards,
>>     *
>>     *
>>     *Justin Zondagh
>>     *zondagh at gmail.com <mailto:zondagh at gmail.com>
>>
>>     Cape Town | South Africa
>>     skype: jrzondagh
>>     m: +27 72 598 4887 <tel:%2B27%2072%20598%204887> | f: +27 86 546
>>     1405 <tel:%2B27%2086%20546%201405>
>>     uk:**+44 20 328 99610 <tel:%2B44%2020%20328%2099610>
>>
>>
>>
>>     _______________________________________________
>>     Users mailing list
>>     Users at lists.opensips.org  <mailto:Users at lists.opensips.org>
>>     http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20140324/730fdb99/attachment-0001.htm>

More information about the Users mailing list