[CRASH] Segfault with Python Module

OpenSIPS version you are running

version: opensips 3.4.8 (x86_64/linux)
flags: STATS: On, DISABLE_NAGLE, USE_MCAST, SHM_MMAP, PKG_MALLOC, Q_MALLOC, F_MALLOC, HP_MALLOC, DBG_MALLOC, FAST_LOCK-ADAPTIVE_WAIT
ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144, MAX_LISTEN 16, MAX_URI_SIZE 1024, BUF_SIZE 65535
poll method support: poll, epoll, sigio_rt, select.
git revision: bcbfaf83a
main.c compiled on 18:10:41 Oct 16 2024 with gcc 12

Crash Core Dump

└─# gdb /usr/local/sbin/opensips /usr/local/etc/opensips/core
GNU gdb (Debian 13.1-3) 13.1
Copyright (C) 2023 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<https://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /usr/local/sbin/opensips...

warning: Can't open file /dev/zero (deleted) during file-backed mapping note processing
[New LWP 2594457]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Core was generated by `opensips -w /usr/local/etc/opensips/'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  mod_init () at python_mod.c:107
107             bname[i - 3] = '\0';
(gdb)

2024-10-16T18:30:45.456447+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:core:db_free_columns: freeing result columns at 0x7f10204e7978
2024-10-16T18:30:45.456553+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:core:db_free_rows: freeing 3 rows
2024-10-16T18:30:45.456653+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:core:db_free_row: freeing row values at 0x7f10204e7ac0
2024-10-16T18:30:45.456756+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:core:db_free_row: freeing row values at 0x7f10204e7bc0
2024-10-16T18:30:45.456875+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:core:db_free_row: freeing row values at 0x7f10204e7cc0
2024-10-16T18:30:45.456978+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:core:db_free_rows: freeing rows at 0x7f10204e7a90
2024-10-16T18:30:45.457081+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:core:db_free_result: freeing result set at 0x7f10204e7910
2024-10-16T18:30:45.457183+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:permissions:reload_address_table: address table reloaded successfully.
2024-10-16T18:30:45.457293+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:core:pool_remove: removing connection from the pool
2024-10-16T18:30:45.457395+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:core:init_mod: register MI for permissions
2024-10-16T18:30:45.457496+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:core:init_mod: initializing module dialplan
2024-10-16T18:30:45.457598+05:30 Debian /usr/local/sbin/opensips[2588459]: INFO:dialplan:mod_init: initializing module...
2024-10-16T18:30:45.457717+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:core:_create_new_group: adding new group [dialplan]
2024-10-16T18:30:45.457819+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:dialplan:dp_print_list: Partition=[default] url=[mysql://opensips:opensipsrw@localhost/opensips] table=[dialplan] next=[(nil)]
2024-10-16T18:30:45.457930+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:dialplan:init_data: Adding partition with name [default]
2024-10-16T18:30:45.458032+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:core:find_mod_export: found <db_bind_api> in module db_mysql [/usr/local/lib64/opensips/modules/]
2024-10-16T18:30:45.458132+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:core:db_bind_mod: using db bind api for db_mysql
2024-10-16T18:30:45.458234+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:core:db_do_init: connection 0x7f10204e93e8 not found in pool
2024-10-16T18:30:45.458356+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:db_mysql:db_mysql_connect: opening connection: mysql://xxxx:xxxx@localhost/opensips
2024-10-16T18:30:45.458469+05:30 Debian kernel: [10031217.682813] opensips[2588459]: segfault at 7f10100a28f7 ip 00007f101009dced sp 00007ffd37e15a50 error 7 in python.so[7f101009c000+6000] likely on CPU 7 (core 7, socket 0)
2024-10-16T18:30:45.458460+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:db_mysql:db_mysql_connect: connection type is Localhost via UNIX socket
2024-10-16T18:30:45.458504+05:30 Debian kernel: [10031217.689179] Code: f9 6f 48 0f 45 d0 48 8d 74 13 fd 80 3e 2e 0f 85 6e 02 00 00 80 7c 13 fe 70 0f 85 63 02 00 00 80 7c 13 ff 79 0f 85 58 02 00 00 <c6> 06 00 48 8b 3d a9 76 00 00 e8 f4 e3 ff ff 48 89 c5 80 38 00 0f
2024-10-16T18:30:45.458831+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:db_mysql:db_mysql_connect: protocol version is 10
2024-10-16T18:30:45.459052+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:db_mysql:db_mysql_connect: server version is 10.11.6-MariaDB-0+deb12u1
2024-10-16T18:30:45.459161+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:core:db_do_init: connection 0x7f10204e93e8 inserted in pool as 0x7f10204e72f8
2024-10-16T18:30:45.459264+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:db_mysql:mysql_raise_event: MySQL status has not changed: connected
2024-10-16T18:30:45.459365+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:core:db_new_result: allocate 48 bytes for result set at 0x7f10204e7470
2024-10-16T18:30:45.459467+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:db_mysql:db_mysql_get_columns: 1 columns returned from the query
2024-10-16T18:30:45.459572+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:core:db_allocate_columns: allocate 28 bytes for result columns at 0x7f10204e74d8
2024-10-16T18:30:45.459676+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:db_mysql:db_mysql_get_columns: RES_NAMES(0x7f10204e74e0)[0]=[table_version]
2024-10-16T18:30:45.459778+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:db_mysql:db_mysql_get_columns: use DB_INT result type
2024-10-16T18:30:45.459899+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:core:db_allocate_rows: allocate 48 bytes for result rows and values at 0x7f10204e7530
2024-10-16T18:30:45.460057+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:db_mysql:db_mysql_str2val: converting INT [5]
2024-10-16T18:30:45.460178+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:core:db_free_columns: freeing result columns at 0x7f10204e74d8
2024-10-16T18:30:45.460284+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:core:db_free_rows: freeing 1 rows
2024-10-16T18:30:45.460386+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:core:db_free_row: freeing row values at 0x7f10204e7540
2024-10-16T18:30:45.460489+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:core:db_free_rows: freeing rows at 0x7f10204e7530
2024-10-16T18:30:45.460591+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:core:db_free_result: freeing result set at 0x7f10204e7470
2024-10-16T18:30:45.460694+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:core:pool_remove: removing connection from the pool
2024-10-16T18:30:45.460803+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:dialplan:dp_add_connection: Added dialplan partition [default] table [dialplan].
2024-10-16T18:30:45.460930+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:core:sr_register_identifier: adding new identifier [default] to group [dialplan]
2024-10-16T18:30:45.461039+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:core:init_mod: register MI for dialplan
2024-10-16T18:30:45.461141+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:core:init_mod: initializing module event_route
2024-10-16T18:30:45.461261+05:30 Debian /usr/local/sbin/opensips[2588459]: NOTICE:event_route:mod_init: initializing module ...
2024-10-16T18:30:45.461363+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:core:init_mod: initializing module avpops
2024-10-16T18:30:45.461466+05:30 Debian /usr/local/sbin/opensips[2588459]: INFO:avpops:avpops_init: initializing...
2024-10-16T18:30:45.461568+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:core:is_mod_func_used: function avp_db_query found to be used in script
2024-10-16T18:30:45.461678+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:core:find_mod_export: found <db_bind_api> in module db_mysql [/usr/local/lib64/opensips/modules/]
2024-10-16T18:30:45.461801+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:core:db_bind_mod: using db bind api for db_mysql
2024-10-16T18:30:45.461902+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:core:is_mod_func_used: function avp_db_query found to be used in script
2024-10-16T18:30:45.462003+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:core:init_mod: initializing module python
2024-10-16T18:30:45.462113+05:30 Debian /usr/local/sbin/opensips[2588459]: CRITICAL:core:sig_usr: segfault in attendant (starter) process!
2024-10-16T18:30:45.462217+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:core:restore_segv_handler: restoring SIGSEGV handler...
2024-10-16T18:30:45.462375+05:30 Debian /usr/local/sbin/opensips[2588459]: DBG:core:restore_segv_handler: successfully restored system SIGSEGV handler
2024-10-16T18:30:45.467596+05:30 Debian opensips: DBG:core:wait_status_code: read code 0 (0 byte)
2024-10-16T18:30:45.467766+05:30 Debian opensips: INFO:core:daemonize: pre-daemon process exiting with -1
2024-10-16T18:30:45.470988+05:30 Debian systemd[1]: opensips.service: Control process exited, code=exited, status=255/EXCEPTION
2024-10-16T18:30:45.471449+05:30 Debian systemd[1]: opensips.service: Failed with result 'exit-code'.
2024-10-16T18:30:45.472475+05:30 Debian systemd[1]: Failed to start opensips.service - OpenSIPS is a very fast and flexible SIP (RFC3261) server.
2024-10-16T18:30:45.771320+05:30 Debian systemd[1]: opensips.service: Scheduled restart job, restart counter is at 5.
2024-10-16T18:30:45.771968+05:30 Debian systemd[1]: Stopped opensips.service - OpenSIPS is a very fast and flexible SIP (RFC3261) server.
2024-10-16T18:30:45.772186+05:30 Debian systemd[1]: opensips.service: Start request repeated too quickly.
2024-10-16T18:30:45.772307+05:30 Debian systemd[1]: opensips.service: Failed with result 'exit-code'.
2024-10-16T18:30:45.772755+05:30 Debian systemd[1]: Failed to start opensips.service - OpenSIPS is a very fast and flexible SIP (RFC3261) server.

Describe the traffic that generated the bug

To Reproduce

Upon starting the opensips service with python module enabled, I encounter a
segmentation fault.

Relevant System Logs

OS/environment information

Operating System: ` Debian GNU/Linux 12 (bookworm)
/usr/bin/python -V Python 3.11.2

OpenSIPS installation:git clone --recursive https://github.com/OpenSIPS/opensips.git -b 3.4 opensips-3.4 -->

@sobomax

cfg

#
# OpenSIPS residential configuration script
#     by OpenSIPS Solutions <team@opensips-solutions.com>
#
# This script was generated via "make menuconfig", from
#   the "Residential" scenario.
# You can enable / disable more features / functionalities by
#   re-generating the scenario with different options.#
#
# Please refer to the Core CookBook at:
#      https://opensips.org/Resources/DocsCookbooks
# for a explanation of possible statements, functions and parameters.
#

####### Global Parameters #########

/* uncomment the following lines to enable debugging */
#debug_mode=yes

log_level=3
xlog_level=3
log_stderror=no
log_facility=LOG_LOCAL0

udp_workers=4

/* uncomment the next line to enable the auto temporary blacklisting of
   not available destinations (default disabled) */
#disable_dns_blacklist=no

/* uncomment the next line to enable IPv6 lookup after IPv4 dns
   lookup failures (default disabled) */
#dns_try_ipv6=yes

socket=udp:127.0.0.1:5060   # CUSTOMIZE ME

####### Modules Section ########

#set module path
mpath="/usr/local/lib64/opensips/modules/"

#### SIGNALING module
loadmodule "signaling.so"

#### StateLess module
loadmodule "sl.so"

#### Transaction Module
loadmodule "tm.so"
modparam("tm", "fr_timeout", 5)
modparam("tm", "fr_inv_timeout", 30)
modparam("tm", "restart_fr_on_each_reply", 0)
modparam("tm", "onreply_avp_mode", 1)

#### Record Route Module
loadmodule "rr.so"
/* do not append from tag to the RR (no need for this script) */
modparam("rr", "append_fromtag", 0)

#### MAX ForWarD module
loadmodule "maxfwd.so"

#### SIP MSG OPerationS module
loadmodule "sipmsgops.so"

#### FIFO Management Interface
loadmodule "mi_fifo.so"
modparam("mi_fifo", "fifo_name", "/tmp/opensips_fifo")
modparam("mi_fifo", "fifo_mode", 0666)

#### USeR LOCation module
loadmodule "usrloc.so"
modparam("usrloc", "nat_bflag", "NAT")
modparam("usrloc", "working_mode_preset", "single-instance-no-db")

#### REGISTRAR module
loadmodule "registrar.so"
modparam("registrar", "tcp_persistent_flag", "TCP_PERSISTENT")
/* uncomment the next line not to allow more than 10 contacts per AOR */
#modparam("registrar", "max_contacts", 10)

#### ACCounting module
loadmodule "acc.so"
/* what special events should be accounted ? */
modparam("acc", "early_media", 0)
modparam("acc", "report_cancels", 0)
/* by default we do not adjust the direct of the sequential requests.
   if you enable this parameter, be sure to enable "append_fromtag"
   in "rr" module */
modparam("acc", "detect_direction", 0)

loadmodule "proto_udp.so"

#### Python module
loadmodule "python.so"
####### Routing Logic ########

# main request routing logic

route{

        if (!mf_process_maxfwd_header(10)) {
                send_reply(483,"Too Many Hops");
                exit;
        }

        if (has_totag()) {

                # handle hop-by-hop ACK (no routing required)
                if ( is_method("ACK") && t_check_trans() ) {
                        t_relay();
                        exit;
                }

                # sequential request within a dialog should
                # take the path determined by record-routing
                if ( !loose_route() ) {
                        # we do record-routing for all our traffic, so we should not
                        # receive any sequential requests without Route hdr.
                        send_reply(404,"Not here");
                        exit;
                }

                if (is_method("BYE")) {
                        # do accounting even if the transaction fails
                        do_accounting("log","failed");
                }

                # route it out to whatever destination was set by loose_route()
                # in $du (destination URI).
                route(relay);
                exit;
        }

        # CANCEL processing
        if (is_method("CANCEL")) {
                if (t_check_trans())
                        t_relay();
                exit;
        }

        # absorb retransmissions, but do not create transaction
        t_check_trans();

        if ( !(is_method("REGISTER")  ) ) {

                if (is_myself("$fd")) {

                } else {
                        # if caller is not local, then called number must be local

                        if (!is_myself("$rd")) {
                                send_reply(403,"Relay Forbidden");
                                exit;
                        }
                }

        }

        # preloaded route checking
        if (loose_route()) {
                xlog("L_ERR",
                        "Attempt to route with preloaded Route's [$fu/$tu/$ru/$ci]");
                if (!is_method("ACK"))
                        send_reply(403,"Preload Route denied");
                exit;
        }

        # record routing
        if (!is_method("REGISTER|MESSAGE"))
                record_route();

        # account only INVITEs
        if (is_method("INVITE")) {

                do_accounting("log");
        }

        if (!is_myself("$rd")) {
                append_hf("P-hint: outbound\r\n");

                route(relay);
        }

        # requests for my domain

        if (is_method("PUBLISH|SUBSCRIBE")) {
                send_reply(503, "Service Unavailable");
                exit;
        }

        if (is_method("REGISTER")) {
                # store the registration and generate a SIP reply
                if (!save("location"))
                        xlog("failed to register AoR $tu\n");

                exit;
        }

        if ($rU==NULL) {
                # request with no Username in RURI
                send_reply(484,"Address Incomplete");
                exit;
        }

        # do lookup with method filtering
        if (!lookup("location","m")) {
                t_reply(404, "Not Found");
                exit;
        }

        # when routing via usrloc, log the missed calls also
        do_accounting("log","missed");
        route(relay);
}

route[relay] {
        # for INVITEs enable some additional helper routes
        if (is_method("INVITE")) {
                t_on_branch("per_branch_ops");
                t_on_reply("handle_nat");
                t_on_failure("missed_call");
        }

        if (!t_relay()) {
                send_reply(500,"Internal Error");
        }
        exit;
}

branch_route[per_branch_ops] {
        xlog("new branch at $ru\n");
}

onreply_route[handle_nat] {
        xlog("incoming reply\n");
}

failure_route[missed_call] {
        if (t_was_cancelled()) {
                exit;
        }

        # uncomment the following lines if you want to block client
        # redirect based on 3xx replies.
        ##if (t_check_status("3[0-9][0-9]")) {
        ##t_reply(404,"Not found");
        ##      exit;
        ##}

}

OpenSIPS / opensips

[CRASH] Segfault with Python Module #3495