Project

General

Profile

Actions

Bug #17765

open

Segmentation fault when calling String#gsub

Added by lenwood (Paul Martensen) 7 months ago. Updated 7 months ago.

Status:
Open
Priority:
Normal
Assignee:
-
Target version:
-
ruby -v:
ruby 2.7.2p137 (2020-10-01 revision 5445e04352) [x86_64-linux-musl]
[ruby-core:103127]

Description

We recently had a ruby segfault occuring while invoking String#gsub.

The line in the code looks like this:

def sanitize_for_prometheus(string_or_symbol)
  reg = /[^a-zA-Z_0-9]/
  string_or_symbol.to_s.downcase.gsub(reg, '_')
end

And we've tried to replicate the segfault (on a different machine) with this script:

def sanitize_for_prometheus(string_or_symbol)
  reg = /[^a-zA-Z_0-9]/
  string_or_symbol.to_s.downcase.gsub(reg, '_')
end

def rand_string_or_symbol
  @o ||= [('a'..'z').to_a, ('A'..'Z').to_a, (0..9).to_a, '-', '.'].flatten
  str = @o.sample(50).join
  rand > 0.5 ? str.to_sym : str
end

loop { sanitize_for_prometheus rand_string_or_symbol }

But without success so far. I have attached a shortened version of the log file for reference.


Files

segfault.log (60.8 KB) segfault.log lenwood (Paul Martensen), 03/31/2021 11:56 AM
segfault_gsub.rb (343 Bytes) segfault_gsub.rb lenwood (Paul Martensen), 03/31/2021 11:57 AM

Updated by mame (Yusuke Endoh) 7 months ago

It is difficult to identify the problem because the log lacks C level backtrace information maybe due to musl.

Are you using Alpine Linux? If so could you try Debian with glibc?

Updated by byroot (Jean Boussier) 7 months ago

But without success so far.

I wouldn't be surprised if the bug wasn't in gsub itself, but in some C extension that would generate a faulty string on which gsub would trip. I see you have thrift loaded for instance. IIRC that's a binary format parser like protobuf etc, it might be creating strings improperly.

This could prove very hard to track.

Actions

Also available in: Atom PDF