[Bug 2049197] Re: ruby_xfree segmentation fault

Lucas Kanashiro Thu, 21 Mar 2024 14:35:49 -0700

** Description changed:

+ [Impact]
+ 
+ Users might face a segfault when using ruby_free.
+ 
+ [Test Plan]
+ 
+ # apt update && apt install -y ruby ruby-nokogiri
+ # cat > reproducer.rb <<EOF
+ require 'nokogiri'
+ 
+ # must have an error in it to cause pthread_setspecific to be called
+ html = "<div foo='asdf>asdf</div>"
+ 
+ Thread.new { Nokogiri::HTML4::Document.parse(html) }
+ sleep 3 # THREAD_CACHE_TIME
+ 
+ exit 0
+ EOF
+ # while true; do ruby reproducer.rb; done
+ 
+ After a while (this may take several minutes to manifest) I got the
+ reported error:
+ 
+ [BUG] Segmentation fault at 0x0000000000000440[BUG] Segmentation fault at 
0x0000000000000440
+ ruby 3.0.2p107 (2021-07-07 revision 0db68f0233) [x86_64-linux-gnu]
+ 
+ -- Machine register context ------------------------------------------------
+  RIP: 0x00007c8ec2ac2fcb RBP: 0x000059ae2e596d20 RSP: 0x00007c8ebc5fed70
+  RAX: 0x0000000000000000 RBX: 0x00007c8ebc5ff640 RCX: 0x0000000000000006
+  RDX: 0x0000000000000002[BUG] [BUG] Segmentation fault at 0x0000000000000440
+ ruby 3.0.2p107 (2021-07-07 revision 0db68f0233) [x86_64-linux-gnu]
+ 
+ -- Machine register context ------------------------------------------------
+  RIP: 0x000075c4b4ec2fcb RBP: 0x000062693580e190 RSP: 0x000075c4ae9fed70
+  RAX: 0x0000000000000000 RBX: 0x000075c4ae9ff640 RCX: 0x0000000000000006
+  RDX: 0x0000000000000002 RDI: 0x000062693580e190 RSI: 0x0000000000000000
+   R8: 0x000075c4ae9fede4 R9: 0x00000000000000ca R10: 0x0000000000000000
+  R11: 0x0000000000000246 R12: 0x000075c4b5170b40
+  R13: 0x000075c4ae9fedc0
+ 
+ The fixed package should not segfault under this condition.
+ 
+ [Where Problems could occur]
+ 
+ The upstream patch to fix this tries to address a timing issue, where
+ depending on the order of things might cause a segfault. The assumption
+ might not be true and users could still get a segfault under some very
+ specific scenario that was not initially considered.
+ 
+ [Original Description]
+ 
  After looking through the source it seems there is a bug in all current
  ruby3.X packages affecting at least versions >=22.04 that causes
  segfault relatively rarely. Even though rare with repetitions running
  small wrappers it will be seen quite a bit, up to dozens of times in a
  day.
  
  There exists a patch upstream, could that be picked to Ubuntu repo(s)?
  
  The fix and other resources:
  https://github.com/ruby/ruby/pull/7663
  https://bugs.ruby-lang.org/issues/19580
  
https://gitlab.com/gitlab-org/omnibus-gitlab/-/commit/bd949e2b40cc434a1e4d72be2bff6523e8a91904


-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2049197

Title:
  ruby_xfree segmentation fault

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ruby3.0/+bug/2049197/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2049197] Re: ruby_xfree segmentation fault

Reply via email to