Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Segmentation faults #159

Closed
brchristian opened this issue Dec 21, 2016 · 3 comments
Closed

Segmentation faults #159

brchristian opened this issue Dec 21, 2016 · 3 comments
Labels
need info

Comments

@brchristian
Copy link

brchristian commented Dec 21, 2016
edited
Loading

We’re using gem version 4.4.0 in production. I realized that my application was using the deprecated clean syntax, and wanted to run a quick sanity check before changing it to fragment, so I tried the following:

Running via Spring preloader in process 35991
Loading development environment (Rails 5.0.1)
irb(main):001:0> compare_articles = []
=> []
irb(main):002:0> Article.find_each do |a|
irb(main):003:1*   compare_articles << Sanitize.clean(a.body) == Sanitize.fragment(a.body)
irb(main):004:1> end

To my surprise, this reliably causes a segmentation fault!

  Article Load (14.8ms)  SELECT  `articles`.* FROM `articles` ORDER BY `articles`.`id` ASC LIMIT 1000
  Article Load (9.9ms)  SELECT  `articles`.* FROM `articles` WHERE (`articles`.`id` > 1043) ORDER BY `articles`.`id` ASC LIMIT 1000
  Article Load (9.3ms)  SELECT  `articles`.* FROM `articles` WHERE (`articles`.`id` > 2053) ORDER BY `articles`.`id` ASC LIMIT 1000
[BUG] Segmentation fault at 0x007fdc15bfffff
ruby 2.3.3p222 (2016-11-21 revision 56859) [x86_64-darwin16]

-- Crash Report log information --------------------------------------------
   See Crash Report log file under the one of following:                    
     * ~/Library/Logs/CrashReporter                                         
     * /Library/Logs/CrashReporter                                          
     * ~/Library/Logs/DiagnosticReports                                     
     * /Library/Logs/DiagnosticReports                                      
   for more details.                                                        
Don't forget to include the above Crash Report log file in bug reports.     

-- Control frame information -----------------------------------------------
c:0058 p:---- s:0257 e:000256 CFUNC  :(null)

Here is another dump:

Article.find_each { |a| Sanitize.clean a.body }
  Article Load (18.8ms)  SELECT  `articles`.* FROM `articles` ORDER BY `articles`.`id` ASC LIMIT 1000
  Article Load (9.4ms)  SELECT  `articles`.* FROM `articles` WHERE (`articles`.`id` > 1043) ORDER BY `articles`.`id` ASC LIMIT 1000
  Article Load (9.3ms)  SELECT  `articles`.* FROM `articles` WHERE (`articles`.`id` > 2053) ORDER BY `articles`.`id` ASC LIMIT 1000
[BUG] Segmentation fault at 0x007fc7453fffef
ruby 2.3.3p222 (2016-11-21 revision 56859) [x86_64-darwin16]

-- Crash Report log information --------------------------------------------
   See Crash Report log file under the one of following:                    
     * ~/Library/Logs/CrashReporter                                         
     * /Library/Logs/CrashReporter                                          
     * ~/Library/Logs/DiagnosticReports                                     
     * /Library/Logs/DiagnosticReports                                      
   for more details.                                                        
Don't forget to include the above Crash Report log file in bug reports.     

-- Control frame information -----------------------------------------------


-- Machine register context ------------------------------------------------
 rax: 0x00007fc74dd6065b rbx: 0x00000000000000a0 rcx: 0x000000000000001a
 rdx: 0xfffffffff76a06a5 rdi: 0x00007fc745400d40 rsi: 0x00007fc74540000f
 rbp: 0x00007fff55a37940 rsp: 0x00007fff55a37940  r8: 0x0000000000000000
  r9: 0x00007fffbc5e9a50 r10: 0x0000000000000001 r11: 0x00007fc74dd6065a
 r12: 0x00007fff55a37a08 r13: 0x00007fc74dd5f8f0 r14: 0x00007fff55a37990
 r15: 0x00007fff55a37a20 rip: 0x00007fffbc77b0b0 rfl: 0x0000000000010202

-- C level backtrace information -------------------------------------------
0   ruby                                0x000000010a36ad24 rb_vm_bugreport + 388
1   ruby                                0x000000010a206bda rb_bug_context + 490
2   ruby                                0x000000010a2db5a4 sigsegv + 68
3   libsystem_platform.dylib            0x00007fffbc777bba _sigtramp + 26
4   libsystem_platform.dylib            0x00007fffbc77b0b0 _platform_memmove$VARIANT$Haswell + 528

-- Other runtime information -----------------------------------------------

...and a third for good measure:

irb(main):001:0> Article.all.each {|a| Sanitize.fragment (a.body) }
  Article Load (225.2ms)  SELECT `articles`.* FROM `articles`
[BUG] Segmentation fault at 0x007fc7453fffff
ruby 2.3.3p222 (2016-11-21 revision 56859) [x86_64-darwin16]

-- Crash Report log information --------------------------------------------
   See Crash Report log file under the one of following:                    
     * ~/Library/Logs/CrashReporter                                         
     * /Library/Logs/CrashReporter                                          
     * ~/Library/Logs/DiagnosticReports                                     
     * /Library/Logs/DiagnosticReports                                      
   for more details.                                                        
Don't forget to include the above Crash Report log file in bug reports.     

-- Control frame information -----------------------------------------------
c:0050 p:---- s:0210 e:000209 CFUNC

Let me know if there is anything I can do to provide whatever additional information may be helpful.
@rgrove
Copy link
Owner

rgrove commented Dec 23, 2016

Thanks for the report. Can you please provide a runnable reduced test case that I can use to reproduce this issue?

It's unlikely that Sanitize itself is causing the segmentation fault since Sanitize is pure Ruby. It's much more likely to be a bug in a dependency or in Ruby itself, but without a test case I can run to reproduce the issue, I don't have any way to investigate this.

@brchristian
Copy link
Author

Totally fair point, and I haven’t been able to reproduce in a test app. Not sure what might be going on. I’ll just close this issue now, and if anyone else encounters something similar they can probably find this via search. But for now, I think we can leave it be. Cheers!

@nisanthchunduru
Copy link

@rgrove It was probably caused by nokogumbo 1.4.10. I just reproduced it on my laptop

~/code/SupportBee-Rails [r-2.2.3] [deploy_new_html_truncation]% pry
[1] pry(main)> require "sanitize"
=> true
[2] pry(main)> Sanitize.clean("<\r\n")
/Users/nisanth/code/SupportBee-Rails/vendor/bundle/ruby/2.2.0/gems/nokogumbo-1.4.10/lib/nokogumbo.rb:24: [BUG] Segmentation fault at 0x007faa1b3fffe3
ruby 2.2.3p173 (2015-08-18 revision 51636) [x86_64-darwin14]

-- Crash Report log information --------------------------------------------
   See Crash Report log file under the one of following:
     * ~/Library/Logs/CrashReporter
     * /Library/Logs/CrashReporter
     * ~/Library/Logs/DiagnosticReports
     * /Library/Logs/DiagnosticReports
   for more details.

-- Control frame information -----------------------------------------------
c:0034 p:---- s:0139 e:000138 CFUNC  :parse
c:0033 p:0072 s:0135 e:000134 METHOD /Users/nisanth/code/SupportBee-Rails/vendor/bundle/ruby/2.2.0/gems/nokogumbo-1.4.10/lib/nokogumbo.rb:24
c:0032 p:0044 s:0131 e:000130 METHOD ��:123
c:0031 p:0023 s:0124 e:000123 METHOD
c:0030 p:-109480068152971543 s:0119 e:000118 EVAL   [FINISH]
c:0029 p:---- s:0117 e:000116 CFUNC  :eval

See rubys/nokogumbo#50

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
need info
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@rgrove @nisanthchunduru @brchristian