Bug #17943: Segmentation fault in dispatch() - Ruby - Ruby Issue Tracking System

Actions

Copy link

Bug #17943

closed

Segmentation fault in dispatch()

Added by pantras (Philippe ANTRAS) about 4 years ago. Updated about 4 years ago.

Status:

Third Party's Issue

Assignee:

Target version:

ruby -v:

ruby 2.7.3p183 (2021-04-05 revision 6847ee089d) [s390x-linux]

Backport:

2.6: UNKNOWN, 2.7: UNKNOWN, 3.0: UNKNOWN

[ruby-core:104216]

Description

Ruby is crashing due to a segfault in dispatch() while decoding a protobuf message on s390 platform. This occurred with Ruby 2.4.6 and reproduces with 2.7.3.

I believe this is in Ruby, since nm -D /opt/rbenv/versions/2.7.3/lib/ruby/gems/2.7.0/gems/google-protobuf-3.11.0/lib/google/protobuf_c.so does not list any dispatch function.

I isolated the crash in a as small as I could script. The expected result is the display of a Hash. This works on Linux and mac.
I can reproduce it easily, to gather more details.

Attached the reproduction script, and the full output of the Ruby interpreter.
Prerequisite: gem install google-protobuf

Here stack trace, as displayed by gddb:

(gdb) where
#0  0x000003ffa4841370 in raise () from /lib64/libc.so.6
#1  0x000003ffa4842bf8 in abort () from /lib64/libc.so.6
#2  0x000003ffa4ee4e1a in rb_bug_for_fatal_signal () from /opt/rbenv/versions/2.7.3/lib/libruby.so.2.7
#3  0x000003ffa5035530 in sigsegv () from /opt/rbenv/versions/2.7.3/lib/libruby.so.2.7
#4  <signal handler called>
#5  0x000003ffa11413da in dispatch ()
   from /opt/rbenv/versions/2.7.3/lib/ruby/gems/2.7.0/gems/google-protobuf-3.11.0/lib/google/protobuf_c.so
#6  0x000003ffa1142446 in run_decoder_vm ()
   from /opt/rbenv/versions/2.7.3/lib/ruby/gems/2.7.0/gems/google-protobuf-3.11.0/lib/google/protobuf_c.so
#7  0x000003ffa113cde0 in upb_bufsrc_putbuf ()
   from /opt/rbenv/versions/2.7.3/lib/ruby/gems/2.7.0/gems/google-protobuf-3.11.0/lib/google/protobuf_c.so
#8  0x000003ffa1124508 in Message_decode ()
   from /opt/rbenv/versions/2.7.3/lib/ruby/gems/2.7.0/gems/google-protobuf-3.11.0/lib/google/protobuf_c.so
#9  0x000003ffa50b90c6 in vm_call_cfunc () from /opt/rbenv/versions/2.7.3/lib/libruby.so.2.7
#10 0x000003ffa50d7bda in vm_call_method () from /opt/rbenv/versions/2.7.3/lib/libruby.so.2.7
#11 0x000003ffa50c6524 in vm_exec_core () from /opt/rbenv/versions/2.7.3/lib/libruby.so.2.7
#12 0x000003ffa50ccb22 in rb_vm_exec () from /opt/rbenv/versions/2.7.3/lib/libruby.so.2.7
#13 0x000003ffa4eebd50 in rb_ec_exec_node () from /opt/rbenv/versions/2.7.3/lib/libruby.so.2.7
#14 0x000003ffa4ef1b64 in ruby_run_node () from /opt/rbenv/versions/2.7.3/lib/libruby.so.2.7
#15 0x0000000080000a38 in main (argc=2, argv=0x3ffe257e5c8) at ./main.c:50

Files

Download all files

dispatch_crash.out (15 KB) dispatch_crash.out	output	pantras (Philippe ANTRAS), 06/09/2021 07:46 AM
dispatch_crash.rb (1.93 KB) dispatch_crash.rb	repro script	pantras (Philippe ANTRAS), 06/09/2021 07:46 AM

Actions

Copy link

#1 [ruby-core:104217]

Updated by mame (Yusuke Endoh) about 4 years ago

Status changed from Open to Third Party's Issue

It is a static function in protobuf. Please contact on them first.

https://github.com/protocolbuffers/protobuf/blob/v3.11.0/ruby/ext/google/protobuf_c/upb.c#L7015

Actions

Copy link

#2 [ruby-core:104218]

Updated by pantras (Philippe ANTRAS) about 4 years ago

mame (Yusuke Endoh) wrote in #note-1:

It is a static function in protobuf. Please contact on them first.
Thanks for you analysis and quick response. I submitted https://github.com/protocolbuffers/protobuf/issues/8716.

Actions

Copy link

Also available in: Atom PDF

Like0

Like0Like0

Project

General

Profile

Ruby

Tags

Custom queries

Bug #17943

Segmentation fault in dispatch()

Updated by mame (Yusuke Endoh) about 4 years ago

Updated by pantras (Philippe ANTRAS) about 4 years ago