Bug #20020: Segfault running regexp match? - Ruby master - Ruby Issue Tracking System

Actions

Copy link

Bug #20020

open

Segfault running regexp match?

Added by andrea.salicetti@gmail.com (Andrea Salicetti) 12 months ago. Updated 12 months ago.

Status:

Open

Assignee:

Target version:

ruby -v:

3.2.2 (2023-03-30 revision e51014f9c0) [x86_64-darwin23]

Backport:

3.0: UNKNOWN, 3.1: UNKNOWN, 3.2: UNKNOWN

[ruby-core:115466]

Description

Ruby version : ruby 3.2.2 (2023-03-30 revision e51014f9c0) [x86_64-darwin23]

From irb, trying to call match? on this regular expression causes a segmentation falut:

irb(main):001:0> /^((a|c)|\s?){1,3}$/.match?('abc')
=> false

irb(main):002:0> /^((a|c)|\s?){1,3}$/.match?('abc')
(irb):2: [BUG] Segmentation fault at 0x000000061ba998e8
ruby 3.2.2 (2023-03-30 revision e51014f9c0) [x86_64-darwin23]

-- Crash Report log information --------------------------------------------
   See Crash Report log file in one of the following locations:
     * ~/Library/Logs/DiagnosticReports
     * /Library/Logs/DiagnosticReports
   for more details.
Don't forget to include the above Crash Report log file in bug reports.

-- Control frame information -----------------------------------------------
c:0037 p:---- s:0207 e:000206 CFUNC  :match?
c:0036 p:0006 s:0202 e:000201 EVAL   (irb):2 [FINISH]
c:0035 p:---- s:0199 e:000198 CFUNC  :eval
c:0034 p:0020 s:0191 e:000190 METHOD /Users/andreasalicetti/.rbenv/versions/3.2.2/lib/ruby/3.2.0/irb/workspace.rb:119
c:0033 p:0153 s:0183 e:000181 METHOD /Users/andreasalicetti/.rbenv/versions/3.2.2/lib/ruby/3.2.0/irb/context.rb:502
c:0032 p:0119 s:0170 e:000169 BLOCK  /Users/andreasalicetti/.rbenv/versions/3.2.2/lib/ruby/3.2.0/irb.rb:588
c:0031 p:0024 s:0164 e:000163 METHOD /Users/andreasalicetti/.rbenv/versions/3.2.2/lib/ruby/3.2.0/irb.rb:777
c:0030 p:0007 s:0158 e:000157 BLOCK  /Users/andreasalicetti/.rbenv/versions/3.2.2/lib/ruby/3.2.0/irb.rb:567
c:0029 p:0126 s:0153 e:000152 BLOCK  /Users/andreasalicetti/.rbenv/versions/3.2.2/lib/ruby/3.2.0/irb/ruby-lex.rb:267 [FINISH]
c:0028 p:---- s:0149 e:000148 CFUNC  :loop
c:0027 p:0005 s:0145 e:000144 BLOCK  /Users/andreasalicetti/.rbenv/versions/3.2.2/lib/ruby/3.2.0/irb/ruby-lex.rb:249 [FINISH]
c:0026 p:---- s:0142 e:000141 CFUNC  :catch
c:0025 p:0010 s:0137 e:000136 METHOD /Users/andreasalicetti/.rbenv/versions/3.2.2/lib/ruby/3.2.0/irb/ruby-lex.rb:248
c:0024 p:0050 s:0132 E:000dd8 METHOD /Users/andreasalicetti/.rbenv/versions/3.2.2/lib/ruby/3.2.0/irb.rb:566
c:0023 p:0003 s:0127 e:000126 BLOCK  /Users/andreasalicetti/.rbenv/versions/3.2.2/lib/ruby/3.2.0/irb.rb:500 [FINISH]
c:0022 p:---- s:0124 e:000123 CFUNC  :catch
c:0021 p:0050 s:0119 E:000d50 METHOD /Users/andreasalicetti/.rbenv/versions/3.2.2/lib/ruby/3.2.0/irb.rb:499
c:0020 p:0069 s:0113 e:000112 METHOD /Users/andreasalicetti/.rbenv/versions/3.2.2/lib/ruby/3.2.0/irb.rb:421
c:0019 p:0012 s:0107 e:000106 TOP    /Users/andreasalicetti/.rbenv/versions/3.2.2/lib/ruby/gems/3.2.0/gems/irb-1.6.2/exe/irb:11 [FINISH]
c:0018 p:---- s:0104 e:000103 CFUNC  :load
c:0017 p:0078 s:0099 e:000098 TOP    /Users/andreasalicetti/.rbenv/versions/3.2.2/bin/irb:25 [FINISH]
c:0016 p:---- s:0094 e:000093 CFUNC  :load
c:0015 p:0064 s:0089 e:000088 METHOD /Users/andreasalicetti/.rbenv/versions/3.2.2/lib/ruby/site_ruby/3.2.0/bundler/cli/exec.rb:58
c:0014 p:0050 s:0083 e:000082 METHOD /Users/andreasalicetti/.rbenv/versions/3.2.2/lib/ruby/site_ruby/3.2.0/bundler/cli/exec.rb:23
c:0013 p:0034 s:0078 e:000077 METHOD /Users/andreasalicetti/.rbenv/versions/3.2.2/lib/ruby/site_ruby/3.2.0/bundler/cli.rb:492
c:0012 p:0054 s:0073 e:000072 METHOD /Users/andreasalicetti/.rbenv/versions/3.2.2/lib/ruby/site_ruby/3.2.0/bundler/vendor/thor/lib/thor/command.rb:28
c:0011 p:0040 s:0065 e:000064 METHOD /Users/andreasalicetti/.rbenv/versions/3.2.2/lib/ruby/site_ruby/3.2.0/bundler/vendor/thor/lib/thor/invocation.rb:127
c:0010 p:0213 s:0058 e:000057 METHOD /Users/andreasalicetti/.rbenv/versions/3.2.2/lib/ruby/site_ruby/3.2.0/bundler/vendor/thor/lib/thor.rb:527
c:0009 p:0008 s:0045 e:000044 METHOD /Users/andreasalicetti/.rbenv/versions/3.2.2/lib/ruby/site_ruby/3.2.0/bundler/cli.rb:34
c:0008 p:0044 s:0040 e:000039 METHOD /Users/andreasalicetti/.rbenv/versions/3.2.2/lib/ruby/site_ruby/3.2.0/bundler/vendor/thor/lib/thor/base.rb:584
c:0007 p:0022 s:0033 e:000032 METHOD /Users/andreasalicetti/.rbenv/versions/3.2.2/lib/ruby/site_ruby/3.2.0/bundler/cli.rb:28
c:0006 p:0042 s:0028 e:000027 BLOCK  /Users/andreasalicetti/.rbenv/versions/3.2.2/lib/ruby/gems/3.2.0/gems/bundler-2.4.22/exe/bundle:37
c:0005 p:0007 s:0022 e:000021 METHOD /Users/andreasalicetti/.rbenv/versions/3.2.2/lib/ruby/site_ruby/3.2.0/bundler/friendly_errors.rb:117
c:0004 p:0108 s:0017 E:0019b8 TOP    /Users/andreasalicetti/.rbenv/versions/3.2.2/lib/ruby/gems/3.2.0/gems/bundler-2.4.22/exe/bundle:29 [FINISH]
c:0003 p:---- s:0013 e:000012 CFUNC  :load
c:0002 p:0081 s:0008 E:000220 EVAL   /Users/andreasalicetti/.rbenv/versions/3.2.2/bin/bundle:25 [FINISH]
c:0001 p:0000 s:0003 E:001980 DUMMY  [FINISH]

Sometimes this happens the very first time I try to execute the command, some other times I have to try a couple of times to see that Segmentation Fault (but usually within the first 5 attempts).

Files

ruby-2023-11-23-175410.ips (20.2 KB) ruby-2023-11-23-175410.ips

Crash Report log information

andrea.salicetti@gmail.com (Andrea Salicetti), 11/23/2023 04:57 PM

Actions

Copy link

#1 [ruby-core:115468]

Updated by rubyFeedback (robert heiler) 12 months ago

Interesting indeed.

I tested this briefly in a standalone .rb file; first I got
"Aborted (core dumped)", then lateron I got:

false

(Content of that .rb file was simply:)

puts /^((a|c)|\s?){1,3}$/.match?('abc')

It's interesting that this shows a different behaviour. Perhaps
if someone has time, it may be helpful for others to learn
something and explain why this leads to a segfault sometimes
and to no segfault at other times.

Actions

Copy link

#2 [ruby-core:115470]

Updated by nobu (Nobuyoshi Nakada) 12 months ago

It seems reproducing only on IRB, but not without IRB.

$ ruby3.2 -v -e 'p 1000.times.any? {/^((a|c)|\s?){1,3}$/.match?("abc")}'
ruby 3.2.2 (2023-03-30 revision e51014f9c0) [x86_64-darwin22]
false

And does not with 3.3.

Actions

Copy link

#3 [ruby-core:115471]

Updated by andrea.salicetti@gmail.com (Andrea Salicetti) 12 months ago

nobu (Nobuyoshi Nakada) wrote in #note-2:

It seems reproducing only on IRB, but not without IRB.

Actually initially I had the problem running my rspec on Rails 7.0.8.
I reported here the easiest reproducible example.

Actions

Copy link

#4 [ruby-core:115472]

Updated by andrea.salicetti@gmail.com (Andrea Salicetti) 12 months ago

Here is a script to reproduce the same in rails/rspec:

# frozen_string_literal: true

require "bundler/inline"

gemfile(true) do
  source "https://rubygems.org"

  git_source(:github) { |repo| "https://github.com/#{repo}.git" }

  gem "rails", "= 7.0.8"
  gem "rspec"
end

require "active_record"
require "rspec/autorun"

class TestCase
  def matching?(string)
    /^((a|b|c)|\s?){1,3}$/.match?(string)
  end
end

describe TestCase do
  it 'should work' do
    expect(described_class.new.matching?('abc')).to be true
  end

  it 'should not work' do
    expect(described_class.new.matching?('xyz')).to be false
  end
end

Actions

Copy link

Also available in: Atom PDF

Like0

Like0Like0Like0Like0

Project

General

Profile

Ruby » Ruby master

Custom queries

Bug #20020

Segfault running regexp match?

Updated by rubyFeedback (robert heiler) 12 months ago

Updated by nobu (Nobuyoshi Nakada) 12 months ago

Updated by andrea.salicetti@gmail.com (Andrea Salicetti) 12 months ago

Updated by andrea.salicetti@gmail.com (Andrea Salicetti) 12 months ago