From: "k0kubun (Takashi Kokubun) via ruby-core" <ruby-core@...>
Date: 2024-07-08T22:58:30+00:00
Subject: [ruby-core:118504] [Ruby master Bug#20592] Interrupting Addrinfo causes Segmentation fault on alpine

Issue #20592 has been updated by k0kubun (Takashi Kokubun).

Backport changed from 3.1: UNKNOWN, 3.2: REQUIRED, 3.3: REQUIRED to 3.1: UNKNOWN, 3.2: REQUIRED, 3.3: DONE

ruby_3_3 commit:9d583dd43a24354e8ae58c089cf091c1243e6e60 merged revision(s) commit:fba8aff7, commit:d8c6e91748871ab2287d7703347847fe18a292d2.

----------------------------------------
Bug #20592: Interrupting Addrinfo causes Segmentation fault on alpine
https://bugs.ruby-lang.org/issues/20592#change-109026

* Author: haukot (Dmitry Davydov)
* Status: Closed
* ruby -v: ruby 3.4.0preview1 (2024-05-16 master 9d69619623) [x86_64-linux-musl]
* Backport: 3.1: UNKNOWN, 3.2: REQUIRED, 3.3: DONE
----------------------------------------
On Alpine 3.20 got a segfault when interrupting Addrinfo request which would resolve with error.

Same on 
ruby 3.3.1 (2024-04-23 revision c56cd86388) [x86_64-linux-musl]

Tried on docker image alpine3.20 and ruby:3.4.0-preview1-alpine.

```ruby
# test.rb

require 'socket'
require 'timeout'

begin
  Addrinfo.ip("1234.example.com")
rescue StandardError => e
  puts e
end

sleep 10 # wait getaddrinfo to resolve and fail
```

```
/app # ruby test.rb
execution expired
[BUG] Segmentation fault at 0x0000000000000028
ruby 3.4.0preview1 (2024-05-16 master 9d69619623) [x86_64-linux-musl]

-- Machine register context ------------------------------------------------
 RIP: 0x00007fefe4cd4886 RBP: 0x0000000000000001 RSP: 0x00007fefc95d3a10
 RAX: 0x0000000000000001 RBX: 0x00007fefc94212e0 RCX: 0x00007fefc95d0b70
 RDX: 0x0000000000000010 RDI: 0x0000000000000000 RSI: 0x00007fefc95d08f0
  R8: 0x0000000000000000  R9: 0x0000000000000000 R10: 0x0000000000000000
 R11: 0x0000000000000217 R12: 0x00007fefc9421340 R13: 0x00007fff5a0ec750
 R14: 0x00007fefe4649b10 R15: 0x00007fefc95d3b38 EFL: 0x0000000000010202

-- Other runtime information -----------------------------------------------
```


gdb logs
```
/app # gdb -q --args ruby test.rb
(gdb) run
Starting program: /usr/local/bin/ruby test.rb
warning: Error disabling address space randomization: Operation not permitted
[New LWP 36]
[New LWP 37]
[New LWP 38]
execution expired

Thread 4 "ruby" received signal SIGSEGV, Segmentation fault.
[Switching to LWP 38]
0x00007f0a2c33b886 in freeaddrinfo (p=0x0) at src/network/freeaddrinfo.c:10
warning: 10     src/network/freeaddrinfo.c: No such file or directory
(gdb) bt
#0  0x00007f0a2c33b886 in freeaddrinfo (p=0x0) at src/network/freeaddrinfo.c:10
#1  0x00007f0a10c1e940 in do_getaddrinfo (ptr=0x7f0a10f61200) at raddrinfo.c:426
#2  0x00007f0a2c35c349 in start (p=0x7f0a10afaa88) at src/thread/pthread_create.c:207
#3  0x00007f0a2c35e95f in __clone () at src/thread/x86_64/clone.s:22
Backtrace stopped: frame did not save the PC
(gdb) info args
p = 0x0
```

There are no errors if Addrinfo resolves with data

```ruby
  Timeout.timeout(0.01) { Addrinfo.ip("ruby-lang.org") } # finishes correctly
```

The problem is that freeaddrinfo on alpine does not accept a NULL pointer (ref
https://git.musl-libc.org/cgit/musl/tree/src/network/freeaddrinfo.c)

---Files--------------------------------
segfault.txt (14.1 KB)
segfault_gdb.txt (1.56 KB)


-- 
https://bugs.ruby-lang.org/
 ______________________________________________
 ruby-core mailing list -- ruby-core@ml.ruby-lang.org
 To unsubscribe send an email to ruby-core-leave@ml.ruby-lang.org
 ruby-core info -- https://ml.ruby-lang.org/mailman3/lists/ruby-core.ml.ruby-lang.org/