public
Created — forked from jnunemaker/fu.md

FUN BUG?!

  • Download Gist
gistfile1.md
Markdown

Posted to the REE Google Group as well: https://groups.google.com/forum/#!topic/emm-ruby/EBkMfFpk40A

A week back I innocently updated Sinatra on an app which in turn updated Rack. Since then, I've had crazy hung passenger processes that just gobble up CPU like it is going out of style.

After spending a few days trying everything I knew to to fix it, today I got help from a friend (Eric Lindvall) and dug in with strace, rbtrace, gdb, and gdb.rb and found the issue. Rack 1.3.0 tests a regex against a URL and it causes things to hang.

Version of REE:

ruby 1.8.7 (2011-02-18 patchlevel 334) [x86_64-linux], MBARI 0x6770, Ruby Enterprise Edition 2011.02

Steps to reproduce:

$ irb
ree-1.8.7-2010.02 :001 > str = "http%3A%2F%2Fwww.google.com%2Furl%3Fsa%3Dt%26source%3Dweb%26cd%3D1%26sqi%3D2%26ved%3D0CCkQFjAA%26url%3Dhttp%253A%252F%252Fnd.edu%252F%26rct%3Dj%"
ree-1.8.7-2010.02 :002 > str =~ /\A(?:%[0-9a-fA-F]{2}|[^%]+)*\z/

The regex is used in Rack 1.3.0: https://github.com/rack/rack/blob/1.3.0/lib/rack/backports/uri/common.rb#L61

When certain urls hit it, rack freezes, the passenger processes freezes, and CPU climbs til it is maxed or you kill it.

I am in no way smart enough to know why it hangs, or how to fix it, but, man, did it kill my last 3 days tracking this down. Hope this helps. If I need to post this somewhere else or any more information is needed, just let me know.

Below are links to some random gists and pasties with gdb stuff that may or may not help:

If you lose the trailing % on the URL it works OK, I wonder if there's a loop in the regex somehow...

Please sign in to comment on this gist.

Something went wrong with that request. Please try again.