Comments (10)
thank you @gnufede ,
I'll try the fix with 2.7.1 and let you know if the issue still persists.
from dd-trace-py.
@gnufede It appears unrelated to IAST, thus, I've opened a new issue #8648
from dd-trace-py.
Hi @SabriArslan
Can you help me reproduce this? Do you have any DD_
prefixed environment variables (API key aside)?
For example, are you setting DD_IAST_ENABLED
?
from dd-trace-py.
hi @gnufede ,
Thank you for looking into this, unfortunately i have no steps to reproduce, it happens sporadically and the stack trace is the last thing we see in the logs, and the last log entry before that for the pid is about an access log which took 1948 msecs which has resulted with HTTP 200.
the only configured environment variables for DD are DD_ENV
, DD_AGENT_HOST
and DD_SERVICE
. DD_IAST_ENABLED
is not configured and yet we see IAST in the logs.
from dd-trace-py.
I've no idea if it could be related, but we recently also began seeing consistent seg faults under gunicorn after upgrading google-api-core
to 2.17.0. I've narrowed our issue down to this specific diff: googleapis/python-api-core@v2.16.2...v2.17.0
We're running ddtrace==2.6.0
.
I've set DD_IAST_ENABLED=False
to no effect.
I've set DD_APPSEC_ENABLED=False
to no effect.
I've confirmed settings DD_PATCH_MODULES=grpc:false
eliminates the issue.
I think I've narrowed it down to this specific commit.
from dd-trace-py.
@SabriArslan Are you able to confirm if setting DD_PATCH_MODULES=grpc:false
resolves your error?
Also, since google-api-python-client
pulls in google-api-core
, could you also try pinning google-api-core<2.17
to see if that resolves your error as well?
I'm curious, too, if you could post the output of pip freeze
in your original issue. The package list you provided appears to be incomplete.
from dd-trace-py.
Hi @sstoops ,
I didn't change any setting yet, and did not try DD_PATCH_MODULES=grpc:false
since the error happening with uWSGI and I don't use gRPC directly, and no google-api is used in the last HTTP request before seg fault.
Although I still couldn't verify the intentions of the caller functions of the addresses mentioned in stack trace.
I've updated the pip freeze result, and the version of google-api-core is < 2.17
google-api-core==1.34.1
google-api-python-client==1.11.0
one more update, i have dd-trace-py enabled on two other similar apps with uWSGI with almost same packages and versions, one with v2.5.1 and other with same v2.4.0, and this behavior doesn't exists with both of them.
The one uses dd-trace v2.5.1
uses google-api-core v2.15.0
and the other uses google-api-core v2.14.0
.
So given these I couldn't figure out why same seg fault is not happening with them, and don't know if I need to explicitly disable IAST and APPSEC.
from dd-trace-py.
@SabriArslan @sstoops I haven't been able to reproduce it, but did a couple PRs to:
- address a potential issue with the
atexit
handler, and - avoid importing the IAST native code at all costs if it's disabled, even raising an
ImportError
to be sure we catch it.
With this, hopefully the issue is solved, but don't hesitate to reopen if the problem persists.
from dd-trace-py.
@gnufede Thanks for your swift work! Unfortunately, I'm still seeing segfaults.
- I've fully upgraded to ``ddtrace==2.7.1`
- I've tried each
DD_IAST_ENABLED=False
andDD_APPSEC_ENABLED=False
and then both together to False. - I've confirmed again that disabling ddtrace's
grpc
module resolves the issue.
This may not be useful to you, but in my previous debugging, I'd gotten as far as wrapping this await call.code()
line in log statements and found it to be where the segfault occurs. I didn't dig much beyond this into the cpython module.
Since this is not my ticket, would you like me to open a new one with my details, or continue piggybacking this one?
from dd-trace-py.
Since this is not my ticket, would you like me to open a new one with my details, or continue piggybacking this one?
@sstoops If you don't see anything related to IAST in your stacktrace, the segfault may have a different cause, hence worth opening a different issue. I mean a line like this:
/app/.venv/lib/python3.7/site-packages/ddtrace/appsec/_iast/_taint_tracking/_native.cpython-37m-x86_64-linux-gnu.so(+0x6973d) [0x7f7e3e17573d]
If that kind of line does appear, then we can use this ticket.
Thank you!
from dd-trace-py.
Related Issues (20)
- CI Visibility: source code integration file path incorrect when not running tests from repo root
- AttributeError: 'dict' object has no attribute '__name__' HOT 2
- `inspect.formatargspec()` import error for Python 3.12 on AWS Lambda HOT 2
- ddtrace failure if pytest `no:legacypath` is set HOT 5
- Here's my first simple attempt at replicating this behavior. It makes a bunch of requests to a basic django ASGI app and averages the time they take. HOT 1
- TypeError: operation `LOAD_ATTR` argument must be a str, got a tuple HOT 2
- Kafka deserializer error checking if message exists
- TypeError: Env.v() got an unexpected keyword argument 'private' after bump to version 2.7.0 HOT 1
- 'cannot allocate memory in static TLS block' error got after bump to version 2.7.1 HOT 6
- Asyncio issues due to `DatadogContextMixin._update_active` HOT 12
- AttributeError: 'NoneType' object has no attribute 'must_call_globals' HOT 7
- Segmentation Fault after google-api-core upgrade HOT 2
- ddtrace-run 2.7.2 raise free(): invalid pointer HOT 11
- ddtrace 2.7.2 - issues with Flask and SQLAlchemy HOT 4
- RuntimeError: Server returned 503
- Incorrect bytecode and envier dependencies HOT 2
- Cause of `failed to send, dropping X traces to intake` error log HOT 1
- structlog integration (logs injection) is broken HOT 1
- Not able to see flame graph for db calls, redis, endpoint etc in CI Visibility HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from dd-trace-py.