From: xtkoba+ruby@... Date: 2021-02-28T04:17:26+00:00 Subject: [ruby-core:102651] [Ruby master Bug#17540] A segfault due to Clang/LLVM optimization on 32-bit ARM Linux Issue #17540 has been updated by xtkoba (Tee KOBAYASHI). Here is an alternative workaround which inserts a memory barrier into the function `rb_str_vcatf` from `sprintf.c`: ``` --- a/sprintf.c +++ b/sprintf.c @@ -1227,6 +1227,7 @@ f._bf._base = (unsigned char *)str; f._p = (unsigned char *)RSTRING_END(str); klass = RBASIC(str)->klass; + __asm__ __volatile__ ("" : : : "memory"); RBASIC_CLEAR_CLASS(str); f.vwrite = ruby__sfvwrite; f.vextra = ruby__sfvextra; ``` Without the memory barrier, the flow of `rb_str_vcatf` looks as follows: ``` Breakpoint 1, rb_str_vcatf (str=str@entry=1024669056, fmt=0x3fc64e95 " %s>", ap=...) at ../sprintf.c:1222 1222 StringValue(str); 1223 rb_str_modify(str); 1226 f._w = rb_str_capacity(str); 1225 f._bf._size = 0; 1224 f._flags = __SWR | __SSTR; 1226 f._w = rb_str_capacity(str); 1228 f._p = (unsigned char *)RSTRING_END(str); 1227 f._bf._base = (unsigned char *)str; 1228 f._p = (unsigned char *)RSTRING_END(str); 1226 f._w = rb_str_capacity(str); 1228 f._p = (unsigned char *)RSTRING_END(str); 1232 f.vwrite = ruby__sfvwrite; 1233 f.vextra = ruby__sfvextra; 1228 f._p = (unsigned char *)RSTRING_END(str); 1231 RBASIC_CLEAR_CLASS(str); 1232 f.vwrite = ruby__sfvwrite; 1233 f.vextra = ruby__sfvextra; 1228 f._p = (unsigned char *)RSTRING_END(str); 1229 klass = RBASIC(str)->klass; 1234 buffer.value = 0; 1233 f.vextra = ruby__sfvextra; 1235 BSD_vfprintf(&f, fmt, ap); 1232 f.vwrite = ruby__sfvwrite; 1235 BSD_vfprintf(&f, fmt, ap); 1236 RBASIC_SET_CLASS_RAW(str, klass); 1237 rb_str_resize(str, (char *)f._p - RSTRING_PTR(str)); 1236 RBASIC_SET_CLASS_RAW(str, klass); 1237 rb_str_resize(str, (char *)f._p - RSTRING_PTR(str)); 1240 return str; (gdb) p *(struct RBasic *)str $1 = {flags = 8197, klass = 0} ``` With the memory barrier, the flow becomes as follows: ``` Breakpoint 1, rb_str_vcatf (str=str@entry=1024669056, fmt=0x3fc64e95 " %s>", ap=...) at ../sprintf.c:1222 1222 StringValue(str); 1223 rb_str_modify(str); 1226 f._w = rb_str_capacity(str); 1225 f._bf._size = 0; 1224 f._flags = __SWR | __SSTR; 1226 f._w = rb_str_capacity(str); 1228 f._p = (unsigned char *)RSTRING_END(str); 1227 f._bf._base = (unsigned char *)str; 1228 f._p = (unsigned char *)RSTRING_END(str); 1226 f._w = rb_str_capacity(str); 1228 f._p = (unsigned char *)RSTRING_END(str); 1229 klass = RBASIC(str)->klass; 1230 __asm__ __volatile__ ("" : : : "memory"); 1231 RBASIC_CLEAR_CLASS(str); 1232 f.vwrite = ruby__sfvwrite; 1233 f.vextra = ruby__sfvextra; 1232 f.vwrite = ruby__sfvwrite; 1231 RBASIC_CLEAR_CLASS(str); 1233 f.vextra = ruby__sfvextra; 1234 buffer.value = 0; 1233 f.vextra = ruby__sfvextra; 1232 f.vwrite = ruby__sfvwrite; 1235 BSD_vfprintf(&f, fmt, ap); 1236 RBASIC_SET_CLASS_RAW(str, klass); 1237 rb_str_resize(str, (char *)f._p - RSTRING_PTR(str)); 1236 RBASIC_SET_CLASS_RAW(str, klass); 1237 rb_str_resize(str, (char *)f._p - RSTRING_PTR(str)); 1240 return str; (gdb) p *(struct RBasic *)str $1 = {flags = 8197, klass = 1062619968} ``` And yes, this looks pretty much a bug of Clang/LLVM to me for now. I'm going to create a minimal reproducing example to send to Clang/LLVM maintainers. One more push... ---------------------------------------- Bug #17540: A segfault due to Clang/LLVM optimization on 32-bit ARM Linux https://bugs.ruby-lang.org/issues/17540#change-90644 * Author: xtkoba (Tee KOBAYASHI) * Status: Open * Priority: Normal * ruby -v: ruby 3.0.0p0 (2020-12-25 revision 95aff21468) [armv7a-linux-eabi] * Backport: 2.5: UNKNOWN, 2.6: UNKNOWN, 2.7: UNKNOWN, 3.0: UNKNOWN ---------------------------------------- When built with `optflags=-O3` (which is the default), `ruby -e "pp Thread.main"` causes a segfault, which seems to be worked around by the following change: ``` --- a/include/ruby/internal/fl_type.h +++ b/include/ruby/internal/fl_type.h @@ -231,7 +231,7 @@ RBIMPL_ATTR_PURE_UNLESS_DEBUG() RBIMPL_ATTR_ARTIFICIAL() static inline VALUE -RB_FL_TEST_RAW(VALUE obj, VALUE flags) +RB_FL_TEST_RAW(volatile VALUE obj, VALUE flags) { RBIMPL_ASSERT_OR_ASSUME(RB_FL_ABLE(obj)); return RBASIC(obj)->flags & flags; ``` There might be a bug in the optimizer of Clang/LLVM (version 11.0.1). -- https://bugs.ruby-lang.org/ Unsubscribe: