ruby-core

Issue #17854 has been updated by shyouhei (Shyouhei Urabe).


Thank you for reporting! This is my bug, clang optimizer is not guilty here.

Trying to fix at: https://github.com/ruby/ruby/pull/4469

----------------------------------------
Bug #17854: Crash with certain "case" expressions on FreeBSD
https://bugs.ruby-lang.org/issues/17854#change-91879

* Author: meta@vmeta.jp (Koichiro Iwao)
* Status: Assigned
* Priority: Normal
* Assignee: shyouhei (Shyouhei Urabe)
* ruby -v: ruby 2.7.3p183 (2021-04-05 revision 6847ee089d) [amd64-freebsd13]
* Backport: 2.6: UNKNOWN, 2.7: UNKNOWN, 3.0: UNKNOWN
----------------------------------------
## Affected version
* Ruby 2.6, 2.7, 3.0 compiled with **clang on FressBD**

No tested with other versions. Ruby compiled with GCC doesn't have this issue.

## Snippet to reproduce
```
ruby -e 'case 1; when 2r; 3; end'
```

## Step to reproduce

Prepare a fresh installation of FreeBSD 13. Either Ruby installed from system package or ruby-build can reproduce the issue.


```
# clang -v 
FreeBSD clang version 11.0.1 (git@github.com:llvm/llvm-project.git llvmorg-11.0.1-0-g43ff75f2c3fe)
Target: x86_64-unknown-freebsd13.0
Thread model: posix
InstalledDir: /usr/bin
[root@ruby-bug /tmp]# clang -v 
FreeBSD clang version 11.0.1 (git@github.com:llvm/llvm-project.git llvmorg-11.0.1-0-g43ff75f2c3fe)
Target: x86_64-unknown-freebsd13.0
Thread model: posix
InstalledDir: /usr/bin
```

### System Ruby


```
# pkg install ruby 
# /usr/local/bin/ruby -v
# /usr/local/bin/ruby -e 'case 1; when 2r; 3; end'
```

### Ruby installed by ruby-build

Same as Ruby installed by ruby-build.
```
# pkg install rbenv ruby-build
# bash
bash# eval "$(rbenv init -)"
bash# cd /tmp
bash# rbenv install 2.7.3
bash# rbenv local 2.7.3
bash# rbenv which ruby
/root/.rbenv/versions/2.7.3/bin/ruby
bash# ruby -e 'case 1; when 2r; 3; end'
```


## Backtrace (submitted by the original reporter)
```

Backtrace (with a debug build):

* thread #1, name = 'ruby27', stop reason = signal SIGSEGV
    frame #0: 0x0000000801add4e8 libruby27.so.27`append_compile_error(iseq=0x000000089445a6b8, line=1125956, fmt="") at compile.c:380:47
    frame #1: 0x00007fffffffc930
  * frame #2: 0x0000000801c4d915 libruby27.so.27`rb_st_lookup [inlined] do_hash(key=36847331000, tab=0x000000086f314d40) at st.c:326:33
    frame #3: 0x0000000801c4d90b libruby27.so.27`rb_st_lookup(tab=0x000000086f314d40, key=36847331000, value=0x00007fffffffc958) at st.c:1104
    frame #4: 0x0000000801b63443 libruby27.so.27`rb_hash_lookup2 [inlined] hash_stlike_lookup(hash=36847330480, key=<unavailable>, pval=0x00007fffffffc958) at hash.c:0
    frame #5: 0x0000000801b6339a libruby27.so.27`rb_hash_lookup2(hash=36847330480, key=36847331000, def=8) at hash.c:2070
    frame #6: 0x0000000801b0640a libruby27.so.27`when_vals(iseq=0x000000089445a550, cond_seq=0x00007fffffffcb60, vals=0x0000000878b93098, l1=<unavailable>, only_special_literals=1, literals=<unavailable>) at compile.c:4322:18
    frame #7: 0x0000000801afac70 libruby27.so.27`iseq_compile_each0 at compile.c:5334:27
    frame #8: 0x0000000801afa5c1 libruby27.so.27`iseq_compile_each0(iseq=0x000000089445a550, ret=0x00007fffffffcd60, node=0x0000000878b93108, popped=0) at compile.c:7162
    frame #9: 0x0000000801b0ab71 libruby27.so.27`setup_args_core [inlined] compile_args(node=0x0000000878b93140) at compile.c:3923:13
    frame #10: 0x0000000801b0ab59 libruby27.so.27`setup_args_core(iseq=0x000000089445a550, args=0x00007fffffffcd60, argn=<unavailable>, dup_rest=<unavailable>, flag=<unavailable>, keywords=0x00007fffffffcd28) at compile.c:5049
    frame #11: 0x0000000801af4dbf libruby27.so.27`iseq_compile_each0 [inlined] compile_call(iseq=0x000000089445a550, ret=0x00007fffffffce80, node=0x0000000878b93060, type=<unavailable>, line=1, popped=0) at compile.c:7046:16
    frame #12: 0x0000000801af4ce1 libruby27.so.27`iseq_compile_each0(iseq=0x000000089445a550, ret=0x00007fffffffce80, node=0x0000000878b93060, popped=0) at compile.c:7670
    frame #13: 0x0000000801adc735 libruby27.so.27`rb_iseq_compile_node(iseq=0x000000089445a550, node=<unavailable>) at compile.c:702:6
    frame #14: 0x0000000801b85a47 libruby27.so.27`rb_iseq_new_with_opt(ast=0x000000089445a718, name=<unavailable>, path=<unavailable>, realpath=<unavailable>, first_lineno=1, parent=0x0000000819358010, type=ISEQ_TYPE_MAIN, option=0x0000000801cf1d28) at iseq.c:821:5
    frame #15: 0x0000000801b85b6d libruby27.so.27`rb_iseq_new_main(ast=<unavailable>, path=<unavailable>, realpath=<unavailable>, parent=<unavailable>) at iseq.c:787:12
    frame #16: 0x0000000801c40537 libruby27.so.27`ruby_process_options at ruby.c:1904:9
    frame #17: 0x0000000801c3f433 libruby27.so.27`ruby_process_options(argc=<unavailable>, argv=<unavailable>) at ruby.c:2413
    frame #18: 0x0000000801b3f513 libruby27.so.27`ruby_options(argc=<unavailable>, argv=<unavailable>) at eval.c:124:2
    frame #19: 0x0000000000201cca ruby27`main(argc=<unavailable>, argv=<unavailable>) at main.c:50:23
    frame #20: 0x0000000000201a70 ruby27`_start(ap=<unavailable>, cleanup=<unavailable>) at crt1.c:76:7
```

## Patch

The following patch is provided by the original reporter but it looks too ad-hoc. If this bug is fixed in Ruby upstream, I'll apply it to FreeBSD package.

```diff
diff --git a/compile.c b/compile.c
index 1cabb8c..a954176 100644
--- a/compile.c
+++ b/compile.c
@@ -1987,7 +1987,7 @@ cdhash_cmp(VALUE val, VALUE lit)
         return rb_float_cmp(lit, val);
     }
     else {
-        UNREACHABLE_RETURN(-1);
+        return -1;
     }
 }
 
@@ -2005,7 +2005,7 @@ cdhash_hash(VALUE a)
       case T_FLOAT:
         return rb_dbl_long_hash(RFLOAT_VALUE(a));
       default:
-        UNREACHABLE_RETURN(0);
+        return 0;
     }
 }
```

## See also
Downstream bug:
* https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255583

---Files--------------------------------
trace.log (37.5 KB)


-- 
https://bugs.ruby-lang.org/

Unsubscribe: <mailto:ruby-core-request@ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-core>

Thread

Prev Next

In This Thread

Prev Next