[ruby-dev:49725] [Ruby trunk Bug#12575] Conditional jump or move depends on uninitialised value(s) at rb_wait_for_single_fd (thread.c:3864)
From:
ngotogenome@...
Date:
2016-07-08 12:46:37 UTC
List:
ruby-dev #49725
Issue #12575 has been reported by Naohisa Goto. ---------------------------------------- Bug #12575: Conditional jump or move depends on uninitialised value(s) at rb_wait_for_single_fd (thread.c:3864) https://bugs.ruby-lang.org/issues/12575 * Author: Naohisa Goto * Status: Open * Priority: Normal * Assignee: * ruby -v: * Backport: 2.1: UNKNOWN, 2.2: UNKNOWN, 2.3: UNKNOWN ---------------------------------------- x86_64 の Debian GNU/Linux 8 にて、valgrind上でdrbのテストを実行すると、以下のレポートが出ました。 (r55612 にて確認) ``` $ valgrind ./ruby test/runner.rb -v test/drb (中略) [ 12/115] DRbTests::ACLTest#test_not_1 = 0.01 s [ 13/115] DRbTests::TestBug4409#test_bug4409==14331== Conditional jump or move depends on uninitialised value(s) ==14331== at 0x250F20: rb_wait_for_single_fd (thread.c:3864) ==14331== by 0x89E9C62: wait_for_single_fd (wait.c:64) ==14331== by 0x89E9E31: io_wait_readable (wait.c:139) ==14331== by 0x27C251: call_cfunc_m1 (vm_insnhelper.c:1462) ==14331== by 0x27CD37: vm_call_cfunc_with_frame (vm_insnhelper.c:1641) ==14331== by 0x27CE9D: vm_call_cfunc (vm_insnhelper.c:1736) ==14331== by 0x27DD37: vm_call_method_each_type (vm_insnhelper.c:2028) ==14331== by 0x27E3DB: vm_call_method (vm_insnhelper.c:2152) ==14331== by 0x27E5B1: vm_call_general (vm_insnhelper.c:2195) ==14331== by 0x2826F8: vm_exec_core (insns.def:1064) ==14331== by 0x293AEA: vm_exec (vm.c:1653) ==14331== by 0x29182C: invoke_block (vm.c:923) ==14331== ==14331== Conditional jump or move depends on uninitialised value(s) ==14331== at 0x250F47: rb_wait_for_single_fd (thread.c:3874) ==14331== by 0x89E9C62: wait_for_single_fd (wait.c:64) ==14331== by 0x89E9E31: io_wait_readable (wait.c:139) ==14331== by 0x27C251: call_cfunc_m1 (vm_insnhelper.c:1462) ==14331== by 0x27CD37: vm_call_cfunc_with_frame (vm_insnhelper.c:1641) ==14331== by 0x27CE9D: vm_call_cfunc (vm_insnhelper.c:1736) ==14331== by 0x27DD37: vm_call_method_each_type (vm_insnhelper.c:2028) ==14331== by 0x27E3DB: vm_call_method (vm_insnhelper.c:2152) ==14331== by 0x27E5B1: vm_call_general (vm_insnhelper.c:2195) ==14331== by 0x2826F8: vm_exec_core (insns.def:1064) ==14331== by 0x293AEA: vm_exec (vm.c:1653) ==14331== by 0x29182C: invoke_block (vm.c:923) ==14331== ==14331== Conditional jump or move depends on uninitialised value(s) ==14331== at 0x250F59: rb_wait_for_single_fd (thread.c:3876) ==14331== by 0x89E9C62: wait_for_single_fd (wait.c:64) ==14331== by 0x89E9E31: io_wait_readable (wait.c:139) ==14331== by 0x27C251: call_cfunc_m1 (vm_insnhelper.c:1462) ==14331== by 0x27CD37: vm_call_cfunc_with_frame (vm_insnhelper.c:1641) ==14331== by 0x27CE9D: vm_call_cfunc (vm_insnhelper.c:1736) ==14331== by 0x27DD37: vm_call_method_each_type (vm_insnhelper.c:2028) ==14331== by 0x27E3DB: vm_call_method (vm_insnhelper.c:2152) ==14331== by 0x27E5B1: vm_call_general (vm_insnhelper.c:2195) ==14331== by 0x2826F8: vm_exec_core (insns.def:1064) ==14331== by 0x293AEA: vm_exec (vm.c:1653) ==14331== by 0x29182C: invoke_block (vm.c:923) ==14331== ==14331== Conditional jump or move depends on uninitialised value(s) ==14331== at 0x250F69: rb_wait_for_single_fd (thread.c:3878) ==14331== by 0x89E9C62: wait_for_single_fd (wait.c:64) ==14331== by 0x89E9E31: io_wait_readable (wait.c:139) ==14331== by 0x27C251: call_cfunc_m1 (vm_insnhelper.c:1462) ==14331== by 0x27CD37: vm_call_cfunc_with_frame (vm_insnhelper.c:1641) ==14331== by 0x27CE9D: vm_call_cfunc (vm_insnhelper.c:1736) ==14331== by 0x27DD37: vm_call_method_each_type (vm_insnhelper.c:2028) ==14331== by 0x27E3DB: vm_call_method (vm_insnhelper.c:2152) ==14331== by 0x27E5B1: vm_call_general (vm_insnhelper.c:2195) ==14331== by 0x2826F8: vm_exec_core (insns.def:1064) ==14331== by 0x293AEA: vm_exec (vm.c:1653) ==14331== by 0x29182C: invoke_block (vm.c:923) ==14331== = 0.58 s [ 14/115] DRbTests::TestDRbAry#test_01 = 0.30 s (以下略) ``` 当該箇所のコードを見ると、`struct pollfd fds` の `fds.revents` が未初期化の場合があるようです。 これは、ppollシステムコールの結果を返す構造体メンバですが、システムコール内で値をセットされず戻ってくる場合があり得るようです。(おそらくタイムアウトの場合など。) http://docs.oracle.com/cd/E19253-01/816-5177/poll-7d/ のExample(ppollではなくpollの例ですが)など、巷に流通しているコードを見る限りは、struct pollfd構造体のreventsメンバーは呼出元で0に初期化してあげる必要があるようです。 -- https://bugs.ruby-lang.org/