Project

General

Profile

Actions
Copy link

Bug #19444

closed

YJIT String#+@ miscompilations

Added by alanwu (Alan Wu) almost 2 years ago. Updated over 1 year ago.

Status:
Closed
Assignee:
-
Target version:
-
ruby -v:
Backport:
2.7: DONTNEED, 3.0: DONTNEED, 3.1: DONTNEED, 3.2: DONE
[ruby-core:112458]

Description

We noticed two issues with YJIT's String#+@ (String unary plus) implementation.

  1. It has issues with GC allocation tracing. We saw it SEGV with the Stackprof gem
  2. It has a type confusion issue from assuming that the method always return an ::String instance. It can return subclass instances

The YJIT override does not exist on the 3.1 series.

Actions
Copy link
 #1

Updated by alanwu (Alan Wu) almost 2 years ago

  • Status changed from Open to Closed

Applied in changeset git|c178926fbe879045fa711444a1fd9e906af23e3b.

YJIT: jit_prepare_routine_call() for String#+@ missing

We saw SEGVs due to this when running with StackProf, which needs a
correct PC for RUBY_INTERNAL_EVENT_NEWOBJ, the same event used for
ObjectSpace allocation tracing.

[Bug #19444]

Actions
Copy link
 #2

Updated by byroot (Jean Boussier) almost 2 years ago

  • Backport changed from 2.7: UNKNOWN, 3.0: UNKNOWN, 3.1: UNKNOWN, 3.2: REQUIRED to 2.7: DONTNEED, 3.0: DONTNEED, 3.1: DONTNEED, 3.2: REQUIRED
Actions
Copy link
 #3 [ruby-core:112727]

Updated by naruse (Yui NARUSE) over 1 year ago

  • Backport changed from 2.7: DONTNEED, 3.0: DONTNEED, 3.1: DONTNEED, 3.2: REQUIRED to 2.7: DONTNEED, 3.0: DONTNEED, 3.1: DONTNEED, 3.2: DONE

ruby_3_2 4d75035e1762a23d38c5192b30bb47f40b752bee merged revision(s) c178926fbe879045fa711444a1fd9e906af23e3b,a4b7ec12298c78392797e5ba7704076550e4f100.

Actions
Copy link

Also available in: Atom PDF

Like0
Like0Like0Like0