Bug #8326

Running Redmine unter Ruby 2.0.0 produces an "Illegal instruction(coredump)" under AIX 7.1

Added by Werner Novak 12 months ago. Updated 3 months ago.

[ruby-core:54583]
Status:Open
Priority:Normal
Assignee:Yutaka Kanemoto
Category:-
Target version:current: 2.2.0
ruby -v:ruby 2.0.0p0 (2013-02-24 revision 39474) [powerpc-aix6.1.0.0] Backport:1.9.3: REQUIRED, 2.0.0: REQUIRED

Description

We compiled Ruby under AIX 7.1 and everthing work fine throughout testing, but when we install Redmine 2.3.0 an go through the normal navigation, we can reproduce the following error by only clicking multiple links consecutively in the administration.

#>dbx /opt/pware/ruby/2.0.0/bin/ruby core
Type 'help' for help.
[using memory image in core]
reading symbolic information ...

Illegal instruction (illegal opcode) in . at 0x0 ($t8)
warning: Unable to access address 0x0 from core
(dbx) where
.() at 0x0
stlookup(table = 0xd40c0708, key = 24, value = 0x1bd78365), line 414 in "st.c"
unnamed block in rb
methodentrygetwithoutcache(klass = 3557309396, id = 624245420, definedclassptr = 0x24098d30), line 182 in "vmmethod.c"
rb
methodentrygetwithoutcache(klass = 3557309396, id = 624245420, definedclassptr = 0x24098d30), line 182 in "vmmethod.c"
vm
searchmethod(ci = 0x20596bd4, recv = 624186940), line 858 in "vminsnhelper.c"
unnamed block in vmexeccore(th = (nil), initial = 0), line 2534 in "insns.def"
vmexeccore(th = (nil), initial = 0), line 2534 in "insns.def"
unnamed block in vmexec(th = 0x2311cc58), line 1175 in "vm.c"
unnamed block in vm
exec(th = 0x2311cc58), line 1175 in "vm.c"
unnamed block in vmexec(th = 0x2311cc58), line 1175 in "vm.c"
vm
exec(th = 0x2311cc58), line 1175 in "vm.c"
vminvokeproc(th = 0x2311cc58, proc = 0x22e59108, self = 594118620, definedclass = 550801940, argc = 0, argv = 0x21d85144, blockptr = (nil)), line 648 in "vm.c"
thread
startfunc2(th = 0x2311cc58, stackstart = (nil)), line 503 in "thread.c"
unnamed block in thread
startfunc1(thptr = (nil)), line 724 in "threadpthread.c"
threadstartfunc1(thptr = (nil)), line 724 in "thread_pthread.c"
(dbx)

I can deliver the coredump also, but it has 92mb (zipped 22mb) !!

Additional Infos:
Environment:
Redmine version 2.3.0.stable
Ruby version 2.0.0 (powerpc-aix6.1.0.0)
Rails version 3.2.13
Environment production
Database adapter SQLite
Redmine plugins:
redmineldapsync 2.0.0.devel

OS Infos:
#> oslevel -s
7100-02-02-1316
#> rpm -qa
libiconv-1.14-321
libconfuse-2.7-321
expat-2.1.0-321
unzip-5.51-1
lsof-4.61-3
zlib-1.2.7-321
nrpe-2.14-321
texinfo-4.13a-321
readline-6.2-321
bzip2-1.0.6-321
gettext-0.10.40-8
gmond-3.4.0-321
gdbm-1.10-321
gmp-5.0.5-321
file-5.14-321
sqlite-3.7.15.2-321
libffi-3.0.11-321
pkg-config-0.25-321
pcre-8.31-321
libtool-2.4.2-321
AIX-rpm-7.1.2.15-6
apr-1.4.6-321
nagios-plugins-1.4.16-321
openssl-1.0.1e-321
libidn-1.26-321
perl-5.16.3-321
neon-0.29.6-321
db-5.3.21-321
openldap-2.4.33-321
apr-util-1.5.1-321
httpd-2.4.4-321
coreutils-8.5-321
tcl-8.5.13-321
tk-8.5.13-321
Python-2.7.3-321
subversion-1.7.9-321
libxml2-2.9.0-321
xz-5.0.4-321
libxslt-1.1.28-321
libgcrypt-1.5.0-321
libgpg-error-1.10-321
samba-3.6.12-321
ruby-2.0.0-321
libssh2-1.4.3-321
curl-7.29.0-321

All modules wher compiled with:
IBM XL C/C++ for AIX, V10.1
Version: 10.01.0000.0017

sbr_mark_locations_array.png (6.49 KB) Kaustubh D, 11/11/2013 05:00 PM


Related issues

Related to Backport200 - Backport #8325: Running Redmine unter Ruby 2.0.0 produces an "Illegal ins... Rejected 04/25/2013

History

#1 Updated by Werner Novak 12 months ago

Same problem occures without redmine plugins and with older ruby version 1.9.3 p392

#2 Updated by Werner Novak 12 months ago

Also tried it with Redmine 2.2.4 under ruby 1.9.3 p392, with the same results, see dump below:

#> dbx /opt/pware/ruby/1.9.3/bin/ruby core
Type 'help' for help.
[using memory image in core]
reading symbolic information ...

Illegal instruction (illegal opcode) in . at 0x0 ($t14)
warning: Unable to access address 0x0 from core
(dbx) where
.() at 0x0
stlookup(table = 0xd4aad6c8, key = 17, value = (nil)), line 341 in "st.c"
search
method@AF293120(??, ??), line 374 in "vmmethod.c"
rbmethodentrygetwithoutcache(klass = 581288160, id = 581288180), line 393 in "vmmethod.c"
unnamed block in vmexeccore(th = (nil), initial = 0), line 2080 in "vminsnhelper.c"
unnamed block in vm
execcore(th = (nil), initial = 0), line 2080 in "vminsnhelper.c"
vmexeccore(th = (nil), initial = 0), line 2080 in "vminsnhelper.c"
unnamed block in vm
exec(th = 0x225565f8), line 1236 in "vm.c"
unnamed block in vmexec(th = 0x225565f8), line 1236 in "vm.c"
vm
exec(th = 0x225565f8), line 1236 in "vm.c"
rbvminvokeproc(th = 0x225565f8, proc = 0x22dfb8f8, self = 554994300, argc = 1, argv = 0x22af8d10, blockptr = (nil)), line 640 in "vm.c"
proc
call(argc = 576022008, argv = 0x213df958, procval = 554994300), line 561 in "proc.c"
vmcallmethod(th = 0x229a58a4, cfp = 0x229a58b8, num = 586449168, blockptr = 0x22f482d4, flag = 586449616, id = 586449224, me = 0x22f48100, recv = 537705864), line 317 in "vminsnhelper.c"
unnamed block in vm
execcore(th = 0x00000001, initial = 570025340), line 1018 in "insns.def"
unnamed block in vm
execcore(th = 0x00000001, initial = 570025340), line 1018 in "insns.def"
vm
execcore(th = 0x00000001, initial = 570025340), line 1018 in "insns.def"
unnamed block in vm
exec(th = 0x225565f8), line 1236 in "vm.c"
unnamed block in vmexec(th = 0x225565f8), line 1236 in "vm.c"
vm
exec(th = 0x225565f8), line 1236 in "vm.c"
rbyield(val = 580541480), line 648 in "vm.c"
rb
aryeach(array = 3568469004), line 1495 in "array.c"
vm
callmethod(th = 0x229975b0, cfp = 0x2299a198, num = 1, blockptr = 0x2298d09c, flag = 550528788, id = 3, me = 0x12e20067, recv = 1), line 320 in "vminsnhelper.c"
unnamed block in vmexeccore(th = (nil), initial = 0), line 1018 in "insns.def"
unnamed block in vmexeccore(th = (nil), initial = 0), line 1018 in "insns.def"
vmexeccore(th = (nil), initial = 0), line 1018 in "insns.def"
unnamed block in vmexec(th = 0x225565f8), line 1236 in "vm.c"
unnamed block in vm
exec(th = 0x225565f8), line 1236 in "vm.c"
vmexec(th = 0x225565f8), line 1236 in "vm.c"
rb
vminvokeproc(th = 0x225565f8, proc = 0x222899e8, self = 577397360, argc = 0, argv = 0x2298dd24, blockptr = (nil)), line 640 in "vm.c"
threadstartfunc2(th = 0x225565f8, stackstart = (nil)), line 460 in "thread.c"
unnamed block in threadstartfunc1(thptr = (nil)), line 654 in "threadpthread.c"
thread
startfunc1(thptr = (nil)), line 654 in "threadpthread.c"
(dbx)

#3 Updated by Yui NARUSE 12 months ago

  • Assignee set to Yutaka Kanemoto
  • Target version set to 2.1.0
  • Backport changed from 1.9.3: UNKNOWN, 2.0.0: UNKNOWN to 1.9.3: REQUIRED, 2.0.0: REQUIRED

#4 Updated by Kaustubh D 5 months ago

We are facing similar issue (similar stack trace) in our tests. Our observation is, if we build ruby in non-optimized mode or 'even if we have ruby optimized (-O) but gc.c built without optimization' we do not see core dump. This might indicate that some code in gc.c is getting optimized away that leads to this issue.

It core dumps randomly but most of the times within st_lookup. We are not able to reproduce with a simple program yet.

Illegal instruction (illegal opcode) in . at 0x0 ($t1102)
warning: Unable to access address 0x0 from core
(dbx) where
.() at 0x0
stlookup() at 0x9000000009fcb30
vm.rb
evalstringwrap.searchmethod@AF293120() at 0x9000000009df2a0
rbmethodentrygetwithoutcache() at 0x9000000009d207c
vm
execcore() at 0x9000000009cb79c
vm
exec() at 0x9000000009c4488
rbvminvokeproc() at 0x9000000009d1518
thread
startfunc2() at 0x900000000a2ad2c
thread.nativethreadcreate.threadstartfunc_1() at 0x900000000a299e8

Not sure if this is anyway related, but found issue which happened in optimized builds of ruby but non-optimized had worked. http://bugs.ruby-lang.org/issues/5244. The fix of this issue #5244 relied on "register window" concept but it seems that 'register window' does not apply to power architecture.

Any inputs from ruby core team might be helpful. Thanks in advance.

#5 Updated by Kaustubh D 5 months ago

Additional input, an SBR (stack array bounds read) was reported in marklocationsarray. for example see the attachment.

#6 Updated by Kaustubh D 5 months ago

This turns out to be issue related to optimization, we were able to workaround this using ruby compiled with xlc flags "-O -qhot". Hope it helps someone. Thanks!!

#7 Updated by Hiroshi SHIBATA 3 months ago

  • Target version changed from 2.1.0 to current: 2.2.0

Also available in: Atom PDF