Ruby » Ruby master

Supporting Valgrind is a good idea. However, I actually prefer ASAN. But both are good tools.

I recently added ASAN support for fibers/coroutines: https://github.com/ioquatix/ruby/commit/901525b1079ac02da0122a76d8e4c3546a7f80f6

I also proposed to add it to the build matrix: https://github.com/ruby/ruby/pull/5939

You will probably find that without Valgrind knowing about the stack swapping, it won't work, you'll need to inform it when the stack is swapped.

I don't really want to maintain two different implementations of "stack swapping instrumentation". I suppose we could abstract it out, however, it's fairly non-trivial/invasive.

Therefore, it might be better to use ASAN over Valgrind to keep the code simpler. Or, if we decided Valgrind was better, we should remove ASAN, for example.

==203957== Invalid write of size 8
==203957==    at 0x48C407: fiber_pool_stack_reset (cont.c:325)
==203957==    by 0x48C4E9: fiber_pool_vacancy_reset (cont.c:364)
==203957==    by 0x48CBB0: fiber_pool_stack_release (cont.c:752)
==203957==    by 0x48CECF: fiber_stack_release (cont.c:874)

Regarding this specific write, this isn't an invalid write. It's written into a memory mapped area. I wonder why it's being flagged. "Address 0x9bad008 is in a rw- anonymous segment" is a valid area IMHO. The fiber's stack, if it's unused, is used for free list management. If you can tell me how we should inform Valgrind that this is a valid area to write into, I can adjust the code (similar to poison/unpoison memory).

Thanks for the reply @ioquatix (Samuel Williams)!

I haven't looked too much into ASAN, I'll look into it further. My main concern with ASAN is the need for Ruby to be compiled with it turned on and that additional code may need to be added into native extensions to support it. Both of these are barriers to entry compared to Valgrind.

In the Valgrind manual, it looks like there's a VALGRIND_MAKE_MEM_DEFINED function. Maybe that can be used to mark the regions as valid.

I haven't looked too much into ASAN, I'll look into it further. My main concern with ASAN is the need for Ruby to be compiled with it turned on and that additional code may need to be added into native extensions to support it. Both of these are barriers to entry compared to Valgrind.

It's unlikely that Valgrind will work with CRuby out of the box without Valgrind specific code e.g. for marking stacks, poisoning "freed" memory, etc. I am okay to help you try it. Just don't underestimate how complicated it can be to get all the right feedback. e.g. ASAN poison is used for GC to mark regions of the memory that should not be accessed. The same is true for fibers. It already all works.

It's unlikely that Valgrind will work with CRuby out of the box without Valgrind specific code e.g. for marking stacks, poisoning "freed" memory, etc.

Valgrind (without the memory leak detection feature, so only detecting invalid memory access) actually works very well with CRuby (excluding Fibers), which is why I opened this ticket.

For most C extensions, they are able to use Valgrind with memory leak detection using ruby_memcheck, which applies heuristics to remove false-positive memory leaks in Ruby.

In fact, issues like #18264 and #18936 were found by Valgrind.

I'm just here to support Peter's take: Valgrind is a very useful tool for C extension maintainers to find and prevent illegal memory access. It's been an incredibly valuable tool for me over the ~15 years I've been a maintainer, and is a key tool in Nokogiri's CI pipelines.

ASan is also useful! But because it's a build-time option, it's slightly less useful for debugging production builds. If it's not too difficult, I think Ruby should support both tools.