From 37e711f0e3b602e3156d870bda8486d7e28ed3c2 Mon Sep 17 00:00:00 2001
From: Alan Wu <XrXr@users.noreply.github.com>
Date: Wed, 28 Feb 2024 16:21:11 -0500
Subject: [PATCH] YJIT: Squash canary before falling back

Recent flaky canary-related CI failures have all happened while trying
to fall back. It's unclear what is leaving the canary on the stack and
causing gen_send_dynamic() to falsely assume that it should be leaf,
and this patch isn't going to help us find the source. One source I
found is Array#<< with a frozen array, but it's unclear if that's what's
causing the CI failures. I'm somewhat afraid to add a canary check to
rb_longjmp() since that might introduce more flaky failures, and maybe
ones unrelated to YJIT.

See: https://github.com/ruby/ruby/actions/runs/8083502532/job/22086714152
See: https://github.com/ruby/ruby/actions/runs/8066858522/job/22035963315
---
 yjit/src/codegen.rs | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/yjit/src/codegen.rs b/yjit/src/codegen.rs
index 9419f52894ce59..1e8f04640325ca 100644
--- a/yjit/src/codegen.rs
+++ b/yjit/src/codegen.rs
@@ -8006,6 +8006,12 @@ fn gen_send_dynamic<F: Fn(&mut Assembler) -> Opnd>(
     // Save PC and SP to prepare for dynamic dispatch
     jit_prepare_non_leaf_call(jit, asm);
 
+    // Squash stack canary that might be left over from elsewhere
+    assert_eq!(false, asm.get_leaf_ccall());
+    if cfg!(debug_assertions) {
+        asm.store(asm.ctx.sp_opnd(0), 0.into());
+    }
+
     // Dispatch a method
     let ret = vm_sendish(asm);