Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8252533

Signal handlers should run with synchronous error signals unblocked



    • Enhancement
    • Resolution: Fixed
    • P4
    • 16
    • 16
    • hotspot
    • b23


      This is a continuation of JDK-8065895 [1].

      When a signal happens which cannot be deferred (SIGFPE, SIGILL, SIGSEGV, SIGBUS) but whose delivery is blocked, bad things happen. This is undefined territory, and we have observed the following cases:

      - on Linux, the default handler is invoked instead of the user handler, which in case of error signals causes the process to core immediately.
      - on AIX and PASE both, the process just becomes unresponsive and hangs.
      - on HPUX - one of our internal platform - the process just vanishes without a trace.
      I did not test other platforms but would guess similar things happen there.

      Posix documentation [4] states:
      "If any of the SIGFPE, SIGILL, SIGSEGV, or SIGBUS signals are generated while they are blocked, the result is undefined, unless the signal was generated by the kill() function, the sigqueue() function, or the raise() function."

      At the moment, undeferrable error signals are unblocked outside the signal handler (see hotspot sigmask) and, since JDK-8065895, inside the error handler (see crash_handler setup). This leaves us with a window where the hotspot signal handler runs but before he has decided to invoke fatal error handling. Inside that window, for any platform but AIX error signals are still blocked. So any crash inside them tears down the VM immediately without giving us a useful hs-err file.

      On AIX they are not blocked because we added an AIX-only patch a while ago which unblocks them at the entrance of the AIX signal handler. This was before we contributed the port to OpenJDK, so no history in the official repos. But that behavior makes sense for all posix platforms.

      For more details see discussion from Nov 2014 [2][3].

      (Side note, these effects only show for truly synchronous error signals. You cannot artificially create such a scenario e.g. by raising SIGSEGV with kill.)

      [1] https://bugs.openjdk.java.net/browse/JDK-8065895
      [2] https://mail.openjdk.java.net/pipermail/hotspot-runtime-dev/2014-November/013346.html
      [3] https://mail.openjdk.java.net/pipermail/hotspot-runtime-dev/2015-January/013718.html
      [4] https://pubs.opengroup.org/onlinepubs/009695399/functions/sigprocmask.html


        Issue Links



              stuefe Thomas Stuefe
              stuefe Thomas Stuefe
              0 Vote for this issue
              5 Start watching this issue