Details
-
Enhancement
-
Resolution: Fixed
-
P3
-
None
-
RHEL 5 & 6, Ubuntu 10.04 (LTS), 11.04, and 12.04. Affects JVM in general.
-
b53
-
x86
-
linux
Backports
Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
---|---|---|---|---|---|---|
JDK-8026073 | 8 | David Simms | P3 | Closed | Fixed | b111 |
JDK-8034984 | 7u80 | David Simms | P3 | Closed | Fixed | b01 |
JDK-8060842 | 7u79 | David Simms | P3 | Resolved | Fixed | b01 |
JDK-8057275 | 7u76 | David Simms | P3 | Resolved | Fixed | b01 |
JDK-8036646 | 7u65 | David Simms | P3 | Closed | Fixed | b02 |
JDK-8033939 | 7u60 | Mary Lautman | P3 | Closed | Fixed | b09 |
Description
RHEL 5 & 6 are affected, and earlier Ubuntu releases 10.04 (LTS), 11.04, and 12.04 have also taken in the patch. Whilst earlier Exec Shield patches had a switch, current incantations have no work-around, no way to disable.
Details of the problem see RH bug filed: https://bugzilla.redhat.com/show_bug.cgi?id=996149
To summarize: to emulate NX feature on X86_32 code segment is used to limit execution to the highest executable VA. There is a tiny race on SMP MM invalidation code which can cause the lazy CS update code in trap handling to think a general protection fault wasn't cause by itself. This results in sending the JVM a useless SIGSEGV with si_code:SI_KERNEL, results in JVM signal handling forcing a dump.
The suggested work around (limited to 32 bit Linux): is to enable execution (PROT_EXEC) on a high address and execute some code.
The memory layout on these distros is similar: TASK_LIMIT set to 3G (0xC0000000), and the main stack typically grows down from around here, so:
1) using a page in main stack at JVM start up, test for said layout (don't bother if its not what we expect, i.e. exotic Linux config/distro)
2) enable execution (mprotect)
3) Place a single "ret" instruction and call it.
This will cause CS to be updated to a high enough address to basically disable any further updates (due to code generation), effectively disabling the feature (which is already of questionable value, NX is the way to go).
Attachments
Issue Links
- backported by
-
JDK-8057275 Provide a work-around to broken Linux 32 bit "Exec Shield" using CS for NX emulation (crashing with SI_KERNEL)
- Resolved
-
JDK-8060842 Provide a work-around to broken Linux 32 bit "Exec Shield" using CS for NX emulation (crashing with SI_KERNEL)
- Resolved
-
JDK-8026073 Provide a work-around to broken Linux 32 bit "Exec Shield" using CS for NX emulation (crashing with SI_KERNEL)
- Closed
-
JDK-8033939 Provide a work-around to broken Linux 32 bit "Exec Shield" using CS for NX emulation (crashing with SI_KERNEL)
- Closed
-
JDK-8034984 Provide a work-around to broken Linux 32 bit "Exec Shield" using CS for NX emulation (crashing with SI_KERNEL)
- Closed
-
JDK-8036646 Provide a work-around to broken Linux 32 bit "Exec Shield" using CS for NX emulation (crashing with SI_KERNEL)
- Closed
- duplicates
-
JDK-8023825 fatal error: An irrecoverable SI_KERNEL SIGSEGV has occurred due to unstable signal handling in this distribution
- Closed
- relates to
-
JDK-8058715 stability issues when being launched as an embedded JVM via JNI
- Resolved
-
JDK-8015837 Nashorn crashes with tiered on x86 when running v8 benchmark
- Closed