Improve robustness of the crash signal handler #134

jbachorik · 2024-09-24T09:37:54Z

What does this PR do?:
This is an attempt to increase the robustness of the crash signal handler by

preventing rerunning the signal setup routine (quite unlikely to happen, but just in case)
using separate stack space for the crash signal handlers to avoid triggering stack overflow
using TLS guard to prevent recursive crash handling in case the handler itself would cause sigseg
checking the PC for not being the cause of the original fault - if it is, we can not meaningfully recover and just call the JVM crash handler

Motivation:

Additional Notes:

How to test the change?:

For Datadog employees:

If this PR touches code that signs or publishes builds or packages, or handles
credentials of any kind, I've requested a review from @DataDog/security-design-and-guidance.
This PR doesn't touch any of that.
JIRA: PROF-10605

Unsure? Have a question? Request a review!

github-actions · 2024-09-24T09:39:31Z

🔧 Report generated by pr-comment-cppcheck

CppCheck Report

Warnings (6)

Style Violations (161)

github-actions · 2024-09-24T09:40:04Z

🔧 Report generated by pr-comment-scanbuild

Scan-Build Report

User:	runner@fv-az985-191
Working Directory:	/home/runner/work/java-profiler/java-profiler/ddprof-lib/src/test/make
Command Line:	make -j4 clean all
Clang Version:	Ubuntu clang version 14.0.0-1ubuntu1.1
Date:	Thu Oct 10 15:34:17 2024

Bug Summary

Logic error
Bug Type	Quantity	Display?
All Bugs	5
Assigned value is garbage or undefined	1
Dereference of null pointer	3
Unused code
Dead nested assignment	1

Reports

Bug Group	Bug Type ▾	File	Function/Method	Line	Path Length
Logic error	Assigned value is garbage or undefined	dwarf.cpp	parseInstructions	244	20
Unused code	Dead nested assignment	vmStructs.cpp	checkNativeBinding	879	1
Logic error	Dereference of null pointer	safeAccess.h	load	33	18
Logic error	Dereference of null pointer	symbols_linux.h	ElfParser	129	32
Logic error	Dereference of null pointer	flightRecorder.cpp	flush	1504	8

ddprof-lib/src/main/cpp/os_macos.cpp

ddprof-lib/src/main/cpp/profiler.cpp

This reverts commit 44c2f8e.

r1viollet · 2024-10-15T07:16:54Z

ddprof-lib/src/main/cpp/profiler.cpp


 bool Profiler::crashHandler(int signo, siginfo_t *siginfo, void *ucontext) {
+  ProfiledThread* thrd = ProfiledThread::current();
+  if (thrd != nullptr && !thrd->enterCrashHandler()) {


this puts some weight on the thread object to be always valid or null

r1viollet · 2024-10-15T07:37:00Z

ddprof-lib/src/main/cpp/stackWalker.cpp

+    if (thrd) {
+      thrd->exitCrashHandler();
+    }
    longjmp(*(jmp_buf *)vm_thread->exception(), 1);


should we std::atomic_thread_fence ?

r1viollet · 2024-10-16T06:56:53Z

ddprof-lib/src/main/cpp/stackWalker.cpp

  VMThread *vm_thread = VMThread::current();
  if (vm_thread != NULL && sameStack(vm_thread->exception(), &vm_thread)) {
+    if (thrd) {
+      thrd->exitCrashHandler();


This does not work, we are doing a longjmp, so we should reset before exiting. Here the increments will build up.

jbachorik force-pushed the jb/sigseg_handler branch 5 times, most recently from 81680ef to eb090dc Compare September 24, 2024 18:01

jbachorik marked this pull request as ready for review September 24, 2024 18:01

jbachorik requested review from MattAlp and richardstartin September 24, 2024 18:01

jbachorik force-pushed the jb/sigseg_handler branch from eb090dc to b1052b3 Compare September 25, 2024 08:53

jbachorik marked this pull request as draft September 25, 2024 09:14

jbachorik force-pushed the jb/sigseg_handler branch 2 times, most recently from 573e392 to e5a8012 Compare September 25, 2024 12:32

Improve robustness of segv handler

3b78d42

jbachorik force-pushed the jb/sigseg_handler branch from e5a8012 to 3b78d42 Compare September 25, 2024 12:47

jbachorik marked this pull request as ready for review September 25, 2024 13:00

richardstartin reviewed Oct 9, 2024

View reviewed changes

ddprof-lib/src/main/cpp/os_macos.cpp Outdated Show resolved Hide resolved

richardstartin reviewed Oct 9, 2024

View reviewed changes

ddprof-lib/src/main/cpp/profiler.cpp Outdated Show resolved Hide resolved

Stop using fancy C++ stuff in signal handler

5771133

jbachorik force-pushed the jb/sigseg_handler branch from 619c8fb to 5771133 Compare October 9, 2024 21:45

Do not use isolated stack for crash signal handlers

de36b9d

richardstartin approved these changes Oct 11, 2024

View reviewed changes

jbachorik merged commit 44c2f8e into main Oct 11, 2024
31 checks passed

jbachorik deleted the jb/sigseg_handler branch October 11, 2024 08:33

github-actions bot added this to the 1.16.0 milestone Oct 11, 2024

r1viollet reviewed Oct 11, 2024

View reviewed changes

ddprof-lib/src/main/cpp/profiler.cpp Show resolved Hide resolved

r1viollet reviewed Oct 11, 2024

View reviewed changes

ddprof-lib/src/main/cpp/profiler.cpp Show resolved Hide resolved

r1viollet reviewed Oct 11, 2024

View reviewed changes

ddprof-lib/src/main/cpp/profiler.cpp Show resolved Hide resolved

jbachorik added a commit that referenced this pull request Oct 14, 2024

Revert "Improve robustness of the crash signal handler (#134)"

ebc3d76

This reverts commit 44c2f8e.

jbachorik mentioned this pull request Oct 14, 2024

Add a fail-safe when we encounter double-exit from crash handler #138

Merged

3 tasks

r1viollet reviewed Oct 15, 2024

View reviewed changes

r1viollet reviewed Oct 16, 2024

View reviewed changes

jbachorik mentioned this pull request Nov 1, 2024

Bump ddprof to 1.16.0 DataDog/dd-trace-java#7871

Merged

5 tasks

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Improve robustness of the crash signal handler #134

Improve robustness of the crash signal handler #134

Uh oh!

jbachorik commented Sep 24, 2024 •

edited by atlassian bot

Loading

Uh oh!

github-actions bot commented Sep 24, 2024 •

edited

Loading

Warnings (6)

Style Violations (161)

Uh oh!

github-actions bot commented Sep 24, 2024 •

edited

Loading

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

r1viollet Oct 15, 2024

Uh oh!

r1viollet Oct 15, 2024

Uh oh!

r1viollet Oct 16, 2024

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants

Improve robustness of the crash signal handler #134

Improve robustness of the crash signal handler #134

Uh oh!

Conversation

jbachorik commented Sep 24, 2024 • edited by atlassian bot Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

github-actions bot commented Sep 24, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

CppCheck Report

Warnings (6)

Style Violations (161)

Uh oh!

github-actions bot commented Sep 24, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Scan-Build Report

Bug Summary

Reports

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

r1viollet Oct 15, 2024

Choose a reason for hiding this comment

Uh oh!

r1viollet Oct 15, 2024

Choose a reason for hiding this comment

Uh oh!

r1viollet Oct 16, 2024

Choose a reason for hiding this comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants

jbachorik commented Sep 24, 2024 •

edited by atlassian bot

Loading

github-actions bot commented Sep 24, 2024 •

edited

Loading

github-actions bot commented Sep 24, 2024 •

edited

Loading