Try to avoid julia becoming unkillable after fatal errors #40056
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- don't smash the alt-stack when already using it - handle jl_critical_error on the original stack, leaving our signal handling thread free to handle more signals (and helping lock corruption detection in some cases) - unblock signals when handling signals: some libc apparently like to block all signals, which can cause mild havoc, since we'd really like the user or bad data to be able to still kill the process (and not just be ignored or cause it to hang) - reset signals to SIG_DFL earlier (so we recurse less) - destroy some state from the Task we co-opted to run the exit handlers, so that it can't accidentally jump back into the running program after we've started tearing down the process, from an untimely ^C (previously ^C might cancel the exit) or a jlbacktrace call. - mark functions as leaf with CFI instead of (potentially) smashing the stack, and add a bit of red-zone if we are recursing (to keep pgcstack sensible) - support safe_restore for the mach catch_exception_raise (while we're trying to generate the backtrace)
ElOceanografo
pushed a commit
to ElOceanografo/julia
that referenced
this pull request
May 4, 2021
…40056) - don't smash the alt-stack when already using it - handle jl_critical_error on the original stack, leaving our signal handling thread free to handle more signals (and helping lock corruption detection in some cases) - unblock signals when handling signals: some libc apparently like to block all signals, which can cause mild havoc, since we'd really like the user or bad data to be able to still kill the process (and not just be ignored or cause it to hang) - reset signals to SIG_DFL earlier (so we recurse less) - destroy some state from the Task we co-opted to run the exit handlers, so that it can't accidentally jump back into the running program after we've started tearing down the process, from an untimely ^C (previously ^C might cancel the exit) or a jlbacktrace call. - mark functions as leaf with CFI instead of (potentially) smashing the stack, and add a bit of red-zone if we are recursing (to keep pgcstack sensible) - support safe_restore for the mach catch_exception_raise (while we're trying to generate the backtrace)
antoine-levitt
pushed a commit
to antoine-levitt/julia
that referenced
this pull request
May 9, 2021
…40056) - don't smash the alt-stack when already using it - handle jl_critical_error on the original stack, leaving our signal handling thread free to handle more signals (and helping lock corruption detection in some cases) - unblock signals when handling signals: some libc apparently like to block all signals, which can cause mild havoc, since we'd really like the user or bad data to be able to still kill the process (and not just be ignored or cause it to hang) - reset signals to SIG_DFL earlier (so we recurse less) - destroy some state from the Task we co-opted to run the exit handlers, so that it can't accidentally jump back into the running program after we've started tearing down the process, from an untimely ^C (previously ^C might cancel the exit) or a jlbacktrace call. - mark functions as leaf with CFI instead of (potentially) smashing the stack, and add a bit of red-zone if we are recursing (to keep pgcstack sensible) - support safe_restore for the mach catch_exception_raise (while we're trying to generate the backtrace)
JeffBezanson
pushed a commit
that referenced
this pull request
Aug 3, 2021
- don't smash the alt-stack when already using it - handle jl_critical_error on the original stack, leaving our signal handling thread free to handle more signals (and helping lock corruption detection in some cases) - unblock signals when handling signals: some libc apparently like to block all signals, which can cause mild havoc, since we'd really like the user or bad data to be able to still kill the process (and not just be ignored or cause it to hang) - reset signals to SIG_DFL earlier (so we recurse less) - destroy some state from the Task we co-opted to run the exit handlers, so that it can't accidentally jump back into the running program after we've started tearing down the process, from an untimely ^C (previously ^C might cancel the exit) or a jlbacktrace call. - mark functions as leaf with CFI instead of (potentially) smashing the stack, and add a bit of red-zone if we are recursing (to keep pgcstack sensible) - support safe_restore for the mach catch_exception_raise (while we're trying to generate the backtrace) (cherry picked from commit 107901d)
JeffBezanson
pushed a commit
that referenced
this pull request
Aug 3, 2021
- don't smash the alt-stack when already using it - handle jl_critical_error on the original stack, leaving our signal handling thread free to handle more signals (and helping lock corruption detection in some cases) - unblock signals when handling signals: some libc apparently like to block all signals, which can cause mild havoc, since we'd really like the user or bad data to be able to still kill the process (and not just be ignored or cause it to hang) - reset signals to SIG_DFL earlier (so we recurse less) - destroy some state from the Task we co-opted to run the exit handlers, so that it can't accidentally jump back into the running program after we've started tearing down the process, from an untimely ^C (previously ^C might cancel the exit) or a jlbacktrace call. - mark functions as leaf with CFI instead of (potentially) smashing the stack, and add a bit of red-zone if we are recursing (to keep pgcstack sensible) - support safe_restore for the mach catch_exception_raise (while we're trying to generate the backtrace) (cherry picked from commit 107901d)
63 tasks
KristofferC
pushed a commit
that referenced
this pull request
Aug 25, 2021
- don't smash the alt-stack when already using it - handle jl_critical_error on the original stack, leaving our signal handling thread free to handle more signals (and helping lock corruption detection in some cases) - unblock signals when handling signals: some libc apparently like to block all signals, which can cause mild havoc, since we'd really like the user or bad data to be able to still kill the process (and not just be ignored or cause it to hang) - reset signals to SIG_DFL earlier (so we recurse less) - destroy some state from the Task we co-opted to run the exit handlers, so that it can't accidentally jump back into the running program after we've started tearing down the process, from an untimely ^C (previously ^C might cancel the exit) or a jlbacktrace call. - mark functions as leaf with CFI instead of (potentially) smashing the stack, and add a bit of red-zone if we are recursing (to keep pgcstack sensible) - support safe_restore for the mach catch_exception_raise (while we're trying to generate the backtrace) (cherry picked from commit 107901d) (cherry picked from commit f02a790)
75 tasks
KristofferC
pushed a commit
that referenced
this pull request
Aug 31, 2021
- don't smash the alt-stack when already using it - handle jl_critical_error on the original stack, leaving our signal handling thread free to handle more signals (and helping lock corruption detection in some cases) - unblock signals when handling signals: some libc apparently like to block all signals, which can cause mild havoc, since we'd really like the user or bad data to be able to still kill the process (and not just be ignored or cause it to hang) - reset signals to SIG_DFL earlier (so we recurse less) - destroy some state from the Task we co-opted to run the exit handlers, so that it can't accidentally jump back into the running program after we've started tearing down the process, from an untimely ^C (previously ^C might cancel the exit) or a jlbacktrace call. - mark functions as leaf with CFI instead of (potentially) smashing the stack, and add a bit of red-zone if we are recursing (to keep pgcstack sensible) - support safe_restore for the mach catch_exception_raise (while we're trying to generate the backtrace) (cherry picked from commit 107901d) (cherry picked from commit f02a790)
KristofferC
pushed a commit
that referenced
this pull request
Sep 3, 2021
- don't smash the alt-stack when already using it - handle jl_critical_error on the original stack, leaving our signal handling thread free to handle more signals (and helping lock corruption detection in some cases) - unblock signals when handling signals: some libc apparently like to block all signals, which can cause mild havoc, since we'd really like the user or bad data to be able to still kill the process (and not just be ignored or cause it to hang) - reset signals to SIG_DFL earlier (so we recurse less) - destroy some state from the Task we co-opted to run the exit handlers, so that it can't accidentally jump back into the running program after we've started tearing down the process, from an untimely ^C (previously ^C might cancel the exit) or a jlbacktrace call. - mark functions as leaf with CFI instead of (potentially) smashing the stack, and add a bit of red-zone if we are recursing (to keep pgcstack sensible) - support safe_restore for the mach catch_exception_raise (while we're trying to generate the backtrace) (cherry picked from commit 107901d) (cherry picked from commit f02a790)
staticfloat
pushed a commit
that referenced
this pull request
Dec 23, 2022
- don't smash the alt-stack when already using it - handle jl_critical_error on the original stack, leaving our signal handling thread free to handle more signals (and helping lock corruption detection in some cases) - unblock signals when handling signals: some libc apparently like to block all signals, which can cause mild havoc, since we'd really like the user or bad data to be able to still kill the process (and not just be ignored or cause it to hang) - reset signals to SIG_DFL earlier (so we recurse less) - destroy some state from the Task we co-opted to run the exit handlers, so that it can't accidentally jump back into the running program after we've started tearing down the process, from an untimely ^C (previously ^C might cancel the exit) or a jlbacktrace call. - mark functions as leaf with CFI instead of (potentially) smashing the stack, and add a bit of red-zone if we are recursing (to keep pgcstack sensible) - support safe_restore for the mach catch_exception_raise (while we're trying to generate the backtrace) (cherry picked from commit 107901d) (cherry picked from commit f02a790)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
warning: hundreds of programs were harmed in the making of this PR
For a typically test, do some number of copies of the following until something bad happens, cause more bad things to happen (SIGQUIT, SIGQUIT, etc.), rinse, repeat:
Fixes #33179
The details:
handling thread free to handle more signals (and helping lock corruption
detection in some cases)
block all signals, which can cause mild havoc, since we'd really like
the user or bad data to be able to still kill the process (and not just
be ignored or cause it to hang)
so that it can't accidentally jump back into the running program after
we've started tearing down the process, from an untimely ^C (previously
^C might cancel the exit) or a jlbacktrace call.