Integrated: 8345296: AArch64: VM crashes with SIGILL when prctl is disallowed
Aleksey Shipilev
shade at openjdk.org
Tue Dec 3 16:32:05 UTC 2024
On Mon, 2 Dec 2024 12:17:26 GMT, Aleksey Shipilev <shade at openjdk.org> wrote:
> We have caught this in some prod environments, where `prctl` is forbidden by the sandboxing mechanism. This fails the JVM, because we have the following code to check for SVE vector length:
>
>
> int VM_Version::get_current_sve_vector_length() {
> assert(VM_Version::supports_sve(), "should not call this");
> return prctl(PR_SVE_GET_VL);
> }
>
>
> That code returns `-1` when `prctl` is disallowed, which JVM then blindly interprets as vector length, leading to `SIGILL`. I looked around other uses of `prctl` around Hotspot, and they all seem to handle the errors correctly.
>
> Additional testing:
> - [x] Linux AArch64 server fastdebug, with seccomp reproducer
> - [x] Linux AArch64 server fastdebug, `all`
This pull request has now been integrated.
Changeset: 3c60f0b2
Author: Aleksey Shipilev <shade at openjdk.org>
URL: https://git.openjdk.org/jdk/commit/3c60f0b2bb75150d49da9ab94d88b767275de5e2
Stats: 13 lines in 1 file changed: 12 ins; 0 del; 1 mod
8345296: AArch64: VM crashes with SIGILL when prctl is disallowed
Reviewed-by: eastigeevich, phh, aph
-------------
PR: https://git.openjdk.org/jdk/pull/22479
More information about the hotspot-dev
mailing list