RFR: 8253795: Implementation of JEP 391: macOS/AArch64 Port [v9]

Gerard Ziemski gziemski at openjdk.java.net
Wed Feb 3 23:55:06 UTC 2021 

On Wed, 3 Feb 2021 22:17:02 GMT, Bernhard Urban-Forster <burban at openjdk.org> wrote:

>> To answer my own question, it seems that code is still needed on `x86_64` for `lldb` with `EXC_MASK_BAD_ACCESS` or we keep tripping over `EXC_BAD_ACCESS`
>> 
>> Remaining questions:
>> 
>> a) why we need `EXC_MASK_ARITHMETIC` ?
>> b) we hit `signal SIGSEGV` in debugger even with the code in place, any way to avoid that?
>> c) does `BSD aarch64` need only `EXC_MASK_BAD_INSTRUCTION` or does it need `EXC_MASK_BAD_ACCESS` as well?
>> d) can we `#ifdef` the `EXC_MASK_BAD_INSTRUCTION` part of the mask only to apply to `aarch64`?
>
> Thanks for your questions Gerard.
> 
>> Part of the comment said This work-around is not necessary for 10.5+, as CrashReporter no longer intercedes on caught fatal signals.
> 
> That comment can probably be deleted since minversion is anyway 10.9 (and soon 10.12 https://github.com/openjdk/jdk/pull/2268 ).
> 
>> Do you know if this also apply to lldb or is it gdb only specific? How do you run gdb on macOS nowadays anyhow?
> 
> `lldb` is shipped with Xcode, `gdb` isn't. You would need to build and sign it yourself, I haven't tried that in a while. So, we should update that comment to talk about `lldb` �� 
> 
>> a) why we need `EXC_MASK_ARITHMETIC` ?
> 
> I _believe_ this dates back to i386. As far as I can tell this isn't needed for x86_64 or aarch64. I guess we can remove it, the worst case is that it makes the debugging experience of the runtime a little bit worse. OTOH it doesn't hurt either to have it here.
> 
>> b) we hit signal SIGSEGV in debugger even with the code in place, any way to avoid that?
> 
> The equivalent for `handle SIGSEGV nostop noprint` (gdb) in lldb is `process handle -n false -p true -s false SIGSEGV`.
> 
>> c) does `BSD aarch6` need only `EXC_MASK_BAD_INSTRUCTION` or does it need `EXC_MASK_BAD_ACCESS` as well?
> 
> aarch64 needs `EXC_MASK_BAD_ACCESS` at least for implicit null checking, there might be other cases.
> 
>> d) can we `#ifdef` the `EXC_MASK_BAD_INSTRUCTION` part of the mask only to apply to `aarch64`?
> 
> Maybe. I don't see any value in it though, except making the code more complicated to read ��

I don't like the idea of using masks on architectures that do not require them. How about something like this?

`#if defined(__APPLE__)`
`  // lldb (gdb) installs both standard BSD signal handlers, and mach exception`
`  // handlers. By replacing the existing task exception handler, we disable lldb's mach`
`  // exception handling, while leaving the standard BSD signal handlers functional.`
`  //`
`  // EXC_MASK_BAD_ACCESS needed by all architectures for NULL ptr checking`
`  // EXC_MASK_ARITHMETIC needed by i386`
`  // EXC_MASK_BAD_INSTRUCTION needed by aarch64 to initiate deoptimization`
`  kern_return_t kr;`
`  kr = task_set_exception_ports(mach_task_self(),`
`                                EXC_MASK_BAD_ACCESS`
`                                NOT_LP64(| EXC_MASK_ARITHMETIC)`
`                                AARCH64_ONLY(| EXC_MASK_BAD_INSTRUCTION),`
`                                MACH_PORT_NULL,`
`                                EXCEPTION_STATE_IDENTITY,`
`                                MACHINE_THREAD_STATE);`
` `
`  assert(kr == KERN_SUCCESS, "could not set mach task signal handler");`
`#endif`

If I just knew why i386 needs `EXC_MASK_ARITHMETIC` and add that to the comment I would be personally happy with that chunk of code.

-------------

PR: https://git.openjdk.java.net/jdk/pull/2200

More information about the security-dev mailing list