Implement ExceptionHandling.SetFatalErrorHandler#129543
Draft
AaronRobinsonMSFT wants to merge 7 commits into
Draft
Implement ExceptionHandling.SetFatalErrorHandler#129543AaronRobinsonMSFT wants to merge 7 commits into
ExceptionHandling.SetFatalErrorHandler#129543AaronRobinsonMSFT wants to merge 7 commits into
Conversation
Implement the ExceptionHandling.SetFatalErrorHandler API for NativeAOT. The handler is invoked from RuntimeExceptionHelpers.FailFast before the runtime performs its default crash handling (crash dump + abort). - Add src/native/public/FatalErrorHandling.h defining the native FatalErrorInfo struct and FatalErrorHandlerResult enum - Wire RegisterFatalErrorHandler as a no-op for NativeAOT (handler pointer stored in managed s_fatalErrorHandler field) - Add crash log capture in FailFast alongside existing stderr output - Implement pfnGetFatalErrorLog callback via UnmanagedCallersOnly - SkipDefaultHandler exits via _Exit/ExitProcess instead of crash dump - Consolidate ExceptionHandling partials: MONO||CORECLR throws PNSE inline, eliminating per-runtime partial files - Add subprocess-based smoke tests validating handler invocation, SkipDefaultHandler/RunDefaultHandler, pfnGetFatalErrorLog callback, and API contract (null/double-set) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Wire up the user-registered fatal error handler in the CoreCLR runtime. Read the managed ExceptionHandling.s_fatalErrorHandler static field via CoreLibBinder and invoke the handler after LogFatalError completes in both HandleFatalError and HandleFatalStackOverflow. If the handler returns SkipDefaultHandler, exit without crash dump. - Add ExceptionHandling class/field bindings to corelib.h - Enable s_fatalErrorHandler field and SetFatalErrorHandler for CoreCLR - Add crash log capture in PrintToStdErrA for pfnGetFatalErrorLog - Include public/FatalErrorHandling.h for shared type definitions - Fix test subprocess launch for CoreCLR (pass DLL path to corerun) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
github-actions
Bot
added
the
area-ExceptionHandling-coreclr
AaronRobinsonMSFT
changed the title
ExceptionHandling.SetFatalErrorHandler
Contributor
There was a problem hiding this comment.
Pull request overview
This PR introduces the public System.Runtime.ExceptionServices.ExceptionHandling.SetFatalErrorHandler API and wires it up so CoreCLR and NativeAOT invoke a user-provided unmanaged callback during fatal-error paths, with a mechanism to retrieve the fatal-error log text.
Changes:
- Adds
ExceptionHandling.SetFatalErrorHandler(delegate* unmanaged<int, void*, int>)to the public surface and implements registration inSystem.Private.CoreLib. - Implements fatal-error handler invocation + crash-log capture in both CoreCLR (VM) and NativeAOT fail-fast paths.
- Adds a new native public header (
FatalErrorHandling.h) and a new subprocess-based test covering handler behaviors.
Show a summary per file
| File | Description |
|---|---|
| src/tests/baseservices/exceptions/FatalErrorHandler/FatalErrorHandlerTest.csproj | Adds new standalone test project for fatal error handler scenarios. |
| src/tests/baseservices/exceptions/FatalErrorHandler/FatalErrorHandlerTest.cs | Subprocess-based validation of handler invocation, skip/run default behavior, and log retrieval. |
| src/native/public/FatalErrorHandling.h | Defines native ABI structs/enums/callback types for fatal error handling and log retrieval. |
| src/libraries/System.Runtime/ref/System.Runtime.cs | Adds the new public ref-assembly API for SetFatalErrorHandler. |
| src/libraries/System.Private.CoreLib/src/System/Runtime/ExceptionServices/ExceptionHandling.cs | Implements handler registration and stores function pointer for runtimes to read. |
| src/libraries/System.Private.CoreLib/src/Resources/Strings.resx | Adds resource string for duplicate fatal handler registration. |
| src/coreclr/vm/util.hpp | Declares crash-log capture helpers used by fatal-error handler plumbing. |
| src/coreclr/vm/util.cpp | Implements stderr “tee” into a fixed crash-log buffer. |
| src/coreclr/vm/eepolicy.cpp | Invokes the fatal handler after logging fatal errors / stack overflow and provides log callback. |
| src/coreclr/vm/corelib.h | Adds CoreLibBinder field binding for ExceptionHandling.s_fatalErrorHandler. |
| src/coreclr/nativeaot/System.Private.CoreLib/src/System/RuntimeExceptionHelpers.cs | Captures crash output into a buffer and invokes the fatal handler before default crash processing. |
Copilot's findings
- Files reviewed: 11/11 changed files
- Comments generated: 5
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
The SkipDefaultHandler path should terminate immediately without running atexit handlers, which can deadlock in a corrupted process. Replace the call to exit() (via Interop.Sys.Exit) with _exit() (via a new Interop.Sys._Exit P/Invoke) in the NativeAOT FailFast path, matching CoreCLR's native _exit() semantics. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
jkotas
reviewed
Jun 17, 2026
jkotas
reviewed
Jun 17, 2026
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- Use C99 _Exit() instead of _exit() to avoid unistd.h dependency - Add COR_E_FAILFAST to IsCrashExitCode for Windows CoreCLR - Suppress unused parameter warning in GetFatalErrorLogCallback Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This was referenced Jun 18, 2026
Open
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Implements the
ExceptionHandling.SetFatalErrorHandlerAPI (#101560) for both NativeAOT and CoreCLR. Mono throwsPlatformNotSupportedException.Changes
Managed API (
ExceptionHandling.cs)SetFatalErrorHandlerands_fatalErrorHandlerfor CoreCLR (Mono still throws PNSE)NativeAOT (
RuntimeExceptionHelpers.cs)FailFastafter crash info is written to stderrpfnGetFatalErrorLogimplemented via[UnmanagedCallersOnly]callbackSkipDefaultHandlerexits via_Exit/ExitProcesswithout crash dumpCoreCLR (
eepolicy.cpp)s_fatalErrorHandlerfrom managed static viaCoreLibBinderLogFatalErrorin bothHandleFatalErrorandHandleFatalStackOverflowPrintToStdErrAinto a static bufferSkipDefaultHandlercalls_exit()to bypass crash dumpPublic native header (
src/native/public/FatalErrorHandling.h)FatalErrorHandlerResultenum,FatalErrorInfostruct, callback typedefsTests (
src/tests/baseservices/exceptions/FatalErrorHandler/)Fixes #101560