[PATCH] Mitigation for "clone on sparc might fail with -EFAULT for no valid reason" (bz 31394)

Michael.Karcher sourceware-bugzilla@mkarcher.dialup.fu-berlin.de
Sat Aug 3 16:43:41 GMT 2024 

Am 03.08.2024 um 17:18 schrieb Florian Weimer:

> * Michael Karcher:
>
>> As commented in bugzilla, we tested the behaviour on a Sparc V9 host,
>> and were able to reproduce the behaviour reliably for both 32-bit and
>> 64-bit binaries if a libc without workaround was used. Either flushw
>> or ta 3 will fix the issue (but a nop in that place instead of the
>> flushw or ta 3 instruction) will not work, proving that it is indeed
>> the flushw/ta 3 that makes clone work reliably.
>>
>> As a result, I recommend to use flushw on v9 only, and fall back to ta
>> 3 on v8 or earlier. Thanks to Adhemerval Zanella Netto for the
>> suggestion to use ta 3.
> What will happen on SPARC v8 LEON CPUs?  Will they be able to execute
> the “ta 3” instruction?  Or do we need to add run-time dispatch?
>
> Thanks,
> Florian

"ta 3" invokes the kernel handler for CPU trap number 3. The Sparc
Processor Supplement to the System V ABI defines: "By executing a type 3
trap, a process asks the system to flush all its register windows to the
stack". The "ta" instruction is implemented on all remotely relevant
SPARC CPUs, and there is no reason to believe that Linux on LEON chose
to not implement this aspect of the System V ABI.

With SPARC v9, the new machine instruction FLUSHW causes a "spill trap"
if there are any dirty windows below the current one. A spill trap should
be handled the same way as the user-defined trap type 3 by the kernel.
In the clone issue workaround, the extra save/restore pair causes the window
of the userspace clone function to already be below the current window, and
as that window is also freshly opened, it is surely not yet flushed so
flushw will always raise a spill trap.

Looking at it a second time, it is likely that we don't need the extra
save/restore pair around the "ta 3" instruction, which I just confirmed
by replacing the extra save/restore pair with NOPs. I will leave it to the
SPARC v9 experts to judge whether "save/flushw/restore" or "ta 3" is
the "better" approach on v9. On v8, "ta 3" is the only possible approach.

So these additions to the prologue of clone have been positively tested:
- save/flushw/restore (requires SPARC v9)
- save/ta 3/restore
- ta 3

And these additions have been negatively tested:
- flushw only (requires SPARC v9)
- no addition at all

Kind regards,
   Michael Karcher

More information about the Libc-alpha mailing list