Bug#980381: Segmentation fault on system call vectored (linux ppc64 on POWER9)

To: submit@bugs.debian.org
Subject: Bug#980381: Segmentation fault on system call vectored (linux ppc64 on POWER9)
From: Tulio Magno Quites Machado Filho <tuliom@ascii.art.br>
Date: Mon, 18 Jan 2021 11:48:39 -0300
Message-id: <[🔎] 874kje1et4.fsf@linux.ibm.com>
Reply-to: Tulio Magno Quites Machado Filho <tuliom@ascii.art.br>, 980381@bugs.debian.org

Package: src:linux
Version: 5.10.4-1
Severity: normal
X-Debbugs-Cc: none

Dear Maintainer,

Linux 5.9 started to support a new system call ABI called system call vectored
(using POWER9 instruction scv).
glibc 2.33 (to be released) includes support for this instruction.

However, there is an issue in upstream kernel that may cause userspace programs
using this instruction to segfault.

In order to reproduce the issue, one needs to call scv thousands of times.
An easy way to reproduce this issue is to run glibc make check, i.e. on a
POWER9:

    git clone git://sourceware.org/git/glibc.git
    mkdir build
    cd build
    ../glibc/configure --prefix=/usr --with-cpu=power9
    make -j$(nproc)
    make -j$(nproc) check

A couple of tests will segfault.  The list changes between executions.

I was able to reproduce this issue only on POWER9 revision 2.2 (pvr 004e 1202).

I reproduced this also on:
Package: linux-image-5.9.0-5-powerpc64
Version: 5.9.15-1

Although I was able to reproduce this issue only on powerpc64, this issue
also affects ppc64el.

A fix for this issue has been proposed upstream at
https://patchwork.ozlabs.org/project/linuxppc-dev/patch/20210111062408.287092-1-npiggin@gmail.com/

Notice the problem disappears if entry_flush and rfi_flush are disabled, but I
don't think that's recommended.

-- Package-specific info:
** Version:
Linux version 5.10.0-1-powerpc64 (debian-kernel@lists.debian.org) (gcc-10 (Debian 10.2.1-3) 10.2.1 20201224, GNU ld (GNU Binutils for Debian) 2.35.1) #1 SMP Debian 5.10.4-1 (2020-12-31)

** Command line:
BOOT_IMAGE=/boot/vmlinux-5.10.0-1-powerpc64 root=UUID=47206b1a-d5ae-4032-8b3e-e70796cd06c6 ro disable_radix quiet

** Tainted: E (8192)
 * unsigned module was loaded

-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: ppc64

Kernel: Linux 5.10.0-1-powerpc64 (SMP w/16 CPU threads)
Kernel taint flags: TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

-- 
Tulio Magno

Reply to:

Prev by Date: Bug#860957: please ship python-perf (perf.so)
Next by Date: Processed: bug 980381 is forwarded to https://patchwork.ozlabs.org/project/linuxppc-dev/patch/20210111062408.287092-1-npiggin@gmail.com/
Previous by thread: Bug#860957: please ship python-perf (perf.so)
Next by thread: Processed: bug 980381 is forwarded to https://patchwork.ozlabs.org/project/linuxppc-dev/patch/20210111062408.287092-1-npiggin@gmail.com/
Index(es):
- Date
- Thread