RFR: 8345296: AArch64: VM crashes with SIGILL when prctl is disallowed
Evgeny Astigeevich
eastigeevich at openjdk.org
Mon Dec 2 13:16:40 UTC 2024
On Mon, 2 Dec 2024 12:17:26 GMT, Aleksey Shipilev <shade at openjdk.org> wrote:
> We have caught this in some prod environments, where `prctl` is forbidden by the sandboxing mechanism. This fails the JVM, because we have the following code to check for SVE vector length:
>
>
> int VM_Version::get_current_sve_vector_length() {
> assert(VM_Version::supports_sve(), "should not call this");
> return prctl(PR_SVE_GET_VL);
> }
>
>
> That code returns `-1` when `prctl` is disallowed, which JVM then blindly interprets as vector length, leading to `SIGILL`. I looked around other uses of `prctl` around Hotspot, and they all seem to handle the errors correctly.
>
> Additional testing:
> - [x] Linux AArch64 server fastdebug, with seccomp reproducer
> - [ ] Linux AArch64 server fastdebug, `all`
Changes requested by eastigeevich (Committer).
src/hotspot/cpu/aarch64/vm_version_aarch64.cpp line 447:
> 445:
> 446: if (UseSVE > 0) {
> 447: _initial_sve_vector_length = get_current_sve_vector_length();
We need an assert checking `_initial_sve_vector_length > 0`
src/hotspot/cpu/aarch64/vm_version_aarch64.cpp line 453:
> 451: } else {
> 452: _initial_sve_vector_length = vl;
> 453: }
I think we need to disable SVE in `VM_Version::get_os_cpu_info` in `src/hotspot/os_cpu/linux_aarch64/vm_version_linux_aarch64.cpp`:
if (auxv2 & HWCAP2_SVE2) _features |= CPU_SVE2;
if (auxv2 & HWCAP2_SVEBITPERM) _features |= CPU_SVEBITPERM;
if (prctl(PR_SVE_GET_VL) == -1) {
warning("Unable to get SVE vector length on this system. Disabling SVE.");
_features &= ~CPU_SVE;
}
-------------
PR Review: https://git.openjdk.org/jdk/pull/22479#pullrequestreview-2472663905
PR Review Comment: https://git.openjdk.org/jdk/pull/22479#discussion_r1865833797
PR Review Comment: https://git.openjdk.org/jdk/pull/22479#discussion_r1865828571
More information about the hotspot-dev
mailing list