libc/powerpc64: Fix swapcontext(3)

On PowerPC platforms a valid link to the Table of Contents (TOC) is
required for PLT lookups to function.  This TOC pointer is stored in
a dedicated register, and is used along with the stack pointer by both
C prologue and PLT lookup code.

When calling swapcontext() with uc_link != NULL, a PLT lookup to
setcontext(3) is attempted from within the _ctx_done context.  The
exiting process has usually trashed both r1 and r2 at this point,
leading to a crash within the PLT lookup before setcontext(2) is
reached to restore the linked context.

Restore r1 and r2 from the incoming context to ensure the PLT lookup
to setcontext(3) succeeds.  As this subsequently calls setcontext(2),
which overwrites r1 and r2 from the same context a second time, this
should be safe.

Signed-off-by: Timothy Pearson <[email protected]>

Author: madscientist159

lib/libc/powerpc64/gen/makecontext.c

@@ -48,6 +48,24 @@ _ctx_done(ucontext_t *ucp)
 		/* invalidate context */
 		ucp->uc_mcontext.mc_len = 0;
 
+		/*
+		 * Before continuing, we need to restore enough of the context
+		 * to allow the PLT lookup for syscontext(3) to work.
+		 * syscontext(2) will eventually restore the full context from
+		 * within syscontext(3).
+                 *
+		 * This is a bit of a hack, and is only safe because we never
+		 * return from this function.
+
+		 * Restore the stack (r1) and TOC (r2) from the linked context
+		 * before calling setcontext(3) via the PLT.
+		 */
+		__asm__ __volatile__(
+			"ld	1,8(%0)\n"
+			"ld	2,16(%0)\n"
+			: : "r"(&ucp->uc_link->uc_mcontext.mc_frame[0])
+		);
+
 		setcontext((const ucontext_t *)ucp->uc_link);
 
 		abort(); /* should never return from above call */

lib/libc/tests/sys/Makefile

@@ -7,11 +7,11 @@ ATF_TESTS_C+=			brk_test
 .endif
 ATF_TESTS_C+=			cpuset_test
 ATF_TESTS_C+=			errno_test
+ATF_TESTS_C+=			swapcontext_test
 ATF_TESTS_C+=			queue_test
 ATF_TESTS_C+=			sendfile_test
 
-# TODO: clone, lwp_create, lwp_ctl, posix_fadvise, recvmmsg,
-# swapcontext
+# TODO: clone, lwp_create, lwp_ctl, posix_fadvise, recvmmsg
 NETBSD_ATF_TESTS_C+=		access_test
 NETBSD_ATF_TESTS_C+=		bind_test
 NETBSD_ATF_TESTS_C+=		chroot_test

lib/libc/tests/sys/swapcontext_test.c

@@ -0,0 +1,63 @@
+/*-
+ * Copyright (c) 2025 Raptor Computing Systems, LLC
+ *
+ * SPDX-License-Identifier: BSD-2-Clause
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <ucontext.h>
+#include <errno.h>
+
+#include <atf-c.h>
+
+#define STACK_SIZE	(64ull << 10)
+
+static volatile int callback_reached = 0;
+
+static ucontext_t uctx_save, uctx_switch;
+
+static void swapcontext_callback()
+{
+	// Increment callback reached variable
+	// If this is called multiple times, we will fail the test
+	// If this is not called at all, we will fail the test
+	callback_reached++;
+}
+
+ATF_TC(swapcontext_basic);
+ATF_TC_HEAD(swapcontext_basic, tc)
+{
+	atf_tc_set_md_var(tc, "descr",
+		"Verify basic functionality of swapcontext");
+}
+
+ATF_TC_BODY(swapcontext_basic, tc)
+{
+	char *stack;
+        int res;
+
+	stack = malloc(STACK_SIZE);
+	ATF_REQUIRE_MSG(stack != NULL, "malloc failed: %s", strerror(errno));
+	res = getcontext(&uctx_switch);
+	ATF_REQUIRE_MSG(res == 0, "getcontext failed: %s", strerror(errno));
+
+	uctx_switch.uc_stack.ss_sp = stack;
+	uctx_switch.uc_stack.ss_size = STACK_SIZE;
+	uctx_switch.uc_link = &uctx_save;
+	makecontext(&uctx_switch, swapcontext_callback, 0);
+
+	res = swapcontext(&uctx_save, &uctx_switch);
+
+        ATF_REQUIRE_MSG(res == 0, "swapcontext failed: %s", strerror(errno));
+        ATF_REQUIRE_MSG(callback_reached == 1,
+		"callback failed, reached %d times", callback_reached);
+}
+
+ATF_TP_ADD_TCS(tp)
+{
+	ATF_TP_ADD_TC(tp, swapcontext_basic);
+
+	return (atf_no_error());
+}
+