There’s some mismatch between Linux kernel 3.10 and #KDE that wants to use clone3 to create a process thread.
Do I know anyone from @[email protected] @[email protected] who is able to assist with debugging it further?
The system call clone3 has been added to linux 5.3 but it seems that KDE does not do any fallback in case the system call is rejected with EPERM.
@zygoon @[email protected] @kde kernel 3.10 was released more than 10 years ago and received a last update in 2017. Is that really a kernel still used in the wild?
Looking at https://lxr.kde.org/search?%21v=kf5-qt5&_filestring=&_string=sched.h, KDE does not do a clone3 directly. It’s likely done by a dependency of Plasma :( But I might be wrong as I’m definitively not an expert in syscall
@carlschwan @[email protected] @[email protected]
Yeah, RHEL 7 uses it out of the box and is still supported, at least until June 2024: https://www.redhat.com/en/blog/end-maintenance-red-hat-enterprise-linux-7-almost-here
@zygoon @carlschwan @[email protected] @[email protected] It’s likely coming from some usage of libseccomp somewhere. This also afflicts the container stack and such, which is why RHEL 9 containers on RHEL 7 are not supported.
Container/sandbox runtimes using libseccomp need to explicitly always allow clone3() through, or otherwise it will not fail correctly on RHEL 7.
@Conan_Kudo @carlschwan @[email protected] @[email protected] yeah, I strongly suspect seccomp. I’m debugging this now and I will share updates when I get to the bottom of the problem.
@zygoon @carlschwan @[email protected] @[email protected] The clone3() call is done implicitly and automatically by glibc. It started with glibc 2.34. This is most likely a problem in the Ubuntu Core 22 runtime that KDE snaps are built on.
The fix is to patch out the logic that uses it for clone() in Ubuntu’s glibc.
deleted by creator