Bug 114773

Summary: Panic in elf_core_copy_regs() core dumping ia32 binary
Product: Red Hat Enterprise Linux 3 Reporter: Greg Edwards <edwardsg>
Component: kernelAssignee: Jason Baron <jbaron>
Status: CLOSED ERRATA QA Contact: Brian Brock <bbrock>
Severity: high Docs Contact:
Priority: medium    
Version: 3.0CC: knoel, petrides, riel
Target Milestone: ---   
Target Release: ---   
Hardware: ia64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2004-05-12 01:08:26 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Greg Edwards 2004-02-02 18:40:02 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4.1)
Gecko/20031114

Description of problem:
Running an ia32 compiled version of the linux test project (ltp.sf.net)
on an HP rx2600 running AS 3, the first test (abort01), which does an
abort() syscall, hits the BUG_ON in elf_core_copy_regs():

Red Hat Enterprise Linux AS release 3 (Taroon Update 1)
Kernel 2.4.21-9.EL on an ia64
                                                                     
                                                  
singsing login: IA32 syscall #270 issued, maybe we should implement it
IA32 syscall #270 issued, maybe we should implement it
Unexpected IA-32 intercept trap (Trap 46)
  iip - 0x40059163, ifa - 0x40097ba0, isr - 0x186, iim - 0xf4
sizeof(elf_gregset_t) (1024) != sizeof(struct pt_regs) (400)
kernel BUG at
/usr/src/build/336818-ia64/BUILD/kernel-2.4.21/linux-2.4.21/include/linux/elfcore.h:94!
Unable to handle kernel NULL pointer dereferenceabort01[9742]: Oops
8804682956800
                                                                     
                                                  
Pid: 9742, comm:              abort01
EIP is at elf_core_dump [kernel] 0x640 (2.4.21-9.EL)
psr : 0000101008026038 ifs : 8000000000000e24 ip  :
[<e000000004470480>]    Not tainted
unat: 0000000000000000 pfs : 0000000000000e24 rsc : 0000000000000003
rnat: e000000004b7b790 bsps: e000000004b7b790 pr  : 0002924155aa9a65
ldrs: 0000000000000000 ccv : 0000000000000000 fpsr: 0009804c8a70033f
b0  : e000000004470470 b6  : e0000000044dfa60 b7  : e000000004414e00
f6  : 0fffbccccccccc8c00000 f7  : 0ffdcb640000000000000
f8  : 100029000000000000000 f9  : 10002a000000000000000
r1  : e000000004cabd00 r2  : c0000000fee01000 r3  : 00000000000000fd
r8  : 0000000000000066 r9  : 0000000000000000 r10 : 0000000000001000
r11 : 0000000000000100 r12 : e000004061eeef50 r13 : e000004061ee8000
r14 : 0000000000000000 r15 : 0000000000000000 r16 : 0000000000000000
r17 : 0000000000004000 r18 : 0000000000004000 r19 : 0000000000004000
r20 : e000000004b82eb4 r21 : e000000004ab5768 r22 : e000000004b82eb4
r23 : e000004061eeeef0 r24 : 0000000000000000 r25 : 0000000000000000
r26 : 0000000000080000 r27 : 0000000000000000 r28 : 0000000000080000
r29 : 0000000000000001 r30 : e0000040fef98028 r31 : 0000000000000001
                                                                     
                                                  
Call Trace: [<e000000004415620>] sp=0xe000004061eeeb60
bsp=0xe000004061ee9468 show_stack [kernel] 0x80
[<e000000004430550>] sp=0xe000004061eeed20 bsp=0xe000004061ee9438 die
[kernel] 0x1b0
[<e0000000044527f0>] sp=0xe000004061eeed20 bsp=0xe000004061ee93d8
ia64_do_page_fault [kernel] 0x310
[<e00000000440e6e0>] sp=0xe000004061eeedb0 bsp=0xe000004061ee93d8
ia64_leave_kernel [kernel] 0x0
[<e000000004470480>] sp=0xe000004061eeef50 bsp=0xe000004061ee92b8
elf_core_dump [kernel] 0x640
[<e0000000045306e0>] sp=0xe000004061eefd80 bsp=0xe000004061ee9260
do_coredump [kernel] 0x500
[<e0000000044a9270>] sp=0xe000004061eefdd0 bsp=0xe000004061ee91e8
get_signal_to_deliver [kernel] 0x630
[<e00000000442ebf0>] sp=0xe000004061eefdd0 bsp=0xe000004061ee9180
ia64_do_signal [kernel] 0xd0
[<e00000000440eb20>] sp=0xe000004061eefe50 bsp=0xe000004061ee9130
handle_signal_delivery [kernel] 0x40
[<e00000000440e750>] sp=0xe000004061eefe60 bsp=0xe000004061ee9130
ia64_leave_kernel [kernel] 0x70
Kernel panic: Fatal exception


     89 static inline void elf_core_copy_regs(elf_gregset_t *elfregs,
struct pt_regs *regs)
     90 {
     91 #ifdef ELF_CORE_COPY_REGS
     92         ELF_CORE_COPY_REGS((*elfregs), regs)
     93 #else
     94         BUG_ON(sizeof(*elfregs) != sizeof(*regs));  <--- here
     95         *(struct pt_regs *)elfregs = *regs;
     96 #endif
     97 }

Looking at linux-2.4 bk tree, this just prints a warning rather than
triggering a BUG.

Version-Release number of selected component (if applicable):
kernel-2.4.21-9.EL

How reproducible:
Always

Steps to Reproduce:
1. download the ltp-20040108 package from ltp.sf.net
2. compile on ia32 box
3. copy over to ia64 box running AS 3
4. run 'make install' as root (installs to testcases/bin)
5. run './runalltests.sh'
   First test is abort01, which should crash the box
    

Actual Results:  kernel panic

Additional info:
Comment 1 Jason Baron 2004-03-04 22:54:17 UTC 
ia32 core dump support has been added for ia64 in the U2 stream. i've
verfied the fix with ltp test suite.
Comment 2 John Flanagan 2004-05-12 01:08:26 UTC 
An errata has been issued which should help the problem described in this bug report. 
This report is therefore being closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files, please follow the link below. You may reopen 
this bug report if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2004-188.html