Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
Bug 160049 - x86-64 on 32-bit vdso syscall entry, %ebp value is not seen in %rbp via ptrace
x86-64 on 32-bit vdso syscall entry, %ebp value is not seen in %rbp via ptrace
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: kernel (Show other bugs)
x86_64 Linux
medium Severity medium
: ---
: ---
Assigned To: Roland McGrath
Brian Brock
Depends On: 162467
Blocks: 170417
  Show dependency treegraph
Reported: 2005-06-10 10:35 EDT by Bastien Nocera
Modified: 2007-11-30 17:07 EST (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2007-10-19 15:00:42 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Bastien Nocera 2005-06-10 10:35:20 EDT
$ uname -a
Linux bnocera 2.6.9-1.906_EL #1 Sun Dec 12 22:51:52 EST 2004 i686 i686 i386
$ file test
test: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), for GNU/Linux
2.2.5, dynamically linked (uses shared libs), not stripped
$ strace -v ./a.out 2>&1 | grep old
old_mmap(NULL, 76063, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7fed000
old_mmap(0x469000, 1215644, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3,
0) = 0x469000
old_mmap(0x58c000, 16384, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x123000) = 0x58c000
old_mmap(0x590000, 7324, PROT_READ|PROT_WRITE,

On the 64 bit machine:
rpm -q strace
[root@host-59 tmp]# uname -a
Linux host-59.support.localnet 2.4.21-27.0.2.ELsmp #1 SMP Wed Jan 12 23:25:44
EST 2005 x86_64 x86_64 x86_64 GNU/Linux
[root@host-59 tmp]# file test
test: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), for GNU/Linux
2.2.5, dynamically linked (uses shared libs), not stripped
[root@host-59 tmp]# strace -v ./test 2>&1 | grep old
old_mmap(0xedf500000000, 8589934593, PROT_READ|PROT_WRITE, 0xf /* MAP_???
14849, 0x3b55b00000000) = 0x40016000
old_mmap(0x1375cc00000000, 8589934597, PROT_READ|PROT_WRITE, MAP_FILE, 0, 0) =
old_mmap(0x300040157000, 77309411331, PROT_READ|PROT_WRITE, MAP_FILE, 0, 0) =
old_mmap(0x25cc4015a000, 214748364803,
0, 0) = 0x4015a000
old_mmap(0x100000000000, 146028888067,
1073744439, 0x840010307) = 0x4015d000
old_mmap()                              = -1 EFAULT (Bad address)

test is built from the test.c below:
#include <sys/syscall.h>
#include <unistd.h>
#include <sys/mman.h>

int main (int argc, char **argv)
        syscall (SYS_mmap2, NULL, 88983, PROT_READ, MAP_PRIVATE, 3, 0);
        return 0;
Comment 3 Roland McGrath 2005-07-05 00:18:12 EDT
The actual bug here is that the x86-64 kernel doing syscall tracing of a 32-bit
process fails to reflect the %ebp value in %rbp, and so is inconsistent with
what native 32-bit ptrace shows.  This bug exists in the upstream kernel as well.
Comment 4 Roland McGrath 2005-07-05 05:46:47 EDT
There are two bugs in the original report.  This bug is tracking the kernel bug
that gives wrong results for the mmap2 syscall, which is what the test case
source mentions.  However, the original complaints were about the old_mmap
syscall output, which is an strace bug #162467 tracks now.
Comment 12 RHEL Product and Program Management 2007-10-19 15:00:42 EDT
This bug is filed against RHEL 3, which is in maintenance phase.
During the maintenance phase, only security errata and select mission
critical bug fixes will be released for enterprise products. Since
this bug does not meet that criteria, it is now being closed.
For more information of the RHEL errata support policy, please visit:
If you feel this bug is indeed mission critical, please contact your
support representative. You may be asked to provide detailed
information on how this bug is affecting you.

Note You need to log in before you can comment on or make changes to this bug.