Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
Bug 169294 - [RHEL3 U6] __copy_user/memcpy causes random kernel panic on IA-64 systems
[RHEL3 U6] __copy_user/memcpy causes random kernel panic on IA-64 systems
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: kernel (Show other bugs)
ia64 Linux
medium Severity medium
: ---
: ---
Assigned To: Geoff Gustafson
Brian Brock
Depends On:
Blocks: 168424
  Show dependency treegraph
Reported: 2005-09-26 13:50 EDT by Issue Tracker
Modified: 2007-11-30 17:07 EST (History)
3 users (show)

See Also:
Fixed In Version: RHSA-2006-0144
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2006-03-15 11:42:54 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2006:0144 qe-ready SHIPPED_LIVE Moderate: Updated kernel packages available for Red Hat Enterprise Linux 3 Update 7 2006-03-15 00:00:00 EST

  None (edit)
Description Issue Tracker 2005-09-26 13:50:38 EDT
Escalated to Bugzilla from IssueTracker
Comment 7 Gary Case 2005-11-22 17:42:33 EST
Reposting the patch publicly. 

Excerpt from ChangeLog-2.6.14-rc1:

When copying data from user-space to kernel-space by __copy_user(),
a page_not_present fault sometimes occurs at vmalloced kernel address
because of VHPT pre-fetching.

Ignore the page_not_present fault in ia64_do_page_fault() before
jumping into exception handlers.

diff --git a/arch/ia64/mm/fault.c b/arch/ia64/mm/fault.c

file:a949a83e0dccbb34531dea37145fee9ab3ea6895 ->
--- a/arch/ia64/mm/fault.c
+++ b/arch/ia64/mm/fault.c
@@ -206,9 +206,6 @@ ia64_do_page_fault (unsigned long addres

-       if (done_with_exception(regs))
-               return;
        * Since we have no vma's for region 5, we might get here even if the
address is
        * valid, due to the VHPT walker inserting a non present translation that
@@ -219,6 +216,9 @@ ia64_do_page_fault (unsigned long addres
       if (REGION_NUMBER(address) == 5 && mapped_kernel_page_is_present(address))

+       if (done_with_exception(regs))
+               return;
        * Oops. The kernel tried to access some bad page. We'll have to
terminate things
        * with extreme prejudice.
Comment 12 Ernie Petrides 2005-11-28 18:44:43 EST
In answer to comment #10, the fix is queued for the next U7 build, which
will probably occur tomorrow night.
Comment 13 Ernie Petrides 2005-11-30 02:38:08 EST
A fix for this problem has just been committed to the RHEL3 U7
patch pool this evening (in kernel version 2.4.21-37.12.EL).
Comment 17 Red Hat Bugzilla 2006-03-15 11:42:54 EST
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.


Note You need to log in before you can comment on or make changes to this bug.