Bug 461038 - el4u5 pv guest user coredump crashing system
Summary: el4u5 pv guest user coredump crashing system
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: kernel-xen
Version: 4.9
Hardware: All
OS: Linux
medium
medium
Target Milestone: rc
: ---
Assignee: Oleg Nesterov
QA Contact: Chao Ye
URL:
Whiteboard:
: 594531 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2008-09-03 15:58 UTC by Greg Marsden
Modified: 2018-11-14 18:36 UTC (History)
14 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2011-02-16 16:02:28 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2011:0263 0 normal SHIPPED_LIVE Important: Red Hat Enterprise Linux 4.9 kernel security and bug fix update 2011-02-16 15:14:55 UTC

Description Greg Marsden 2008-09-03 15:58:46 UTC
The system panicked during core dumping a faulting process.  The cause was
a wrong vsyscall page pointer from elf_core_dump for the el4u5 32bit pv
guest.  This patch resolves:

--- linux-2.6.9/include/asm-i386/elf.h.orig     2008-05-01 17:31:41.000000000
-0700
+++ linux-2.6.9/include/asm-i386/elf.h  2008-05-01 17:32:06.000000000 -0700
@@ -141,11 +141,7 @@
#define VSYSCALL_ENTRY (VSYSCALL_BASE + VSYSCALL_OFFSET)
 
/* kernel-internal fixmap address: */
-#ifdef CONFIG_XEN
-#define __VSYSCALL_BASE        (PAGE_OFFSET - 2*PAGE_SIZE)
-#else
 #define __VSYSCALL_BASE        (__fix_to_virt(FIX_VSYSCALL))
-#endif
 #define __VSYSCALL_EHDR        ((const struct elfhdr *) __VSYSCALL_BASE)

Comment 1 Tina Yang 2008-09-03 18:34:39 UTC
This is a workaround, minimum fix.  The problem is the page the __VSYSCALL_BASE points to in el4u5 XEN case doesn't seem to be ever set up.  It seems to me the intended logic is only half-implemented.  I did see however in el5, this part of the dump has been completely eliminated.  So, whichever is appropriate.

Comment 2 Guy Streeter 2008-12-03 18:43:00 UTC
I have a customer report of this same problem, solved by this patch.

Comment 4 Veaceslav Falico 2009-03-25 18:02:11 UTC
I also have a customer report of this same problem, solved by this patch. Customer asks for hotfix.

Comment 8 Chris Lalancette 2009-04-10 09:13:34 UTC
Can someone who is affected by this bug please let me know what the exact problem is, and if there is a way to reproduce it?  The patch in Comment #1 looks sane enough, but I don't have a good idea of the real problem, and I would like to verify myself if a reproducer is available.

Thanks,
Chris Lalancette

Comment 13 Vivek Goyal 2009-06-03 13:56:31 UTC
Committed in 89.2.EL

Comment 15 Paolo Bonzini 2010-10-06 14:20:03 UTC
*** Bug 594531 has been marked as a duplicate of this bug. ***

Comment 17 Chao Ye 2011-01-12 09:59:23 UTC
Verified with -95.EL:
=========================================
I'm still alive, will sleep now
runtest.sh: line 20: 10904 Segmentation fault      (core dumped) sh PCD.sh
Success to core dump of process 10904

$ cat PCD.sh 
#!/bin/sh

while true
do
    echo "I'm still alive, will sleep now"
    sleep 60
done

$ cat runtest.sh 
#!/bin/sh

ulimit -c unlimited
sh PCD.sh &
ID=`ps aux | grep PCD | sed '/grep/d' | awk '{ print $2 }'`
kill -s 11 $ID
if [ -f core.$ID ]; then
    echo "Success to core dump of process $ID"
    rm -f core.$ID
else
    echo "Failed  to core dump of process $ID"
fi

Change status to VERIFIED

Comment 18 errata-xmlrpc 2011-02-16 16:02:28 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2011-0263.html


Note You need to log in before you can comment on or make changes to this bug.