+++ This bug was initially created as a clone of Bug #490852 +++

Description of problem:
The following program is running into SIGSEGV on all PPC64 machines tested.

# cat sem.c
#include <stdio.h>
#include <unistd.h>
#include <sys/types.h>
#include <sys/sem.h>
#include <sys/stat.h>

int
main(void)
{
  int sem_id;

  if ((sem_id = semget(IPC_PRIVATE, 1, IPC_CREAT|S_IRWXU)) == -1)
     printf ("semget() failed.\n");

  if(semctl(sem_id, 0, SETVAL, 0) == -1)
     printf ("semctl() failed.\n");

  return 0;
}

# gcc sem.c -o sem
# ./sem
Segmentation fault

# strace ./sem
execve("./sem", ["./sem"], [/* 29 vars */]) = 0
brk(0)                                  = 0x10020000
access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY)      = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=295300, ...}) = 0
mmap(NULL, 295300, PROT_READ, MAP_PRIVATE, 3, 0) = 0xf7fa0000
close(3)                                = 0
open("/lib/libc.so.6", O_RDONLY)        = 3
read(3, "\177ELF\1\2\1\0\0\0\0\0\0\0\0\0\0\3\0\24\0\0\0\1\17\342\340 \0\0\0004"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=1794480, ...}) = 0
mmap(0xfe10000, 1585596, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xfe10000
mmap(0xff80000, 131072, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x160000) = 0xff80000
close(3)                                = 0
mprotect(0xff80000, 65536, PROT_READ)   = 0
mprotect(0xffe0000, 65536, PROT_READ)   = 0
munmap(0xf7fa0000, 295300)              = 0
semget(IPC_PRIVATE, 1, IPC_CREAT|0700)  = 786439
--- SIGSEGV (Segmentation fault) @ 0 (0) ---
+++ killed by SIGSEGV +++

It runs fine for other architectures like x86-64.

# uname -ra
Linux dell-pe830-02.rhts.bos.redhat.com 2.6.18-128.el5 #1 SMP Wed Dec 17 11:41:38 EST 2008 x86_64 x86_64 x86_64 GNU/Linux

# strace ./sem
execve("./sem", ["./sem"], [/* 22 vars */]) = 0
brk(0)                                  = 0x13fd000
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2ab2a5900000
uname({sys="Linux", node="dell-pe830-02.rhts.bos.redhat.com", ...}) = 0
access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY)      = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=63298, ...}) = 0
mmap(NULL, 63298, PROT_READ, MAP_PRIVATE, 3, 0) = 0x2ab2a5901000
close(3)                                = 0
open("/lib64/libc.so.6", O_RDONLY)      = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0p\332\301\224?\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=1713088, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2ab2a5911000
mmap(0x3f94c00000, 3494168, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x3f94c00000
mprotect(0x3f94d4c000, 2097152, PROT_NONE) = 0
mmap(0x3f94f4c000, 20480, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x14c000) = 0x3f94f4c000
mmap(0x3f94f51000, 16664, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x3f94f51000
close(3)                                = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2ab2a5912000
arch_prctl(ARCH_SET_FS, 0x2ab2a5912210) = 0
mprotect(0x3f94f4c000, 16384, PROT_READ) = 0
mprotect(0x3f94a1b000, 4096, PROT_READ) = 0
munmap(0x2ab2a5901000, 63298)           = 0
semget(IPC_PRIVATE, 1, IPC_CREAT|0700)  = 4882433
semctl(4882433, 0, SETVAL, 0)           = 0
exit_group(0)                           = ?

 
Both RHEL4 and RHEL5 are affected.

Version-Release number of selected component (if applicable):
glibc-2.3.4-2.41
gcc-3.4.6-10
kernel-2.6.9-78.EL

glibc-2.5-34
gcc-4.1.2-44.el5
kernel-2.6.18-128.1.1.el5

How reproducible:
always, seen at least on 2 machines,
ibm-hv2-lp1.test.redhat.com
ppcp-5s-m1.lab.bos.redhat.com

Steps to Reproduce:
1. compile and run the reproducer.
  
Actual results:
Segmentation fault

Expected results:
No error.

Additional info: