Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
Bug 594531 - BUG IN ELF_CORE_DUMP
BUG IN ELF_CORE_DUMP
Status: CLOSED DUPLICATE of bug 461038
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: kernel-xen (Show other bugs)
4.8
All Linux
low Severity medium
: rc
: ---
Assigned To: Andrew Jones
Red Hat Kernel QE team
:
Depends On:
Blocks: 458302
  Show dependency treegraph
 
Reported: 2010-05-20 19:02 EDT by Guru Anbalagane
Modified: 2010-10-06 10:20 EDT (History)
6 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2010-10-06 10:20:03 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
patch that fixes wrong vsyscall page pointer from elf_core_dump (505 bytes, patch)
2010-05-20 19:06 EDT, Guru Anbalagane
no flags Details | Diff

  None (edit)
Description Guru Anbalagane 2010-05-20 19:02:00 EDT
Description of problem:
During testing in EL4u7 pv guest, guest panic'ed with the following:

Based on log files the kernel paniced at 11pm:

Apr 22 23:00:35 adc68002xems kernel: ------------[ cut here ]------------
Apr 22 23:00:35 adc68002xems kernel: kernel BUG at fs/binfmt_elf.c:1616!
Apr 22 23:00:35 adc68002xems kernel: invalid operand: 0000 [#1]
Apr 22 23:00:35 adc68002xems kernel: SMP
Apr 22 23:00:35 adc68002xems kernel: Modules linked in: md5(U) ipv6(U)
autofs4(U) i2c_dev(U) i2c_core(U) nfs(U) lockd(U) sunrpc(U) dm_mirror(U)
dm_multipath(U) dm_mod(U) ext3(U) jbd(U)
Apr 22 23:00:35 adc68002xems kernel: CPU:    0
Apr 22 23:00:35 adc68002xems kernel: EIP:    0061:[<c017fd4e>]    Not tainted
VLI
Apr 22 23:00:35 adc68002xems kernel: EFLAGS: 00010206  
(2.6.9-55.0.12.9.1.ELxenU)
Apr 22 23:00:35 adc68002xems kernel: EIP is at elf_core_dump+0x6b8/0xa38
Apr 22 23:00:35 adc68002xems kernel: eax: ec57fe0c   ebx: bfffe380   ecx:
bfffe380   edx: bfffe380
Apr 22 23:00:35 adc68002xems kernel: esi: 0ba53000   edi: 0000001c   ebp:
00009514   esp: ec57fdb0
Apr 22 23:00:35 adc68002xems kernel: ds: 007b   es: 007b   ss: 0068
Apr 22 23:00:35 adc68002xems kernel: Process oracle (pid: 30186,
threadinfo=ec57f000 task=e5f342b0)
Apr 22 23:00:35 adc68002xems kernel: Stack: 0000c6ff d4d23500 00000000
c26e6a00 ea6d3680 c029fa40 c26fe180 d6138c40
Apr 22 23:00:35 adc68002xems kernel:        e57e4700 00000006 ffffffff
0018f000 00000000 0ba53000 00000000 c0000000
Apr 22 23:00:35 adc68002xems kernel:        00000001 e9ae9e80 00000006
e743d92c ea1ba17c ec57fe04 ec57fe04 00000001
Apr 22 23:00:35 adc68002xems kernel:        3e7bf217 fffffffe 00d7eb50
3e7bf217 fffffffe 00d7eb50 3e7bf217 00000004
Apr 22 23:00:35 adc68002xems kernel: Call Trace:
Apr 22 23:00:35 adc68002xems kernel:  [<c0163e26>] do_coredump+0x24d/0x297
Apr 22 23:00:35 adc68002xems kernel:  [<c01170da>] try_to_wake_up+0x2ab/0x2b6
Apr 22 23:00:35 adc68002xems kernel:  [<c0125bc0>]
__dequeue_signal+0x14c/0x155
Apr 22 23:00:35 adc68002xems kernel:  [<c0125bf6>] dequeue_signal+0x2d/0x54
Apr 22 23:00:35 adc68002xems kernel:  [<c01274b2>]
get_signal_to_deliver+0x317/0x346
Apr 22 23:00:35 adc68002xems kernel:  [<c01071bb>] do_signal+0x47/0xd0
Apr 22 23:00:35 adc68002xems kernel:  [<c0126543>]
group_send_sig_info+0x59/0x61
Apr 22 23:00:35 adc68002xems kernel:  [<c01c1b50>]
atomic_dec_and_lock+0x20/0x40
Apr 22 23:00:35 adc68002xems kernel:  [<c01275a5>] sigprocmask+0xb0/0xca
Apr 22 23:00:35 adc68002xems kernel:  [<c0127657>]
sys_rt_sigprocmask+0x98/0x145
Apr 22 23:00:35 adc68002xems kernel:  [<c010726c>] do_notify_resume+0x28/0x38
Apr 22 23:00:35 adc68002xems kernel:  [<c0263bc9>] work_notifysig+0x13/0x1a
Apr 22 23:00:35 adc68002xems kernel:  [<c026007b>]
packet_setsockopt+0x9a/0x19a
Apr 22 23:00:35 adc68002xems kernel:  [<c026007b>]
packet_setsockopt+0x9a/0x19a
Apr 22 23:00:35 adc68002xems kernel: Code: 66 83 3d 2c e0 ff bf 00 0f 84 9b
00 00 00 89 c3 b9 20 00 00 00 89 da 8d 44 24 5c e8 01 1f 04 00 83 7c 24 5c 01
75 3c 85 f6 74 08 <0f> 0b 50 06 7d e7 27 c0 8b 44 24 34 31 d2 89 c6 89 44 24
60 8b
Apr 22 23:00:35 adc68002xems kernel:  <0>Fatal exception: panic in 5 seconds

Version-Release number of selected component (if applicable):

el4u7 and above to the latest el4 kernel
How reproducible:
whenever  a process coredumps in a guest.

Steps to Reproduce:
1. in a guest, try coredumping a process 
2.
3.
  
Actual results:


Expected results:


Additional info:
Comment 1 Guru Anbalagane 2010-05-20 19:06:17 EDT
Created attachment 415538 [details]
patch that fixes wrong vsyscall page pointer from elf_core_dump

Please review and include this part of your next errata.
Comment 2 RHEL Product and Program Management 2010-07-01 06:09:09 EDT
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
release.
Comment 4 Paolo Bonzini 2010-10-06 10:20:03 EDT
The patch was committed as 3fa265a0e29ae61e373d0490ea2d85ef84cb0f54 in kernel-2.6.9-89.2 and it will be included in 4.9.

*** This bug has been marked as a duplicate of bug 461038 ***

Note You need to log in before you can comment on or make changes to this bug.