Sophie: kernel-2.6.18-238.el5 src

kernel-2.6.18-238.el5.src.rpm

From: Amerigo Wang <amwang@redhat.com>
Date: Tue, 2 Jun 2009 06:19:46 -0400
Subject: [misc] core dump: wrong thread info in core dump file
Message-id: 20090602102149.4707.66591.sendpatchset@localhost.localdomain
O-Subject: [PATCH RHEL5.x] core dump: fix wrong thread information in core dump file
Bugzilla: 503553
RH-Acked-by: Prarit Bhargava <prarit@redhat.com>
RH-Acked-by: Dave Anderson <anderson@redhat.com>
RH-Acked-by: Neil Horman <nhorman@redhat.com>

BZ503553

Description:
  1. Compile simple attached program "gcc -g threads.c -o threads -lpthread".
  2. Make sure you can dump core, ulimit -c unlimited
  3. Run the program, ./threads
     # ./threads
     *** KO thread(5.300000)
     *** KO thread(5.300000)
     Aborted
  4. Attach gdb to the core, gdb ./threads core.<pid>
  5. Do 'info threads'  If you see 2 thread, you see the bug.  If you see 3
 threads, it's correct.

Please get the reproduce program from:
https://bugzilla.redhat.com/show_bug.cgi?id=503553

The reason is that elf_core_dump() passes an off_t* pointer to alignfile()
which should be loff_t*. So on i386, this is a bug. But on x86_64, it is
fine since unsigned long long == unsigned long.

Upstream status:
Upstream has different fixes.

Test status:
I have tested it on i386 and can confirm it fixes the bug.

diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c
index 11a4ac7..dc6c03e 100644
--- a/fs/binfmt_elf.c
+++ b/fs/binfmt_elf.c
@@ -1414,7 +1414,7 @@ static void fill_elf_header(struct elfhdr *elf, int segs)
 	return;
 }
 
-static void fill_elf_note_phdr(struct elf_phdr *phdr, int sz, off_t offset)
+static void fill_elf_note_phdr(struct elf_phdr *phdr, int sz, loff_t offset)
 {
 	phdr->p_type = PT_NOTE;
 	phdr->p_offset = offset;
@@ -1580,7 +1580,7 @@ static int elf_core_dump(long signr, struct pt_regs *regs, struct file *file)
 	int i;
 	struct vm_area_struct *vma;
 	struct elfhdr *elf = NULL;
-	off_t offset = 0, dataoff, foffset;
+	loff_t offset = 0, dataoff, foffset;
 	unsigned long limit = current->signal->rlim[RLIMIT_CORE].rlim_cur;
 	int numnote;
 	struct memelfnote *notes = NULL;