RHBA-2011:0561 - Bug Fix Advisory

Topic

An updated crash package that fixes various bugs and adds two enhancements is
now available for Red Hat Enterprise Linux 6.

Description

The crash package provides a self-contained tool that can be used to investigate
live systems, and kernel core dumps created from the netdump, diskdump, kdump,
and Xen/KVM "virsh dump" facilities from Red Hat Enterprise Linux.

This update fixes the following bugs:

• The crash package has been upgraded to upstream version 5.1.1, which provides

a number of bug fixes over the previous version. (BZ#649070)

• On 64-bit x86 architectures, using the "bt" command to analyze core dumps from

kernel 2.6.27 or later caused it to display an invalid "vgettimeofday" frame
above the topmost "system_call_fastpath" frame, followed by two read error
messages similar to the following:

bt: read error: kernel virtual address: ffffffffff600000 type:
"gdb_readmem_callback"

This error no longer occurs, and the "bt" command now produces correct results
for these kernels. (BZ#637735)

• When analyzing a KVM dump file from a 64-bit x86 guest system, the crash

utility failed to determine the starting RIP and RSP hooks. This rendered it
unable to produce a correct backtrace for tasks that were either running in user
space when the "virsh dump" operation was performed on a live guest, or that
were running on interrupt or exception stacks. With this update, the RIP and RSP
hooks for a particular dump file are now determined by using the content of the
per-CPU registers in the CPU device format. As a result, the "bt" command no
longer produces incorrect backtraces for such dump files. (BZ#649050)

• When analyzing a KVM dump file from an x86 guest system, the crash utility was

unable to determine the starting EIP and ESP hooks, and produced an invalid
backtrace. With this update, the crash utility has been updated to use the
64-bit CPU device format in x86 KVM dump files by default, and only use the
32-bit format when it is determined that the host machine was running a 32-bit
kernel. As a result, running the "bt" command when analyzing such a dump file
now produces a correct backtrace. (BZ#649051)

• When creating a KVM dump file, the "virsh dump" operation marks all

non-crashing CPUs as offline. Due to an incorrect use of the "cpu_online_map"
mask to determine the CPU count, previous version of the crash utility may have
reported a wrong number of CPUs when analyzing dumps created by the "virsh dump"
command on x86 guest systems. With this update, the underlying source code has
been adapted to use the "cpu_present_map" mask instead, so that the crash
utility reports the correct number of CPUs. (BZ#649053)

• Prior to this update, an attempt to display a backtrace of a non-active

swapper task on a 32-bit x86 architecture could cause the crash utility to
display the following message:

bt: cannot resolve stack trace:
#0 [c09f1ef4] ia32_sysenter_target at c08208ce

This update applies a patch that resolves this issue, and the crash utility now
resolves such backtraces as expected. Additionally, this update ensures that the
crash utility is no longer negatively affected by the changes that were
introduced in kernel 2.6.32-112. (BZ#682129)

As well, this update adds the following enhancements:

• The crash utility has been updated to provide support for dump files created

on the IBM System z architecture. (BZ#633449)

• The crash utility now supports compressed and/or filtered dump files generated

by the makedumpfile utility on IBM System z. (BZ#637197)

All users of crash are advised to upgrade to this updated package, which fixes
these bugs and adds these enhancements.

Solution

Before applying this update, make sure that all previously-released errata
relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red
Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

Affected Products

• Red Hat Enterprise Linux Server 6 x86_64
• Red Hat Enterprise Linux Server 6 i386
• Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 i386
• Red Hat Enterprise Linux Workstation 6 x86_64
• Red Hat Enterprise Linux Workstation 6 i386
• Red Hat Enterprise Linux Desktop 6 x86_64
• Red Hat Enterprise Linux Desktop 6 i386
• Red Hat Enterprise Linux for IBM z Systems 6 s390x
• Red Hat Enterprise Linux for Power, big endian 6 ppc64
• Red Hat Enterprise Linux for Scientific Computing 6 x86_64
• Red Hat Enterprise Linux Server from RHUI 6 x86_64
• Red Hat Enterprise Linux Server from RHUI 6 i386
• Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 x86_64
• Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6 s390x

Fixes

• BZ - 633449 - [6.1 FEAT] makedumpfile support - convert Linux on z dumps to ELF - crash part
• BZ - 637197 - [6.1 FEAT] Crash Utility support to read compressed/filtered dumpfile generated by makedumpfile for s390x
• BZ - 637735 - bt read error when analysing kvm guest vmcore
• BZ - 649050 - KVM dumpfiles: x86_64 backtrace fixes on live and crashed systems
• BZ - 649051 - KVM dumpfiles: x86 backtrace fixes on live and crashed systems
• BZ - 649053 - KVM dumpfiles: fix x86/x86_64 cpu count determination for crashed guests
• BZ - 649070 - Rebase request for crash utility RHEL6.1 errata
• BZ - 682129 - [kdump] bt: cannot resolve stack trace:

CVEs

(none)

References

(none)