Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Patches » RHBA-2012:0203-01


Id RHBA-2012:0203-01
Name Red Hat 2012:0203-01 RHBA crash bug fix and enhancement update for RHEL 5 x86
Vendor Name red_hat
Product None
Content Type Recommended Recommended
Operating System(s) Linux 
Released On 20 Feb 2012 12:00:00


Red Hat 2012:0203-01 RHBA crash bug fix and enhancement update for RHEL 5 x86

Vendor Name




Released On

20 Feb 2012 12:00:00



The crash package provides a self-contained tool that can be used to investigate live systems, and kernel core dumps created from the netdump, diskdump, kdump, and Xen/KVM "virsh dump" facilities from Red Hat Enterprise Linux. This updated crash package includes fixes for the following bugs: * The crash package has been upgraded to upstream version 5.1.8, which provides a number of enhancements and bug fixes over the previous version. (BZ#715072) * On AMD64 and Intel 64 architectures, the "bt" command failed when the shutdown NMI was issued to a 32-bit task that had executed a "sysenter" instruction and the RSP still contained the zero value loaded from the MSR_IA32_SYSENTER_ESP register. Consequently, the backtrace issued the following warning message: "WARNING: possibly bogus exception frame" and was unable to make a transition from the NMI exception stack back to the process stack. With this update, the underlying source code has been modified to address this issue, and the aforementioned command no longer fails. (BZ#676408) * On AMD64 and Intel 64 architectures, the "bt" command failed with several backtrace errors for non-crashing active tasks: "bt: cannot resolve stack trace" This was due to a failure to properly transition from the shutdown NMI stack back to the process stack. This update fixes these errors, and executing the "bt" command on non-crashing active tasks works as expected. (BZ#713050) * KVM virtual systems contain an I/O hole in the physical memory region from 0xe0000000 to 0x100000000 (3.5 GB to 4 GB). If a guest is provisioned with more than 3.5 GB of RAM, then the memory above 3.5 GB is "pushed up" to start at 0x100000000 (4 GB). However, the "ram" device headers in the KVM dumpfiles do not reflect that. As a result, numerous error messages were displayed during invocation, and the session would often fail. With this update, the crash utility takes the I/O hole into account despite the fact that the "ram" device headers in KVM dumpfiles do not; consequently, error messages are no longer displayed during invocation. (BZ#716327) * The KVM I/O hole size is currently set to either 1 GB or 512 MB, but its setting is hardwired into the Qemu code that was used to create the dumpfile. The dumpfile is a "savevm" file that is designed to be used for guest migration, and since inter-version save/load operations are not supported, the I/O hole information does not have to be encoded into the dumpfile. Prior to this update, the I/O hole for dumpfiles created by older Qemu version was not being set to 1GB, so if the KVM guest was configured with more than 3GB of memory, the crash session would typically display numerous "read error" messages during session initialization. With this update, the crash session does not return any error messages during session initialization. (BZ#715070) All users of crash are advised to upgrade to this updated package, which resolves these issues.

Related Resources

Related Vulnerabilities


Related Patches

Superseded Patches


Last Updated: 27 May 2016 11:12:55