Re: [] Kernel coredump to a pipe is failing

From: Andi Kleen
Date: Tue May 26 2009 - 16:31:57 EST

Paul Smith <paul@xxxxxxxxxxxxxxxxx> writes:
> So I annotated dump_write() to printk() if this operation is false, and
> I get:
> file ffff8803b95d0180: dump_write: -512 < 4096
> Well, -512 is ERESTARTSYS. That, to me, seems like a reasonable error
> code to get when we're trying to dump core to a pipe. Yes? No?

Which signal is it? SIGPIPE?

> Shouldn't we be doing some kind of error handling here, at least for
> basic things like signals? Should a process that's dumping core be set
> to ignore signals? Should dump_write() try again on ERESTARTSYS?

I think it should block signals. Here's a untested patch.

It has the disadvantage that it reports the incorrect blocked mask
in the ELF corefile, but that's probably better than truncated



Block signals during core dump

When a signal happens during core dump the core dump to a pipe
can fail, because the write returns short, but the ELF core dumpers
cannot handle that.

There's no reason to handle signals during core dumping, so just
block them all.

Open issue: ELF puts blocked signals into the core dump and
that will be always fully blocked now. Need to save it somewhere?

Based on debugging by Paul Smith.

Signed-off-by: Andi Kleen <ak@xxxxxxxxxxxxxxx>

fs/exec.c | 6 ++++++
1 file changed, 6 insertions(+)

Index: linux-2.6.30-rc5-ak/fs/exec.c
--- linux-2.6.30-rc5-ak.orig/fs/exec.c 2009-05-14 11:46:24.000000000 +0200
+++ linux-2.6.30-rc5-ak/fs/exec.c 2009-05-26 22:22:12.000000000 +0200
@@ -1760,6 +1760,12 @@
goto fail;

+ /* block all signals */
+ spin_lock_irq(&current->sighand->siglock);
+ sigfillset(&current->blocked);
+ /* No recalc sigpending */
+ spin_unlock_irq(&current->sighand->siglock);
* If another thread got here first, or we are not dumpable, bail out.

ak@xxxxxxxxxxxxxxx -- Speaking for myself only.
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at