**************************** ECO SUMMARY INFORMATION **************************** Release Date: 19-NOV-2003 Kit Name: DEC-AXPVMS-VMS73_SYS-V0700--4.PCSI Kit Applies To: OpenVMS ALPHA V7.3 Approximate Kit Size: 20368 blocks Installation Rating: INSTALL_1 Reboot Required: Yes - rolling reboot Superseded Kits: VMS73_SYS-V0600 Mandatory Kit Dependencies: VMS73_UPDATE-V0200 VMS73_PCSI-V0100 Optional Kit Dependencies: None VMS73_SYS-V0700.PCSI-DCX_AXPEXE Checksum: 3080534754 ======================================================================= Hewlett-Packard OpenVMS ECO Cover Letter ======================================================================= ECO NUMBER: VMS73_SYS-V0700 PRODUCT: OpenVMS Alpha OPERATING SYSTEM V7.3 UPDATE PRODUCT: OpenVMS Alpha OPERATING SYSTEM V7.3 1 KIT NAME: VMS73_SYS-V0700 2 KIT DESCRIPTION: 2.1 Installation Rating: INSTALL_1 : To be installed by all customers. This installation rating, based upon current CLD information, is provided to serve as a guide to which customers should apply this remedial kit. (Reference attached Disclaimer of Warranty and Limitation of Liability Statement) 2.2 Reboot Requirement: Reboot Required. HP strongly recommends that a reboot is performed immediately after kit installation to avoid system instability. If you have other nodes in your OpenVMS cluster, they must also be rebooted in order to make use of the new image(s). If it is not possible or convenient to reboot the entire cluster at this time, a rolling re-boot may be performed. 2.3 Version(s) of OpenVMS to which this kit may be applied: OpenVMS Alpha V7.3 2.4 New functionality or new hardware support provided: No. 3 KITS SUPERSEDED BY THIS KIT: - VMS73_SYS-V0600 4 KIT DEPENDENCIES: 4.1 The following remedial kit(s), or later, must be installed BEFORE installation of this, or any required kit: - VMS73_PCSI-V0100 - VMS73_UPDATE-V0200 Page 2 4.2 In order to receive all the corrections listed in this kit, the following remedial kits, or later, should also be installed: - None 5 FILES PATCHED OR REPLACED: o [SYS$LDR]EXCEPTION.EXE (new image) Image Identification Information image name: "EXCEPTION" image file identification: "X-3" image file build identification: "X9UH-0060010067" link date/time: 17-OCT-2003 03:21:39.54 linker identification: "A11-50" Image Checksum: 2750668918 o [SYS$LDR]EXCEPTION_MON.EXE (new image) Image Identification Information image name: "EXCEPTION_MON" image file identification: "X-3" image file build identification: "X9UH-0060010067" link date/time: 17-OCT-2003 03:26:21.72 linker identification: "A11-50" Image Checksum: 126836289 o [SYS$LDR]EXEC_INIT.EXE (new image) Image Identification Information image name: "EXEC_INIT" image file identification: "X-8" image file build identification: "X9UH-0060010067" link date/time: 17-OCT-2003 03:29:40.29 linker identification: "A11-50" Image Checksum: 2025380753 o [SYS$LDR]IMAGE_MANAGEMENT.EXE (new image) Image Identification Information image name: "IMAGE_MANAGEMENT" image file identification: "X-7" image file build identification: "X9UH-0060010067" link date/time: 17-OCT-2003 03:31:59.22 linker identification: "A11-50" Image Checksum: 3355166549 Page 3 o [SYSLIB]IMGDMP.EXE (new image) Image Identification Information image name: "IMGDMP" image file identification: "X-11A1" image file build identification: "X91Y-0060010000" link date/time: 20-OCT-2001 06:06:23.85 linker identification: "A11-50" Image Checksum: 3813432078 o [SYSEXE]INSTALL.EXE (new image) Image Identification Information image name: "INSTALL" image file identification: "X-26" image file build identification: "X91Y-0060010002" link date/time: 10-JUN-2002 16:38:41.26 linker identification: "A11-50" Image Checksum: 1866724319 o [SYS$LDR]IO_ROUTINES.EXE (new image) Image Identification Information image name: "IO_ROUTINES" image file identification: "X-3" image file build identification: "X9UH-0060010067" link date/time: 17-OCT-2003 03:34:01.64 linker identification: "A11-50" Image Checksum: 616034584 o [SYS$LDR]IO_ROUTINES_MON.EXE (new image) Image Identification Information image name: "IO_ROUTINES_MON" image file identification: "X-3" image file build identification: "X9UH-0060010067" link date/time: 17-OCT-2003 03:36:22.62 linker identification: "A11-50" Image Checksum: 1726937701 o [SYS$LDR]LOCKING.EXE (new image) Image Identification Information image name: "LOCKING" image file identification: "X-3" image file build identification: "X9UH-0060010067" link date/time: 17-OCT-2003 03:37:50.98 linker identification: "A11-50" Image Checksum: 4149625578 Page 4 o [SYS$LDR]LOGICAL_NAMES.EXE (new image) Image Identification Information image name: "LOGICAL_NAMES" image file identification: "X-3" image file build identification: "X9UH-0060010067" link date/time: 17-OCT-2003 03:38:31.44 linker identification: "A11-50" Image Checksum: 1646010319 o [SYS$LDR]MESSAGE_ROUTINES.EXE (new image) Image Identification Information image name: "MESSAGE_ROUTINES" image file identification: "X-3" image file build identification: "X9UH-0060010067" link date/time: 17-OCT-2003 03:19:35.30 linker identification: "A11-50" Image Checksum: 781876451 o [SYS$LDR]MULTIPATH.EXE (new image) Image Identification Information image name: "MULTIPATH" image file identification: "X-3" image file build identification: "X9UH-0060010067" link date/time: 17-OCT-2003 03:38:50.70 linker identification: "A11-50" Image Checksum: 2320611861 o [SYS$LDR]MULTIPATH_MON.EXE (new image) Image Identification Information image name: "MULTIPATH_MON" image file identification: "X-3" image file build identification: "X9UH-0060010067" link date/time: 17-OCT-2003 03:39:09.88 linker identification: "A11-50" Image Checksum: 976291365 o [SYS$LDR]PROCESS_MANAGEMENT.EXE (new image) Image Identification Information image name: "PROCESS_MANAGEMENT" image file identification: "X-3" image file build identification: "X9UH-0060010067" link date/time: 17-OCT-2003 03:26:35.11 linker identification: "A11-50" Image Checksum: 1109644159 Page 5 o [SYS$LDR]PROCESS_MANAGEMENT_MON.EXE (new image) Image Identification Information image name: "PROCESS_MANAGEMENT_MON" image file identification: "X-3" image file build identification: "X9UH-0060010067" link date/time: 17-OCT-2003 03:32:41.37 linker identification: "A11-50" Image Checksum: 2059491931 o [SYSLIB]SDA$SHARE.EXE (new image) Image Identification Information image name: "SDA$SHARE" image file identification: "X-6B1" image file build identification: "X9UH-0060010025" link date/time: 17-OCT-2003 03:25:07.50 linker identification: "A11-50" Image Checksum: 3488148667 o [SYSLIB]SECURESHR.EXE (new image) Image Identification Information image name: "SECURESHR" image file identification: "X-9" image file build identification: "X91Y-0060010013" link date/time: 9-APR-2003 14:36:49.75 linker identification: "A11-50" Image Checksum: 3754985958 o [SYSLIB]SECURESHRP.EXE (new image) Image Identification Information image name: "SECURESHRP" image file identification: "7-3" image file build identification: "X91Y-0060010013" link date/time: 9-APR-2003 14:36:48.24 linker identification: "A11-50" Image Checksum: 2626894829 o [SYS$LDR]SECURITY.EXE (new image) Image Identification Information image name: "SECURITY" image file identification: "X-5" image file build identification: "X9UH-0060010067" link date/time: 17-OCT-2003 03:35:19.37 linker identification: "A11-50" Image Checksum: 2973427520 Page 6 o [SYS$LDR]SECURITY_MON.EXE (new image) Image Identification Information image name: "SECURITY_MON" image file identification: "X-5" image file build identification: "X9UH-0060010067" link date/time: 17-OCT-2003 03:35:53.62 linker identification: "A11-50" Image Checksum: 417220465 o [SYS$LDR]SHELL8K.EXE (new image) Image Identification Information image name: "SHELL8K" image file identification: "X-3" image file build identification: "X9UH-0060010067" link date/time: 17-OCT-2003 03:37:11.70 linker identification: "A11-50" Image Checksum: 3373222301 o [SYS$LDR]SYS$BASE_IMAGE.EXE (new image) Image Identification Information image name: "SYS$BASE_IMAGE" image file identification: "ALPHA X9UH-K5L" image file build identification: "X9UH-0060010067" link date/time: 17-OCT-2003 03:11:36.30 linker identification: "A11-50" Image Checksum: 1421204007 o [SYS$LDR]SYS$CLUSTER.EXE (new image) Image Identification Information image name: "SYS$CLUSTER" image file identification: "X-3" image file build identification: "X91Y-0060010012" link date/time: 4-NOV-2002 16:35:36.67 linker identification: "A11-50" Image Checksum: 922157356 o [SYS$LDR]SYS$VCC.EXE (new image) Image Identification Information image name: "SYS$VCC" image file identification: "X-3" image file build identification: "X9UH-0060010067" link date/time: 17-OCT-2003 03:37:51.13 linker identification: "A11-50" Image Checksum: 1987541901 Page 7 o [SYS$LDR]SYS$VCC_MON.EXE (new image) Image Identification Information image name: "SYS$VCC_MON" image file identification: "X-3" image file build identification: "X9UH-0060010067" link date/time: 17-OCT-2003 03:38:08.23 linker identification: "A11-50" Image Checksum: 1909727508 o [SYS$LDR]SYS$VM.EXE (new image) Image Identification Information image name: "SYS$VM" image file identification: "X-3" image file build identification: "X9UH-0060010067" link date/time: 17-OCT-2003 03:38:21.55 linker identification: "A11-50" Image Checksum: 1336508502 o [SYS$LDR]SYSBOOT.EXE (new image) Image Identification Information image name: "SYSBOOT" image file identification: "X-97" image file build identification: "X91Y-0060010002" link date/time: 2-DEC-2001 01:47:08.59 linker identification: "A11-50" Image Checksum: 2533104842 o [SYSEXE]SYSGEN.EXE (new image) Image Identification Information image name: "SYSGEN" image file identification: "X-3" image file build identification: "X91Y-0060010001" link date/time: 28-JUN-2001 02:30:26.79 linker identification: "A11-50" Image Checksum: 2943455964 o [SYS$LDR]SYSGETSYI.EXE (new image) Image Identification Information image name: "SYSGETSYI" image file identification: "X-3" image file build identification: "X9UH-0060010067" link date/time: 17-OCT-2003 03:18:58.73 linker identification: "A11-50" Image Checksum: 250295234 Page 8 o [SYS$LDR]SYSLDR_DYN.EXE (new image) Image Identification Information image name: "SYSLDR_DYN" image file identification: "X-3" image file build identification: "X9UH-0060010067" link date/time: 17-OCT-2003 03:21:55.28 linker identification: "A11-50" Image Checksum: 936314855 o [SYS$LDR]SYSTEM_PRIMITIVES.EXE (new image) Image Identification Information image name: "SYSTEM_PRIMITIVES" image file identification: "X-3" image file build identification: "X9UH-0060010067" link date/time: 17-OCT-2003 03:32:37.39 linker identification: "A11-50" Image Checksum: 2155627020 o [SYS$LDR]SYSTEM_PRIMITIVES_MIN.EXE (new image) Image Identification Information image name: "SYSTEM_PRIMITIVES_MIN" image file identification: "X-3" image file build identification: "X9UH-0060010067" link date/time: 17-OCT-2003 03:28:19.20 linker identification: "A11-50" Image Checksum: 2736791210 o [SYS$LDR]SYSTEM_SYNCHRONIZATION.EXE (new image) Image Identification Information image name: "SYSTEM_SYNCHRONIZATION" image file identification: "X-3" image file build identification: "X9UH-0060010067" link date/time: 17-OCT-2003 03:35:57.28 linker identification: "A11-50" Image Checksum: 2105880373 o [SYS$LDR]SYSTEM_SYNCHRONIZATION_MIN.EXE (new image) Image Identification Information image name: "SYSTEM_SYNCHRONIZATION_MIN" image file identification: "X-3" image file build identification: "X9UH-0060010067" link date/time: 17-OCT-2003 03:36:29.04 linker identification: "A11-50" Image Checksum: 3692518400 Page 9 o [SYS$LDR]SYSTEM_SYNCHRONIZATION_UNI.EXE (new image) Image Identification Information image name: "SYSTEM_SYNCHRONIZATION_UNI" image file identification: "X-3" image file build identification: "X9UH-0060010067" link date/time: 17-OCT-2003 03:36:59.69 linker identification: "A11-50" Image Checksum: 3710312515 o [SYS$LDR]EXCEPTION.STB (new file) o [SYS$LDR]EXCEPTION_MON.STB (new file) o [SYS$LDR]EXEC_INIT.STB (new file) o [SYS$LDR]IMAGE_MANAGEMENT.STB (new file) o [SYS$LDR]IO_ROUTINES.STB (new file) o [SYS$LDR]IO_ROUTINES_MON.STB (new file) o [SYS$LDR]LOCKING.STB (new file) o [SYS$LDR]LOGICAL_NAMES.STB (new file) o [SYS$LDR]MESSAGE_ROUTINES.STB (new file) o [SYS$LDR]MULTIPATH.STB (new file) o [SYS$LDR]MULTIPATH_MON.STB (new file) o [SYS$LDR]PROCESS_MANAGEMENT.STB (new file) o [SYS$LDR]PROCESS_MANAGEMENT_MON.STB (new file) o [SYS$LDR]SECURITY.STB (new file) o [SYS$LDR]SECURITY_MON.STB (new file) o [SYS$LDR]SHELL8K.STB (new file) o [SYS$LDR]SYS$CLUSTER.STB (new file) o [SYS$LDR]SYS$VCC.STB (new file) o [SYS$LDR]SYS$VCC_MON.STB (new file) o [SYS$LDR]SYS$VM.STB (new file) o [SYS$LDR]SYSGETSYI.STB (new file) o [SYS$LDR]SYSLDR_DYN.STB (new file) Page 10 o [SYS$LDR]SYSTEM_PRIMITIVES.STB (new file) o [SYS$LDR]SYSTEM_PRIMITIVES_MIN.STB (new file) o [SYS$LDR]SYSTEM_SYNCHRONIZATION.STB (new file) o [SYS$LDR]SYSTEM_SYNCHRONIZATION_MIN.STB (new file) o [SYS$LDR]SYSTEM_SYNCHRONIZATION_UNI.STB (new file) 6 PROBLEMS ADDRESSED IN THIS KIT 6.1 New problems addressed in the VMS73_SYS-V0700 kit 6.1.1 This is a mandatory patch that corrects a serious security problem in OpenVMS. 6.1.1.1 Problem Description: This is a mandatory patch that corrects a serious security problem in OpenVMS. Images Affected: - [SYS$LDR]IO_ROUTINES.EXE - [SYS$LDR]IO_ROUTINES_MON.EXE - [SYS$LDR]IO_ROUTINES.STB - [SYS$LDR]IO_ROUTINES_MON.STB 6.1.1.2 CLDs, and QARs reporting this problem: 6.1.1.3 CLD(s) None. 6.1.1.4 QAR(s) None. 6.1.1.5 Problem Analysis: This is a mandatory patch that corrects a serious security problem in OpenVMS. Page 11 6.1.1.6 Work-arounds: None. 6.1.2 "SSRVEXCEPT, Unexpected system service exception" bugcheck 6.1.2.1 Problem Description: The system system can crash with a "SSRVEXCEPT, Unexpected system service exception" bugcheck. Crashdump Summary Information: ------------------------------ Crash Time: 14-MAR-2003 15:29:12.56 Bugcheck Type: SSRVEXCEPT, Unexpected system service exception Current Process: RCM_COLLECT Current Image: DSA0:[SYS0.SYSCOMMON.] [SYSTEST]RADCHECK.EXE;1 Failing PC: FFFFFFFF.801553E4 MMG$RAD_CHECK_SYSTEM_C+000E4 Failing PS: 10000000.00000003 Module: SYS$VM (Link Date/Time: 4-NOV-2002 16:41:24.02) Offset: 000053E4 Stack Pointers: KSP = 00000000.7FFA1B98 ESP = 00000000.7FFA6000 SSP = 00000000.7FFAC100 USP = 00000000.7AE61A30 Images Affected: - [SYS$LDR]SYS$VM.EXE 6.1.2.2 CLDs, and QARs reporting this problem: 6.1.2.3 CLD(s) CFS.99244 6.1.2.4 QAR(s) None. Page 12 6.1.2.5 Problem Analysis: The last PTE for the global page table ends at MMG$GQ_MAX_GPTE-8, but the routine mmg$rad_check_system will continue checking PTEs up until MMG$GQ_MAX_GPTE. If MMG$GQ_MAX_GPTE is within the same page as MMG$GQ_MAX_GPTE-8, the problem does not occur. However, if MMG$GQ_MAX_GPTE transitions to the next, nonexistent, page, the access violation will be generated trying reference the nonexistent PTE. 6.1.2.6 Work-arounds: None. 6.1.3 Fibre Channel disks hang and do not failover 6.1.3.1 Problem Description: If a fibre channel switch is disabled and the votes from a fibre channel quorum disk are required to maintain quorum, Fibre Channel disks might not all failover and can hang. Images Affected: - [SYS$LDR]IO_ROUTINES.EXE - [SYS$LDR]IO_ROUTINES_MON.EXE - [SYS$LDR]IO_ROUTINES.STB - [SYS$LDR]IO_ROUTINES_MON.STB 6.1.3.2 CLDs, and QARs reporting this problem: 6.1.3.3 CLD(s) 70-3-6902 6.1.3.4 QAR(s) None. 6.1.3.5 Problem Analysis: If the active I/O on a fibre channel device fails and the I/O is not otherwise eligible for mount verification, mount verification will not be triggered. Since mount verification is what triggers multipath failover, the affected devices can get hung on a failed path. Page 13 6.1.3.6 Work-arounds: None. 6.1.4 "INCONSTATE, Inconsistent I/O data base" bugcheck when running HSM 6.1.4.1 Problem Description: When running Hierarchical Storage Management (HSM) software, the system can crash with an "INCONSTATE, Inconsistent I/O data base" bugcheck: Crashdump Summary Information: ------------------------------ Bugcheck Type: INCONSTATE, Inconsistent I/O data base Current Image: AIM3$DKA100:[SYS0.SYSCOMMON.] [SYSEXE]DIRECTORY.EXE Failing PC: FFFFFFFF.800E0218 IOC$IOPOST_C+00878 Failing PS: 38000000.00000404 Module: IO_ROUTINES_MON (Link Date/Time: 10-JAN-2003 18:40:58.28) Offset: 0000C218 Stack Pointers: KSP = 00000000.7AFFD078 ESP = 00000000.7FF8C000 SSP = 00000000.7FF9CD00 USP = 00000000.7AE8D960 Images Affected: - [SYS$LDR]IO_ROUTINES.EXE - [SYS$LDR]IO_ROUTINES_MON.EXE - [SYS$LDR]IO_ROUTINES.STB - [SYS$LDR]IO_ROUTINES_MON.STB 6.1.4.2 CLDs, and QARs reporting this problem: 6.1.4.3 CLD(s) 75-83-779,75-83-1015 6.1.4.4 QAR(s) None. Page 14 6.1.4.5 Problem Analysis: If the cache_resume bit is set in IRP, DIOCNT was increased by iociopost and cache$resume for the same I/O. 6.1.4.6 Work-arounds: None. 6.1.5 ioperform buffers show a START_IO but no matching END_IO 6.1.5.1 Problem Description: It is possible for ioperform buffers to show a start request (START_IO) but no matching end request (END_IO). Images Affected: - [SYS$LDR]IO_ROUTINES.EXE - [SYS$LDR]IO_ROUTINES_MON.EXE - [SYS$LDR]IO_ROUTINES.STB - [SYS$LDR]IO_ROUTINES_MON.STB 6.1.5.2 CLDs, and QARs reporting this problem: 6.1.5.3 CLD(s) 70-3-6992,CFS.99737 6.1.5.4 QAR(s) None. 6.1.5.5 Problem Analysis: MVIRP's did not correctly call PMS$START_IO & PMS$END_IO. 6.1.5.6 Work-arounds: None. Page 15 6.1.6 Various system crashes 6.1.6.1 Problem Description: If the SYSGEN parameter MPW_WRTCLUSTER is set above 430 on multiprocessor or 94 on uniprocessor systems the system may experience system crashes such as: o INCONSTATE bugchecks in SMP$ACQNOIPL_C trying to take out the SCHED spinlock in PAGEFAULT's PROCPAG routine at IPL 2. o INCONSTATE bugchecks in SMP$ACQNOIPL_C trying to take out the MMG spinlock in SYSCREDEL's DELPAG_WRTBAK routine at IPL 2. o INCON_SCHED bugchecks in SCH$FIND_NEXT_PROC_INT_C, or SCH$STATE_TO_COM_C trying to schedule a process in PFW (Page Fault Wait) state. o CPUSPINWAIT bugchecks caused by acquiring the SCHED or MMG spinlocks at IPL 2 and being interrupted by code requesting another spinlock owned by another CPU, which is in turn waiting for the SCHED or MMG spinlock. o INVEXCEPTNs trying to execute the same single threaded process on two different CPUs at the same time, resulting in the corruption of the process' kernel stack. o The PFW queue merged in with a COM queue, usually resulting in an INCON_SCHED or a CPUSPINWAIT bugcheck. o An INVEXCEPTN at SCH$QEND_C+38 trying to access the cell CTL$GL_REPORT_USER_FAULTS. Users may also see the following: o Processes that are stuck in CUR state but on the PFW queue and not executing. o Processes stuck in PFW on the PFW queue and not executing Images Affected: - [SYS$LDR]IO_ROUTINES.EXE - [SYS$LDR]IO_ROUTINES_MON.EXE - [SYS$LDR]IO_ROUTINES.STB Page 16 - [SYS$LDR]IO_ROUTINES_MON.STB 6.1.6.2 CLDs, and QARs reporting this problem: 6.1.6.3 CLD(s) CFS.99169,CFS.98796,CFS.98578,CFS.97413 6.1.6.4 QAR(s) None. 6.1.6.5 Problem Analysis: On multiprocessor systems (or uniprocessor systems with full spinlock checking enabled) ioc$gl_diobm_ptecnt_max will be set to 430. On uniprocessor systems it will be set to 94. Thus setting MPW_WRTCLUSTER above these values causes DIOBM to take "method 3" in DIOBM, the code path that ends up calling mmg_std$lockpgtb_64 and dropping IPL to 2, IPL$_ASTDEL. 6.1.6.6 Work-arounds: None. 6.1.7 Nonpaged pool usage by IRPs increases over time and can lead to hangs or crashes 6.1.7.1 Problem Description: Nonpaged pool usage by IRPs increases over time and can lead to hangs or crashes (CPUSPINWAIT and other CPU executing in EXE$DEALLCOATE). Crashdump Summary Information: ----------------------- ------- Bugcheck Type: CPUSPINWAIT, CPU spinwait timer expired Current Process: NULL Current Image: Failing PC: FFFFFFFF.800883A4 SMP$TIMEOUT_C+00064 Failing PS: 08000000.00000804 Module: SYSTEM_SYNCHRONIZATION_MIN (Link Date/Time: 19-FEB-2003 11:27:32.44) Offset: 000003A4 Failing Instruction: SMP$TIMEOUT_C+00064: BUGCHK Page 17 Images Affected: - [SYS$LDR]IO_ROUTINES.EXE - [SYS$LDR]IO_ROUTINES_MON.EXE - [SYS$LDR]IO_ROUTINES.STB - [SYS$LDR]IO_ROUTINES_MON.STB 6.1.7.2 CLDs, and QARs reporting this problem: 6.1.7.3 CLD(s) CFS.100461,70-3-7096 6.1.7.4 QAR(s) None. 6.1.7.5 Problem Analysis: SDA> SHOW POOL/NONPAGED/HEADER/TYPE=IRP shows groups of IRPs in pool with the same IRP$L_PID. The number of IRPs in each group matches the number of local SCSI devices in the system. Each process executing a SYSMAN IO SCSI_PATH_VERIFY command will cause as many IRPs to be leaked as there a local SCSI devices on the system. If this command is used clusterwide (after a SYSMAN> SET ENV/CLUSTER command), the leaked IRPs on the remote node have IRP$L_PID = SMISERVER internal PID on the remote node. 6.1.7.6 Work-arounds: None. 6.1.8 RWAST hangs 6.1.8.1 Problem Description: A system can hang in RWAST. Images Affected: - [SYS$LDR]SYS$VM.EXE Page 18 6.1.8.2 CLDs, and QARs reporting this problem: 6.1.8.3 CLD(s) CFS.98540 6.1.8.4 QAR(s) None. 6.1.8.5 Problem Analysis: $DELTVA can enter an RWAST state indefinitely. $DELTVA typically enters RWAST at IPL 2 when it encounters a page to be deleted which has I/O active. When the I/O completes, the RWAST will be terminated and page deletion will continue. However, if the I/O is dependent on the delivery of an AST in order to complete, $DELTVA will never come out of the RWAST state, as AST's cannot be delivered while at IPL 2. This was corrected previously, in certain cases, by waiting at IPL 0 instead of 2. IPL 0 allows AST delivery and, therefore I/O completion. This current fix extends the "waiting at IPL 0" concept to some other cases, namely: o Shared pages. o Pages in user-defined regions. 6.1.8.6 Work-arounds: None. 6.1.9 "INVSECURESTATE, Invalid state detected by SECURITY subsystem" bugcheck 6.1.9.1 Problem Description: A system can crash with an "INVSECURESTATE, Invalid state detected by SECURITY subsystem" bugcheck: Crashdump Summary Information: ------------------------------ Bugcheck Type: INVSECURESTATE, Invalid state detected by SECURITY subsystem Current Process: TNT_SERVER Current Image: $1$DUA0:[SYS3.SYSCOMMON.] [SYSEXE]TNT$SERVER.EXE Failing PC: FFFFFFFF.801A8E94 NSA$ASSUME_PERSONA_C+00064 Failing PS: 10000000.00000000 Module: SECURITY (Link Date/Time: Page 19 13-SEP-2000 06:39:51.16) Offset: 00006E94 Stack Pointers: KSP = 00000000.7FFA1C90 ESP = 00000000.7FFA5E00 SSP = 00000000.7FFAC100 USP = 00000000.00535C90 Failing Instruction: NSA$ASSUME_PERSONA_C+00064: BUGCHK Images Affected: - [SYS$LDR]SECURITY.EXE - [SYS$LDR]SECURITY_MON.EXE 6.1.9.2 CLDs, and QARs reporting this problem: 6.1.9.3 CLD(s) CFS.84630,CFS.92481 6.1.9.4 QAR(s) None. 6.1.9.5 Problem Analysis: When the reference counts of various persona structures fall out of sync, thesecurity subsystem triggers an INVSECURESTATE system crash when this condition is detected by the sanity checks. 6.1.9.6 Work-arounds: None. 6.1.10 "MFYNULPGFL, FREWSLE - no backing store, page not modified" bugcheck 6.1.10.1 Problem Description: A system can fail with a "MFYNULPGFL, FREWSLE - no backing store, page not modified" bugcheck Crashdump Summary Information: ------------------------------ Bugcheck Type: MFYNULPGFL, FREWSLE - no backing store, page not modified Current Process: Page 20 Current Image: DSA544:[IDS.TIBCO.ACMSDQ2] ACMSDQ.EXE;18 Failing PC: FFFFFFFF.8016ED9C MMG$FREWSLX_64_C+004BC Failing PS: 14000000.00000800 Module: SYS$VM (Link Date/Time: 28-MAR-2002 14:28:51.00) Offset: 00018D9C Failing Instruction: MMG$FREWSLX_64_C+004BC: BUGCHK Images Affected: - [SYS$LDR]SYS$VM.EXE 6.1.10.2 CLDs, and QARs reporting this problem: 6.1.10.3 CLD(s) CFS.94266, CFS.95672, CFS.100378, CFS.100405, CFS.101858, CFS.101871 6.1.10.4 QAR(s) None. 6.1.10.5 Problem Analysis: It appears to be a race condition between the pagefault code and $DELPAG. 6.1.10.6 Work-arounds: None. 6.1.11 Process Hang 6.1.11.1 Problem Description: Calling $GETJPI to get rights data from a remote process that is logging into the system can result in a hang of both the requesting process, and the login process. If the login process is holding an RMS record lock in the SYSUAF file at the time of the hang, all other processes trying to login against that record will also hang. Images Affected: Page 21 - [SYSLDR]PROCESS_MANAGEMENT.EXE - [SYSLDR]PROCESS_MANAGEMENT.STB - [SYSLDR]PROCESS_MANAGEMENT_MON.EXE - [SYSLDR]PROCESS_MANAGEMENT_MON.STB 6.1.11.2 CLDs, and QARs reporting this problem: 6.1.11.3 CLD(s) CFS.102404,70-3-7338 6.1.11.4 QAR(s) None. 6.1.11.5 Problem Analysis: A call to $GETJPI with an itemlist requesting RIGHTS data, providing a return buffer smaller than necessary to hold all the rights requested, and followed by at least one more item in the list, could set the $GETJPI Special KAST MOVEFU: to loop indefinitly in the process space of the target process. Since the target process "hangs", a return Special KAST to return the data to the requestor is never scheduled, thus hanging the requestor process as well. 6.1.11.6 Work-arounds: None. 7 PROBLEMS ADDRESSED IN VMS73_SYS-V0600 KIT o A system can hang or crash with an INVEXCEPTN bugcheck. The symptoms of this problem can take several different forms, including exception bugchecks and forced crashes of hung systems. Crashes have occurred at PC = PROCESS_MANAGEMENT+0AAF8 = SCH$ONE_SEC_C+00258 in module [SYS]RSE and at PC = LOCKING+0ADE0 = LCK$QUEUEWAIT_C+00050 in module [SYS]SYSENQDEQ. Crashdump Summary Information: ------------------------------ Bugcheck Type: OPERCRASH, Operator forced system crash Current Process: NULL Current Image: Failing PC: FFFFFFFF.8013813C SCH$CLASS_IDLE_C+000BC Page 22 Failing PS: 00000000.00000003 Module: PROCESS_MANAGEMENT (Link Date/Time: 28-MAR-2002 14:21:36.47) Offset: 0003213C Failing Instruction: SCH$CLASS_IDLE_C+000BC: CMPLE R2,#X3F,R7 Crashdump Summary Information: ------------------------------ Bugcheck Type: OPERCRASH, Operator forced system crash Current Process: NULL Current Image: Failing PC: FFFFFFFF.92637FC8 Failing PS: 00000000.00001504 Module: Offset: 00000000 Failing Instruction: FFFFFFFF.92637FC8: BR R31,#XFFFF9F Images Affected: - [SYS$LDR]PROCESS_MANAGEMENT.EXE - [SYS$LDR]PROCESS_MANAGEMENT.STB - [SYS$LDR]PROCESS_MANAGEMENT_MON.EXE - [SYS$LDR]PROCESS_MANAGEMENT_MON.STB o When creating many resource domain IDs via $SET_RESOURCE_DOMAIN with RSDM$_JOIN_DOMAIN, subsequent calls to end that association with RSDM$_LEAVE could result in the error SS$_RSDMNOTFOU (resource domain not found) on some IDs. Images Affected: - [SYS$LDR]LOCKING.EXE o Several multi-threaded servers have experienced a condition where the reference counts of various persona structures have fallen out of sync. The security subsystem triggers an INVSECURESTATE system crash when this condition is detected by the sanity checks. Crashdump Summary Information: ------------------------------ Bugcheck Type: INVSECURESTATE, Invalid state detected by SECURITY subsystem Current Process: TNT_SERVER Current Image: $1$DUA0:[SYS3.SYSCOMMON.][SYSEXE] Page 23 TNT$SERVER.EXE Failing PC: FFFFFFFF.801A8E94 NSA$ASSUME_PERSONA_C+00064 Failing PS: 10000000.00000000 Module: SECURITY (Link Date/Time: 13-SEP-2000 06:39:51.16) Offset: 00006E94 Images Affected: - [SYS$LDR]SECURITY.EXE - [SYS$LDR]SECURITY_MON.EXE o After installing the DEC-AXPVMS-VMS73_SYS-V0500--4.PSCI ECO kit, process hangs could occur when using SMTP mail. When sending a mail message via SMTP, the mail is delivered but the process handling SMTP mail delivery hangs on creating the mail notification. The mail delivery notification is never sent and any subsequent SMTP mail accumulates, unsent, in the queue. The process hangs occur because BRKTHR tries to allocate memory from P1 space. If it is unsuccessful, it tries to allocate from P0 space. This is when the hangs occur. This kit removes the code fix for V7.3 that caused this problem to occur. This fix was originally done to solve the following problem. Since this fix is being removed, this problem could re-occur: - The system can crash with a SSRVEXCEPT bugcheck when an image exits before the $BRKTHRU has been delivered to some of its targets. Note that occurrence of this problem is rare and can only occur if: 1. A user program must use the asynchronous version of the system call $BRKTHRU -- using the synchronous form, $BRKTHRUW, prevents this) 2. The P1 allocation area sized by the SYSGEN parameter CTLPAGES must be exhausted 3. The program must then exit before the $BRKTHRU call has finished sending messages to all the appropriate terminals. Note that the third issue cannot happen if the synchronous form of the $BRKTHRU call, $BRKTHRUW, is used. Crash Dump Summary: ------------------- Bugcheck Type: SSRVEXCEPT, Unexpected system service exception Current Process: SDNCC_MBX_MAIN Current Image: Page 24 Failing PC: FFFFFFFF.98B56AAC IO_ROUTINES+46AAC Failing PS: 00000000.00000000 Module: IO_ROUTINES (Link Date/Time: 17-MAR-2001 03:30:01.24) Offset: 00046AAC Signal Array: 64-bit Signal Array: Arg Count = 00000005 Arg Count = 00000005 Condition = 0000000C Condition = 00000000.0000000C Argument #2 = 00000000 Argument #2 = 00000000.00000000 Argument #3 = 006C41D0 Argument #3 = 00000000.006C41D0 Argument #4 = 98B56AAC Argument #4 = FFFFFFFF.98B56AAC Argument #5 = 00000000 Argument #5 = 00000000.00000000 Failing Instruction: IO_ROUTINES+46AAC: LDL R6,(R7) Images Affected: - [SYS$LDR]IO_ROUTINES.EXE - [SYS$LDR]IO_ROUTINES.STB - [SYS$LDR]IO_ROUTINES_MON.EXE - [SYS$LDR]IO_ROUTINES_MON.STB o Recent changes to handle segmented data capturing from remote processes failed to detect possible data overrun conditions. If a buffer of insufficient size is passed to the service, the resulting overrun could result in NPP corruption. Customer's experiencing a crash due to the data overrun would see corruption in NNP as the cause. Programs that pass data buffers too small to contain the data items request, JPI$_RIGHTLIST items in particular, can trigger this crash. Images Affected: - [SYS$LDR]PROCESS_MANAGEMENT.EXE - [SYS$LDR]PROCESS_MANAGEMENT.STB - [SYS$LDR]PROCESS_MANAGEMENT_MON.EXE - [SYS$LDR]PROCESS_MANAGEMENT_MON.STB o The system can crash with an INVEXCEPTN, Exception while above ASTDEL bugcheck at FIND_CVCB_C+0001C. Crashdump Summary Information: ------------------------------ Bugcheck Type: INVEXCEPTN, Exception while above ASTDEL Current Process: NULL Current Image: Page 25 Failing PC: FFFFFFFF.8022939C FIND_CVCB_C+0001C Failing PS: 20000000.00000804 Module: SYS$VCC (Link Date/Time: 5-AUG-2001 01:16:26.26) Offset: 0000539C Stack Pointers: KSP = FFFFFFFF.C5FE9BE8 ESP = FFFFFFFF.C5FEB000 SSP = FFFFFFFF.C5FD5000 USP = FFFFFFFF.C5FD5000 Images Affected: - [SYS$LDR]SYS$VCC.EXE - [SSY$LDR]SYS$VCC_MON.EXE o Under rare circumstances the nonpaged pool expansion code could try to allocate additional physical memory for pool expansion without proper synchronization (ie, without the MMG spinlock). This results in lost synchronization to the PFN data base that in turn could lead to a PFNREFNZRO bugcheck. Crashdump Summary Information: ------------------------------ Bugcheck Type: PFNREFNZRO, PFN reference count nonzero Current Process: BATCH_515 Current Image: $1$DGA20:[SQR4_3_4.ORA.BIN]SQR.EXE;6 Failing PC: FFFFFFFF.8006A82C MMG$INS_PFNH_C+0014C Failing PS: 18000000.00000203 Module: SYSTEM_PRIMITIVES_MIN (Link Date/Time: 4-NOV-2002 16:37:10.53) Offset: 0004282C Stack Pointers: KSP = 00000000.7FFA1AD8 ESP = 00000000.7FFA6000 SSP = 00000000.7FFAC100 USP = 00000000.7A8FDE50 Images Affected: - [SYS$LDR]SYSTEM_PRIMITIVES.EXE - [SYS$LDR]SYSTEM_PRIMITIVES.STB - [SYS$LDR]SYSTEM_PRIMITIVES_MIN.EXE - [SYS$LDR]SYSTEM_PRIMITIVES_MIN.STB o An image without UIC based protection access to a QUEUE object, but which is installed with the OPER privilege, will not be able to manipulate the QUEUE object as allowed when holding the OPER privilege. This can result in a "%JBC-E-NOPRIV, insufficient privilege or queue protection violation" error message. Page 26 Images Affected: - [SYS$LDR]MESSAGE_ROUTINES.EXE o On IO to a fibre channel disk, there are two SIO entries made in the IOPERFORM buffers for each IO request. Normally we would expect to see SRQ (start request), SIO (start IO), EIO (end IO, and ERQ (end request). What we are seeing SRQ, SIO, SIO, EIO, and ERQ. Images Affected: - [SYS$LDR]IO_ROUTINES.EXE - [SYS$LDR]IO_ROUTINES.STB - [SYS$LDR]IO_ROUTINES_MON.EXE - [SYS$LDR]IO_ROUTINES_MON.STB o Converting an integer to IEEE S floating with software completion produces a denormal (i.e. very small) result value for very large integer values. These denormal values cannot be represented exactly in the available mantissa bits. The following C program demonstrates the problem : $ type test.c #include main() { const float f1 = (float) 0x7fffffff; const float f2 = (float) 2147483647; const float f3 = (float) 2147483647.0; printf("f1 = %f\n", f1); printf("f2 = %f\n", f2); printf("f3 = %f\n", f3); return 0; } $ cc /float=ieee /ieee=denorm test $ link test $ run test f1 = 0.000000 f2 = 0.000000 f3 = 2147483648.000000 $ Note that any code using floating point constants to hold the float numbers, that is suffering from this bug, needs to be recompiled and relinked after the applying the new image. Images Affected: Page 27 - [SYS$LDR]EXCEPTION.EXE - [SYS$LDR]EXCEPTION_MON.EXE o Callers to IO_PERFORM that have not provided an astprm when they completed IO_SETUP can cause the system to crash. The timing of this problem is such that it has only happened when XFC is being used. The crash typically occurs in CACHE$RESUME, in XFC, when a FASTIO IRP is one which XFC has already dismissed. Crashdump Summary Information ----------------------------- Bugcheck Type: ASSERTFAIL, System ASSERT failure detected Current Process: ORA_PRSPC3267 Current Image: $1$DGA2:[ORACLE.V734.RDBMS]SRV.EXE Failing PC: FFFFFFFF.802DE6B0 CACHE$RESUME_C+00AC0 Failing PS: 10000000.00000804 Module: SYS$XFCACHE (Link Date/Time: 15-JUL-2002 16:07:47.11) Offset: 000246B0 Stack Pointers: KSP = 00000000.7FFA1E90 ESP = 00000000.7FFA6000 SSP = 00000000.7FFAC100 USP = 00000000.7AF19DC0 Images Affected: - [SYS$LDR]IO_ROUTINES.EXE - [SYS$LDR]IO_ROUTINES_MON.EXE o In the case where a fibre channel switch is disabled and the votes from a fibre channel quorum disk are required to maintain quorum, fibre channel disks may not all failover, and may hang. Images Affected: - [SYS$LDR]IO_ROUTINES.EXE - [SYS$LDR]IO_ROUTINES_MON.EXE o The system can crash when HSM is running in the system. The crash indicates that DIOCNT is larger than DIOLMT. Images Affected: - [SYS$LDR]IO_ROUTINES.EXE - [SYS$LDR]IO_ROUTINES_MON.EXE Page 28 8 INSTALLATION INSTRUCTIONS: 8.1 Installation Command Install this kit with the POLYCENTER Software installation utility by logging into the SYSTEM account, and typing the following at the DCL prompt: PRODUCT INSTALL VMS73_SYS /SOURCE=[location of Kit] The kit location may be a tape drive, CD, or a disk directory that contains the kit. Additional help on installing PCSI kits can be found by typing HELP PRODUCT INSTALL at the system prompt 8.2 Scripting of Answers to Installation Questions During installation, this kit will ask and require user response to several questions. If you wish to automate the installation of this kit and avoid having to provide responses to these questions, you must create a DCL command procedure that includes the following definitions and commands: - $ DEFINE/SYS NO_ASK$BACKUP TRUE - $ DEFINE/SYS NO_ASK$REBOOT TRUE - Add the following qualifiers to the PRODUCT INSTALL command and add that command to the DCL procedure. /PROD=DEC/BASE=AXPVMS/VER=V7.0 - De-assign the logicals assigned For example, a sample command file to install the VMS73_SYS-V0700 kit would be: $ $ DEFINE/SYS NO_ASK$BACKUP TRUE $ DEFINE/SYS NO_ASK$REBOOT TRUE $! $ PROD INSTALL VMS73_SYS/PROD=DEC/BASE=AXPVMS/VER=V7.0 $! $ DEASSIGN/SYS NO_ASK$BACKUP $ DEASSIGN/SYS NO_ASK$REBOOT $! $ exit Page 29 9 COPYRIGHT AND DISCLAIMER: (C) Copyright 2003 Hewlett-Packard Development Company, L.P. Confidential computer software. Valid license from HP and/or its subsidiaries required for possession, use, or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license. Neither HP nor any of its subsidiaries shall be liable for technical or editorial errors or omissions contained herein. The information in this document is provided "as is" without warranty of any kind and is subject to change without notice. The warranties for HP products are set forth in the express limited warranty statements accompanying such products. Nothing herein should be construed as constituting an additional warranty. DISCLAIMER OF WARRANTY AND LIMITATION OF LIABILITY THIS PATCH IS PROVIDED AS IS, WITHOUT WARRANTY OF ANY KIND. ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR PARTICULAR PURPOSE, OR NON-INFRINGEMENT, ARE HEREBY EXCLUDED TO THE EXTENT PERMITTED BY APPLICABLE LAW. IN NO EVENT WILL COMPAQ BE LIABLE FOR ANY LOST REVENUE OR PROFIT, OR FOR SPECIAL, INDIRECT, CONSEQUENTIAL, INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY OF LIABILITY, WITH RESPECT TO ANY PATCH MADE AVAILABLE HERE OR TO THE USE OF SUCH PATCH.