DUV32DE2AS00004-19980311 DIGITAL UNIX V3.2D/E-2 Aggregate ECO Summary
Copyright (c) DIGITAL Equipment Corporation 1998. All rights reserved.
PRODUCT: DIGITAL UNIX [R] 3.2DE2
SOURCE: DIGITAL Equipment Corporation
ECO INFORMATION:
ECO Name: DUV32DE2AS00004-19980311
ECO Kit Approximate Size: 39MB
Kit Applies To: DIGITAL UNIX 3.2DE2
ECO KIT SUMMARY:
An update ECO kit exists for DIGITAL UNIX 3.2DE2. This is the aggregate,
setld-based, patch kit for DIGITAL UNIX 3.2DE2. It is a cumulative patch kit
that contains all patches that are currently available for distribution. The
patch kit provides the ability to selectively install patches.
The Release Notes and Installation Instructions document provides patch kit
installation and removal instructions and a summary of each patch. Please read
through the document prior to installing patches on your system.
Note:
At this time, the release note/installation document is only available in
postscript form. It will be available in text and HTML formats in the future.
INSTALLATION NOTES:
1. Install this kit with the dupatch utility that is included in the patch kit.
The Release Notes and Installation Instructions document provides detailed
patch installation, patch removal, and a summary of each patch. You may
need to baseline your system if you have manually changed system files on
your system. The dupatch utility provides the baselining capability.
SUPERSEDED PATCH LIST:
This patch kit supersedes the following DIGITAL UNIX patches:
DUV32DE2AS00003-19971029 ! Previous Aggregate Patch Kit
duv32de2ss0000200029100-19970624 ! Early release of Patch 291.00
KNOWN PROBLEMS WITH THE PATCH KIT:
None.
[R] UNIX is a registered trademark in the United States and other countries
licensed exclusively through X/Open Company Limited.
Copyright DIGITAL Equipment Corporation 1998. All Rights reserved.
This software is proprietary to and embodies the confidential technology
of DIGITAL Equipment Corporation. Possession, use, or copying of this
software and media is authorized only pursuant to a valid written license
from DIGITAL or an authorized sublicensor.
This ECO has not been through an exhaustive field test process.
Due to the experimental stage of this ECO/workaround, DIGITAL
makes no representations regarding its use or performance. The
customer shall have the sole responsibility for adequate protection
and back-up data used in conjunction with this ECO/workaround.
===============================================================================
This patch fixes a problem where a system with more than one PCI bus will fail
to configure the loadable device drivers.
PROBLEM: (42593) (Patch ID: OSF365-008)
********
This patch fixes a problem where a system with more than one PCI bus
will fail to configure the loadable device drivers.
You can see that the device drivers are loaded, but they cannot
be configured or unloaded.
FILE(s):
/usr/sys/BINARY/ldbl_controller_support.o subset OSFHWBIN350
CHECKSUM: 28835 8 RCSfile: ldbl_controller_support.c RCS: 1.1.14.3
/usr/sys/BINARY/pci.o subset OSFHWBIN365
CHECKSUM: 23435 29 RCSfile: pci.c RCS: 1.1.103.2
/usr/sys/BINARY/stanza_resolver.o subset OSFHWBIN350
CHECKSUM: 56519 16 RCSfile: stanza_resolver.c RCS: 1.1.15.3
===============================================================================
Fixes a problem where a system, with a RAID set for a dump device, will not
save the crash dump to the RAID set after a panic.
PROBLEM: (MCPMA0101) (Patch ID: OSF365-011)
********
Fixes a problem where a system, with a RAID set for a dump device,
will not save the crash dump to the RAID set after a panic.
This results in crash dumps not being performed and errors not being logged
to the error log files.
FILE(s):
/usr/sys/BINARY/ruby_common.o subset OSFHWBIN365
CHECKSUM: 57663 16 RCSfile: ruby_common.c RCS: 1.1.27.2
---------------------
===============================================================================
Crash-dumps to non-re0 RAID devices broken on all PCI & EISA machines.
PROBLEM: (QAR 46654) (Patch ID: OSF365-025)
********
When a system crash is attempted to a RAID disk that is anything but device
"re0", the crash dump will fail.
The typical (console) error message will look something like this:
(this is a dump to re3):
DUMP: 8482815 blocks available for dumping.
DUMP: 524273 required for a full dump.
DUMP: Our last 524272 goes in the 8220671 on 0xb00082, starting at 0
DUMP.prom: dev RAID 1 3 0 3 3 0 0, block 131072
DUMP.prom: I/O error on RAID 1 3 0 3 3 0 0: bn = 262143, status = -1
^.............
the error is that the 5th field should be zero -'
This problem can be reproduced on a PCI or EISA machine with a RAID
controller (SWXCR-xx) by forcing a system crash when the swap device
is anything but re0. To force a system crash, refer to the Guide to Kernel
Debugging, section 4.7.
FILE(s):
/usr/sys/BINARY/console.o subset OSFHWBIN365
CHECKSUM: 52048 12 RCSfile: console.c RCS: 1.1.76.2
===============================================================================
An ioctl() system call within a user application will fail if the TIOCM_RI flag
is passed as an argument to this system call.
PROBLEM: ( HPAQ248A7 ) (Patch ID: OSF365-030)
********
An ioctl() system call within a user application will fail if
the TIOCM_RI flag is passed as an argument to this system call.
There are no stack traces associated with this failure, the ioctl()
system call within an application will fail.
FILE(s):
/usr/sys/BINARY/ace.o subset OSFHWBIN365
CHECKSUM: 12790 28 RCS: ace.c Revision: 1.1.80.2
===============================================================================
SUPERSEDES PATCHES: OSF365-006 (6.00), OSF365-024 (24.00)
This patch corrects the following:
- A problem that occurs with the NCR 53C8XX driver (psiop) in which the device
may not appear to be on the SCSI bus.
- Data corruption due to change in DNAD register behavior on Symbios
810A/825A/860/875 chips.
- At boot, when probing the psiop driver, the system may continuously loop
generating the following error message:
"siopintr: interrupt for non-initialized controller"
PROBLEM: (QAR 36371) (Patch ID: OSF365-006)
********
At boot, when probing the psiop driver, the system may continuously loop
generating the following error message:
"siopintr: interrupt for non-initialized controller"
This error rarely occurs. Our test cases only encountered it when continuously
rebooting for 18+ hours. To cause the machine to reboot, the system usually
started a "shutdown -r now" as part of the bootup sequence
PROBLEM: (QAR 46878) (Patch ID: OSF365-024)
********
Data corruption due to change in DNAD register behavior on
Symbios 810A/825A/860/875 chips.
This data corruption problem is difficult to detect as no error report, etc
is given when it occurs. The data corruption can be identified by the
pattern in the corrupted data. Commonly, at the point of corruption, there
will be 3 bytes of unknown data inserted into the valid data stream.
This problem is induced by a chip register behavior change between the 810
and 810a. The register (DNAD) is used to calculate the next dma address
whenever a dma transfer is interrupted by a phase change by the scsi device.
This problem can be reproduced using the UEG engineering test script
"dt_tag_rotate_sh" which tests unaligned data accesses.
PROBLEM: (49240) (Patch ID: OSF365-039)
********
This patch fixes a problem that occurs with the NCR 53C8XX driver (psiop).
In rare cases when negotiating sync xfr rates, the driver may reject the
target's Synchronous Transfer Negotiation, even if the target replied with a
synchronous offset equal to zero, thereby implying asynchronous transfers.
A device not expecting this behavior may not appear to be connected to the
system.
The RW531 Optical Jukebox, with Rev 0.37 firmware or later, does not expect
this behavior and will exhibit the symptoms of the optical disk devices
appearing on the SCSI bus, but not the changer devices.
FILE(s):
/usr/sys/BINARY/psiop.o subset OSFHWBIN365
CHECKSUM: 48036 173 RCSfile: psiop.c RCS: 1.1.53.5
/usr/sys/BINARY/psiop_pci.o subset OSFHWBIN365
CHECKSUM: 43032 26 RCSfile: psiop_pci.c RCS: 1.1.39.3
/usr/sys/include/io/cam/siop/pci_scripthost.h subset OSFBINCOM365
CHECKSUM: 18806 16 RCSfile: pci_scripthost.h RCS: 1.1.36.2
===============================================================================
SUPERSEDES PATCHES: OSF365-023 (23.00)
This patch corrects the following:
- This patch fixes a Token Ring transmission timeout. The driver can experience
"ID 380PCI20001 (8/13/95)" as described in the TI380PCI Errata.
- The token ring driver, when storing the product_id, can cause corruption
which can result in a kernel read access panic.
PROBLEM: (UVO104380, HPAQ47704) (Patch ID: OSF365-023)
********
The corruption caused by the token ring driver can result in
an invalid memory read access from kernel mode panic.
The significant indicator is the faulting virtual address,
being repeated 'ef'. A representative example follows:
trap: invalid memory read access from kernel mode
faulting virtual address: 0xefefefefefeff28f
pc of faulting instruction: 0xfffffc00005675e4
ra contents at time of fault: 0xfffffc000056b54c
sp contents at time of fault: 0xffffffff87dc6a20
PROBLEM: (HPAL83FE3) (Patch ID: OSF365-042)
********
This patch fixes a Token Ring transmission timeout. The driver can experience
"ID 380PCI20001 (8/13/95)" as described in the TI380PCI Errata.
FILE(s):
/usr/sys/BINARY/if_tra.o subset OSFHWBIN365
CHECKSUM: 02692 66 RCSfile: if_tra.c RCS: 1.1.56.5
===============================================================================
SUPERSEDES PATCHES: OSF365-350104 (108.00)
This patch corrects the following:
- Fixes a problem where processes will hang in an uninterruptable state while
using NFS loopback mounts.
- Kernel memory fault in ubc_sync_iodone().
PROBLEM: (MCPMC8AC6) (Patch ID: OSF365-350104)
********
The panic was seen when a large number (~150) of "fastdd" is run using
seperate LSM raw volumes and writing to UFS files. UBC must be constrained
as follows:
ubc-minpercent=1
ubc-maxpercent=20
...
13 boot() [arch/alpha/machdep.c":1679, 0xfffffc000045a674]
14 panic() [bsd/subr_prf.c":757, 0xfffffc0000419d54]
15 trap() [arch/alpha/trap.c":1213, 0xfffffc0000468600]
16 _XentMM() [arch/alpha/locore.s":1307, 0xfffffc00004578a4]
17 ubc_sync_iodone() [vfs/vfs_ubc.c":1022, 0xfffffc0000298ddc]
18 ufs_rwblk() [ufs/ufs_vnops.c":4427, 0xfffffc000027a488]
19 ufs_writepages() [ufs/ufs_vnops.c":5385, 0xfffffc000027c15c]
20 ufs_putpage() [ufs/ufs_vnops.c":5187, 0xfffffc000027bc38]
21 ubc_page_alloc() [vfs/vfs_ubc.c":2144, 0xfffffc000029ba00]
22 ubc_lookup() [vfs/vfs_ubc.c":1789, 0xfffffc000029aa70]
23 ufs_getapage() [ufs/ufs_vnops.c":4797, 0xfffffc000027afbc]
24 ufs_getpage() [ufs/ufs_vnops.c":5112, 0xfffffc000027ba5c]
25 ufs_rwip() [ufs/ufs_vnops.c":5859, 0xfffffc000027cd44]
26 ufs_write() [ufs/ufs_vnops.c":1771, 0xfffffc0000276b00]
27 vn_write() [vfs/vfs_vnops.c":932, 0xfffffc00002973a0]
28 rwuio() [bsd/sys_generic.c":1071, 0xfffffc0000250bec]
29 write() [bsd/sys_generic.c":996, 0xfffffc0000250a78]
30 syscall() [arch/alpha/syscall_trap.c":519, 0xfffffc0000467474]
31 _Xsyscall() [arch/alpha/locore.s":1094, 0xfffffc0000457694]
PROBLEM: (HPAQC3A71) (Patch ID: OSF365-360024)
********
This patch fixes a problem where processes on a system may block
in an uninterruptible state and never run again.
This problem occurs when using NFS loopback mounts. The stack trace
of the current running processes on the system will not display a problem.
Although, if the stack trace of the blocked processes is displayed
and the trace for some of the kernel's NFS server threads is displayed -
it may look similar to the following:
THIS IS THE STACK TRACE FOR THE CLIENT:
> 0 thread_block() [kern/sched_prim.c":1903]
1 mpsleep() [bsd/kern_synch.c":441]
2 clntkudp_callit_addr() [rpc/clnt_kudp.c":631]
3 clntkudp_callit() [rpc/clnt_kudp.c":1008]
4 rfscall() [nfs/nfs_subr.c":837]
5 rfs3call() [nfs/nfs_subr.c":974]
6 nfs3commit() [nfs/nfs3_vnodeops.c":3754]
7 nfs3_putpage() [nfs/nfs3_vnodeops.c":3528]
8 ubc_page_alloc() [vfs/vfs_ubc.c":2145]
9 ubc_lookup() [vfs/vfs_ubc.c":1789]
10 page_lookup() [msfs/bs/bs_buffer2.c":872]
11 bs_pinpg_one_int() [msfs/bs/bs_buffer2.c":3218]
12 bs_pinpg_clone() [msfs/bs/bs_buffer2.c":2877]
13 bs_pinpg() [msfs/bs/bs_buffer2.c":2371]
14 fs_write() [msfs/fs/fs_read_write.c":515]
15 msfs_write() [msfs/osf/msfs_vnops.c":1547]
16 vn_write() [vfs/vfs_vnops.c":932]
17 rwuio() [bsd/sys_generic.c":1071]
18 write() [bsd/sys_generic.c":996]
19 syscall() [arch/alpha/syscall_trap.c":519]
20 _Xsyscall() [arch/alpha/locore.s":1094]
THIS IS THE STACK TRACE FOR THE SERVER THREAD WHICH WOKE UP TO HANDLE
THE ABOVE CLIENT's REQUEST:
> 0 thread_block() [kern/sched_prim.c":1891]
1 mpsleep() [bsd/kern_synch.c":441]
2 clntkudp_callit_addr() [rpc/clnt_kudp.c":631]
3 clntkudp_callit() [rpc/clnt_kudp.c":1008]
4 rfscall() [nfs/nfs_subr.c":837]
5 rfs3call() [nfs/nfs_subr.c":974]
6 nfs3commit() [nfs/nfs3_vnodeops.c":3754]
7 nfs3_putpage() [nfs/nfs3_vnodeops.c":3528]
8 ubc_page_alloc() [vfs/vfs_ubc.c":2145]
9 ubc_lookup() [vfs/vfs_ubc.c":1789]
10 page_lookup() [msfs/bs/bs_buffer2.c":872]
11 bs_pinpg_one_int() [msfs/bs/bs_buffer2.c":3218]
12 bs_pinpg_clone() [msfs/bs/bs_buffer2.c":2877]
13 bs_pinpg() [msfs/bs/bs_buffer2.c":2371]
14 get_clean_pg() [msfs/bs/ms_logger.c":1495]
15 lgr_writev_ftx() [msfs/bs/ms_logger.c":1258]
16 log_donerec_nunpin() [msfs/bs/ftx_routines.c":2719]
17 ftx_done_urdr() [msfs/bs/ftx_routines.c":1215]
18 ftx_done_n() [msfs/bs/ftx_routines.c":968]
19 msfs_fsync() [msfs/osf/msfs_vnops.c":1650]
20 rfs3_commit() [nfs/nfs3_server.c":5671]
21 rfs_dispatch() [nfs/nfs_server.c":6333]
22 nfs_rpc_input() [rpc/svc.c":717]
23 nfs_input() [nfs/nfs_server.c":5492]
24 nfs_thread() [nfs/nfs_server.c":5277]
THIS IS THE STACK TRACE FOR A SERVER THREAD WHICH WOKE UP TO HANDLE
THE ABOVE SERVER's REQUEST:
> 0 thread_block() [kern/sched_prim.c":1891]
1 thread_sleep() [kern/sched_prim.c":1581]
2 _cond_wait() [msfs/bs/ms_generic_locks.c":592]
3 _lk_lock() [msfs/bs/ms_generic_locks.c":931]
4 lgr_writev_ftx() [msfs/bs/ms_logger.c":1236]
5 log_donerec_nunpin() [msfs/bs/ftx_routines.c":2719]
6 ftx_done_urdr() [msfs/bs/ftx_routines.c":1215]
7 ftx_done_n() [msfs/bs/ftx_routines.c":968]
8 bs_sync_bf_flush() [msfs/bs/bs_qio.c":2402]
9 msfs_fsync() [msfs/osf/msfs_vnops.c":1608]
10 rfs3_commit() [nfs/nfs3_server.c":5665]
11 rfs_dispatch() [nfs/nfs_server.c":6333]
12 nfs_rpc_input() [rpc/svc.c":717]
13 nfs_input() [nfs/nfs_server.c":5492]
14 nfs_thread() [nfs/nfs_server.c":5277]
FILE(s):
/usr/sys/BINARY/vm_cfg.o subset OSFBIN365
CHECKSUM: 27273 7 RCSfile: vm_cfg.c RCS: 1.1.31.2
/usr/sys/BINARY/vfs_ubc.o subset OSFBIN350
CHECKSUM: 38443 54 RCSfile: vfs_ubc.c RCS: 1.1.118.3
===============================================================================
SUPERSEDES PATCHES: OSF365-360003 (48.00), OSF365-360037 (68.00)
This patch corrects the following:
- A problem in which PATHWORKS client does not see all the files in a directory
when the directory is an NFS mounted OpenVMS UCX exported directory.
- Fixes a problem in which mmap activity to a file that is NFS mounted may
cause the client process to hang after the file is deleted.
- Large memory growth of ucred structures can occur. This is especially
prevalent if a user is using setuid programs.
PROBLEM: (BRO100600) (Patch ID: OSF365-360003)
********
Large memory growth of ucred structures can occur. This is especially
prevalent if a user is using setuid programs.
PROBLEM: (QAR 33924) (Patch ID: OSF365-360037)
********
This patch fixes a problem in which mmap activity to a file
that is NFS mounted may cause the client process to hang
after the file is deleted.
PROBLEM: (MGO101779, QAR 46334) (Patch ID: OSF365-360050)
********
This patch fixes a problem in which PATHWORKS client does not
see all the files in a directory when the directory is an NFS
mounted OpenVMS UCX exported directory.
On an Digital UNIX system a nfs mount to a VMS-UCX system exists.
For this mount point a share is setup in Pathworks.
PCs connect to this share and don't see all files of this
VMS directory, some files and subdirectories are missing.
But on the pc it is possible to type the files which are
not seen or it is possible to do a cd to the directory
which is not seen. In Pathworks the user has all permissions
for that share so he can read all files, he can delete the
file but it is not possible to write a file to this
directory.
The same files which are seen on DOS are shown in
PWADMIN - Shared Resources - Permit!
Examples:
1. It is not possible to see the file x.txt.
If x.txt is renamed to a.txt then the file is seen in the
directory listing.
2. It is not possible to copy a file to this share (drive X)
COPY C:\CONFIG.SYS X: returns the error
File not found - X:CONFIG.SYS
0 Files copied
---------------
There is no problem in the directory listing if ls command
is executed on Digital UNIX. Besides ls -al displays root as
owner for every file.
FILE(s):
/usr/sys/BINARY/nfs_vnodeops.o subset OSFBIN365
CHECKSUM: 61827 42 RCS: nfs_vnodeops.c Revision: 1.1.104.7
/usr/sys/BINARY/nfs3_vnodeops.o subset OSFBIN365
CHECKSUM: 36031 50 RCSfile: nfs3_vnodeops.c RCS: 1.1.56.3
===============================================================================
The ar command's -x option, which extracts archive files, may, in error, return
a message stating that the file was not found.
PROBLEM: ( DJOB3K133, QAR 46595 ) (Patch ID: OSF365-360062)
********
The ar command's -x option, which extracts archive files, may
in error, return a message stating that the file was not found.
To duplicate the problem, create a library with the command
'ar r /tmp/foo.a /tmp/bar.o'.
Issuing the command 'ar -x /tmp/foo.a /tmp/bar.o' will generate
the message "ar: Error: /tmp/bar.o not found" even though the
file exists in the archive.
With the fix, the same command extracts /tmp/bar.o from /tmp/foo.a
without generating an error message.
FILE(s):
/usr/ccs/lib/cmplrs/cc/ar subset OSFBASE365
CHECKSUM: 44375 376 RCS: ar.c Revision: 4.2.33.2
===============================================================================
This patch allows system managers to both set and obtain quotas for users and
groups which are numeric when using the edquota, vedquota, quota and vquota
programs. It also provides new options to allow them to specify userids and
groupids.
PROBLEM: (HPXQ87072, QAR 46521) (Patch ID: OSF365-360064)
********
This patch allows system managers to both set and obtain quotas
for users and groups which are numeric when using the edquota, vedquota,
quota and vquota programs. It also provides new options to allow them to
specify userids and groupids.
In the past, when the input to these commands was a numeric username or
groupname, the commands would either report that the name couldn't be found,
or would interpret it as the wrong user or group
(when the name coincidentally matched a valid userid or groupid).
For circumstances where the user wishes to specify userid or groupid the
-U and -G options have been added.
This correction also extends the edquota and vedquota prototype
option to allow convenient use of names and ids. In the past a numeric
argument to the "-p" option was incorrectly considered an id, not a name.
Now, the argument to "-p" will always refer to a name while the argument
to the new option "-P" will refer to an id.
Examples
To apply the quotas of user1 to user2, specifying both by their names:
edquota -p user1name user2name
To apply the quotas of user1 (specified by id), to user2 (specified by id):
edquota -P user1id -U user2id
Also, note that new versions of the message catalogue files are issued
for each of the programs. These must be updated only if they are on the
system.
FILE(s):
/usr/lib/nls/msg/en_US.ISO8859-1/edquota.cat subset OSFBASE350
CHECKSUM: 26567 2 RCS:
/usr/lib/nls/msg/en_US.ISO8859-1/quota.cat subset OSFBASE350
CHECKSUM: 60092 1 RCS:
/usr/sbin/edquota subset OSFBASE365
CHECKSUM: 05679 112 RCS: edquota.c Revision: 4.2.29.2
/usr/sbin/quota subset OSFBASE365
CHECKSUM: 17675 112 RCS: quota.c Revision: 4.2.39.2
rquotaxdr.c Revision: 4.2.4.2
/usr/sbin/vedquota subset OSFADVFS365
CHECKSUM: 41580 576 RCS: vedquota.c Revision: 1.1.28.2
/usr/sbin/vquota subset OSFADVFS365
CHECKSUM: 08099 504 RCS: vquota.c Revision: 1.1.25.2
===============================================================================
A potential security vulnerability has been discovered, where under certain
circumstances users may gain unauthorized access. Digital has corrected this
potential vulnerability.
PROBLEM: (SSRT0329U, USG-01683) (Patch ID: OSF365-350061)
********
A potential security vulnerability has been discovered, where under certain
circumstances users may gain unauthorized access. Digital has corrected this
potential vulnerability.
FILE(s):
/usr/bin/rdist subset OSFINET350
CHECKSUM: 30097 88 RCSfile: server.c RCS: 4.2.21.2
===============================================================================
The bootp daemon appends a null character to file names in its responses.
PROBLEM: (BRO100554) (Patch ID: OSF365-350073)
********
The bootp server daemon, /usr/sbin/bootpd, appends a null byte to filenames
in its responses. Some BOOTP clients will fail to boot when they receive
these responses. The response packets will contain the null byte appended to
any filenames and the cooresponding length fields will count the null byte.
FILE(s):
/usr/sbin/bootpd subset OSFINET350
CHECKSUM: 43516 72 RCSfile: bootpd.c RCS: 4.2.25.2
RCSfile: dovend.c RCS: 1.1.8.2
RCSfile: readfile.c RCS: 4.2.12.2
===============================================================================
Fixes "timeout table overflow" panic on multiprocessor system.
PROBLEM: (QAR 39990) (Patch ID: OSF365-350079)
********
Fixes "timeout table overflow" panic on multiprocessor system.
FILE(s):
/usr/sys/BINARY/lwc.o subset OSFBIN350
CHECKSUM: 28630 6 RCSfile: lwc.c RCS: 1.1.22.2
----------------------
===============================================================================
Corrections to tftpd when using interface aliases, bind() uses the client's
address received rather than INADDR_ANY. This fix accomodates bootpd when
used with ASE for failover purposes.
PROBLEM: (HPAQA69B2,QAR40362) (Patch ID: OSF365-350089)
********
Attempting to tftpd to an aliased interface will give
"ICMP Destination unreachable" messages when multiple
read requests are required to transfer data.
Typical Error Messages are "ICMP Destination unreachable" or "Port unreachable".
To reproduce the problem, tftp to an aliased interface and transfer a file
larger than 512 bytes. The transfer will require multiple read requests
and will return an error on the second read request.
FILE(s):
/usr/sbin/tftpd subset OSFINET350
CHECKSUM: 30385 32 RCSfile: tftpd.c RCS: 4.2.11.2
---------------------
===============================================================================
Fix acctcms hash table overflow error.
PROBLEM: (TKTQ22355) (Patch ID: OSF365-350096)
********
When there are more than 1000 different commands in the accounting
source files, acctcms gives the error "Hash table overflow. Increase
CSIZE" and ignores the command accounting records of those commands
in excess of 1000. This problem can also be seen when running
runacct, the daily accounting procedure, because it uses acctcms
FILE(s):
/usr/sbin/acct/acctcms subset OSFACCT350
CHECKSUM: 21117 32 RCSfile: acctcms.c RCS: 4.2.18.2
---------------------
===============================================================================
Program translated with FreePort Express (SunOS --> Digital UNIX)
binary translator does not run correctly.
PROBLEM: (QAR 39134) (Patch ID: OSF365-350097)
********
Program translated with FreePort Express (SunOS --> Digital UNIX)
binary translator does not run correctly.
The problem is due to calls to mmap() specifying /dev/zero.
The address returned was other than the address (hint) provided.
Compile and run the following program to verify the problem exists:
#include
#include
#include
#include
main(argc, argv)
int argc;
char **argv;
{
int fd;
char *addr;
if((fd = open("/dev/zero", O_RDWR)) == -1) {
perror("mmap: open");
exit(1);
}
if((addr = mmap(0x20000000, 8192, PROT_READ|PROT_WRITE,
MAP_PRIVATE, fd, 0L)) == (void *)-1) {
perror("mmap: mmap");
exit(1);
}
close(fd);
if (addr == (char *)0x20000000)
printf("SUCCESS\n");
else
printf("FAILURE: mapped /dev/zero at address 0x%lx\n", addr);
exit(0);
}
FILE(s):
/usr/sys/BINARY/devz.o subset OSFBIN350
CHECKSUM: 35943 6 RCSfile: devz.c RCS: 1.1.10.2
---------------------
===============================================================================
Program using libexc.a suffer corrupted signal masks.
PROBLEM: (EVT101544) (Patch ID: OSF365-350102)
********
Programs linked with the libexc.a library can have their process
signal masks corrupted while handling exceptions at runtime. The
problem shows up when the process stops responding to signals.
The ps -s command shows a mask of random signals blocked, including
the one required to make the program function correctly.
Ada and C++ programs seems to the most likely to experience the
program.
FILE(s):
/usr/ccs/lib/cmplrs/cc/libexc.a subset OSFCMPLRSEXT350
CHECKSUM: 12745 23
---------------------
===============================================================================
Correct nfs server duplicate request problem, by adding timestamps.
PROBLEM: (MGO101612) (Patch ID: OSF365-350109)
********
Fixes file corruption on a Digital UNIX NFS fileserver serving
a sole single non-Digital NFS client. Problem originally encountered
when the only client was an OS/2 client.
You need this patch if you observe server corruption and can bypass
that corruption by setting the kernel global variable 'kudp_usedrc' to
zero.
Do not consider turning off duplicate record checking (drc) as a solution.
Instead, please use this patch to correctly fix this problem.
FILE(s):
/usr/sys/BINARY/svc_kudp.o subset OSFBIN350
CHECKSUM: 55255 86 RCSfile: svc_kudp.c RCS: 1.1.23.2
===============================================================================
Running tip(1) consumes about 45% of cpu time, resulting in no idle time, even
if tip is about the only thing running on the system.
PROBLEM: (SOO100598) (Patch ID: OSF365-350111)
********
Running tip will use approximately 45% of CPU time.
Use "ps -Ocpu" to see CPU usage. Also, running vmstat will show 0% IDle time.
# vmstat 5
Virtual Memory Statistics: (pagesize = 8192)
procs memory intr cpu
r w u act free wire in sy cs us sy id
3 73 16 1805 129 802 36 70K 245 10 90 0
3 73 16 1805 129 802 3 71K 239 10 90 0
3 73 16 1806 128 802 102 67K 306 10 90 0
# ps -Opcpu | grep tip
PID %CPU S TT TIME COMMAND
14058 46.0 U + ttyp4 0:09.64 tip
14092 0.0 U + ttyp1 0.01 grep tip
FILE(s):
/usr/bin/tip subset OSFCLINET350
CHECKSUM: 20697 120 RCSfile: tip.c RCS: 4.2.21.2
RCSfile: tipout.c RCS: 4.2.4.3
===============================================================================
A potential security vulnerability has been discovered where under certain
circumstances users may gain unauthorized access. Digital has corrected this
potential vulnerability.
PROBLEM: (QAR 41986) (Patch ID: OSF365-350112)
********
Users could use lattelnet to invoke a subshell, a potential security issue in
some installations.
FILE(s):
/usr/sbin/lattelnet subset OSFLAT350
CHECKSUM: 22781 24 RCSfile: lattelnet.c RCS: 1.1.16.2
---------------------
===============================================================================
Card lockup problem using the ATM IP convergence module.
PROBLEM: (HPXQC2E60,QAR 42749) (Patch ID: OSF365-350115)
********
Card lockup problem using the ATM IP convergence module.
How to recognize the problem:
In the kern.log file you can see messages similar to:
Dec 19 11:06:47 bcaryf03 vmunix: received 144 bytes for non-existent VC 50
and if you have set up a simple test between two systems using a ping over
the ATM interface, you will see that the signalling between VC's which have
been sending and receiving throughout the test will suddenly stop receiving
packets. The VC's will continue to be able to send packets.
How to reproduce the problem:
Setup two nodes A and B connected through a FORE switch and an ATM IP
PVC between the two.
From node B, issue the ping command over ATM IP. (leave the ping command
running)
On node A, remove the ATM IP PVC which is receiving the ping using the command
"atmconfig -pvc driver=lta0 vpi=0 vci=50"
In the kern.log file you will see a message like:
Dec 19 11:06:47 bcaryf03 vmunix: received 144 bytes for non-existent VC 50
and the output of an atmconfig vclist long will show you that the signalling
between VC's sending and receiving throughout the test will suddenly stop
receiving packets.
FILE(s):
/usr/sys/BINARY/if_otto.o subset OSFATMBIN350
CHECKSUM: 30053 40 RCSfile: if_otto.c RCS: 1.1.19.2
===============================================================================
The system panics with kernel memory fault, and the fault_pc is in the
u_anon_free() routine.
PROBLEM: (43968) (Patch ID: OSF365-350136)
********
The system panics with kernel memory fault, and the fault_pc is in the
u_anon_free() routine.
> 0 stop_secondary_cpu() [arch/alpha/cpu.c":357, 0xfffffc00004d97a8]
1 panic() [bsd/subr_prf.c":669, 0xfffffc000043d5ac]
2 event_timeout() [arch/alpha/cpu.c":706, 0xfffffc00004da258]
3 xcpu_puts() [bsd/subr_prf.c":810, 0xfffffc000043d864]
4 printf() [bsd/subr_prf.c":355, 0xfffffc000043cbb4]
5 panic() [bsd/subr_prf.c":719, 0xfffffc000043d71c]
6 trap() [arch/alpha/trap.c":1213, 0xfffffc00004edbd0]
7 _XentMM() [arch/alpha/locore.s":1307, 0xfffffc00004dce74]
8 u_anon_free() [vm/u_mape_anon.c":2261, 0xfffffc00003840e4]
9 u_anon_unmap() [vm/u_mape_anon.c":1617, 0xfffffc0000382970]
10 u_map_delete() [vm/vm_umap.c":1188, 0xfffffc000039c650]
11 u_map_deallocate() [vm/vm_umap.c":436, 0xfffffc000039af80]
12 vm_map_deallocate() [vm/vm_map.c":611, 0xfffffc0000391698]
13 task_deallocate() [kern/task.c":472, 0xfffffc00002d6b0c]
14 waitf() [bsd/kern_exit.c":1497, 0xfffffc0000243b94]
15 wait4() [bsd/kern_exit.c":1220, 0xfffffc0000243738]
16 syscall() [arch/alpha/syscall_trap.c":519, 0xfffffc00004eca44]
17 _Xsyscall() [arch/alpha/locore.s":1094, 0xfffffc00004dcc64]
The crash can be reproduced by running the following sample program:
/*
* compile as follows:
* cc vm_deallocate_tail.c -lmach
*/
main(int argc, char **argv)
{
long addr;
int ret;
/*
* Create a >4G region
* The system must have >4G swap or must be running in lazy mode
* (/sbin/swapdefault is not present).
*/
addr = 0;
if (ret = vm_allocate(task_self(), &addr, 0x100000000UL, 1)) {
mach_error("vm_allocate:", ret);
exit(1);
}
/*
* deallocate the last page
*/
if (ret = vm_deallocate(task_self(),
addr+0x100000000UL-0x2000, 0x2000)) {
mach_error("vm_deallocate:", ret);
exit(1);
}
exit(0);
}
FILE(s):
/usr/sys/BINARY/vm_anon.o subset OSFBIN365
CHECKSUM: 16520 73 RCS: vm_anon.c Revision: 1.1.36.2
===============================================================================
SUPERSEDES PATCHES: OSF365-350054 (93.00)
This patch corrects the following:
- "ufs_getapage: allocation failed" panic.
- Applications that continuously map and unmap large data files hang in
uninterruptable state.
PROBLEM: (uvo103444) (Patch ID: OSF365-350054)
********
The user's large data base application would hang in an uninterruptible state
after running for a while. The process could not be terminated by any user
action except to reboot the system.
The user's program was memory mapping large data files, and was continually
unmapping and remapping pages of the file. Eventually the process would hang
in an uninterruptible state when it tried to write to a part of the mapped file
that was swapped out.
Here is a typical stack trace of a thread hung in this condition:
thread_block
lock_read
ufs_getpage
u_vp_fault
vm_fault
trap
_XentMM
bcopy
uiomove
ufs_rwip
ufs_write
vn_write
rwuio
write
syscall
Running in lockmode=4 produced a panic with the message:
"lock_read: lock already owned by thread"
instead of a hung process.
PROBLEM: (Patch ID: OSF365-350139)
********
The system panics with "ufs_getapage: allocation failed" message.
A typical stack trace is as follows:
panic()
ufs_getapage()
ufs_getpage()
u_vp_fault()
u_map_fault()
vm_fault()
trap()
_XentMM()
FILE(s):
/usr/sys/BINARY/ufs_vnops.o subset OSFBIN350
CHECKSUM: 36046 133 RCSfile: ufs_vnops.c RCS: 4.2.118.3
===============================================================================
A call-share executable with a text, data or bss region greater than 4 gbytes,
the application will segment fault.
PROBLEM: (QAR 43033) (Patch ID: OSF365-350143)
********
A call-share executable with a text, data or bss region
greater than 4 gbyte application will segment fault.
As a work around you can build your application non-share.
This test demonstrates the problem:
csh> cat test.c
#define ARRAY_SIZE (1024*1024*512) - 1
long buf1[ARRAY_SIZE];
main()
{
printf("sizeof(buf1) = 0x%lx\n", sizeof(buf1));
buf1[1] = 42;
buf1[ARRAY_SIZE-2] = 169;
}
csh> cc test.c
csh>
csh> a.out
Segmentation fault (core dumped)
csh>
FILE(s):
/sbin/loader subset OSFBASE350
CHECKSUM: 56855 112
===============================================================================
Using Peer Server 1.3 ECO1 and token ring network interface(s), source routing
discovery is not working as expected. Additional interfaces will not
initialize and links between remote stations cannot be established.
PROBLEM: (MCPM26D74/QAR 43974) (Patch ID: OSF365-350144)
********
After installing and configuring Digital Peer Server version 1.3, EC01, token
ring source routing tables may not be built correctly. If you have multiple
token ring interfaces, additional interfaces will not initialize and links
between remote stations cannot be established.
How to recognize the problem:
Typical error messages will appear with multiple interfaces indicating
unreliable connections. You may observe console messages similar to the
following:
Event: Link Halted
from: Node 0:. LLC2 SAP sna-1 Link msamss-1
at : 1996-02-12-12:35:28.984-05:00I-----
Link Halted Reason = Implementation Specific
Check source routing module level:
"srconfig -rc" command displays several failures with no responses for
ARE packets. One may not notice these errors if source routing was
not enabled
Check at Applications level:
The applications like Peer server may not be able establish links with
remote SNA nodes. This can be verified with NCL command:
ncl> show sna cp serv t g * all
The above command displays status of the Transmission Groups as either
"Idle" or "On-connecting".
FILE(s):
/usr/sys/BINARY/trn_sr.o subset OSFHWBIN350
CHECKSUM: 59360 92 RCSfile: trn_sr.c RCS: 1.1.19.2
===============================================================================
A potential security vulnerability has been discovered, where under certain
circumstances users may "gain unauthorized access" to the system. Digital
has corrected this potential vulnerability.
PROBLEM: (SSRT0376X) (Patch ID: OSF365-350152)
********
A potential security vulnerability has been discovered, where under certain
circumstances users may gain unauthorized access to the system.
FILE(s):
/etc/sia/OSFC2_matrix.conf subset OSFC2SEC350
CHECKSUM: 51764 3 RCSfile: OSFC2_matrix.conf RCS: 1.1.17.2
===============================================================================
The mold daemon component of the Common Agent leaks memory when running with the
DEC SNA PeerServer product.
PROBLEM: (IPMT Case CFS.27284) (Patch ID: OSF365-350169)
********
The DEC SNA PeerServer product instantiates a new (protocol engine) daemon that
connects to the mold daemon component of the Common Agent each time an incoming
request is received by the DEC SNA PeerServer product from the network.
The PeerServer product can handle hundreds of requests per minute, each time
starting and then stopping its protocol engine daemon that connects to the
mold daemon. The mold daemon does not clean up the socket connection that
gets created each time the PeerServer creates a new connection to the mold,
leaking several thousand bytes of virtual memory per connection, plus leaves
the socket connection dangling.
Over time, the mold component can consume all available virtual memory,
causing unpredictable results and system performance degradation.
Ultimately, the customer is forced to stop and restart the PeerServer product,
which is not acceptable to the customer, as this process is very resource
intensive and can take many minutes to complete.
Errors may get logged in the /var/adm/syslog.dated//daemon.log file,
including messages similar to these (t21mcd and t21mad are DEC SNA PeerServer
daemon components; mold is a Common Agent daemon component):
t21mcd[1184]: Daemon process t21mad(1188)
terminated, signal=6
t21mcd[1184]:
Started daemon process t21mad (3617)
mold[324]: S011 - mold_*() call failed -
(MAN_C_OBJECT_ALREADY_EXISTS)
last message repeated 6 times
t21mcd[1184]: Daemon process t21mad(3617)
terminated, signal=6
t21mcd[1184]:
Started daemon process t21mad (3892)
mold[324]: S011 - mold_*() call failed -
(MAN_C_OBJECT_ALREADY_EXISTS)
last message repeated 6 times
t21mcd[1184]: Daemon process t21mad(3892)
terminated, signal=6
t21mcd[1184]: Started daemon process -
t21mad (3910)
mold[324]: S011 - mold_*() call failed -
(MAN_C_OBJECT_ALREADY_EXISTS)
etc., etc.
FILE(s):
/usr/sbin/mold subset OSFCOMAGENT350
CHECKSUM: 19886 176 RCSfile: sck_mold_sstb.c RCS: 1.1.6.2
RCSfile: socket.c RCS: 1.1.6.2
===============================================================================
This patch fixes a problem where the find command returns a invalid status
code upon encountering a file in an "ffm" set.
PROBLEM: (MCPM269A8) (Patch ID: OSF365-350176)
********
The find command will return a code of 2 (EINVAL) upon encountering a file
in an "ffm" set, generally associated when System V environment is being used.
When this happens, the user's application receives an invalid status code;
the system does not crash or hang.
FILE(s):
/usr/sys/BINARY/ffm_vfsops.o subset OSFBIN350
CHECKSUM: 44792 12 RCS: ffm_vfsops.c Revision: 1.1.27.2
===============================================================================
After yppasswd has been run, NIS passwd dbm files will have read and write
permissions for other users.
PROBLEM: (HPAQB5F05) (Patch ID: OSF365-350185-1)
********
After yppasswd has been run, NIS passwd dbm files will have read and write
permissions for other users:
-rw-rw-rw- 1 root system 0 Nov 30 11:17 passwd.byname.dir
-rw-rw-rw- 1 root system 1024 Nov 30 11:17 passwd.byname.pag
-rw-rw-rw- 1 root system 0 Nov 30 11:17 passwd.byuid.dir
-rw-rw-rw- 1 root system 1024 Nov 30 11:17 passwd.byuid.pag
FILE(s):
/usr/sbin/rpc.yppasswdd subset OSFINET350
CHECKSUM: 60219 32 RCSfile: rpc.yppasswdd.c RCS: 4.2.15.2
===============================================================================
This patch resolves a problem with "strsetup -i -f" creating duplicate major
and minor numbers.
PROBLEM: (MCPM41A3D) (Patch ID: OSF365-350186)
********
After running "strsetup -i -f" /dev/streams/kinfo and /dev/streams/strkinfo
can have the same major and minor numbers. This causes "netsetup" to report
"ioctl: invalid argument" errors.
FILE(s):
/usr/sbin/strsetup subset OSFCLINET350
CHECKSUM: 28582 32 RCSfile: strsetup.c RCS: 4.2.29.2
===============================================================================
This patch adds support for file system ids ffm and nfsv3.
PROBLEM: (MCPM4AD1A) (Patch ID: OSF365-350190)
********
This patch adds support for file system ids ffm and nfsv3.
Previous to this patch, the sysfs system call would give
the following error message:
"sysfs: Function not implemented"
FILE(s):
/usr/sys/BINARY/kern_sysfs.o subset OSFBIN350
CHECKSUM: 13517 5 RCS: kern_sysfs.c Revision: 1.1.16.2
/usr/sys/include/sys/fsid.h subset OSFBINCOM350
CHECKSUM: 38534 3 RCS: fsid.h Revision: 1.1.8.2
===============================================================================
This patch resolves the condition that results when there is no default shell
in the password file causing rexecd to fail.
PROBLEM: (UVO103915) (Patch ID: OSF365-350191)
********
If a user uses chsh(1) to change their shell to /bin/sh then the
shell definition in the password file for that user is removed.
This is standard BSD behavior and the system defaults all such password
entries to /bin/sh at login time.
rexecd(8) however has a problem with accounts like this and fails
to run commands issued from programs using the rexec(3) library function.
FILE(s):
/usr/sbin/rexecd subset OSFCLINET350
CHECKSUM: 39000 24 RCSfile: rexecd.c RCS: 4.2.12.2
===============================================================================
This patch fixes a problem in which the rcp program fails when the file being
copied is greater than 2 Gigabytes in size. The error message from rcp is:
"connection closed".
PROBLEM: (QAR 36912, QAR 45643) (Patch ID: OSF365-350198)
********
This patch fixes a problem in which the rcp program fails
when the file being copied is greater than 2 Gigabytes in size.
The error message from rcp is: "connection closed".
FILE(s):
/usr/bin/rcp subset OSFCLINET350
CHECKSUM: 48003 32 RCSfile: rcp.c RCS: 4.2.20.2
===============================================================================
This patch fixes a problem in which the output from the df command displays
incorrectly formatted columns.
PROBLEM: (29818) (Patch ID: OSF365-350200-1)
********
This patch fixes a problem in which the output from the df command displays
incorrectly formatted columns.
The problem occurs because the number of inodes in Digital UNIX is quite large.
This causes the columns displayed by the df command to run together.
Run /usr/bin/df -i and examine the output.
FILE(s):
/sbin/df subset OSFBASE350
CHECKSUM: 58038 128 RCSfile: df.c RCS: 4.3.29.2
/usr/bin/df subset OSFBASE350
CHECKSUM: 33081 24 RCSfile: df.c RCS: 4.3.29.2
===============================================================================
This patch corrects the problem where "ping -p ff" results in a segmentation
fault and core dump.
PROBLEM: (QAR-45312) (Patch ID: OSF365-350206)
********
"ping -p ff" results in a segmentation fault and core dump.
FILE(s):
/usr/sbin/ping subset OSFCLINET350
CHECKSUM: 53783 32 RCSfile: ping.c RCS: 4.2.23.2
===============================================================================
NIS slaveservers will not accept a push from the master server of a new map.
PROBLEM: (qar 46193) (Patch ID: OSF365-350210)
********
NIS slaveservers will not accept a push from the master server of a new map.
On the master server a push is generally done automatically when a map
is built (cd /var/yp; make |