Patch Name: PHKL_22852 Patch Description: s700_800 11.04 (VVOS) syscalls related to file/socket Creation Date: 01/02/16 Post Date: 01/02/28 Hardware Platforms - OS Releases: s700: 11.04 s800: 11.04 Products: N/A Filesets: OS-Core.CORE2-KRN,fr=B.11.04,fa=HP-UX_B.11.04_32,v=HP OS-Core.CORE2-KRN,fr=B.11.04,fa=HP-UX_B.11.04_64,v=HP Automatic Reboot?: Yes Status: General Release Critical: Yes PHKL_22852: PANIC Based on HP-UX Patch PHKL_22840: PANIC Based on HP-UX Patch PHKL_22209: PANIC Based on HP-UX Patch PHKL_22146: PANIC Based on HP-UX Patch PHKL_21857: PANIC PHKL_20622: PANIC Category Tags: defect_repair enhancement general_release critical panic Path Name: /hp-ux_patches/s700_800/11.X/PHKL_22852 Symptoms: PHKL_22852: Ported HP-UX patch PHKL_22840 to VVOS VVOS does not support IDS, nor is the IDS functionality included with the VVOS platforms. Based on HP-UX patch PHKL_22840: ( SR: 8606165509 DTS: JAGad34802 ) Multithreaded applications may panic the system after doing select, poll or other system calls caused by bad file/socket pointer. The stack of the panic thread might look like: panic+0x14 report_trap_or_int_and_panic+0x4c trap+0xe9c $RDB_trap_patch+0x38 select+0x36c syscall+0x750 $syscallrtn+0x0 panic+0x14 report_trap_or_int_and_panic+0x84 trap+0xd9c nokgdb+0x8 soo_select2+0x14 soo_select+0x14 pollscan+0xa8 poll+0x104 syscall+0x480 $syscallrtn+0x0 Based on HP-UX patch PHKL_22209: ( SR: 8606144099 DTS: JAGad13432 ) Multithreaded applications may panic the system after doing a fork(2). The stack of the panic thread might look like this: panic+0x14 report_trap_or_int_and_panic+0x80 trap+0xdb8 nokgdb+0x8 vn_close+0x10 vno_close+0x20 closef+0x68 close+0x48 syscall+0x480 $syscallrtn+0x0 Based on HP-UX patch PHKL_22146: ( SR: 8606144971 CR: JAGad14309 ) A multiprocessor system running a multithreaded application panics due to spinlock contention. This happens in an environment where heavy file system processing is done over the net. The crux of the problem is that, the application is attempting to close a file twice. Based on HP-UX patch PHKL_21857: ( SR: 8606141690 CR: JAGad11050 ) Currently kernel threads that allocate file descriptors are prevented access to that file descriptor until the open is complete. Certain file types -- such as sockets -- that have a delayed opening mechanism require that for multithreaded applications that the opening thread may have access to the file descriptor during this opening transition state and that all other threads of the process are prevented access, in order for syscalls such as accept(2) to work correctly. Based on HP-UX patch PHKL_21355: ( SR: 8606132618 CR: JAGad01767 ) The Praesidium IDS/9000 product requires this patch in order to run. This patch has no impact on systems without the Praesidium IDS/9000 product installed and enabled. PHKL_20622: Audit is enabled and the system panics with the string "panic: sw_alloc_proc: not at base spl level." Defect Description: PHKL_22852: Ported HP-UX patch PHKL_22840 to VVOS VVOS does not support IDS, nor is the IDS functionality included with the VVOS platforms. Based on HP-UX patch PHKL_22840: ( SR: 8606165509 DTS: JAGad34802 ) There are two different panics involved. 1. One problem is a race condition between two theads in a process. One thread is allocating a user file descriptor while the other is trying to access this same file descriptor. 2. The other problem is that the getf/putf scheme does not support multiple recursive getf/putf pairs in a single thread. There is a race condition between two threads in a process when one thread is in multiple recursive getf/putf calls for a file descriptor while the other is also trying to get this file descriptor. Resolution: 1. Before accessing a file descriptor with getf(), the file descriptor thread lock should first be obtained to exclude other operations on this file descriptor by other threads. 2. Add a condition statement in putf() to ensure that the protection for the file descriptor is released only when no one is accessing it. Based on HP-UX patch PHKL_22209: ( SR: 8606144099 DTS: JAGad13432 ) During a fork from a multithreaded process, some file descriptors may be copied from the parent to the child without having a hold (ie, incrementing the reference count) on the file for the child. These files may become inactive during the child's lifetime, and thereafter referencing the fields of the file by the child results in a Data Page Fault. Resolution: Modified fork code to put a hold (increment the reference count) on all applicable files while setting up the child process. The code which manages the highest file descriptor count (which fork relies on) has been corrected so that it always reflects an accurate value with respect to the parent process. Based on HP-UX patch PHKL_22146: ( SR: 8606144971 CR: JAGad14309 ) In a multiprocessor system one processor panics when it can't get a spinlock. This happens when one processor is executing falloc() and the other crfree(). The panic occurs in the crfree() because the application is trying to close the same file twice, in essence it is trying to close a non-existing file or 'fp' the second time. Resolution: Check the file credentials before they are freed by crfree() in the closef() function, that is used to close a file. Based on HP-UX patch PHKL_21857: ( SR: 8606141690 CR: JAGad11050 ) Enhancement to the file descriptor handling code that enables multithreaded application appropriate access to files that are in the process of being opened. Resolution: Set the fd_locker_tid field in ufalloc() function so that the thread that did falloc() has access to the file descriptor untill the open is complete and in the interim no other thread is allowed access to the file descriptor. Based on HP-UX patch PHKL_21355: ( SR: 8606132618 CR: JAGad01767 ) This patch is one of 16 patches (PHKL_21348-PHKL_21363) required by the Praesidium IDS/9000 product. These patches enable the collection and tracking of information from various system calls. Unless all of the enabling patches (or their successors) and the product are installed, and the product is enabled, this patch has no impact on the system. Resolution: This patch enables the gathering of information from the fcntl(), fstat(), and close() system calls. PHKL_20622: The new alarmd is a multithreaded program that uses file record locking to lock the pid file. When closing file descriptors, vno_lockrelease() locks the process spinlock and then calls audstub_getf(), which ends up locking the inode via the VOP_GETSECATTR routine. However, the inode locks have a higher order than the process lock and we end up releasing spinlocks twice. Eventually, we get an assertion panic because of a negative spinlock depth. Resolution: vno_lockrelease now calls a newly added routine that does not call audstub_getf. SR: 8606132618 8606141690 8606144099 8606144971 8606165509 8606179387 8606114383 Patch Files: OS-Core.CORE2-KRN,fr=B.11.04,fa=HP-UX_B.11.04_32,v=HP: /usr/conf/lib/libhp-ux.a(kern_dscrp.o) OS-Core.CORE2-KRN,fr=B.11.04,fa=HP-UX_B.11.04_64,v=HP: /usr/conf/lib/libhp-ux.a(kern_dscrp.o) what(1) Output: OS-Core.CORE2-KRN,fr=B.11.04,fa=HP-UX_B.11.04_32,v=HP: /usr/conf/lib/libhp-ux.a(kern_dscrp.o): $Source: kern/sys/kern_dscrp.c, hpuxsysmisc, vvos_ro se, rose0211 $ $Date: 01/02/16 06:46:34 $ $R evision: 1.23.2.10 PATCH_11.04 (PHKL_22852) $ OS-Core.CORE2-KRN,fr=B.11.04,fa=HP-UX_B.11.04_64,v=HP: /usr/conf/lib/libhp-ux.a(kern_dscrp.o): $Source: kern/sys/kern_dscrp.c, hpuxsysmisc, vvos_ro se, rose0211 $ $Date: 01/02/16 06:46:34 $ $R evision: 1.23.2.10 PATCH_11.04 (PHKL_22852) $ cksum(1) Output: OS-Core.CORE2-KRN,fr=B.11.04,fa=HP-UX_B.11.04_32,v=HP: 3562396023 15956 /usr/conf/lib/libhp-ux.a(kern_dscrp.o) OS-Core.CORE2-KRN,fr=B.11.04,fa=HP-UX_B.11.04_64,v=HP: 4219635940 40384 /usr/conf/lib/libhp-ux.a(kern_dscrp.o) Patch Conflicts: None Patch Dependencies: s700: 11.04: PHKL_19142 s800: 11.04: PHKL_19142 Hardware Dependencies: None Other Dependencies: None Supersedes: PHKL_20622 Equivalent Patches: PHKL_22840: s700: 11.00 s800: 11.00 Patch Package Size: 100 KBytes Installation Instructions: Please review all instructions and the Hewlett-Packard SupportLine User Guide or your Hewlett-Packard support terms and conditions for precautions, scope of license, restrictions, and, limitation of liability and warranties, before installing this patch. ------------------------------------------------------------ 1. Back up your system before installing a patch. 2. Login as root. 3. Copy the patch to the /tmp directory. 4. Move to the /tmp directory and unshar the patch: cd /tmp sh PHKL_22852 5. Run swinstall to install the patch: swinstall -x autoreboot=true -x patch_match_target=true \ -s /tmp/PHKL_22852.depot By default swinstall will archive the original software in /var/adm/sw/save/PHKL_22852. If you do not wish to retain a copy of the original software, use the patch_save_files option: swinstall -x autoreboot=true -x patch_match_target=true \ -x patch_save_files=false -s /tmp/PHKL_22852.depot WARNING: If patch_save_files is false when a patch is installed, the patch cannot be deinstalled. Please be careful when using this feature. For future reference, the contents of the PHKL_22852.text file is available in the product readme: swlist -l product -a readme -d @ /tmp/PHKL_22852.depot To put this patch on a magnetic tape and install from the tape drive, use the command: dd if=/tmp/PHKL_22852.depot of=/dev/rmt/0m bs=2k Special Installation Instructions: This patch depends on base patch PHKL_19142 For successful installation please insure that PHKL_19142 is already installed, or that PHKL_19142 is included in the same depot with this patch and PHKL_19142 is selected for installation.