Patch Name: PHSS_30779 Patch Description: s700_800 11.23 Aries cumulative patch Creation Date: 04/06/28 Post Date: 04/07/08 Repost: 04/07/15 The patch documentation was modified to add additional detail to the Symptoms, the Defect Description and the Ehancement sections regarding change requests 8606359022 (JAGaf19718), 8606361285 (JAGaf21975) and 8606361288 (JAGaf21978). Hardware Platforms - OS Releases: s700: 11.23 s800: 11.23 Products: N/A Filesets: OS-Core.CORE2-64SLIB,fr=B.11.23,fa=HP-UX_B.11.23_IA,v=HP OS-Core.CORE2-SHLIBS,fr=B.11.23,fa=HP-UX_B.11.23_IA,v=HP Automatic Reboot?: Yes Status: General Release Critical: Yes PHSS_30779: HANG ABORT CORRUPTION JAGaf19718: PA applications hang when making a system call beyond 540. JAGaf25574: PA applications hang intermittently with infinite SIGILLs. PHSS_30674: ABORT JAGaf07351: PA application fails with coredump with SIGILL after running for many days. PHSS_30237: ABORT JAGaf05999: Aries aborts emulatino with error message - unable to continue, insufficient resources. Also the patch fixes defects which cause PA application to fail with core dump. PHSS_30015: ABORT JAGae99126: Aries returns incorrect stack pointer from pstat() when PA app is compiled with _PSTAT64. This might cause the PA app to abort by accesssing the incorrect stack pointer. PHSS_29658: ABORT This patch fixes defects that cause PA application to fail with unexpected abort with core dump under Aries. Category Tags: defect_repair enhancement general_release critical halts_system corruption Path Name: /hp-ux_patches/s700_800/11.X/PHSS_30779 Symptoms: PHSS_30779: JAGaf19718: PA applications hang when making a system call beyond 540. This product update is pre-enablement for Aries handling of new system calls that may be added in future HP-UX releases. JAGaf21975: Pre-enablement for future expansion of the maximum length of system nodename and hostname in utsname structure. Any actual expansion capability may be provided in a future HP-UX nodename and hostname expansion product. Upon installation, the nodename and hostname expansion bundle (NodeHostNameXpnd) will install the full set of product updates (including this one) needed to enable the expansion. If the nodename and hostname expansion bundle is not installed, this product update will not have any effect on the system. This product update provides Aries changes to emulate uname(2) system call with large utsname structure if HP-UX nodename and hostname expansion product bundle is installed on the system. JAGaf21978: This product update provides pre-enablement for Aries capability to generate PA-RISC application core file in new core file format for future expansion of the maximum length of the system nodename and hostname. Any actual expansion capability may be provided in future HP-UX nodename and hostname expansion product NodeHostNameXpnd. If this bundle is not installed on the system, this product update will have no effect on the system. JAGaf22148: Thread creation causes hang sometimes when PA app runs under ARIES JAGaf25574: PA applications hang intermittently with infinite SIGILLs. JAGaf25951: PA64 core file generated by Aries does not contain PA64 dld.sl data segment. JAGaf30208: Aries rendered image for a graphics application is heavily distorted. PHSS_30674: JAGaf07351: PA application fails with SIGILL coredump after running for many days. The PA core file is corrupt. JAGaf14627: While writing PA core file if current working directory is root, Aries prints the core file name beginning with //. JAGaf18011: Aries does not handle multiple asynchronous signals which arrive in system call. JAGaf19149: lw_mcas_util_unlock system call does not work correctly under Aries. PHSS_30237: JAGae90842: Aries async signal handling needs to be modified for better performance. JAGaf05999: vxsvc fails with Aries error - insufficient resources. JAGaf06545: Emulated application stack size set, should be inheritable to different types of executables. JAGaf06806: makecontext/swapcontext don't work correctly under Aries if app is compiled with +DA1.1. JAGaf07720: Aries runs out of memory when repeated mmap/ shmat/shmdt system calls are made. JAGaf08077: stat or any other system call which takes in a pointer as an argument, occasionally fail under Aries with errno set to EFAULT; if passed a uninitialized local variable address as argument to system call. JAGaf10821: execve system call may fail under Aries if argv argument is NULL. JAGaf14318: getrlimit64 and setrlimit64 system calls do not work correctly for setting and getting stack size limits for PA32 program under Aries. PHSS_30015: JAGaf01019: Aries cannot emulate PA applications that allocate private stack regions in shared memory area. JAGaf00844: Aries emulated FCMP instruction incorrectly when operands to FCMP are unordered values. JAGae94257: Aries dumps incomplete stack details in the core file when emulated PA program aborts due to stack growth failure. JAGae99126: Aries returns incorrect stack pointer from pstat() when PA app is compiled with _PSTAT64. This might cause the PA app to abort by accesssing the incorrect stack pointer. JAGae95064: Aries does not support PA-RISC applications that invoke execve(2) system call with NULL arguments. JAGae91695: Performance degradation due to unimplemented FCMP and MFCTL instruction in Aries dynamic translator. JAGae91550: Aries does not emulate lio_listio(2) system call correctly. JAGae91549: Aries does not emulate settune(2) system call correctly. JAGae90973: Performance degradation due to new dynamic translator in Aries not translating ADDI instruction PHSS_29658: JAGae74194: Aries did not suspend threads while emulating fork system call. JAGae79229: Aries emulation for FCNV opcode with unordered values is incorrect. JAGae80642: PA applications using probe instruction to find access rights on a memory location, may observe incorrect behaviour while running through Aries. JAGae80912: Aries64 shifts load_info parameter that causes caliper to fail. JAGae81311: Aries does not dump core if asynchronous SIGXCPU/SIGXFSZ signal arrived when the process was in middle of system call. JAGae81759: Aries does not write out shared memory segment to core file. JAGae82598: Aries prints wrong error message if there was stack growth failure for PA application emulated stack, generation of application core file is normal under this situation. JAGae83281: Aries needs to honor stack and core file size limits set in shell and also Aries should inherit these limits from parent PA process. JAGae83314: Aries emulation for FCNV opcode is incorrect if conversion results in unordered value. JAGae84933: Aries emulation for system call timer_create fails if second argument is NULL. JAGae84938: PA64 application using mcas system call through 32 bit gateway page, fails with core dump with SIGSYS, while running under Aries. JAGae85165: Aries emulation of getcontext system call does not return correct ss_flags. JAGae85167: PA64 program using swapcontext fails with core dump while running under Aries. JAGae86862: Setting corefile size to a very low value in shell causes generation of Aries and PA application core file instead of just application core file. JAGae87409: Aries should process config file .ariesrc in additive manner. Aries should process system wide and user specified .ariesrc file both. Defect Description: PHSS_30779: JAGaf19718: Aries syscall emulation code would result in a synchronous SIGSEGV if the syscall number was outside the range of syscall numbers aries implemented ie. 540. Now aries handles upto syscall number 1023 and aborts with a meaningful message if the range is outside that. This product update is pre-enablement for Aries handling of new system calls that may be added in future HP-UX releases. JAGaf21975: This product update contains some minor enhancements required to pre-enable a future HP-UX nodename and hostname expansion product bundle (NodeHostNameXpnd). Aries explicitly handles uname(2) system call. Handling of this system call in Aries is updated for future expansion of the maximum length of the nodename and hostname in utsname structure. JAGaf21978: This product update contains some minor enhancements required to pre-enable a future HP-UX nodename and hostname expansion product bundle (NodeHostNameXpnd). Since Aries writes out core file for PA-RISC application. This product update contains Aries changes to write out PA-RISC application core file in new format if HP-UX nodename and hostname expansion product bundle is installed on the system. JAGaf22148: Aries did not handle the case where a junk non-zero parameter is sent as fourth argument to the system call _lwp_create(). In such cases, the junk non-zero fourth argument would be dereferenced by aries , and since this dereferencing happens in a signals-blocked region, the process would hang. This situation is now rectified by making sure that no dereferencing happens if the fourth argument is not valid. JAGaf25574: Some PA applications hang intermittently with infinite SIGILLs after running for long time. This happens as Aries did not bring the I-Cache and instruction stream in memory in sync after writing out pre-fabricated dynamically translated code to translation buffer. This results in malformed instructions execution in I-Cache and that results in SIGILL. Since the signal is generated synchronously and the fault is not cleared by signal handler, same signal keeps arriving infinitely. JAGaf25951: PA64 core file generated by Aries does not contain data segment of emulated PA64 dld.sl. This happens as Aries wrongly loaded data segment of dld.sl in Aries's privated area and did not explicitly write out PA64 dld.sl's data segment to core file. JAGaf30208: For a graphics oriented application Aries renders image wrongly and the image is heavily distorted. This happened due to wrong translation for some subops in FCMP opcode. PHSS_30674: JAGaf07351: PA application fails with coredump with SIGILL after running for many days. Aries did not block signals in the code regions which update RSE settings. Asynchronous signals were arriving at a very high rate and the probability of signal arriving while Aries was updating RSE was high. If asynchronous signal arrives while Aries was updating RSE, it would cause the emulated context to get corrupt including iaoq_front and iaoq_back emulated registers. This caused emulation to resume at trashed iaoq_front and Aries received SIGILL and killed PA process with core dump. Since the emulated PA context was corrupt, the PA core file had all registers values trashed. Now Aries blocks all signals while it is updating RSE. JAGaf14627: Aries prints core file name after writing out core file for PA application. In case the current working direcory is root at the time of core dump, Aries was printing the core file name as //core.app. This caused confusion to users as they though that Aries got NULL current working directory name. Now Aries checks if the current working directory is root, in that case Aries does not append / to current working directory name while constructing core file name. JAGaf18011: If multile asynchronous signals arrive while Aries was in emulated system call - Aries did not deliver all the signals in a nested fashion. One of signals was not delivered and it's signal handler was not emulated. This caused the context to get corrupt in post signal delivery emulation. The data pointer was pointing to other load module while in libc. This caused the application to fail with SIGSEGV. Aries now checks if there are other signals pending while emulating sigcleanup() system call of PA application. If there are any more signals pending, Aries makes sure that they are delivered before resuming the emulation post signal delivery. JAGaf19149: lw_mcas_util_unlock is MxN related system call and Aries was wrongly emulating it as simple mcas system call. This caused wrong emulation of lw_mcas_util_unlock. Now Aries passes this system call to native kernel. PHSS_30237: JAGae90842: Aries emits a single bundle at the start of each dyncode which check for pending async events everytime the dyncode block is entered. The check is recoded to delay the pending event by one iteration. This allows more flexibility to schedular to consume less cycles. JAGaf05999: vxsvc command aborts with Aries error message - unable to continue, insufficient resources. The error was caused as Aries dynamic translator was running out of memory. The problem was fixed by increasing the memory allocated for dynamic translator. JAGaf06545: Aries implementation did not allow different types of executables to inherit stack size limits from process that issues execve() system call. The current emulation allowed only PA32 process to inherit stack size from PA32 process and similarly PA64 processes to inherit stack size limits from PA64 processes. Aries emulation of PA stack and stack size limits was modified such that PA processes can inherit stack size limits from IPF processes and vice versa. This also holds good for 32 bit and 64 bit processes. JAGaf06806: If the PA app was compiled for PA-RISC 1.1 with +DA1.1, setcontext system call did not work correctly under Aries. The problem was that Aries was wrongly updating emulated stack frame with values from uc_spares; while this was not to be done. JAGaf07720: Aries keeps track of application's mmap/shmat/ shmdt system calls by maintaining a linked list for private mmap regions and shared memory segments. There was memory leak in Aries if a particular segment was unmapped or shared memory segment detached. In such case, Aries did not free up the memory consumed by the corresponsing node in the linked list. JAGaf08077: Aries emulation of PA stack growth relies on reception of SIGSEGV corresponding to memory access in PA stack region beyond allocated pages. It was possible to pass a address to system call which happens to be from currently unallocated PA stack memory address. In such case, kernel returned EFAULT. To fix this problem, Aries ensures that few pages are allocated for PA stack if required, before going to emulate PA application's system call. JAGaf10821: If PA application has passed NULL argv argument to execve() system call, it may fail under Aries with EFAULT. This is because Aries necessarily adds argv[0] to indicate program executable name to argv strings. The error was that in such case Aries did not initialize argv[1] to null string. JAGaf14318: PA32 program which tries to get and set the value of PA stack size limits by using getrlimit64 and setrlimit64 system calls, does not work correctly under Aries. This is because Aries did not read and write upper 32 bits of rlim_cur and rlim_max 64 bit fields of return structure. This caused getrlimit64 to return bogus value for PA stack and setrlimit64 to always set the stack limits to min i.e. 256 kb. PHSS_30015: JAGaf01019: Aries handles stack growth for the emulated PA application. This job is normally done by the kernel. While growing the stack Aries needs to check if the stack growth is going to succeed. The problem occured as the check did not consider the possibility of stack being mapped to shared memory area. JAGaf00844: The problem occurred as the Aries instruction interpreter did not correctly handle FCMP instruction when the compare condition is "unord" and any of "less-than", "greater-than" or "equal". JAGae94257: The problem occurs because if the emulated PA application causes a stack growth failure then Aries fails to dump the complete stack details in the core file. Note that the stack growth failure is caused by the PA application and not Aries itself. JAGae99126: The problem occurs because _PSTAT64 uses different data structures than those in the narrow mode interface. Aries needs to use wide mode data structures when emulating an application compiled with _PSTAT64. Using the narrow mode data structures in a wide mode pstat() call may result in return of incorrect stack pointer which if accessed may cause a program abort. JAGae95064: The problem occurs because some legacy PA-RISC applications may be invoking execve(2) system call with NULL argument. This is not allowed by the HPUX 11.23 kernel but is allowed by HPUX 11.11 kernel and earlier. Aries needs to accomodate this difference. JAGae91695: Due to unimplemented op-codes of FCMP and MFCTL in the Aries dynamic translator the performance of graphics applications were degraded. JAGae91550: The problem occurs due to incorrect emulation of lio_listio(2) system call by Aries. Aries was returning EINVAL error code when lio_listio() was invoked with the fourth argument as NULL. JAGae91549: System call settune(2) has a 64bit second argument which Aries was passing as a 32bit value. This resulted the settune call to return EINVAL. JAGae90973: Aries new dynamic translator did not handle ADDI instruction translation. This caused application performance to degrade with new dynamic translator. PHSS_29658: JAGae74194: Aries emulation of fork system call was incorrect. Aries did not suspend all threads in emulated process while emulating fork. This could lead to unpredictable behaviour. JAGae79229: Aries dynamic translator does not generate code for correctly delivering converted value to target register if the result was unordered value. JAGae80642: Aries did not make sure that a failing probe instruction should modify the target. On PA RISC processor failing probe instruction modifies the target, while on IPF processor failing probe instruction is jumped over by kernel as if it was nullified. JAGae80912: Aries64 for it's internal use shifted the location of kernel passed load_info parameter from arg3 to arg4. This caused caliper to fail on PA64 application as caliper was unable to retrieve load_info parameter from arg3 register. JAGae81311: Aries conditionally passes SIGXCPU/SIGXFSZ signal to emulated PA application in order to correctly emulate the difference among CLASSIC and UNIX95 environments. The Aries check for doing so did not take into account the errno when the signal arrived in the middle of a system call (EINTR). JAGae81759: Aries did not write out shared memory segment to PA application core file. This was because of a wrong check for shmflag for shared segments used by PA application. JAGae82598: Aries prints wrong error message in case there is PA emulated application stack growth failure. In such case, Aries did not take care of correctly printing error message when it could not service stack growth of PA application. The fix is only about printing correct error message about stack growth failure, before generating PA application core file which is normal. JAGae83281: Aries emulation of PA stack did not have provision for honoring the stack size limits in shell (set through ulimit -s). Also it did not inherit stack size limits from parent PA process. Same is true for core file size limits. JAGae83314: Aries interpreter did not correctly emulate FCNV opcode when the result of conversion was unordered. JAGae84933: Aries emulation of system call timer_create was not correct. Aries did not check for NULL second parameter and so could not correctly deliver EFAULT to application. JAGae84938: Aries64 did not correctly emulate mcas system call if the system call goes to 32 bit PA gateway page. The Aries check to determine that a PA branch is a system call did not take into account that mcas system calls do not go to start of 32 bit gateway page. JAGae85165: Aries emulation of getcontext did not emulate ss_flag. JAGae85167: Aries64 emulation of setcontext system call did not take into account the extra work done by PA kernel. On PA, kernel copies the value of ucontext pointer to ret1 for setcontext system call. Aries did not emulate this semantics of PA kernel. JAGae86862: Aries design made sure that in any case one of the core file - for Aries or for PA application, should be correct. Setting corefile size to be very low causes Aries to encounter error while writing core file for PA application. In such case Aries proceeded letting kernel dump core file for Aries, while Aries partially generated core file for PA application. Since core file for Aries is of no debugging aid, id does not make sense to generate core file for Aries. JAGae87409: Aries processing of .ariesrc file did not have provision of reading .ariesrc file from home and root directory cumulatively. Enhancement: Yes PHSS_30779: Support added for future maximum length expansion of nodename and hostname. PHSS_30237: This patch delivers better performance for compute intensive PA-RISC applications. SR: 8606369664 8606364937 8606365316 8606359022 8606361285 8606361288 8606361458 8606346527 8606353833 8606357311 8606358450 8606329719 8606345149 8606345699 8606345961 8606346897 8606347254 8606350000 8606353524 8606340099 8606339923 8606333162 8606338152 8606333980 8606330572 8606330427 8606330426 8606329850 8606311354 8606316514 8606318107 8606318400 8606318821 8606319269 8606320112 8606320799 8606320832 8606322465 8606322470 8606322698 8606322700 8606324556 8606325119 Patch Files: OS-Core.CORE2-64SLIB,fr=B.11.23,fa=HP-UX_B.11.23_IA,v=HP: /usr/lib/hpux64/aries64.so /usr/lib/hpux64/pa_boot64.so OS-Core.CORE2-SHLIBS,fr=B.11.23,fa=HP-UX_B.11.23_IA,v=HP: /usr/lib/hpux32/aries32.so /usr/lib/hpux32/pa_boot32.so what(1) Output: OS-Core.CORE2-64SLIB,fr=B.11.23,fa=HP-UX_B.11.23_IA,v=HP: /usr/lib/hpux64/aries64.so: HP0000 ARIES64 B.11.23.00 ((TAHOE.11.23.PATCH_STABLE , ARIES64_TAHOE.11.23.PATCH_STABLE, ARIES64_ TAHOE.11.23.PATCH_040701.031619, ISO_ARIES_1 123_PATCH_PHSS_30779)) (PHSS_30779) INum:6 J ul 1, 2004 16:31:57. /usr/lib/hpux64/pa_boot64.so: HP0000 ARIES64 B.11.23.00 ((TAHOE.11.23.PATCH_STABLE , ARIES64_TAHOE.11.23.PATCH_STABLE, ARIES64_ TAHOE.11.23.PATCH_040701.031619, ISO_ARIES_1 123_PATCH_PHSS_30779)) (PHSS_30779) INum:6 J ul 1, 2004 16:32:24. OS-Core.CORE2-SHLIBS,fr=B.11.23,fa=HP-UX_B.11.23_IA,v=HP: /usr/lib/hpux32/aries32.so: HP0000 ARIES B.11.23.00 ((TAHOE.11.23.PATCH_STABLE, ARIES_TAHOE.11.23.PATCH_STABLE, ARIES_TAHOE. 11.23.PATCH_040701.031446, ISO_ARIES_1123_PA TCH_PHSS_30779)) (PHSS_30779) INum:6 Jul 1, 2004 16:31:53. /usr/lib/hpux32/pa_boot32.so: HP0000 ARIES B.11.23.00 ((TAHOE.11.23.PATCH_STABLE, ARIES_TAHOE.11.23.PATCH_STABLE, ARIES_TAHOE. 11.23.PATCH_040701.031446, ISO_ARIES_1123_PA TCH_PHSS_30779)) (PHSS_30779) INum:6 Jul 1, 2004 16:34:4. cksum(1) Output: OS-Core.CORE2-64SLIB,fr=B.11.23,fa=HP-UX_B.11.23_IA,v=HP: 4243687896 2368920 /usr/lib/hpux64/aries64.so 942740092 144784 /usr/lib/hpux64/pa_boot64.so OS-Core.CORE2-SHLIBS,fr=B.11.23,fa=HP-UX_B.11.23_IA,v=HP: 726870961 18430004 /usr/lib/hpux32/aries32.so 1461447840 119500 /usr/lib/hpux32/pa_boot32.so Patch Conflicts: None Patch Dependencies: None Hardware Dependencies: None Other Dependencies: None Supersedes: PHSS_29658 PHSS_30015 PHSS_30237 PHSS_30674 Equivalent Patches: None Patch Package Size: 4280 KBytes Installation Instructions: Please review all instructions and the Hewlett-Packard SupportLine User Guide or your Hewlett-Packard support terms and conditions for precautions, scope of license, restrictions, and, limitation of liability and warranties, before installing this patch. ------------------------------------------------------------ 1. Back up your system before installing a patch. 2. Login as root. 3. Copy the patch to the /tmp directory. 4. Move to the /tmp directory and unshar the patch: cd /tmp sh PHSS_30779 5. Run swinstall to install the patch: swinstall -x autoreboot=true -x patch_match_target=true \ -s /tmp/PHSS_30779.depot By default swinstall will archive the original software in /var/adm/sw/save/PHSS_30779. If you do not wish to retain a copy of the original software, include the patch_save_files option in the swinstall command above: -x patch_save_files=false WARNING: If patch_save_files is false when a patch is installed, the patch cannot be deinstalled. Please be careful when using this feature. For future reference, the contents of the PHSS_30779.text file is available in the product readme: swlist -l product -a readme -d @ /tmp/PHSS_30779.depot To put this patch on a magnetic tape and install from the tape drive, use the command: dd if=/tmp/PHSS_30779.depot of=/dev/rmt/0m bs=2k Special Installation Instructions: None