Patch Name: PHKL_21779 Patch Description: s700 10.20 Fix mprotect() panic Creation Date: 00/06/05 Post Date: 00/06/09 Hardware Platforms - OS Releases: s700: 10.20 Products: N/A Filesets: OS-Core.CORE-KRN ProgSupport.C-INC Automatic Reboot?: Yes Status: General Superseded Critical: Yes PHKL_21779: PANIC CORRUPTION Path Name: /hp-ux_patches/s700/10.X/PHKL_21779 Symptoms: PHKL_21779: (SR: 8606137220 CR: JAGad06338) Data corruption and an eventual system panic can occur when a user application makes a large number (over 65535) of mprotect(2) calls. A typical panic is a data page fault with the following stack: panic+0x10 report_trap_or_int_and_panic+0xe8 trap+0x1054 $call_trap+0x20 bcopy_pcxu_method+0xbc hdl_split_sub+0x230 hdl_mprotect+0x3b0 do_mprotect+0x17c foreach_pregion+0xec mprotect+0xa4 syscall+0x1a4 $syscallrtn+0x0 Defect Description: PHKL_21779: (SR: 8606137220 CR: JAGad06338) The problem is caused by the limitation of the protection ranges for memory mapped regions. The counter for the number of pregions that can be mprotected is defined as a u_short. When an application uses a very large data segment and makes more than 64K-1 mprotect(2) calls, the range counter overflows, causing memory corruption that results in a system panic. Resolution: Change the definition of mprotect range counters from u_short to int. SR: 8606137220 Patch Files: /usr/conf/lib/libhp-ux.a(hdl_mprotect.o) /usr/conf/machine/hdl_preg.h /usr/include/machine/hdl_preg.h what(1) Output: /usr/conf/lib/libhp-ux.a(hdl_mprotect.o): hdl_mprotect.c $Date: 2000/06/05 14:43:02 $ $Revisio n: 1.4.98.7 $ PATCH_10.20 (PHKL_21779) /usr/conf/machine/hdl_preg.h: hdl_preg.h $Date: 2000/06/05 13:25:34 $ $Revision: 1 .8.98.3 $ PATCH_10.20 (PHKL_21779) /usr/include/machine/hdl_preg.h: hdl_preg.h $Date: 2000/06/05 13:25:34 $ $Revision: 1 .8.98.3 $ PATCH_10.20 (PHKL_21779) cksum(1) Output: 788436884 15760 /usr/conf/lib/libhp-ux.a(hdl_mprotect.o) 3311526647 2433 /usr/conf/machine/hdl_preg.h 3311526647 2433 /usr/include/machine/hdl_preg.h Patch Conflicts: None Patch Dependencies: s700: 10.20: PHKL_16750 Hardware Dependencies: None Other Dependencies: None Supersedes: None Equivalent Patches: PHKL_21780: s800: 10.20 Patch Package Size: 80 KBytes Installation Instructions: Please review all instructions and the Hewlett-Packard SupportLine User Guide or your Hewlett-Packard support terms and conditions for precautions, scope of license, restrictions, and, limitation of liability and warranties, before installing this patch. ------------------------------------------------------------ 1. Back up your system before installing a patch. 2. Login as root. 3. Copy the patch to the /tmp directory. 4. Move to the /tmp directory and unshar the patch: cd /tmp sh PHKL_21779 5a. For a standalone system, run swinstall to install the patch: swinstall -x autoreboot=true -x match_target=true \ -s /tmp/PHKL_21779.depot By default swinstall will archive the original software in /var/adm/sw/patch/PHKL_21779. If you do not wish to retain a copy of the original software, you can create an empty file named /var/adm/sw/patch/PATCH_NOSAVE. WARNING: If this file exists when a patch is installed, the patch cannot be deinstalled. Please be careful when using this feature. It is recommended that you move the PHKL_21779.text file to /var/adm/sw/patch for future reference. To put this patch on a magnetic tape and install from the tape drive, use the command: dd if=/tmp/PHKL_21779.depot of=/dev/rmt/0m bs=2k Special Installation Instructions: This patch depends on base patch PHKL_16750 . For successful installation, please ensure that PHKL_16750 is in the same depot with this patch, or PHKL_16750 is already installed.