Patch-ID# 106542-36 Keywords: security kernel mmu36 pci iop ypserv sockfs mt nis pam ts null ypxfrd Synopsis: SunOS 5.7_x86: Kernel Update Patch Date: Sep/28/2004 Install Requirements: Install in Single User Mode Reboot immediately after patch is installed See Special Install Instructions Solaris Release: 7_x86 SunOS Release: 5.7_x86 Unbundled Product: Unbundled Release: Xref: This patch available for SPARC as patch 106541 Topic: SunOS 5.7_x86: Kernel Update Patch NOTE: Refer to Special Install Instructions section for IMPORTANT specific information on this patch. Relevant Architectures: i386 BugId's fixed with this patch: 1231256 1257084 1264344 4009465 4013043 4044295 4044653 4053258 4061229 4077873 4104844 4106267 4115493 4115711 4115715 4120985 4122009 4124715 4125102 4136059 4137086 4138467 4139770 4140423 4141554 4143503 4146756 4147402 4151780 4152055 4155392 4160727 4161576 4162016 4162091 4162184 4162491 4163335 4165983 4166495 4166626 4167174 4167270 4167727 4168739 4168892 4170365 4170410 4170500 4170595 4170602 4171679 4172111 4172702 4173187 4173696 4174167 4174308 4174331 4174354 4174434 4174755 4175299 4175558 4175651 4176038 4176365 4176940 4177496 4178298 4178455 4179342 4179407 4179861 4179883 4180045 4181149 4181152 4181570 4182043 4182047 4182072 4182227 4182234 4182240 4182970 4183947 4184015 4184430 4184461 4184542 4184786 4184788 4184794 4184852 4184877 4185110 4185366 4185433 4185742 4186155 4186202 4187811 4187978 4188005 4188193 4188212 4188573 4190080 4190083 4190138 4190405 4190466 4190566 4190796 4190807 4190812 4190962 4190995 4191306 4191544 4191586 4192056 4192195 4192420 4192639 4193375 4193378 4193379 4193380 4193381 4193383 4193467 4193657 4193683 4193748 4193852 4194454 4194505 4194509 4195726 4195875 4196408 4196541 4196832 4196986 4196994 4196998 4197140 4197418 4197422 4197461 4198134 4198533 4198723 4198942 4199032 4199042 4199606 4199897 4200121 4200217 4200447 4200817 4200972 4201921 4202082 4202680 4203157 4203482 4203495 4203989 4204046 4205009 4205437 4205612 4205959 4206401 4207080 4208677 4210540 4210635 4211361 4211474 4211840 4212524 4212620 4212634 4212925 4213840 4214611 4214739 4215477 4216863 4217122 4218505 4218508 4218800 4219071 4220394 4220910 4223115 4223353 4224086 4224111 4224166 4225553 4225913 4226443 4226963 4227256 4227724 4229414 4229608 4231168 4231212 4233009 4233526 4233795 4234085 4235823 4236372 4236795 4238230 4238662 4238982 4240566 4240810 4240889 4242224 4242668 4242724 4243937 4243984 4244494 4244731 4245196 4245852 4246172 4246455 4246789 4246796 4247447 4248004 4248024 4249187 4249426 4249960 4250104 4250836 4252011 4252698 4252743 4253070 4253149 4253437 4253500 4253619 4255621 4255660 4255768 4256294 4256338 4256769 4257413 4257454 4258561 4258750 4258764 4258771 4260058 4260700 4261432 4261612 4262856 4263629 4263899 4264638 4264976 4265182 4265594 4267183 4267195 4267487 4267563 4269834 4270735 4271034 4271250 4271267 4271807 4271843 4271957 4272341 4272453 4273366 4276984 4278584 4278679 4279557 4279983 4281243 4281471 4285032 4285517 4285533 4285794 4289187 4289663 4290575 4291034 4291217 4291587 4291844 4292683 4294881 4295776 4295779 4298424 4298451 4298472 4298567 4299010 4300016 4300454 4300951 4301477 4302592 4302786 4303474 4303962 4304283 4304289 4307306 4307800 4308666 4309712 4310608 4311360 4312641 4314913 4318178 4318695 4319441 4319717 4323101 4323971 4325682 4325959 4330074 4330959 4331790 4332740 4336917 4337337 4337605 4338139 4340646 4341921 4344475 4344513 4345133 4345785 4348738 4353901 4353965 4356040 4356664 4357732 4357778 4359760 4359797 4360843 4362946 4363051 4363678 4365374 4366956 4368057 4369289 4371826 4374039 4374785 4374974 4375449 4375529 4380319 4380626 4382913 4385688 4386798 4391657 4392477 4399549 4400897 4400900 4400977 4404947 4406103 4408502 4408508 4409175 4414557 4417407 4417599 4419882 4420522 4424387 4428257 4429942 4431629 4432295 4433640 4444569 4449640 4449844 4455088 4459797 4463575 4463711 4466547 4466910 4467132 4468181 4468852 4475227 4476741 4477262 4480272 4480376 4483007 4484446 4484819 4484980 4485871 4486764 4487376 4488416 4489291 4492255 4492876 4495032 4500054 4504341 4506569 4507281 4517840 4518087 4519254 4525250 4528269 4545767 4558909 4559012 4587859 4614036 4614329 4618459 4626999 4635294 4635484 4639269 4639827 4644260 4646188 4649946 4651433 4653919 4661997 4662085 4665297 4669963 4670382 4670414 4670468 4674435 4676535 4677620 4699850 4705713 4708822 4715028 4729683 4732828 4735093 4737417 4737656 4748411 4749274 4756192 4767215 4768760 4772471 4774462 4787413 4797219 4812764 4850672 4854840 4857394 4926980 4998030 Changes incorporated in this version: Patches accumulated and obsoleted by this patch: 106833-03 106914-04 106977-01 107032-01 107118-05 107440-01 107447-01 107463-02 108753-01 108755-02 109105-04 109650-02 111599-01 Patches which conflict with this patch: Patches required with this patch: 107545-02 or greater 114286-01 or greater Obsoleted by: Files included with this patch: /boot/solaris/boot.bin /etc/default/devfsadm /etc/default/nss /etc/devlink.tab /etc/fs/hsfs/mount /etc/fs/ufs/mount /etc/init.d/autofs /etc/init.d/coreadm /etc/init.d/devfsadm /etc/init.d/initpcihpc /etc/init.d/nfs.client /etc/init.d/pcmcia /etc/init.d/rootusr /etc/init.d/rpc /etc/init.d/syslog /etc/init.d/tsquantum /etc/init.d/volmgt /etc/inittab /etc/minor_perm /etc/name_to_major /etc/name_to_sysnum /etc/rc0.d/K35volmgt /etc/rc0.d/K40syslog /etc/rc0.d/K41autofs /etc/rc0.d/K41nfs.client /etc/rc0.d/K41rpc /etc/rc0.d/K78pcmcia (deleted file) /etc/rc0.d/K83devfsadm /etc/rc1.d/K35volmgt /etc/rc1.d/K40syslog /etc/rc1.d/K41autofs /etc/rc1.d/K41rpc /etc/rc2.d/S71rpc /etc/rc2.d/S73nfs.client /etc/rc2.d/S74autofs /etc/rc2.d/S74syslog /etc/rc2.d/S92volmgt /etc/rc2.d/S99tsquantum /etc/rcS.d/K35volmgt /etc/rcS.d/K40syslog /etc/rcS.d/K41autofs /etc/rcS.d/K41rpc /etc/rcS.d/S15initpcihpc /etc/rcS.d/S30rootusr.sh /etc/rcS.d/S42coreadm /etc/rcS.d/S50devfsadm /etc/rcS.d/S50drvconfig (deleted file) /etc/rcS.d/S60devlinks (deleted file) /etc/rcS.d/S65pcmcia (deleted file) /etc/rmmount.conf /etc/security/audit_class /etc/security/audit_event /etc/syslog.conf /etc/vold.conf /kernel/drv/cn /kernel/drv/devinfo /kernel/drv/icmp /kernel/drv/ip /kernel/drv/iwscn /kernel/drv/llc1 /kernel/drv/log /kernel/drv/mm /kernel/drv/pci_pci /kernel/drv/pcic /kernel/drv/poll /kernel/drv/poll.conf /kernel/drv/ra (deleted file) /kernel/drv/ra.conf (deleted file) /kernel/drv/sy /kernel/drv/sysmsg /kernel/drv/sysmsg.conf /kernel/drv/tcp /kernel/drv/udp /kernel/drv/wc /kernel/exec/elfexec /kernel/fs/nfs /kernel/fs/procfs /kernel/fs/sockfs /kernel/fs/specfs /kernel/fs/ufs /kernel/genunix /kernel/misc/busra /kernel/misc/gld /kernel/misc/hpcsvc /kernel/misc/i2o_msg /kernel/misc/klmmod /kernel/misc/klmops /kernel/misc/krtld /kernel/misc/pcalloc (deleted file) /kernel/misc/pcicfg /kernel/misc/pcihp /kernel/misc/pcmcia /kernel/misc/scsi /kernel/misc/strplumb /kernel/misc/swapgeneric /kernel/misc/ufs_log /kernel/sched/TS /kernel/strmod/pfmod /kernel/strmod/ptem /kernel/strmod/ttcompat /kernel/sys/c2audit /kernel/sys/doorfs /kernel/sys/inst_sync /kernel/sys/kaio /kernel/sys/nfs /kernel/sys/pset /platform/i86pc/kadb /platform/i86pc/kernel/drv/pci /platform/i86pc/kernel/drv/rootnex /platform/i86pc/kernel/misc/emul_80387 /platform/i86pc/kernel/mmu/mmu32 /platform/i86pc/kernel/mmu/mmu36 /platform/i86pc/kernel/unix /sbin/mount /sbin/mountall /sbin/rc1 /sbin/rcS /sbin/sulogin /usr/bin/adb /usr/bin/coreadm /usr/bin/gcore /usr/bin/i86/adb /usr/bin/i86/ps /usr/bin/i86/savecore /usr/bin/i86/truss /usr/bin/ipcs /usr/bin/kgmon /usr/bin/plimit /usr/bin/prex /usr/bin/ps /usr/bin/savecore /usr/bin/setuname /usr/bin/tnfxtract /usr/bin/truss /usr/bin/uptime /usr/bin/w /usr/include/bsm/audit.h /usr/include/bsm/audit_record.h /usr/include/config_admin.h /usr/include/devpoll.h /usr/include/inet/ip.h /usr/include/inet/ip_if.h /usr/include/inet/mi.h /usr/include/inet/tcp.h /usr/include/libdevice.h /usr/include/libdevinfo.h /usr/include/nfs/lm.h /usr/include/nfs/lm_server.h /usr/include/nfs/rnode.h /usr/include/nl_types.h /usr/include/poll.h /usr/include/sac.h /usr/include/stdio_ext.h /usr/include/stdio_impl.h /usr/include/sys/aio_impl.h /usr/include/sys/bootconf.h /usr/include/sys/callb.h /usr/include/sys/callo.h /usr/include/sys/cladm.h /usr/include/sys/clconf.h /usr/include/sys/cmn_err.h /usr/include/sys/condvar.h /usr/include/sys/console.h /usr/include/sys/copyops.h /usr/include/sys/core.h /usr/include/sys/corectl.h /usr/include/sys/cpuvar.h /usr/include/sys/dc_ki.h /usr/include/sys/ddi_impldefs.h /usr/include/sys/ddi_implfuncs.h /usr/include/sys/dditypes.h /usr/include/sys/debug/debugger.h /usr/include/sys/devctl.h /usr/include/sys/devinfo_impl.h /usr/include/sys/devpoll.h /usr/include/sys/disp.h /usr/include/sys/door.h /usr/include/sys/dumphdr.h /usr/include/sys/fcntl.h /usr/include/sys/fdbuffer.h /usr/include/sys/flock.h /usr/include/sys/flock_impl.h /usr/include/sys/fs/pxfs_ki.h /usr/include/sys/fs/seg_xmem.h /usr/include/sys/fs/snode.h /usr/include/sys/fs/udf_inode.h /usr/include/sys/fs/udf_volume.h /usr/include/sys/fs/ufs_inode.h /usr/include/sys/fs/ufs_mount.h /usr/include/sys/fs/ufs_trans.h /usr/include/sys/fs/xmem.h /usr/include/sys/ftrace.h /usr/include/sys/gld.h /usr/include/sys/gldpriv.h /usr/include/sys/hotplug/hpcsvc.h /usr/include/sys/hotplug/hpctrl.h /usr/include/sys/hotplug/pci/pcicfg.h /usr/include/sys/hotplug/pci/pcihp.h /usr/include/sys/isa_defs.h /usr/include/sys/kmem.h /usr/include/sys/kmem_impl.h /usr/include/sys/kobj.h /usr/include/sys/kobj_impl.h /usr/include/sys/log.h /usr/include/sys/machcpuvar.h /usr/include/sys/machparam.h /usr/include/sys/mem.h /usr/include/sys/mem_config.h /usr/include/sys/memlist.h /usr/include/sys/mmu.h /usr/include/sys/mntent.h /usr/include/sys/modctl.h /usr/include/sys/mount.h /usr/include/sys/param.h /usr/include/sys/pcalloc.h (deleted file) /usr/include/sys/pcb.h /usr/include/sys/pci_impl.h /usr/include/sys/pcmcia.h /usr/include/sys/poll.h /usr/include/sys/poll_impl.h /usr/include/sys/proc.h /usr/include/sys/promif.h /usr/include/sys/prsystm.h /usr/include/sys/pte.h /usr/include/sys/rce.h /usr/include/sys/reboot.h /usr/include/sys/refstr.h /usr/include/sys/refstr_impl.h /usr/include/sys/rtc.h /usr/include/sys/scsi/generic/message.h /usr/include/sys/scsi/impl/transport.h /usr/include/sys/scsi/scsi_ctl.h /usr/include/sys/session.h /usr/include/sys/share.h /usr/include/sys/socketvar.h /usr/include/sys/spl.h /usr/include/sys/sservice.h /usr/include/sys/stream.h /usr/include/sys/strlog.h /usr/include/sys/strredir.h /usr/include/sys/strsun.h /usr/include/sys/sunddi.h /usr/include/sys/sunndi.h /usr/include/sys/syscall.h /usr/include/sys/systm.h /usr/include/sys/taskq.h /usr/include/sys/taskq_impl.h /usr/include/sys/thread.h /usr/include/sys/uadmin.h /usr/include/sys/vfs.h /usr/include/sys/vm.h /usr/include/sys/vmsystm.h /usr/include/sys/vnode.h /usr/include/vm/anon.h /usr/include/vm/hat.h /usr/include/vm/page.h /usr/include/vm/seg.h /usr/include/vm/seg_kp.h /usr/include/vm/seg_map.h /usr/kernel/drv/dump /usr/kernel/drv/ksyms /usr/kernel/drv/logindmux /usr/kernel/drv/tnf /usr/kernel/fs/xmemfs /usr/kernel/sched/RT /usr/lib/adb/callout_table /usr/lib/adb/cpu /usr/lib/adb/dp_entry /usr/lib/adb/fdbuffer /usr/lib/adb/kmem_cache /usr/lib/adb/lock_descriptor /usr/lib/adb/msgbuf /usr/lib/adb/msgbuf.wrap (deleted file) /usr/lib/adb/msgtext /usr/lib/adb/pollcache /usr/lib/adb/polldat /usr/lib/adb/pollstate /usr/lib/adb/qthread.info /usr/lib/adb/refstr /usr/lib/adb/scsi_hba_tran /usr/lib/adb/snode /usr/lib/adb/sonode /usr/lib/adb/stacktrace.nxt /usr/lib/adb/task /usr/lib/adb/taskq /usr/lib/adb/tcp /usr/lib/adb/thread /usr/lib/adb/thread.brief /usr/lib/adb/ud_ext /usr/lib/adb/ud_inode /usr/lib/adb/ud_map /usr/lib/adb/ud_part /usr/lib/adb/ud_vfs /usr/lib/cfgadm/pci.so.1 /usr/lib/cfgadm/scsi.so /usr/lib/cfgadm/scsi.so.1 /usr/lib/class/TS/TSbigquanta /usr/lib/devfsadm/devfsadmd /usr/lib/devfsadm/devfseventd /usr/lib/devfsadm/linkmod/SUNW_audio_link.so /usr/lib/devfsadm/linkmod/SUNW_disk_link.so /usr/lib/devfsadm/linkmod/SUNW_port_link.so /usr/lib/devfsadm/linkmod/SUNW_tape_link.so /usr/lib/fs/hsfs/mount /usr/lib/fs/ufs/mount /usr/lib/fs/xmemfs/mount /usr/lib/isaexec /usr/lib/libbsm.a /usr/lib/libbsm.so.1 /usr/lib/libc.a /usr/lib/libc.so.1 /usr/lib/libcfgadm.so.1 /usr/lib/libdevfsevent.so.1 /usr/lib/libdevice.so.1 /usr/lib/libdevinfo.so.1 /usr/lib/libkvm.so.1 /usr/lib/libp/libc.a /usr/lib/libproc.so.1 /usr/lib/llib-lbsm /usr/lib/netsvc/yp/ypserv /usr/lib/netsvc/yp/ypxfr /usr/lib/netsvc/yp/ypxfrd /usr/lib/nss_nis.so.1 /usr/lib/nss_nisplus.so.1 /usr/lib/pcmciad /usr/lib/pics/libc_pic.a /usr/lib/watchmalloc.so.1 /usr/platform/i86pc/include/vm/hat_i86.h /usr/platform/i86pc/include/vm/mach_page.h /usr/platform/i86pc/lib/adb/msgbuf (deleted file) /usr/proc/bin/pcred /usr/proc/bin/pfiles /usr/proc/bin/pflags /usr/proc/bin/pldd /usr/proc/bin/pmap /usr/proc/bin/prun /usr/proc/bin/psig /usr/proc/bin/pstack /usr/proc/bin/pstop /usr/proc/bin/ptime /usr/proc/bin/ptree /usr/proc/bin/pwait /usr/proc/bin/pwdx /usr/sbin/add_drv /usr/sbin/auditd /usr/sbin/auditreduce /usr/sbin/audlinks /usr/sbin/cfgadm /usr/sbin/clinfo /usr/sbin/consadm /usr/sbin/consadmd /usr/sbin/crash /usr/sbin/devfsadm /usr/sbin/devlinks /usr/sbin/disks /usr/sbin/dmesg /usr/sbin/drvconfig /usr/sbin/i86/crash /usr/sbin/i86/dmesg (deleted file) /usr/sbin/killall /usr/sbin/lockstat /usr/sbin/mount /usr/sbin/mountall /usr/sbin/msgid /usr/sbin/nlsadmin /usr/sbin/pmadm /usr/sbin/ports /usr/sbin/praudit /usr/sbin/prtconf /usr/sbin/rem_drv /usr/sbin/rmmount /usr/sbin/sacadm /usr/sbin/strace /usr/sbin/strerr /usr/sbin/swap /usr/sbin/sysdef /usr/sbin/syslogd /usr/sbin/tapes /usr/sbin/whodo /usr/ucb/ps /usr/ucb/ucblinks Problem Description: This revision was spun only to maintain revision consistency with Sparc patch 106541-36. (from 106542-35) 4998030 umount doesn't complete due to infinite loop in ufs_idle_drain (from 106542-34) 4500054 system soft hangs in kaio:aio_cleanup_thread 4507281 panic in ufs_iinactive() due to corrupted/freed ufsvfs struct (from 106542-33) 4857394 AUE_MODADDMAJ doesn't check user arguments properly (from 106542-32) 4797219 pstack is amazingly inefficient for MT targets 4756192 pstack goes into loop, different location than bugid 4524527 4271957 ucontext_t.uc_link points to garbage (from 106542-31) 4926980 ufs_trans_touch() walks beyond the end of the uio_iov array (from 106542-30) 4265182 binding of lwp's to processor inconsistent 4653919 race condition caused by the sockfs module (from 106542-29) 4729683 modload() could do some checking before loading a module (from 106542-28) 4246172 lwpchan implementation is broken on 64-bit kernels (from 106542-27) 4137086 Problems with TCIflush and TCIO options of tcflush() 4477262 panic in flk_process_request() due to l_next being NULL 4677620 security hole in sysinfo 4850672 TOD validation of clock rate produces false warning 4854840 Clusternode 3.0 panics in ufs_si_store called from ufs_acl_set (from 106542-26) 4330959 System panics invalidating quotas when unmounting filesystem 4774462 Improve nfs access cache lock(nfs_acache_lock) performance 4468852 NFS access cache hash is too expensive (from 106542-25) 4203482 fsflush does not flush data to disk 4371826 copying large files over NFS to (logging) UFS serializes all UFS writes 4466910 panic ufs_putapage: bn == UFS_HOLE 4485871 bad trap panic in ddi_unorphan_devs 4559012 /usr/ucb/ps hangs after reboot until one is killed creating /tmp/ps_data 4676535 trap in psig() due to lwp_cursig=0 and proc.p_sig nonzero 4732828 BSM enabled system can panic referencing NULL p_audit_data 4737656 strqset+0x14 alignment panic 4768760 automountd hangs if NFS threads receive NFS3ERR_JUKEBOX 4772471 console logfile corrupted due to syslogd: some logger thread(s) are stuck 4787413 syslogd: Bad terminal owner; root owns '/dev/console' but utmp says LOGIN 4812764 *syslogd* dumps core with large size (> 1024) packet. (from 106542-24) 4009465 msgpullup may fail and not report it 4587859 I_STR ioctl payloads are improperly validated 4644260 "/usr/lib/llc2/llc2_config -P" fails after I_STR validation fix 4044295 nfs hang waiting for locked page 4267487 door_inactive() panics while trying to delete a revoked door 4311360 updwtmp(3c) creates files with unspecified permissions 4433640 mod_remove(9F) fails under 108528-06 [Solaris 8 KU-06] 4480376 assertion failure in pcacheset_invalidate; poll doesn't check args well enough 4626999 poll(2) fix for bugid 4480376 could cause regression for some applications 4488416 tcp state is in BOUND when application stops 4518087 No driver support for TI 1225 PVD chipset in Solaris 7, Solaris 8 and Solaris 9 4639269 fhc reports "Illegal Fault type 15" when it gets a TOD fault 4651433 System hang tod_fault called from clock try's to demand load symbol table 4639827 TCP cwnd does not increase during congestion avoidance 4646188 panic due to pr_getprot() bounds checking error 4669963 Strong security checks in catgets(3C) break setuid application 4674435 When msgid=0 was configured in log.conf, qfe link messages wasn't logged 4705713 *syslogd* outputs error messages when shutting down the system 4699850 t_state not reaching global visibility in door_return() before t_lockp 4708822 priocntl() system can load a user module and can gain access to system 4748411 Fix for 4708822 can be improved 4715028 mount has an open file descriptor 'leak' which is exposed with parallel mounting 4735093 F_SETLK performance can degrade quadratically with number of locks 4737417 ypxfrd security issue with map handling 4749274 MT-Safe functions such as syslog(3C) and wordexp(3C) cannot use fork() 4767215 Incorrect output with kP format, losing significant digits (from 106542-23) 4146756 ufs trans code makes insufficient reservations in some cases 4242724 ufs_trans_write_resv() calculations cause panic in segmap_getmapflt() 4243984 *syslogd* drops FORW messages 4424387 *syslogd* gathers unnecessary information 4558909 syslogd stops logging remote messages after restart 4665297 syslogd shuts down itself 4670382 *syslogd* opens door too early 4670414 *syslogd* should not close door while reconfiguring 4670468 *syslogd* does not log its error message 4253149 NFS failover error can hang threads 4492876 A client program can cause denial of service request (problem not fixed in Solaris 7) 4635484 DoS attack streams.c 4662085 panic occurs in tcp_accept_comm() under the shortage of memory. (from 106542-22) 4170365 kstr_open allocates a file slot unnecessarily 4216863 libproc Prelease() can loop infinitely reporting "Psetrun: Device busy" 4231168 Deadlock between tcp_snmp_get and tcp_close 4318178 wordexp puts automatic string into environment. 4444569 Purify reports memory leaks in wordexp(3C) 4382913 deadlock in modload while loading dependent modules 4661997 buffer overflow in dbm_open (from 106542-21) 4194505 trap type=0x31 in disp_lowpri_cpu running HSM 3.1.1 migsweepihand 4199897 agent lwp can be deadly when issued license to SIGKILL 4247447 system_misc kstat calculates pp_kernel incorrectly 4289663 streams devices fronted by the console need to be guarded more carefully 4300454 svvs failure caused by 4289663; sy needs to pass CONSOPEN to stropen(). 4348738 "NOTICE: free inode had size " error 4360843 sd_struiowrq is NULL causing struioget to panic system 4380626 strcasecmp and strncasecmp are broken for 8-bit characters 4392477 Problem with asynchronous writes under NFSv3 protocol of Solaris 8 4517840 nfs fails to write all the pages to the server due to frequent verifier changes. 4431629 memory delete hangs forever in pre-delete function, cannot timeout to continue 4417599 purging the seg_pcache can be inefficient 4649946 disconnecting SB gets stuck with both Oracle and SunMC running 4449844 segvn_pagelock passed rw_enter a NULL pointer 4476741 syslogd dumps core 4385688 syslog recurses when memory is low, runs off stack 4519254 *syslogd* does not check the permissions on the door file 4614036 *syslogd* incorrectly logs kern messages under user facil. from remote machines 4495032 NFS may loose async write blocks in rare conditions 4525250 Certain security relevant system calls are not auditable. 4528269 unsafe check in SIGWAITING signal delivery routine can cause panic 4614329 console output stops, which will stop other processes later 4618459 Tuning maxphys on Solaris 7 causes crash dump collection to abort 4635294 p_notifsigs[SIGWAITING] needs to be reset when some thread does exec (from 106542-20) 4190080 System can be paniced in adb by a normal user 4308666 panic in cv_wait_stop 4338139 Process hangs for lack of lwp to execute runnable threads. 4359797 jurassic: asserted on t->t_state == TS_ONPROC 4344513 /dev/kmem gives root too much rope 4545767 kvm_open(3KVM) needs to know about /dev/allkmem 4475227 Memory kstat collection may loop forever with DR in Solaris 7 4487376 ufs create/edquota deadlock on vfs_dqrwlock 4492255 close(2) may return EAGAIN on "nocto" NFS mounted filesystems 4504341 mount syscall can panic machine as ordinary user. (from 106542-19) 4240889 32 bit land timer_create sends bad sigev on 64 bit kernels 4291034 arp: bad trap in ip while deleting logical interface during arp 4310608 ufs thread deadlocks with itself on vfs_dqrwlock 4400897 NFS multi-client open same file and write almost same time cause invalid result 4408508 setup_mca() has extra, faulty indirection; causes panic 4414557 setup_mca: MSR definitions incorrect for Pentium 4, can't boot 4419882 large select(3c) timeout 4455088 ce/async fault queue producers and consumers can deadlock 4484980 kernel should provide a common error queue primitive 4484819 ddi_add_softintr should provide a fixed priority preference 4483007 spitfire scan_ecache() routine can corrupt stack 4463711 tcp_strong_iss=2 is not strong enough 4466547 syslogd hangs system after long uptime 4467132 NULL pointer *lwp_regs leads panic in lwp_freeregs() 4480272 stacktrace.nxt macro is buggy in x-86 Solaris 8. 4484446 Domain hang while attempting to configure SB17 4486764 System panics when nfsstat -m is run during unmount 4506569 catgets() function call doesn't return, hang in extract_format() (from 106542-18) 4013043 wscons's wcvnget() may return null vnode pointer for sun4u_10000 4167727 swprintf may put more data into the buffer than specified. 4184461 Failure to fork causes calling process to lose file locks 4218505 from cthon99: nfs3write() doesn't sanity check NFS3WRITE results from server 4252698 nfs hang waiting for a locked page 4253619 httpd hangs doing a fork() 4267183 dofusers(), dumpsys(), mmioctl() unsafe wrt exec(2) 4267195 holdlwps() and exitlwps() may call lwp_exit() while deep in the kernel 4318695 "nscd -g" causes "netibuf malloc failed - clnt_dg_create: out of memory" 4341921 dump_ioctl DIOCSETDEV/DIOCTRYDEV leaks vnode reference count (v_count) 4356040 nfs_access_cache() makes umount take long time to complete 4409175 access(2) system crdup()s too often causing nfs_access_cache pollution 4400900 nfs access cache has no upper limit 4365374 TCP window update algorithm in RFC 1122 has problem 4408502 lfmt(3C) calls ctime() which is MT_Unsafe. 4417407 NFS client writes don't get committed when writing to large files over NFS v3. 4428257 Kernel patch 106541-15 makes application disfunctional 4429942 syslog incorrectly logs emerg messages when forwarding to remote syslogd 4432295 send() doesn't handle incorrect arguments correctly 4459797 catgets sets errno to EBADF for the special message catalog for C locale 4463575 syslogd ignores log messages sent over IPv6 4489291 pset module should be delivered with patch 106541 (from 106542-17) 4115493 localtime() (strftime()) tm_hour can be off if POSIX timezones with rules 4170595 lufs: ldl_strategy contains a race condition 4294881 fork in MT process can hang in sockfs due to cv_wait/cv_wait_sig dependency 4298472 deadlock in ufs_si_store 4300951 panic : "recursive rw_enter" due to the command mv 4325682 heartbeat panic due to stuck clock thread 4331790 malloc() is slow on Solaris 7 4380319 bt_getlowbit trap type 31 (data mmu miss) 4400977 Solaris 7 bad unix file generated by savecore 4449640 dump_as aborts a dump unnecessarily (from 106542-16) 1257084 login times out, due to excessive time in group lookup 4357778 PSARC 2000/038 create /etc/default/nss 4077873 syslogd "mark" facility messages may be incorrectly suppressed as duplicates 4140423 syslogd consumes far too much CPU 4160727 Cust logging a mark on loghost and not working (syslog problems) 4162016 early syslog messages can be lost 4220910 syslogd does not handle malformed log messages 4233526 syslogd does not handle network messages containing newlines 4246796 *syslogd* does not reflect when messages are ignored due to highwater mark 4271807 *syslogd* loggers leak messages 4369289 syslog(3C) can't output the strings including newline code correctly. 4374974 *syslogd* checks open("/dev/zero") for failure incorrectly 4309712 *syslogd* hangs on HUP when Lentronic terminal server has flow control enabled 4323101 *syslogd* syslogd on Solaris 7 stops logging if file size exceeds 2gb 4336917 *syslogd* inherits its parent's behavior for signal HUP 4337337 *syslogd* leaks file descriptors when sent repeated SIGHUP 4345133 *syslogd* dies when given lots of SIGHUPS 4345785 *syslogd* calls perror when stderr points to a bad file: 4353901 *syslogd* can't print japanese code to remote host. 4357732 *syslogd* debugging information is meaningless 4374785 *syslogd* mark facility of syslog not time stamping log file properly 4386798 *syslogd* sometimes hangs when given lots of SIGHUP 4224111 Multihomed E3500 servers does not working correctly under Solaris 2.6 4258764 memory corruption in RPCSEC_GSS refresh entry point 4340646 filesystem full error message lost, not logged to /var/adm/messages 4363051 race condition in namefs deletes 4363678 Kernel panics with ufs_putapage: bn == UFS_HOLE after hit a users quota limit 4375529 realpath modifies filename when ENOENT is returned 4404947 sysi86 argument validation needs work 4406103 pollcache deadlock from dpioctl/untimeout and polltime callout 4420522 KJP 106541-15 prompts for /etc/devlink.tab override via JumpStart installation (from 106542-15) 1231256 panic "pagefault as_gap" in pagefault can occur and should be handled 4235823 JPN: mmaped file's i_mtime 4250836 Client sends thousands of COMMIT calls for same file and range. 4291217 mmu36: Page Fault on null-pointer dereference in hme_purge in Solaris 8 4281243 panic in hat_steal+137 - NULL hat pointer 4281471 x86 MP system hangs in hat_steal on reboot 4285032 Intel s8_34 panics: segpt_badop 4285533 p_share assertion failure in hme_add 4298424 pcmcia on Solaris 7 does not support pci adapters based on TI 1221 chipset 4298567 warning: "/etc/rmmount.conf" line 18: filesystem type "udfs" not recognized 4399549 rmmount security fix for 4205437: 'volmgt mounts setuid' is incomplete. 4332740 pages allocated by spawned thread after mlockall(MCL_FUTURE) do not stay locked 4353965 CDE logout / exit fails with Tooltalk message 4356664 iprb: network interface numbering problem 4362946 Threadlist traversal dereferences NULL t_lockp before thread creation completes 4366956 NLSPATH gettext introduces problems when used printf format specifier 4375449 dtmail crashes when calling catgets with NULL default message 4368057 Parallel entry gets deleted while installing SUNWsaip packages 4374039 libc/realpath can still write past end of buffer (from 106542-14) 4391657 System can not reboot after backout 106541-13/106542-13 (from 106542-13) 4323971 correctable error unum reporting is broken 4263899 error handling code doesn't report correct correctable error (CE) bit 4205437 Security problem with Solaris 7 volmgt mounts diskettes with setuid flag. 4304283 Memory allocation error in conf_mount() procedure in rmm_config.c 4298451 rmmount fails with SIGSEGV when mounting more than 3 partitions on one medium. 4304289 Need to add "udfs" to "mount * ufs hsfs -o nosuid" line in /etc/rmmount.conf 4226443 REGRESSION : loopback read() performance degrades badly as more data is available 4240810 multithreaded process hangs in /proc watchpoint call 4325959 /proc: dbx SIGTRAP problem: single-stepping and WA_EXEC watchpoint 4253437 Async I/O problem. 4256769 /usr/proc/bin/pstack shows incorrect traceback from a signal handler 4270735 Kernel panic at trap level 2 stack overflow caused by recursion in ufs_log 4271267 nfs_subr.c: assert fail rp->r_mapcnt == 0 4272341 /proc PCSTOP request fails when applied to a freshly fork1()d MT child 4273366 /etc/inittab can be overwritten; inittab should be filetype "e" instead of "f" 4285517 Aio does not return a signal to the calling application 4302592 TLI library is not fork-safe 4303962 multi-threaded fork1/execvp can fail because __environ_lock is held in parent 4319717 systems generate multiple old-broadcast tcp packets 4330074 TCP should handle out of order FIN 4344475 Panic in hat_pteload with Solaris 7 106542-09 or higher 4359760 sockfs and c2audit patch dependencies broken in Solaris 2.6 and 7 (from 106542-12) 4044653 get_free_smp() sits in cv_wait() 4184542 BAD TRAP occurred in module "ip" due to an illegal access to a user address. 4185433 strftime() causes ar tv with TZ=MET-1METDST,M3.5.0,M10.5.0 show wrong date 4191586 SVVS:BA/OS/malloc 4..4.1.3. SEVERR on E-10000 4193748 BAD TRAP panic in strlen() 4203989 ypserv on SS20 with 100 meg card running 5.7 spawns hundreds of ypserv processes 4249187 multi-threaded process deadlock during cfork, nfs reads/writes 4278679 df -k gives incorrect output in SEVM 2.6 in case of fs size > 200GB . 4291587 __udiv64 in libc.a[divrem64.o] does not give correct answer on x86 4291844 strftime and strptime are MT-Unsafe due to use of tzname[] 4295779 NFS V3 setattr call after exclusive create returns "update sync mismatch" 4299010 Solaris 8 disks(1m) chokes on /dev/osa/dev/osa when rdac installed 4307306 stopping c2 auditing does not always stop auditing in the kernel 4307800 potential panic in hat_addrchk on page fault of an ISM shared page 4312641 blocked cpu_dispqalloc() causes hang as cpu_pause threads running 4319441 SACK causes data corruption in TCP (data shifted by 12 bytes) 4267563 memory leak in tcp_xmit_mp() (from 106542-11) 4210540 x86 not fully updating system clock 4279557 tod code returns time with local timezone setting 4271843 error msg in fix for x86 RTC century byte needs improvement 4215477 stream/pagefault holding q_lock,tcp blocked on q_lock hmeintr blocked on 4224166 TPI messages get flushed if 3rd party module processes M_PROTO in service procedure 4162091 fork in MT process can hang process in sockfs due to cv_wait/cv_wait_sig dependency 4229608 SS20 running 5.7 hangs, deadlock between page_lock and entersq 4249960 Terminating active I/O will cause system to hung. 4253070 64-bit /proc//psinfo contains truncated rss value 4276984 "ls" does not terminate on Solaris 7 system in 32 bit mode 4278584 memory leak in sigaddq() 4289187 Server panics with corruption under heavy paging load 4289187 Server panics with corruption under heavy paging load 4292683 /usr/ucb/shutdown core dumps in syslog() 4295776 kaio can hang in aiosuspend(). 4300016 system resets when kernelbase is set to 0x6d000000 4302786 kernelbase < 0x70000000: loss of ~ 1 GB of memory on large memory machines 4303474 illegal instruction caused by stale T_LOFAULT 4314913 fix for Bug 4042527 leaves part of heap unusable, so frees can not combine. 4193683 malloc() with very big requested array size works incorrectly 4225913 malloc does not set errno to ENOMEM when not enough memory 4053258 calloc does not set errno to ENOMEM when not enough memory (from 106542-10) 4106267 NFS client is not able to access after server reboot due to auth err 4183947 garbage tokens in exit(2) audit record 4195726 page_list_sub: large page on cachelist panic 4213840 Solaris 7 FCS panic in mi_timer 4218508 from cthon99: NFS V3 client creates generate error from invalid mtime in 4243937 kpreempt() doesn't finish 4248024 Starfire panic's in lwp_sigredirect 4256338 *syslogd* dumps core when logging msgs & sending HUP's simultaneously 4261612 profil not disabled on exec*() as indicated in man page (from 106542-09) 4162184 memory leak in aclentry2vsecattr() 4162491 localtime() fails for earliest possible time (and possibly others) 4188573 The lwp_cond_wait system call is broken at small timeout values 4196832 libc TSD routines cause inconsistent behavior when libthread dlopen()ed 4198533 It seems that data corruption occurs under stressful environment. 4208677 5.5.1 panics when getpgid() is called with PID of a process just being 4210635 accept() scales poorly as the listen queue drops 4211474 Open call hangs on nfs mount point with stale file handle 4220394 wait3 library function fails after 248 days 4229414 Solaris 7 64 bit BSM auditing with +argv policy break exec() 4233795 fsflush causes panic in bio code (bflush) 4238662 quotaon on a Solaris 7 NFS server seems to hang the system and NFS 4242224 memory leak in IP 4246455 ddi_umem_alloc() panic in s7 4248004 quotaon on a Solaris 7 NFS server seems to hang the system and NFS 4249426 _lwp_condition_wait can return ETIME if passed a NULL 3rd argument 4252743 Solaris panics on /dev/poll ioctl with BAD TRAP type 34. 4253500 /dev/poll interface causes system panic when pollfd events member is 4260058 ip_newroute: CLASSD 0xNNNNNNNN errors on console with ip_debug=0 4262856 /dev/poll can look beyond the end of the open file table 4263629 assertion failure panics seen on /dev/poll usage in debug kernel. 4264638 svvs malloc panic on intel 4271034 multiprocessor x86 memory corruption when multithreaded process forks 4271250 /dev/poll can crash kernel with improper arguments to DP_ISPOLLED ioctl() 4285794 threads hang waiting for ULOCKFS_SLOCK after upgrading to 106541-07 (from 106542-08) 4141554 need Universal Disk Format filesystem support 4151780 devfsadm project PSARC/1997/202 4171679 system hang in mi_alloc_sleep 4173187 devfsadm port link module logs incorrect warning messages during reconfig 4174434 printing in devfsadm needs cleanup 4174755 ufs_rdwr_data() & ufs_alloc_data() should return zero if io is started 4175651 devfsadm: common link data should be in common file, not duplicated 4180045 devfsadm removes links with absolute contents and gives warning message 4181149 devfsadm: modules should not be required to include "_link" in the module 4181152 `make install` in devfsadm removes the devfsadm binary after installing 4184794 node panic in module ip after reconfiguration 4211361 gld: Changing Ethernet address on Solaris 7 isn't 4211840 ufs_alloc_data/ufs_rdwr_data can dead lock 4231212 SEGV in a signal handler 4236795 gld: should not do SNAP processing on Ethernet medium 4244494 gld: v2 token ring driver panics GLD 4223115 gld: error ip_rput: dl_error_ack (unable to disable multicast address) 4234085 gld: dangerous macro implementations of mac_eq and mac_copy 4238982 optimize hat layer performance for large address space processes 4245196 PCI Hotplug project (PSARC 1998/327) 4246789 integrate xmemfs functionality into Solaris 7 4250104 ufs_alloc_data() does not update the length field indicating allocation 4252011 cladm should not call cladmin if not booted as a cluster 4255621 mound panic: pagefault in user addr space management table (userptemap) 4257454 tearing down shared memory mappings induces panic 4257413 IA32 pagetables and directories should be dumped on PANIC 4255660 CR3 needs to be saved in a panic dump 4255768 "/usr/sbin/ifconfig -a broadcast +" deletes/changes routes associated with 4256294 disks getting multiple entries in /dev/[r]dsk under 1199 for clustered 4258561 devfsadm does not match devlink.tab entries correctly 4258750 add_drv does not create nodes for network (clone) devices 4258771 need to define the interface to cladm() system call for cluster device 4260700 cannot set rt_metrics on interface routes 4261432 need to backport pci.so bugfixes to 998 11/99 4264976 boot.bin: Dell 400 base locale panics on installation reboot 4265594 s1199_06 x86, panic: assertion failed in file i86/vm/hat_i386.c 4269834 drvconfig -i sd creates no nodes 4272453 add_drv dumps core when adding drivers to 11/99 s998u4_07 4279983 printf() sometimes fails in multithreaded v9 programs under Solaris (from 106542-07) 4227256 Solaris 2.6 panic on boot 4205959 mountall will sometimes crash the system when doing the fsck portion of command 4207080 hang in poll, application does not get notified of data on stream head 4187978 Sunfire system panic'es while running lwp stress tests. 4176365 syslogd is increasing its size rapidly 4195875 fread() is many times slower when linked with libthread 4125102 ufs_itrunc()/top_end_async() deadlock 4200217 program hangs with resource temporarily unavailable using lio_listio library 4227724 None of atoi, atof, atol and strtol works correctly in multi-byte locales 4202680 thread_create() can return at different interrupt level 4225553 setlocale leaks memory for setting a composite locale 4245852 sscanf does not allow range over 7f in Solaris 7 4061229 NFS server crashes in flk_delete_active_lock (from 106542-06) 4242668 /usr/bin/coreadm cannot be localized because no setlocale is called 4240566 security: LC_MESSAGES buffer overflow 4238230 /kernel/sys/inst_sync not included in patch RTI P4168739 for FU releases 4236372 aio performance improvements 4233009 coreadm project 4226963 A Memory Leak of pthread program is due to schedctl doesn't free user address 4224086 syslogd dies when sent a SIGHUP 4223353 assumptions made in pollunlock() no longer valid with /dev/poll 4219071 kernel panics with segkp_fault: accessing redzone 4214611 hot kernel lock limiting scalability on Solaris 2.6+ or greater 4212925 NFS client unlink operation slow 4205009 system rebooted sfmmu_tsb_miss trap 31 4192195 ftime() does not update contents of struct timeb timezone and dstflag members 4190466 netpit caused poll() to assert 4185110 cfgadm extensions 4184786 config_admin(3X) extensions 4184788 cfgadm scsi hotplug plugin 4166495 libthread is not fork-safe wrt to system() (from 106542-05) 4206401 panic when linking active stream below mux 4200121 moving values-xpg4.o from /usr/ccs/lib to /usr/lib opens security hole 4178455 recursive mutex_enter panic in TCP Streams device driver 4175299 automounted binary crashes on replicated F/S when an NFS server dies 4173696 getcwd() returns NULL over lofs 4120985 panic in free_page on multiprocessor machines with fix bug 4026411 (from 106542-04) 4217122 KMF_LITE changes break NCA 4214739 sulogin shoots itself when filesystem needs manual fsck 4212524 ftrace should stop tracing at panic 4212634 cpu panic in 32-bit mode with Oracle, AP2.2 and Veritas3.0.1 4212620 consadmd needs to get linked to consadm 4204046 bad trap during oracle database startup 4202082 x86: "cannot get table entries" 4201921 lwp_create of ts thread causes NULL in suser 4200972 ioctl interface can be simplified 4200447 ttyname shows incorrect device name to auxiliary console user. 4200817 panic[cpu0]/thread=2a100255d60: Illegal lock transition from 6 to 6 4198942 solaris ntp_adjtime broken: clock.c; useless for PPS sync of the system clock 4197422 consadm doesn't open lock file correctly 4197418 severe Performance Degradation With Default Dispatch Table 4196986 deadlock caused by fix for bug 4060416 in patch 103640-24 4196994 consadm -p sometimes doesn't delete when carrier isn't present 4196998 multiple calls to init s and 1 cause sulogin to not exit on console at init 3 4199606 need a scalable mechanism to poll large number of file descriptors 4199042 param_calc() can override certain /etc/system settings 4199032 need fast event tracing support 4198723 provide a trace mechanism for logging around TCP RSTs 4198134 RFE: Provide Sunfire CPU/MEM DR and Starfire DR in a Solaris 7 QU 4197140 sulogin ends up getting owned by init on auxiliary 4193852 page_get_mnode_freelist() bug can cause hang or panic 4193657 swapadd fails on 2gb+ partitions with large specfs changes 4193383 redzone violation in console_get_size() 4193381 make kmem_flags settable in /etc/system 4193380 provide kmalog subcommand for crash(1M) 4193379 provide logging for kmem slab creation (cache growth) 4193378 provide logging for kmem allocation failures 4193375 provide lightweight kmem debugging option 4192420 SIGHUP handling of syslogd in Solaris 7 incorrect 4192056 memscrubber can cause long hangs (several minutes) during boot 4190995 sulogin doesn't accept input from serial console 4190962 setting serial console w/eeprom, consadmd behavior different for intel/sparc 4190566 hard hang on spin mutex in disp_swapped_enq() 4191544 System panic "blocked on mutex" in streams 4188212 gld: RFE: add support for Token Ring, FDDI, Diagnostic tracing 4186202 tnf_mod_load/unload need to be in tnf_res.c (genunix, not TNF driver) 4186155 PSARC/1998/173 - remote console 4185742 kill fails to exit properly when killing dga process 4179342 Solaris needs to provide a resource management solution for big servers 4178298 race condition in pr_getprot() 4174354 gld: DL_ENABLE_MULTI assumes maddr immediately follows dl_enabmulti_req_t 4167270 SCSA should support devctl interfaces 4143503 problem with 64 bit file pointers 4104844 if remote connection on serial port is lost/disconnected, system console hangs 1264344 gld: token ring support changes needed (from lstr code review) (from 106542-03) 4197461 provide ability to log all messages to panicbuf 4192639 ufs/dfratime: very frequent atime only updates can cause them not to be deferred 4176940 panic() when parsing driver.conf greater than 8KB 4155392 timezone change gives wrong alternate timezone 4136059 utc changes from 2.5.1 to 2.6 cause problems when including OS patches 4188005 mktime() can return wrong time if using multiple TZ's (from 106542-02) 4193467 panic in door_info(DOOR_QUERY, ...) 4190138 last argument in ddi_create_minor_node prototype should be renamed 4190083 kernel should define SPL8 4190405 panic in rpcsec_gss, rpc_gss_free_pvt dereferences NULL pointer 4190796 nfs names are allocated as 255 bytes, freed as 256 bytes 4190807 softcall_lock should be at SPL8, not SPL7 4190812 log_freeq spin lock should be initialized to SPL8 4184015 door_info never returns DOOR_IS_UNREF when called from unref thread 4181570 Clustering modules have changed names & form; need to edit modstubs to match 4182043 ufs: extended ufs ops (ufs_alloc_data()) needs ufs logging transactions. 4182047 fdbuffer: The async handler should bp_mapout the aysnc buffers 4179883 kmem code dealing with CPU removal broken when NCPU > 32 4182227 provide general-purpose asynchronous task scheduling 4182234 provide a better console output method than prom_printf() 4182240 replace kmem_async_dispatch() et al with a taskq 4182970 replace callout thread pool with a taskq 4184430 panic: recursive mutex_enter on kmem_cache_lock 4184852 kmem taskq should use a more modest 'minalloc' 4184877 missing mutex_enter() in task_alloc() error recovery 4185366 callout taskq should set minalloc == maxalloc 4177496 PSARC/1998/399: new system error message implementation 4175558 TZ=GMT0BST-1,M3.5.0/2:00,M10.5.0/2:00 breaks 6 times from now to 2037 4170410 rename is not atomic over nfs 4168739 Hooks for Sun Cluster 3.0 4152055 RFE: implement deferred access time option (dfratime) 4147402 Would like an interface to get from a phys. dev. path to a dev_info_t structure 4138467 need a way to get multiple unreferenced notifications on a door 4165983 new kernel interface for doors 4115711 adb can't handle long symbols 4115715 kadb input line length too small for C++ (from 106542-01) 4179407 extended fcntl(F_SHARE) file sharing has a 64 bit bug 4174167 volnotify is not working on Solaris 7 4170500 solaris ntp_adjtime broken, useless for PPS sync of the system clock 4139770 fcntl() returns EINVAL error in BCP mode when NFS file is read (from 106977-01) 4174331 The system falls into panic while shutdown procedure is executed during writing (from 106914-04) 4205612 rootnex: data corruption during Smash & Hammer; invalid s/g list (from 106914-03) 4194509 rootnex: Primergy 870 with 4096 MB memory crashes upon boot (from 106914-02) 4163335 mmu:x86: enable PAE by installing mmu36 module under /platform/i86pc/kernel/mmu 4170602 boot.bin initializes the property mmu-modlist to mmu36:mmu32 on a 4GB system. (from 106914-01) 4122009 boot.bin: a20enable hangs with keyboard/monitor switch unless keys pressed at ba (from 107440-01) 4203157 shmat causes corruption in the address space (from 107032-01) 4161576 ucblinks doesn't generate correct links for PCI cdroms (from 107118-05) 4218800 cl AUE_CLOSE close(2) events logged regardless of success or failure (from 107118-04) 4179861 au_to_arg and au_to_return disappeared Some of the libbsm interfaces were renamed (e.g. au_to_arg -> au_to_arg32). Restore old interfaces that were renamed. (from 107118-03) 4196408 details of cron command not written to audit trail (from 107118-02) 4196541 in.ftpd does not set audit characteristics for user after authentication (from 107118-01) 4188193 cron BSM records logged as unknown job (from 106833-03) 4194454 auditing to pipe causes system to panic (from 106833-02) 4187811 auditing of read or write system calls can cause system panic 4182072 praudit -l command merges output for several records into one line (from 106833-01) 4172702 system panics when ssh is used 4168892 Solaris 7 auditreduce does not work with pre-Solaris 7 audit trails 4172111 Audreduce gives random diagnostics 4174308 auditreduce command confused of format of AUT_SOCKET token 4167174 praudit cannot process Solaris 2.6 audit trails 4166626 praudit produces core when it process record of failure event with errno > 128 (from 107447-01) 4203495 Nexus I2O driver cannot initialize (from 108753-01) 4124715 Denial of Service in connection oriented Transports. (from 109105-04) 4337605 inetd Denial of Service Attack - accept() hangs after successful select() (from 109105-03) 4191306 TL_IOC_SOCKET failed: 4 on multi cpu system. (from 109105-02) 4176038 TCP layer can be in LISTEN while socket layer is not. (from 109105-01) 4224166 TPI messages get flushed if 3rd party module processes M_PROTO in service 4162091 fork in MT process can hang process in sockfs due to cv_wait/cv_wait_sig dependency 4290575 2nd connect() to determine status of non-blocking connect sends extra Syn packet (from 109650-02) 4244731 initgroups() doesn't return all groups when RFE 4005653 is on NIS+ server (from 109650-01) 4301477 Unable to authenticate user when linked with libthread and using NIS+ (from 111599-01) 4294881 fork in MT process can hang in sockfs due to cv_wait/cv_wait_sig dependency (from 107463-02) 4468181 low priority TS threads on a sleep queue can be victimized (from 107463-01) 4201921 lwp_create of ts thread causes NULL in suser (from 108755-02) 4737417 ypxfrd security issue with map handling (from 108755-01) 4124715 Denial of Service in connection oriented Transports Patch Installation Instructions: -------------------------------- For Solaris 2.0-2.6 releases, refer to the Install.info file and/or the README within the patch for instructions on using the generic 'installpatch' and 'backoutpatch' scripts provided with each patch. For Solaris 7-9 releases, refer to the man pages for instructions on using 'patchadd' and 'patchrm' scripts provided with Solaris. Any other special or non-generic installation instructions should be described below as special instructions. The following example installs a patch to a standalone machine: example# patchadd /var/spool/patch/104945-02 The following example removes a patch from a standalone system: example# patchrm 104945-02 For additional examples please see the appropriate man pages. Special Install Instructions: ----------------------------- NOTE 1: If possible, perform patch installation in single user mode. If this can not be done, we recommend having the system in as quiet a state as possible: no users logged on, no user jobs running. NOTE 2: System Boot and Error Messages -------------------------------- This patch improves the system boot and error message format by providing a unique identifier, module name, and time stamp to messages generated by the syslogd(1M) logging facility. In addition, messages that were previously lost after a system panic and reboot are now saved. A msgid(1M) command is provided for OEMs who want to generate message catalogs that map message IDs to message text. See msgid(1M) for details. The new message format can be enabled or disabled by setting the msgid property in the log.conf file; see log(7D) for details. The new message format is not enabled by default. New System Error Message Format If msgid is set to 0 in the log.conf file, there are no changes in the message format. If msgid is set to 1, there are two changes in the message format: 1. The text of the message is preceded by a message ID that looks like this: [ID .] For example: [ID 123456 kern.notice] The identifier is described in msgid(1M). The and tags are described in syslog.conf(4). 2. If the message originated in the kernel, the kernel module name is displayed instead of just 'unix.' Previous message format: Oct 1 14:07:24 venus unix: alloc: /: file system full New message format: Oct 1 14:07:24 venus ufs: [ID 845546 kern.notice] alloc: /: file system full \ How to Enable or Disable System Message IDs 1. Become superuser. 2. Enable or disable system message IDs by setting the msgid property in the file /platform/`uname -i`/kernel/drv/log.conf if it exists, or /kernel/drv/log.conf otherwise. a. To enable system message IDs, add this line: msgid=1; b. To disable system message IDs, add this line: msgid=0; 3. Save and close the file. 4. Reboot the system. NOTE 3: If you have a Net Install Image created by setup_install_server, please apply this patch to the miniroot. Refer to the patchadd manpage for the exact syntax. PAE (Physical Address Extension) -------------------------------- WARNING: It is possible that some device drivers may be written with assumptions about 4GB being the maximum amount of memory on an Intel Architecture system. Sun has tested the systems with PCI device drivers written by Sun. Sun's OEM partners intend to test their systems with devices that they supply on machines with more than 4 GB of memory. However, if a third party device driver is added to the system by the end user, there is a danger that system will become unstable with potentials for PANICs and data corruption. If this device is needed, then the PAE support can be forcibly disabled as follows: Reboot the system. Interrupt autoboot by pressing ESC. When the Configuration Assistant provides the Boot menu, - Choose Boot Tasks (F4). - Choose View/Edit Property Settings. - Choose Create Properties (F4) - Specify Property name as mmu-modlist. - Specify Value as mmu32. - Go back to Boot Menu and continue booting normally. NOTE 4: To get the complete fix for 4240566 (security: LC_MESSAGES buffer overflow), we recommend installing the following patches: 106794-03 (or newer) ufsdump and ufsrestore patch 107973-01 (or newer) /usr/sbin/static/rcp patch NOTE 5: Reboot the system after the Kernel Update patch is installed. Upon the initial update of a system running Solaris 7 to 106542-04 or newer revisions of the KU patch, a reboot(1M) or a halt(1M) should be used, rather than shutdown(1M), init 6, or init 0. This is because the shutdown, init 6, and init 0 commands will hang or be rendered non-functional due to modifications to the system's /etc/inittab resulting from the application of rev04 (or newer) revisions of the Kernel Update patch. This behavior, however, is only true on the initial application of these patch revisions. Subsequent updates should not adversely affect shutdown as the modifications would have already been in place. NOTE 6: To get the complete fix for 4196832, please also install the libthread patch, 106981-08, or its newer revision. NOTE 7: On a system running Solaris 7 11/99, installation of this Kernel Update Patch (or its newer revision) will also require installation of patch 107172-05 which contains a fix for patchrm. Without this "patchrm" patch, the Kernel Update -09 (or its newer revisions) cannot be backed out. NOTE 8: To get the complete fix for bug 4124715 (DENIAL OF SERVICE IN CONNECTION ORIENTED TRANSPORTS), one also needs to install the following patches: 106943-09 (or newer) libnsl & rpc.nisd 107478-03 (or newer) /usr/lib/nfs/mountd 108749-01 (or newer) /usr/lib/nfs/statd 108751-01 (or newer) /usr/lib/netsvc/yp/ypbind 108757-01 (or newer) /usr/lib/netsvc/yp/rpc.ypupdated 108759-01 (or newer) /usr/sbin/keyserv 108761-01 (or newer) /usr/sbin/rpcbind 108763-01 (or newer) /usr/sbin/rpc.nisd_resolv 108765-01 (or newer) /usr/sbin/rpc.bootparamd 108552-03 (or newer) /usr/sbin/rpc.nispasswdd NOTE 9: To get the complete fix for bug 4302592 (TLI llibrary is not fork-safe), will require to install patch 106943-14 or newer. NOTE 10: To get the complete fix for bug 4253437 (Async I/O problem), will require to install patch 108245-02 or newer. NOTE 11: Due to a patchrm(1M) bug (4388023), patch 107172-07 or newer must be installed before patch 106542-14 or newer can be backed out. NOTE 12: The complete fix for bug 4366956 (NLSPATH gettext introduces problems when used printf format specifier) requires that you install patches: 106794-07 (or newer) usr/lib/fs/ufs/ufsrestore 107973-02 (or newer) usr/sbin/static/rcp 107476-02 (or newer) usr/sbin/in.telnetd NOTE 13: The complete fix for bug 4258764 (memory corruption in RPCSEC_GSS refresh entry point) requires that you install patches 107842-03 and 111196-01 or newer. NOTE 14: The fix for bug 4160727 will no longer allow syslogd to forward the mark message to other systems. The mark message is a system time stamp, and so is only defined for the system on which syslogd is running. It can not be forwarded to other systems. The fix for bug 4309712 can cause the sending of a mail message to the superuser. When syslogd receives a HUP signal, it attempts to close all log files to which it is currently logging messages. If, for some reason, one of these files does not close within a generous grace period, syslogd shuts down, logging an error message to the console. If the console is one of the files which did not successfully close, syslogd instead sends a mail message to the superuser on the current system stating that it shut down, and that the console was not responding. The fix for bug 4353901 fully allows forwarding of messages which contain characters defined in the system default locale. Care should be taken to ensure that each window displaying messages forwarded by syslogd (especially console windows) is run in the system default locale (which is syslogd's locale). If this advice is not followed, it may be possible for a syslog message to alter the terminal settings for that window, possibly even allowing remote execution of arbitrary commands from that window. NOTE 15: The fix for bug 4408508 fixes bugs that prevent some users of Pentium 4 and possibly certain Celeron machines from booting. On affected systems, Solaris 7 can only be installed using the workaround described below to permit installation of the system. Installation of this patch then makes it possible for the system to boot without the workaround. Procedure: When prompted for "select boot(b) or interpreter(i)", type "b kadb -d" The system will prompt with "kernel/unix", at which point you should press ENTER. A kadb prompt will then appear. At this prompt, type the command "setup_mca?v0xc3". Another kadb prompt will appear. At this prompt, type ":c". The system will then begin to come up normally. One of the questions asked during the installation is whether to reboot once the installation has completed. You must answer "no" to this question. Once the installation has completed, this patch is then to be installed using the "-R /a" option. It is only after this patch has been installed that you can then reboot the system. NOTE 16: The fix for bug id 4344513 "/dev/kmem gives too much rope." requires a change in the default behavior of the /dev/kmem device. This will generally not impact current users at all. The special file, /dev/kmem, gives access to an image of the kernel virtual memory of the machine. Previously this included I/O memory mapped into the kernel. With the advent of this fix, attempts to access I/O memory will, by default, result in failure with errno set to EIO. The legacy behavior of /dev/kmem can be achieved by opening the new, /dev/allkmem device instead or by adding the following property to the mm configuration file (/kernel/drv/mm.conf): kmem_io_access=1 e.g.: name="mm" parent="pseudo" instance=0 kmem_io_access=1; For more detail on bug 4344513, please see the bug report or contact your local support center. NOTE 17: To activate the fix for bug 4468181 (low priority TS threads on a sleep queue can be victimized), add the following line in /etc/system and reboot. set TS:ts_sleep_promote=1 NOTE 18: In order to obtain the complete fix for bugid 4492876, Patch 109745-02 or newer must also be installed on your system. README -- Last modified date: Tuesday, September 28, 2004