Bug Fix Id: unix/4.0.3/nfs_jumbo_patch Problem: This patch is a MAJOR re-release of 4.0.3 NFS code. It contains many important data corruption and nfs hang bug fixes. It should be installed on all systems running 4.0.3. Release: 4.0.3 Bug Report Id: ---------------------------------------------------------------------------- BUGID: 1026933 DESCRIPTION OF BUG: Pages (not just bytes) of one file appear in another. Only happens on client; file on server OK. Goes away when you reboot. ----------------------------------------------------------------------------- BUGID: 1018950 DESCRIPTION OF BUG: NULL bytes show up mysteriously in object files. If you recompile the file again, it compiles just fine. ----------------------------------------------------------------------------- BUGID: 1014464 DESCRIPTION OF BUG: NFS sometimes fails under heavy load. This was observed when a parallel make was going on and the servers were subjected to a heavy load. For example, the C compiler gives the error message "Internal error: errno= 70 Stale NFS file handle: Could not fclose". ----------------------------------------------------------------------------- BUGID: 1023025 DESCRIPTION OF BUG: File contents are temporarily read as NULL bytes on a client in some cases. ----------------------------------------------------------------------------- BUGID: 1029163 DESCRIPTION OF BUG: The noac mount option causes corruption and other side effects ----------------------------------------------------------------------------- BUGID: 1019132 DESCRIPTION OF BUG Improperly exported filesystems may cause server to panic. ----------------------------------------------------------------------------- BUGID: 1030417 DESCRIPTION OF BUG exportfs -a crashes the system. ----------------------------------------------------------------------------- BUGID: 1029156 DESCRIPTION OF BUG The rfs_rddirfree function tries to free the result of an earlier rfs_readdir. However, if the directory read failed, rfs_rddirfree may pass a null pointer and a zero byte count to kmem_free. ----------------------------------------------------------------------------- BUGID: 1020065 DESCRIPTION OF BUG NFS gets unregistered if an nfsd dies regardless if any more are still running. ----------------------------------------------------------------------------- BUGID: 1017303 DESCRIPTION OF BUG A mal-formednfscreate packet causes 'panic: rwip type' Apparently, NFS assumes that the mode bits in a nfscreat packet are ok. If the FIFO bit was set at creation time then a subsequent write packet will cause: ----------------------------------------------------------------------------- BUGID: 1026717 DESCRIPTION OF BUG Deadlock when proc 0 sleeps on an rnode owned by a proc sleeping on freemem. ----------------------------------------------------------------------------- BUGID: 1012926 DESCRIPTION OF BUG 4.0 crash in do_bio because of bad bp->b_resid. ----------------------------------------------------------------------------- BUGID: 1012533 DESCRIPTION OF BUG NFS server will hang NFS client if the former goes down. ----------------------------------------------------------------------------- BUGID: 1030723 DESCRIPTION OF BUG Race condition for creating rnodes in makenfsnode. Makenfsnode can sleep when allocating a new rnode, which may allow another process to create another new rnode for the same file. ----------------------------------------------------------------------------- BUGID: 1018301 DESCRIPTION OF BUG 'id' in filehandle is not being randomized. There is a minor bug in the routine, newname(), in sys/nfs/nfs_subr.c. ----------------------------------------------------------------------------- BUGID: 1017983 DESCRIPTION OF BUG Integer overflow in newname() causes panic. The newname() function generates filenames of the form form ".nfs" followed by a string of hexadecimal digits that is incremented each time the function is called. The count is saved in a static variable, newnum. Since newnum is signed, it will eventually overflow and become negative. This causes newname() to go into an infinite loop and scribble all over memory until eventually the system panics. ----------------------------------------------------------------------------- BUGID: 1018791 DESCRIPTION OF BUG Diskless client boot fails on unsuccessful bootparams reply. A single incorrectly implemented portmapper on the network can prohibit all diskless clients from booting since SunOS takes the first and only the first valid reply to its broadcast pmap rpc request. The kernel should ignore any RPC replies with remote errors when it broadcasts an RPC request to the portmapper for bootparams. ----------------------------------------------------------------------------- BUGID: 1017919 DESCRIPTION OF BUG NFS mount may fail when servers support only AUTH_DES Nfsrootvp does not set mi_authflavor. This information is necessary if talking to a server that has been configured to export file systems with anon=-1 (i.e. use AUTH_DES only). ----------------------------------------------------------------------------- BUGID: 1032591 DESCRIPTION OF BUG 4.1 has problems with getdents. 4.1 seems to have a problem with getdents() across NFS; this code works on 4.0.3 and 4.0.3c. The problem showed up on both a 4/330 and a 4/60, so it does not seem to be hardware related. ----------------------------------------------------------------------------- BUGID: 1032045, 1031932 & 1032185 DESCRIPTION OF BUG System panic while config custom kernels on 4/110 diskless. Running NFSTS and NSTS on sun3/3x will cause file system panic. Failed to boot sun3/50 diskless on 4.1prefcs. ----------------------------------------------------------------------------- BUGID: 1030785 DESCRIPTION OF BUG ld core dumps over nfs. ld sometimes produces a segmentation fault over nfs. This situation does not occur over local disks; only nfs mounted directories. ----------------------------------------------------------------------------- BUGID: 1012593 & 1012596. DESCRIPTION OF BUG NFS write to stale fhandle can cause kernel deadlock Writing to an NFS file after the file has been removed on the server can cause a kernel deadlock. The nfswrite routine in the kernel detects a bad fhandle (ESTALE error) and tries to flush the cached pages, but the page currently being written is held by the nfs_putpage routine so the flush never completes. Unlinked-open files (.nfsxxx) not always removed. In some very rare cases .nfs files that are created when an open file is unlinked on an NFS filesystem are not removed. For this to happen the nfs_inactive routine must sleep while pushing out dirty pages and another process must open the file, and remove it. ----------------------------------------------------------------------------- BUGID: 10011560 DESCRIPTION OF BUG system call doesn't return error code ----------------------------------------------------------------------------- BUGID: 1026732 DESCRIPTION OF BUG Bad vfs pointer in rnode causes panic ----------------------------------------------------------------------------- BUGID: 1028176 DESCRIPTION OF BUG Shared locks does not seem to turn off NFS caching. ----------------------------------------------------------------------------- BUGID: 1015543 DESCRIPTION OF BUG Ftruncate/fstat gives wrong results with read-only files. If you create a file read-only, use "ftruncate" to make the file larger, and then "fstat" the file, the size part of the stat structure is incorrect. If, however, there is enough time between when the ftruncate returns and when you do the fstat, then the correct information will be returned. FILES MODIFIED: SID nfs/nfs_vnodeops.c 2.164 FILES AFFECTED: ----------------------------------------------------------------------------- BUGID: 1012649 DESCRIPTION OF BUG mv'ing directories into loopback mounted file systems can panic the system. ----------------------------------------------------------------------------- BUGID: 1018451 DESCRIPTION OF BUG Caching of data for record-locked vnode causes corruption. Read-ahead is done even if a vnode is marked as non-cacheable. This causes corrupted data. ----------------------------------------------------------------------------- BUGID: 1032508 DESCRIPTION OF BUG User interrupt causes unnecessary nfs write error message. ----------------------------------------------------------------------------- BUGID: 1020062 DESCRIPTION OF BUG Kernel RPC (server) does not free arguments after a program/vers mismatch. NFS servers can panic "out of mbufs" if requests for non-existent programs/versions come in to a port in use by kernel rpc. ----------------------------------------------------------------------------- BUGID: 1029398 DESCRIPTION OF BUG earlier fix accidentally deleted. the last delta to clnt_kudp.c done by cpj to fix cstyle problems accidentally deleted a line that was added by sarito to fix 4.1 bug 3.23.6. ----------------------------------------------------------------------------- BUGID: 1032864 DESCRIPTION OF BUG svckudp_dupdone warning on SunOS 4.1preFCS. Sun 4/280 (system name: sapho) running SunOS 4.1 preFCS cut 02 is creating the following message: svckudp_dupdone: warning: increase dup request cache space! ----------------------------------------------------------------------------- BUGID: 1026656 DESCRIPTION OF BUG Panic in nfsd's due to data fault traps when nfsd's are killed ----------------------------------------------------------------------------- Installation Instructions: This tar tape should contain the following files: README jumbopatch.uuen Install instructions: After extracting fix tape contents into /tmp type : uudecode jumbopatch.uuen uncompress jumbopatch.tar.Z tar xvf jumbopatch.tar Make sure you are root when doing the following: mv /usr/sys/nfs /usr/sys/nfs.old mv /usr/sys/rpc /usr/sys/rpc.old If using a sun3: cp -r /tmp/jumbopatch/nfs /usr/sys/nfs cp -r /tmp/jumbopatch/rpc /usr/sys/rpc cd obj.sun3 Make sure to rename the following files under /usr/sys/sunX/OBJ with .old extension: clnt_kudp.o nfs_dump.o nfs_subr.o nfs_xdr.o nfs_client.o nfs_export.o nfs_vfsops.o svc.o nfs_common.o nfs_server.o nfs_vnodeops.o svc_kudp.o cp * /usr/sys/sun3/OBJ/. Then, rebuild the kernel and reboot the system. \enddata{text822, 0}