HP releases critical patches to prevent corruption
October 31, 2007
HP released critical patches today which repair problems in the HP 3000 file system, a fix for any Large Files — which in rare circumstances, can corrupt data on a 3000. While the odds of the bug corrupting data in one case are technically 800 million to 1, HP is recommending that all customers who use MPE/iX 6.5, 7.0 and 7.5 install one or both of the patches at the earliest opportunity. The patches can be staged, but they will require a reboot of the 3000, an event that is rare at many sites.
The HP repairs, announced today just after 10 AM Pacific time through the HP 3000 newsgroup, the OpenMPE mailing list and HP Web pages, include the first fix for the 3000's millicode in 16 years, according to Bill Cadier of HP's MPE/iX labs. The millicode patch, which replaces the MILL.LIB.SYS file, is only needed if a customer's applications access mapped files and utilize Large Files.
Large Files are any which are 4GB or greater in size. HP introduced the feature in March, 2000. Applications which have not been modified since March 29, 2000 should be safe from the potential corruption. The possible corruption can occur if any one of five of the last six bytes of a Large File fail to transfer correctly.
Customers who sort these types of files, using calls to HSORTOUTPUT or SORT.PUB.SYS, are at risk according to the HP notice for the patches. The potential risk and the repair surfaced when an HP 3000 customer notified HP of a data corruption issue.
Some customers will have applications which must be recompiled and re-linked to eliminate the problem. An application that uses the HPFOPEN intrinsic, and creates or uses Large Files, is a candidate for this kind of repair. In some instances a customer must locate and use the application's source code for this kind of re-compile. HP defined the procedure as an install of the millicode patch, then a recompile of the application in some cases.
The majority of the 3000 community will be installing patch MPENX11, which is available to all 3000 sites at HP's IT Response Center Web site and also through telephone support. Customers with applications using Large Files will install patch MILNX10. But the millicode patch is important, too, because a sort of a Large File of 2-3 GB will create a temporary Large File of more than 4GB, where the risk of corruption is at hand.
HP's strong advice is for customers to install both patches. [There is] a high priority for MPENX11, since it is the patch that addresses the issues with SORT and the MPE/iX OS. However, MILNX10 is also important to address the possibility of continuing to use the millicode in question. Even if a customer is not using Large Files today, there is no guarantee that they won't experience growth that will cause their files to cross into the large range at some later time.
The primary link to details of the critical process has been posted at HP's e3000 Web site, www.hp.com/go/e3000. At that page, a customer letter link as well as a link to the HP Jazz Web server provides a detailed page with explicit instructions — as well as a new HP-built utility to detect Large Files on an HP 3000.
HP's announcement takes place four years to the day that the company ended sales of the HP 3000. The development of this type of patch, a binary-level repair, will continue throughout 2009 and 2010, according to HP's 3000 community liaison Craig Fairchild.
While it might be easy to overstate the crucial directives for the patches — HP has rarely announced this kind of bug with repairs and white papers already available — the data corruption is very rare, Fairchild said.
In our evaluation, we've been looking at this problem and analyzing HP's [own] code to try to determine what's at risk," he said. "It's very uncommon to be working with Large Files. It's even more uncommon to be working with Large Files using user-mapped access to those files. It's even more rare yet again to be doing these very small data movements that happen to be at the very end of a space."
Fairchild explained that what an application is doing IO to a large file, "you're not doing it in six-byte chunks, or five bytes or four bytes, three or two." Most common is IO one page at a time, which presents no risk for corruption at a minimum of 4,000 bytes.
HP has a FILECHEK utility, just developed, to scan for the Large Files on a system. But the LINKEDIT tool, already on every 3000, can help assess the risk to customers with home-grown or in-house applications.
"LINKEDIT can provide a list of all the external procedures, calls by a program, or an XL or RL library," Fairchild said. "If when looking through the procedures, HPFOPEN is not called by a program, then you know that application is not at risk."