ALERT: Solaris 2.5.1 locks up on TCP connections in Pine 3.9x

[tv () iag net (Todd Vierling)]

This is being sent to a couple newsgroups and mailing lists; if these
mailing lists don't show the proper Reply-To: header, please direct replies
to <tv () iag net> and avoid posting to all lists.

To the persons at Sun Microsystems who will be receiving this via blind
carbon copy:  TAKE NOTE.  This is going directly to CERT and CIAC if I can't
get a resolution.  I've worked with UNIX-based systems including SunOS and
Solaris long enough to know what's a problem with the kernel.

I have stumbled upon a problem that I can reproduce on all our systems every
time, and apparently can be reproduced by other readers of USENET as will be
documented below.  Simply put, if configured properly, the Pine mail reader,
versions 3.94 and 3.95, can *freeze* the Solaris 2.5 and 2.5.1 kernel
completely.  No core dump or the like--an outright freeze.  No TCP/IP pings
work--network is frozen.  Even the keyboard sometimes freezes and pressing
the xxx-Lock keys doesn't light the respective indicator light.

This may at first sound like a problem Sun can shun because they "do not
support Pine," but think about this:  In a protected-memory environment such
as Solaris, NO USER PROGRAM SHOULD EVER FREEZE THE COMPUTER.  That's what
protected memory is for.  Pine is not run with any special privileges, only
as a regular user--and a regular user does not have the ability to cause the
computer to halt.

Hence, Pine has triggered a bug in the Solaris kernel--a product of Sun's.
I daresay this could exist in releases of Solaris/x86 as early as 2.3, and
nothing has been done about it.  And if Pine can do it, that means other
programs have the same potential.  More than anything else right now, I'm
looking to see that this problem can be reproduced on other systems.

You can most certainly try to reproduce this yourself!  You'll need the
following to do the experiment:

- the binary of Pine 3.95 and the respective .pinerc file from my FTP site
  at ftp://ftp.iag.net/pub/tv/ -- files "pine.Z" (decompress this) and
  "pinerc" (name this .pinerc in your home directory).  Uh, you can trust
  the binary--up to the point of system freeze, that is.  :/

OR:

- GCC version 2.7.2 or 2.7.2.1, NOT the ProCompiler (as I do not know if
  a ProCompiler compiled version will recreate this).

- Pine 3.95 sources from ftp://ftp.cac.washington.edu/pine/pine3.95.tar.gz.

  You'll need to twiddle some things for "./build sol" to work:  make sure
  that /usr/ccs/bin/ucbcc AND /usr/ccs/bin/cc point to gcc; /usr/ccs/bin
  is in your path; /usr/ucb is not before /usr/bin or /usr/ccs/bin in your
  path; and "." is the last entry in your path.

- A .pinerc with inbox-path= set to an IMAP server.  You can do this by
  running Pine, going to (S)etup (C)onfig, and setting the value to a
  server with IMAP (I use {imap.afn.org}INBOX where I have one of my e-mail
  accounts).  Or use the one from my FTP site above.

All you should need to do now is run Pine.  If you get a login prompt, ^C,
(Q)uit, and run it again a few times.  Betcha it'll lock the system.  It
does for us, consistently.

I'd love to hear of other reports of this happening.  It's quite frustrating
to find that a product that has such intense corporate backing has none at
all when any outside product is in use (even when the outside product is
only triggering a bug in the supported product).  My report of this problem
was sent in as an "enhancement request," because an outside program was what
triggered the error and there was not 100% Sun Supported(tm) software in
the setup.

Sun Microsystems, you can do better than this.  I hope your kernel group
finally breaks down to find out what's going on.

=====
== Todd Vierling (Personal tv () pobox com; Business tv () iag net) Cast a vote! ==
== System administrator/technician, Internet Access Group, Orlando Florida ==
== Dialups in Orange, Volusia, Lake, Osceola counties - http://www.iag.net ==