PQ86340: ABENDOC4 in GSKSSL gsk_secure_socket_write under heavy load | |||||||||||||||||||||||||||||||||||||||||||
![]() |
|||||||||||||||||||||||||||||||||||||||||||
![]() APAR status Closed as program error. Error description Application server under a heavy load receives ABEND0C4: in module GSKSSL /gsk_secure_socket_write In the controller of the application server, the traceback for the failing thread shows: gsk_secure_socket_write do_ssl_write_v1r2(_gsk_soc_data*,void*,int) securitySessionSend(SessionHandle*,int,char*,int*,int,int*,int*) ClientSSLSession::send_msg(char*,int*,unsigned long*,int*,int*) ORB_Request::send_message(ORB_Request*,ORB_Request::ORBR_ReturnA rea&,SessionHandle*,char*,i... ORB_Request::comm_cr_sclt_locate_request(ORB_Request::Outbound_L ocate_Status*) ORB_Request::comm_outbound_locate() ORB_Request::comm_inbound_response(GIOP_Message*,unsigned char) ACR_ExecutionThread::ProcessInboundResponse(acrwObj*) In addition, there is another thread with traceback: BBOSSKRD ssl_skread io_read gsk_read_v3_record gsk_perform_v3_client_handshake gsk_secure_socket_init do_ssl_soc_init_v1r2(_gsk_soc_init_data*,char*) secure_socket_init(SessionHandle*) SessionManagerProtocolSSL::getSSLSessionHandle(BOSS_IOR*,Session Handle*,sessCallerType,unsi... SecurityManager::initializeSessionSecurity(BOSS_IOR*,SessionHand le*,void*&,sessCallerType,u... ORB_Request::comm_cr_sclt_locate_request(ORB_Request::Outbound_L ocate_Status*) ORB_Request::comm_outbound_locate() ORB_Request::comm_inbound_response(GIOP_Message*,unsigned char) ACR_ExecutionThread::ProcessInboundResponse(acrwObj*) The first thread is trying to use SSLSession that is not fully initialized. The second thread is in the process of initializing the SSL Sssion.Local fix Problem summary **************************************************************** * USERS AFFECTED: All users of WebSphere Application Server * * V5.0 for z/OS * **************************************************************** * PROBLEM DESCRIPTION: Customer reports an ABENDOC4 in GSKSSL * * gsk_secure_socket_write under heavy * * load when running WebSphere * * Application Server V5.0 for z/OS. * **************************************************************** * RECOMMENDATION: * **************************************************************** Customer is running WebSphere Application Server V5.0 for z/OS and receiving the following abend: IEA794I SVC DUMP HAS CAPTURED: 023 DUMPID=007 REQUESTED BY JOB (PPT5S1A ) DUMP TITLE=COMPON=WEBSPHERE Z/OS, COMPID=5655I3500,ISSUER=BBORLEXT, ABEND IN GSKSSL /gsk_secure_socket_write The dump shows the ABEND0C4 is in routine gsk_secure_socket_write. The abend occurs when SSL tries to check to see if the incoming session handle has the GSKSOC eyecatcher. The CLC to check this fails because the session handle address is bad. The problem is due to the fact that a SSL session is made available before the SSL handshake is completed; therefore passing "bad data" into GSKSSL. This also explains why it's only seen during heavy load. A request comes in but there are no available SSLSessions, so it's creating one. In the meantime, another request comes in that also needs an SSLSession. There is a short time gap when a SSLSession is made available before a successful SSL handshake, and that's when the second request grabs it and later fails with.Problem conclusion Added code to make sure that the SSL Session is made available after it's completely initialized. APAR PQ86340 is associated with SERVICE LEVEL W502006 of WebSphere Application Server V5.0 for z/OS.Temporary fix Comments
APAR is sysrouted FROM one or more of the following: APAR is sysrouted TO one or more of the following: PQ88873 Modules/Macros
Publications Referenced
|
Document Information |
Current web document: swg1PQ86340.html
Product categories: Software > Application Servers >
Distributed Application & Web Servers > WebSphere Application
Server for z/OS
Operating system(s):
Software version: 500
Software edition:
Reference #: PQ86340
IBM Group: Software Group
Modified date: May 14, 2004
(C) Copyright IBM Corporation 2000, 2009. All Rights Reserved.