PQ88873: ABENDOC4 in GSKSSL gsk_secure_socket_write under heavy load

 A fix may be available

Obtain the fix for this APAR



APAR status
Closed as program error.

Error description
Application server under a heavy load receives ABEND0C4:
in module GSKSSL  /gsk_secure_socket_write

In the controller of the application server, the traceback for
the failing thread shows:

gsk_secure_socket_write
do_ssl_write_v1r2(_gsk_soc_data*,void*,int)
securitySessionSend(SessionHandle*,int,char*,int*,int,int*,int*)
ClientSSLSession::send_msg(char*,int*,unsigned long*,int*,int*)
ORB_Request::send_message(ORB_Request*,ORB_Request::ORBR_ReturnA
   rea&,SessionHandle*,char*,i...
ORB_Request::comm_cr_sclt_locate_request(ORB_Request::Outbound_L
   ocate_Status*)
ORB_Request::comm_outbound_locate()
ORB_Request::comm_inbound_response(GIOP_Message*,unsigned char)
ACR_ExecutionThread::ProcessInboundResponse(acrwObj*)

In addition, there is another thread with traceback:

BBOSSKRD
ssl_skread
io_read
gsk_read_v3_record
gsk_perform_v3_client_handshake
gsk_secure_socket_init
do_ssl_soc_init_v1r2(_gsk_soc_init_data*,char*)
secure_socket_init(SessionHandle*)
SessionManagerProtocolSSL::getSSLSessionHandle(BOSS_IOR*,Session
    Handle*,sessCallerType,unsi...
SecurityManager::initializeSessionSecurity(BOSS_IOR*,SessionHand
    le*,void*&,sessCallerType,u...
ORB_Request::comm_cr_sclt_locate_request(ORB_Request::Outbound_L
    ocate_Status*)
ORB_Request::comm_outbound_locate()
ORB_Request::comm_inbound_response(GIOP_Message*,unsigned char)
ACR_ExecutionThread::ProcessInboundResponse(acrwObj*)


The first thread is trying to use SSLSession that is not fully
initialized.  The second thread is in the process of
initializing the SSL Sssion.
Local fix Problem summary
****************************************************************
* USERS AFFECTED: All users of WebSphere Application Server    *
*                 version 4.0.1 for z/OS and OS/390            *
****************************************************************
* PROBLEM DESCRIPTION: An ABENDOC4 occurs in GSKSSL            *
*                      gsk_secure_socket_write under heavy     *
*                      load when running WebSphere             *
*                      Application Server V4.01 for z/OS.      *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
Customer is running WebSphere Application Server V4.01 for z/OS
and receiving the following abend:
IEA794I SVC DUMP HAS CAPTURED:  023
DUMPID=007 REQUESTED BY JOB (PPT5S1A )
DUMP TITLE=COMPON=WEBSPHERE Z/OS,
COMPID=5655I3500,ISSUER=BBORLEXT,
ABEND IN GSKSSL  /gsk_secure_socket_write

The dump shows the ABEND0C4 is in routine
gsk_secure_socket_write. The abend occurs when SSL tries to
check to see if the incoming session handle has the GSKSOC
eyecatcher.  The CLC to check this fails because the session
handle address is bad.  The problem is due to the fact that a
SSL session is made available before the SSL handshake is
completed; therefore passing "bad data" into GSKSSL.

This also explains why it's only seen during heavy load.  A
request comes in but there are no available SSLSessions, so
it's creating one. In the meantime, another request comes in
that also needs an SSLSession. There is a short time gap when
a SSLSession is made available before a successful SSL
handshake, and that's when the second request grabs it and
later fails with.
Problem conclusion
Added code to make sure that the SSL Session is made available
after it's completely initialized.

APAR PQ88873 is associated with SERVICE LEVEL W401613 of
WebSphere Application Server version 4.0.1 for z/OS and OS/390.
Temporary fix Comments
APAR information
APAR number PQ88873
Reported component name WASKBASE
Reported component ID 5655A9801
Reported release 401
Status CLOSED PER
PE NoPE
HIPER NoHIPER
Submitted date 2004-05-14
Closed date 2004-06-24
Last modified date 2004-07-02

APAR is sysrouted FROM one or more of the following:
PQ86340

APAR is sysrouted TO one or more of the following:
UQ89957

Modules/Macros
BBOCHSSS BBOCSMRS BBOCSSES BBOSCSTB BBOSSESS BBOSSIOR
BBOSSKRD BBOUBINF        

Fix information
Fixed component name WASKBASE
Fixed component ID 5655A9801

Applicable component levels
R401 PSY UQ89957    UP04/06/30 P F406

  Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server for z/OS
Operating system(s):
Software version: 401
Software edition:
Reference #: PQ88873
IBM Group: Software Group
Modified date: Jul 2, 2004