A fix is available
APAR status
Closed as program error.
Error description
Starting in RSCT 3.2.3.0, incorrect handling of a global variable can lead to a free() call against already-freed memory, causing a core dump. The problem is infrequent but not predictable, and only affects customers running CAA clusters (PowerHA 7) Sample core stack: (dbx) where free_y(??, ??) at 0xd0128dec free_common(??) at 0xd01121f0 ct_caa_free_net_intf_info_r2_1(p_net_intf_info = 0x30320de8), line 1979 in "caa_configuration.c" ct_caa_free_net_intf_info_1(p_net_intf_info = 0x30320de8), line 839 in "branch.c" hb_get_new_net_intf_info(p_p_net_intf_info = 0x2fec1154), line 1935 in "hb_global_data.C" unnamed block in AHAFSIPChangeEventHandler::handler(int*,char*,Hb_Group*,u nsigned int*)(this = 0x300cde50, events = 0x2fec12c0, name = "Hb_Config_Group", group = 0x2fec1a00, seqnum_p = 0x2fec12ec), line 130 in "CAA_AHAFSIPChangeEventHandler.C" AHAFSIPChangeEventHandler::handler(int*,char*,Hb_Group*,u nsigned int*)(this = 0x300cde50, events = 0x2fec12c0, name = "Hb_Config_Group", group = 0x2fec1a00, seqnum_p = 0x2fec12ec), line 130 in "CAA_AHAFSIPChangeEventHandler.C" unnamed block in AHAFSHandler::dispatch(int*,int*,char*,Hb_Group*,unsigned int*,Hb_Rc*)(descriptor_list = 0x2fec12f0, events = 0x2fec12c0, name = "Hb_Config_Group", group = 0x2fec1a00, seqnum_p = 0x2fec12ec, rc = 0x2fec1218), line 189 in "CAA_AHAFSHandler.C" unnamed block in AHAFSHandler::dispatch(int*,int*,char*,Hb_Group*,unsigned int*,Hb_Rc*)(descriptor_list = 0x2fec12f0, events = 0x2fec12c0, name = "Hb_Config_Group", group = 0x2fec1a00, seqnum_p = 0x2fec12ec, rc = 0x2fec1218), line 189 in "CAA_AHAFSHandler.C" AHAFSHandler::dispatch(int*,int*,char*,Hb_Group*,unsigned int*,Hb_Rc*)(descriptor_list = 0x2fec12f0, events = 0x2fec12c0, name = "Hb_Config_Group", group = 0x2fec1a00, seqnum_p = 0x2fec12ec, rc = 0x2fec1218), line 189 in "CAA_AHAFSHandler.C" hb_get_event_message(descriptors = 0x2fec12f0, timeout = (nil), events = 0x2fec12c0, name = "Hb_Config_Group", group = 0x2fec1a00, seqnum_p = 0x2fec12ec), line 1078 in "hb_communication.C" PMRun(int)(fd = 14), line 1436 in "PMClient.C" PMSocket::HandleInput()(this = 0x300daef0), line 68 in "PMSocket.C" DispatchControl::HandleInput(int)(this = 0x300baf20, select_hits = 1), line 1211 in "DispatchControl.C" DispatchControl::Dispatcher()(this = 0x300baf20), line 976 in "DispatchControl.C" main(argc = 2, argv = 0x2ff227b0), line 875 in "pgsd.C"
Local fix
Problem summary
An infrequently seen risk of a double-free exists in the cthags subsystem in RSCT 3.2.3.0.
Problem conclusion
The variable handling has been corrected.
Temporary fix
Comments
APAR Information
APAR number
IJ05079
Reported component name
RSCT FOR AIX
Reported component ID
5765F07AP
Reported release
323
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Submitted date
2018-03-20
Closed date
2018-06-26
Last modified date
2021-09-02
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
RSCT FOR AIX
Fixed component ID
5765F07AP
Applicable component levels
R323 PSY U889770
UP21/09/02 I 1000
PTF to Fileset Mapping
U881668 rsct.basic.rte 3.2.3.2
U883597 rsct.basic.rte 3.2.3.3
U887098 rsct.basic.rte 3.2.3.5
U885259 rsct.basic.rte 3.2.3.4
U883597 rsct.basic.rte 3.2.3.3
U881668 rsct.basic.rte 3.2.3.2
U881668 rsct.basic.rte 3.2.3.2
U883597 rsct.basic.rte 3.2.3.3
U885259 rsct.basic.rte 3.2.3.4
U885259 rsct.basic.rte 3.2.3.4
U887098 rsct.basic.rte 3.2.3.5
U887098 rsct.basic.rte 3.2.3.5
U889770 rsct.basic.rte 3.2.3.6
U889770 rsct.basic.rte 3.2.3.6
U889770 rsct.basic.rte 3.2.3.6
[{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG11O"},"Platform":[{"code":"PF053","label":"Power Systems"}],"Version":"323"}]
Document Information
Modified date:
03 September 2021