Fixes are available
DB2 Version 9.1 Fix Pack 7 for Linux, UNIX and Windows
DB2 Version 9.1 Fix Pack 6 for Linux, UNIX and Windows
DB2 Version 9.1 Fix Pack 6a for Linux, UNIX and Windows
DB2 Version 9.1 Fix Pack 7a for Linux, UNIX and Windows
DB2 Version 9.1 Fix Pack 8 for Linux, UNIX and Windows
DB2 Version 9.1 Fix Pack 9 for Linux, UNIX and Windows
DB2 Version 9.1 Fix Pack 10 for Linux, UNIX and Windows
DB2 Version 9.1 Fix Pack 11 for Linux, UNIX and Windows
DB2 Version 9.1 Fix Pack 12 for Linux, UNIX and Windows
APAR status
Closed as program error.
Error description
db2 "values('<' || ltrim(rtrim(char(nextval for w3v8menu.w3v8menu_v2.menu_id))) || '>' )" The above query crashes the instance as long as 1st part name ("w3v8menu" here) is of length 8 or longer. Stack Trace: ****************** 1 OSSTrapFile::dump 2 sqlo_trce 3 sqloEDUCodeTrapHandler 4 sqloCrashOnCriticalMemoryValidationFailure 5 SMemPool::diagnoseMemoryCorruptionAndCrash 6 SMemPool::MemTreePut 7 sqlofmblkEx 8 sqlnp_main 9 sqlnn_cmpl 10 sqlnn_cmpl 11 sqlra_compile_var 12 sqlra_find_var 13 sqlra_get_var 14 sqlrr_prepare 15 sqljs_ddm_prpsqlstt 16 sqljsParseRdbAccessed 17 sqljsParse 18 swapBytes 19 sqljsDrdaAsDriver 20 sqleRunAgent 21 sqloCreateEDU 22 sqloSpawnEDU 23 sqleCreateNewAgent pmem file output: ********************** BEGIN MEMORY CORRUPTION DIAGNOSIS HEADER DUMP ================================================================ ======== ===== DB2 Support and Development can format this file to replace all file hash values with names, using the following command from any uselvl'd build: perl -S db2memfmt p3045t0_diagnostics.mem ================================================================ ======== ===== Type of corruption detected: Corrupt pool free tree node. ================================================================ ======== ===== Pool dump time: 2008-06-23-14:47:41.33 Pool ID: 12 (Statement Heap - stmth) Address: 0x00000200054EF7B0 Set type: 9 (PRIVATE) Stack: _ZN8SMemPool32diagnoseMemoryCorruptionA Logical size: 182867 bytes Logical upper bound: 16908288 bytes Physical size: 327680 bytes Physical upper bound: 16908288 bytes Largest free block: 60744 bytes Allocated blocks: 26 Free tree root: 0x0000020007f1e288 First CSG: 0x0000020007f1d000 Corrupt node address: 0x0000020007b9ba08 -- UNKNOWN NODE TYPE -- 0000020007b9ba08 : 00 b0 00 00 20 00 7b 8c 00 00 00 00 00 00 00 00 .... .{......... 0000020007b9ba18 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05 e0 ................ ================================================================ ======== ===== END MEMORY CORRUPTION DIAGNOSIS HEADER DUMP The db2diag.log has the following error message: 2008-06-25-11.50.18.710269-240 I373746A800 LEVEL: Severe PID : 11407 TID : 2199112302288PROC : db2agent (PORTAL) 0 INSTANCE: db2inst1 NODE : 000 DB : PORTAL APPHDL : 0-27 APPID: *LOCAL.db2inst1.080625155012 AUTHID : DB2INST1 FUNCTION: DB2 UDB, trace services, sqlt_logerr_data, probe:0 DATA #1 : SQLCA, PD_DB2_TYPE_SQLCA, 136 bytes sqlcaid : SQLCA sqlcabc: 136 sqlcode: -204 sqlerrml: 28 sqlerrmc: W3V8MENU.W3V8MENU_V2.MENU_ID sqlerrp : SQLNQ67C sqlerrd : (1) 0x801A006D (2) 0x00000000 (3) 0x00000000 (4) 0x00000000 (5) 0xFFFFFED4 (6) 0x00000000 sqlwarn : (1) (2) (3) (4) (5) (6) (7) (8) (9) (10) (11) sqlstate: SQL0204N:name is an undefined name. The expected result for the customer's query is SQL204N because, for a local database, if the first part name ("w3v8menu") is specified for a 3-part name, it has to be the same as the database name ("portal" here).
Local fix
- replace the 1st part name with a string of length 7 or less - remove the 1st part name if not needed (as explained, for local database, the 1st part name, if specified, needs to match the database name).
Problem summary
Users Affected: ALL Problem Description: CORRUPTION IN STATEMENT HEAP LEADS TO A CRASH WHEN THE FIRST PART OF A 3 PART NAME IN A QUERY IS NOT THE DB NAME Problem Summary: db2 "values('<' || ltrim(rtrim(char(nextval for w3v8menu.w3v8menu_v2.menu_id))) || '>' )" The above query crashes the instance as long as 1st part name ("w3v8menu" here) is of length 8 or longer. Stack Trace: ****************** 1 OSSTrapFile::dump 2 sqlo_trce 3 sqloEDUCodeTrapHandler 4 sqloCrashOnCriticalMemoryValidationFailure 5 SMemPool::diagnoseMemoryCorruptionAndCrash 6 SMemPool::MemTreePut 7 sqlofmblkEx 8 sqlnp_main 9 sqlnn_cmpl 10 sqlnn_cmpl 11 sqlra_compile_var 12 sqlra_find_var 13 sqlra_get_var 14 sqlrr_prepare 15 sqljs_ddm_prpsqlstt 16 sqljsParseRdbAccessed 17 sqljsParse 18 swapBytes 19 sqljsDrdaAsDriver 20 sqleRunAgent 21 sqloCreateEDU 22 sqloSpawnEDU 23 sqleCreateNewAgent pmem file output: ********************** BEGIN MEMORY CORRUPTION DIAGNOSIS HEADER DUMP ================================================================ ======== ===== DB2 Support and Development can format this file to replace all file hash values with names, using the following command from any uselvl'd build: perl -S db2memfmt p3045t0_diagnostics.mem ================================================================ ======== ===== Type of corruption detected: Corrupt pool free tree node. ================================================================ ======== ===== Pool dump time: 2008-06-23-14:47:41.33 Pool ID: 12 (Statement Heap - stmth) Address: 0x00000200054EF7B0 Set type: 9 (PRIVATE) Stack: _ZN8SMemPool32diagnoseMemoryCorruptionA Logical size: 182867 bytes Logical upper bound: 16908288 bytes Physical size: 327680 bytes Physical upper bound: 16908288 bytes Largest free block: 60744 bytes Allocated blocks: 26 Free tree root: 0x0000020007f1e288 First CSG: 0x0000020007f1d000 Corrupt node address: 0x0000020007b9ba08 -- UNKNOWN NODE TYPE -- 0000020007b9ba08 : 00 b0 00 00 20 00 7b 8c 00 00 00 00 00 00 00 00 .... .{......... 0000020007b9ba18 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05 e0 ................ ================================================================ ======== ===== END MEMORY CORRUPTION DIAGNOSIS HEADER DUMP The db2diag.log has the following error message: 2008-06-25-11.50.18.710269-240 I373746A800 LEVEL: Severe PID : 11407 TID : 2199112302288PROC : db2agent (PORTAL) 0 INSTANCE: db2inst1 NODE : 000 DB : PORTAL APPHDL : 0-27 APPID: *LOCAL.db2inst1.080625155012 AUTHID : DB2INST1 FUNCTION: DB2 UDB, trace services, sqlt_logerr_data, probe:0 DATA #1 : SQLCA, PD_DB2_TYPE_SQLCA, 136 bytes sqlcaid : SQLCA sqlcabc: 136 sqlcode: -204 sqlerrml: 28 sqlerrmc: W3V8MENU.W3V8MENU_V2.MENU_ID sqlerrp : SQLNQ67C sqlerrd : (1) 0x801A006D (2) 0x00000000 (3) 0x00000000 (4) 0x00000000 (5) 0xFFFFFED4 (6) 0x00000000 sqlwarn : (1) (2) (3) (4) (5) (6) (7) (8) (9) (10) (11) sqlstate: SQL0204N:name is an undefined name. The expected result for the customer's query is SQL204N because, for a local database, if the first part name ("w3v8menu") is specified for a 3-part name, it has to be the same as the database name ("portal" here). LOCAL FIX: - replace the 1st part name with a string of length 7 or less - remove the 1st part name if not needed (as explained, for local database, the 1st part name, if specified, needs to match the database name).
Problem conclusion
First fixed in DB2 UDB Version 9.1, Fixpack 6
Temporary fix
Comments
APAR Information
APAR number
LI73591
Reported component name
DB2 UDE ESE LIN
Reported component ID
5765F4104
Reported release
910
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2008-07-17
Closed date
2008-11-10
Last modified date
2008-11-10
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
DB2 UDE ESE LIN
Fixed component ID
5765F4104
Applicable component levels
R910 PSY
UP
[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSEPGG","label":"DB2 for Linux- UNIX and Windows"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"910","Line of Business":{"code":"LOB10","label":"Data and AI"}}]
Document Information
Modified date:
15 October 2021