IBM Support

PI39033: DUMP TITLE=CSQ2,ABN=0C4-00000011,C=R3600.710.CHIN,M=CSQXDISP, LOC=CSQXRCTL.CMQXREVN+01B66

A fix is available

Obtain the fix for this APAR.

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as unreproducible in next release.

Error description

  • The customer is running WebSphere MQ on z/OS V710 when running
along, they received:
DUMP TITLE=CSQ2,ABN=0C4-00000011,C=R3600.710.CHIN,M=CSQXDISP,
        LOC=CSQXRCTL.CMQXREVN+01B66
.
Event functions module CMQXREVN (v710 base) failing at offset
x'01B66'
.
MSTR Log shows:
.
18.46.44 IEA794I SVC DUMP HAS CAPTURED:
         DUMPID=001 REQUESTED BY JOB (CSQ2CHIN)
         DUMP TITLE=CSQ2,ABN=
         0C4-00000011,C=R3600.710.CHIN,M=CSQXDISP,
         LOC=CSQXRCTL.CMQXREVN+01B66
.
CHIN log shows:
.
18.46.44 +CSQX112E +CSQ2 CSQXDISP Dispatcher process error,
       TCB=009BC6D8 reason=0C4000-00000011
.
Looking through the Savearea chain, it appears that an event was
trying to be written to the SYSTEM.ADMIN.CHANNEL.EVENT queue for
a CLUSRCVR channel.
.
The change team reviewed the dump and found that the abend
occurs when CHLAUTH processing attempts to put a warning
event message to SYSTEM.ADMIN.CHANNEL.EVENT due to a channel
using SSL matching a CHLAUTH rule that would block it with the
WARN(YES) option.
.
Looking at the configured CHLAUTH rules I can see that the
CLUSRCVR channel has a rule to warn on any unexpected
connections from queue managers for which no other rule matches.
In this case the remote queue manager, there is no rule to allow
connections from this queue manager.
.
While putting the warning event message to the event queue,
rsiEvent is called and is passed various attributes of the
channel. In the failing case, it has been passed a pointer to
the SSLPeerName, and is attempting to determine the length of
this distinguished name. However, rsiEvent incorrectly assumes
the storage containing this value is 1024 bytes long, however in
this case it is just long enough to contain the actual value.
While attempting to determine the correct length, GetLen
attempts to access inaccessible storage beyond the end of the
storage allocated for the SSLPeerName value and abends 0C4.

Local fix

  • This abend can be avoided by adding an appropriate CHLAUTH rule
to allow connections from queue manager on these channels
(assuming that this queue manager is expected to be connecting
using these channels).

Problem summary

  • ****************************************************************
* USERS AFFECTED: All users of WebSphere MQ for z/OS Version 7 *
*                 Release 1 Modification 0.                    *
****************************************************************
* PROBLEM DESCRIPTION: MQRC_CHANNEL_BLOCKED_WARNING event      *
*                      messages contain invalid data in the    *
*                      MQCACH_SSL_PEER_NAME parameter.         *
*                      In some cases abend 0C4 in              *
*                      CSQXRCTL.CMQXREVN occurs during         *
*                      generation of the message.              *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
During start up of a channel using SSL/TLS, rriCheckChlAuth is
called to evaluate any matching CHLAUTH rules for the channel.
If a rule with WARN(YES) is matched, rsiEvent is called to
generate an event message with reason
MQRC_CHANNEL_BLOCKED_WARNING, and reason qualifier
(MQIACF_REASON_QUALIFIER) MQRQ_CHANNEL_BLOCKED_NOACCESS.
During generation of the event message, for SSL/TLS channels
the MQCACH_SSL_PEER_NAME parameter is added to the event
message, however an error in calculating the length of the SSL
Peer Name can result in either:
 - additional unexpected data being added to the SSL peer name
 in the event message
or
 - abend 0C4 being issued

Problem conclusion

  • 



Temporary fix


    

  • 



Comments


    

  • The correct SSLPeerName length is passed to rsiEvent, preventing
rsiEvent from calculating the length incorrectly.

    



APAR Information




    

  • APAR number
    PI39033
    • 

  • Reported component name
    WMQ Z/OS V7
    • 

  • Reported component ID
    5655R3600
    • 

  • Reported release
    100
    • 

  • Status
    CLOSED  UR1
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2015-04-14
    • 

  • Closed date
    2015-04-27
    • 

  • Last modified date
    2015-07-01
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    
UI27092
    

    • 



Modules/Macros


    

  • CMQXREVN CMQXRMSA CSQXCCCX CSQXRMRS

    



Fix information


    

  • Fixed component name
    WMQ Z/OS V7
    • 

  • Fixed component ID
    5655R3600
    • 



Applicable component levels


    

  • R100  PSY  UI27092
       UP15/06/03  P  F506
    • 



Fix is available


    

  • Select the PTF appropriate for your component level.
You will be required to sign in. Distribution on physical
media is not available in all countries.
    








      
              
                            

              

              [{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG19M","label":"APARs - z\/OS environment"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"7.1","Edition":"","Line of Business":{"code":"","label":""}}]
              

                          

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            01 July 2015
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback