A fix is available
APAR status
Closed as unreproducible.
Error description
This is an intermittent problem seen at shutdown. The problem appears to be a timing issue. During shutdown, the CSOL transaction, running on the SL TCB, calls DFHISRR for function NOTIFY_SERVICE and action of SERVICE_IMMCLOSING. This is to clean up a TCPIPSERVICE associated with an IPIC connection (IPCONN). This causes an attach for transaction CIST. A change mode is issued to switch to the QR TCB where CIST needs to be attached. However, Transaction Manager (XM) is not able to immediately run on the QR TCB to perform the attach. Domain Manager is currently running on the QR TCB, quiescing domains. While doing so, DFHDMDS calls DFHXSSI for function DEACTIVATE_SECURITY, which needs to run on the RO TCB. A change mode is made to the RO TCB to begin the request and another change mode is made back to the QR TCB. Domain Manager eventually give up control and XM gets his turn on the QR TCB. CIST now gets attached as a new task. During initialization of CIST, DFHXSRC issue a security check for transattach checking. DFHXSRC appears to know security is inactive as he writes an EVENT entry showing ESM codes of 0,4,0,4 (security inactive). He still does a change mode to the RO TCB and wait his turn as the DEACTIVATE_SECURITY from DFHXSSI is still running on the RO TCB. DEACTIVATE_SECURITY completes on the RO TCB which allows the CIST task to get the RO TCB and call the security manager for the transattach check. This returns with SECURITY_INACTIVE (0,4,0,4) and message DFHXS1111 is issued to report a security violation followed by a DFHXS1113. It appears the delay in allowing XM to attach transaction CIST gives rise to this issue. . ADDITIONAL KEYWORDS: KIXREVxxx DFHSO0001 An abend (code ---/ASOB) has occurred at offset X'156E' in module DFHSOS06 DFHSO0002 A severe error (code X'029F') has occurred in module DFHSOCK. These errors occurred when CICS was shutting down - quiescing. The ASOB abend occurred on transaction CIST who was attempting to obtain a socksend lock that was already freed. DFHSOCK was manipulating a socket object that was already freed by the CSOL task. ASOD ABENDASOD SSL tcpipservice
Local fix
Problem summary
**************************************************************** * USERS AFFECTED: All * **************************************************************** * PROBLEM DESCRIPTION: MSGDFHXS1113 security error against * * CIST task attached during CICS shutdown * **************************************************************** * RECOMMENDATION: * **************************************************************** As part of CICS shutdown the sockets listener task ( CSOL ) is posted to quiesce sockets activity. An IPIC TCPIPSERVICE is closed by CSOL. DFHISRR is driven for function NOTIFY_SERVICE with action SERVICE_IMMCLOSING. DFHISRR attaches a CIST task to process this action even though the IS domain is quiescing as part of CICS shutdown. In parallel with this, security domain is being quiesced under the control of DFHXSDM. As part of CIST transaction initialization, the CICS transaction manager calls DFHXSRC to perform a TRANSATTACH security check against the CICS region USERID which CIST will run under. The RACF UAUDIT option is on for the region USERID which causes the security check performed by DFHXSRC to be done in 2 phases. Between these 2 phases, DFHXSDM calls DFHXSSI for function DEACTIVATE_SECURITY which causes the XSSS_SECURITY_ACTIVE flag to be reset. This causes the second phase of DFHXSRC security checking to fail unexpectedly leading to messages DFHXS1111 and DFHXS1113. Additional keywords :- MSGDFHXS1111 MSGDFHXS1113
Problem conclusion
Temporary fix
FIX AVAILABLE BY PTF ONLY
Comments
DFHISRR routine dfhisrr_notify_service has been changed to bypass the attach of any IPIC service transaction if the IS domain is quiescing due to a CICS shutdown.
APAR Information
APAR number
PM06374
Reported component name
CICSTS V3 Z/OS
Reported component ID
5655M1500
Reported release
500
Status
CLOSED UR3
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2010-01-29
Closed date
2010-04-30
Last modified date
2010-09-08
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
UK56623
Modules/Macros
DESISRR DESXSRC DFHISRR DFHXSRC DFHXSRCA DFHXSRCI DFHXSRCM DFHXSRCT
Fix information
Fixed component name
CICSTS V3 Z/OS
Fixed component ID
5655M1500
Applicable component levels
R500 PSY UK56623
UP10/05/05 P F005
Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.
[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSGMGV","label":"CICS Transaction Server"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"3.2","Edition":"","Line of Business":{"code":"LOB35","label":"Mainframe SW"}},{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG19M","label":"APARs - z\/OS environment"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"3.2","Edition":"","Line of Business":{"code":"","label":""}}]
Document Information
Modified date:
08 September 2010