IBM Support

PI63616: ABEND U4039 OCCURS IN RDZ DAEMON PROCESS DUE TO HEAP DAMAGE

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as program error.

Error description

  • In Rational Developer for System z - RDz - v9.1.1.2, the daemon
    process may
    end with user abend code U4039 because of heap damage.
    
    If LE runtime option HEAPZONES is enabled then the following
    messages can be observed:
    
    CEE3716I The heap check zone following the storage at
       address 46C34FD0 for length X'00000100' has been overlaid
       at address 46C350D0. Each byte in the zone from 46C350D0
       to 46C350DC should contain the value X'55'.
       From entry point tfree at compile unit offset +00000088
       at entry offset +00000088 at address 46601270.
    
    And the following traceback:
    
      Traceback:
        DSA   Entry       E  Offset
        1     CEEVHMSG    +00000846
        2     CEEVRONU    +000010B0
        3     CEEVFHPH    +000006A4
        4     CEEVROND    +00001258
        5     tfree       +00000088
        6     Java_com_ibm_etools_zos_server_CoreJNI_select
    
    Heap damage can be seen in RSE joblog or syslog with messages
    like:
    
    CEE0374C CONDITION=CEE0802C TOKEN=00040322 61C3C5C5 461AEE00
       WHILE RUNNING PROGRAM tfree WHICH STARTS AT 4668F1E8
    
    Additional Keywords: ABENDU4039
    

Local fix

  • There is no known workaround at this time.
    

Problem summary

  • ****************************************************************
    * USERS AFFECTED: 01.All RDz users                             *
    *                 02.All RDz users                             *
    ****************************************************************
    * PROBLEM DESCRIPTION: 01.In Rational Developer for System z   *
    *                         - RDz - v9.1.1.2, the daemon         *
    *                         process may end with user abend      *
    *                         code U4039 because of heap damage.   *
    *                                                              *
    *                         If LE runtime option HEAPZONES is    *
    *                         enabled then the following messages  *
    *                         can be observed:                     *
    *                                                              *
    *                         CEE3716I The heap check zone         *
    *                         following the storage at address     *
    *                         46C34FD0 for length X'00000100' has  *
    *                         been overlaid at address 46C350D0.   *
    *                         Each byte in the zone from 46C350D0  *
    *                         to 46C350DC should contain the       *
    *                         value X'55'. From entry point tfree  *
    *                         at compile unit offset +00000088 at  *
    *                         entry offset +00000088 at address    *
    *                         46601270.                            *
    *                                                              *
    *                         And the following traceback:         *
    *                                                              *
    *                         Traceback: DSA Entry E Offset 1      *
    *                         CEEVHMSG +00000846 2 CEEVRONU        *
    *                         +000010B0 3 CEEVFHPH +000006A4 4     *
    *                         CEEVROND +00001258 5 tfree           *
    *                         +00000088 6                          *
    *                         Java_com_ibm_etools_zos_server_CoreJ *
    *                         NI_select                            *
    *                                                              *
    *                         Heap damage can be seen in RSE       *
    *                         joblog or syslog with messages       *
    *                         like:                                *
    *                                                              *
    *                         CEE0374C CONDITION=CEE0802C          *
    *                         TOKEN=00040322 61C3C5C5 461AEE00     *
    *                         WHILE RUNNING PROGRAM tfree WHICH    *
    *                         STARTS AT 4668F1E8                   *
    ****************************************************************
    * RECOMMENDATION:                                              *
    ****************************************************************
    01.RDz server calls select() of USS API to check multiple
       inputs by a single thread. RDz server should prepare enough
       length of heap memory to direct select() api which file
       descriptor numbers should be checked by setting
       corresponding memory bits on. The heap memory length depends
       on the maximum value of the file descriptor numbers to be
       checked. When the maximum file descriptor number is 2048,
       RDz server does not allocate enough heap area and writing
       the bit for the file descriptor number 2048 causes the
       memory corruption. When the maximum number is less than or
       greater than 2048, the problem does not occur. RDz server
       code is updated to allocate enough memory even when the
       maximum number is 2048.
    02.RDz server should support FIPS 140-2 mode in encrypted
       connections
    

Problem conclusion

  • 01.RDz server code is updated to allocate enough memory even
       when the maximum value of the file descriptors is 2048.
    02.RDz server is updated to support FIPS 140-2 mode
    

Temporary fix

Comments

APAR Information

  • APAR number

    PI63616

  • Reported component name

    RD/Z HOST

  • Reported component ID

    5724T0723

  • Reported release

    910

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2016-06-06

  • Closed date

    2016-09-28

  • Last modified date

    2016-10-01

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Modules/Macros

  • FEKFCORE FEKFCOR6 FEKFENVR FEKFZOS  FEKRSEDE
    

Fix information

  • Fixed component name

    RD/Z HOST

  • Fixed component ID

    5724T0723

Applicable component levels

  • R910 PSY UI41212

       UP16/10/01 I 1000

Fix is available

  • Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.



Document information

More support for: Rational Developer for System z

Software version: 9.1

Reference #: PI63616

Modified date: 01 October 2016