|
Problem IC72407
|
Status: Closed |
DB2CONNECT SERVER TRAPS IN SQLCCTCPFREEBUFFER DUE TO MEMORY CORRUPTION AFTER REPORTING "CM PARAMETER BAD" ERROR. |
| product: |
DB2 CONNECT / DB2CONNCT / 970 - DB2 |
| Problem description: |
DB2 engine may hit SEGV in sqlcctcpfreebuffer() area due to
memory corruption after reporting "CM parameter bad" error on
fetching lob data from the end server. "CM parameter bad" is
reported by DB2 Connect server because of incorrect data
received by the end server. After reporting the error, DB2
Connect server tries to send the error back to the client. The
incorrect error handling in the code, caused overwriting of an
internal buffer. DB2 Connect server trapped when it tried to
free the corrupted buffer.
The stack traceback in the trap file looks like:
0x09000000053D84F0 sqloCrashOnCriticalMemoryValidationFailure +
0x34
0x09000000053D7304
diagnoseMemoryCorruptionAndCrash__13SQLO_MEM_POOLFUlCPCc + 0x29C
0x09000000053D6F90
diagnoseMemoryCorruptionAndCrash__13SQLO_MEM_POOLFUlCPCc@glue7CE
+ 0x78
0x090000000879DCCC
.MemTreePut.fdpr.clone.258__13SQLO_MEM_POOLFP8SMemNodeUlP17SqloC
hunkSubgroup
+ 0xC
0x090000000879C230 sqlofmblkEx + 0x288
0x090000000781FC94
sqlcctcpfreebuffer__FP17SQLCC_COMHANDLE_TP12SQLCC_COND_T + 0xC4
0x09000000089D3F60
sqlccfreebuffer__FP17SQLCC_COMHANDLE_TPcP12SQLCC_COND_Tb + 0x94
0x09000000089D3B0C
sqlccfreebuffer__FP17SQLCC_COMHANDLE_TPcP12SQLCC_COND_Tb@glue559
+ 0x80
0x09000000056C24B0 sqljcSend__FP10sqljCmnMgr + 0x64
0x09000000088113C4 @64@sqljsSqlam__FP14db2UCinterfaceP8sqeAgentb
+ 0x25C
Error message in db2diag.log before the trap:
2010-10-22-05.57.08.322348-240 I549950A1348 LEVEL: Severe
PID : 221272 TID : 13946 PROC : db2sysc
INSTANCE: svtdbm2 NODE : 000 DB :
APPHDL : 0-24617 APPID:
AUTHID :
EDUID : 13946 EDUNAME: db2agentg (DSNT2 )
FUNCTION: DB2 UDB, DRDA Communication Manager, sqljcReceive,
probe:30
MESSAGE : ZRC=0x81360010=-2127167472=SQLZ_RC_CMPARM, SQLT_SQLJC
"CM parameter bad"
DATA #1 : String, 11 bytes
CCI Error:
DATA #2 : unsigned integer, 8 bytes
68
CALLSTCK:
[0] 0x09000000087E10D4 pdLog + 0xD4
[1] 0x090000000662FE40
sqljcLogCCIError__FP10sqljCmnMgrPCcP12SQLCC_COND_TUclN35 + 0x228
[2] 0x090000000662F684 sqljcIntReceive__FP10sqljCmnMgr + 0x4CC
[3] 0x0900000006094264 sqljcIntReceive__FP10sqljCmnMgr@glueBEA
+ 0x74
[4] 0x0900000007DCACE0
sqljcReadGetPtrInt__FP10sqljCmnMgrPPUcPl + 0x124
[5] 0x0900000007E33B2C
sqljrParseExtDta__FP14db2UCinterfaceP15sqljrParserInfo13sqljrRqs
tType
+ 0x3F0
[6] 0x0900000007F56424
sqljrParseGetNextChunkReply__FP14db2UCinterface + 0x2C8
[7] 0x090000000511595C sqljrParse__FP14db2UCinterface + 0x210
[8] 0x0900000007E5AB88
sqljrDrdaArGetNextChunk__FP14db2UCinterface + 0x800
[9] 0x0900000006656C18
sqljs_ddm_getnxtchk__FP14db2UCinterfaceP13sqljDDMObject + 0x1CC |
| Problem Summary: |
****************************************************************
* USERS AFFECTED: *
* DB2 Connect Server *
****************************************************************
* PROBLEM DESCRIPTION: *
* DB2 engine may hit SEGV in sqlcctcpfreebuffer() area due to *
* *
* memory corruption after reporting "CM parameter bad" error *
* on *
* fetching lob data from the end server. "CM parameter bad" *
* is *
* reported by DB2 Connect server because of incorrect data *
* *
* received by the end server. After reporting the error, DB2 *
* *
* Connect server tries to send the error back to the client. *
* The *
* incorrect error handling in the code, caused overwriting of *
* an *
* internal buffer. DB2 Connect server trapped when it tried to *
* *
* free the corrupted buffer. *
* *
* *
* *
* The stack traceback in the trap file looks like: *
* *
* 0x09000000053D84F0 *
* sqloCrashOnCriticalMemoryValidationFailure + *
* 0x34 *
* *
* 0x09000000053D7304 *
* *
* diagnoseMemoryCorruptionAndCrash__13SQLO_MEM_POOLFUlCPCc + *
* 0x29C *
* 0x09000000053D6F90 *
* *
* diagnoseMemoryCorruptionAndCrash__13SQLO_MEM_POOLFUlCPCc@glue7
* + 0x78 *
* *
* 0x090000000879DCCC *
* *
* .MemTreePut.fdpr.clone.258__13SQLO_MEM_POOLFP8SMemNodeUlP17Sql
* hunkSubgroup *
* *
* + 0xC *
* *
* 0x090000000879C230 sqlofmblkEx + 0x288 *
* *
* 0x090000000781FC94 *
* *
* sqlcctcpfreebuffer__FP17SQLCC_COMHANDLE_TP12SQLCC_COND_T + *
* 0xC4 *
* 0x09000000089D3F60 *
* *
* sqlccfreebuffer__FP17SQLCC_COMHANDLE_TPcP12SQLCC_COND_Tb + *
* 0x94 *
* 0x09000000089D3B0C *
* *
* sqlccfreebuffer__FP17SQLCC_COMHANDLE_TPcP12SQLCC_COND_Tb@glue5
* + 0x80 *
* *
* 0x09000000056C24B0 sqljcSend__FP10sqljCmnMgr + 0x64 *
* *
* 0x09000000088113C4 *
* @64@sqljsSqlam__FP14db2UCinterfaceP8sqeAgentb *
* + 0x25C *
* *
* *
* *
* *
* *
* Error message in db2diag.log before the trap: *
* *
* *
* *
* 2010-10-22-05.57.08.322348-240 I549950A1348 LEVEL: *
* Severe *
* PID : 221272 TID : 13946 PROC : *
* db2sysc *
* INSTANCE: svtdbm2 NODE : 000 DB : *
* *
* APPHDL : 0-24617 APPID: *
* *
* AUTHID : *
* *
* EDUID : 13946 EDUNAME: db2agentg (DSNT2 ) *
* *
* FUNCTION: DB2 UDB, DRDA Communication Manager, sqljcReceive, *
* *
* probe:30 *
* *
* MESSAGE : ZRC=0x81360010=-2127167472=SQLZ_RC_CMPARM, *
* SQLT_SQLJC *
* "CM parameter bad" *
* *
* DATA #1 : String, 11 bytes *
* *
* CCI Error: *
* *
* DATA #2 : unsigned integer, 8 bytes *
* *
* 68 *
* *
* CALLSTCK: *
* *
* [0] 0x09000000087E10D4 pdLog + 0xD4 *
* *
* [1] 0x090000000662FE40 *
* *
* sqljcLogCCIError__FP10sqljCmnMgrPCcP12SQLCC_COND_TUclN35 + *
* 0x228 *
* [2] 0x090000000662F684 sqljcIntReceive__FP10sqljCmnMgr + *
* 0x4CC *
* [3] 0x0900000006094264 *
* sqljcIntReceive__FP10sqljCmnMgr@glueBEA *
* + 0x74 *
* *
* [4] 0x0900000007DCACE0 *
* *
* sqljcReadGetPtrInt__FP10sqljCmnMgrPPUcPl + 0x124 *
* *
* [5] 0x0900000007E33B2C *
* *
* sqljrParseExtDta__FP14db2UCinterfaceP15sqljrParserInfo13sqljrR
* tType *
* *
* + 0x3F0 *
* *
* [6] 0x0900000007F56424 *
* *
* sqljrParseGetNextChunkReply__FP14db2UCinterface + 0x2C8 *
* *
* [7] 0x090000000511595C sqljrParse__FP14db2UCinterface + *
* 0x210 *
* [8] 0x0900000007E5AB88 *
* *
* sqljrDrdaArGetNextChunk__FP14db2UCinterface + 0x800 *
* *
* [9] 0x0900000006656C18 *
* *
* sqljs_ddm_getnxtchk__FP14db2UCinterfaceP13sqljDDMObject + *
* 0x1CC *
****************************************************************
* RECOMMENDATION: *
* Upgrade to DB2 LUW V9.7.4 *
**************************************************************** |
| Local Fix: |
|
| available fix packs: |
DB2 Version 9.7 Fix Pack 4 for Linux, UNIX, and Windows
DB2 Version 9.7 Fix Pack 5 for Linux, UNIX, and Windows
DB2 Version 9.7 Fix Pack 6 for Linux, UNIX, and Windows
DB2 Version 9.7 Fix Pack 7 for Linux, UNIX, and Windows
DB2 Version 9.7 Fix Pack 8 for Linux, UNIX, and Windows
DB2 Version 9.7 Fix Pack 9 for Linux, UNIX, and Windows
DB2 Version 9.7 Fix Pack 9a for Linux, UNIX, and Windows
DB2 Version 9.7 Fix Pack 10 for Linux, UNIX, and Windows
|
| Solution |
|
| Workaround |
not known / see Local fix |
| Timestamps |
Date - problem reported :
Date - problem closed :
Date - last modified :
| 04.11.2010
28.04.2011
28.04.2011 |
| Problem solved at the following versions (IBM BugInfos) |
9.7.4
|
| Problem solved according to the fixlist(s) of the following version(s) |
| 9.7.0.4
|
 |
