The CICS® log manager initiates a shutdown of the region if it encounters an error in the system log that indicates previously logged data has been lost. In addition to initiating the shutdown, the log manager informs the recovery manager of the failure, which causes the recovery manager to set the type-of-restart indicator to "no-restart-possible" and to issue message DFHRM0144. The result is that recovery during a subsequent restart is not possible and you can perform only an intial start of the region. To do this you are recommended to run the recovery manager utility program (DFHRMUTL) to force an initial start, using the SET_AUTO_START=AUTOINIT option.
During shutdown processing, existing transactions are given the chance to complete their processing. However, no further data is written to the system log. This strategy ensures that the minimum number of units of work are impacted by the failure of the system log. This is because:
Therefore, when the system has completed the log manager-initiated shutdown all (or most) units of work will have completed normally during this period and if there are no backout attempts, data integrity is not compromised.
A key value of CICS is its ability to implement its transactional recovery commitments and thus safeguard the integrity of recoverable data updated by CICS applications. As explained earlier, this ability relies upon logging before-images and other information to the system log. However, it is possible (though very unlikely) that the system log itself may suffer software or hardware related problems. The system log function can suffer from failures in the CICS recovery manager, the CICS logger domain or the MVS™ system logger component. Although problems with these components are unlikely, it is important to understand the actions to take to minimise the impact of such problems.
As explained in Shutdown initiated by CICS log manager, the detection of loss of data from the system log leads to a shutdown of the CICS region. This minimizes the number of transactions that fail after a problem with the log is detected and therefore minimizes the data integrity exposure.
Any problem with the system log that indicates that it may not be able to access all the data previously logged invalidates the log. This means that you can perform only a diagnostic run or an initial start of the region to which the system log belongs.
Another class of problem with the system log is that which does not indicate any loss of data (for example, access to the logstream was lost due to termination of the MVS system logger address space). This class of problem causes an immediate termination of CICS because there is a reasonable expectation that a subsequent emergency restart will be successful when the cause of the problem has been resolved.
For information about how to deal with system log problems, see the CICS Problem Determination Guide.
[[ Contents Previous Page | Next Page Index ]]