Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-2982

IdentitySharedExclusiveLock.lockExclusive() and lockShared() are uninterruptable

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Critical Critical
    • None
    • 2.7.1.Final
    • Realms
    • None

      As seen in the thread dump of a WildFly testsuite CI run:

      "management-handler-thread - 2" #328 [3813426] prio=5 os_prio=0 cpu=125.18ms elapsed=31599.04s tid=0x00007f961843e900 nid=3813426 in Object.wait()  [0x00007f9658a20000]
   java.lang.Thread.State: WAITING (on object monitor)
  at java.lang.Object.wait0(java.base@21.0.9/Native Method)
  - waiting on <0x00000000e2b11890> (a org.wildfly.security.auth.realm.IdentitySharedExclusiveLock)
  at java.lang.Object.wait(java.base@21.0.9/Object.java:366)
  at java.lang.Object.wait(java.base@21.0.9/Object.java:339)
  at org.wildfly.security.auth.realm.IdentitySharedExclusiveLock.lockExclusive(IdentitySharedExclusiveLock.java:43)
  - locked <0x00000000e2b11890> (a org.wildfly.security.auth.realm.IdentitySharedExclusiveLock)
  at org.wildfly.security.auth.realm.FileSystemSecurityRealm.getRealmIdentity(FileSystemSecurityRealm.java:452)
  at org.wildfly.security.auth.realm.FileSystemSecurityRealm.getRealmIdentityForUpdate(FileSystemSecurityRealm.java:434)
  at org.wildfly.extension.elytron.ModifiableRealmDecorator$RemoveIdentityHandler.executeRuntimeStep(ModifiableRealmDecorator.java:159)
  at org.jboss.as.controller.AbstractRuntimeOnlyHandler$1.execute(AbstractRuntimeOnlyHandler.java:42)
  at org.jboss.as.controller.AbstractOperationContext.executeStep(AbstractOperationContext.java:1060)
  at org.jboss.as.controller.AbstractOperationContext.processStages(AbstractOperationContext.java:781)
  at org.jboss.as.controller.AbstractOperationContext.executeOperation(AbstractOperationContext.java:469)
  at org.jboss.as.controller.OperationContextImpl.executeOperation(OperationContextImpl.java:1439)
  at org.jboss.as.controller.ModelControllerImpl.internalExecute(ModelControllerImpl.java:436)
  at org.jboss.as.controller.ModelControllerImpl.lambda$executeForResponse$0(ModelControllerImpl.java:246)
  at org.jboss.as.controller.ModelControllerImpl$$Lambda/0x00007f967c791a40.run(Unknown Source)
  at org.wildfly.security.auth.server.SecurityIdentity$$Lambda/0x00007f967c75ac28.run(Unknown Source)
  at org.wildfly.security.auth.server.SecurityIdentity.runAs(SecurityIdentity.java:304)
  at org.wildfly.security.auth.server.SecurityIdentity.runAs(SecurityIdentity.java:270)
  at org.jboss.as.controller.ModelControllerImpl.executeForResponse(ModelControllerImpl.java:246)
  at org.jboss.as.controller.ModelControllerImpl.executeOperation(ModelControllerImpl.java:240)
  at org.jboss.as.controller.ModelControllerImpl.execute(ModelControllerImpl.java:223)
  at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler.doExecute(ModelControllerClientOperationHandler.java:228)
  at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1$1.run(ModelControllerClientOperationHandler.java:150)
  at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1$1.run(ModelControllerClientOperationHandler.java:146)
  at org.wildfly.security.auth.server.SecurityIdentity$$Lambda/0x00007f967c965d38.run(Unknown Source)
  at org.wildfly.security.auth.server.SecurityIdentity.runAs(SecurityIdentity.java:328)
  at org.wildfly.security.auth.server.SecurityIdentity.runAs(SecurityIdentity.java:285)
  at org.jboss.as.controller.AccessAuditContext.doAs(AccessAuditContext.java:237)
  at org.jboss.as.controller.AccessAuditContext.doAs(AccessAuditContext.java:208)
  at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1.execute(ModelControllerClientOperationHandler.java:146)
  at org.jboss.as.protocol.mgmt.ManagementRequestContextImpl$1.doExecute(ManagementRequestContextImpl.java:59)
  at org.jboss.as.protocol.mgmt.ManagementRequestContextImpl$AsyncTaskRunner.run(ManagementRequestContextImpl.java:149)
  at org.jboss.threads.ContextHandler$1.runWith(ContextHandler.java:18)
  at org.jboss.threads.EnhancedQueueExecutor$Task.doRunWith(EnhancedQueueExecutor.java:2651)
  at org.jboss.threads.EnhancedQueueExecutor$Task.run(EnhancedQueueExecutor.java:2630)
  at org.jboss.threads.EnhancedQueueExecutor.runThreadBody(EnhancedQueueExecutor.java:1622)
  at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1589)
  at java.lang.Thread.runWith(java.base@21.0.9/Thread.java:1596)
  at java.lang.Thread.run(java.base@21.0.9/Thread.java:1583)
  at org.jboss.threads.JBossThread.run(JBossThread.java:501)

      Looking at https://github.com/wildfly-security/wildfly-elytron/blob/master/auth/realm/base/src/main/java/org/wildfly/security/auth/realm/IdentitySharedExclusiveLock.java neither the lockExclusive() nor lockShared() are interruptable (interrupts are continuously swallowed until the respective lock conditions are met) and thus can cause server shutdown to hang. Given that these locks are acquired via WildFly management operations, they ought to be interruptable.
      Additionally, that these methods themselves are synchronized means that threads waiting to acquire ownership of its object monitor when calling these methods cannot be interrupted.

      Unless I'm missing something, I don't see what additional value this object provides beyond what is already available in more semantically robust ReentrantReadWriteLock.

              rchakrab Ranabir Chakraborty
              pferraro@redhat.com Paul Ferraro
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated: