-
Bug
-
Resolution: Done-Errata
-
Blocker
-
None
-
None
-
False
-
None
-
False
-
-
-
-
-
-
+
-
-
We need to upgrade netty to 4.1.94.Final (JBEAP-25078) to address CVE-2023-34462, however, the upgrade will lead to CI failure of test:
org.jboss.as.test.integration.messaging.mgmt.metrics.ScheduledThreadPoolMetricsTestCase and others as well.
The stack trace is:
java.lang.reflect.UndeclaredThrowableException at com.sun.proxy.$Proxy23.runTestMethod(Unknown Source) at org.jboss.arquillian.protocol.jmx.JMXMethodExecutor.invoke(JMXMethodExecutor.java:81) at org.jboss.arquillian.container.test.impl.execution.RemoteTestExecuter.execute(RemoteTestExecuter.java:103) at jdk.internal.reflect.GeneratedMethodAccessor16.invoke(Unknown Source) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:566) at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:86) at org.jboss.arquillian.core.impl.EventContextImpl.invokeObservers(EventContextImpl.java:103) at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:90) at org.jboss.arquillian.core.impl.ManagerImpl.fire(ManagerImpl.java:133) at org.jboss.arquillian.core.impl.ManagerImpl.fire(ManagerImpl.java:105) at org.jboss.arquillian.core.impl.EventImpl.fire(EventImpl.java:62) at org.jboss.arquillian.container.test.impl.execution.ClientTestExecuter.execute(ClientTestExecuter.java:52) at jdk.internal.reflect.GeneratedMethodAccessor15.invoke(Unknown Source) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:566) at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:86) at org.jboss.arquillian.core.impl.EventContextImpl.invokeObservers(EventContextImpl.java:103) at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:90) at org.jboss.arquillian.container.test.impl.client.ContainerEventController.createContext(ContainerEventController.java:128) at org.jboss.arquillian.container.test.impl.client.ContainerEventController.createTestContext(ContainerEventController.java:118) at jdk.internal.reflect.GeneratedMethodAccessor14.invoke(Unknown Source) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:566) at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:86) at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:95) at org.jboss.arquillian.test.impl.TestContextHandler.createClassContext(TestContextHandler.java:83) at jdk.internal.reflect.GeneratedMethodAccessor3.invoke(Unknown Source) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:566) at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:86) at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:95) at org.jboss.arquillian.test.impl.TestContextHandler.createTestContext(TestContextHandler.java:116) at jdk.internal.reflect.GeneratedMethodAccessor4.invoke(Unknown Source) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:566) at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:86) at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:95) at org.jboss.arquillian.test.impl.TestContextHandler.createSuiteContext(TestContextHandler.java:69) at jdk.internal.reflect.GeneratedMethodAccessor2.invoke(Unknown Source) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:566) at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:86) at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:95) at org.jboss.arquillian.core.impl.ManagerImpl.fire(ManagerImpl.java:133) at org.jboss.arquillian.test.impl.EventTestRunnerAdaptor.test(EventTestRunnerAdaptor.java:139) at org.jboss.arquillian.junit.MethodInvoker.invoke(MethodInvoker.java:15) at org.jboss.arquillian.junit.Arquillian$8.evaluate(Arquillian.java:332) at org.jboss.arquillian.junit.Arquillian$4.evaluate(Arquillian.java:204) at org.jboss.arquillian.junit.Arquillian.multiExecute(Arquillian.java:350) at org.jboss.arquillian.junit.Arquillian.access$200(Arquillian.java:54) at org.jboss.arquillian.junit.Arquillian$5.evaluate(Arquillian.java:215) at org.jboss.arquillian.junit.Arquillian$7.evaluate(Arquillian.java:285) at org.junit.runners.BlockJUnit4ClassRunner$1.evaluate(BlockJUnit4ClassRunner.java:100) at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:366) at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:103) at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:63) at org.junit.runners.ParentRunner$4.run(ParentRunner.java:331) at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:79) at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:329) at org.junit.runners.ParentRunner.access$100(ParentRunner.java:66) at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:293) at org.jboss.arquillian.junit.Arquillian$2.evaluate(Arquillian.java:166) at org.jboss.arquillian.junit.Arquillian.multiExecute(Arquillian.java:350) at org.jboss.arquillian.junit.Arquillian.access$200(Arquillian.java:54) at org.jboss.arquillian.junit.Arquillian$3.evaluate(Arquillian.java:177) at org.junit.runners.ParentRunner$3.evaluate(ParentRunner.java:306) at org.junit.runners.ParentRunner.run(ParentRunner.java:413) at org.jboss.arquillian.junit.Arquillian.run(Arquillian.java:115) at org.apache.maven.surefire.junit4.JUnit4Provider.execute(JUnit4Provider.java:365) at org.apache.maven.surefire.junit4.JUnit4Provider.executeWithRerun(JUnit4Provider.java:273) at org.apache.maven.surefire.junit4.JUnit4Provider.executeTestSet(JUnit4Provider.java:238) at org.apache.maven.surefire.junit4.JUnit4Provider.invoke(JUnit4Provider.java:159) at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:384) at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:345) at org.apache.maven.surefire.booter.ForkedBooter.execute(ForkedBooter.java:126) at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:418) Caused by: java.io.IOException: Unable to invoke invoke(), status=WAITING at org.jboss.remotingjmx.protocol.v2.ClientConnection$TheConnection.invoke(ClientConnection.java:1072) at org.jboss.as.arquillian.container.ManagementClient$MBeanConnectionProxy.invoke(ManagementClient.java:779) at java.management/javax.management.MBeanServerInvocationHandler.invoke(MBeanServerInvocationHandler.java:298) ... 77 more ------- Stdout: ------- 13:17:44,406 INFO [org.jboss.arquillian.testenricher.cdi.container.BeanManagerProducer] (pool-937-thread-1) BeanManager not found. 13:17:44,967 WARN [org.apache.activemq.artemis.core.server] (Thread-3 (ActiveMQ-server-org.apache.activemq.artemis.core.server.impl.ActiveMQServerImpl$6@20d794a2)) AMQ222151: removing consumer which did not handle a message, consumer=ServerConsumerImpl [id=0, filter=null, binding=LocalQueueBinding [address=jms.queue.metrics/replyQueue, queue=QueueImpl[name=jms.queue.metrics/replyQueue, postOffice=PostOfficeImpl [server=ActiveMQServerImpl::serverUUID=c9a98b79-2adb-11ee-b5fd-000c29d031d6], temp=false]@37464052, filter=null, name=jms.queue.metrics/replyQueue, clusterName=jms.queue.metrics/replyQueuec9a98b79-2adb-11ee-b5fd-000c29d031d6]], message=Reference[12061]:RELIABLE:CoreMessage[messageID=12061,durable=true,userID=e0e994a3-2adc-11ee-b5fd-000c29d031d6,priority=4, timestamp=Tue Jul 25 13:17:44 CEST 2023,expiration=0, durable=true, address=jms.queue.metrics/replyQueue,size=359,properties=TypedProperties[useRCF=true,__AMQ_CID=e09cd406-2adc-11ee-b5fd-000c29d031d6,JMSReplyTo=jms.queue.metrics/queue,_AMQ_ROUTING_TYPE=1]]@828598480: java.lang.AssertionError at org.apache.activemq.artemis@2.16.0.redhat-00048//org.apache.activemq.artemis.core.remoting.impl.netty.NettyConnection.batchBufferSize(NettyConnection.java:116) at org.apache.activemq.artemis@2.16.0.redhat-00048//org.apache.activemq.artemis.core.remoting.impl.netty.NettyConnection.writeBatch(NettyConnection.java:415) at org.apache.activemq.artemis@2.16.0.redhat-00048//org.apache.activemq.artemis.core.remoting.impl.netty.NettyConnection.write(NettyConnection.java:391) at org.apache.activemq.artemis@2.16.0.redhat-00048//org.apache.activemq.artemis.core.remoting.impl.netty.NettyConnection.write(NettyConnection.java:297) at org.apache.activemq.artemis@2.16.0.redhat-00048//org.apache.activemq.artemis.core.protocol.core.impl.ChannelImpl.send(ChannelImpl.java:413) at org.apache.activemq.artemis@2.16.0.redhat-00048//org.apache.activemq.artemis.core.protocol.core.impl.ChannelImpl.sendBatched(ChannelImpl.java:324) at org.apache.activemq.artemis@2.16.0.redhat-00048//org.apache.activemq.artemis.core.protocol.core.impl.CoreSessionCallback.sendMessage(CoreSessionCallback.java:128) at org.apache.activemq.artemis@2.16.0.redhat-00048//org.apache.activemq.artemis.core.server.impl.ServerConsumerImpl.deliverStandardMessage(ServerConsumerImpl.java:1169) at org.apache.activemq.artemis@2.16.0.redhat-00048//org.apache.activemq.artemis.core.server.impl.ServerConsumerImpl.proceedDeliver(ServerConsumerImpl.java:508) at org.apache.activemq.artemis@2.16.0.redhat-00048//org.apache.activemq.artemis.core.server.impl.QueueImpl.proceedDeliver(QueueImpl.java:3859) at org.apache.activemq.artemis@2.16.0.redhat-00048//org.apache.activemq.artemis.core.server.impl.QueueImpl.deliver(QueueImpl.java:3158) at org.apache.activemq.artemis@2.16.0.redhat-00048//org.apache.activemq.artemis.core.server.impl.QueueImpl.access$2400(QueueImpl.java:128) at org.apache.activemq.artemis@2.16.0.redhat-00048//org.apache.activemq.artemis.core.server.impl.QueueImpl$DeliverRunner.run(QueueImpl.java:4235) at org.apache.activemq.artemis.journal//org.apache.activemq.artemis.utils.actors.OrderedExecutor.doTask(OrderedExecutor.java:42) at org.apache.activemq.artemis.journal//org.apache.activemq.artemis.utils.actors.OrderedExecutor.doTask(OrderedExecutor.java:31) at org.apache.activemq.artemis.journal//org.apache.activemq.artemis.utils.actors.ProcessorBase.executePendingTasks(ProcessorBase.java:65) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) at org.apache.activemq.artemis.journal//org.apache.activemq.artemis.utils.ActiveMQThreadFactory$1.run(ActiveMQThreadFactory.java:118) 13:17:49,620 WARN [org.apache.activemq.artemis.utils.actors.OrderedExecutor] (Thread-7 (ActiveMQ-server-org.apache.activemq.artemis.core.server.impl.ActiveMQServerImpl$6@20d794a2)) null: java.lang.AssertionError at org.apache.activemq.artemis@2.16.0.redhat-00048//org.apache.activemq.artemis.core.remoting.impl.netty.NettyConnection.batchBufferSize(NettyConnection.java:116) at org.apache.activemq.artemis@2.16.0.redhat-00048//org.apache.activemq.artemis.core.remoting.impl.netty.NettyConnection.writeBatch(NettyConnection.java:415) at org.apache.activemq.artemis@2.16.0.redhat-00048//org.apache.activemq.artemis.core.remoting.impl.netty.NettyConnection.write(NettyConnection.java:391) at org.apache.activemq.artemis@2.16.0.redhat-00048//org.apache.activemq.artemis.core.remoting.impl.netty.NettyConnection.write(NettyConnection.java:297) at org.apache.activemq.artemis@2.16.0.redhat-00048//org.apache.activemq.artemis.core.protocol.core.impl.ChannelImpl.send(ChannelImpl.java:413) at org.apache.activemq.artemis@2.16.0.redhat-00048//org.apache.activemq.artemis.core.protocol.core.impl.ChannelImpl.sendBatched(ChannelImpl.java:324) at org.apache.activemq.artemis@2.16.0.redhat-00048//org.apache.activemq.artemis.core.protocol.core.impl.CoreSessionCallback.sendMessage(CoreSessionCallback.java:128) at org.apache.activemq.artemis@2.16.0.redhat-00048//org.apache.activemq.artemis.core.server.impl.ServerConsumerImpl.lambda$forceDelivery$5(ServerConsumerImpl.java:653) at org.apache.activemq.artemis@2.16.0.redhat-00048//org.apache.activemq.artemis.core.server.impl.ServerConsumerImpl$1.run(ServerConsumerImpl.java:680) at org.apache.activemq.artemis.journal//org.apache.activemq.artemis.utils.actors.OrderedExecutor.doTask(OrderedExecutor.java:42) at org.apache.activemq.artemis.journal//org.apache.activemq.artemis.utils.actors.OrderedExecutor.doTask(OrderedExecutor.java:31) at org.apache.activemq.artemis.journal//org.apache.activemq.artemis.utils.actors.ProcessorBase.executePendingTasks(ProcessorBase.java:65) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) at org.apache.activemq.artemis.journal//org.apache.activemq.artemis.utils.ActiveMQThreadFactory$1.run(ActiveMQThreadFactory.java:118)
The commit which leads to this failure in netty is https://github.com/netty/netty/commit/0e8b0252fb595ccf7c4fdc7cce461264c68b4b1c
and the code in artemis gets affected is: https://code.engineering.redhat.com/gerrit/gitweb?p=messaging/activemq-artemis.git;a=blob;f=artemis-core-client/src/main/java/org/apache/activemq/artemis/core/remoting/impl/netty/NettyConnection.java;h=9635ce5a5cc1be6ebeba8cb18610c49e1e8d909a;hb=2e55fac2205e123cd1f9b7c653f4f263d63835f4#l116
the artemis in EAP8 does not have such an assertion, so this won't affect EAP8
- is caused by
-
JBEAP-25078 (7.4.z) Upgrade netty from 4.1.86.Final-redhat-00001 to 4.1.94.Final-redhat-00001 (resolves CVE-2023-34462)
- Closed
- is incorporated by
-
JBEAP-24985 (7.4.z) Upgrade Artemis from 2.16.0.redhat-00048 to 2.16.0.redhat-00049
- Closed
- relates to
-
ENTMQBR-8284 [EAP] Backport ARTEMIS-3045 ReplicationManager can batch sent replicated packets
- Dev Complete
- links to
-
RHSA-2023:113454 Red Hat JBoss Enterprise Application Platform 7.4.13 Security update
-
RHSA-2023:113455 Red Hat JBoss Enterprise Application Platform 7.4.13 Security update
-
RHSA-2023:113456 Red Hat JBoss Enterprise Application Platform 7.4.13 Security update
-
RHSA-2023:113457 Red Hat JBoss Enterprise Application Platform 7.4.13 Security update