Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: 7.4.15.CR1, 7.4.15.GA
Affects Version/s: None
Component/s: Security
Labels:
- upstream-linked
- upstream_not_required

Blocked:
False
Blocked Reason:
None
Ready:
False
CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
QE Test Coverage:
-
Target Release:

7.4.z.GA
Git Pull Request:
https://github.com/jbossas/wildfly-core-eap/pull/1309
Steps to Reproduce:
Hide

Run EAP in standalone mode,

run :reload operations repeatedly,

in a profiling tool check that new instances of ElytronAuthConfigFactory and DelegatingAuthConfigFactory are being created and are not garbage collected.

See ~~JBEAP-25589~~ for more detailed reproducer.
Show
Run EAP in standalone mode, run :reload operations repeatedly, in a profiling tool check that new instances of ElytronAuthConfigFactory and DelegatingAuthConfigFactory are being created and are not garbage collected. See JBEAP-25589 for more detailed reproducer.
Intelligence Requested:
Market:

SFDC Cases Counter:
SFDC Cases Links:

This issue is only present in wildfly-core 15.0.x branch. It is a component of ~~JBEAP-25589~~.

During app server reload, the Elytron integration layer registers new AuthConfigFactory:

ElytronDefinition$ElytronAdd#performBoottime():

                final AuthConfigFactory authConfigFactory = doPrivileged((PrivilegedAction<AuthConfigFactory>) ElytronDefinition::getAuthConfigFactory);
                if (authConfigFactory != null) {
                    // TODO This wrapping is only temporary to allow us to delegate to the PicketBox impl, at a later point there really should only
                    //  be one AuthConfigFactory at a time.
                    registerAuthConfigFactory(new DelegatingAuthConfigFactory(new ElytronAuthConfigFactory(), authConfigFactory, ALLOW_DELEGATION));
                } else {
                    ...
                }

The factory registered is the DelegatingAuthConfigFactory chained with the original AuthConfigFactory instance. The original factory instance is obtained just before the register call. In effect, during the reload operation the chain of DelegatingAuthConfigFactory instances becomes deeper and deeper, as the previously created instances are used as delegates of the new instance.

blocks

JBEAP-25589 (7.4.z) Memory leak on :reload operation

Verified

clones

WFCORE-6533 (15.0.x) Memory leak in ElytronDefinition / DelegatingAuthConfigFactory

Resolved

is incorporated by

JBEAP-26169 (7.4.z) Upgrade WildFly Core from 15.0.32.Final-redhat-00001 to 15.0.33.Final-redhat-00001

Closed

Assignee:: Tomas Hofman

Reporter:: Tomas Hofman

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2023/10/03 10:22 AM

Updated:: 2024/01/25 10:14 AM

Resolved:: 2023/12/11 10:08 AM

Details

Description

Attachments

Issue Links

Activity

People

Dates