Fixes are available
9.0.0.6: WebSphere Application Server traditional V9.0 Fix Pack 6
PI92492:Potential Denial of Service in WebSphere Application Server JAXRS
9.0.0.7: WebSphere Application Server traditional V9.0 Fix Pack 7
9.0.0.8: WebSphere Application Server traditional V9.0 Fix Pack 8
9.0.0.9: WebSphere Application Server traditional V9.0 Fix Pack 9
9.0.0.10: WebSphere Application Server traditional V9.0 Fix Pack 10
9.0.0.11: WebSphere Application Server traditional V9.0 Fix Pack 11
9.0.5.0: WebSphere Application Server traditional Version 9.0.5 Refresh Pack
9.0.5.1: WebSphere Application Server traditional Version 9.0.5 Fix Pack 1
9.0.5.2: WebSphere Application Server traditional Version 9.0.5 Fix Pack 2
9.0.5.3: WebSphere Application Server traditional Version 9.0.5 Fix Pack 3
9.0.5.4: WebSphere Application Server traditional Version 9.0.5 Fix Pack 4
9.0.5.5: WebSphere Application Server traditional Version 9.0.5 Fix Pack 5
WebSphere Application Server traditional 9.0.5.6
9.0.5.7: WebSphere Application Server traditional Version 9.0.5 Fix Pack 7
9.0.5.8: WebSphere Application Server traditional Version 9.0.5.8
9.0.5.9: WebSphere Application Server traditional Version 9.0.5.9
9.0.5.10: WebSphere Application Server traditional Version 9.0.5.10
9.0.5.11: WebSphere Application Server traditional Version 9.0.5.11
APAR status
Closed as program error.
Error description
Ø JAX-RS trying to interact with a CDIManagedObject after it has been released
Local fix
Ø N/A
Problem summary
**************************************************************** * USERS AFFECTED: All users of IBM WebSphere Application * * Server with JAXRS applications the * * incorportate Dependency Injection. * **************************************************************** * PROBLEM DESCRIPTION: NullPointerException or * * IllegalArgumentExceptions may occur * * during the release of * * CDIManagedObjects under load. * **************************************************************** * RECOMMENDATION: * **************************************************************** Cleanup operations involving CDIManagedObjects under load may result in IllegalArgumentExceptions or NullPointerExceptions similar to the following: ? ?17/08/30 16:09:39:335 JST ? ? 000000d9 0(id=127) ? ? W org.apache.cxf.phase.PhaseInterceptorChain doDefaultLogging Interceptor for {http://xxxxxxxxxxx} has thrown exception, unwinding now java.lang.IllegalArgumentException: cannot validate null at org.apache.bval.jsr.ClassValidator.validate(ClassValidator.java: 134) at org.apache.cxf.validation.BeanValidationProvider.doValidateBean( BeanValidationProvider.java:149) at org.apache.cxf.validation.BeanValidationProvider.validateBean(Be anValidationProvider.java:142) at sun.reflect.GeneratedMethodAccessor61.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethod AccessorImpl.java:55) at java.lang.reflect.Method.invoke(Method.java:508) at com.ibm.ws.jaxrs20.server.LibertyJaxRsInvoker.callValidationMeth od(LibertyJaxRsInvoker.java:269) or java.lang.NullPointerException at com.ibm.ws.cdi.impl.managedobject.CDIManagedObject.release(CDIMa nagedObject.java:84) or java.lang.NullPointerException at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(Abs tractHTTPDestination.java:256) at com.ibm.ws.jaxrs20.endpoint.AbstractJaxRsWebEndpoint.invoke(Abst ractJaxRsWebEndpoint.java:140) at com.ibm.websphere.jaxrs.server.IBMRestServlet.handleRequest(IBMR estServlet.java:179) at com.ibm.websphere.jaxrs.server.IBMRestServlet.doGet(IBMRestServl et.java:145) at javax.servlet.http.HttpServlet.service(HttpServlet.java:687) at com.ibm.websphere.jaxrs.server.IBMRestServlet.service(IBMRestSer vlet.java:125)
Problem conclusion
Changed the code to remove multi-threaded race conditions within CDIManagedObject cleanup. The fix for this APAR is currently targeted for inclusion in fix pack 9.0.0.6. Please refer to the Recommended Updates page for delivery information: http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980
Temporary fix
Comments
APAR Information
APAR number
PI87146
Reported component name
WEBS APP SERV N
Reported component ID
5724H8800
Reported release
900
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2017-09-11
Closed date
2017-09-18
Last modified date
2017-10-12
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
WEBS APP SERV N
Fixed component ID
5724H8800
Applicable component levels
R900 PSY
UP
Document Information
Modified date:
04 May 2022