[
https://issues.apache.org/jira/browse/AMQ-5130?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17835050#comment-17835050
]
Christopher L. Shannon commented on AMQ-5130:
-
I'm unassigning target versions for this because this Issue has been open for
10 years and continuously moved to the next version and ignored. I think at
this point it needs to be re-evaluated to see if it's still a problem and if it
is then decide if it will actually be fixed or not, or otherwise we should
close the issue.
> If a STOMP listener attempts to connect to an OpenWire transport connector
> the broker dies
> --
>
> Key: AMQ-5130
> URL: https://issues.apache.org/jira/browse/AMQ-5130
> Project: ActiveMQ Classic
> Issue Type: Bug
> Components: Broker
>Affects Versions: 5.15.13
> Environment: Linux Centos 6.4 Apache ActiveMQ 5.9.0, Apache ActiveMQ
> demo STOMP listener
>Reporter: Matthew Western
>Assignee: Matt Pavlovich
>Priority: Major
> Attachments: AMQ5130.patch
>
>
> If a STOMP listener attempts to connect to the broker with an NIO OpenWire
> transport connector URI the broker dies (The JVM terminates with an out of
> memory error).
> I have consistently reproduced this using the test STOMP listener provided
> with 5.9.0. I have not checked to see what happens with the STOMP publisher
> but I imagine the results would be the same.
> I discovered this due to accidentally using the wrong URI with my STOMP
> client.
> I think this is a serious issue as it could be exploited as a DOS attack on
> known broker URIs.
> My configuration file is as follows:
> {code:xml}
> http://activemq.apache.org/schema/core; brokerName="broker2"
> dataDirectory="${activemq.data}" networkConnectorStartAsync="true"
> advisorySupport="true">
>
>
>
>
> advisoryForConsumed="true" advisoryForDelivery="true">
>
> useQueueForQueueMessages="true" />
>
>
> advisoryForConsumed="true" advisoryForDelivery="true">
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> updateClusterClients="true"
> rebalanceClusterClients="true"
> updateClusterClientsOnRemove="true"
> />
> updateClusterClients="true"
> rebalanceClusterClients="true"
> updateClusterClientsOnRemove="true"
> />
>
>
>
>
> {code}
> The listener terminates immediately upon starting with:
> {noformat}
> cannot sysread(): Connection reset by peer{noformat}
> And the broker JVM dies with the following hs_errpid*.log error:
> {noformat}
> #
> # There is insufficient memory for the Java Runtime Environment to continue.
> # Native memory allocation (malloc) failed to allocate 693723136 bytes for
> committing reserved memory.
> # Possible reasons:
> # The system is out of physical RAM or swap space
> # In 32 bit mode, the process size limit was hit
> # Possible solutions:
> # Reduce memory load on the system
> # Increase physical memory or swap space
> # Check if swap backing store is full
> # Use 64 bit Java on a 64 bit OS
> # Decrease Java heap size (-Xmx/-Xms)
> # Decrease number of Java threads
> # Decrease Java thread stack sizes (-Xss)
> # Set larger code cache with -XX:ReservedCodeCacheSize=
> # This output file may be truncated or incomplete.
> #
> # Out of Memory Error (os_linux.cpp:2718), pid=8783, tid=140478943950592
> #
> # JRE version: Java(TM) SE Runtime Environment (7.0_45-b18) (build
> 1.7.0_45-b18)
> # Java VM: Java HotSpot(TM) 64-Bit Server VM (24.45-b08 mixed mode
> linux-amd64 compressed oops)
> # Failed to write core dump. Core dumps have been disabled. To enable core
> dumping, try "ulimit -c unlimited" before starting Java again
> #
> --- T H R E A D ---
> Current thread (0x7fc3c8086000): VMThread [stack:
> 0x7fc3cd7d7000,0x7fc3cd8d8000] [id=8785]
> Stack: [0x7fc3cd7d7000,0x7fc3cd8d8000], sp=0x7fc3cd8d62d0, free
> space=1020k
> Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native
> code)
> V [libjvm.so+0x992c8a] VMError::report_and_die()+0x2ea
> V [libjvm.so+0x49319b] report_vm_out_of_memory(char const*, int, unsigned
> long, char const*)+0x9b
> V [libjvm.so+0x81310e] os::Linux::commit_memory_impl(char*, unsigned long,
> bool)+0xfe
> V [libjvm.so+0x8135bf] os::Linux::commit_memory_impl(char*, unsigned long,
> unsigned long, bool)+0x4f
> V [libjvm.so+0x81377c] os::pd_commit_memory(char*, unsigned long, unsigned
> long, bool)+0xc
> V [libjvm.so+0x80d86a] os::commit_memory(char*, unsigned long, unsigned long,
> bool)+0x2a
> V [libjvm.so+0x98e5d9] VirtualSpace::expand_by(unsigned long, bool)+0x1c9
> V [libjvm.so+0x571725] OneContigSpaceCardGeneration::grow_by(unsigned
> long)+0x25
> V [libjvm.so+0x571b3e]
