PM43269: EXCEPTIONDESTINATIONHANDLERIMPL IS NOT THREAD SAFE. THIS MAY CAUSE UNDELIVERED MESSAGES MOVED TO INCORRECT EXCEPTION DESTIN

Fixes are available

APAR status

Closed as program error.

Error description

Error Description:
------------------
In scenarios where a bus is configured with one or more custom
exception destinations, undelivered messages may end up routed
to incorrect exception destinations. This may go unnoticed as
no exceptions or error codes are thrown. This is due to an
error in the code that makes the exception destination handler
non thread-safe.

One example scenario is a setup where a custom exception
destination is FULL. The messages that have failed on delivery
would be redirected to the custom exception destination after
completing the defined number of retry attempts. Since the
custom exception destination is FULL, the message would have
to be redirected to the system exception destination. Please
note that the failure on delivery may happen in three
circumstances -
1. Failure to put the message on the intended destination
due to reasons such as the destination is full;
2. Failure to consume the message by the MDBs;
3. Failure in mediation.

Without the fix, the exception destination handler set to the
custom exception destination may be overwritten by another
thread, causing the message to bypass the custom exception
destination and end up directly in the system exception
destination.

With the fix in place, access to the exception destination
handler is serialized and made thread-safe.

Please note that this is a silent bug. No exceptions and error
codes are reported.

Local fix

Problem summary

****************************************************************
* USERS AFFECTED:  All users of IBM WebSphere Application      *
*                  Server                                      *
*                  v8.0.                                       *
****************************************************************
* PROBLEM DESCRIPTION: Undelivered messages may bypass primary *
*                      exception destination before landing up *
*                      in                                      *
*                      system exception destination.           *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
A message failing on delivery is forwarded to the primary
exception destination after the "Maximum Failed Delivery" limit
is reached. A bug in exception destination handler code causes
some of the undeliverable messages bypass the primary exception
destination and end up in the secondary exception destination
(usually set to the system exception destination). The defect
would occur in the scenarios where the primary exception
destination fails to accept undelivered messages.
One example scenario is a setup where the custom exception
destination is FULL. Failure in delivering a message may happen
in three circumstances:
1. Failure to put the message on the intended destination due to
reasons such as the destination is full;
2. Failure to consume the message by the MDBs;
3. Failure in mediation.
The messages that have failed on delivery would be redirected to
the custom exception destination after the "Maximum Failed
Delivery" limit is reached. Failure in accepting the undelivered
message is reported with the warning code CWSIP0291W in the
trace. Since the custom exception destination is FULL, the
message would have to be redirected to the system exception
destination.
However, the exception destination handler set to the custom
exception destination may be overwritten by another thread,
causing the message to bypass the custom exception destination
and end up directly in the system exception destination. This is
due to an error in the code that makes the exception destination
handler non thread-safe.
This is a silent bug. No exceptions and error codes are
reported. Therefore, the problem may go unnoticed.

Problem conclusion

The code has been fixed by synchronizing the critical section
using a mutable java Object. This ensures access to the
exception destination handler is serialized and made thread-
safe.

The fix for this APAR is currently targeted for inclusion in
fix pack 8.0.0.2  Please refer to the Recommended Updates page
for delivery information:
http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980

Temporary fix

Comments

APAR Information

APAR number
PM43269
Reported component name
WEBS APP SERV N
Reported component ID
5724H8800
Reported release
800
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2011-07-08
Closed date
2011-10-17
Last modified date
2011-10-17

APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:

Fix information

Fixed component name
WEBS APP SERV N
Fixed component ID
5724H8800

Applicable component levels

R800 PSY
UP

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"8.0","Line of Business":{"code":"LOB45","label":"Automation"}}]

Document Information

Modified date:
27 October 2021

Tips

PM43269: EXCEPTIONDESTINATIONHANDLERIMPL IS NOT THREAD SAFE. THIS MAY CAUSE UNDELIVERED MESSAGES MOVED TO INCORRECT EXCEPTION DESTIN

Fixes are available

Subscribe

APAR status

Closed as program error.

Error description

Local fix

Problem summary

Problem conclusion

Temporary fix

Comments

APAR Information

APAR number

Reported component name

Reported component ID

Reported release

Status

PE

HIPER

Special Attention

Submitted date

Closed date

Last modified date

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:

Fix information

Fixed component name

Fixed component ID

Applicable component levels

R800 PSY

Document Information

Share your feedback

Need support?