Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: 21.0.0.Beta1, 21.0.0.Final
Affects Version/s: 13.0.0.Final
Component/s: CDI / Weld
Labels:
None

Git Pull Request:
https://github.com/wildfly/wildfly/pull/13485

Description

The full description of the problem can be seen in stack overflow.
Please consulder the issue:
https://stackoverflow.com/questions/58930939/wildflt-13-weld-001304-more-than-one-context-active-for-scope-type-javax-enterp/58960369#58960369

SUMMARY:
(1) Setup you wildfly to have a session timeout of 1 minute - so that you can esaily make your http sessions timeout

(2) Program in your WAR application a sessionDestroyed listener that will be broken.
In our case whenever the session is timing out, we have some code that explodes in wildfly and not in weblogic because it expected for the RequestScope context to be active, but apparently in wildfly when Undertow to start killing of a session the request scope context is not made active so that caused our session destroyed handling to break

(3) Do this sufficient amount of times to corrupted as may threads in the thread pool as possible

(4) Now try to interact with your application making use of some session scoped beans .
If you travel to ay sort of view that makes use of a session scoped bean that thread will be broken with the exception that multiple session scope context implementation are active.
But this exception will only come out and aply if the thread handling the HTTP request is one of the threads that in the past were used by undertow to handle the session timeout.
The only threads that have been corrupted forever are those that had a broken sessin timeout

Explanation for the issue:

When the session timeout is being orchestrated by underdow, wildfly is activating a special HttpSessionDescrutionContext and making it active.
This ACTIVE TRUE/FALSE flag is a ThreadLocal variable.
So the activation of the scope context is marked on the thread itself.

When the thread blows up the thread context will remain for as long at the thread lives

in a future request the flag had that thread local variable active already.
So when the BeanManagaerImpl is hunting to the one and only active http session context it finds the traditional happy path http session context active plust the DestructionSession context that was activated in a previous call.

All of the illustrative stack traces that facilitate the comprehention of the issue are shown in the stack overflow thread.

I am of the oppinion that errors like this can happen in the deployed applications.
It would not hurt if wildfly would somehow be able to ensure that the thread that hand an explosion in a previous request is not corrupted when it is used to handle new requests.

Many thanks for having a look.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

01_snippets_of_code_of_sample_app.7z
5 kB
2020/07/28 8:50 AM
02_issue_fix2_using_weld-web-3.1.5-SNAPSHOT.jar.txt.7z
6 kB
2020/07/28 12:21 PM
02_reproducing_issue_on_wildfly20_before_patching_weld_core_web.7z
3 kB
2020/07/28 12:06 PM
Sample_App_To_reproduceBug_001_RollingFileAppender.7z
4 kB
2020/07/28 8:48 AM
sourceCodeToSendToWildfly.7z
4 kB
2020/07/22 3:44 AM

Issue Links

is related to

WFLY-13731 Upgrade Weld to 3.1.5.Final

Closed

relates to

WELD-2631 Cleanup leftover HttpSessionDestructionContext when starting new session context

Resolved

Activity

People

Assignee:: Matěj Novotný

Reporter:: NUNO GODINHO DE MATOS (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2019/11/21 2:46 AM

Updated:: 2021/03/11 12:33 PM

Resolved:: 2020/08/13 5:37 PM