History | Log In     View a printable version of the current page.  
   HOME       BROWSE PROJECT       FIND ISSUES   
    QUICK SEARCH:  
Issue Details (XML | Word | Printable)

Key: WW-1408
Type: Bug Bug
Status: Resolved Resolved
Resolution: Fixed
Priority: Critical Critical
Assignee: Unassigned
Reporter: Philip Luppens
Votes: 0
Watchers: 0
Operations

If you were logged in you would be able to see more operations.
WebWork

Race condition in invokeMethod

Created: 02/Jan/07 03:25 AM   Updated: 08/Jan/07 04:10 AM
Component/s: Expression Language
Affects Version/s: 2.2.4
Fix Version/s: 2.2.5

File Attachments: 1. Java Archive File ognl-2.6.9-patched.jar (176 kb)


 Description  « Hide
OGNL does not synchronize its invokeMethod correctly, resulting in a race condition.

See thread: http://forums.opensymphony.com/thread.jspa?threadID=56026

We should probably provide a patched version with the WebWork distribution.

 All   Comments   Change History      Sort Order:
[ Permlink | « Hide ]
Philip Luppens - [02/Jan/07 07:00 AM ]
Attached an updated version with the invokeMethod method synchronized. Please review.

[ Permlink | « Hide ]
Tom Schneider - [02/Jan/07 09:28 AM ]
This will solve the problem and I will be testing this.

However, if we wanted to limit impact of synchronization (I'm not real concerned about this, but other might be) we could use the method as the item to synchronize. This would allow different methods to be invoked simultaneously, but methods that are the same would be synchronized.

So, instead of:
public static synchronized Object invokeMethod(Object target, Method method, Object argsArray[])
{
...
}

if could be:
public static Object invokeMethod(Object target, Method method, Object argsArray[])
{
  synchronized (method) {
...
  }
}

A minor change, but it might increase throughput for some people. (In general, I'm not concerned about the synchronization hit at all so it doesn't matter to me.) Other than that, your change is exactly what I test so it should be good. I'll let you know if we run into any issues in our load testing environment.

[ Permlink | « Hide ]
Philip Luppens - [02/Jan/07 09:32 AM ]
Thanks Tom. Please post your findings in the forum as well, otherwise they might slip through.

[ Permlink | « Hide ]
Tom Schneider - [02/Jan/07 01:57 PM ]
I am very happy to report that our latest load test results are clean of freemarker errors. So it looks like this issue is solved. Thanks for created the patched jar--you saved me quite a bit of time by not having to patch and build ognl.

[ Permlink | « Hide ]
tm_jee - [04/Jan/07 07:41 AM ]
Hi guys,

Should we mark this issue as fixed? Though the best would be to have the ognl guys roll out a newer version that contains this fix. :-P

rgds

[ Permlink | « Hide ]
Philip Luppens - [04/Jan/07 07:49 AM ]
I've mailed Drew from OGNL a couple of minutes ago.

[ Permlink | « Hide ]
Philip Luppens - [04/Jan/07 10:28 AM ]
Toby; I guess we can close this. Tom said it fixed his problem. I'll upload a new version if I have to to limit the synchronization, but I think for now we can close this.


[ Permlink | « Hide ]
tm_jee - [08/Jan/07 04:07 AM ]
Sounds good. closing this issue.

[ Permlink | « Hide ]
tm_jee - [08/Jan/07 04:10 AM ]
Fixed. Thx guys.


Powered by a free Atlassian JIRA non-profit license for OpenSymphony. Try JIRA - bug tracking software for your team.
Atlassian JIRA the Professional Issue Tracker. (Enterprise Edition, Version: 3.8-#209) - Bug/feature request - Contact Administrators