You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2009/07/17 13:16:05 UTC

svn commit: r795041 - in /tomcat/container/tc5.5.x: catalina/src/share/org/apache/catalina/session/StandardSession.java webapps/docs/changelog.xml

Author: markt
Date: Fri Jul 17 11:16:05 2009
New Revision: 795041

URL: http://svn.apache.org/viewvc?rev=795041&view=rev
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=40380
Correct synchronisation of expire(). Method should only run once.

Modified:
    tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/session/StandardSession.java
    tomcat/container/tc5.5.x/webapps/docs/changelog.xml

Modified: tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/session/StandardSession.java
URL: http://svn.apache.org/viewvc/tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/session/StandardSession.java?rev=795041&r1=795040&r2=795041&view=diff
==============================================================================
--- tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/session/StandardSession.java (original)
+++ tomcat/container/tc5.5.x/catalina/src/share/org/apache/catalina/session/StandardSession.java Fri Jul 17 11:16:05 2009
@@ -167,7 +167,7 @@
      * certain IllegalStateException tests.  NOTE:  This value is not
      * included in the serialized version of this object.
      */
-    protected transient boolean expiring = false;
+    protected transient volatile boolean expiring = false;
 
 
     /**
@@ -224,7 +224,7 @@
     /**
      * Flag indicating whether this session is valid or not.
      */
-    protected boolean isValid = false;
+    protected volatile boolean isValid = false;
 
     
     /**
@@ -666,15 +666,20 @@
      */
     public void expire(boolean notify) {
 
-        // Mark this session as "being expired" if needed
-        if (expiring)
+        // Check to see if expire is in progress or has previously been called
+        if (expiring || !isValid)
             return;
 
         synchronized (this) {
+            // Check again, now we are inside the sync so this code only runs once
+            // Double check locking - expiring and isValid need to be volatile
+            if (expiring || !isValid)
+                return;
 
             if (manager == null)
                 return;
 
+            // Mark this session as "being expired"
             expiring = true;
         
             // Notify interested application event listeners

Modified: tomcat/container/tc5.5.x/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/container/tc5.5.x/webapps/docs/changelog.xml?rev=795041&r1=795040&r2=795041&view=diff
==============================================================================
--- tomcat/container/tc5.5.x/webapps/docs/changelog.xml (original)
+++ tomcat/container/tc5.5.x/webapps/docs/changelog.xml Fri Jul 17 11:16:05 2009
@@ -126,6 +126,10 @@
         (markt)
       </fix>
       <fix>
+        <bug>40380</bug>: Fix potential synchronization issue in
+        StandardSession.expire(). (markt)
+      </fix>
+      <fix>
         <bug>41407</bug>: JAAS Realm now works with CLIENT-CERT authentication.
         (markt)
       </fix>



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org