Summary: | Field "org.apache.catalina.tribes.transport.bio.util.FastQueue.enabled" should be volatile. | ||
---|---|---|---|
Product: | Tomcat 7 | Reporter: | Mohsen Vakilian <reprogrammer> |
Component: | Catalina | Assignee: | Tomcat Developers Mailing List <dev> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | reprogrammer |
Priority: | P2 | ||
Version: | trunk | ||
Target Milestone: | --- | ||
Hardware: | PC | ||
OS: | Linux |
Description
Mohsen Vakilian
2011-11-18 23:29:32 UTC
(In reply to comment #0) > The boolean flag > "org.apache.catalina.tribes.transport.bio.util.FastQueue.enabled" may be > read/written by multiple threads concurrently (See > <http://svn.apache.org/repos/asf/!svn/bc/1203897/tomcat/trunk/java/org/apache/catalina/tribes/group/interceptors/MessageDispatchInterceptor.java>). > Therefore, accesses to it should be properly synchronized. It is sufficient to > make this boolean flag volatile to protect access to it. > > See > <https://www.securecoding.cert.org/confluence/display/java/VNA00-J.+Ensure+visibility+when+accessing+shared+primitive+variables> > for more information about this bug pattern. > > Keshmesh (https://keshmesh.cs.illinois.edu/) is an Eclipse plugin that > analyzes the source code of Java programs for common concurrency bug patterns. > We used Keshmesh to detect this concurrency bug pattern. I made a typo in the URL of Keshmesh the correct URL is <http://keshmesh.cs.illinois.edu/>. Please note that the underlying problem is similar to Bug 48235. Keshmesh <http://keshmesh.cs.illinois.edu/> detected the unprotected flag "FastQueue.enabled" when we annotated "org.apache.catalina.tribes.group.interceptors.MessageDispatchInterceptor.run()" as an entry method. Fixed in trunk and 7.0.x and will be included in 7.0.24 onwards. |