Description of problem: Using NIO with async servlets can improperly lead to a processor and its request/response objects being used by multiple threads to process different requests at once. The problem arises in Http11NioProtocol.event(). If two events occur on the same channel and execute this at the same time, it'll lead to this issue if they result in a SocketState other than LONG. When that happens, they both offer the same processor to recycledProcessors in the finally block. Later on, two different requests can then poll the same processor at once from reycledProcessors; a processor should only ever have one entry in recycledProcessors. It looks like we need to synch the Http11NioProtocol.event() call or the NioEndpoint.ChannelProcessor.run(). Version-Release number of selected component (if applicable): 7.3.1.Final
Fixed in JBossWeb 7.3.x branch for EAP 6.2.x by r2437.
VERIFIED on 6.2.4.CP.CR1
Started a draft Release Note based on the description but more information is needed to complete it. Aaron, can you tell me which of the options you mention above became the eventual fix?
To fix this, the "Http11NioProtocol.event()" call was wrapped in a synchronized block. So the issue is avoided as a single processor is no longer inserted multiple times into the recycledProcessors queue.