[jira] [Commented] (WICKET-6845) stackoverflow while serializing a page containing a reference to session

[Martin Tzvetanov Grigorov (Jira)]

    [ 
https://issues.apache.org/jira/browse/WICKET-6845?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17217911#comment-17217911
 ] 

Martin Tzvetanov Grigorov commented on WICKET-6845:
---------------------------------------------------

Adding
{code:java}
if (usesDevelopmentConfig())
{
   JavaSerializer serializer = new JavaSerializer(getName())
   {
      @Override
      protected ObjectOutputStream newObjectOutputStream(OutputStream out) 
throws IOException
      {
         IObjectChecker checker = new SessionChecker();
         return new CheckingObjectOutputStream(out, checker);
      }
   };
   getFrameworkSettings().setSerializer(serializer);
} 

{code}
to MyApplication#init() produces this:
{code:java}
[qtp385242642-17] ERROR org.apache.wicket.serialize.java.JavaSerializer - Error 
serializing object class com.test.HomePage [object=[Page class = 
com.test.HomePage, id = 0, render count = 1]]
org.apache.wicket.core.util.objects.checker.CheckingObjectOutputStream$ObjectCheckException:
 Trying to serialize the Wicket Session!
A problem occurred while checking object with type: 
org.apache.wicket.protocol.http.WebSession
Field hierarchy is:
   [class=com.test.HomePage, path=0]
    private final com.test.TestBean com.test.HomePage.testBean 
[class=com.test.TestBean]
      private final org.apache.wicket.Session com.test.TestBean.session 
[class=org.apache.wicket.protocol.http.WebSession] <----- field that is causing 
the problem
        at 
org.apache.wicket.core.util.objects.checker.CheckingObjectOutputStream.internalCheck(CheckingObjectOutputStream.java:371)
        at 
org.apache.wicket.core.util.objects.checker.CheckingObjectOutputStream.check(CheckingObjectOutputStream.java:354)
        ... {code}
 

but I am not sure whether we want to enable this checker for everyone.

At the moment Wicket first serializes the page without checking and if it fails 
with NotSerializableException then it uses 
org.apache.wicket.core.util.objects.checker.ObjectSerializationChecker to print 
which field is not Serializable. I.e. the extra cost for the checking is 
executed only if there is a problem.

But in the current case one has to enable SessionChecker by default in DEV mode 
to find the problem. Otherwise StackOverflowError won't allow the second run of 
the serialization with the checkers.

> stackoverflow while serializing a page containing a reference to session
> ------------------------------------------------------------------------
>
>                 Key: WICKET-6845
>                 URL: https://issues.apache.org/jira/browse/WICKET-6845
>             Project: Wicket
>          Issue Type: Bug
>          Components: wicket
>    Affects Versions: 9.0.0, 9.1.0
>            Reporter: Ernesto Reinaldo Barreiro
>            Assignee: Martin Tzvetanov Grigorov
>            Priority: Major
>         Attachments: session-serialization.tar.gz
>
>
> Something has changed in the way pages are serialized in wicket 9.x thus that 
> if a page has a reference to session serialization enters in a loop causing 
> an stack overflow. See attached  project. While there is no reasons to keep a 
> reference to session, and I have fixed that in our legacy code causing this 
> problem,  it would be nice to avoid server crashing because of this (and log 
> a huge warning for users to note).



--
This message was sent by Atlassian Jira
(v8.3.4#803005)