[jira] [Created] (UNOMI-940) Multi-tenant cache refresh race condition and query correctness

Fri, 05 Jun 2026 11:40:07 -0700 

Serge Huber created UNOMI-940:
---------------------------------

             Summary: Multi-tenant cache refresh race condition and query 
correctness
                 Key: UNOMI-940
                 URL: https://issues.apache.org/jira/browse/UNOMI-940
             Project: Apache Unomi
          Issue Type: Sub-task
          Components: unomi(-core)
    Affects Versions: unomi-3.1.0
            Reporter: Serge Huber
            Assignee: Serge Huber
             Fix For: unomi-3.1.0


Three bugs found in {{AbstractMultiTypeCachingService}} and 
{{{}MultiTypeCacheServiceImpl{}}}:

*1. Concurrent {{saveItem}} call can cause cache eviction of valid items 
({{{}AbstractMultiTypeCachingService:266{}}})* {{refreshTypeCache}} snapshots 
{{oldItemIds}} before querying persistence. If a concurrent {{saveItem}} adds 
item X to the cache between the snapshot and the Elasticsearch query 
(Elasticsearch is eventually consistent — X may not yet be visible), X appears 
in {{oldItemIds}} but not in {{{}persistenceItemIds{}}}, and is incorrectly 
removed from the cache. _Fix:_ Re-read the current cache state after the 
persistence refresh; only remove items absent from both persistence and the 
current cache (i.e., not concurrently re-added).

*2. Shared {{parameterValues}} map mutated between two persistence queries 
({{{}AbstractMultiTypeCachingService:394{}}})* The same {{HashMap}} instance is 
reused for the tenant-scoped query and the system-tenant inheritance query. 
{{parameterValues.put("propertyValue", SYSTEM_TENANT)}} mutates the map in 
place. If the persistence implementation stores a reference rather than copying 
the condition, the first query's condition is silently corrupted. _Fix:_ Use 
{{new HashMap<>(parameterValues)}} for the second query.

*3. {{MultiTypeCacheServiceImpl.refreshTypeCache}} is a no-op stub with no 
warning ({{{}MultiTypeCacheServiceImpl:224{}}})* The method contains only a 
comment {{{}// Add refresh implementation here{}}}. Callers invoking this 
through the {{MultiTypeCacheService}} interface get no refresh and no error, 
causing silent data staleness. _Fix:_ Emit a {{WARN}} log at minimum; implement 
or document the intended refresh contract.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to