Session and Memory Leak on Wildfly 10

I recently re-wrote 10MinuteMail, my secure temporary email service, updating it from Seam 2 and JBoss 4.2 to Deltaspike and Wildfly 10.  Unfortunately I noticed a memory leak in the JVM.  During beta testing, the JVM heap usage would slowly grow, over 1-2 weeks until it reached an OOM (out of memory condition).

Memory Leak in the Old Gen on Wildfly 10

I performed analysis on heap dumps taken at various stages of memory consumption and discovered that the issue was HttpSessionImpl objects being held onto by the com.sun.faces.application.WebappLifecycleListener’s activeSessions property.  Since 10MinuteMail does some “manual” session expiration and management, and the new application is AJAX heavy, I figured I was doing something wrong.  But thanks to some great support on the forums, I soon learned that there is a bug in the Undertow sub-system that ships with Wildfly 10.0.0.FINAL which keeps old sessions around, causing a memory leak – [fusion_builder_container hundred_percent=”yes” overflow=”visible”][fusion_builder_row][fusion_builder_column type=”1_1″ background_position=”left top” background_color=”” border_size=”” border_color=”” border_style=”solid” spacing=”yes” background_image=”” background_repeat=”no-repeat” padding=”” margin_top=”0px” margin_bottom=”0px” class=”” id=”” animation_type=”” animation_speed=”0.3″ animation_direction=”left” hide_on_mobile=”no” center_content=”no” min_height=”none”][UNDERTOW-657] HttpSession never removed from activeSessions – JBoss Issue Tracker

The fix is to replace the Undertow modules that come with Wildfly 10 with the latest stable release versions.  You can find more details here –

Now my application works as expected with no memory leak or abnormal numbers of session objects.[/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]





9 responses to “Session and Memory Leak on Wildfly 10”

  1. Anonymous Avatar

    10 minutemail new web dont work for me. Please come to the old web.
    Please, dont change the good work.

  2. Whosurrubber Avatar

    Great looking new face on 10minute mail! Noticed the countdown clock doesn’t scale down when the window size is reduced (Firefox 47.0). Hardly a big deal, tho!

  3. Anymouse Avatar

    Great job! Is not, however, playing nice with TOR browser as Captcha fails.

    Is there a TOR friendly version possible?

    1. Devon Avatar

      That is related to CloudFlare and not a site-specific thing. I’ve just enabled a TOR related config change that should help the situation though. Let me know if it helps!

  4. Craig Avatar

    When I send a message to the 10minute email address it bounces back as not found.

    1. Devon Avatar

      It seems to be working for me. Are you sure you sent it while the address was still active?

  5. Piotr Avatar

    Hi Guys
    I have same problem with Jboss 7 EAP (wildfly 10). Already applied fixpack 7.0.9 but still HttpSessionImpl stays in Heap. Is there official solution for Jboss 7 eap? Is there any configuration to terminate this session (some limit)? Thx

  6. Gerald Avatar

    We see the issue in JBOSS 7.0.4 too. Did anyone every get a solution to this for JBOSS 7 EAP?

  7. Gerald Avatar

    Just in case anyone else encounters an issue with a session memory leak on jboss 7 with Oracle Commerce 11.3, you can get a patch for it from Oracle Support.

Leave a Reply

Your email address will not be published. Required fields are marked *

PHP Code Snippets Powered By :