Want to show your appreciation? Please to my charity.

Friday, April 28, 2006

WebLogic 8.1.4 is leaking memory (session object).

Recently we have observed memory leakage in our production box. It turned out that it was WebLogic 8.1.4 that is leaking the session object. Some long expired sessions didn't get invalidated.

The story of how we would have suspected this in the first place would be too long to discuss it here. But here I'll present the code that we used to prove the WebLogic session leakage. The concept is simple, we used a session listener to track all the session with the help of the WeakReference. And a jsp page to display all the sessions.

The session listener first, add code below to WEB-INF/src/webpkg/SessionExplorerListener.java.

package webpkg;
import java.lang.ref.WeakReference;
import java.util.HashSet;
import java.util.Map;
import java.util.HashMap;
import java.util.Set;
import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpSessionListener;
import javax.servlet.http.HttpSessionEvent;

public class SessionExplorerListener implements HttpSessionListener {
   private static final Map sessionMap = new HashMap();

  public void sessionCreated(HttpSessionEvent event) {
    HttpSession session = event.getSession();
    put(session.getId(), new WeakReference(session));

  public void sessionDestroyed(HttpSessionEvent event) {

  public static synchronized Set getIds() {
    return new HashSet(sessionMap.keySet());

  public static synchronized HttpSession get(String id) {
    WeakReference ref = (WeakReference)sessionMap.get(id);
    return ref==null ? null : (HttpSession) ref.get();

  private static synchronized void remove(String id) {

  private static synchronized void put(String id, WeakReference ref) {
    sessionMap.put(id, ref);

Then let's add our listener to web.xml:


Finally, a jsp page that list all the active sessions, listSessions.jsp:

<%@ page language="java" contentType="text/html; charset=utf-8"
<%@ page import="java.util.*, webpkg.SessionExplorerListener" %>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
    <title>Session List</title>
    <% Set sessionIdSet = SessionExplorerListener.getIds(); %>
    Total Sessions: <%=sessionIdSet.size()%>
    <table border="1">
        <th>Session ID</th>
         <th>Create Time</th>
         <th>Last Access</th>
        <th>Timeout in (s)</th>
        Iterator itr = sessionIdSet.iterator();
        while(itr.hasNext()) {
          String sessionId = (String)itr.next();
          HttpSession ses = SessionExplorerListener.get(sessionId);
         <% if (sessionId.equals(session.getId())) { %>
         <% } else { %>
         <% } %>
         <td><%=new Date(ses.getCreationTime())%></td>
         <td><%=new Date(ses.getLastAccessedTime()) %></td>
             -ses.getLastAccessedTime())/1000 %>

This session leaking must have been there for long, we only found this out recently because we have released a new application that puts too much in user's session. Our memory usage is kept growing with those big sessions staying there forever. The problem is rather intermittent. Most of sessions do get cleaned up. We are still unclear of what caused the WebLogic to fail.


Kaiv said...

Hey kenneth
I can confirm the observation you have made and in fact can also say that i used the same method to prove it
One thing i was looking for is if Cookies are causing any problems , some session which have cookies associated tro last for year (as in my appl) may have a prob but thats a very early guess , i am sure we need to find out in the weblogic code than anywhere else .have you raised it to BEA

Kenneth Xu said...

We definitely raised to BEA. But unfortunately, I didn't get an answer before gave up.


I realize this is an older conversation but I am wondering if this same problem exists in WebLogic 8.1.6?
Did you ever test it in 8.1.6

Kenneth Xu said...

> Did you ever test it in 8.1.6
No but you can easily test yourself as the code is given above.

Post a Comment