11u: RFR[M]: 8240827: Downport SSLSocketImpl.java from "8221882: Use fiber-friendly java.util.concurrent.locks in JSSE"

Lindenmaier, Goetz goetz.lindenmaier at sap.com
Sun Mar 15 20:19:15 UTC 2020 

Hi Christoph, 

Thanks for reviewing. 

I'll wait a bit in case someone else has an opinion.  I'd appreciate a
second review as this is quite a complex change.

Best regards,
  Goetz

> -----Original Message-----
> From: Langer, Christoph <christoph.langer at sap.com>
> Sent: Friday, March 13, 2020 4:39 PM
> To: Lindenmaier, Goetz <goetz.lindenmaier at sap.com>; jdk-updates-dev
> <jdk-updates-dev at openjdk.java.net>
> Cc: 'Severin Gehwolf' <sgehwolf at redhat.com>
> Subject: RE: 11u: RFR[M]: 8240827: Downport SSLSocketImpl.java from
> "8221882: Use fiber-friendly java.util.concurrent.locks in JSSE"
> 
> Hi Goetz,
> 
> I went through your changes and to me this looks good. Also the approach to
> take out a part of 8221882 and push it as a new bug (JDK-8240827) seems a
> good idea to me. As there were no regressions spotted, I'm confident with all
> this. I'll approve the backports.
> 
> Best regards
> Christoph
> 
> > -----Original Message-----
> > From: Lindenmaier, Goetz <goetz.lindenmaier at sap.com>
> > Sent: Freitag, 13. März 2020 15:31
> > To: Lindenmaier, Goetz <goetz.lindenmaier at sap.com>; jdk-updates-dev
> > <jdk-updates-dev at openjdk.java.net>
> > Cc: 'Severin Gehwolf' <sgehwolf at redhat.com>; Langer, Christoph
> > <christoph.langer at sap.com>
> > Subject: RE: 11u: RFR[M]: 8240827: Downport SSLSocketImpl.java from
> > "8221882: Use fiber-friendly java.util.concurrent.locks in JSSE"
> >
> > Ping
> >
> > ... anyone volunteering to review this?
> > It is needed for "8209333: Socket reset issue for TLS 1.3 socket close"
> >
> > Best regards,
> >   Goetz.
> >
> >
> > > -----Original Message-----
> > > From: jdk-updates-dev <jdk-updates-dev-bounces at openjdk.java.net>
> On
> > > Behalf Of Lindenmaier, Goetz
> > > Sent: Tuesday, March 10, 2020 5:02 PM
> > > To: jdk-updates-dev <jdk-updates-dev at openjdk.java.net>
> > > Subject: [CAUTION] 11u: RFR[M]: 8240827: Downport SSLSocketImpl.java
> > > from "8221882: Use fiber-friendly java.util.concurrent.locks in JSSE"
> > >
> > > Hi,
> > >
> > > I started downporting [1], "8209333: Socket reset issue for TLS 1.3 socket
> > > close"
> > > for parity with 11.0.8-oracle.
> > >
> > > Severin pointed me to [3], "8219991: New fix of the deadlock in
> > > sun.security.ssl.SSLSocketImpl", a follow-up that fixes an issue
> > > introduced by [1]. I agree that it would make sense
> > > to bring this fix to jdk11u-dev along with [1].
> > >
> > > [1] applies clean to jdk11u-dev.
> > > Unfortunately, [3] does not apply at all.
> > >
> > > In jdk13 a major rework of JSSE was done:
> > > [2] "8221882: Use fiber-friendly java.util.concurrent.locks in JSSE"
> > >
> > > [2] removes the synchronized keywords from a lot of functions
> > > in JSSE and replaces them by manual locking. [3] exploits
> > > the new control flow within these reworked functions in
> > > SSLSocketImpl.java. It needs to be designed differently
> > > to apply directly on top of [1].
> > >
> > > Instead, I propose to downport the changes of [2] to the only
> > > file touched by [3], SSLSocketImpl.java.
> > >
> > > I took the patch of [2] for SSLSocketImpl.java and patched
> > > it on top of [1] to jdk11u-dev. It applies clean. On top
> > > of this, [3] applies clean, too.
> > >
> > > The SSLSocketImpl.java part of [2] uses a public lock
> > > introduced in OutputRecord. I revoked this part of the change
> > > as the changes to OutputRecord are not important here, so
> > > it'd like to skip them. Here the partial webrev of the
> > > revoked code:
> > > http://cr.openjdk.java.net/~goetz/wr20/8240827-
> > > Downport_SSLSocketImpl_from_8221882-jdk11/01-
> > >
> >
> revoked/src/java.base/share/classes/sun/security/ssl/SSLSocketImpl.java.u
> > > diff.html
> > >
> > > The locks introduced by [2] in SSLSocketImpl.java are private,
> > > so there is no direct dependency to them in other code.
> > >
> > > I ran the three changes through our nightly testing
> > > and saw no issues.
> > >
> > > Please review:
> > > http://cr.openjdk.java.net/~goetz/wr20/8240827-
> > > Downport_SSLSocketImpl_from_8221882-jdk11/01/
> > >
> > > Best regards,
> > >   Goetz.
> > >
> > > [1] "8209333: Socket reset issue for TLS 1.3 socket close"
> > > https://bugs.openjdk.java.net/browse/JDK-8209333
> > > http://hg.openjdk.java.net/jdk/jdk12/rev/8a61a04c456c
> > >
> > > [2] "8221882: Use fiber-friendly java.util.concurrent.locks in JSSE"
> > > https://bugs.openjdk.java.net/browse/JDK-8221882
> > > http://hg.openjdk.java.net/jdk/jdk/rev/dfba4e321ab3
> > >
> > > [3] "8219991: New fix of the deadlock in sun.security.ssl.SSLSocketImpl"
> > > https://bugs.openjdk.java.net/browse/JDK-8219991
> > > http://hg.openjdk.java.net/jdk/jdk/rev/ca251ef47e0b

More information about the jdk-updates-dev mailing list