From matthias.baesken at sap.com Mon Jul 2 08:17:33 2018 From: matthias.baesken at sap.com (Baesken, Matthias) Date: Mon, 2 Jul 2018 08:17:33 +0000 Subject: RFR : 8205959 : Do not restart close if errno is EINTR Message-ID: <2e9e20817ecf49d995cd2f939fefd774@sap.com> Hello , there is a similar pattern (attempt to restart close in case of EINTR) in the coding as well in socket_md.c : src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-147- int rv; src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-148- do { src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-149- rv = close(fd); src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c:150: } while (rv == -1 && errno == EINTR); src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-151- src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-152- return rv; src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-153-} Do you think this needs adjustment (on LINUX) as well ? Best regards, Matthias > Message: 2 > Date: Thu, 28 Jun 2018 18:19:46 +0100 > From: Alan Bateman > To: David Lloyd , ivan.gerasimov at oracle.com > Cc: OpenJDK Network Dev list > Subject: Re: RFR : 8205959 : Do not restart close if errno is EINTR > Message-ID: <3fd1496f-ab83-a2d5-0699-13c8b735d70b at oracle.com> > Content-Type: text/plain; charset=utf-8; format=flowed > > On 28/06/2018 17:35, David Lloyd wrote: > > : > > Do you (or Alan) think that this might have accounted for real-world > > connection problems? > > > In the file I/O area, with NFS I think, we had an issue a long time ago > where close was retried after EIO. That issue was fixed a long time ago > but it's one that comes to mind in this general area. > > -Alan > From norman.maurer at googlemail.com Mon Jul 2 08:23:11 2018 From: norman.maurer at googlemail.com (Norman Maurer) Date: Mon, 2 Jul 2018 10:23:11 +0200 Subject: RFR : 8205959 : Do not restart close if errno is EINTR In-Reply-To: <2e9e20817ecf49d995cd2f939fefd774@sap.com> References: <2e9e20817ecf49d995cd2f939fefd774@sap.com> Message-ID: <2E0FD75E-3AEF-4251-B324-7F0BA864CFC2@googlemail.com> +1 retry a close on EINTR has most likely not the outcome you expect and may even close a wrong FD if the same FD is reused already (as even if EINTR is returned it may have closed the FD) > Am 02.07.2018 um 10:17 schrieb Baesken, Matthias : > > Hello , there is a similar pattern (attempt to restart close in case of EINTR) in the coding as well in socket_md.c : > > src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-147- int rv; > src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-148- do { > src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-149- rv = close(fd); > src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c:150: } while (rv == -1 && errno == EINTR); > src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-151- > src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-152- return rv; > src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-153-} > > Do you think this needs adjustment (on LINUX) as well ? > > Best regards, Matthias > > >> Message: 2 >> Date: Thu, 28 Jun 2018 18:19:46 +0100 >> From: Alan Bateman >> To: David Lloyd , ivan.gerasimov at oracle.com >> Cc: OpenJDK Network Dev list >> Subject: Re: RFR : 8205959 : Do not restart close if errno is EINTR >> Message-ID: <3fd1496f-ab83-a2d5-0699-13c8b735d70b at oracle.com> >> Content-Type: text/plain; charset=utf-8; format=flowed >> >>> On 28/06/2018 17:35, David Lloyd wrote: >>> : >>> Do you (or Alan) think that this might have accounted for real-world >>> connection problems? >>> >> In the file I/O area, with NFS I think, we had an issue a long time ago >> where close was retried after EIO. That issue was fixed a long time ago >> but it's one that comes to mind in this general area. >> >> -Alan >> > From christoph.langer at sap.com Mon Jul 2 09:03:58 2018 From: christoph.langer at sap.com (Langer, Christoph) Date: Mon, 2 Jul 2018 09:03:58 +0000 Subject: RFR : 8205959 : Do not restart close if errno is EINTR In-Reply-To: <2E0FD75E-3AEF-4251-B324-7F0BA864CFC2@googlemail.com> References: <2e9e20817ecf49d995cd2f939fefd774@sap.com> <2E0FD75E-3AEF-4251-B324-7F0BA864CFC2@googlemail.com> Message-ID: <9bf3ebbba0014f918bf53eb0b4d0c464@sap.com> Hi Matthias, forwarding to serviceability-dev, because debugging is usually discussed there. Yes, I would think this coding should be fixed, too. Can you open a bug and prepare a change? Thanks Christoph > -----Original Message----- > From: net-dev [mailto:net-dev-bounces at openjdk.java.net] On Behalf Of > Norman Maurer > Sent: Montag, 2. Juli 2018 10:23 > To: Baesken, Matthias > Cc: Stuefe, Thomas ; net-dev at openjdk.java.net > Subject: Re: RFR : 8205959 : Do not restart close if errno is EINTR > > +1 retry a close on EINTR has most likely not the outcome you expect and > may even close a wrong FD if the same FD is reused already (as even if EINTR > is returned it may have closed the FD) > > > Am 02.07.2018 um 10:17 schrieb Baesken, Matthias > : > > > > Hello , there is a similar pattern (attempt to restart close in case of EINTR) > in the coding as well in socket_md.c : > > > > src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-147- int rv; > > src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-148- do { > > src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-149- rv = > close(fd); > > src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c:150: } while (rv > == -1 && errno == EINTR); > > src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-151- > > src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-152- return rv; > > src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-153-} > > > > Do you think this needs adjustment (on LINUX) as well ? > > > > Best regards, Matthias > > > > > >> Message: 2 > >> Date: Thu, 28 Jun 2018 18:19:46 +0100 > >> From: Alan Bateman > >> To: David Lloyd , ivan.gerasimov at oracle.com > >> Cc: OpenJDK Network Dev list > >> Subject: Re: RFR : 8205959 : Do not restart close if errno is EINTR > >> Message-ID: <3fd1496f-ab83-a2d5-0699-13c8b735d70b at oracle.com> > >> Content-Type: text/plain; charset=utf-8; format=flowed > >> > >>> On 28/06/2018 17:35, David Lloyd wrote: > >>> : > >>> Do you (or Alan) think that this might have accounted for real-world > >>> connection problems? > >>> > >> In the file I/O area, with NFS I think, we had an issue a long time ago > >> where close was retried after EIO. That issue was fixed a long time ago > >> but it's one that comes to mind in this general area. > >> > >> -Alan > >> > > From thomas.stuefe at gmail.com Mon Jul 2 10:08:15 2018 From: thomas.stuefe at gmail.com (=?UTF-8?Q?Thomas_St=C3=BCfe?=) Date: Mon, 2 Jul 2018 12:08:15 +0200 Subject: RFR : 8205959 : Do not restart close if errno is EINTR In-Reply-To: <9bf3ebbba0014f918bf53eb0b4d0c464@sap.com> References: <2e9e20817ecf49d995cd2f939fefd774@sap.com> <2E0FD75E-3AEF-4251-B324-7F0BA864CFC2@googlemail.com> <9bf3ebbba0014f918bf53eb0b4d0c464@sap.com> Message-ID: +1. Please fix this for Linux! Thanks. On Mon, Jul 2, 2018 at 11:03 AM, Langer, Christoph wrote: > Hi Matthias, > > forwarding to serviceability-dev, because debugging is usually discussed there. > > Yes, I would think this coding should be fixed, too. Can you open a bug and prepare a change? > > Thanks > Christoph > >> -----Original Message----- >> From: net-dev [mailto:net-dev-bounces at openjdk.java.net] On Behalf Of >> Norman Maurer >> Sent: Montag, 2. Juli 2018 10:23 >> To: Baesken, Matthias >> Cc: Stuefe, Thomas ; net-dev at openjdk.java.net >> Subject: Re: RFR : 8205959 : Do not restart close if errno is EINTR >> >> +1 retry a close on EINTR has most likely not the outcome you expect and >> may even close a wrong FD if the same FD is reused already (as even if EINTR >> is returned it may have closed the FD) >> >> > Am 02.07.2018 um 10:17 schrieb Baesken, Matthias >> : >> > >> > Hello , there is a similar pattern (attempt to restart close in case of EINTR) >> in the coding as well in socket_md.c : >> > >> > src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-147- int rv; >> > src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-148- do { >> > src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-149- rv = >> close(fd); >> > src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c:150: } while (rv >> == -1 && errno == EINTR); >> > src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-151- >> > src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-152- return rv; >> > src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-153-} >> > >> > Do you think this needs adjustment (on LINUX) as well ? >> > >> > Best regards, Matthias >> > >> > >> >> Message: 2 >> >> Date: Thu, 28 Jun 2018 18:19:46 +0100 >> >> From: Alan Bateman >> >> To: David Lloyd , ivan.gerasimov at oracle.com >> >> Cc: OpenJDK Network Dev list >> >> Subject: Re: RFR : 8205959 : Do not restart close if errno is EINTR >> >> Message-ID: <3fd1496f-ab83-a2d5-0699-13c8b735d70b at oracle.com> >> >> Content-Type: text/plain; charset=utf-8; format=flowed >> >> >> >>> On 28/06/2018 17:35, David Lloyd wrote: >> >>> : >> >>> Do you (or Alan) think that this might have accounted for real-world >> >>> connection problems? >> >>> >> >> In the file I/O area, with NFS I think, we had an issue a long time ago >> >> where close was retried after EIO. That issue was fixed a long time ago >> >> but it's one that comes to mind in this general area. >> >> >> >> -Alan >> >> >> > From david.holmes at oracle.com Mon Jul 2 12:03:55 2018 From: david.holmes at oracle.com (David Holmes) Date: Mon, 2 Jul 2018 22:03:55 +1000 Subject: RFR : 8205959 : Do not restart close if errno is EINTR In-Reply-To: <9bf3ebbba0014f918bf53eb0b4d0c464@sap.com> References: <2e9e20817ecf49d995cd2f939fefd774@sap.com> <2E0FD75E-3AEF-4251-B324-7F0BA864CFC2@googlemail.com> <9bf3ebbba0014f918bf53eb0b4d0c464@sap.com> Message-ID: <5a2ab4d2-ed90-20fd-6340-e73153d4313d@oracle.com> In reference to 8205959, where is it stated that dup2 is any more restartable than close ?? AFAICS both leave things undefined/unspecified if they set EINTR. David On 2/07/2018 7:03 PM, Langer, Christoph wrote: > Hi Matthias, > > forwarding to serviceability-dev, because debugging is usually discussed there. > > Yes, I would think this coding should be fixed, too. Can you open a bug and prepare a change? > > Thanks > Christoph > >> -----Original Message----- >> From: net-dev [mailto:net-dev-bounces at openjdk.java.net] On Behalf Of >> Norman Maurer >> Sent: Montag, 2. Juli 2018 10:23 >> To: Baesken, Matthias >> Cc: Stuefe, Thomas ; net-dev at openjdk.java.net >> Subject: Re: RFR : 8205959 : Do not restart close if errno is EINTR >> >> +1 retry a close on EINTR has most likely not the outcome you expect and >> may even close a wrong FD if the same FD is reused already (as even if EINTR >> is returned it may have closed the FD) >> >>> Am 02.07.2018 um 10:17 schrieb Baesken, Matthias >> : >>> >>> Hello , there is a similar pattern (attempt to restart close in case of EINTR) >> in the coding as well in socket_md.c : >>> >>> src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-147- int rv; >>> src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-148- do { >>> src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-149- rv = >> close(fd); >>> src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c:150: } while (rv >> == -1 && errno == EINTR); >>> src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-151- >>> src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-152- return rv; >>> src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-153-} >>> >>> Do you think this needs adjustment (on LINUX) as well ? >>> >>> Best regards, Matthias >>> >>> >>>> Message: 2 >>>> Date: Thu, 28 Jun 2018 18:19:46 +0100 >>>> From: Alan Bateman >>>> To: David Lloyd , ivan.gerasimov at oracle.com >>>> Cc: OpenJDK Network Dev list >>>> Subject: Re: RFR : 8205959 : Do not restart close if errno is EINTR >>>> Message-ID: <3fd1496f-ab83-a2d5-0699-13c8b735d70b at oracle.com> >>>> Content-Type: text/plain; charset=utf-8; format=flowed >>>> >>>>> On 28/06/2018 17:35, David Lloyd wrote: >>>>> : >>>>> Do you (or Alan) think that this might have accounted for real-world >>>>> connection problems? >>>>> >>>> In the file I/O area, with NFS I think, we had an issue a long time ago >>>> where close was retried after EIO. That issue was fixed a long time ago >>>> but it's one that comes to mind in this general area. >>>> >>>> -Alan >>>> >>> From david.lloyd at redhat.com Mon Jul 2 13:43:06 2018 From: david.lloyd at redhat.com (David Lloyd) Date: Mon, 2 Jul 2018 08:43:06 -0500 Subject: RFR : 8205959 : Do not restart close if errno is EINTR In-Reply-To: <5a2ab4d2-ed90-20fd-6340-e73153d4313d@oracle.com> References: <2e9e20817ecf49d995cd2f939fefd774@sap.com> <2E0FD75E-3AEF-4251-B324-7F0BA864CFC2@googlemail.com> <9bf3ebbba0014f918bf53eb0b4d0c464@sap.com> <5a2ab4d2-ed90-20fd-6340-e73153d4313d@oracle.com> Message-ID: I think because the only two possible outcomes are either that the FD was not dup'd, in which case things carry on as before, or that it was dup'd, in which case (at least in the JVM) re-dupping won't really do anything harmful since the target FD already references the dead socket FD. The POSIX manpage doesn't seem to include any other possibilities. On Mon, Jul 2, 2018 at 7:04 AM David Holmes wrote: > > In reference to 8205959, where is it stated that dup2 is any more > restartable than close ?? > > AFAICS both leave things undefined/unspecified if they set EINTR. > > David > > On 2/07/2018 7:03 PM, Langer, Christoph wrote: > > Hi Matthias, > > > > forwarding to serviceability-dev, because debugging is usually discussed there. > > > > Yes, I would think this coding should be fixed, too. Can you open a bug and prepare a change? > > > > Thanks > > Christoph > > > >> -----Original Message----- > >> From: net-dev [mailto:net-dev-bounces at openjdk.java.net] On Behalf Of > >> Norman Maurer > >> Sent: Montag, 2. Juli 2018 10:23 > >> To: Baesken, Matthias > >> Cc: Stuefe, Thomas ; net-dev at openjdk.java.net > >> Subject: Re: RFR : 8205959 : Do not restart close if errno is EINTR > >> > >> +1 retry a close on EINTR has most likely not the outcome you expect and > >> may even close a wrong FD if the same FD is reused already (as even if EINTR > >> is returned it may have closed the FD) > >> > >>> Am 02.07.2018 um 10:17 schrieb Baesken, Matthias > >> : > >>> > >>> Hello , there is a similar pattern (attempt to restart close in case of EINTR) > >> in the coding as well in socket_md.c : > >>> > >>> src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-147- int rv; > >>> src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-148- do { > >>> src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-149- rv = > >> close(fd); > >>> src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c:150: } while (rv > >> == -1 && errno == EINTR); > >>> src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-151- > >>> src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-152- return rv; > >>> src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-153-} > >>> > >>> Do you think this needs adjustment (on LINUX) as well ? > >>> > >>> Best regards, Matthias > >>> > >>> > >>>> Message: 2 > >>>> Date: Thu, 28 Jun 2018 18:19:46 +0100 > >>>> From: Alan Bateman > >>>> To: David Lloyd , ivan.gerasimov at oracle.com > >>>> Cc: OpenJDK Network Dev list > >>>> Subject: Re: RFR : 8205959 : Do not restart close if errno is EINTR > >>>> Message-ID: <3fd1496f-ab83-a2d5-0699-13c8b735d70b at oracle.com> > >>>> Content-Type: text/plain; charset=utf-8; format=flowed > >>>> > >>>>> On 28/06/2018 17:35, David Lloyd wrote: > >>>>> : > >>>>> Do you (or Alan) think that this might have accounted for real-world > >>>>> connection problems? > >>>>> > >>>> In the file I/O area, with NFS I think, we had an issue a long time ago > >>>> where close was retried after EIO. That issue was fixed a long time ago > >>>> but it's one that comes to mind in this general area. > >>>> > >>>> -Alan > >>>> > >>> -- - DML From matthias.baesken at sap.com Mon Jul 2 13:44:22 2018 From: matthias.baesken at sap.com (Baesken, Matthias) Date: Mon, 2 Jul 2018 13:44:22 +0000 Subject: 8206145 : dbgsysSocketClose - do not restart close if errno is EINTR [linux] - was : RE: RFR : 8205959 : Do not restart close if errno is EINTR Message-ID: <228035d2f64c494eaefe31b07ac72083@sap.com> I created a bug and a webrev , please review . https://bugs.openjdk.java.net/browse/JDK-8206145 http://cr.openjdk.java.net/~mbaesken/webrevs/8206145/ ( The other bug where a similar issue was addressed is https://bugs.openjdk.java.net/browse/JDK-8205959 ) Best regards, Matthias > -----Original Message----- > From: Thomas St?fe [mailto:thomas.stuefe at gmail.com] > Sent: Montag, 2. Juli 2018 12:08 > To: Baesken, Matthias ; Langer, Christoph > > Cc: serviceability-dev (serviceability-dev at openjdk.java.net) dev at openjdk.java.net>; Stuefe, Thomas ; net- > dev at openjdk.java.net > Subject: Re: RFR : 8205959 : Do not restart close if errno is EINTR > > +1. Please fix this for Linux! Thanks. > > On Mon, Jul 2, 2018 at 11:03 AM, Langer, Christoph > wrote: > > Hi Matthias, > > > > forwarding to serviceability-dev, because debugging is usually discussed > there. > > > > Yes, I would think this coding should be fixed, too. Can you open a bug and > prepare a change? > > > > Thanks > > Christoph > > > >> -----Original Message----- > >> From: net-dev [mailto:net-dev-bounces at openjdk.java.net] On Behalf Of > >> Norman Maurer > >> Sent: Montag, 2. Juli 2018 10:23 > >> To: Baesken, Matthias > >> Cc: Stuefe, Thomas ; net- > dev at openjdk.java.net > >> Subject: Re: RFR : 8205959 : Do not restart close if errno is EINTR > >> > >> +1 retry a close on EINTR has most likely not the outcome you expect and > >> may even close a wrong FD if the same FD is reused already (as even if > EINTR > >> is returned it may have closed the FD) > >> > >> > Am 02.07.2018 um 10:17 schrieb Baesken, Matthias > >> : > >> > > >> > Hello , there is a similar pattern (attempt to restart close in case of > EINTR) > >> in the coding as well in socket_md.c : > >> > > >> > src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-147- int rv; > >> > src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-148- do { > >> > src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-149- rv = > >> close(fd); > >> > src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c:150: } while > (rv > >> == -1 && errno == EINTR); > >> > src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-151- > >> > src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-152- return > rv; > >> > src/jdk.jdwp.agent/unix/native/libdt_socket/socket_md.c-153-} > >> > > >> > Do you think this needs adjustment (on LINUX) as well ? > >> > > >> > Best regards, Matthias > >> > > >> > > >> >> Message: 2 > >> >> Date: Thu, 28 Jun 2018 18:19:46 +0100 > >> >> From: Alan Bateman > >> >> To: David Lloyd , > ivan.gerasimov at oracle.com > >> >> Cc: OpenJDK Network Dev list > >> >> Subject: Re: RFR : 8205959 : Do not restart close if errno is EINTR > >> >> Message-ID: <3fd1496f-ab83-a2d5-0699-13c8b735d70b at oracle.com> > >> >> Content-Type: text/plain; charset=utf-8; format=flowed > >> >> > >> >>> On 28/06/2018 17:35, David Lloyd wrote: > >> >>> : > >> >>> Do you (or Alan) think that this might have accounted for real-world > >> >>> connection problems? > >> >>> > >> >> In the file I/O area, with NFS I think, we had an issue a long time ago > >> >> where close was retried after EIO. That issue was fixed a long time ago > >> >> but it's one that comes to mind in this general area. > >> >> > >> >> -Alan > >> >> > >> > From brian.burkhalter at oracle.com Mon Jul 2 17:21:31 2018 From: brian.burkhalter at oracle.com (Brian Burkhalter) Date: Mon, 2 Jul 2018 10:21:31 -0700 Subject: [12] 8194899: Remove unused sun.net classes Message-ID: <4A389D36-0536-4A34-9B59-8ED4706DD227@oracle.com> https://bugs.openjdk.java.net/browse/JDK-8194899 The proposed change is to remove these classes which are unused in the JDK: sun.net.NetworkServer sun.net.URLCanonicalizer Thanks, Brian From Alan.Bateman at oracle.com Mon Jul 2 17:23:17 2018 From: Alan.Bateman at oracle.com (Alan Bateman) Date: Mon, 2 Jul 2018 18:23:17 +0100 Subject: [12] 8194899: Remove unused sun.net classes In-Reply-To: <4A389D36-0536-4A34-9B59-8ED4706DD227@oracle.com> References: <4A389D36-0536-4A34-9B59-8ED4706DD227@oracle.com> Message-ID: On 02/07/2018 18:21, Brian Burkhalter wrote: > https://bugs.openjdk.java.net/browse/JDK-8194899 > > The proposed change is to remove these classes which are unused in the JDK: > > sun.net.NetworkServer > sun.net.URLCanonicalizer > Should be okay, assuming the JDK builds and there aren't any tests using it. -Alan From brian.burkhalter at oracle.com Mon Jul 2 17:31:45 2018 From: brian.burkhalter at oracle.com (Brian Burkhalter) Date: Mon, 2 Jul 2018 10:31:45 -0700 Subject: [12] 8194899: Remove unused sun.net classes In-Reply-To: References: <4A389D36-0536-4A34-9B59-8ED4706DD227@oracle.com> Message-ID: <07016D10-2C24-465D-8A3B-30ECDE939ECC@oracle.com> On Jul 2, 2018, at 10:23 AM, Alan Bateman wrote: > On 02/07/2018 18:21, Brian Burkhalter wrote: >> https://bugs.openjdk.java.net/browse/JDK-8194899 >> >> The proposed change is to remove these classes which are unused in the JDK: >> >> sun.net.NetworkServer >> sun.net.URLCanonicalizer >> > Should be okay, assuming the JDK builds and there aren't any tests using it. It was fine before the 12 fork but I am going to rebuild and re-run the tests again to be sure. Thanks, Brian -------------- next part -------------- An HTML attachment was scrubbed... URL: From michael.x.mcmahon at oracle.com Wed Jul 4 09:31:24 2018 From: michael.x.mcmahon at oracle.com (Michael McMahon) Date: Wed, 04 Jul 2018 10:31:24 +0100 Subject: RFR (11): 8206001 Enable TLS1.3 by default in Http Client Message-ID: <5B3C93EC.8070208@oracle.com> Hi, Can I get the following change reviewed please for 11? It is to enable the use of TLS1.3 in the http client by default plus associated changes caused by the new implementation. http://cr.openjdk.java.net/~michaelm/8206001/webrev.01/ Thanks, Michael. From daniel.fuchs at oracle.com Wed Jul 4 15:02:13 2018 From: daniel.fuchs at oracle.com (Daniel Fuchs) Date: Wed, 4 Jul 2018 17:02:13 +0200 Subject: RFR (11): 8206001 Enable TLS1.3 by default in Http Client In-Reply-To: <5B3C93EC.8070208@oracle.com> References: <5B3C93EC.8070208@oracle.com> Message-ID: <01856a72-f72b-8868-afff-9bbfc522d774@oracle.com> Hi Michael, This looks good to me. I have tested this changeset both on jdk/jdk11 and jdk/jdk and all my results are green. I also ran tier1, tier2 and tier3 tests on jdk11. I'm glad to see that the rare intermittent failures I was seeing before this patch have now disappeared from my tests results. best regards, -- daniel On 04/07/2018 11:31, Michael McMahon wrote: > Hi, > > Can I get the following change reviewed please for 11? > > It is to enable the use of TLS1.3 in the http client by default > plus associated changes caused by the new implementation. > > http://cr.openjdk.java.net/~michaelm/8206001/webrev.01/ > > Thanks, > > Michael. From andrewluotechnologies at outlook.com Tue Jul 10 08:36:28 2018 From: andrewluotechnologies at outlook.com (Andrew Luo) Date: Tue, 10 Jul 2018 08:36:28 +0000 Subject: [PATCH] SOCK_CLOEXEC for opening sockets Message-ID: Hi, I want to propose to use SOCK_CLOEXEC when opening sockets in the OpenJDK. I ran into some issues when forking processes (in JNI/C/C++/native code) on Linux where OpenJDK had opened a socket (in Java code). The child process ends up inheriting a file descriptor to the same socket, which is not ideal in certain circumstances (for example if the Java process restarts and tries to open the socket again while the child process is still running). Of course, after forking the child process can close all those file descriptors as a workaround, but we use O_CLOEXEC when opening files, so I think it would be ideal to use the same for sockets. Just some info about the patch: 1. This is only for Linux (I don't believe SOCK_CLOEXEC exists on other platforms, I use a preprocessor guard for SOCK_CLOEXEC) 2. I try twice if the first time attempting to open the socket fails with EINVAL because it is possible that the OpenJDK was compiled on a newer kernel/with newer headers that supports SOCK_CLOEXEC but runs on a lower version kernel (not sure if this is supported by the OpenJDK project) Patch is attached below. Let me know if you want me to make some changes. (I did not add a unit test - it would probably need to be a functional test, one that involves a child process and forking, etc. Let me know if you believe this is necessary to add) Thanks, -Andrew diff -r 95c0644a1c47 src/java.base/unix/native/libnet/PlainSocketImpl.c --- a/src/java.base/unix/native/libnet/PlainSocketImpl.c Fri Jun 15 17:34:01 2018 -0700 +++ b/src/java.base/unix/native/libnet/PlainSocketImpl.c Tue Jul 10 01:30:08 2018 -0700 @@ -104,6 +104,34 @@ } /* + * Opens a socket + * On systems where supported, uses SOCK_CLOEXEC where possible + */ +static int openSocket(int domain, int type, int protocol) { +#if defined(SOCK_CLOEXEC) + int typeToUse = type | SOCK_CLOEXEC; +#else + int typeToUse = type; +#endif + + int socketFileDescriptor = socket(domain, typeToUse, protocol); +#if defined(SOCK_CLOEXEC) + if ((socketFileDescriptor == -1) && (errno = EINVAL)) { + // Attempt to open the socket without SOCK_CLOEXEC + // May have been compiled on an OS with SOCK_CLOEXEC supported + // But runtime system might not have SOCK_CLOEXEC support + socketFileDescriptor = socket(domain, type, protocol); + } +#else + // Best effort + // Return value is intentionally ignored since socket was successfully opened anyways + fcntl(socketFileDescriptor, F_SETFD, FD_CLOEXEC); +#endif + + return socketFileDescriptor; +} + +/* * The initroto function is called whenever PlainSocketImpl is * loaded, to cache field IDs for efficiency. This is called every time * the Java class is loaded. @@ -178,7 +206,8 @@ return; } - if ((fd = socket(domain, type, 0)) == -1) { + + if ((fd = openSocket(domain, type, 0)) == -1) { /* note: if you run out of fds, you may not be able to load * the exception class, and get a NoClassDefFoundError * instead. -------------- next part -------------- An HTML attachment was scrubbed... URL: From martinrb at google.com Tue Jul 10 16:40:58 2018 From: martinrb at google.com (Martin Buchholz) Date: Tue, 10 Jul 2018 09:40:58 -0700 Subject: [PATCH] SOCK_CLOEXEC for opening sockets In-Reply-To: References: Message-ID: I agree with this approach - it parallels the efforts made with O_CLOEXEC in past years. According to https://www.freebsd.org/cgi/man.cgi?query=socket&sektion=2 SOCK_CLOEXEC is also available on freebsd. On Tue, Jul 10, 2018 at 1:36 AM, Andrew Luo < andrewluotechnologies at outlook.com> wrote: > Hi, > > > > I want to propose to use SOCK_CLOEXEC when opening sockets in the > OpenJDK. I ran into some issues when forking processes (in > JNI/C/C++/native code) on Linux where OpenJDK had opened a socket (in Java > code). The child process ends up inheriting a file descriptor to the same > socket, which is not ideal in certain circumstances (for example if the > Java process restarts and tries to open the socket again while the child > process is still running). Of course, after forking the child process can > close all those file descriptors as a workaround, but we use O_CLOEXEC when > opening files, so I think it would be ideal to use the same for sockets. > > > > Just some info about the patch: > > > > 1. This is only for Linux (I don?t believe SOCK_CLOEXEC exists on > other platforms, I use a preprocessor guard for SOCK_CLOEXEC) > > 2. I try twice if the first time attempting to open the socket > fails with EINVAL because it is possible that the OpenJDK was compiled on a > newer kernel/with newer headers that supports SOCK_CLOEXEC but runs on a > lower version kernel (not sure if this is supported by the OpenJDK project) > > > > Patch is attached below. Let me know if you want me to make some changes. > > > > (I did not add a unit test ? it would probably need to be a functional > test, one that involves a child process and forking, etc. Let me know if > you believe this is necessary to add) > > > > Thanks, > > > > -Andrew > > > > diff -r 95c0644a1c47 src/java.base/unix/native/libnet/PlainSocketImpl.c > > --- a/src/java.base/unix/native/libnet/PlainSocketImpl.c Fri Jun 15 > 17:34:01 2018 -0700 > > +++ b/src/java.base/unix/native/libnet/PlainSocketImpl.c Tue > Jul 10 01:30:08 2018 -0700 > > @@ -104,6 +104,34 @@ > > } > > /* > > + * Opens a socket > > + * On systems where supported, uses SOCK_CLOEXEC where possible > > + */ > > +static int openSocket(int domain, int type, int protocol) { > > +#if defined(SOCK_CLOEXEC) > > + int typeToUse = type | SOCK_CLOEXEC; > > +#else > > + int typeToUse = type; > > +#endif > > + > > + int socketFileDescriptor = socket(domain, typeToUse, protocol); > > +#if defined(SOCK_CLOEXEC) > > + if ((socketFileDescriptor == -1) && (errno = EINVAL)) { > > + // Attempt to open the socket without SOCK_CLOEXEC > > + // May have been compiled on an OS with SOCK_CLOEXEC supported > > + // But runtime system might not have SOCK_CLOEXEC support > > + socketFileDescriptor = socket(domain, type, protocol); > > + } > > +#else > > + // Best effort > > + // Return value is intentionally ignored since socket was > successfully opened anyways > > + fcntl(socketFileDescriptor, F_SETFD, FD_CLOEXEC); > > +#endif > > + > > + return socketFileDescriptor; > > +} > > + > > +/* > > * The initroto function is called whenever PlainSocketImpl is > > * loaded, to cache field IDs for efficiency. This is called every time > > * the Java class is loaded. > > @@ -178,7 +206,8 @@ > > return; > > } > > - if ((fd = socket(domain, type, 0)) == -1) { > > + > > + if ((fd = openSocket(domain, type, 0)) == -1) { > > /* note: if you run out of fds, you may not be able to load > > * the exception class, and get a NoClassDefFoundError > > * instead. > -------------- next part -------------- An HTML attachment was scrubbed... URL: From norman.maurer at googlemail.com Tue Jul 10 16:47:35 2018 From: norman.maurer at googlemail.com (Norman Maurer) Date: Tue, 10 Jul 2018 17:47:35 +0100 Subject: Unable to use custom SSLEngine with default TrustManagerFactory after updating to ea20 (and later) Message-ID: Hi all, I just tried to run netty[1] testsuite with the latest jdk11 EA release (21) and saw some class-cast-exception with our custom SSLEngine implementation Caused by: java.lang.ClassCastException: class io.netty.handler.ssl.OpenSslEngine cannot be cast to class sun.security.ssl.SSLEngineImpl (io.netty.handler.ssl.OpenSslEngine is in unnamed module of loader 'app'; sun.security.ssl.SSLEngineImpl is in module java.base of loader 'bootstrap') at java.base/sun.security.ssl.SSLAlgorithmConstraints.(SSLAlgorithmConstraints.java:93) at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:270) at java.base/sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:141) at io.netty.handler.ssl.ReferenceCountedOpenSslClientContext$ExtendedTrustManagerVerifyCallback.verify(ReferenceCountedOpenSslClientContext.java:237) at io.netty.handler.ssl.ReferenceCountedOpenSslContext$AbstractCertificateVerifier.verify(ReferenceCountedOpenSslContext.java:621) ... 27 more This change seems to be related to: http://hg.openjdk.java.net/jdk/jdk11/rev/68fa3d4026ea I think you miss an instanceof check here in SSLAlgorithmConstraints before try to cast to SSLEngineImpl, as otherwise it will be impossible to use custom implementations of SSLEngine (which we have in netty) with the default TrustManagerFactory. Does this sound correct ? Should I open a bug-report ? Bye Norman -------------- next part -------------- An HTML attachment was scrubbed... URL: From Alan.Bateman at oracle.com Tue Jul 10 16:54:26 2018 From: Alan.Bateman at oracle.com (Alan Bateman) Date: Tue, 10 Jul 2018 17:54:26 +0100 Subject: [PATCH] SOCK_CLOEXEC for opening sockets In-Reply-To: References:

Message-ID: <0c24795d-350e-3ac8-4417-0480b41c5c9c@oracle.com> On 10/07/2018 17:40, Martin Buchholz wrote: > I agree with this approach - it parallels the efforts made with > O_CLOEXEC in past years. > > According to > https://www.freebsd.org/cgi/man.cgi?query=socket&sektion=2 > SOCK_CLOEXEC is also available on freebsd. > This is something that doesn't come up too often, I assume because most developers using ProcessBuilder/Process rather than invoking fork from native code. If we are going to tackle this issue then it will require changes in several places, changing PlainSocketImpl.c is just one of several. -Alan -------------- next part -------------- An HTML attachment was scrubbed... URL: From norman.maurer at googlemail.com Tue Jul 10 16:55:18 2018 From: norman.maurer at googlemail.com (Norman Maurer) Date: Tue, 10 Jul 2018 17:55:18 +0100 Subject: [PATCH] SOCK_CLOEXEC for opening sockets In-Reply-To: <0c24795d-350e-3ac8-4417-0480b41c5c9c@oracle.com> References:

<0c24795d-350e-3ac8-4417-0480b41c5c9c@oracle.com> Message-ID: +1 I think this makes a lot of sense > On 10. Jul 2018, at 17:54, Alan Bateman wrote: > > On 10/07/2018 17:40, Martin Buchholz wrote: >> I agree with this approach - it parallels the efforts made with O_CLOEXEC in past years. >> >> According to >> https://www.freebsd.org/cgi/man.cgi?query=socket&sektion=2 >> SOCK_CLOEXEC is also available on freebsd. >> > This is something that doesn't come up too often, I assume because most developers using ProcessBuilder/Process rather than invoking fork from native code. > > If we are going to tackle this issue then it will require changes in several places, changing PlainSocketImpl.c is just one of several. > > -Alan -------------- next part -------------- An HTML attachment was scrubbed... URL: From andrewluotechnologies at outlook.com Wed Jul 11 06:35:38 2018 From: andrewluotechnologies at outlook.com (Andrew Luo) Date: Wed, 11 Jul 2018 06:35:38 +0000 Subject: [PATCH] SOCK_CLOEXEC for opening sockets In-Reply-To: References:

<0c24795d-350e-3ac8-4417-0480b41c5c9c@oracle.com> Message-ID: I agree, I wasn't aware of the other uses of ::socket in the libnet codebase. Thus, I've added a new common function, NET_SocketOpen that can be used by all the source files in libnet and revised my patch: diff -r 95c0644a1c47 src/java.base/unix/native/libnet/Inet4AddressImpl.c --- a/src/java.base/unix/native/libnet/Inet4AddressImpl.c Fri Jun 15 17:34:01 2018 -0700 +++ b/src/java.base/unix/native/libnet/Inet4AddressImpl.c Tue Jul 10 23:32:21 2018 -0700 @@ -264,7 +264,7 @@ int connect_rv = -1; // open a TCP socket - fd = socket(AF_INET, SOCK_STREAM, 0); + fd = NET_SocketOpen(AF_INET, SOCK_STREAM, 0); if (fd == -1) { // note: if you run out of fds, you may not be able to load // the exception class, and get a NoClassDefFoundError instead. @@ -503,7 +503,7 @@ // Let's try to create a RAW socket to send ICMP packets. // This usually requires "root" privileges, so it's likely to fail. - fd = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP); + fd = NET_SocketOpen(AF_INET, SOCK_RAW, IPPROTO_ICMP); if (fd == -1) { return tcp_ping4(env, &sa, netif, timeout, ttl); } else { diff -r 95c0644a1c47 src/java.base/unix/native/libnet/Inet6AddressImpl.c --- a/src/java.base/unix/native/libnet/Inet6AddressImpl.c Fri Jun 15 17:34:01 2018 -0700 +++ b/src/java.base/unix/native/libnet/Inet6AddressImpl.c Tue Jul 10 23:32:21 2018 -0700 @@ -461,7 +461,7 @@ int connect_rv = -1; // open a TCP socket - fd = socket(AF_INET6, SOCK_STREAM, 0); + fd = NET_SocketOpen(AF_INET6, SOCK_STREAM, 0); if (fd == -1) { // note: if you run out of fds, you may not be able to load // the exception class, and get a NoClassDefFoundError instead. @@ -711,7 +711,7 @@ // Let's try to create a RAW socket to send ICMP packets. // This usually requires "root" privileges, so it's likely to fail. - fd = socket(AF_INET6, SOCK_RAW, IPPROTO_ICMPV6); + fd = NET_SocketOpen(AF_INET6, SOCK_RAW, IPPROTO_ICMPV6); if (fd == -1) { return tcp_ping6(env, &sa, netif, timeout, ttl); } else { diff -r 95c0644a1c47 src/java.base/unix/native/libnet/NetworkInterface.c --- a/src/java.base/unix/native/libnet/NetworkInterface.c Fri Jun 15 17:34:01 2018 -0700 +++ b/src/java.base/unix/native/libnet/NetworkInterface.c Tue Jul 10 23:32:21 2018 -0700 @@ -1055,7 +1055,7 @@ static int openSocket(JNIEnv *env, int proto) { int sock; - if ((sock = socket(proto, SOCK_DGRAM, 0)) < 0) { + if ((sock = NET_SocketOpen(proto, SOCK_DGRAM, 0)) < 0) { // If EPROTONOSUPPORT is returned it means we don't have // support for this proto so don't throw an exception. if (errno != EPROTONOSUPPORT) { @@ -1078,9 +1078,9 @@ static int openSocketWithFallback(JNIEnv *env, const char *ifname) { int sock; - if ((sock = socket(AF_INET, SOCK_DGRAM, 0)) < 0) { + if ((sock = NET_SocketOpen(AF_INET, SOCK_DGRAM, 0)) < 0) { if (errno == EPROTONOSUPPORT) { - if ((sock = socket(AF_INET6, SOCK_DGRAM, 0)) < 0) { + if ((sock = NET_SocketOpen(AF_INET6, SOCK_DGRAM, 0)) < 0) { JNU_ThrowByNameWithMessageAndLastError (env, JNU_JAVANETPKG "SocketException", "IPV6 Socket creation failed"); return -1; @@ -1315,9 +1315,9 @@ static int openSocketWithFallback(JNIEnv *env, const char *ifname) { int sock; - if ((sock = socket(AF_INET, SOCK_DGRAM, 0)) < 0) { + if ((sock = NET_SocketOpen(AF_INET, SOCK_DGRAM, 0)) < 0) { if (errno == EPROTONOSUPPORT) { - if ((sock = socket(AF_INET6, SOCK_DGRAM, 0)) < 0) { + if ((sock = NET_SocketOpen(AF_INET6, SOCK_DGRAM, 0)) < 0) { JNU_ThrowByNameWithMessageAndLastError (env, JNU_JAVANETPKG "SocketException", "IPV6 Socket creation failed"); return -1; @@ -1590,9 +1590,9 @@ int sock, alreadyV6 = 0; struct lifreq if2; - if ((sock = socket(AF_INET, SOCK_DGRAM, 0)) < 0) { + if ((sock = NET_SocketOpen(AF_INET, SOCK_DGRAM, 0)) < 0) { if (errno == EPROTONOSUPPORT) { - if ((sock = socket(AF_INET6, SOCK_DGRAM, 0)) < 0) { + if ((sock = NET_SocketOpen(AF_INET6, SOCK_DGRAM, 0)) < 0) { JNU_ThrowByNameWithMessageAndLastError (env, JNU_JAVANETPKG "SocketException", "IPV6 Socket creation failed"); return -1; @@ -1616,7 +1616,7 @@ strncpy(if2.lifr_name, ifname, sizeof(if2.lifr_name) - 1); if (ioctl(sock, SIOCGLIFNETMASK, (char *)&if2) < 0) { close(sock); - if ((sock = socket(AF_INET6, SOCK_DGRAM, 0)) < 0) { + if ((sock = NET_SocketOpen(AF_INET6, SOCK_DGRAM, 0)) < 0) { JNU_ThrowByNameWithMessageAndLastError (env, JNU_JAVANETPKG "SocketException", "IPV6 Socket creation failed"); return -1; @@ -1941,9 +1941,9 @@ static int openSocketWithFallback(JNIEnv *env, const char *ifname) { int sock; - if ((sock = socket(AF_INET, SOCK_DGRAM, 0)) < 0) { + if ((sock = NET_SocketOpen(AF_INET, SOCK_DGRAM, 0)) < 0) { if (errno == EPROTONOSUPPORT) { - if ((sock = socket(AF_INET6, SOCK_DGRAM, 0)) < 0) { + if ((sock = NET_SocketOpen(AF_INET6, SOCK_DGRAM, 0)) < 0) { JNU_ThrowByNameWithMessageAndLastError (env, JNU_JAVANETPKG "SocketException", "IPV6 Socket creation failed"); return -1; diff -r 95c0644a1c47 src/java.base/unix/native/libnet/PlainSocketImpl.c --- a/src/java.base/unix/native/libnet/PlainSocketImpl.c Fri Jun 15 17:34:01 2018 -0700 +++ b/src/java.base/unix/native/libnet/PlainSocketImpl.c Tue Jul 10 23:32:21 2018 -0700 @@ -178,7 +178,7 @@ return; } - if ((fd = socket(domain, type, 0)) == -1) { + if ((fd = NET_SocketOpen(domain, type, 0)) == -1) { /* note: if you run out of fds, you may not be able to load * the exception class, and get a NoClassDefFoundError * instead. diff -r 95c0644a1c47 src/java.base/unix/native/libnet/SdpSupport.c --- a/src/java.base/unix/native/libnet/SdpSupport.c Fri Jun 15 17:34:01 2018 -0700 +++ b/src/java.base/unix/native/libnet/SdpSupport.c Tue Jul 10 23:32:21 2018 -0700 @@ -57,7 +57,7 @@ #if defined(__solaris__) int domain = ipv6_available() ? AF_INET6 : AF_INET; - s = socket(domain, SOCK_STREAM, PROTO_SDP); + s = NET_SocketOpen(domain, SOCK_STREAM, PROTO_SDP); #elif defined(__linux__) /** * IPv6 not supported by SDP on Linux @@ -66,7 +66,7 @@ JNU_ThrowIOException(env, "IPv6 not supported"); return -1; } - s = socket(AF_INET_SDP, SOCK_STREAM, 0); + s = NET_SocketOpen(AF_INET_SDP, SOCK_STREAM, 0); #else /* not supported on other platforms at this time */ s = -1; diff -r 95c0644a1c47 src/java.base/unix/native/libnet/net_util_md.c --- a/src/java.base/unix/native/libnet/net_util_md.c Fri Jun 15 17:34:01 2018 -0700 +++ b/src/java.base/unix/native/libnet/net_util_md.c Tue Jul 10 23:32:21 2018 -0700 @@ -117,6 +117,34 @@ return defaultIndex; } +/* + * Opens a socket + * On systems where supported, uses SOCK_CLOEXEC where possible + */ +int NET_SocketOpen(int domain, int type, int protocol) { +#if defined(SOCK_CLOEXEC) + int typeToUse = type | SOCK_CLOEXEC; +#else + int typeToUse = type; +#endif + + int socketFileDescriptor = socket(domain, typeToUse, protocol); +#if defined(SOCK_CLOEXEC) + if ((socketFileDescriptor == -1) && (errno = EINVAL)) { + // Attempt to open the socket without SOCK_CLOEXEC + // May have been compiled on an OS with SOCK_CLOEXEC supported + // But runtime system might not have SOCK_CLOEXEC support + socketFileDescriptor = socket(domain, type, protocol); + } +#else + // Best effort + // Return value is intentionally ignored since socket was successfully opened anyways + fcntl(socketFileDescriptor, F_SETFD, FD_CLOEXEC); +#endif + + return socketFileDescriptor; +} + #define RESTARTABLE(_cmd, _result) do { \ do { \ _result = _cmd; \ @@ -295,7 +323,7 @@ SOCKETADDRESS sa; socklen_t sa_len = sizeof(SOCKETADDRESS); - fd = socket(AF_INET6, SOCK_STREAM, 0) ; + fd = NET_SocketOpen(AF_INET6, SOCK_STREAM, 0) ; if (fd < 0) { /* * TODO: We really cant tell since it may be an unrelated error @@ -402,7 +430,7 @@ /* Do a simple dummy call, and try to figure out from that */ int one = 1; int rv, s; - s = socket(PF_INET, SOCK_STREAM, 0); + s = NET_SocketOpen(PF_INET, SOCK_STREAM, 0); if (s < 0) { return JNI_FALSE; } diff -r 95c0644a1c47 src/java.base/unix/native/libnet/net_util_md.h --- a/src/java.base/unix/native/libnet/net_util_md.h Fri Jun 15 17:34:01 2018 -0700 +++ b/src/java.base/unix/native/libnet/net_util_md.h Tue Jul 10 23:32:21 2018 -0700 @@ -89,6 +89,7 @@ int NET_Writev(int s, const struct iovec * vector, int count); int NET_Connect(int s, struct sockaddr *addr, int addrlen); int NET_Accept(int s, struct sockaddr *addr, socklen_t *addrlen); +int NET_SocketOpen(int domain, int type, int protocol); int NET_SocketClose(int s); int NET_Dup2(int oldfd, int newfd); int NET_Poll(struct pollfd *ufds, unsigned int nfds, int timeout); From: Norman Maurer Sent: Tuesday, July 10, 2018 9:55 AM To: Alan Bateman Cc: Martin Buchholz ; Andrew Luo ; net-dev at openjdk.java.net Subject: Re: [PATCH] SOCK_CLOEXEC for opening sockets +1 I think this makes a lot of sense On 10. Jul 2018, at 17:54, Alan Bateman > wrote: On 10/07/2018 17:40, Martin Buchholz wrote: I agree with this approach - it parallels the efforts made with O_CLOEXEC in past years. According to https://www.freebsd.org/cgi/man.cgi?query=socket&sektion=2 SOCK_CLOEXEC is also available on freebsd. This is something that doesn't come up too often, I assume because most developers using ProcessBuilder/Process rather than invoking fork from native code. If we are going to tackle this issue then it will require changes in several places, changing PlainSocketImpl.c is just one of several. -Alan -------------- next part -------------- An HTML attachment was scrubbed... URL: From Alan.Bateman at oracle.com Wed Jul 11 07:11:48 2018 From: Alan.Bateman at oracle.com (Alan Bateman) Date: Wed, 11 Jul 2018 08:11:48 +0100 Subject: [PATCH] SOCK_CLOEXEC for opening sockets In-Reply-To: References:

<0c24795d-350e-3ac8-4417-0480b41c5c9c@oracle.com> Message-ID: This seems to cover the sockets created in libnet but there is also a usage in libnio that will need update. It might be cleaner to name it NET_Socket to be consistent with the other wrappers (NET_Bind, NET_SetSocketOpt, etc.). There are a lot of other file descriptors that you may run into. We use socketpair in a few places, we have file descriptors for epoll and more. It makes me wonder if it would be better to use FD_CLOEXEC consistently. In the Windows port then you'll see that we change the inheritance flag on all newly created SOCKETs, that is because is because we don't have the same opportunity to close inherited handles in the child process that we do on Unix platforms. -Alan On 11/07/2018 07:35, Andrew Luo wrote: > > I agree, I wasn?t aware of the other uses of ::socket in the libnet > codebase.? Thus, I?ve added a new common function, NET_SocketOpen that > can be used by all the source files in libnet and revised my patch: > > diff -r 95c0644a1c47 src/java.base/unix/native/libnet/Inet4AddressImpl.c > > --- a/src/java.base/unix/native/libnet/Inet4AddressImpl.c???????????? > Fri Jun 15 17:34:01 2018 -0700 > > +++ b/src/java.base/unix/native/libnet/Inet4AddressImpl.c????????? Tue > Jul 10 23:32:21 2018 -0700 > > @@ -264,7 +264,7 @@ > > ?int connect_rv = -1; > > ?????// open a TCP socket > > - fd = socket(AF_INET, SOCK_STREAM, 0); > > + fd = NET_SocketOpen(AF_INET, SOCK_STREAM, 0); > > if (fd == -1) { > > // note: if you run out of fds, you may not be able to load > > // the exception class, and get a NoClassDefFoundError instead. > > @@ -503,7 +503,7 @@ > > ?????// Let's try to create a RAW socket to send ICMP packets. > > // This usually requires "root" privileges, so it's likely to fail. > > - fd = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP); > > + fd = NET_SocketOpen(AF_INET, SOCK_RAW, IPPROTO_ICMP); > > if (fd == -1) { > > return tcp_ping4(env, &sa, netif, timeout, ttl); > > } else { > > diff -r 95c0644a1c47 src/java.base/unix/native/libnet/Inet6AddressImpl.c > > --- a/src/java.base/unix/native/libnet/Inet6AddressImpl.c???????????? > Fri Jun 15 17:34:01 2018 -0700 > > +++ b/src/java.base/unix/native/libnet/Inet6AddressImpl.c????????? Tue > Jul 10 23:32:21 2018 -0700 > > @@ -461,7 +461,7 @@ > > int connect_rv = -1; > > ?????// open a TCP socket > > - ?fd = socket(AF_INET6, SOCK_STREAM, 0); > > + fd = NET_SocketOpen(AF_INET6, SOCK_STREAM, 0); > > if (fd == -1) { > > // note: if you run out of fds, you may not be able to load > > // the exception class, and get a NoClassDefFoundError instead. > > @@ -711,7 +711,7 @@ > > ?????// Let's try to create a RAW socket to send ICMP packets. > > // This usually requires "root" privileges, so it's likely to fail. > > - fd = socket(AF_INET6, SOCK_RAW, IPPROTO_ICMPV6); > > + fd = NET_SocketOpen(AF_INET6, SOCK_RAW, IPPROTO_ICMPV6); > > if (fd == -1) { > > return tcp_ping6(env, &sa, netif, timeout, ttl); > > } else { > > diff -r 95c0644a1c47 src/java.base/unix/native/libnet/NetworkInterface.c > > --- a/src/java.base/unix/native/libnet/NetworkInterface.c???????????? > Fri Jun 15 17:34:01 2018 -0700 > > +++ b/src/java.base/unix/native/libnet/NetworkInterface.c????????? Tue > Jul 10 23:32:21 2018 -0700 > > @@ -1055,7 +1055,7 @@ > > static int openSocket(JNIEnv *env, int proto) { > > int sock; > > - if ((sock = socket(proto, SOCK_DGRAM, 0)) < 0) { > > + if ((sock = NET_SocketOpen(proto, SOCK_DGRAM, 0)) < 0) { > > // If EPROTONOSUPPORT is returned it means we don't have > > // support for this proto so don't throw an exception. > > if (errno != EPROTONOSUPPORT) { > > @@ -1078,9 +1078,9 @@ > > static int openSocketWithFallback(JNIEnv *env, const char *ifname) { > > int sock; > > - if ((sock = socket(AF_INET, SOCK_DGRAM, 0)) < 0) { > > + if ((sock = NET_SocketOpen(AF_INET, SOCK_DGRAM, 0)) < 0) { > > if (errno == EPROTONOSUPPORT) { > > - ????if ((sock = socket(AF_INET6, SOCK_DGRAM, 0)) < 0) { > > + if ((sock = NET_SocketOpen(AF_INET6, SOCK_DGRAM, 0)) < 0) { > > JNU_ThrowByNameWithMessageAndLastError > > (env, JNU_JAVANETPKG "SocketException", "IPV6 Socket creation failed"); > > return -1; > > @@ -1315,9 +1315,9 @@ > > static int openSocketWithFallback(JNIEnv *env, const char *ifname) { > > int sock; > > - if ((sock = socket(AF_INET, SOCK_DGRAM, 0)) < 0) { > > + if ((sock = NET_SocketOpen(AF_INET, SOCK_DGRAM, 0)) < 0) { > > if (errno == EPROTONOSUPPORT) { > > - if ((sock = socket(AF_INET6, SOCK_DGRAM, 0)) < 0) { > > + if ((sock = NET_SocketOpen(AF_INET6, SOCK_DGRAM, 0)) < 0) { > > JNU_ThrowByNameWithMessageAndLastError > > (env, JNU_JAVANETPKG "SocketException", "IPV6 Socket creation failed"); > > return -1; > > @@ -1590,9 +1590,9 @@ > > int sock, alreadyV6 = 0; > > struct lifreq if2; > > - if ((sock = socket(AF_INET, SOCK_DGRAM, 0)) < 0) { > > + if ((sock = NET_SocketOpen(AF_INET, SOCK_DGRAM, 0)) < 0) { > > if (errno == EPROTONOSUPPORT) { > > - if ((sock = socket(AF_INET6, SOCK_DGRAM, 0)) < 0) { > > + if ((sock = NET_SocketOpen(AF_INET6, SOCK_DGRAM, 0)) < 0) { > > JNU_ThrowByNameWithMessageAndLastError > > (env, JNU_JAVANETPKG "SocketException", "IPV6 Socket creation failed"); > > return -1; > > @@ -1616,7 +1616,7 @@ > > strncpy(if2.lifr_name, ifname, sizeof(if2.lifr_name) - 1); > > if (ioctl(sock, SIOCGLIFNETMASK, (char *)&if2) < 0) { > > close(sock); > > - if ((sock = socket(AF_INET6, SOCK_DGRAM, 0)) < 0) { > > + if ((sock = NET_SocketOpen(AF_INET6, SOCK_DGRAM, 0)) < 0) { > > JNU_ThrowByNameWithMessageAndLastError > > (env, JNU_JAVANETPKG "SocketException", "IPV6 Socket creation failed"); > > return -1; > > @@ -1941,9 +1941,9 @@ > > static int openSocketWithFallback(JNIEnv *env, const char *ifname) { > > int sock; > > - if ((sock = socket(AF_INET, SOCK_DGRAM, 0)) < 0) { > > + if ((sock = NET_SocketOpen(AF_INET, SOCK_DGRAM, 0)) < 0) { > > if (errno == EPROTONOSUPPORT) { > > - if ((sock = socket(AF_INET6, SOCK_DGRAM, 0)) < 0) { > > + if ((sock = NET_SocketOpen(AF_INET6, SOCK_DGRAM, 0)) < 0) { > > JNU_ThrowByNameWithMessageAndLastError > > (env, JNU_JAVANETPKG "SocketException", "IPV6 Socket creation failed"); > > return -1; > > diff -r 95c0644a1c47 src/java.base/unix/native/libnet/PlainSocketImpl.c > > --- a/src/java.base/unix/native/libnet/PlainSocketImpl.c Fri Jun 15 > 17:34:01 2018 -0700 > > +++ b/src/java.base/unix/native/libnet/PlainSocketImpl.c???????????? > Tue Jul 10 23:32:21 2018 -0700 > > @@ -178,7 +178,7 @@ > > return; > > } > > - if ((fd = socket(domain, type, 0)) == -1) { > > + if ((fd = NET_SocketOpen(domain, type, 0)) == -1) { > > /* note: if you run out of fds, you may not be able to load > > * the exception class, and get a NoClassDefFoundError > > * instead. > > diff -r 95c0644a1c47 src/java.base/unix/native/libnet/SdpSupport.c > > --- a/src/java.base/unix/native/libnet/SdpSupport.c???????? Fri Jun 15 > 17:34:01 2018 -0700 > > +++ b/src/java.base/unix/native/libnet/SdpSupport.c????? Tue Jul 10 > 23:32:21 2018 -0700 > > @@ -57,7 +57,7 @@ > > ?#if defined(__solaris__) > > int domain = ipv6_available() ? AF_INET6 : AF_INET; > > - s = socket(domain, SOCK_STREAM, PROTO_SDP); > > + s = NET_SocketOpen(domain, SOCK_STREAM, PROTO_SDP); > > #elif defined(__linux__) > > /** > > * IPv6 not supported by SDP on Linux > > @@ -66,7 +66,7 @@ > > JNU_ThrowIOException(env, "IPv6 not supported"); > > return -1; > > } > > - s = socket(AF_INET_SDP, SOCK_STREAM, 0); > > + s = NET_SocketOpen(AF_INET_SDP, SOCK_STREAM, 0); > > #else > > /* not supported on other platforms at this time */ > > s = -1; > > diff -r 95c0644a1c47 src/java.base/unix/native/libnet/net_util_md.c > > --- a/src/java.base/unix/native/libnet/net_util_md.c?????? Fri Jun 15 > 17:34:01 2018 -0700 > > +++ b/src/java.base/unix/native/libnet/net_util_md.c??? Tue Jul 10 > 23:32:21 2018 -0700 > > @@ -117,6 +117,34 @@ > > return defaultIndex; > > } > > +/* > > + * Opens a socket > > + * On systems where supported, uses SOCK_CLOEXEC where possible > > + */ > > +int NET_SocketOpen(int domain, int type, int protocol) { > > +#if defined(SOCK_CLOEXEC) > > + int typeToUse = type | SOCK_CLOEXEC; > > +#else > > + int typeToUse = type; > > +#endif > > + > > + int socketFileDescriptor = socket(domain, typeToUse, protocol); > > +#if defined(SOCK_CLOEXEC) > > + if ((socketFileDescriptor == -1) && (errno = EINVAL)) { > > + // Attempt to open the socket without SOCK_CLOEXEC > > + // May have been compiled on an OS with SOCK_CLOEXEC supported > > + // But runtime system might not have SOCK_CLOEXEC support > > + socketFileDescriptor = socket(domain, type, protocol); > > + } > > +#else > > + // Best effort > > + // Return value is intentionally ignored since socket was > successfully opened anyways > > + fcntl(socketFileDescriptor, F_SETFD, FD_CLOEXEC); > > +#endif > > + > > + return socketFileDescriptor; > > +} > > + > > #define RESTARTABLE(_cmd, _result) do { \ > > do { \ > > _result = _cmd; \ > > @@ -295,7 +323,7 @@ > > SOCKETADDRESS sa; > > socklen_t sa_len = sizeof(SOCKETADDRESS); > > - fd = socket(AF_INET6, SOCK_STREAM, 0) ; > > + fd = NET_SocketOpen(AF_INET6, SOCK_STREAM, 0) ; > > if (fd < 0) { > > /* > > *? TODO: We really cant tell since it may be an unrelated error > > @@ -402,7 +430,7 @@ > > /* Do a simple dummy call, and try to figure out from that */ > > int one = 1; > > int rv, s; > > - s = socket(PF_INET, SOCK_STREAM, 0); > > + s = NET_SocketOpen(PF_INET, SOCK_STREAM, 0); > > if (s < 0) { > > return JNI_FALSE; > > } > > diff -r 95c0644a1c47 src/java.base/unix/native/libnet/net_util_md.h > > --- a/src/java.base/unix/native/libnet/net_util_md.h?????? Fri Jun 15 > 17:34:01 2018 -0700 > > +++ b/src/java.base/unix/native/libnet/net_util_md.h??? Tue Jul 10 > 23:32:21 2018 -0700 > > @@ -89,6 +89,7 @@ > > int NET_Writev(int s, const struct iovec * vector, int count); > > int NET_Connect(int s, struct sockaddr *addr, int addrlen); > > int NET_Accept(int s, struct sockaddr *addr, socklen_t *addrlen); > > +int NET_SocketOpen(int domain, int type, int protocol); > > int NET_SocketClose(int s); > > int NET_Dup2(int oldfd, int newfd); > > int NET_Poll(struct pollfd *ufds, unsigned int nfds, int timeout); > > *From:*Norman Maurer > *Sent:* Tuesday, July 10, 2018 9:55 AM > *To:* Alan Bateman > *Cc:* Martin Buchholz ; Andrew Luo > ; net-dev at openjdk.java.net > *Subject:* Re: [PATCH] SOCK_CLOEXEC for opening sockets > > +1 I think this makes a lot of sense > > > > On 10. Jul 2018, at 17:54, Alan Bateman > wrote: > > On 10/07/2018 17:40, Martin Buchholz wrote: > > I agree with this approach - it parallels the efforts made > with O_CLOEXEC in past years. > > > > According to > > https://www.freebsd.org/cgi/man.cgi?query=socket&sektion=2 > > SOCK_CLOEXEC is also available on freebsd. > > This is something that doesn't come up too often, I assume because > most developers using ProcessBuilder/Process rather than invoking > fork from native code. > > If we are going to tackle this issue then it will require changes > in several places, changing PlainSocketImpl.c is just one of several. > > -Alan > -------------- next part -------------- An HTML attachment was scrubbed... URL: From andrewluotechnologies at outlook.com Wed Jul 11 08:47:12 2018 From: andrewluotechnologies at outlook.com (Andrew Luo) Date: Wed, 11 Jul 2018 08:47:12 +0000 Subject: [PATCH] SOCK_CLOEXEC for opening sockets In-Reply-To: References: