Deadlock in SSLSocket locks Finalizer
Xuelei Fan
Xuelei.Fan at Oracle.Com
Wed Sep 25 23:22:48 UTC 2013
> On Sep 26, 2013, at 2:58 AM, Dmitry Neverov <Dmitry.Neverov at jetbrains.com> wrote:
>
> xuelei.fan at oracle.com writes:
>
>> Does it happen in JDK 6 and previous releases? In JDK 6 and previous
>> release, Oracle JSSE provider in server side may check the usability of
>> ciphers and then generate dummy sockets. JDK 7 changed the behaviors.
>
> We didn't see this happens with JDK 6. Also it seems like the problem
> doesn't arise in 1.7.0_25.
>
>> BTW, I experienced a few cases that application may cleanup SSLSocket in
>> a fixed period no matter the status of the sockets, as may also kick off
>> SSLSocket finalizer.
>
> Could you please elaborate on this? Are there any bugs reports? What is
> "application" your case?
>
I cannot remember the application name. It is not a bug in JDK, it a special design of the application.
> BTW, our current workaround is to set SO_LINGER socket option to 0, so
> Finalizer doesn't hang.
>
Cool. Btw, the deadlock fix should be available in next JDK update. You can have a try with the latest nightly build of OpenJDK 7 update and 8.
Xuelei
> --
> Dmitry Neverov
> JetBrains
> http://www.jetbrains.com
> "Develop with pleasure!"
More information about the security-dev
mailing list