Deadlock in SSLSocket locks Finalizer
Dmitry Neverov
Dmitry.Neverov at jetbrains.com
Wed Sep 25 18:58:07 UTC 2013
xuelei.fan at oracle.com writes:
> Does it happen in JDK 6 and previous releases? In JDK 6 and previous
> release, Oracle JSSE provider in server side may check the usability of
> ciphers and then generate dummy sockets. JDK 7 changed the behaviors.
We didn't see this happens with JDK 6. Also it seems like the problem
doesn't arise in 1.7.0_25.
> BTW, I experienced a few cases that application may cleanup SSLSocket in
> a fixed period no matter the status of the sockets, as may also kick off
> SSLSocket finalizer.
Could you please elaborate on this? Are there any bugs reports? What is
"application" your case?
BTW, our current workaround is to set SO_LINGER socket option to 0, so
Finalizer doesn't hang.
--
Dmitry Neverov
JetBrains
http://www.jetbrains.com
"Develop with pleasure!"
More information about the security-dev
mailing list