[RFR] 8184328: JDK8u131 socketRead0 hang at SSL read
Xuelei Fan
Xuelei.Fan at Oracle.Com
Thu Sep 21 23:10:05 UTC 2017
> On Sep 22, 2017, at 6:06 AM, Rob McKenna <rob.mckenna at oracle.com> wrote:
>
> Thanks Xuelei, webrev below:
>
> http://cr.openjdk.java.net/~robm/8184328/webrev.02/
>
Looks fine to me.
> Presumably this won't require a CSR?
>
Agreed.
Xuelei
> -Rob
>
>> On 15/09/17 04:38, Xuelei Fan wrote:
>> I still prefer to not-depends on socket receiving timeout. But I'm fine if
>> you want to move on with it.
>>
>> As we can close the super socket in the current implementation, it implies
>> that application can handle it already. So you may not need the system
>> property and 5 times retries. I think it's fine just call fatal() for the
>> first timeout.
>>
>> Xuelei
>>
>>> On 9/15/2017 4:32 PM, Xuelei Fan wrote:
>>>> On 9/15/2017 8:22 AM, Rob McKenna wrote:
>>>> This test calls close directly. (3rd last line in the stack)
>>>>
>>>> I believe this is the only possible stack (with the new parameter) once
>>>> autoclose is set to false. If autoclose is true we'd skip the call to
>>>> waitForClose and just go directly to Socket.close() unless I'm mistaken.
>>>>
>>> I did not find the call to fatal() in the current implementation. I think
>>> you mean you added the call to fatal() in your update so that when
>>> timeout, a fatal() will always get called?
>>>
>>> Thinking about two things:
>>> 1. application have to set receiving timeout in order to get receiving
>>> timeout.
>>> I have a concern about it, as described in other comments.
>>>
>>> 2. can we close the super socket?
>>> It is a surprise to me to close super socket even we don't allocate it. It
>>> does not feel right to me, but this is the current behavior. All right, I
>>> get your point.
>>>
>>> Xuelei
>>>
>>>> -Rob
>>>>
>>>>> On 15/09/17 07:55, Xuelei Fan wrote:
>>>>>> On 9/15/2017 7:41 AM, Rob McKenna wrote:
>>>>>>> On 15/09/17 07:07, Xuelei Fan wrote:
>>>>>>>> On 9/15/2017 7:00 AM, Rob McKenna wrote:
>>>>>>>> When we call close() on the SSLSocket that calls close() on the
>>>>>>>> underlying java Socket which closes the native socket.
>>>>>>>>
>>>>>>> Sorry, I did not get the point. Please see the close()
>>>>>>> implementation of
>>>>>>> SSLSocket (sun.security.ssl.SSLSocketImpl.close()) about the details.
>>>>>>
>>>>>> Running my original test against an instrumented 8u-dev produces the
>>>>>> following:
>>>>>>
>>>>>> java.lang.Exception: Stack trace
>>>>>> at java.lang.Thread.dumpStack(Thread.java:1336)
>>>>>> at java.net.Socket.close(Socket.java:1491)
>>>>>> at
>>>>>> sun.security.ssl.BaseSSLSocketImpl.close(BaseSSLSocketImpl.java:624)
>>>>>> at
>>>>>> sun.security.ssl.SSLSocketImpl.closeSocket(SSLSocketImpl.java:1579)
>>>>>> at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1980)
>>>>>> at
>>>>>> sun.security.ssl.SSLSocketImpl.waitForClose(SSLSocketImpl.java:1793)
>>>>>> at
>>>>>> sun.security.ssl.SSLSocketImpl.closeSocket(SSLSocketImpl.java:1592)
>>>>>> at
>>>>>> sun.security.ssl.SSLSocketImpl.closeInternal(SSLSocketImpl.java:1726)
>>>>>> at sun.security.ssl.SSLSocketImpl.close(SSLSocketImpl.java:1615)
>>>>>> at ssl.SSLClient.close(SSLClient.java:143)
>>>>>> at
>>>>>> ssl.SocketTimeoutCloseHang.ReadHang.testSSLServer(ReadHang.java:77)
>>>>>>
>>>>> It is just one possible stacks of many. There are cases where no
>>>>> fatal()
>>>>> get called. For example, application call close() method directly.
>>>>>
>>>>> Xuelei
More information about the security-dev
mailing list