RFR: 8307185: pkcs11 native libraries make JNI calls into java code while holding GC lock [v2]
Valerie Peng
valeriep at openjdk.org
Wed Jul 19 18:03:21 UTC 2023
On Wed, 19 Jul 2023 18:03:06 GMT, Daniel Jeliński <djelinski at openjdk.org> wrote:
>> This patch fixes random deadlocks in PKCS11 decryption and encryption code.
>>
>> The deadlocks were caused by object allocation in `ckAssertReturnValueOK` waiting for GC; GC was in turn waiting for `ReleasePrimitiveArrayCritical`, which never happened.
>>
>> The fix moves the call to `ckAssertReturnValueOK` after `ReleasePrimitiveArrayCritical`.
>>
>> All tests in sun/security/pkcs11 were executed with `JTREG=JAVA_OPTIONS=-Xcheck:jni` with and without this patch.
>> Without this patch, 5 tests produced the following warning:
>>
>> Warning: Calling other JNI functions in the scope of Get/ReleasePrimitiveArrayCritical or Get/ReleaseStringCritical
>>
>> With this patch the warning was not observed.
>>
>> Tier2-3 tests are still green.
>
> Daniel Jeliński has updated the pull request incrementally with one additional commit since the last revision:
>
> Remove redundant checks
Thanks, changes look good.
-------------
Marked as reviewed by valeriep (Reviewer).
PR Review: https://git.openjdk.org/jdk/pull/14931#pullrequestreview-1537686990
More information about the security-dev
mailing list