Integrated: 8325247: Memory leak in SessionKeyRef class def when using PKCS11 security provider
Daniel Jeliński
djelinski at openjdk.org
Tue Feb 27 07:09:49 UTC 2024
On Thu, 15 Feb 2024 11:13:17 GMT, Daniel Jeliński <djelinski at openjdk.org> wrote:
> The reported leak was caused by the death of the `Cleanup-SunPKCS11` thread. The cleanup thread in turn died because of an exception thrown from `removeNativeKey` that resulted from 2 threads executing that method at the same time.
>
> This PR adds a reachabilityFence to ensure that the key will only be enqueued for cleanup after the user thread is done with the `removeNativeKey` call.
>
> No new regression test; the issue is extremely hard to reproduce in a reasonable time. Existing tier1-3 tests continue to pass.
>
> In JBS I attached a PoC patch that changes the relative timing of operations; with that patch and without the changes from this PR I am able to reproduce the issue within a few seconds. With the changes from this PR the issue did not reproduce after 10 minutes of testing.
This pull request has now been integrated.
Changeset: ec9437db
Author: Daniel Jeliński <djelinski at openjdk.org>
URL: https://git.openjdk.org/jdk/commit/ec9437dbcc242b62e3b099dd05b129760419f025
Stats: 7 lines in 1 file changed: 5 ins; 0 del; 2 mod
8325247: Memory leak in SessionKeyRef class def when using PKCS11 security provider
Reviewed-by: valeriep
-------------
PR: https://git.openjdk.org/jdk/pull/17870
More information about the security-dev
mailing list