mads1980 commented on a change in pull request #246: OpenSSLEngine improvements
to guard against multiple shutdown() calls triggered by construction exception
and finalize() later
URL: https://github.com/apache/tomcat/pull/246#discussion_r381351602
##########
File path: java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
##########
@@ -141,7 +142,7 @@
private boolean handshakeFinished;
private int currentHandshake;
private boolean receivedShutdown;
- private volatile boolean destroyed;
+ private final AtomicBoolean destroyed = new AtomicBoolean(false);
Review comment:
OpenSSLContext has a very similar protection (this is were I got the idea
for this solution), but it uses AtomicInteger instead of AtomicBoolean (not
sure why, since AtomicBoolean is more semantically "readable", and both
implementations internally use a volatile int for storage, so memory usage is
the same).
Making both "networkBIO" and "ssl" final would not hurt, but it would likely
not resolve the issue either. The problem arises if an exception is thrown
within the constructor, and the JVM concurrently invokes finalize() on the same
condition. Even if the variables are final, under a failed constructor
scenario, they would not be initialized (so both would be zero while the
concurrent finalize() executes)
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
