https://bz.apache.org/bugzilla/show_bug.cgi?id=58321
Bug ID: 58321
Summary: Using non-thread-safe javax.net.ssl.SSLEngine inside
org.apache.tomcat.util.net.SecureNio2Channel without
synchronization
Product: Tomcat 8
Version: 8.0.24
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Catalina
Assignee: dev@tomcat.apache.org
Reporter: yilong...@runtimeverification.com
Reported by RV-Predict (a dynamic race detector) when running against the test
suite:
Data race on field javax.crypto.Cipher.initialized: {{{
Concurrent read in thread T46 (locks held: {})
----> at javax.crypto.Cipher.checkCipherState(Cipher.java:1749)
at javax.crypto.Cipher.update(Cipher.java:1932)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
at
org.apache.tomcat.util.net.SecureNio2Channel$3.completed(SecureNio2Channel.java:746)
at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
T46 is created by T44
at
java.util.concurrent.ThreadPoolExecutor.addWorker(ThreadPoolExecutor.java:1010)
Concurrent write in thread T55 (locks held: {})
----> at javax.crypto.Cipher.init(Cipher.java:1399)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
at
org.apache.tomcat.util.net.SecureNio2Channel$3.completed(SecureNio2Channel.java:746)
at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
T55 is created by T40
at
java.util.concurrent.ThreadPoolExecutor.addWorker(ThreadPoolExecutor.java:1010)
}}}
Data race on field javax.crypto.Cipher.opmode: {{{
Concurrent read in thread T46 (locks held: {})
----> at javax.crypto.Cipher.checkCipherState(Cipher.java:1752)
at javax.crypto.Cipher.update(Cipher.java:1932)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
at
org.apache.tomcat.util.net.SecureNio2Channel$3.completed(SecureNio2Channel.java:746)
at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
T46 is created by T44
at
java.util.concurrent.ThreadPoolExecutor.addWorker(ThreadPoolExecutor.java:1010)
Concurrent write in thread T55 (locks held: {})
----> at javax.crypto.Cipher.init(Cipher.java:1400)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
at
org.apache.tomcat.util.net.SecureNio2Channel$3.completed(SecureNio2Channel.java:746)
at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
T55 is created by T40
at
java.util.concurrent.ThreadPoolExecutor.addWorker(ThreadPoolExecutor.java:1010)
}}}
Data race on field javax.crypto.Cipher.spi: {{{
Concurrent read in thread T46 (locks held: {})
----> at javax.crypto.Cipher.chooseFirstProvider(Cipher.java:717)
at javax.crypto.Cipher.getBlockSize(Cipher.java:929)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
at
org.apache.tomcat.util.net.SecureNio2Channel$3.completed(SecureNio2Channel.java:746)
at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
T46 is created by T44
at
java.util.concurrent.ThreadPoolExecutor.addWorker(ThreadPoolExecutor.java:1010)
Concurrent write in thread T55 (locks held: {Monitor@618773ae})
----> at javax.crypto.Cipher.chooseProvider(Cipher.java:867)
- locked Monitor@618773ae at
javax.crypto.Cipher.chooseProvider(Cipher.java:825)
at javax.crypto.Cipher.init(Cipher.java:1396)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
at
org.apache.tomcat.util.net.SecureNio2Channel$3.completed(SecureNio2Channel.java:746)
at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
T55 is created by T40
at
java.util.concurrent.ThreadPoolExecutor.addWorker(ThreadPoolExecutor.java:1010)
}}}
Looks like the root cause is that SSLEngine.unwrap is called by multiple
threads concurrently? The Javadoc of SSLEngine
(http://docs.oracle.com/javase/8/docs/api/javax/net/ssl/SSLEngine.html)
mentions this situation in the Concurrency Notes section.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
