Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Potential runtime leak from X509Error$ErrorException #1532

Closed
nirvdrum opened this Issue Feb 26, 2014 · 2 comments

Comments

Projects
None yet
3 participants
@nirvdrum
Copy link
Contributor

nirvdrum commented Feb 26, 2014

I've been trying to track down a memory leak with our app in TorqueBox. A few HTTP threads seemed to be retaining an entire JRuby runtime by way of org.jruby.ext.openssl.x509store.X509Error$ErrorException. While I'm not entirely certain that's the root cause, when checking out the class I came across a commit message indicating it doesn't play well with multiple runtimes:

https://github.com/jruby/jruby/blob/jruby-1_7/ext/openssl/src/main/java/org/jruby/ext/openssl/x509store/X509Error.java#L34-L35

I'm filing the issue so as to not lose that data. @bbrowning, have you ever come across this issue?

@headius

This comment has been minimized.

Copy link
Member

headius commented Feb 26, 2014

So as you found, it isn't really a runtime leak, but because it's a static threadlocal containing references to classloader-loaded types (ErrorException objects) it could cause a thread to keep that classloader alive.

In the end it didn't appear there's any reason for these to be ErrorException objects, so I eliminated that class entirely and just made it a Map<Integer, String> for the error messages.

It's now next-to-useless, but I'm not sure what consumers are using this list of messages for.

@headius headius added this to the JRuby 1.7.12 milestone Feb 26, 2014

@headius headius added core and removed core labels Feb 26, 2014

@headius headius closed this in d3fa1ad Feb 26, 2014

@bbrowning

This comment has been minimized.

Copy link
Contributor

bbrowning commented Feb 26, 2014

@nirvdrum I haven't run across this so far in my testing, but perhaps my test apps didn't do anything with SSL and/or X509 to trigger this issue. Good catch and fix though!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.