8349662: SSLTube SSLSubscriptionWrapper has potential races when switching subscriptions

[dfuch]

Hi,

Please find here a change that fixes a potential race condition in SSLTube.SSLSubscriptionWrapper.
Typically the race may get triggered if the demand increased by request() is not exhausted by the time
the subscription is switched by setSubscription.

Some synchronization is required to present a consistent view of the subscripton state, so that pending demand can be consistently transferred to the new the subscription.

This mostly affects HTTP/1.1 over TLS since each new exchange will cause the subscription to be switched to the new exchange. The race condition is elusive and hard to reproduce. when it occurs, it mostly causes tests to fail in jtreg timeout as the demand from upstream may not be transferred properly.

Some additional logging has been added to the DigestEchoClient.java test class (which is used by DigestEchoClientSSL) to help diagnosability of intermittent failures in these tests.

---

Progress

• Change must be properly reviewed (1 review required, with at least 1 Reviewer)
• Change must not contain extraneous whitespace
• Commit message must refer to an issue

Issue

• JDK-8349662: SSLTube SSLSubscriptionWrapper has potential races when switching subscriptions (Bug - P4)

Reviewers

• Jaikiran Pai (@jaikiran - Reviewer)

Reviewing

Using git

Checkout this PR locally:
$ git fetch https://git.openjdk.org/jdk.git pull/23515/head:pull/23515
$ git checkout pull/23515

Update a local copy of the PR:
$ git checkout pull/23515
$ git pull https://git.openjdk.org/jdk.git pull/23515/head

Using Skara CLI tools

Checkout this PR locally:
$ git pr checkout 23515

View PR using the GUI difftool:
$ git pr show -t 23515

Using diff file

Download this PR as a diff file:
https://git.openjdk.org/jdk/pull/23515.diff

Using Webrev

Link to Webrev Comment

[bridgekeeper]

👋 Welcome back dfuchs! A progress list of the required criteria for merging this PR into master will be added to the body of your pull request. There are additional pull request commands available for use with this pull request.

[openjdk]

@dfuch This change now passes all automated pre-integration checks.

ℹ️ This project also has non-automated pre-integration requirements. Please see the file CONTRIBUTING.md for details.

After integration, the commit message for the final commit will be:

8349662: SSLTube SSLSubscriptionWrapper has potential races when switching subscriptions

Reviewed-by: jpai

You can use pull request commands such as /summary, /contributor and /issue to adjust it as needed.

At the time when this comment was updated there had been 26 new commits pushed to the master branch:

• 8e85829: 8349213: G1: Clearing bitmaps during collection set merging not claimed by region
• 1a8212e: 8348678: [PPC64] C2: unaligned vector load/store is ok
• 41bdc47: 8208377: Soft hyphens render if not using TextLayout
• df654a9: 8349752: Tier1 build failure caused by JDK-8349178
• 527489c: 8349284: Make libExplicitAttach work on static JDK
• f11a737: 8349475: Test tools/javac/api/TestJavacTaskWithWarning.java writes files in src dir
• b737f7f: 8349501: Relocate supporting classes in security/testlibrary to test/lib/jdk tree
• 84b32cb: 8349178: runtime/jni/atExit/TestAtExit.java should be supported on static JDK
• ab66c82: 8349639: jfr/event/gc/detailed/TestShenandoahEvacuationInformationEvent.java fails to compile after JDK-8348610
• f74c4df: 8349580: Do not use address in MemTracker top level functions
• ... and 16 more: https://git.openjdk.org/jdk/compare/86cec4ea2c2c56f03b23be44caade49b922cd3c6...master

As there are no conflicts, your changes will automatically be rebased on top of these commits when integrating. If you prefer to avoid this automatic rebasing, please check the documentation for the /integrate command for further details.

➡️ To integrate this PR with the above commit message to the master branch, type /integrate in a new comment.

[openjdk]

@dfuch The following labels will be automatically applied to this pull request:

• net
• security

When this pull request is ready to be reviewed, an "RFR" email will be sent to the corresponding mailing lists. If you would like to change these labels, use the /label pull request command.

[dfuch]

/label remove security

[openjdk]

@dfuch
The security label was successfully removed.

[mlbridge]

Webrevs

• 01: Full - Incremental (18aaa85e)
• 00: Full (acf81c1a)

[jaikiran]

Hello Daniel, is this demand variable necessary? From what I see, we could just keep using n wherever we use demand in this method. I think that would also avoid the confusion between demanded and this demand variables that are used in this method.

[dfuch]

OK

[jaikiran]

Should this (and the other places where we are updating the request URI) use & instead of ,, for request query parameter delimiting or is this just changed for better logging (on the server side)?

[dfuch]

This is just a change so that we can better follow out what belong to which request in the logs (whether client & server). The query is not used/parsed anywhere - it's just there for better diagnosis when the test fails.

[jaikiran]

Do you think an additional error != failed check would be needed here, before calling addSuppressed() or is that not a concern here?

[dfuch]

error is a brand new AsssertionError created by the tracker. It simply can't be the same exception as failed.

[jaikiran]

You are right - I missed that error is declared and assigned just one line above this and that can only be an AssertionError.

[jaikiran]

These changes look reasonable to me.

[dfuch]

/integrate

[openjdk]

Going to push as commit 5ee44c1.
Since your change was applied there have been 27 commits pushed to the master branch:

• 964dd18: 8349515: [REDO] Framework for tracing makefile inclusion and parsing
• 8e85829: 8349213: G1: Clearing bitmaps during collection set merging not claimed by region
• 1a8212e: 8348678: [PPC64] C2: unaligned vector load/store is ok
• 41bdc47: 8208377: Soft hyphens render if not using TextLayout
• df654a9: 8349752: Tier1 build failure caused by JDK-8349178
• 527489c: 8349284: Make libExplicitAttach work on static JDK
• f11a737: 8349475: Test tools/javac/api/TestJavacTaskWithWarning.java writes files in src dir
• b737f7f: 8349501: Relocate supporting classes in security/testlibrary to test/lib/jdk tree
• 84b32cb: 8349178: runtime/jni/atExit/TestAtExit.java should be supported on static JDK
• ab66c82: 8349639: jfr/event/gc/detailed/TestShenandoahEvacuationInformationEvent.java fails to compile after JDK-8348610
• ... and 17 more: https://git.openjdk.org/jdk/compare/86cec4ea2c2c56f03b23be44caade49b922cd3c6...master

Your commit was automatically rebased without conflicts.

[openjdk]

@dfuch Pushed as commit 5ee44c1.

💡 You may see a message that your pull request was closed with unmerged commits. This can be safely ignored.