Tomcat NioEndpoint - Error running socket processor

Question

In a Spring Boot production app, the following exception is occasionally thrown:

o.a.t.u.n.NioEndpoint : Error running socket processor

java.util.NoSuchElementException: No value present
        at java.util.Optional.get(Optional.java:148) ~[?:?]
        at sun.security.ssl.ServerHello$T13ServerHelloProducer.produce(ServerHello.java:547) ~[?:?]
        at sun.security.ssl.SSLHandshake.produce(SSLHandshake.java:436) ~[?:?]
        at sun.security.ssl.ClientHello$T13ClientHelloConsumer.goServerHello(ClientHello.java:1234) ~[?:?]
        at sun.security.ssl.ClientHello$T13ClientHelloConsumer.consume(ClientHello.java:1170) ~[?:?]
        at sun.security.ssl.ClientHello$ClientHelloConsumer.onClientHello(ClientHello.java:852) ~[?:?]
        at sun.security.ssl.ClientHello$ClientHelloConsumer.consume(ClientHello.java:813) ~[?:?]
        at sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392) ~[?:?]
        at sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:443) ~[?:?]
        at sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1061) ~[?:?]
        at sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1048) ~[?:?]
        at java.security.AccessController.doPrivileged(Native Method) ~[?:?]
        at sun.security.ssl.SSLEngineImpl$DelegatedTask.run(SSLEngineImpl.java:995) ~[?:?]
        at org.apache.tomcat.util.net.SecureNioChannel.tasks(SecureNioChannel.java:443) ~[tomcat-embed-core-9.0.31.jar!/:9.0.31]
        at org.apache.tomcat.util.net.SecureNioChannel.handshakeUnwrap(SecureNioChannel.java:507) ~[tomcat-embed-core-9.0.31.jar!/:9.0.31]
        at org.apache.tomcat.util.net.SecureNioChannel.handshake(SecureNioChannel.java:238) ~[tomcat-embed-core-9.0.31.jar!/:9.0.31]
        at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1616) [tomcat-embed-core-9.0.31.jar!/:9.0.31]
        at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) [tomcat-embed-core-9.0.31.jar!/:9.0.31]
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) [?:?]
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) [?:?]
        at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-embed-core-9.0.31.jar!/:9.0.31]
        at java.lang.Thread.run(Thread.java:834) [?:?]

It is hard to tell what causes the exception, as there are no logs before or after by the same thread. Looking at the stack-trace, it might occur before any custom request pre-processing code is reached, during the SSL handshake, which might be the reason there are no logs before. (Production application is currently logging on level TRACE.)

What could be the cause and how to fix it?

Spring Boot version: 2.2.5.RELEASE

EDIT:

I recently encountered a very similar case, but the stacktrace is quite different:

o.a.t.u.n.NioEndpoint : Error running socket processor

java.lang.NullPointerException: null
        at sun.security.ssl.HKDF.extract(HKDF.java:93) ~[?:?]
        at sun.security.ssl.HKDF.extract(HKDF.java:119) ~[?:?]
        at sun.security.ssl.ServerHello.setUpPskKD(ServerHello.java:1167) ~[?:?]
        at sun.security.ssl.ServerHello$T13ServerHelloProducer.produce(ServerHello.java:545) ~[?:?]
        at sun.security.ssl.SSLHandshake.produce(SSLHandshake.java:436) ~[?:?]
        at sun.security.ssl.ClientHello$T13ClientHelloConsumer.goServerHello(ClientHello.java:1234) ~[?:?]
        at sun.security.ssl.ClientHello$T13ClientHelloConsumer.consume(ClientHello.java:1170) ~[?:?]
        at sun.security.ssl.ClientHello$ClientHelloConsumer.onClientHello(ClientHello.java:852) ~[?:?]
        at sun.security.ssl.ClientHello$ClientHelloConsumer.consume(ClientHello.java:813) ~[?:?]
        at sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392) ~[?:?]
        at sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:444) ~[?:?]
        at sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1061) ~[?:?]
        at sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1048) ~[?:?]
        at java.security.AccessController.doPrivileged(Native Method) ~[?:?]
        at sun.security.ssl.SSLEngineImpl$DelegatedTask.run(SSLEngineImpl.java:995) ~[?:?]
        at org.apache.tomcat.util.net.SecureNioChannel.tasks(SecureNioChannel.java:443) ~[tomcat-embed-core-9.0.31.jar!/:9.0.31]
        at org.apache.tomcat.util.net.SecureNioChannel.handshakeUnwrap(SecureNioChannel.java:507) ~[tomcat-embed-core-9.0.31.jar!/:9.0.31]
        at org.apache.tomcat.util.net.SecureNioChannel.handshake(SecureNioChannel.java:238) ~[tomcat-embed-core-9.0.31.jar!/:9.0.31]
        at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1616) [tomcat-embed-core-9.0.31.jar!/:9.0.31]
        at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) [tomcat-embed-core-9.0.31.jar!/:9.0.31]
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) [?:?]
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) [?:?]
        at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-embed-core-9.0.31.jar!/:9.0.31]
        at java.lang.Thread.run(Thread.java:834) [?:?]

Answer 1

This seems to be caused by a JRE issue:

http://hg.openjdk.java.net/jdk/jdk/rev/01d8eae542ff

https://bugs.openjdk.java.net/browse/JDK-8218889

It was fixed with

• 11.0.8 b01
• 11.0.7 b04
• 8u261 b05

Are you using an affected JRE version?

As for the second issue you mentioned:

https://bugs.openjdk.java.net/browse/JDK-8241248

This is an option issue (but mentions a workaround).

Please look into both issues, try to update for addressing the first issue and see if your can apply the workaround as long as no fix is available for the second issue.