JDK-7107613 : scalability blocker in javax.crypto.CryptoPermissions
  • Type: Bug
  • Component: security-libs
  • Sub-Component: javax.crypto
  • Affected Version: 7
  • Priority: P3
  • Status: Closed
  • Resolution: Fixed
  • OS: generic
  • CPU: sparc
  • Submitted: 2011-11-02
  • Updated: 2013-09-12
  • Resolved: 2012-09-17
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 7 JDK 8
7u10Fixed 8Fixed
Description
CryptoPermissions uses Hashtable as internal collection.
Lock contention on the Hashtable broke scalability.
Patch is suggested, where ConcurrentHashMap is used.
The attached webrev.zip contain suggested patch.

Gives +12% to SPECjbb2012(encrypted transport) on T4-4.

Comments
There is a chain of bug fixes: JDK-7107611, JDK-7107613, JDK-7107615, JDK-7107616. Performance will get better only if all these bugs are fixed. Close/Unverified.
11-07-2013

Pavel, why no-need-test? It even has related issue for test development. I will update the label for now
18-01-2013

SQE/OK for accepting this fix
03-10-2012

**may be necessary for SPECjbb2012 numbers.
30-09-2012

EVALUATION backport, signed binaries to follow..
03-09-2012

EVALUATION The suggested patch replaces the usage of Hashtable w/ ConcurrentHashMap. This will introduce an incompatiblity in serialization format as CryptoPermissions class are declared to be serializable and the field "perms" (which used to be Hashtable) are part of the serialized bytes. The easiest approach would be to bump out the serialVersionUID to indicate the incompatibility between different JDK releases after making this Hashtable -> ConcurrentHashMap performance enhancement. Otherwise, we may have to employ some custom serialization methods to maintain the old serialization format to ensure compatibility.
09-07-2012