RFR: 8276660: Scalability bottleneck in java.security.Provider.getService()

Andrey Turbanov duke at openjdk.java.net
Tue Nov 23 08:35:10 UTC 2021

On Tue, 23 Nov 2021 02:55:55 GMT, Valerie Peng <valeriep at openjdk.org> wrote:

> It is observed that when running crypto benchmark with large number of threads, a lot of time is spent on the synchronized block inside the Provider.getService() method. The cause for this is that Provider.getService() method first uses the 'serviceMap' field to find the requested service. However, when the requested service is not supported by this provider, e.g. requesting Cipher.RSA from SUN provider, the impl continues to try searching the legacy registrations whose processing is guarded by the "synchronized" keyword. When apps use getInstance() calls without the provider argument, Provider class has to iterate through existing providers trying to find one that supports the requested service.
> Now that the parent class of Provider no longer synchronizes all of its methods, Provider class should follow suit and de-synchronize its methods. Parsing of the legacy registration is done eagerly (at the time of put(...) calls) instead of lazily (at the time of getService(...) calls). This also makes "legacyStrings" redundant as the registration is parsed and stored directly into "legacyMap". 
> The bug reporter has confirmed that the changes resolve the performance bottleneck and all regression tests pass.
> Please review and thanks in advance,
> Valerie

src/java.base/share/classes/java/security/Provider.java line 930:

> 928:         boolean result = super.remove(key, value);
> 929:         if (result && key instanceof String && value instanceof String) {
> 930:             parseLegacy((String)key, (String)value, OPType.REMOVE);

I suggest to use pattern matching for instanceof to avoid manual casts


PR: https://git.openjdk.java.net/jdk/pull/6513

More information about the security-dev mailing list