RFR: 8345954: Revisit Class Initializers and Locking in X509TrustManagerImpl [v2]
Artur Barashev
abarashev at openjdk.org
Wed Jan 28 20:19:34 UTC 2026
On Thu, 22 Jan 2026 23:51:42 GMT, Koushik Muthukrishnan Thirupattur <duke at openjdk.org> wrote:
>> Refactor sun.security.provider.X509Factory cache access to avoid coarse-grained locking and reduce contention during certificate/CRL interning and parsing.
>>
>> As per request in [the PR](https://github.com/openjdk/jdk/pull/22616#issuecomment-2524971845), re-visit "the initialisation and locking in this area, e.g. addToCache is a static synchronized method so very coarse locking."
>
> Koushik Muthukrishnan Thirupattur has updated the pull request incrementally with one additional commit since the last revision:
>
> 8345954: Addressing review comments
I wonder why we need to do any synchronization in `X509Factory` at all when `sun.security.util.MemoryCache` being used is internally synchronized and its documentation states that it's `safe for concurrent use by multiple threads`:
https://github.com/openjdk/jdk/blob/7efa3168b706c1d061c4ee65574427ef1f50fc7b/src/java.base/share/classes/sun/security/util/Cache.java#L267
I think we need to look closer into this.
-------------
PR Comment: https://git.openjdk.org/jdk/pull/29181#issuecomment-3813708167
More information about the security-dev
mailing list