On Thu, 21 Apr 2022 19:58:39 GMT, Daniel Jeliński <djelin...@openjdk.org> wrote:
> Profiling the TLS handshakes using SSLHandshake benchmark shows that a large > portion of time is spent in HandshakeContext initialization, specifically in > DisabledAlgorithmConstraints class. > > There are only a few instances of that class, and they are immutable. Caching > the results should be a low-risk operation. > > The cache is implemented as a softly reachable ConcurrentHashMap; this way it > can be removed from memory after a period of inactivity. Under normal > circumstances the cache holds no more than 100 algorithms. src/java.base/share/classes/sun/security/util/DisabledAlgorithmConstraints.java line 105: > 103: private final Set<String> disabledAlgorithms; > 104: private final Constraints algorithmConstraints; > 105: private volatile SoftReference<Map<String, Boolean>> cacheRef = It looks like a one-clear-for-all mechanism. Once the clearing happens, the full map will be collected. For SoftReferences, it clears them fairly eagerly. Maybe, the performance could be further improved in practice by using soft reference for each map entry (See sun.security.util.Cache code for an example). I will have another look next week. ------------- PR: https://git.openjdk.java.net/jdk/pull/8349