graal icon indicating copy to clipboard operation
graal copied to clipboard

Published 20 hours ago • verified publisher icon oracle

[GR-30247] Footprint optimization: JarVerifier is transitively including a lot of crypto classes

Open sdeleuze opened this issue 4 years ago • 2 comments

In our journey to optimize the footprint of Spring Boot native images (but that issue is not Spring Boot specific), we have found that JarVerifier is transitively including a lot of crypto classes in the native image. In practice loading a JAR and verifying their signature is not used in native images but they are on the code path analyzed by the static analysis, mostly for Manifest parsing and verification.

An experiment I did with this experimental substitution shows a 2M image size and related memory consumption reduction. I am wondering if we could find a global optimization that could solve that issue for most native use cases.

Tested with GraalVM 21.0.0 - Java 11.

sdeleuze avatar Jan 28 '21 09:01 sdeleuze

@sdeleuze Thanks for reporting the Issue We will check it out and come back to you

munishchouhan avatar Feb 01 '21 07:02 munishchouhan

Quick update: This item is still on our roadmap, with rather low priority though. If anyone wants to tackle it, we are happy to accept contributions that solve this problem.

wirthi avatar Nov 09 '23 14:11 wirthi