ahus1
commented
1 month ago To add some context what the Keycloak project is doing: Keycloak is a Single Sign On and Identity and Access Management solution where people use among other credentials passwords to log in.
Depending on how many users log in, there might be hundreds of logins per second, and each would be hashing their password. The current algorithm with a setting of for example 7 MB would then allocate 700 000 MB of memory every second, which would then need to be cleared by the garbage collection.
With a throughput optimized setting using ParallelGC, we found that this would drive the GC to a lot of full GCs as it fails to optimize its memory pools correctly. Other GC algorithms like G1 perform a lot better. Still, re-using the buffers across hash calculations would prevent so much garbage to be produced in the first place.
The Keycloak project is needing to tweak garbage collection settings to deal the amount of garbage created by the Argon2BytesGenerator.
It would be good if there were a way to limit the amount of garbage created.