Bug 1036813

Summary: Long term memory leak when using PKCS11 and JCE exceeds 32 bit process address space
Product: Red Hat Enterprise Linux 6 Reporter: Alon Bar-Lev <alonbl>
Component: java-1.7.0-openjdkAssignee: jiri vanek <jvanek>
Status: CLOSED ERRATA QA Contact: Lukáš Zachar <lzachar>
Severity: urgent Docs Contact:
Priority: urgent    
Version: 6.5CC: aberezin, acathrow, aph, bazulay, cpelland, dbhole, fweimer, iheim, iweiss, jlivings, juan.hernandez, lyarwood, pablo.iranzo
Target Milestone: rcKeywords: ZStream
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
URL: http://bugs.sun.com/view_bug.do?bug_id=6913047
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-12-10 14:44:53 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 831734    
Bug Blocks: 1028966, 1040049    

Description Alon Bar-Lev 2013-12-02 16:37:36 UTC 
From bug#1028966 comment#26

(In reply to Andrew Haley from comment #26)
> I can confirm that the memory leak is in the PKCS11 library and is probably
> this bug:
> 
> http://bugs.sun.com/view_bug.do?bug_id=6913047
> 
> After more than 12 hours running there is no increase in memory consumption
> with PKCS11 disabled. I think this is enough to prove that PKCS11 is the
> cause of the problem.
> 
> Disabling PKCS11 is a suitable workaround for the rime being.

This is unique to rhel, as it was decided to modify default provider uses PKCS11 provider to use nss bug#831734, as result all java applications are effected.

Please also note at bug#905128 comment#7, changing default behavior of java is very sensitive and should be avoided.

Please disable the use of PKCS11 provider as default until all problems with PKCS11 provider and nss are resolved.
Comment 16 errata-xmlrpc 2013-12-10 14:44:53 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2013-1810.html
Comment 17 James Livingston 2014-08-26 23:53:01 UTC 
*** Bug 1133760 has been marked as a duplicate of this bug. ***