4

Does the instruction to create an Heap Dump on out of memory error (-XX:+HeapDumpOnOutOfMemoryError) result in any security or noteworthy performance issues for Tomcat 7 in a production environment?

(Of curse the server has to write the file when it "crashes" and this take some amout of time/space - but I am more interested in performance issues while the server is still in business.)

Ralph
  • 118,862
  • 56
  • 287
  • 383
  • Performance issues, I don't think so. Security issues, only if you go and distribute the dump to anyone who might be interesting in loading it and transversing all your objects (which might be storing some critical data, or not) – Claudio Sep 26 '14 at 16:23
  • if `HeapDumpOnOutOfMemoryError` occurs, is the server considered still in business (apart from the business of dumping the heap)? – Praba Sep 26 '14 at 16:53
  • @prabugp: no not really - when the OutOfMemory Error occurs then the server is not stable any more, and the best thing that could happen is that it does nothing more than creating the heap dump – Ralph Sep 27 '14 at 06:42

1 Answers1

3

-XX:+HeapDumpOnOutOfMemoryError flag does not introduce performance or security problems in run time. The flag is checked only after OOME has happened.

However the heap dump itself may contain sensitive data. Make sure it is written to a secure place by providing appropriate -XX:HeapDumpPath= option.

apangin
  • 92,924
  • 10
  • 193
  • 247