Created attachment 38401 [details]
Benchmark which shows performance difference between getting class loader with/without privileges

In our application Util.getContextClassLoader() is a hotspot with almost all the cost coming from AccessController.doPrivileged. By adding instrumentation we've confirmed that the native implementation of AccessController.doPrivileged itself and not PrivilegedGetTccl.run() is expensive. In an example request to our application we had 17000 calls to Util.getContextClassLoader() and recorded this CPU time in the methods:
0.682 ms for javax.el.Util$PrivilegedGetTccl.run()
27.800 ms for javax.el.Util.getContextClassLoader()

This potential hotspot was introduced four years ago when a change was made to get the context class loader of the Thread with privileges enabled: https://bz.apache.org/bugzilla/show_bug.cgi?id=62080

We'd like to fix this hotspot by calling Thread.currentThread().getContextClassLoader() without privileges enabled again. This would be a revert of the change here: https://github.com/apache/tomcat/commit/7c359957f0b600b92e964b1a2497374e6cac4bc3#diff-f5b7c13f66b3d070a6b1c1713ad4b60fd70b26f579a746edc8fe9f19109243b2L93
Since this change addressed a rare bug, we probably have to make this change backwards compatible by adding a configuration switch.

I have also included a basic benchmark which compares the performance of the two approaches. The benchmark shows a difference by factor 100. I ran the benchmark with JDK 8 and 11.

Since SecurityManager and related functionality are on track to deprecation, this change may be mandatory in the future, irrespective of the performance benefit:
https://openjdk.org/jeps/411