# HG changeset patch # User jwilhelm # Date 1560890907 -7200 # Node ID 688a2a361e14a3cb1f6aa7e79c2120d8259a67f2 # Parent 17f24c0e2f01f57796768da68e2f6692ece2a768# Parent bc5a0508253c306296946b403ded25ec651f148d Merge diff -r 17f24c0e2f01 -r 688a2a361e14 .hgtags --- a/.hgtags Tue Jun 18 18:38:53 2019 +0100 +++ b/.hgtags Tue Jun 18 22:48:27 2019 +0200 @@ -563,4 +563,5 @@ b034d2dee5fc93d42a81b65e58ce3f91e42586ff jdk-13+23 7e2238451585029680f126ccbb46d01f2ff5607f jdk-13+24 22b3b7983adab54e318f75aeb94471f7a4429c1e jdk-14+0 +22b3b7983adab54e318f75aeb94471f7a4429c1e jdk-13+25 2f4e214781a1d597ed36bf5a36f20928c6c82996 jdk-14+1 diff -r 17f24c0e2f01 -r 688a2a361e14 make/jdk/src/classes/build/tools/generatecacerts/GenerateCacerts.java --- a/make/jdk/src/classes/build/tools/generatecacerts/GenerateCacerts.java Tue Jun 18 18:38:53 2019 +0100 +++ b/make/jdk/src/classes/build/tools/generatecacerts/GenerateCacerts.java Tue Jun 18 22:48:27 2019 +0200 @@ -25,12 +25,23 @@ package build.tools.generatecacerts; +import java.io.DataOutputStream; import java.io.FileOutputStream; +import java.io.IOException; import java.io.InputStream; +import java.io.OutputStream; +import java.io.UnsupportedEncodingException; import java.nio.file.Files; import java.nio.file.Path; -import java.security.KeyStore; +import java.security.DigestOutputStream; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; +import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; +import java.security.cert.X509Certificate; +import java.util.Arrays; +import java.util.List; +import java.util.stream.Collectors; /** * Generate cacerts @@ -39,23 +50,99 @@ */ public class GenerateCacerts { public static void main(String[] args) throws Exception { - KeyStore ks = KeyStore.getInstance("JKS"); - ks.load(null, null); - CertificateFactory cf = CertificateFactory.getInstance("X509"); - Files.list(Path.of(args[0])) - .filter(p -> !p.getFileName().toString().equals("README")) - .forEach(p -> { - try { - String alias = p.getFileName().toString() + " [jdk]"; - try (InputStream fis = Files.newInputStream(p)) { - ks.setCertificateEntry(alias, cf.generateCertificate(fis)); - } - } catch (Exception e) { - throw new RuntimeException(e); - } - }); try (FileOutputStream fos = new FileOutputStream(args[1])) { - ks.store(fos, "changeit".toCharArray()); + store(args[0], fos, "changeit".toCharArray()); } } + + // The following code are copied from JavaKeyStore.java. + + private static final int MAGIC = 0xfeedfeed; + private static final int VERSION_2 = 0x02; + + // This method is a simplified version of JavaKeyStore::engineStore. + // A new "dir" argument is added. All cert names in "dir" is collected into + // a sorted array. Each cert is stored with a creation date set to its + // notBefore value. Thus the output is determined as long as the certs + // are the same. + public static void store(String dir, OutputStream stream, char[] password) + throws IOException, NoSuchAlgorithmException, CertificateException + { + byte[] encoded; // the certificate encoding + CertificateFactory cf = CertificateFactory.getInstance("X509"); + + MessageDigest md = getPreKeyedHash(password); + DataOutputStream dos + = new DataOutputStream(new DigestOutputStream(stream, md)); + + dos.writeInt(MAGIC); + // always write the latest version + dos.writeInt(VERSION_2); + + // All file names in dir sorted. + // README is excluded. Name starting with "." excluded. + List entries = Files.list(Path.of(dir)) + .map(p -> p.getFileName().toString()) + .filter(s -> !s.equals("README") && !s.startsWith(".")) + .collect(Collectors.toList()); + + entries.sort(String::compareTo); + + dos.writeInt(entries.size()); + + for (String entry : entries) { + + String alias = entry + " [jdk]"; + X509Certificate cert; + try (InputStream fis = Files.newInputStream(Path.of(dir, entry))) { + cert = (X509Certificate) cf.generateCertificate(fis); + } + + dos.writeInt(2); + + // Write the alias + dos.writeUTF(alias); + + // Write the (entry creation) date, which is notBefore of the cert + dos.writeLong(cert.getNotBefore().getTime()); + + // Write the trusted certificate + encoded = cert.getEncoded(); + dos.writeUTF(cert.getType()); + dos.writeInt(encoded.length); + dos.write(encoded); + } + + /* + * Write the keyed hash which is used to detect tampering with + * the keystore (such as deleting or modifying key or + * certificate entries). + */ + byte[] digest = md.digest(); + + dos.write(digest); + dos.flush(); + } + + private static MessageDigest getPreKeyedHash(char[] password) + throws NoSuchAlgorithmException, UnsupportedEncodingException + { + + MessageDigest md = MessageDigest.getInstance("SHA"); + byte[] passwdBytes = convertToBytes(password); + md.update(passwdBytes); + Arrays.fill(passwdBytes, (byte) 0x00); + md.update("Mighty Aphrodite".getBytes("UTF8")); + return md; + } + + private static byte[] convertToBytes(char[] password) { + int i, j; + byte[] passwdBytes = new byte[password.length * 2]; + for (i=0, j=0; i> 8); + passwdBytes[j++] = (byte)password[i]; + } + return passwdBytes; + } } diff -r 17f24c0e2f01 -r 688a2a361e14 src/hotspot/share/classfile/systemDictionary.cpp --- a/src/hotspot/share/classfile/systemDictionary.cpp Tue Jun 18 18:38:53 2019 +0100 +++ b/src/hotspot/share/classfile/systemDictionary.cpp Tue Jun 18 22:48:27 2019 +0200 @@ -2861,14 +2861,17 @@ } TableStatistics SystemDictionary::placeholders_statistics() { + MutexLocker ml(SystemDictionary_lock); return placeholders()->statistics_calculate(); } TableStatistics SystemDictionary::loader_constraints_statistics() { + MutexLocker ml(SystemDictionary_lock); return constraints()->statistics_calculate(); } TableStatistics SystemDictionary::protection_domain_cache_statistics() { + MutexLocker ml(SystemDictionary_lock); return pd_cache_table()->statistics_calculate(); } diff -r 17f24c0e2f01 -r 688a2a361e14 src/hotspot/share/opto/library_call.cpp --- a/src/hotspot/share/opto/library_call.cpp Tue Jun 18 18:38:53 2019 +0100 +++ b/src/hotspot/share/opto/library_call.cpp Tue Jun 18 22:48:27 2019 +0200 @@ -4501,8 +4501,8 @@ ciMethod* trap_method = alloc->jvms()->method(); int trap_bci = alloc->jvms()->bci(); - if (!C->too_many_traps(trap_method, trap_bci, Deoptimization::Reason_intrinsic) & - !C->too_many_traps(trap_method, trap_bci, Deoptimization::Reason_null_check)) { + if (!C->too_many_traps(trap_method, trap_bci, Deoptimization::Reason_intrinsic) && + !C->too_many_traps(trap_method, trap_bci, Deoptimization::Reason_null_check)) { // Make sure there's no store between the allocation and the // arraycopy otherwise visible side effects could be rexecuted // in case of deoptimization and cause incorrect execution. diff -r 17f24c0e2f01 -r 688a2a361e14 src/hotspot/share/prims/jvmtiEnvBase.cpp --- a/src/hotspot/share/prims/jvmtiEnvBase.cpp Tue Jun 18 18:38:53 2019 +0100 +++ b/src/hotspot/share/prims/jvmtiEnvBase.cpp Tue Jun 18 22:48:27 2019 +0200 @@ -1083,7 +1083,7 @@ // If the monitor has no owner, then a non-suspended contending // thread could potentially change the state of the monitor by // entering it. The JVM/TI spec doesn't allow this. - if (owning_thread == NULL && !at_safepoint & + if (owning_thread == NULL && !at_safepoint && !pending_thread->is_thread_fully_suspended(true, &debug_bits)) { if (ret.owner != NULL) { destroy_jni_reference(calling_thread, ret.owner); diff -r 17f24c0e2f01 -r 688a2a361e14 src/java.base/share/classes/sun/security/ssl/SSLSocketImpl.java --- a/src/java.base/share/classes/sun/security/ssl/SSLSocketImpl.java Tue Jun 18 18:38:53 2019 +0100 +++ b/src/java.base/share/classes/sun/security/ssl/SSLSocketImpl.java Tue Jun 18 22:48:27 2019 +0200 @@ -38,6 +38,7 @@ import java.net.UnknownHostException; import java.nio.ByteBuffer; import java.util.List; +import java.util.concurrent.TimeUnit; import java.util.concurrent.locks.ReentrantLock; import java.util.function.BiFunction; import javax.net.ssl.HandshakeCompletedListener; @@ -618,27 +619,76 @@ // Need a lock here so that the user_canceled alert and the // close_notify alert can be delivered together. - conContext.outputRecord.recordLock.lock(); - try { + int linger = getSoLinger(); + if (linger >= 0) { + // don't wait more than SO_LINGER for obtaining the + // the lock. + // + // keep and clear the current thread interruption status. + boolean interrupted = Thread.interrupted(); try { - // send a user_canceled alert if needed. - if (useUserCanceled) { - conContext.warning(Alert.USER_CANCELED); + if (conContext.outputRecord.recordLock.tryLock() || + conContext.outputRecord.recordLock.tryLock( + linger, TimeUnit.SECONDS)) { + try { + handleClosedNotifyAlert(useUserCanceled); + } finally { + conContext.outputRecord.recordLock.unlock(); + } + } else { + // For layered, non-autoclose sockets, we are not + // able to bring them into a usable state, so we + // treat it as fatal error. + if (!super.isOutputShutdown()) { + if (isLayered() && !autoClose) { + throw new SSLException( + "SO_LINGER timeout, " + + "close_notify message cannot be sent."); + } else { + super.shutdownOutput(); + if (SSLLogger.isOn && SSLLogger.isOn("ssl")) { + SSLLogger.warning( + "SSLSocket output duplex close failed: " + + "SO_LINGER timeout, " + + "close_notify message cannot be sent."); + } + } + } + + // RFC2246 requires that the session becomes + // unresumable if any connection is terminated + // without proper close_notify messages with + // level equal to warning. + // + // RFC4346 no longer requires that a session not be + // resumed if failure to properly close a connection. + // + // We choose to make the session unresumable if + // failed to send the close_notify message. + // + conContext.conSession.invalidate(); + if (SSLLogger.isOn && SSLLogger.isOn("ssl")) { + SSLLogger.warning( + "Invalidate the session: SO_LINGER timeout, " + + "close_notify message cannot be sent."); + } } + } catch (InterruptedException ex) { + // keep interrupted status + interrupted = true; + } - // send a close_notify alert - conContext.warning(Alert.CLOSE_NOTIFY); + // restore the interrupted status + if (interrupted) { + Thread.currentThread().interrupt(); + } + } else { + conContext.outputRecord.recordLock.lock(); + try { + handleClosedNotifyAlert(useUserCanceled); } finally { - if (!conContext.isOutboundClosed()) { - conContext.outputRecord.close(); - } - - if ((autoClose || !isLayered()) && !super.isOutputShutdown()) { - super.shutdownOutput(); - } + conContext.outputRecord.recordLock.unlock(); } - } finally { - conContext.outputRecord.recordLock.unlock(); } if (!isInputShutdown()) { @@ -646,6 +696,28 @@ } } + private void handleClosedNotifyAlert( + boolean useUserCanceled) throws IOException { + try { + // send a user_canceled alert if needed. + if (useUserCanceled) { + conContext.warning(Alert.USER_CANCELED); + } + + // send a close_notify alert + conContext.warning(Alert.CLOSE_NOTIFY); + } finally { + if (!conContext.isOutboundClosed()) { + conContext.outputRecord.close(); + } + + if (!super.isOutputShutdown() && + (autoClose || !isLayered())) { + super.shutdownOutput(); + } + } + } + /** * Duplex close, start from closing inbound. * diff -r 17f24c0e2f01 -r 688a2a361e14 src/java.base/share/classes/sun/security/tools/keytool/Main.java --- a/src/java.base/share/classes/sun/security/tools/keytool/Main.java Tue Jun 18 18:38:53 2019 +0100 +++ b/src/java.base/share/classes/sun/security/tools/keytool/Main.java Tue Jun 18 22:48:27 2019 +0200 @@ -2418,9 +2418,9 @@ out.println(form.format(source)); out.println(); - for (Enumeration e = keyStore.aliases(); - e.hasMoreElements(); ) { - String alias = e.nextElement(); + List aliases = Collections.list(keyStore.aliases()); + aliases.sort(String::compareTo); + for (String alias : aliases) { doPrintEntry("<" + alias + ">", alias, out); if (verbose || rfc) { out.println(rb.getString("NEWLINE")); diff -r 17f24c0e2f01 -r 688a2a361e14 src/jdk.compiler/share/classes/com/sun/tools/javac/main/Main.java --- a/src/jdk.compiler/share/classes/com/sun/tools/javac/main/Main.java Tue Jun 18 18:38:53 2019 +0100 +++ b/src/jdk.compiler/share/classes/com/sun/tools/javac/main/Main.java Tue Jun 18 22:48:27 2019 +0200 @@ -477,7 +477,7 @@ } try (InputStream in = getClass().getResourceAsStream('/' + className.replace('.', '/') + ".class")) { - final String algorithm = "MD5"; + final String algorithm = "SHA-256"; byte[] digest; MessageDigest md = MessageDigest.getInstance(algorithm); try (DigestInputStream din = new DigestInputStream(in, md)) { diff -r 17f24c0e2f01 -r 688a2a361e14 src/jdk.crypto.cryptoki/share/native/libj2pkcs11/p11_general.c --- a/src/jdk.crypto.cryptoki/share/native/libj2pkcs11/p11_general.c Tue Jun 18 18:38:53 2019 +0100 +++ b/src/jdk.crypto.cryptoki/share/native/libj2pkcs11/p11_general.c Tue Jun 18 22:48:27 2019 +0200 @@ -51,6 +51,7 @@ #include #include #include +#include "jlong.h" #include "sun_security_pkcs11_wrapper_PKCS11.h" @@ -96,8 +97,8 @@ Java_sun_security_pkcs11_wrapper_PKCS11_freeMechanism (JNIEnv *env, jclass thisClass, jlong ckpMechanism) { if (ckpMechanism != 0L) { - freeCKMechanismPtr((CK_MECHANISM_PTR) ckpMechanism); - TRACE1("DEBUG PKCS11_freeMechanism: free pMech = %x\n", (jlong)ckpMechanism); + freeCKMechanismPtr(jlong_to_ptr(ckpMechanism)); + TRACE1("DEBUG PKCS11_freeMechanism: free pMech = %x\n", ckpMechanism); } return 0L; } diff -r 17f24c0e2f01 -r 688a2a361e14 src/jdk.crypto.cryptoki/share/native/libj2pkcs11/p11_sign.c --- a/src/jdk.crypto.cryptoki/share/native/libj2pkcs11/p11_sign.c Tue Jun 18 18:38:53 2019 +0100 +++ b/src/jdk.crypto.cryptoki/share/native/libj2pkcs11/p11_sign.c Tue Jun 18 22:48:27 2019 +0200 @@ -91,8 +91,8 @@ (ckpMechanism->pParameter == NULL)) { freeCKMechanismPtr(ckpMechanism); } else { - (*env)->SetLongField(env, jMechanism, mech_pHandleID, (jlong)ckpMechanism); - TRACE1("DEBUG C_SignInit: stored pMech = 0x%lX\n", (jlong)ckpMechanism); + (*env)->SetLongField(env, jMechanism, mech_pHandleID, ptr_to_jlong(ckpMechanism)); + TRACE1("DEBUG C_SignInit: stored pMech = 0x%lX\n", ptr_to_jlong(ckpMechanism)); } TRACE0("FINISHED\n"); } @@ -303,8 +303,8 @@ (ckpMechanism->pParameter == NULL)) { freeCKMechanismPtr(ckpMechanism); } else { - (*env)->SetLongField(env, jMechanism, mech_pHandleID, (jlong)ckpMechanism); - TRACE1("DEBUG C_SignRecoverInit, stored pMech = 0x%lX\n", (jlong)ckpMechanism); + (*env)->SetLongField(env, jMechanism, mech_pHandleID, ptr_to_jlong(ckpMechanism)); + TRACE1("DEBUG C_SignRecoverInit, stored pMech = 0x%lX\n", ptr_to_jlong(ckpMechanism)); } TRACE0("FINISHED\n"); } @@ -413,8 +413,8 @@ (ckpMechanism->pParameter == NULL)) { freeCKMechanismPtr(ckpMechanism); } else { - (*env)->SetLongField(env, jMechanism, mech_pHandleID, (jlong)ckpMechanism); - TRACE1("DEBUG C_VerifyInit: stored pMech = 0x%lX\n", (jlong)ckpMechanism); + (*env)->SetLongField(env, jMechanism, mech_pHandleID, ptr_to_jlong(ckpMechanism)); + TRACE1("DEBUG C_VerifyInit: stored pMech = 0x%lX\n", ptr_to_jlong(ckpMechanism)); } TRACE0("FINISHED\n"); } @@ -601,8 +601,8 @@ (ckpMechanism->pParameter == NULL)) { freeCKMechanismPtr(ckpMechanism); } else { - (*env)->SetLongField(env, jMechanism, mech_pHandleID, (jlong)ckpMechanism); - TRACE1("DEBUG C_VerifyRecoverInit: stored pMech = 0x%lX\n", (jlong)ckpMechanism); + (*env)->SetLongField(env, jMechanism, mech_pHandleID, ptr_to_jlong(ckpMechanism)); + TRACE1("DEBUG C_VerifyRecoverInit: stored pMech = 0x%lX\n", ptr_to_jlong(ckpMechanism)); } TRACE0("FINISHED\n"); } diff -r 17f24c0e2f01 -r 688a2a361e14 src/jdk.jdeps/share/classes/com/sun/tools/javap/JavapTask.java --- a/src/jdk.jdeps/share/classes/com/sun/tools/javap/JavapTask.java Tue Jun 18 18:38:53 2019 +0100 +++ b/src/jdk.jdeps/share/classes/com/sun/tools/javap/JavapTask.java Tue Jun 18 22:48:27 2019 +0200 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2007, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2007, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -808,7 +808,7 @@ MessageDigest md = null; if (options.sysInfo || options.verbose) { try { - md = MessageDigest.getInstance("MD5"); + md = MessageDigest.getInstance("SHA-256"); } catch (NoSuchAlgorithmException ignore) { } in = new DigestInputStream(in, md); @@ -829,7 +829,7 @@ if (options.sysInfo || options.verbose) { classWriter.setFile(info.fo.toUri()); classWriter.setLastModified(info.fo.getLastModified()); - classWriter.setDigest("MD5", info.digest); + classWriter.setDigest("SHA-256", info.digest); classWriter.setFileSize(info.size); } diff -r 17f24c0e2f01 -r 688a2a361e14 src/jdk.jdeps/share/classes/com/sun/tools/javap/resources/javap.properties --- a/src/jdk.jdeps/share/classes/com/sun/tools/javap/resources/javap.properties Tue Jun 18 18:38:53 2019 +0100 +++ b/src/jdk.jdeps/share/classes/com/sun/tools/javap/resources/javap.properties Tue Jun 18 22:48:27 2019 +0200 @@ -99,7 +99,7 @@ \ -constants Show final constants main.opt.sysinfo=\ -\ -sysinfo Show system info (path, size, date, MD5 hash)\n\ +\ -sysinfo Show system info (path, size, date, SHA-256 hash)\n\ \ of class being processed main.opt.module=\ diff -r 17f24c0e2f01 -r 688a2a361e14 test/hotspot/jtreg/ProblemList-graal.txt --- a/test/hotspot/jtreg/ProblemList-graal.txt Tue Jun 18 18:38:53 2019 +0100 +++ b/test/hotspot/jtreg/ProblemList-graal.txt Tue Jun 18 22:48:27 2019 +0200 @@ -43,8 +43,6 @@ compiler/graalunit/JttThreadsTest.java 8207757 generic-all -compiler/jvmci/SecurityRestrictionsTest.java 8181837 generic-all - compiler/unsafe/UnsafeGetConstantField.java 8181833 generic-all compiler/unsafe/UnsafeGetStableArrayElement.java 8181833 generic-all compiler/unsafe/UnsafeOffHeapBooleanTest.java 8181833 generic-all @@ -62,7 +60,7 @@ gc/g1/TestPeriodicCollection.java 8196611 generic-all gc/g1/TestFromCardCacheIndex.java 8196611 generic-all gc/parallel/TestPrintGCDetailsVerbose.java 8196611 generic-all -vm/gc/InfiniteList.java 8196611 generic-all +gc/InfiniteList.java 8196611 generic-all vmTestbase/gc/lock/jni/jnilock001/TestDescription.java 8196611 generic-all vmTestbase/gc/lock/jniref/jnireflock04/TestDescription.java 8196611 generic-all @@ -176,7 +174,6 @@ vmTestbase/nsk/jdi/BScenarios/hotswap/tc08x001/TestDescription.java 8195635 generic-all vmTestbase/nsk/jdi/BScenarios/hotswap/tc10x002/TestDescription.java 8195635 generic-all vmTestbase/nsk/jdi/MethodExitEvent/returnValue/returnValue003/returnValue003.java 8195635 generic-all -vmTestbase/nsk/jdi/Scenarios/invokeMethod/popframes001/TestDescription.jav 8195635 generic-all vmTestbase/nsk/jdi/Scenarios/invokeMethod/popframes001/TestDescription.java 8195635 generic-all vmTestbase/nsk/jdi/ThreadReference/popFrames/popframes001/TestDescription.java 8195635 generic-all vmTestbase/nsk/jdi/VirtualMachine/redefineClasses/redefineclasses002/TestDescription.java 8195635 generic-all diff -r 17f24c0e2f01 -r 688a2a361e14 test/hotspot/jtreg/ProblemList.txt --- a/test/hotspot/jtreg/ProblemList.txt Tue Jun 18 18:38:53 2019 +0100 +++ b/test/hotspot/jtreg/ProblemList.txt Tue Jun 18 22:48:27 2019 +0200 @@ -80,7 +80,6 @@ # :hotspot_runtime -runtime/SharedArchiveFile/SASymbolTableTest.java 8193639 solaris-all runtime/jni/terminatedThread/TestTerminatedThread.java 8219652 aix-ppc64 ############################################################################# @@ -107,8 +106,6 @@ serviceability/sa/ClhsdbRegionDetailsScanOopsForG1.java 8193639 solaris-all serviceability/sa/ClhsdbScanOops.java 8193639,8211767 solaris-all,linux-ppc64le,linux-ppc64 serviceability/sa/ClhsdbSource.java 8193639,8211767 solaris-all,linux-ppc64le,linux-ppc64 -serviceability/sa/ClhsdbSymbol.java 8193639 solaris-all -serviceability/sa/ClhsdbSymbolTable.java 8193639 solaris-all serviceability/sa/ClhsdbThread.java 8193639,8211767 solaris-all,linux-ppc64le,linux-ppc64 serviceability/sa/ClhsdbVmStructsDump.java 8193639 solaris-all serviceability/sa/ClhsdbWhere.java 8193639,8211767 solaris-all,linux-ppc64le,linux-ppc64 diff -r 17f24c0e2f01 -r 688a2a361e14 test/hotspot/jtreg/compiler/compilercontrol/share/scenario/Command.java --- a/test/hotspot/jtreg/compiler/compilercontrol/share/scenario/Command.java Tue Jun 18 18:38:53 2019 +0100 +++ b/test/hotspot/jtreg/compiler/compilercontrol/share/scenario/Command.java Tue Jun 18 22:48:27 2019 +0200 @@ -33,8 +33,8 @@ public enum Command { COMPILEONLY("compileonly", ".*", "-Xbatch"), EXCLUDE("exclude", "", "-Xbatch"), - INLINE("inline", ".*", "-Xbatch"), - DONTINLINE("dontinline", "", "-Xbatch"), + INLINE("inline", ".*", "-Xbatch", "-XX:InlineSmallCode=4000"), + DONTINLINE("dontinline", "", "-Xbatch", "-XX:InlineSmallCode=4000"), LOG("log", "", "-XX:+UnlockDiagnosticVMOptions", "-XX:+LogCompilation", "-XX:LogFile=" + LogProcessor.LOG_FILE), PRINT("print", ""), diff -r 17f24c0e2f01 -r 688a2a361e14 test/jdk/ProblemList-graal.txt --- a/test/jdk/ProblemList-graal.txt Tue Jun 18 18:38:53 2019 +0100 +++ b/test/jdk/ProblemList-graal.txt Tue Jun 18 22:48:27 2019 +0200 @@ -76,7 +76,6 @@ java/lang/ref/SoftReference/Pin.java 8196611 generic-all java/lang/Runtime/exec/LotsOfOutput.java 8196611 generic-all java/util/concurrent/ScheduledThreadPoolExecutor/BasicCancelTest.java 8196611 generic-all -vm/gc/InfiniteList.java 8196611 generic-all # tests require pop_frame and force_early_return capabilities com/sun/jdi/RedefineTTYLineNumber.java 8195635 generic-all diff -r 17f24c0e2f01 -r 688a2a361e14 test/jdk/javax/net/ssl/SSLSocket/Tls13PacketSize.java --- a/test/jdk/javax/net/ssl/SSLSocket/Tls13PacketSize.java Tue Jun 18 18:38:53 2019 +0100 +++ b/test/jdk/javax/net/ssl/SSLSocket/Tls13PacketSize.java Tue Jun 18 22:48:27 2019 +0200 @@ -53,6 +53,9 @@ @Override protected void runServerApplication(SSLSocket socket) throws Exception { + // Set SO_LINGER in case of slow socket + socket.setSoLinger(true, 10); + // here comes the test logic InputStream sslIS = socket.getInputStream(); OutputStream sslOS = socket.getOutputStream(); @@ -81,6 +84,9 @@ * @see #isCustomizedClientConnection() */ protected void runClientApplication(SSLSocket socket) throws Exception { + // Set SO_LINGER in case of slow socket + socket.setSoLinger(true, 10); + socket.setEnabledProtocols(new String[] {"TLSv1.3"}); InputStream sslIS = socket.getInputStream(); OutputStream sslOS = socket.getOutputStream(); diff -r 17f24c0e2f01 -r 688a2a361e14 test/jdk/sun/security/lib/cacerts/VerifyCACerts.java --- a/test/jdk/sun/security/lib/cacerts/VerifyCACerts.java Tue Jun 18 18:38:53 2019 +0100 +++ b/test/jdk/sun/security/lib/cacerts/VerifyCACerts.java Tue Jun 18 22:48:27 2019 +0200 @@ -26,11 +26,13 @@ * @test * @bug 8189131 8198240 8191844 8189949 8191031 8196141 8204923 8195774 8199779 * 8209452 8209506 8210432 8195793 8216577 8222089 8222133 8222137 8222136 - * 8223499 + * 8223499 8225392 * @summary Check root CA entries in cacerts file */ +import java.io.ByteArrayInputStream; import java.io.File; -import java.io.FileInputStream; +import java.nio.file.Files; +import java.nio.file.Path; import java.security.KeyStore; import java.security.MessageDigest; import java.security.cert.Certificate; @@ -52,6 +54,11 @@ // The numbers of certs now. private static final int COUNT = 88; + // SHA-256 of cacerts, can be generated with + // shasum -a 256 cacerts | sed -e 's/../&:/g' | tr '[:lower:]' '[:upper:]' | cut -c1-95 + private static final String CHECKSUM + = "4E:21:94:7C:1D:49:28:BB:34:B0:40:DF:AE:19:B4:41:C6:B5:8A:EE:EB:D5:DE:B4:EF:07:AF:63:18:73:A6:FE"; + // map of cert alias to SHA-256 fingerprint @SuppressWarnings("serial") private static final Map FINGERPRINT_MAP = new HashMap<>() { @@ -255,8 +262,16 @@ public static void main(String[] args) throws Exception { System.out.println("cacerts file: " + CACERTS); md = MessageDigest.getInstance("SHA-256"); + + byte[] data = Files.readAllBytes(Path.of(CACERTS)); + String checksum = toHexString(md.digest(data)); + if (!checksum.equals(CHECKSUM)) { + atLeastOneFailed = true; + System.err.println("ERROR: wrong checksum\n" + checksum); + } + KeyStore ks = KeyStore.getInstance("JKS"); - ks.load(new FileInputStream(CACERTS), "changeit".toCharArray()); + ks.load(new ByteArrayInputStream(data), "changeit".toCharArray()); // check the count of certs inside if (ks.size() != COUNT) { diff -r 17f24c0e2f01 -r 688a2a361e14 test/jdk/sun/security/ssl/SSLSocketImpl/BlockedAsyncClose.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/jdk/sun/security/ssl/SSLSocketImpl/BlockedAsyncClose.java Tue Jun 18 22:48:27 2019 +0200 @@ -0,0 +1,147 @@ +/* + * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +// +// SunJSSE does not support dynamic system properties, no way to re-use +// system properties in samevm/agentvm mode. +// + +/* + * @test + * @bug 8224829 + * @summary AsyncSSLSocketClose.java has timing issue + * @run main/othervm BlockedAsyncClose + */ + +import javax.net.ssl.*; +import java.io.*; +import java.net.SocketException; +import java.net.InetAddress; +import java.net.InetSocketAddress; +import java.util.concurrent.CountDownLatch; +import java.util.concurrent.TimeUnit; + +public class BlockedAsyncClose implements Runnable { + SSLSocket socket; + SSLServerSocket ss; + + // Is the socket ready to close? + private final CountDownLatch closeCondition = new CountDownLatch(1); + + // Where do we find the keystores? + static String pathToStores = "../../../../javax/net/ssl/etc"; + static String keyStoreFile = "keystore"; + static String trustStoreFile = "truststore"; + static String passwd = "passphrase"; + + public static void main(String[] args) throws Exception { + String keyFilename = + System.getProperty("test.src", "./") + "/" + pathToStores + + "/" + keyStoreFile; + String trustFilename = + System.getProperty("test.src", "./") + "/" + pathToStores + + "/" + trustStoreFile; + + System.setProperty("javax.net.ssl.keyStore", keyFilename); + System.setProperty("javax.net.ssl.keyStorePassword", passwd); + System.setProperty("javax.net.ssl.trustStore", trustFilename); + System.setProperty("javax.net.ssl.trustStorePassword", passwd); + + new BlockedAsyncClose(); + } + + public BlockedAsyncClose() throws Exception { + SSLServerSocketFactory sslssf = + (SSLServerSocketFactory)SSLServerSocketFactory.getDefault(); + InetAddress loopback = InetAddress.getLoopbackAddress(); + ss = (SSLServerSocket)sslssf.createServerSocket(); + ss.bind(new InetSocketAddress(loopback, 0)); + + SSLSocketFactory sslsf = + (SSLSocketFactory)SSLSocketFactory.getDefault(); + socket = (SSLSocket)sslsf.createSocket(loopback, ss.getLocalPort()); + SSLSocket serverSoc = (SSLSocket)ss.accept(); + ss.close(); + + (new Thread(this)).start(); + serverSoc.startHandshake(); + + boolean closeIsReady = closeCondition.await(90L, TimeUnit.SECONDS); + if (!closeIsReady) { + System.out.println( + "Ignore, the closure is not ready yet in 90 seconds."); + return; + } + + socket.setSoLinger(true, 10); + System.out.println("Calling Socket.close"); + + // Sleep for a while so that the write thread blocks by hitting the + // output stream buffer limit. + Thread.sleep(1000); + + socket.close(); + System.out.println("ssl socket get closed"); + System.out.flush(); + } + + // block in write + public void run() { + byte[] ba = new byte[1024]; + for (int i = 0; i < ba.length; i++) { + ba[i] = 0x7A; + } + + try { + OutputStream os = socket.getOutputStream(); + int count = 0; + + // 1st round write + count += ba.length; + System.out.println(count + " bytes to be written"); + os.write(ba); + System.out.println(count + " bytes written"); + + // Signal, ready to close. + closeCondition.countDown(); + + // write more + while (true) { + count += ba.length; + System.out.println(count + " bytes to be written"); + os.write(ba); + System.out.println(count + " bytes written"); + } + } catch (SocketException se) { + // the closing may be in progress + System.out.println("interrupted? " + se); + } catch (Exception e) { + if (socket.isClosed() || socket.isOutputShutdown()) { + System.out.println("interrupted, the socket is closed"); + } else { + throw new RuntimeException("interrupted?", e); + } + } + } +} + diff -r 17f24c0e2f01 -r 688a2a361e14 test/jdk/sun/security/tools/keytool/ListOrder.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/jdk/sun/security/tools/keytool/ListOrder.java Tue Jun 18 22:48:27 2019 +0200 @@ -0,0 +1,64 @@ +/* + * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/** + * @test + * @bug 8225392 + * @summary Comparison builds are failing due to cacerts file + * @library /test/lib + */ + +import jdk.test.lib.SecurityTools; + +import java.util.Random; + +public class ListOrder { + + public static void main(String[] args) throws Throwable { + + Random rand = new Random(); + for (int i = 0; i < 10; i++) { + gen(String.format("a%02d", rand.nextInt(100))); + } + + String last = ""; + for (String line : SecurityTools.keytool( + "-keystore ks -storepass changeit -list").asLines()) { + if (line.contains("PrivateKeyEntry")) { + // This is the line starting with the alias + System.out.println(line); + if (line.compareTo(last) <= 0) { + throw new RuntimeException("Not ordered"); + } else { + last = line; + } + } + } + } + + static void gen(String a) throws Exception { + // Do not check result, there might be duplicated alias(es). + SecurityTools.keytool("-keystore ks -storepass changeit " + + "-keyalg ec -genkeypair -alias " + a + " -dname CN=" + a); + } +} diff -r 17f24c0e2f01 -r 688a2a361e14 test/langtools/tools/javac/T6942649.java --- a/test/langtools/tools/javac/T6942649.java Tue Jun 18 18:38:53 2019 +0100 +++ b/test/langtools/tools/javac/T6942649.java Tue Jun 18 22:48:27 2019 +0200 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010, 2015, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2010, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -23,7 +23,7 @@ /* * @test - * @bug 6942649 + * @bug 6942649 8225748 * @summary add hidden option to identify location and version of javac classes * @modules jdk.compiler */ @@ -60,7 +60,7 @@ throw new Exception("location of class not found in output"); } - if (!out.contains("MD5 checksum: ")) + if (!out.contains("SHA-256 checksum: ")) throw new Exception("checksum not found in output"); } } diff -r 17f24c0e2f01 -r 688a2a361e14 test/langtools/tools/javap/T4884240.java --- a/test/langtools/tools/javap/T4884240.java Tue Jun 18 18:38:53 2019 +0100 +++ b/test/langtools/tools/javap/T4884240.java Tue Jun 18 22:48:27 2019 +0200 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2008, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2008, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -23,7 +23,7 @@ /* * @test - * @bug 4884240 + * @bug 4884240 8225748 * @summary additional option required for javap * @modules jdk.jdeps/com.sun.tools.javap */ @@ -47,7 +47,7 @@ if (lines.length < 3 || !lines[0].trim().startsWith("Classfile") || !lines[1].trim().startsWith("Last modified") - || !lines[2].trim().startsWith("MD5")) { + || !lines[2].trim().startsWith("SHA-256")) { System.out.println(sw); throw new Exception("unexpected output"); }