Merge
authorprr
Fri, 18 Oct 2019 09:25:06 -0700
changeset 59170 945f5bfab0f7
parent 59169 7dae4286f1cc (current diff)
parent 58686 0279391875bf (diff)
child 59171 85d7af399ef5
Merge
--- a/.hgtags	Thu Oct 17 14:07:02 2019 -0700
+++ b/.hgtags	Fri Oct 18 09:25:06 2019 -0700
@@ -591,3 +591,4 @@
 d29f0181ba424a95d881aba5eabf2e393abcc70f jdk-14+16
 5c83830390baafb76a1fbe33443c57620bd45fb9 jdk-14+17
 e84d8379815ba0d3e50fb096d28c25894cb50b8c jdk-14+18
+9b67dd88a9313e982ec5f710a7747161bc8f0c23 jdk-14+19
--- a/make/autoconf/basics.m4	Thu Oct 17 14:07:02 2019 -0700
+++ b/make/autoconf/basics.m4	Fri Oct 18 09:25:06 2019 -0700
@@ -489,31 +489,43 @@
       # for unknown variables in the end.
       CONFIGURE_OVERRIDDEN_VARIABLES="$try_remove_var"
 
+      tool_override=[$]$1
+      AC_MSG_NOTICE([User supplied override $1="$tool_override"])
+
       # Check if we try to supply an empty value
-      if test "x[$]$1" = x; then
-        AC_MSG_NOTICE([Setting user supplied tool $1= (no value)])
+      if test "x$tool_override" = x; then
         AC_MSG_CHECKING([for $1])
         AC_MSG_RESULT([disabled])
       else
+        # Split up override in command part and argument part
+        tool_and_args=($tool_override)
+        [ tool_command=${tool_and_args[0]} ]
+        [ unset 'tool_and_args[0]' ]
+        [ tool_args=${tool_and_args[@]} ]
+
         # Check if the provided tool contains a complete path.
-        tool_specified="[$]$1"
-        tool_basename="${tool_specified##*/}"
-        if test "x$tool_basename" = "x$tool_specified"; then
+        tool_basename="${tool_command##*/}"
+        if test "x$tool_basename" = "x$tool_command"; then
           # A command without a complete path is provided, search $PATH.
-          AC_MSG_NOTICE([Will search for user supplied tool $1=$tool_basename])
+          AC_MSG_NOTICE([Will search for user supplied tool "$tool_basename"])
           AC_PATH_PROG($1, $tool_basename)
           if test "x[$]$1" = x; then
-            AC_MSG_ERROR([User supplied tool $tool_basename could not be found])
+            AC_MSG_ERROR([User supplied tool $1="$tool_basename" could not be found])
           fi
         else
           # Otherwise we believe it is a complete path. Use it as it is.
-          AC_MSG_NOTICE([Will use user supplied tool $1=$tool_specified])
-          AC_MSG_CHECKING([for $1])
-          if test ! -x "$tool_specified"; then
+          AC_MSG_NOTICE([Will use user supplied tool "$tool_command"])
+          AC_MSG_CHECKING([for $tool_command])
+          if test ! -x "$tool_command"; then
             AC_MSG_RESULT([not found])
-            AC_MSG_ERROR([User supplied tool $1=$tool_specified does not exist or is not executable])
+            AC_MSG_ERROR([User supplied tool $1="$tool_command" does not exist or is not executable])
           fi
-          AC_MSG_RESULT([$tool_specified])
+           $1="$tool_command"
+          AC_MSG_RESULT([found])
+        fi
+        if test "x$tool_args" != x; then
+          # If we got arguments, re-append them to the command after the fixup.
+          $1="[$]$1 $tool_args"
         fi
       fi
     fi
--- a/make/common/MakeBase.gmk	Thu Oct 17 14:07:02 2019 -0700
+++ b/make/common/MakeBase.gmk	Fri Oct 18 09:25:06 2019 -0700
@@ -564,8 +564,8 @@
 # Param 1 - The path to base the name of the log file / command line file on
 # Param 2 - The command to run
 ExecuteWithLog = \
-  $(call LogCmdlines, Exececuting: [$(strip $2)]) \
-  $(call MakeDir, $(dir $(strip $1))) \
+  $(call LogCmdlines, Executing: [$(strip $2)]) \
+  $(call MakeDir, $(dir $(strip $1)) $(MAKESUPPORT_OUTPUTDIR)/failure-logs) \
   $(call WriteFile, $2, $(strip $1).cmdline) \
   ( $(RM) $(strip $1).log && $(strip $2) > >($(TEE) -a $(strip $1).log) 2> >($(TEE) -a $(strip $1).log >&2) || \
       ( exitcode=$(DOLLAR)? && \
--- a/make/hotspot/symbols/symbols-unix	Thu Oct 17 14:07:02 2019 -0700
+++ b/make/hotspot/symbols/symbols-unix	Fri Oct 18 09:25:06 2019 -0700
@@ -97,6 +97,7 @@
 JVM_GetDeclaredClasses
 JVM_GetDeclaringClass
 JVM_GetEnclosingMethodInfo
+JVM_GetExtendedNPEMessage
 JVM_GetFieldIxModifiers
 JVM_GetFieldTypeAnnotations
 JVM_GetInheritedAccessControlContext
--- a/src/hotspot/cpu/x86/macroAssembler_x86.cpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/cpu/x86/macroAssembler_x86.cpp	Fri Oct 18 09:25:06 2019 -0700
@@ -6352,7 +6352,7 @@
   movptr(result, str1);
   if (UseAVX >= 2) {
     cmpl(cnt1, stride);
-    jcc(Assembler::less, SCAN_TO_CHAR_LOOP);
+    jcc(Assembler::less, SCAN_TO_CHAR);
     cmpl(cnt1, 2*stride);
     jcc(Assembler::less, SCAN_TO_8_CHAR_INIT);
     movdl(vec1, ch);
@@ -6379,10 +6379,8 @@
   }
   bind(SCAN_TO_8_CHAR);
   cmpl(cnt1, stride);
-  if (UseAVX >= 2) {
-    jcc(Assembler::less, SCAN_TO_CHAR);
-  } else {
-    jcc(Assembler::less, SCAN_TO_CHAR_LOOP);
+  jcc(Assembler::less, SCAN_TO_CHAR);
+  if (UseAVX < 2) {
     movdl(vec1, ch);
     pshuflw(vec1, vec1, 0x00);
     pshufd(vec1, vec1, 0);
--- a/src/hotspot/cpu/x86/macroAssembler_x86.hpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/cpu/x86/macroAssembler_x86.hpp	Fri Oct 18 09:25:06 2019 -0700
@@ -114,7 +114,8 @@
       // short offset operators (jmp and jcc)
       char* disp = (char*) &branch[1];
       int imm8 = target - (address) &disp[1];
-      guarantee(this->is8bit(imm8), "Short forward jump exceeds 8-bit offset at %s:%d", file, line);
+      guarantee(this->is8bit(imm8), "Short forward jump exceeds 8-bit offset at %s:%d",
+                file == NULL ? "<NULL>" : file, line);
       *disp = imm8;
     } else {
       int* disp = (int*) &branch[(op == 0x0F || op == 0xC7)? 2: 1];
--- a/src/hotspot/cpu/x86/sharedRuntime_x86_32.cpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/cpu/x86/sharedRuntime_x86_32.cpp	Fri Oct 18 09:25:06 2019 -0700
@@ -1304,6 +1304,97 @@
   }
 }
 
+// Registers need to be saved for runtime call
+static Register caller_saved_registers[] = {
+  rcx, rdx, rsi, rdi
+};
+
+// Save caller saved registers except r1 and r2
+static void save_registers_except(MacroAssembler* masm, Register r1, Register r2) {
+  int reg_len = (int)(sizeof(caller_saved_registers) / sizeof(Register));
+  for (int index = 0; index < reg_len; index ++) {
+    Register this_reg = caller_saved_registers[index];
+    if (this_reg != r1 && this_reg != r2) {
+      __ push(this_reg);
+    }
+  }
+}
+
+// Restore caller saved registers except r1 and r2
+static void restore_registers_except(MacroAssembler* masm, Register r1, Register r2) {
+  int reg_len = (int)(sizeof(caller_saved_registers) / sizeof(Register));
+  for (int index = reg_len - 1; index >= 0; index --) {
+    Register this_reg = caller_saved_registers[index];
+    if (this_reg != r1 && this_reg != r2) {
+      __ pop(this_reg);
+    }
+  }
+}
+
+// Pin object, return pinned object or null in rax
+static void gen_pin_object(MacroAssembler* masm,
+                           Register thread, VMRegPair reg) {
+  __ block_comment("gen_pin_object {");
+
+  Label is_null;
+  Register tmp_reg = rax;
+  VMRegPair tmp(tmp_reg->as_VMReg());
+  if (reg.first()->is_stack()) {
+    // Load the arg up from the stack
+    simple_move32(masm, reg, tmp);
+    reg = tmp;
+  } else {
+    __ movl(tmp_reg, reg.first()->as_Register());
+  }
+  __ testptr(reg.first()->as_Register(), reg.first()->as_Register());
+  __ jccb(Assembler::equal, is_null);
+
+  // Save registers that may be used by runtime call
+  Register arg = reg.first()->is_Register() ? reg.first()->as_Register() : noreg;
+  save_registers_except(masm, arg, thread);
+
+  __ call_VM_leaf(
+    CAST_FROM_FN_PTR(address, SharedRuntime::pin_object),
+    thread, reg.first()->as_Register());
+
+  // Restore saved registers
+  restore_registers_except(masm, arg, thread);
+
+  __ bind(is_null);
+  __ block_comment("} gen_pin_object");
+}
+
+// Unpin object
+static void gen_unpin_object(MacroAssembler* masm,
+                             Register thread, VMRegPair reg) {
+  __ block_comment("gen_unpin_object {");
+  Label is_null;
+
+  // temp register
+  __ push(rax);
+  Register tmp_reg = rax;
+  VMRegPair tmp(tmp_reg->as_VMReg());
+
+  simple_move32(masm, reg, tmp);
+
+  __ testptr(rax, rax);
+  __ jccb(Assembler::equal, is_null);
+
+  // Save registers that may be used by runtime call
+  Register arg = reg.first()->is_Register() ? reg.first()->as_Register() : noreg;
+  save_registers_except(masm, arg, thread);
+
+  __ call_VM_leaf(
+    CAST_FROM_FN_PTR(address, SharedRuntime::unpin_object),
+    thread, rax);
+
+  // Restore saved registers
+  restore_registers_except(masm, arg, thread);
+  __ bind(is_null);
+  __ pop(rax);
+  __ block_comment("} gen_unpin_object");
+}
+
 // Check GCLocker::needs_gc and enter the runtime if it's true.  This
 // keeps a new JNI critical region from starting until a GC has been
 // forced.  Save down any oops in registers and describe them in an
@@ -1837,7 +1928,7 @@
 
   __ get_thread(thread);
 
-  if (is_critical_native) {
+  if (is_critical_native && !Universe::heap()->supports_object_pinning()) {
     check_needs_gc_for_critical_native(masm, thread, stack_slots, total_c_args, total_in_args,
                                        oop_handle_offset, oop_maps, in_regs, in_sig_bt);
   }
@@ -1875,6 +1966,11 @@
   //
   OopMap* map = new OopMap(stack_slots * 2, 0 /* arg_slots*/);
 
+  // Inbound arguments that need to be pinned for critical natives
+  GrowableArray<int> pinned_args(total_in_args);
+  // Current stack slot for storing register based array argument
+  int pinned_slot = oop_handle_offset;
+
   // Mark location of rbp,
   // map->set_callee_saved(VMRegImpl::stack2reg( stack_slots - 2), stack_slots * 2, 0, rbp->as_VMReg());
 
@@ -1886,7 +1982,28 @@
     switch (in_sig_bt[i]) {
       case T_ARRAY:
         if (is_critical_native) {
-          unpack_array_argument(masm, in_regs[i], in_elem_bt[i], out_regs[c_arg + 1], out_regs[c_arg]);
+          VMRegPair in_arg = in_regs[i];
+          if (Universe::heap()->supports_object_pinning()) {
+            // gen_pin_object handles save and restore
+            // of any clobbered registers
+            gen_pin_object(masm, thread, in_arg);
+            pinned_args.append(i);
+
+            // rax has pinned array
+            VMRegPair result_reg(rax->as_VMReg());
+            if (!in_arg.first()->is_stack()) {
+              assert(pinned_slot <= stack_slots, "overflow");
+              simple_move32(masm, result_reg, VMRegImpl::stack2reg(pinned_slot));
+              pinned_slot += VMRegImpl::slots_per_word;
+            } else {
+              // Write back pinned value, it will be used to unpin this argument
+              __ movptr(Address(rbp, reg2offset_in(in_arg.first())), result_reg.first()->as_Register());
+            }
+            // We have the array in register, use it
+            in_arg = result_reg;
+          }
+
+          unpack_array_argument(masm, in_arg, in_elem_bt[i], out_regs[c_arg + 1], out_regs[c_arg]);
           c_arg++;
           break;
         }
@@ -2079,6 +2196,26 @@
   default       : ShouldNotReachHere();
   }
 
+  // unpin pinned arguments
+  pinned_slot = oop_handle_offset;
+  if (pinned_args.length() > 0) {
+    // save return value that may be overwritten otherwise.
+    save_native_result(masm, ret_type, stack_slots);
+    for (int index = 0; index < pinned_args.length(); index ++) {
+      int i = pinned_args.at(index);
+      assert(pinned_slot <= stack_slots, "overflow");
+      if (!in_regs[i].first()->is_stack()) {
+        int offset = pinned_slot * VMRegImpl::stack_slot_size;
+        __ movl(in_regs[i].first()->as_Register(), Address(rsp, offset));
+        pinned_slot += VMRegImpl::slots_per_word;
+      }
+      // gen_pin_object handles save and restore
+      // of any other clobbered registers
+      gen_unpin_object(masm, thread, in_regs[i]);
+    }
+    restore_native_result(masm, ret_type, stack_slots);
+  }
+
   // Switch thread to "native transition" state before reading the synchronization state.
   // This additional state is necessary because reading and testing the synchronization
   // state is not atomic w.r.t. GC, as this scenario demonstrates:
--- a/src/hotspot/cpu/x86/x86.ad	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/cpu/x86/x86.ad	Fri Oct 18 09:25:06 2019 -0700
@@ -1280,7 +1280,7 @@
     case Op_AbsVS:
     case Op_AbsVI:
     case Op_AddReductionVI:
-      if (UseSSE < 3) // requires at least SSE3
+      if (UseSSE < 3 || !VM_Version::supports_ssse3()) // requires at least SSSE3
         ret_value = false;
       break;
     case Op_MulReductionVI:
--- a/src/hotspot/os/aix/os_aix.cpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/os/aix/os_aix.cpp	Fri Oct 18 09:25:06 2019 -0700
@@ -1034,8 +1034,6 @@
 }
 
 bool os::supports_vtime() { return true; }
-bool os::enable_vtime()   { return false; }
-bool os::vtime_enabled()  { return false; }
 
 double os::elapsedVTime() {
   struct rusage usage;
@@ -3625,11 +3623,6 @@
   return;
 }
 
-bool os::distribute_processes(uint length, uint* distribution) {
-  // Not yet implemented.
-  return false;
-}
-
 bool os::bind_to_processor(uint processor_id) {
   // Not yet implemented.
   return false;
--- a/src/hotspot/os/aix/os_aix.hpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/os/aix/os_aix.hpp	Fri Oct 18 09:25:06 2019 -0700
@@ -44,7 +44,6 @@
 
   static julong _physical_memory;
   static pthread_t _main_thread;
-  static Mutex* _createThread_lock;
   static int _page_size;
 
   // -1 = uninitialized, 0 = AIX, 1 = OS/400 (PASE)
@@ -90,8 +89,6 @@
  public:
   static void init_thread_fpu_state();
   static pthread_t main_thread(void)                                { return _main_thread; }
-  static void set_createThread_lock(Mutex* lk)                      { _createThread_lock = lk; }
-  static Mutex* createThread_lock(void)                             { return _createThread_lock; }
   static void hotspot_sigmask(Thread* thread);
 
   // Given an address, returns the size of the page backing that address
--- a/src/hotspot/os/aix/os_aix.inline.hpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/os/aix/os_aix.inline.hpp	Fri Oct 18 09:25:06 2019 -0700
@@ -64,8 +64,6 @@
   ::dlclose(lib);
 }
 
-inline const int os::default_file_open_flags() { return 0;}
-
 inline jlong os::lseek(int fd, jlong offset, int whence) {
   return (jlong) ::lseek64(fd, offset, whence);
 }
--- a/src/hotspot/os/bsd/os_bsd.cpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/os/bsd/os_bsd.cpp	Fri Oct 18 09:25:06 2019 -0700
@@ -877,8 +877,6 @@
 }
 
 bool os::supports_vtime() { return true; }
-bool os::enable_vtime()   { return false; }
-bool os::vtime_enabled()  { return false; }
 
 double os::elapsedVTime() {
   // better than nothing, but not much
@@ -3282,11 +3280,6 @@
 #endif
 }
 
-bool os::distribute_processes(uint length, uint* distribution) {
-  // Not yet implemented.
-  return false;
-}
-
 bool os::bind_to_processor(uint processor_id) {
   // Not yet implemented.
   return false;
--- a/src/hotspot/os/bsd/os_bsd.inline.hpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/os/bsd/os_bsd.inline.hpp	Fri Oct 18 09:25:06 2019 -0700
@@ -67,8 +67,6 @@
   ::dlclose(lib);
 }
 
-inline const int os::default_file_open_flags() { return 0;}
-
 inline jlong os::lseek(int fd, jlong offset, int whence) {
   return (jlong) ::lseek(fd, offset, whence);
 }
--- a/src/hotspot/os/linux/osContainer_linux.cpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/os/linux/osContainer_linux.cpp	Fri Oct 18 09:25:06 2019 -0700
@@ -131,14 +131,34 @@
      * hierarchy. If set to true consider also memory.stat
      * file if everything else seems unlimited */
     bool _uses_mem_hierarchy;
+    volatile jlong _memory_limit_in_bytes;
+    volatile jlong _next_check_counter;
 
  public:
     CgroupMemorySubsystem(char *root, char *mountpoint) : CgroupSubsystem::CgroupSubsystem(root, mountpoint) {
       _uses_mem_hierarchy = false;
+      _memory_limit_in_bytes = -1;
+      _next_check_counter = min_jlong;
+
     }
 
     bool is_hierarchical() { return _uses_mem_hierarchy; }
     void set_hierarchical(bool value) { _uses_mem_hierarchy = value; }
+
+    bool should_check_memory_limit() {
+      return os::elapsed_counter() > _next_check_counter;
+    }
+    jlong memory_limit_in_bytes() { return _memory_limit_in_bytes; }
+    void set_memory_limit_in_bytes(jlong value) {
+      _memory_limit_in_bytes = value;
+      // max memory limit is unlikely to change, but we want to remain
+      // responsive to configuration changes. A very short (20ms) grace time
+      // between re-read avoids excessive overhead during startup without
+      // significantly reducing the VMs ability to promptly react to reduced
+      // memory availability
+      _next_check_counter = os::elapsed_counter() + (NANOSECS_PER_SEC/50);
+    }
+
 };
 
 CgroupMemorySubsystem* memory = NULL;
@@ -461,6 +481,16 @@
  *    OSCONTAINER_ERROR for not supported
  */
 jlong OSContainer::memory_limit_in_bytes() {
+  if (!memory->should_check_memory_limit()) {
+    return memory->memory_limit_in_bytes();
+  }
+  jlong memory_limit = read_memory_limit_in_bytes();
+  // Update CgroupMemorySubsystem to avoid re-reading container settings too often
+  memory->set_memory_limit_in_bytes(memory_limit);
+  return memory_limit;
+}
+
+jlong OSContainer::read_memory_limit_in_bytes() {
   GET_CONTAINER_INFO(julong, memory, "/memory.limit_in_bytes",
                      "Memory Limit is: " JULONG_FORMAT, JULONG_FORMAT, memlimit);
 
--- a/src/hotspot/os/linux/osContainer_linux.hpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/os/linux/osContainer_linux.hpp	Fri Oct 18 09:25:06 2019 -0700
@@ -36,6 +36,7 @@
  private:
   static bool   _is_initialized;
   static bool   _is_containerized;
+  static jlong read_memory_limit_in_bytes();
 
  public:
   static void init();
--- a/src/hotspot/os/linux/os_linux.cpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/os/linux/os_linux.cpp	Fri Oct 18 09:25:06 2019 -0700
@@ -148,11 +148,9 @@
 
 int (*os::Linux::_pthread_getcpuclockid)(pthread_t, clockid_t *) = NULL;
 int (*os::Linux::_pthread_setname_np)(pthread_t, const char*) = NULL;
-Mutex* os::Linux::_createThread_lock = NULL;
 pthread_t os::Linux::_main_thread;
 int os::Linux::_page_size = -1;
 bool os::Linux::_supports_fast_thread_cpu_time = false;
-uint32_t os::Linux::_os_version = 0;
 const char * os::Linux::_glibc_version = NULL;
 const char * os::Linux::_libpthread_version = NULL;
 
@@ -1364,8 +1362,6 @@
 }
 
 bool os::supports_vtime() { return true; }
-bool os::enable_vtime()   { return false; }
-bool os::vtime_enabled()  { return false; }
 
 double os::elapsedVTime() {
   struct rusage usage;
@@ -4823,48 +4819,6 @@
   return (tp.tv_sec * NANOSECS_PER_SEC) + tp.tv_nsec;
 }
 
-void os::Linux::initialize_os_info() {
-  assert(_os_version == 0, "OS info already initialized");
-
-  struct utsname _uname;
-
-  uint32_t major;
-  uint32_t minor;
-  uint32_t fix;
-
-  int rc;
-
-  // Kernel version is unknown if
-  // verification below fails.
-  _os_version = 0x01000000;
-
-  rc = uname(&_uname);
-  if (rc != -1) {
-
-    rc = sscanf(_uname.release,"%d.%d.%d", &major, &minor, &fix);
-    if (rc == 3) {
-
-      if (major < 256 && minor < 256 && fix < 256) {
-        // Kernel version format is as expected,
-        // set it overriding unknown state.
-        _os_version = (major << 16) |
-                      (minor << 8 ) |
-                      (fix   << 0 ) ;
-      }
-    }
-  }
-}
-
-uint32_t os::Linux::os_version() {
-  assert(_os_version != 0, "not initialized");
-  return _os_version & 0x00FFFFFF;
-}
-
-bool os::Linux::os_version_is_known() {
-  assert(_os_version != 0, "not initialized");
-  return _os_version & 0x01000000 ? false : true;
-}
-
 /////
 // glibc on Linux platform uses non-documented flag
 // to indicate, that some special sort of signal
@@ -5084,8 +5038,6 @@
 
   Linux::initialize_system_info();
 
-  Linux::initialize_os_info();
-
   os::Linux::CPUPerfTicks pticks;
   bool res = os::Linux::get_tick_information(&pticks, -1);
 
@@ -5262,9 +5214,6 @@
     }
   }
 
-  // Initialize lock used to serialize thread creation (see os::create_thread)
-  Linux::set_createThread_lock(new Mutex(Mutex::leaf, "createThread_lock", false));
-
   // at-exit methods are called in the reverse order of their registration.
   // atexit functions are called on return from main or as a result of a
   // call to exit(3C). There can be only 32 of these functions registered
@@ -5465,11 +5414,6 @@
   }
 }
 
-bool os::distribute_processes(uint length, uint* distribution) {
-  // Not yet implemented.
-  return false;
-}
-
 bool os::bind_to_processor(uint processor_id) {
   // Not yet implemented.
   return false;
--- a/src/hotspot/os/linux/os_linux.hpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/os/linux/os_linux.hpp	Fri Oct 18 09:25:06 2019 -0700
@@ -55,20 +55,10 @@
   static GrowableArray<int>* _cpu_to_node;
   static GrowableArray<int>* _nindex_to_node;
 
-  // 0x00000000 = uninitialized,
-  // 0x01000000 = kernel version unknown,
-  // otherwise a 32-bit number:
-  // Ox00AABBCC
-  // AA, Major Version
-  // BB, Minor Version
-  // CC, Fix   Version
-  static uint32_t _os_version;
-
  protected:
 
   static julong _physical_memory;
   static pthread_t _main_thread;
-  static Mutex* _createThread_lock;
   static int _page_size;
 
   static julong available_memory();
@@ -136,8 +126,6 @@
   // returns kernel thread id (similar to LWP id on Solaris), which can be
   // used to access /proc
   static pid_t gettid();
-  static void set_createThread_lock(Mutex* lk)                      { _createThread_lock = lk; }
-  static Mutex* createThread_lock(void)                             { return _createThread_lock; }
   static void hotspot_sigmask(Thread* thread);
 
   static address   initial_thread_stack_bottom(void)                { return _initial_thread_stack_bottom; }
@@ -196,7 +184,6 @@
 
   // Stack overflow handling
   static bool manually_expand_stack(JavaThread * t, address addr);
-  static int max_register_window_saves_before_flushing();
 
   // fast POSIX clocks support
   static void fast_thread_clock_init(void);
@@ -211,10 +198,6 @@
 
   static jlong fast_thread_cpu_time(clockid_t clockid);
 
-  static void initialize_os_info();
-  static bool os_version_is_known();
-  static uint32_t os_version();
-
   // Stack repair handling
 
   // none present
--- a/src/hotspot/os/linux/os_linux.inline.hpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/os/linux/os_linux.inline.hpp	Fri Oct 18 09:25:06 2019 -0700
@@ -59,8 +59,6 @@
   ::dlclose(lib);
 }
 
-inline const int os::default_file_open_flags() { return 0;}
-
 inline jlong os::lseek(int fd, jlong offset, int whence) {
   return (jlong) ::lseek64(fd, offset, whence);
 }
--- a/src/hotspot/os/posix/os_posix.cpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/os/posix/os_posix.cpp	Fri Oct 18 09:25:06 2019 -0700
@@ -167,11 +167,6 @@
   return n;
 }
 
-bool os::is_debugger_attached() {
-  // not implemented
-  return false;
-}
-
 void os::wait_for_keypress_at_exit(void) {
   // don't do anything on posix platforms
   return;
--- a/src/hotspot/os/solaris/os_solaris.cpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/os/solaris/os_solaris.cpp	Fri Oct 18 09:25:06 2019 -0700
@@ -265,8 +265,6 @@
   }
 }
 
-static int _processors_online = 0;
-
 jint os::Solaris::_os_thread_limit = 0;
 volatile jint os::Solaris::_os_thread_count = 0;
 
@@ -291,7 +289,6 @@
 
 void os::Solaris::initialize_system_info() {
   set_processor_count(sysconf(_SC_NPROCESSORS_CONF));
-  _processors_online = sysconf(_SC_NPROCESSORS_ONLN);
   _physical_memory = (julong)sysconf(_SC_PHYS_PAGES) *
                                      (julong)sysconf(_SC_PAGESIZE);
 }
@@ -320,7 +317,6 @@
     // Query the number of cpus available to us.
     if (pset_info(pset, NULL, &pset_cpus, NULL) == 0) {
       assert(pset_cpus > 0 && pset_cpus <= online_cpus, "sanity check");
-      _processors_online = pset_cpus;
       return pset_cpus;
     }
   }
@@ -328,136 +324,6 @@
   return online_cpus;
 }
 
-static bool find_processors_in_pset(psetid_t        pset,
-                                    processorid_t** id_array,
-                                    uint_t*         id_length) {
-  bool result = false;
-  // Find the number of processors in the processor set.
-  if (pset_info(pset, NULL, id_length, NULL) == 0) {
-    // Make up an array to hold their ids.
-    *id_array = NEW_C_HEAP_ARRAY(processorid_t, *id_length, mtInternal);
-    // Fill in the array with their processor ids.
-    if (pset_info(pset, NULL, id_length, *id_array) == 0) {
-      result = true;
-    }
-  }
-  return result;
-}
-
-// Callers of find_processors_online() must tolerate imprecise results --
-// the system configuration can change asynchronously because of DR
-// or explicit psradm operations.
-//
-// We also need to take care that the loop (below) terminates as the
-// number of processors online can change between the _SC_NPROCESSORS_ONLN
-// request and the loop that builds the list of processor ids.   Unfortunately
-// there's no reliable way to determine the maximum valid processor id,
-// so we use a manifest constant, MAX_PROCESSOR_ID, instead.  See p_online
-// man pages, which claim the processor id set is "sparse, but
-// not too sparse".  MAX_PROCESSOR_ID is used to ensure that we eventually
-// exit the loop.
-//
-// In the future we'll be able to use sysconf(_SC_CPUID_MAX), but that's
-// not available on S8.0.
-
-static bool find_processors_online(processorid_t** id_array,
-                                   uint*           id_length) {
-  const processorid_t MAX_PROCESSOR_ID = 100000;
-  // Find the number of processors online.
-  *id_length = sysconf(_SC_NPROCESSORS_ONLN);
-  // Make up an array to hold their ids.
-  *id_array = NEW_C_HEAP_ARRAY(processorid_t, *id_length, mtInternal);
-  // Processors need not be numbered consecutively.
-  long found = 0;
-  processorid_t next = 0;
-  while (found < *id_length && next < MAX_PROCESSOR_ID) {
-    processor_info_t info;
-    if (processor_info(next, &info) == 0) {
-      // NB, PI_NOINTR processors are effectively online ...
-      if (info.pi_state == P_ONLINE || info.pi_state == P_NOINTR) {
-        (*id_array)[found] = next;
-        found += 1;
-      }
-    }
-    next += 1;
-  }
-  if (found < *id_length) {
-    // The loop above didn't identify the expected number of processors.
-    // We could always retry the operation, calling sysconf(_SC_NPROCESSORS_ONLN)
-    // and re-running the loop, above, but there's no guarantee of progress
-    // if the system configuration is in flux.  Instead, we just return what
-    // we've got.  Note that in the worst case find_processors_online() could
-    // return an empty set.  (As a fall-back in the case of the empty set we
-    // could just return the ID of the current processor).
-    *id_length = found;
-  }
-
-  return true;
-}
-
-static bool assign_distribution(processorid_t* id_array,
-                                uint           id_length,
-                                uint*          distribution,
-                                uint           distribution_length) {
-  // We assume we can assign processorid_t's to uint's.
-  assert(sizeof(processorid_t) == sizeof(uint),
-         "can't convert processorid_t to uint");
-  // Quick check to see if we won't succeed.
-  if (id_length < distribution_length) {
-    return false;
-  }
-  // Assign processor ids to the distribution.
-  // Try to shuffle processors to distribute work across boards,
-  // assuming 4 processors per board.
-  const uint processors_per_board = ProcessDistributionStride;
-  // Find the maximum processor id.
-  processorid_t max_id = 0;
-  for (uint m = 0; m < id_length; m += 1) {
-    max_id = MAX2(max_id, id_array[m]);
-  }
-  // The next id, to limit loops.
-  const processorid_t limit_id = max_id + 1;
-  // Make up markers for available processors.
-  bool* available_id = NEW_C_HEAP_ARRAY(bool, limit_id, mtInternal);
-  for (uint c = 0; c < limit_id; c += 1) {
-    available_id[c] = false;
-  }
-  for (uint a = 0; a < id_length; a += 1) {
-    available_id[id_array[a]] = true;
-  }
-  // Step by "boards", then by "slot", copying to "assigned".
-  // NEEDS_CLEANUP: The assignment of processors should be stateful,
-  //                remembering which processors have been assigned by
-  //                previous calls, etc., so as to distribute several
-  //                independent calls of this method.  What we'd like is
-  //                It would be nice to have an API that let us ask
-  //                how many processes are bound to a processor,
-  //                but we don't have that, either.
-  //                In the short term, "board" is static so that
-  //                subsequent distributions don't all start at board 0.
-  static uint board = 0;
-  uint assigned = 0;
-  // Until we've found enough processors ....
-  while (assigned < distribution_length) {
-    // ... find the next available processor in the board.
-    for (uint slot = 0; slot < processors_per_board; slot += 1) {
-      uint try_id = board * processors_per_board + slot;
-      if ((try_id < limit_id) && (available_id[try_id] == true)) {
-        distribution[assigned] = try_id;
-        available_id[try_id] = false;
-        assigned += 1;
-        break;
-      }
-    }
-    board += 1;
-    if (board * processors_per_board + 0 >= limit_id) {
-      board = 0;
-    }
-  }
-  FREE_C_HEAP_ARRAY(bool, available_id);
-  return true;
-}
-
 void os::set_native_thread_name(const char *name) {
   if (Solaris::_pthread_setname_np != NULL) {
     // Only the first 31 bytes of 'name' are processed by pthread_setname_np
@@ -470,31 +336,6 @@
   }
 }
 
-bool os::distribute_processes(uint length, uint* distribution) {
-  bool result = false;
-  // Find the processor id's of all the available CPUs.
-  processorid_t* id_array  = NULL;
-  uint           id_length = 0;
-  // There are some races between querying information and using it,
-  // since processor sets can change dynamically.
-  psetid_t pset = PS_NONE;
-  // Are we running in a processor set?
-  if ((pset_bind(PS_QUERY, P_PID, P_MYID, &pset) == 0) && pset != PS_NONE) {
-    result = find_processors_in_pset(pset, &id_array, &id_length);
-  } else {
-    result = find_processors_online(&id_array, &id_length);
-  }
-  if (result == true) {
-    if (id_length >= length) {
-      result = assign_distribution(id_array, id_length, distribution, length);
-    } else {
-      result = false;
-    }
-  }
-  FREE_C_HEAP_ARRAY(processorid_t, id_array);
-  return result;
-}
-
 bool os::bind_to_processor(uint processor_id) {
   // We assume that a processorid_t can be stored in a uint.
   assert(sizeof(uint) == sizeof(processorid_t),
@@ -1237,8 +1078,6 @@
 }
 
 bool os::supports_vtime() { return true; }
-bool os::enable_vtime() { return false; }
-bool os::vtime_enabled() { return false; }
 
 double os::elapsedVTime() {
   return (double)gethrvtime() / (double)hrtime_hz;
--- a/src/hotspot/os/solaris/os_solaris.hpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/os/solaris/os_solaris.hpp	Fri Oct 18 09:25:06 2019 -0700
@@ -271,10 +271,6 @@
 
   static void correct_stack_boundaries_for_primordial_thread(Thread* thr);
 
-  // Stack overflow handling
-
-  static int max_register_window_saves_before_flushing();
-
   // Stack repair handling
 
   // none present
--- a/src/hotspot/os/solaris/os_solaris.inline.hpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/os/solaris/os_solaris.inline.hpp	Fri Oct 18 09:25:06 2019 -0700
@@ -61,8 +61,6 @@
 
 inline void os::dll_unload(void *lib) { ::dlclose(lib); }
 
-inline const int os::default_file_open_flags() { return 0;}
-
 //////////////////////////////////////////////////////////////////////////////
 ////////////////////////////////////////////////////////////////////////////////
 
--- a/src/hotspot/os/windows/os_windows.cpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/os/windows/os_windows.cpp	Fri Oct 18 09:25:06 2019 -0700
@@ -826,11 +826,6 @@
   } __except(EXCEPTION_EXECUTE_HANDLER) {}
 }
 
-bool os::distribute_processes(uint length, uint* distribution) {
-  // Not yet implemented.
-  return false;
-}
-
 bool os::bind_to_processor(uint processor_id) {
   // Not yet implemented.
   return false;
@@ -911,8 +906,6 @@
 }
 
 bool os::supports_vtime() { return true; }
-bool os::enable_vtime() { return false; }
-bool os::vtime_enabled() { return false; }
 
 double os::elapsedVTime() {
   FILETIME created;
@@ -3904,12 +3897,6 @@
   _setmode(_fileno(stderr), _O_BINARY);
 }
 
-
-bool os::is_debugger_attached() {
-  return IsDebuggerPresent() ? true : false;
-}
-
-
 void os::wait_for_keypress_at_exit(void) {
   if (PauseAtExit) {
     fprintf(stderr, "Press any key to continue...\n");
--- a/src/hotspot/os/windows/os_windows.inline.hpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/os/windows/os_windows.inline.hpp	Fri Oct 18 09:25:06 2019 -0700
@@ -30,8 +30,6 @@
 
 inline const char* os::dll_file_extension()            { return ".dll"; }
 
-inline const int os::default_file_open_flags() { return O_BINARY | O_NOINHERIT;}
-
 inline void  os::dll_unload(void *lib) {
   ::FreeLibrary((HMODULE)lib);
 }
--- a/src/hotspot/os_cpu/solaris_sparc/os_solaris_sparc.cpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/os_cpu/solaris_sparc/os_solaris_sparc.cpp	Fri Oct 18 09:25:06 2019 -0700
@@ -86,12 +86,6 @@
 size_t os::Posix::_java_thread_min_stack_allowed = 86 * K;
 size_t os::Posix::_vm_internal_thread_min_stack_allowed = 128 * K;
 
-int os::Solaris::max_register_window_saves_before_flushing() {
-  // We should detect this at run time. For now, filling
-  // in with a constant.
-  return 8;
-}
-
 static void handle_unflushed_register_windows(gwindows_t *win) {
   int restore_count = win->wbcnt;
   int i;
--- a/src/hotspot/share/classfile/javaClasses.cpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/share/classfile/javaClasses.cpp	Fri Oct 18 09:25:06 2019 -0700
@@ -1545,7 +1545,7 @@
 int  java_lang_Class::classRedefinedCount_offset = -1;
 
 #define CLASS_FIELDS_DO(macro) \
-  macro(classRedefinedCount_offset, k, "classRedefinedCount", int_signature,         false) ; \
+  macro(classRedefinedCount_offset, k, "classRedefinedCount", int_signature,         false); \
   macro(_class_loader_offset,       k, "classLoader",         classloader_signature, false); \
   macro(_component_mirror_offset,   k, "componentType",       class_signature,       false); \
   macro(_module_offset,             k, "module",              module_signature,      false); \
@@ -1938,7 +1938,6 @@
   return method != NULL && (method->constants()->version() == version);
 }
 
-
 // This class provides a simple wrapper over the internal structure of
 // exception backtrace to insulate users of the backtrace from needing
 // to know what it looks like.
@@ -1950,7 +1949,11 @@
   typeArrayOop    _methods;
   typeArrayOop    _bcis;
   objArrayOop     _mirrors;
-  typeArrayOop    _names; // needed to insulate method name against redefinition
+  typeArrayOop    _names; // Needed to insulate method name against redefinition.
+  // This is set to a java.lang.Boolean(true) if the top frame
+  // of the backtrace is omitted because it shall be hidden.
+  // Else it is null.
+  oop             _has_hidden_top_frame;
   int             _index;
   NoSafepointVerifier _nsv;
 
@@ -1960,6 +1963,7 @@
     trace_mirrors_offset = java_lang_Throwable::trace_mirrors_offset,
     trace_names_offset   = java_lang_Throwable::trace_names_offset,
     trace_next_offset    = java_lang_Throwable::trace_next_offset,
+    trace_hidden_offset  = java_lang_Throwable::trace_hidden_offset,
     trace_size           = java_lang_Throwable::trace_size,
     trace_chunk_size     = java_lang_Throwable::trace_chunk_size
   };
@@ -1985,11 +1989,15 @@
     assert(names != NULL, "names array should be initialized in backtrace");
     return names;
   }
+  static oop get_has_hidden_top_frame(objArrayHandle chunk) {
+    oop hidden = chunk->obj_at(trace_hidden_offset);
+    return hidden;
+  }
 
  public:
 
   // constructor for new backtrace
-  BacktraceBuilder(TRAPS): _head(NULL), _methods(NULL), _bcis(NULL), _mirrors(NULL), _names(NULL) {
+  BacktraceBuilder(TRAPS): _head(NULL), _methods(NULL), _bcis(NULL), _mirrors(NULL), _names(NULL), _has_hidden_top_frame(NULL) {
     expand(CHECK);
     _backtrace = Handle(THREAD, _head);
     _index = 0;
@@ -2000,6 +2008,7 @@
     _bcis = get_bcis(backtrace);
     _mirrors = get_mirrors(backtrace);
     _names = get_names(backtrace);
+    _has_hidden_top_frame = get_has_hidden_top_frame(backtrace);
     assert(_methods->length() == _bcis->length() &&
            _methods->length() == _mirrors->length() &&
            _mirrors->length() == _names->length(),
@@ -2037,6 +2046,7 @@
     new_head->obj_at_put(trace_bcis_offset, new_bcis());
     new_head->obj_at_put(trace_mirrors_offset, new_mirrors());
     new_head->obj_at_put(trace_names_offset, new_names());
+    new_head->obj_at_put(trace_hidden_offset, NULL);
 
     _head    = new_head();
     _methods = new_methods();
@@ -2077,6 +2087,16 @@
     _index++;
   }
 
+  void set_has_hidden_top_frame(TRAPS) {
+    if (_has_hidden_top_frame == NULL) {
+      jvalue prim;
+      prim.z = 1;
+      PauseNoSafepointVerifier pnsv(&_nsv);
+      _has_hidden_top_frame = java_lang_boxing_object::create(T_BOOLEAN, &prim, CHECK);
+      _head->obj_at_put(trace_hidden_offset, _has_hidden_top_frame);
+    }
+  }
+
 };
 
 struct BacktraceElement : public StackObj {
@@ -2406,7 +2426,13 @@
       }
     }
     if (method->is_hidden()) {
-      if (skip_hidden)  continue;
+      if (skip_hidden) {
+        if (total_count == 0) {
+          // The top frame will be hidden from the stack trace.
+          bt.set_has_hidden_top_frame(CHECK);
+        }
+        continue;
+      }
     }
     bt.push(method, bci, CHECK);
     total_count++;
@@ -2523,6 +2549,37 @@
   }
 }
 
+bool java_lang_Throwable::get_top_method_and_bci(oop throwable, Method** method, int* bci) {
+  Thread* THREAD = Thread::current();
+  objArrayHandle result(THREAD, objArrayOop(backtrace(throwable)));
+  BacktraceIterator iter(result, THREAD);
+  // No backtrace available.
+  if (!iter.repeat()) return false;
+
+  // If the exception happened in a frame that has been hidden, i.e.,
+  // omitted from the back trace, we can not compute the message.
+  oop hidden = ((objArrayOop)backtrace(throwable))->obj_at(trace_hidden_offset);
+  if (hidden != NULL) {
+    return false;
+  }
+
+  // Get first backtrace element.
+  BacktraceElement bte = iter.next(THREAD);
+
+  InstanceKlass* holder = InstanceKlass::cast(java_lang_Class::as_Klass(bte._mirror()));
+  assert(holder != NULL, "first element should be non-null");
+  Method* m = holder->method_with_orig_idnum(bte._method_id, bte._version);
+
+  // Original version is no longer available.
+  if (m == NULL || !version_matches(m, bte._version)) {
+    return false;
+  }
+
+  *method = m;
+  *bci = bte._bci;
+  return true;
+}
+
 oop java_lang_StackTraceElement::create(const methodHandle& method, int bci, TRAPS) {
   // Allocate java.lang.StackTraceElement instance
   InstanceKlass* k = SystemDictionary::StackTraceElement_klass();
--- a/src/hotspot/share/classfile/javaClasses.hpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/share/classfile/javaClasses.hpp	Fri Oct 18 09:25:06 2019 -0700
@@ -518,7 +518,8 @@
     trace_mirrors_offset = 2,
     trace_names_offset   = 3,
     trace_next_offset    = 4,
-    trace_size           = 5,
+    trace_hidden_offset  = 5,
+    trace_size           = 6,
     trace_chunk_size     = 32
   };
 
@@ -568,6 +569,8 @@
   static void java_printStackTrace(Handle throwable, TRAPS);
   // Debugging
   friend class JavaClasses;
+  // Gets the method and bci of the top frame (TOS). Returns false if this failed.
+  static bool get_top_method_and_bci(oop throwable, Method** method, int* bci);
 };
 
 
--- a/src/hotspot/share/classfile/systemDictionary.hpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/share/classfile/systemDictionary.hpp	Fri Oct 18 09:25:06 2019 -0700
@@ -155,6 +155,7 @@
   do_klass(reflect_ConstantPool_klass,                  reflect_ConstantPool                                  ) \
   do_klass(reflect_UnsafeStaticFieldAccessorImpl_klass, reflect_UnsafeStaticFieldAccessorImpl                 ) \
   do_klass(reflect_CallerSensitive_klass,               reflect_CallerSensitive                               ) \
+  do_klass(reflect_NativeConstructorAccessorImpl_klass, reflect_NativeConstructorAccessorImpl                 ) \
                                                                                                                 \
   /* support for dynamic typing; it's OK if these are NULL in earlier JDKs */                                   \
   do_klass(DirectMethodHandle_klass,                    java_lang_invoke_DirectMethodHandle                   ) \
--- a/src/hotspot/share/classfile/vmSymbols.hpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/share/classfile/vmSymbols.hpp	Fri Oct 18 09:25:06 2019 -0700
@@ -243,6 +243,7 @@
   template(reflect_Reflection,                        "jdk/internal/reflect/Reflection")              \
   template(reflect_CallerSensitive,                   "jdk/internal/reflect/CallerSensitive")         \
   template(reflect_CallerSensitive_signature,         "Ljdk/internal/reflect/CallerSensitive;")       \
+  template(reflect_NativeConstructorAccessorImpl,     "jdk/internal/reflect/NativeConstructorAccessorImpl")\
   template(checkedExceptions_name,                    "checkedExceptions")                        \
   template(clazz_name,                                "clazz")                                    \
   template(exceptionTypes_name,                       "exceptionTypes")                           \
--- a/src/hotspot/share/gc/epsilon/epsilonArguments.cpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/share/gc/epsilon/epsilonArguments.cpp	Fri Oct 18 09:25:06 2019 -0700
@@ -45,13 +45,25 @@
     FLAG_SET_DEFAULT(ExitOnOutOfMemoryError, true);
   }
 
+  // Warn users that non-resizable heap might be better for some configurations.
+  // We are not adjusting the heap size by ourselves, because it affects startup time.
+  if (InitialHeapSize != MaxHeapSize) {
+    log_warning(gc)("Consider setting -Xms equal to -Xmx to avoid resizing hiccups");
+  }
+
+  // Warn users that AlwaysPreTouch might be better for some configurations.
+  // We are not turning this on by ourselves, because it affects startup time.
+  if (FLAG_IS_DEFAULT(AlwaysPreTouch) && !AlwaysPreTouch) {
+    log_warning(gc)("Consider enabling -XX:+AlwaysPreTouch to avoid memory commit hiccups");
+  }
+
   if (EpsilonMaxTLABSize < MinTLABSize) {
-    warning("EpsilonMaxTLABSize < MinTLABSize, adjusting it to " SIZE_FORMAT, MinTLABSize);
+    log_warning(gc)("EpsilonMaxTLABSize < MinTLABSize, adjusting it to " SIZE_FORMAT, MinTLABSize);
     EpsilonMaxTLABSize = MinTLABSize;
   }
 
   if (!EpsilonElasticTLAB && EpsilonElasticTLABDecay) {
-    warning("Disabling EpsilonElasticTLABDecay because EpsilonElasticTLAB is disabled");
+    log_warning(gc)("Disabling EpsilonElasticTLABDecay because EpsilonElasticTLAB is disabled");
     FLAG_SET_DEFAULT(EpsilonElasticTLABDecay, false);
   }
 
--- a/src/hotspot/share/gc/g1/g1CollectedHeap.cpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/share/gc/g1/g1CollectedHeap.cpp	Fri Oct 18 09:25:06 2019 -0700
@@ -1630,7 +1630,6 @@
 }
 
 jint G1CollectedHeap::initialize() {
-  os::enable_vtime();
 
   // Necessary to satisfy locking discipline assertions.
 
@@ -4076,7 +4075,7 @@
     Atomic::add(r->rem_set()->occupied_locked(), &_rs_length);
 
     if (!is_young) {
-      g1h->_hot_card_cache->reset_card_counts(r);
+      g1h->hot_card_cache()->reset_card_counts(r);
     }
 
     if (!evacuation_failed) {
--- a/src/hotspot/share/gc/g1/g1CollectedHeap.hpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/share/gc/g1/g1CollectedHeap.hpp	Fri Oct 18 09:25:06 2019 -0700
@@ -129,7 +129,6 @@
 };
 
 class G1CollectedHeap : public CollectedHeap {
-  friend class G1FreeCollectionSetTask;
   friend class VM_CollectForMetadataAllocation;
   friend class VM_G1CollectForAllocation;
   friend class VM_G1CollectFull;
@@ -1138,7 +1137,7 @@
     return _reserved.contains(addr);
   }
 
-  G1HotCardCache* g1_hot_card_cache() const { return _hot_card_cache; }
+  G1HotCardCache* hot_card_cache() const { return _hot_card_cache; }
 
   G1CardTable* card_table() const {
     return _card_table;
--- a/src/hotspot/share/gc/g1/g1FullGCPrepareTask.cpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/share/gc/g1/g1FullGCPrepareTask.cpp	Fri Oct 18 09:25:06 2019 -0700
@@ -114,8 +114,9 @@
   hr->rem_set()->clear();
   hr->clear_cardtable();
 
-  if (_g1h->g1_hot_card_cache()->use_cache()) {
-    _g1h->g1_hot_card_cache()->reset_card_counts(hr);
+  G1HotCardCache* hcc = _g1h->hot_card_cache();
+  if (hcc->use_cache()) {
+    hcc->reset_card_counts(hr);
   }
 }
 
--- a/src/hotspot/share/gc/g1/g1RemSet.cpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/share/gc/g1/g1RemSet.cpp	Fri Oct 18 09:25:06 2019 -0700
@@ -487,7 +487,7 @@
                    G1CardTable* ct,
                    G1HotCardCache* hot_card_cache) :
   _scan_state(new G1RemSetScanState()),
-  _prev_period_summary(),
+  _prev_period_summary(false),
   _g1h(g1h),
   _ct(ct),
   _g1p(_g1h->policy()),
@@ -1404,7 +1404,7 @@
   if ((G1SummarizeRSetStatsPeriod > 0) && log_is_enabled(Trace, gc, remset) &&
       (period_count % G1SummarizeRSetStatsPeriod == 0)) {
 
-    G1RemSetSummary current(this);
+    G1RemSetSummary current;
     _prev_period_summary.subtract_from(&current);
 
     Log(gc, remset) log;
@@ -1421,7 +1421,7 @@
   Log(gc, remset, exit) log;
   if (log.is_trace()) {
     log.trace(" Cumulative RS summary");
-    G1RemSetSummary current(this);
+    G1RemSetSummary current;
     ResourceMark rm;
     LogStream ls(log.trace());
     current.print_on(&ls);
--- a/src/hotspot/share/gc/g1/g1RemSetSummary.cpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/share/gc/g1/g1RemSetSummary.cpp	Fri Oct 18 09:25:06 2019 -0700
@@ -81,8 +81,7 @@
   return _rs_threads_vtimes[thread];
 }
 
-G1RemSetSummary::G1RemSetSummary() :
-  _rem_set(NULL),
+G1RemSetSummary::G1RemSetSummary(bool should_update) :
   _total_mutator_refined_cards(0),
   _total_concurrent_refined_cards(0),
   _num_coarsenings(0),
@@ -91,17 +90,10 @@
   _sampling_thread_vtime(0.0f) {
 
   memset(_rs_threads_vtimes, 0, sizeof(double) * _num_vtimes);
-}
 
-G1RemSetSummary::G1RemSetSummary(G1RemSet* rem_set) :
-  _rem_set(rem_set),
-  _total_mutator_refined_cards(0),
-  _total_concurrent_refined_cards(0),
-  _num_coarsenings(0),
-  _num_vtimes(G1ConcurrentRefine::max_num_threads()),
-  _rs_threads_vtimes(NEW_C_HEAP_ARRAY(double, _num_vtimes, mtGC)),
-  _sampling_thread_vtime(0.0f) {
-  update();
+  if (should_update) {
+    update();
+  }
 }
 
 G1RemSetSummary::~G1RemSetSummary() {
--- a/src/hotspot/share/gc/g1/g1RemSetSummary.hpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/share/gc/g1/g1RemSetSummary.hpp	Fri Oct 18 09:25:06 2019 -0700
@@ -36,8 +36,6 @@
 private:
   friend class GetRSThreadVTimeClosure;
 
-  G1RemSet* _rem_set;
-
   size_t _total_mutator_refined_cards;
   size_t _total_concurrent_refined_cards;
 
@@ -57,8 +55,7 @@
   void update();
 
 public:
-  G1RemSetSummary();
-  G1RemSetSummary(G1RemSet* remset);
+  G1RemSetSummary(bool should_update = true);
 
   ~G1RemSetSummary();
 
--- a/src/hotspot/share/gc/shenandoah/shenandoahBarrierSet.cpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/share/gc/shenandoah/shenandoahBarrierSet.cpp	Fri Oct 18 09:25:06 2019 -0700
@@ -268,17 +268,12 @@
   }
 
   ShenandoahMarkingContext* const marking_context = _heap->marking_context();
-
-  if (_heap->is_evacuation_in_progress()) {
-    // Normal GC
-    if (!marking_context->is_marked(obj)) {
+  if (_heap->is_evacuation_in_progress() && !marking_context->is_marked(obj)) {
+    Thread* thr = Thread::current();
+    if (thr->is_Java_thread()) {
       return NULL;
-    }
-  } else if (_heap->is_concurrent_traversal_in_progress()) {
-    // Traversal GC
-    if (marking_context->is_complete() &&
-        !marking_context->is_marked(resolve_forwarded_not_null(obj))) {
-      return NULL;
+    } else {
+      return obj;
     }
   }
 
--- a/src/hotspot/share/gc/shenandoah/shenandoahClosures.hpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/share/gc/shenandoah/shenandoahClosures.hpp	Fri Oct 18 09:25:06 2019 -0700
@@ -27,6 +27,7 @@
 
 class ShenandoahHeap;
 class ShenandoahMarkingContext;
+class ShenandoahHeapRegionSet;
 class Thread;
 
 class ShenandoahForwardedIsAliveClosure: public BoolObjectClosure {
@@ -65,6 +66,20 @@
   inline void do_oop_work(T* p);
 };
 
+class ShenandoahTraversalUpdateRefsClosure: public OopClosure {
+private:
+  ShenandoahHeap* const           _heap;
+  ShenandoahHeapRegionSet* const  _traversal_set;
+
+public:
+  inline ShenandoahTraversalUpdateRefsClosure();
+  inline void do_oop(oop* p);
+  inline void do_oop(narrowOop* p);
+private:
+  template <class T>
+  inline void do_oop_work(T* p);
+};
+
 class ShenandoahEvacuateUpdateRootsClosure: public BasicOopIterateClosure {
 private:
   ShenandoahHeap* _heap;
--- a/src/hotspot/share/gc/shenandoah/shenandoahClosures.inline.hpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/share/gc/shenandoah/shenandoahClosures.inline.hpp	Fri Oct 18 09:25:06 2019 -0700
@@ -26,6 +26,7 @@
 #include "gc/shenandoah/shenandoahAsserts.hpp"
 #include "gc/shenandoah/shenandoahClosures.hpp"
 #include "gc/shenandoah/shenandoahHeap.inline.hpp"
+#include "gc/shenandoah/shenandoahTraversalGC.hpp"
 #include "oops/compressedOops.inline.hpp"
 #include "runtime/thread.hpp"
 
@@ -78,6 +79,29 @@
 void ShenandoahUpdateRefsClosure::do_oop(oop* p)       { do_oop_work(p); }
 void ShenandoahUpdateRefsClosure::do_oop(narrowOop* p) { do_oop_work(p); }
 
+ShenandoahTraversalUpdateRefsClosure::ShenandoahTraversalUpdateRefsClosure() :
+  _heap(ShenandoahHeap::heap()),
+  _traversal_set(ShenandoahHeap::heap()->traversal_gc()->traversal_set()) {
+  assert(_heap->is_traversal_mode(), "Why we here?");
+}
+
+template <class T>
+void ShenandoahTraversalUpdateRefsClosure::do_oop_work(T* p) {
+  T o = RawAccess<>::oop_load(p);
+  if (!CompressedOops::is_null(o)) {
+    oop obj = CompressedOops::decode_not_null(o);
+    if (_heap->in_collection_set(obj) || _traversal_set->is_in((HeapWord*)obj)) {
+      obj = ShenandoahBarrierSet::resolve_forwarded_not_null(obj);
+      RawAccess<IS_NOT_NULL>::oop_store(p, obj);
+    } else {
+      shenandoah_assert_not_forwarded(p, obj);
+    }
+  }
+}
+
+void ShenandoahTraversalUpdateRefsClosure::do_oop(oop* p)       { do_oop_work(p); }
+void ShenandoahTraversalUpdateRefsClosure::do_oop(narrowOop* p) { do_oop_work(p); }
+
 ShenandoahEvacuateUpdateRootsClosure::ShenandoahEvacuateUpdateRootsClosure() :
   _heap(ShenandoahHeap::heap()), _thread(Thread::current()) {
 }
--- a/src/hotspot/share/gc/shenandoah/shenandoahConcurrentMark.cpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/share/gc/shenandoah/shenandoahConcurrentMark.cpp	Fri Oct 18 09:25:06 2019 -0700
@@ -319,13 +319,20 @@
 };
 
 void ShenandoahConcurrentMark::update_thread_roots(ShenandoahPhaseTimings::Phase root_phase) {
-  WorkGang* workers = _heap->workers();
-  bool is_par = workers->active_workers() > 1;
+  assert(ShenandoahSafepoint::is_at_shenandoah_safepoint(), "Must be at a safepoint");
+
+  ShenandoahGCPhase phase(root_phase);
+
 #if COMPILER2_OR_JVMCI
   DerivedPointerTable::clear();
 #endif
+
+  WorkGang* workers = _heap->workers();
+  bool is_par = workers->active_workers() > 1;
+
   ShenandoahUpdateThreadRootsTask task(is_par, root_phase);
   workers->run_task(&task);
+
 #if COMPILER2_OR_JVMCI
   DerivedPointerTable::update_pointers();
 #endif
--- a/src/hotspot/share/gc/shenandoah/shenandoahHeap.cpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/share/gc/shenandoah/shenandoahHeap.cpp	Fri Oct 18 09:25:06 2019 -0700
@@ -1493,31 +1493,36 @@
 
     stop_concurrent_marking();
 
+    // All allocations past TAMS are implicitly live, adjust the region data.
+    // Bitmaps/TAMS are swapped at this point, so we need to poll complete bitmap.
     {
       ShenandoahGCPhase phase(ShenandoahPhaseTimings::complete_liveness);
-
-      // All allocations past TAMS are implicitly live, adjust the region data.
-      // Bitmaps/TAMS are swapped at this point, so we need to poll complete bitmap.
       ShenandoahCompleteLivenessClosure cl;
       parallel_heap_region_iterate(&cl);
     }
 
+    // Force the threads to reacquire their TLABs outside the collection set.
+    {
+      ShenandoahGCPhase phase(ShenandoahPhaseTimings::retire_tlabs);
+      make_parsable(true);
+    }
+
+    // Trash the collection set left over from previous cycle, if any.
+    {
+      ShenandoahGCPhase phase(ShenandoahPhaseTimings::trash_cset);
+      trash_cset_regions();
+    }
+
     {
-      ShenandoahGCPhase prepare_evac(ShenandoahPhaseTimings::prepare_evac);
-
-      make_parsable(true);
-
-      trash_cset_regions();
-
-      {
-        ShenandoahHeapLocker locker(lock());
-        _collection_set->clear();
-        _free_set->clear();
-
-        heuristics()->choose_collection_set(_collection_set);
-
-        _free_set->rebuild();
-      }
+      ShenandoahGCPhase phase(ShenandoahPhaseTimings::prepare_evac);
+
+      ShenandoahHeapLocker locker(lock());
+      _collection_set->clear();
+      _free_set->clear();
+
+      heuristics()->choose_collection_set(_collection_set);
+
+      _free_set->rebuild();
     }
 
     // If collection set has candidates, start evacuation.
@@ -1580,7 +1585,10 @@
 
   set_evacuation_in_progress(false);
 
-  retire_and_reset_gclabs();
+  {
+    ShenandoahGCPhase phase(ShenandoahPhaseTimings::final_evac_retire_gclabs);
+    retire_and_reset_gclabs();
+  }
 
   if (ShenandoahVerify) {
     verifier()->verify_after_evacuation();
@@ -1902,7 +1910,7 @@
 }
 
 void ShenandoahHeap::set_concurrent_traversal_in_progress(bool in_progress) {
-   set_gc_state_mask(TRAVERSAL | HAS_FORWARDED | UPDATEREFS, in_progress);
+   set_gc_state_mask(TRAVERSAL, in_progress);
    ShenandoahBarrierSet::satb_mark_queue_set().set_active_all_threads(in_progress, !in_progress);
 }
 
@@ -2034,11 +2042,19 @@
   // Cleanup weak roots
   ShenandoahGCPhase phase(timing_phase);
   if (has_forwarded_objects()) {
-    ShenandoahForwardedIsAliveClosure is_alive;
-    ShenandoahUpdateRefsClosure keep_alive;
-    ShenandoahParallelWeakRootsCleaningTask<ShenandoahForwardedIsAliveClosure, ShenandoahUpdateRefsClosure>
-      cleaning_task(&is_alive, &keep_alive, num_workers);
-    _workers->run_task(&cleaning_task);
+    if (is_traversal_mode()) {
+      ShenandoahForwardedIsAliveClosure is_alive;
+      ShenandoahTraversalUpdateRefsClosure keep_alive;
+      ShenandoahParallelWeakRootsCleaningTask<ShenandoahForwardedIsAliveClosure, ShenandoahTraversalUpdateRefsClosure>
+        cleaning_task(&is_alive, &keep_alive, num_workers);
+      _workers->run_task(&cleaning_task);
+    } else {
+      ShenandoahForwardedIsAliveClosure is_alive;
+      ShenandoahUpdateRefsClosure keep_alive;
+      ShenandoahParallelWeakRootsCleaningTask<ShenandoahForwardedIsAliveClosure, ShenandoahUpdateRefsClosure>
+        cleaning_task(&is_alive, &keep_alive, num_workers);
+      _workers->run_task(&cleaning_task);
+    }
   } else {
     ShenandoahIsAliveClosure is_alive;
 #ifdef ASSERT
@@ -2060,7 +2076,12 @@
 }
 
 void ShenandoahHeap::set_has_forwarded_objects(bool cond) {
-  set_gc_state_mask(HAS_FORWARDED, cond);
+  if (is_traversal_mode()) {
+    set_gc_state_mask(HAS_FORWARDED | UPDATEREFS, cond);
+  } else {
+    set_gc_state_mask(HAS_FORWARDED, cond);
+  }
+
 }
 
 void ShenandoahHeap::set_process_references(bool pr) {
@@ -2229,7 +2250,10 @@
 
   set_evacuation_in_progress(false);
 
-  retire_and_reset_gclabs();
+  {
+    ShenandoahGCPhase phase(ShenandoahPhaseTimings::init_update_refs_retire_gclabs);
+    retire_and_reset_gclabs();
+  }
 
   if (ShenandoahVerify) {
     if (!is_degenerated_gc_in_progress()) {
@@ -2239,15 +2263,20 @@
   }
 
   set_update_refs_in_progress(true);
-  make_parsable(true);
-  for (uint i = 0; i < num_regions(); i++) {
-    ShenandoahHeapRegion* r = get_region(i);
-    r->set_concurrent_iteration_safe_limit(r->top());
+
+  {
+    ShenandoahGCPhase phase(ShenandoahPhaseTimings::init_update_refs_prepare);
+
+    make_parsable(true);
+    for (uint i = 0; i < num_regions(); i++) {
+      ShenandoahHeapRegion* r = get_region(i);
+      r->set_concurrent_iteration_safe_limit(r->top());
+    }
+
+    // Reset iterator.
+    _update_refs_iterator.reset();
   }
 
-  // Reset iterator.
-  _update_refs_iterator.reset();
-
   if (ShenandoahPacing) {
     pacer()->setup_for_updaterefs();
   }
@@ -2258,7 +2287,7 @@
 
   // Check if there is left-over work, and finish it
   if (_update_refs_iterator.has_next()) {
-    ShenandoahGCPhase final_work(ShenandoahPhaseTimings::final_update_refs_finish_work);
+    ShenandoahGCPhase phase(ShenandoahPhaseTimings::final_update_refs_finish_work);
 
     // Finish updating references where we left off.
     clear_cancelled_gc();
@@ -2287,9 +2316,11 @@
     verifier()->verify_roots_in_to_space();
   }
 
-  ShenandoahGCPhase final_update_refs(ShenandoahPhaseTimings::final_update_refs_recycle);
-
-  trash_cset_regions();
+  {
+    ShenandoahGCPhase phase(ShenandoahPhaseTimings::final_update_refs_trash_cset);
+    trash_cset_regions();
+  }
+
   set_has_forwarded_objects(false);
   set_update_refs_in_progress(false);
 
--- a/src/hotspot/share/gc/shenandoah/shenandoahLock.hpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/share/gc/shenandoah/shenandoahLock.hpp	Fri Oct 18 09:25:06 2019 -0700
@@ -41,6 +41,9 @@
   ShenandoahLock() : _state(unlocked), _owner(NULL) {};
 
   void lock() {
+#ifdef ASSERT
+    assert(_owner != Thread::current(), "reentrant locking attempt, would deadlock");
+#endif
     Thread::SpinAcquire(&_state, "Shenandoah Heap Lock");
 #ifdef ASSERT
     assert(_state == locked, "must be locked");
--- a/src/hotspot/share/gc/shenandoah/shenandoahPhaseTimings.hpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/share/gc/shenandoah/shenandoahPhaseTimings.hpp	Fri Oct 18 09:25:06 2019 -0700
@@ -100,8 +100,9 @@
   f(purge_par,                                      "    Parallel Cleanup")             \
   f(purge_cldg,                                     "    CLDG")                         \
   f(complete_liveness,                              "  Complete Liveness")              \
+  f(retire_tlabs,                                   "  Retire TLABs")                   \
+  f(trash_cset,                                     "  Trash CSet")                     \
   f(prepare_evac,                                   "  Prepare Evacuation")             \
-  f(recycle_regions,                                "  Recycle regions")                \
                                                                                         \
   /* Per-thread timer block, should have "roots" counters in consistent order */        \
   f(init_evac,                                      "  Initial Evacuation")             \
@@ -127,9 +128,12 @@
                                                                                         \
   f(final_evac_gross,                               "Pause Final Evac (G)")             \
   f(final_evac,                                     "Pause Final Evac (N)")             \
+  f(final_evac_retire_gclabs,                       "  Retire GCLABs")                  \
                                                                                         \
   f(init_update_refs_gross,                         "Pause Init  Update Refs (G)")      \
   f(init_update_refs,                               "Pause Init  Update Refs (N)")      \
+  f(init_update_refs_retire_gclabs,                 "  Retire GCLABs")                  \
+  f(init_update_refs_prepare,                       "  Prepare")                        \
                                                                                         \
   f(final_update_refs_gross,                         "Pause Final Update Refs (G)")     \
   f(final_update_refs,                               "Pause Final Update Refs (N)")     \
@@ -157,7 +161,7 @@
   f(final_update_refs_string_dedup_queue_roots,      "    UR: Dedup Queue Roots")       \
   f(final_update_refs_finish_queues,                 "    UR: Finish Queues")           \
                                                                                         \
-  f(final_update_refs_recycle,                       "  Recycle")                       \
+  f(final_update_refs_trash_cset,                    "  Trash CSet")                    \
                                                                                         \
   f(degen_gc_gross,                                  "Pause Degenerated GC (G)")        \
   f(degen_gc,                                        "Pause Degenerated GC (N)")        \
--- a/src/hotspot/share/gc/shenandoah/shenandoahRootProcessor.cpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/share/gc/shenandoah/shenandoahRootProcessor.cpp	Fri Oct 18 09:25:06 2019 -0700
@@ -189,6 +189,18 @@
   _thread_roots(n_workers > 1) {
 }
 
+void ShenandoahRootUpdater::strong_roots_do(uint worker_id, OopClosure* oops_cl) {
+  CodeBlobToOopClosure update_blobs(oops_cl, CodeBlobToOopClosure::FixRelocations);
+  CLDToOopClosure clds(oops_cl, ClassLoaderData::_claim_strong);
+
+  _serial_roots.oops_do(oops_cl, worker_id);
+  _vm_roots.oops_do(oops_cl, worker_id);
+
+  _thread_roots.oops_do(oops_cl, NULL, worker_id);
+  _cld_roots.cld_do(&clds, worker_id);
+  _code_roots.code_blobs_do(&update_blobs, worker_id);
+}
+
 ShenandoahRootAdjuster::ShenandoahRootAdjuster(uint n_workers, ShenandoahPhaseTimings::Phase phase) :
   ShenandoahRootProcessor(phase),
   _thread_roots(n_workers > 1) {
--- a/src/hotspot/share/gc/shenandoah/shenandoahRootProcessor.hpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/share/gc/shenandoah/shenandoahRootProcessor.hpp	Fri Oct 18 09:25:06 2019 -0700
@@ -304,6 +304,8 @@
 
   template<typename IsAlive, typename KeepAlive>
   void roots_do(uint worker_id, IsAlive* is_alive, KeepAlive* keep_alive);
+
+  void strong_roots_do(uint worker_id, OopClosure* oops_cl);
 };
 
 // Adjuster all roots at a safepoint during full gc
--- a/src/hotspot/share/gc/shenandoah/shenandoahTraversalGC.cpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/share/gc/shenandoah/shenandoahTraversalGC.cpp	Fri Oct 18 09:25:06 2019 -0700
@@ -390,6 +390,7 @@
   }
 
   _heap->set_concurrent_traversal_in_progress(true);
+  _heap->set_has_forwarded_objects(true);
 
   bool process_refs = _heap->process_references();
   if (process_refs) {
@@ -601,11 +602,14 @@
     TASKQUEUE_STATS_ONLY(_task_queues->reset_taskqueue_stats());
 
     // No more marking expected
+    _heap->set_concurrent_traversal_in_progress(false);
     _heap->mark_complete_marking_context();
 
     fixup_roots();
     _heap->parallel_cleaning(false);
 
+    _heap->set_has_forwarded_objects(false);
+
     // Resize metaspace
     MetaspaceGC::compute_new_size();
 
@@ -651,7 +655,6 @@
     }
 
     assert(_task_queues->is_empty(), "queues must be empty after traversal GC");
-    _heap->set_concurrent_traversal_in_progress(false);
     assert(!_heap->cancelled_gc(), "must not be cancelled when getting out here");
 
     if (ShenandoahVerify) {
@@ -697,8 +700,7 @@
   void work(uint worker_id) {
     ShenandoahParallelWorkerSession worker_session(worker_id);
     ShenandoahTraversalFixRootsClosure cl;
-    ShenandoahForwardedIsAliveClosure is_alive;
-    _rp->roots_do<ShenandoahForwardedIsAliveClosure, ShenandoahTraversalFixRootsClosure>(worker_id, &is_alive, &cl);
+    _rp->strong_roots_do(worker_id, &cl);
   }
 };
 
--- a/src/hotspot/share/include/jvm.h	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/share/include/jvm.h	Fri Oct 18 09:25:06 2019 -0700
@@ -192,6 +192,13 @@
 JVM_InitStackTraceElement(JNIEnv* env, jobject element, jobject stackFrameInfo);
 
 /*
+ * java.lang.NullPointerException
+ */
+
+JNIEXPORT jstring JNICALL
+JVM_GetExtendedNPEMessage(JNIEnv *env, jthrowable throwable);
+
+/*
  * java.lang.StackWalker
  */
 enum {
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/hotspot/share/interpreter/bytecodeUtils.cpp	Fri Oct 18 09:25:06 2019 -0700
@@ -0,0 +1,1481 @@
+/*
+ * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2019 SAP SE. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ *
+ */
+
+#include "precompiled.hpp"
+#include "classfile/systemDictionary.hpp"
+#include "gc/shared/gcLocker.hpp"
+#include "interpreter/bytecodeUtils.hpp"
+#include "memory/resourceArea.hpp"
+#include "runtime/signature.hpp"
+#include "runtime/safepointVerifiers.hpp"
+#include "utilities/events.hpp"
+#include "utilities/ostream.hpp"
+
+class SimulatedOperandStack;
+class ExceptionMessageBuilder;
+
+// The entries of a SimulatedOperandStack. They carry the analysis
+// information gathered for the slot.
+class StackSlotAnalysisData {
+ private:
+
+  friend class SimulatedOperandStack;
+  friend class ExceptionMessageBuilder;
+
+  unsigned int _bci:17;    // The bci of the bytecode that pushed the current value on the operand stack.
+                           // INVALID if ambiguous, e.g. after a control flow merge.
+                           // 16 bits for bci (max bytecode size) and one for INVALID.
+  unsigned int _type:15;   // The BasicType of the value on the operand stack.
+
+  // Merges this slot data with the given one and returns the result. If
+  // the bcis of the two merged objects are different, the bci of the result
+  // will be undefined. If the types are different, the result type is T_CONFLICT.
+  // (An exception is if one type is an array and the other is object, then
+  // the result type will be T_OBJECT).
+  StackSlotAnalysisData merge(StackSlotAnalysisData other);
+
+ public:
+
+  // Creates a new object with an invalid bci and the given type.
+  StackSlotAnalysisData(BasicType type = T_CONFLICT);
+
+  // Creates a new object with the given bci and type.
+  StackSlotAnalysisData(int bci, BasicType type);
+
+  enum {
+    // An invalid bytecode index, as > 65535.
+    INVALID = 0x1FFFF
+  };
+
+  // Returns the bci. If the bci is invalid, INVALID is returned.
+  unsigned int get_bci();
+
+  // Returns true, if the bci is not invalid.
+  bool has_bci() { return get_bci() != INVALID; }
+
+  // Returns the type of the slot data.
+  BasicType get_type();
+};
+
+// A stack consisting of SimulatedOperandStackEntries.
+// This represents the analysis information for the operand stack
+// for a given bytecode at a given bci.
+// It also holds an additional field that serves to collect
+// information whether local slots were written.
+class SimulatedOperandStack: CHeapObj<mtInternal> {
+
+ private:
+
+  friend class ExceptionMessageBuilder;
+  friend class StackSlotAnalysisData;
+
+  // The stack.
+  GrowableArray<StackSlotAnalysisData> _stack;
+
+  // Optimized bytecode can reuse local variable slots for several
+  // local variables.
+  // If there is no variable name information, we print 'parameter<i>'
+  // if a parameter maps to a local slot. Once a local slot has been
+  // written, we don't know any more whether it was written as the
+  // corresponding parameter, or whether another local has been
+  // mapped to the slot. So we don't want to print 'parameter<i>' any
+  // more, but 'local<i>'. Similary for 'this'.
+  // Therefore, during the analysis, we mark a bit for local slots that
+  // get written and propagate this information.
+  // We only run the analysis for 64 slots. If a method has more
+  // parameters, we print 'local<i>' in all cases.
+  uint64_t _written_local_slots;
+
+  SimulatedOperandStack(): _written_local_slots(0) { };
+  SimulatedOperandStack(const SimulatedOperandStack &copy);
+
+  // Pushes the given slot data.
+  void push_raw(StackSlotAnalysisData slotData);
+
+  // Like push_raw, but if the slotData has type long or double, we push two.
+  void push(StackSlotAnalysisData slotData);
+
+  // Like push(slotData), but using bci/type to create an instance of
+  // StackSlotAnalysisData first.
+  void push(int bci, BasicType type);
+
+  // Pops the given number of entries.
+  void pop(int slots);
+
+  // Merges this with the given stack by merging all entries. The
+  // size of the stacks must be the same.
+  void merge(SimulatedOperandStack const& other);
+
+ public:
+
+  // Returns the size of the stack.
+  int get_size() const;
+
+  // Returns the slot data at the given index. Slot 0 is top of stack.
+  StackSlotAnalysisData get_slot_data(int slot);
+
+  // Mark that local slot i was written.
+  void set_local_slot_written(int i);
+
+  // Check whether local slot i was written by this or a previous bytecode.
+  bool local_slot_was_written(int i);
+};
+
+// Helper class to build internal exception messages for exceptions
+// that are thrown because prerequisites to execute a bytecode
+// are not met.
+// E.g., if a NPE is thrown because an iload can not be executed
+// by the VM because the reference to load from is null.
+//
+// It analyses the bytecode to assemble Java-like message text
+// to give precise information where in a larger expression the
+// exception occured.
+//
+// To assemble this message text, it is needed to know how
+// operand stack slot entries were pushed on the operand stack.
+// This class contains an analysis over the bytecodes to compute
+// this information. The information is stored in a
+// SimulatedOperandStack for each bytecode.
+class ExceptionMessageBuilder : public StackObj {
+
+  // The stacks for each bytecode.
+  GrowableArray<SimulatedOperandStack*>* _stacks;
+
+  // The method.
+  Method* _method;
+
+  // The number of entries used (the sum of all entries of all stacks).
+  int _nr_of_entries;
+
+  // If true, we have added at least one new stack.
+  bool _added_one;
+
+  // If true, we have processed all bytecodes.
+  bool _all_processed;
+
+  // The maximum number of entries we want to use. This is used to
+  // limit the amount of memory we waste for insane methods (as they
+  // appear in JCK tests).
+  static const int _max_entries = 1000000;
+
+  static const int _max_cause_detail = 5;
+
+  // Merges the stack the the given bci with the given stack. If there
+  // is no stack at the bci, we just put the given stack there. This
+  // method doesn't takes ownership of the stack.
+  void merge(int bci, SimulatedOperandStack* stack);
+
+  // Processes the instruction at the given bci in the method. Returns
+  // the size of the instruction.
+  int do_instruction(int bci);
+
+  bool print_NPE_cause0(outputStream *os, int bci, int slot, int max_detail,
+                        bool inner_expr = false, const char *prefix = NULL);
+
+ public:
+
+  // Creates an ExceptionMessageBuilder object and runs the analysis
+  // building SimulatedOperandStacks for each bytecode in the given
+  // method (the method must be rewritten already). Note that you're
+  // not allowed to use this object when crossing a safepoint! If the
+  // bci is != -1, we only create the stacks as far as needed to get a
+  // stack for the bci.
+  ExceptionMessageBuilder(Method* method, int bci = -1);
+
+  // Releases the resources.
+  ~ExceptionMessageBuilder();
+
+  // Returns the number of stacks (this is the size of the method).
+  int get_size() { return _stacks->length() - 1; }
+
+  // Assuming that a NullPointerException was thrown at the given bci,
+  // we return the nr of the slot holding the null reference. If this
+  // NPE is created by hand, we return -2 as the slot. If there
+  // cannot be a NullPointerException at the bci, -1 is returned.
+  int get_NPE_null_slot(int bci);
+
+  // Prints a java-like expression for the bytecode that pushed
+  // the value to the given slot being live at the given bci.
+  // It constructs the expression by recursing backwards over the
+  // bytecode using the results of the analysis done in the
+  // constructor of ExceptionMessageBuilder.
+  //  os:   The stream to print the message to.
+  //  bci:  The index of the bytecode that caused the NPE.
+  //  slot: The slot on the operand stack that contains null.
+  //        The slots are numbered from TOS downwards, i.e.,
+  //        TOS has the slot number 0, that below 1 and so on.
+  //
+  // Returns false if nothing was printed, else true.
+  bool print_NPE_cause(outputStream *os, int bci, int slot);
+
+  // Prints a string describing the failed action.
+  void print_NPE_failed_action(outputStream *os, int bci);
+};
+
+// Replaces the following well-known class names:
+//   java.lang.Object -> Object
+//   java.lang.String -> String
+static char *trim_well_known_class_names_from_signature(char *signature) {
+  size_t len = strlen(signature);
+  size_t skip_len = strlen("java.lang.");
+  size_t min_pattern_len = strlen("java.lang.String");
+  if (len < min_pattern_len) return signature;
+
+  for (size_t isrc = 0, idst = 0; isrc <= len; isrc++, idst++) {
+    // We must be careful not to trim names like test.java.lang.String.
+    if ((isrc == 0 && strncmp(signature + isrc, "java.lang.Object", min_pattern_len) == 0) ||
+        (isrc == 0 && strncmp(signature + isrc, "java.lang.String", min_pattern_len) == 0) ||
+        (isrc > 1  && strncmp(signature + isrc-2, ", java.lang.Object", min_pattern_len+2) == 0) ||
+        (isrc > 1  && strncmp(signature + isrc-2, ", java.lang.String", min_pattern_len+2) == 0)   ) {
+      isrc += skip_len;
+    }
+    if (idst != isrc) {
+      signature[idst] = signature[isrc];
+    }
+  }
+  return signature;
+}
+
+// Replaces the following well-known class names:
+//   java.lang.Object -> Object
+//   java.lang.String -> String
+static void print_klass_name(outputStream *os, Symbol *klass) {
+  const char *name = klass->as_klass_external_name();
+  if (strcmp(name, "java.lang.Object") == 0) name = "Object";
+  if (strcmp(name, "java.lang.String") == 0) name = "String";
+  os->print("%s", name);
+}
+
+// Prints the name of the method that is described at constant pool
+// index cp_index in the constant pool of method 'method'.
+static void print_method_name(outputStream *os, Method* method, int cp_index) {
+  ResourceMark rm;
+  ConstantPool* cp  = method->constants();
+  Symbol* klass     = cp->klass_ref_at_noresolve(cp_index);
+  Symbol* name      = cp->name_ref_at(cp_index);
+  Symbol* signature = cp->signature_ref_at(cp_index);
+
+  print_klass_name(os, klass);
+  os->print(".%s(", name->as_C_string());
+  stringStream sig;
+  signature->print_as_signature_external_parameters(&sig);
+  os->print("%s)", trim_well_known_class_names_from_signature(sig.as_string()));
+}
+
+// Prints the name of the field that is described at constant pool
+// index cp_index in the constant pool of method 'method'.
+static void print_field_and_class(outputStream *os, Method* method, int cp_index) {
+  ResourceMark rm;
+  ConstantPool* cp = method->constants();
+  Symbol* klass    = cp->klass_ref_at_noresolve(cp_index);
+  Symbol *name     = cp->name_ref_at(cp_index);
+  print_klass_name(os, klass);
+  os->print(".%s", name->as_C_string());
+}
+
+// Returns the name of the field that is described at constant pool
+// index cp_index in the constant pool of method 'method'.
+static char const* get_field_name(Method* method, int cp_index) {
+  Symbol* name = method->constants()->name_ref_at(cp_index);
+  return name->as_C_string();
+}
+
+static void print_local_var(outputStream *os, unsigned int bci, Method* method, int slot, bool is_parameter) {
+  if (method->has_localvariable_table()) {
+    for (int i = 0; i < method->localvariable_table_length(); i++) {
+      LocalVariableTableElement* elem = method->localvariable_table_start() + i;
+      unsigned int start = elem->start_bci;
+      unsigned int end = start + elem->length;
+
+      if ((bci >= start) && (bci < end) && (elem->slot == slot)) {
+        ConstantPool* cp = method->constants();
+        char *var =  cp->symbol_at(elem->name_cp_index)->as_C_string();
+        os->print("%s", var);
+
+        return;
+      }
+    }
+  }
+
+  // Handle at least some cases we know.
+  if (!method->is_static() && (slot == 0) && is_parameter) {
+    os->print("this");
+  } else {
+    int curr = method->is_static() ? 0 : 1;
+    SignatureStream ss(method->signature());
+    int param_index = 1;
+    bool found = false;
+
+    for (SignatureStream ss(method->signature()); !ss.is_done(); ss.next()) {
+      if (ss.at_return_type()) {
+        continue;
+      }
+      int size = type2size[ss.type()];
+      if ((slot >= curr) && (slot < curr + size)) {
+        found = true;
+        break;
+      }
+      param_index += 1;
+      curr += size;
+    }
+
+    if (found && is_parameter) {
+      os->print("<parameter%d>", param_index);
+    } else {
+      // This is the best we can do.
+      os->print("<local%d>", slot);
+    }
+  }
+}
+
+StackSlotAnalysisData::StackSlotAnalysisData(BasicType type) : _bci(INVALID), _type(type) {}
+
+StackSlotAnalysisData::StackSlotAnalysisData(int bci, BasicType type) : _bci(bci), _type(type) {
+  assert(bci >= 0, "BCI must be >= 0");
+  assert(bci < 65536, "BCI must be < 65536");
+}
+
+unsigned int StackSlotAnalysisData::get_bci() {
+  return _bci;
+}
+
+BasicType StackSlotAnalysisData::get_type() {
+  return (BasicType)_type;
+}
+
+StackSlotAnalysisData StackSlotAnalysisData::merge(StackSlotAnalysisData other) {
+  if (get_type() != other.get_type()) {
+    if (((get_type() == T_OBJECT) || (get_type() == T_ARRAY)) &&
+        ((other.get_type() == T_OBJECT) || (other.get_type() == T_ARRAY))) {
+      if (get_bci() == other.get_bci()) {
+        return StackSlotAnalysisData(get_bci(), T_OBJECT);
+      } else {
+        return StackSlotAnalysisData(T_OBJECT);
+      }
+    } else {
+      return StackSlotAnalysisData(T_CONFLICT);
+    }
+  }
+
+  if (get_bci() == other.get_bci()) {
+    return *this;
+  } else {
+    return StackSlotAnalysisData(get_type());
+  }
+}
+
+SimulatedOperandStack::SimulatedOperandStack(const SimulatedOperandStack &copy) {
+  for (int i = 0; i < copy.get_size(); i++) {
+    push_raw(copy._stack.at(i));
+  }
+  _written_local_slots = copy._written_local_slots;
+}
+
+void SimulatedOperandStack::push_raw(StackSlotAnalysisData slotData) {
+  if (slotData.get_type() == T_VOID) {
+    return;
+  }
+
+  _stack.push(slotData);
+}
+
+void SimulatedOperandStack::push(StackSlotAnalysisData slotData) {
+  if (type2size[slotData.get_type()] == 2) {
+    push_raw(slotData);
+    push_raw(slotData);
+  } else {
+    push_raw(slotData);
+  }
+}
+
+void SimulatedOperandStack::push(int bci, BasicType type) {
+  push(StackSlotAnalysisData(bci, type));
+}
+
+void SimulatedOperandStack::pop(int slots) {
+  for (int i = 0; i < slots; ++i) {
+    _stack.pop();
+  }
+
+  assert(get_size() >= 0, "Popped too many slots");
+}
+
+void SimulatedOperandStack::merge(SimulatedOperandStack const& other) {
+  assert(get_size() == other.get_size(), "Stacks not of same size");
+
+  for (int i = get_size() - 1; i >= 0; --i) {
+    _stack.at_put(i, _stack.at(i).merge(other._stack.at(i)));
+  }
+  _written_local_slots = _written_local_slots | other._written_local_slots;
+}
+
+int SimulatedOperandStack::get_size() const {
+  return _stack.length();
+}
+
+StackSlotAnalysisData SimulatedOperandStack::get_slot_data(int slot) {
+  assert(slot >= 0, "Slot=%d < 0", slot);
+  assert(slot < get_size(), "Slot=%d >= size=%d", slot, get_size());
+
+  return _stack.at(get_size() - slot - 1);
+}
+
+void SimulatedOperandStack::set_local_slot_written(int i) {
+  // Local slots > 63 are very unlikely. Consider these
+  // as written all the time. Saves space and complexity
+  // for dynamic data size.
+  if (i > 63) return;
+  _written_local_slots = _written_local_slots | (1ULL << i);
+}
+
+bool SimulatedOperandStack::local_slot_was_written(int i) {
+  if (i > 63) return true;
+  return (_written_local_slots & (1ULL << i)) != 0;
+}
+
+ExceptionMessageBuilder::ExceptionMessageBuilder(Method* method, int bci) :
+                    _method(method), _nr_of_entries(0),
+                    _added_one(true), _all_processed(false) {
+
+  ConstMethod* const_method = method->constMethod();
+  const int len = const_method->code_size();
+
+  assert(bci >= 0, "BCI too low: %d", bci);
+  assert(bci < len, "BCI too large: %d size: %d", bci, len);
+
+  _stacks = new GrowableArray<SimulatedOperandStack*> (len + 1);
+
+  for (int i = 0; i <= len; ++i) {
+    _stacks->push(NULL);
+  }
+
+  // Initialize stack a bci 0.
+  _stacks->at_put(0, new SimulatedOperandStack());
+
+  // And initialize the start of all exception handlers.
+  if (const_method->has_exception_handler()) {
+    ExceptionTableElement *et = const_method->exception_table_start();
+    for (int i = 0; i < const_method->exception_table_length(); ++i) {
+      u2 index = et[i].handler_pc;
+
+      if (_stacks->at(index) == NULL) {
+        _stacks->at_put(index, new SimulatedOperandStack());
+        _stacks->at(index)->push(index, T_OBJECT);
+      }
+    }
+  }
+
+  // Do this until each bytecode has a stack or we haven't
+  // added a new stack in one iteration.
+  while (!_all_processed && _added_one) {
+    _all_processed = true;
+    _added_one = false;
+
+    for (int i = 0; i < len; ) {
+      // Analyse bytecode i. Step by size of the analyzed bytecode to next bytecode.
+      i += do_instruction(i);
+
+      // If we want the data only for a certain bci, we can possibly end early.
+      if ((bci == i) && (_stacks->at(i) != NULL)) {
+        _all_processed = true;
+        break;
+      }
+
+      if (_nr_of_entries > _max_entries) {
+        return;
+      }
+    }
+  }
+}
+
+ExceptionMessageBuilder::~ExceptionMessageBuilder() {
+  if (_stacks != NULL) {
+    for (int i = 0; i < _stacks->length(); ++i) {
+      delete _stacks->at(i);
+    }
+  }
+}
+
+void ExceptionMessageBuilder::merge(int bci, SimulatedOperandStack* stack) {
+  assert(stack != _stacks->at(bci), "Cannot merge itself");
+
+  if (_stacks->at(bci) != NULL) {
+    stack->merge(*_stacks->at(bci));
+  } else {
+    // Got a new stack, so count the entries.
+    _nr_of_entries += stack->get_size();
+  }
+
+  // Replace the stack at this bci with a copy of our new merged stack.
+  delete _stacks->at(bci);
+  _stacks->at_put(bci, new SimulatedOperandStack(*stack));
+}
+
+int ExceptionMessageBuilder::do_instruction(int bci) {
+  ConstMethod* const_method = _method->constMethod();
+  address code_base = _method->constMethod()->code_base();
+
+  // We use the java code, since we don't want to cope with all the fast variants.
+  int len = Bytecodes::java_length_at(_method, code_base + bci);
+
+  // If we have no stack for this bci, we cannot process the bytecode now.
+  if (_stacks->at(bci) == NULL) {
+    _all_processed = false;
+    return len;
+  }
+
+  // Make a local copy of the stack for this bci to work on.
+  SimulatedOperandStack* stack = new SimulatedOperandStack(*_stacks->at(bci));
+
+  // dest_bci is != -1 if we branch.
+  int dest_bci = -1;
+
+  // This is for table and lookup switch.
+  static const int initial_length = 2;
+  GrowableArray<int> dests(initial_length);
+
+  bool flow_ended = false;
+
+  // Get the bytecode.
+  bool is_wide = false;
+  Bytecodes::Code raw_code = Bytecodes::code_at(_method, code_base + bci);
+  Bytecodes::Code code = Bytecodes::java_code_at(_method, code_base + bci);
+  int pos = bci + 1;
+
+  if (code == Bytecodes::_wide) {
+    is_wide = true;
+    code = Bytecodes::java_code_at(_method, code_base + bci + 1);
+    pos += 1;
+  }
+
+  // Now simulate the action of each bytecode.
+  switch (code) {
+    case Bytecodes::_nop:
+    case Bytecodes::_aconst_null:
+    case Bytecodes::_iconst_m1:
+    case Bytecodes::_iconst_0:
+    case Bytecodes::_iconst_1:
+    case Bytecodes::_iconst_2:
+    case Bytecodes::_iconst_3:
+    case Bytecodes::_iconst_4:
+    case Bytecodes::_iconst_5:
+    case Bytecodes::_lconst_0:
+    case Bytecodes::_lconst_1:
+    case Bytecodes::_fconst_0:
+    case Bytecodes::_fconst_1:
+    case Bytecodes::_fconst_2:
+    case Bytecodes::_dconst_0:
+    case Bytecodes::_dconst_1:
+    case Bytecodes::_bipush:
+    case Bytecodes::_sipush:
+    case Bytecodes::_iload:
+    case Bytecodes::_lload:
+    case Bytecodes::_fload:
+    case Bytecodes::_dload:
+    case Bytecodes::_aload:
+    case Bytecodes::_iload_0:
+    case Bytecodes::_iload_1:
+    case Bytecodes::_iload_2:
+    case Bytecodes::_iload_3:
+    case Bytecodes::_lload_0:
+    case Bytecodes::_lload_1:
+    case Bytecodes::_lload_2:
+    case Bytecodes::_lload_3:
+    case Bytecodes::_fload_0:
+    case Bytecodes::_fload_1:
+    case Bytecodes::_fload_2:
+    case Bytecodes::_fload_3:
+    case Bytecodes::_dload_0:
+    case Bytecodes::_dload_1:
+    case Bytecodes::_dload_2:
+    case Bytecodes::_dload_3:
+    case Bytecodes::_aload_0:
+    case Bytecodes::_aload_1:
+    case Bytecodes::_aload_2:
+    case Bytecodes::_aload_3:
+    case Bytecodes::_iinc:
+    case Bytecodes::_new:
+      stack->push(bci, Bytecodes::result_type(code));
+      break;
+
+    case Bytecodes::_ldc:
+    case Bytecodes::_ldc_w:
+    case Bytecodes::_ldc2_w: {
+      int cp_index;
+      ConstantPool* cp = _method->constants();
+
+      if (code == Bytecodes::_ldc) {
+        cp_index = *(uint8_t*) (code_base + pos);
+
+        if (raw_code == Bytecodes::_fast_aldc) {
+          cp_index = cp->object_to_cp_index(cp_index);
+        }
+      } else {
+        if (raw_code == Bytecodes::_fast_aldc_w) {
+          cp_index = Bytes::get_native_u2(code_base + pos);
+          cp_index = cp->object_to_cp_index(cp_index);
+        }
+        else {
+          cp_index = Bytes::get_Java_u2(code_base + pos);
+        }
+      }
+
+      constantTag tag = cp->tag_at(cp_index);
+      if (tag.is_klass()  || tag.is_unresolved_klass() ||
+          tag.is_method() || tag.is_interface_method() ||
+          tag.is_field()  || tag.is_string()) {
+        stack->push(bci, T_OBJECT);
+      } else if (tag.is_int()) {
+        stack->push(bci, T_INT);
+      } else if (tag.is_long()) {
+        stack->push(bci, T_LONG);
+      } else if (tag.is_float()) {
+        stack->push(bci, T_FLOAT);
+      } else if (tag.is_double()) {
+        stack->push(bci, T_DOUBLE);
+      } else {
+        assert(false, "Unexpected tag");
+      }
+      break;
+    }
+
+    case Bytecodes::_iaload:
+    case Bytecodes::_faload:
+    case Bytecodes::_aaload:
+    case Bytecodes::_baload:
+    case Bytecodes::_caload:
+    case Bytecodes::_saload:
+    case Bytecodes::_laload:
+    case Bytecodes::_daload:
+      stack->pop(2);
+      stack->push(bci, Bytecodes::result_type(code));
+      break;
+
+    case Bytecodes::_istore:
+    case Bytecodes::_lstore:
+    case Bytecodes::_fstore:
+    case Bytecodes::_dstore:
+    case Bytecodes::_astore:
+      int index;
+      if (is_wide) {
+        index = Bytes::get_Java_u2(code_base + bci + 2);
+      } else {
+        index = *(uint8_t*) (code_base + bci + 1);
+      }
+      stack->set_local_slot_written(index);
+      stack->pop(-Bytecodes::depth(code));
+      break;
+    case Bytecodes::_istore_0:
+    case Bytecodes::_lstore_0:
+    case Bytecodes::_fstore_0:
+    case Bytecodes::_dstore_0:
+    case Bytecodes::_astore_0:
+      stack->set_local_slot_written(0);
+      stack->pop(-Bytecodes::depth(code));
+      break;
+    case Bytecodes::_istore_1:
+    case Bytecodes::_fstore_1:
+    case Bytecodes::_lstore_1:
+    case Bytecodes::_dstore_1:
+    case Bytecodes::_astore_1:
+      stack->set_local_slot_written(1);
+      stack->pop(-Bytecodes::depth(code));
+      break;
+    case Bytecodes::_istore_2:
+    case Bytecodes::_lstore_2:
+    case Bytecodes::_fstore_2:
+    case Bytecodes::_dstore_2:
+    case Bytecodes::_astore_2:
+      stack->set_local_slot_written(2);
+      stack->pop(-Bytecodes::depth(code));
+      break;
+    case Bytecodes::_istore_3:
+    case Bytecodes::_lstore_3:
+    case Bytecodes::_fstore_3:
+    case Bytecodes::_dstore_3:
+    case Bytecodes::_astore_3:
+      stack->set_local_slot_written(3);
+      stack->pop(-Bytecodes::depth(code));
+      break;
+    case Bytecodes::_iastore:
+    case Bytecodes::_lastore:
+    case Bytecodes::_fastore:
+    case Bytecodes::_dastore:
+    case Bytecodes::_aastore:
+    case Bytecodes::_bastore:
+    case Bytecodes::_castore:
+    case Bytecodes::_sastore:
+    case Bytecodes::_pop:
+    case Bytecodes::_pop2:
+    case Bytecodes::_monitorenter:
+    case Bytecodes::_monitorexit:
+    case Bytecodes::_breakpoint:
+      stack->pop(-Bytecodes::depth(code));
+      break;
+
+    case Bytecodes::_dup:
+      stack->push_raw(stack->get_slot_data(0));
+      break;
+
+    case Bytecodes::_dup_x1: {
+      StackSlotAnalysisData top1 = stack->get_slot_data(0);
+      StackSlotAnalysisData top2 = stack->get_slot_data(1);
+      stack->pop(2);
+      stack->push_raw(top1);
+      stack->push_raw(top2);
+      stack->push_raw(top1);
+      break;
+    }
+
+    case Bytecodes::_dup_x2: {
+      StackSlotAnalysisData top1 = stack->get_slot_data(0);
+      StackSlotAnalysisData top2 = stack->get_slot_data(1);
+      StackSlotAnalysisData top3 = stack->get_slot_data(2);
+      stack->pop(3);
+      stack->push_raw(top1);
+      stack->push_raw(top3);
+      stack->push_raw(top2);
+      stack->push_raw(top1);
+      break;
+    }
+
+    case Bytecodes::_dup2:
+      stack->push_raw(stack->get_slot_data(1));
+      // The former '0' entry is now at '1'.
+      stack->push_raw(stack->get_slot_data(1));
+      break;
+
+    case Bytecodes::_dup2_x1: {
+      StackSlotAnalysisData top1 = stack->get_slot_data(0);
+      StackSlotAnalysisData top2 = stack->get_slot_data(1);
+      StackSlotAnalysisData top3 = stack->get_slot_data(2);
+      stack->pop(3);
+      stack->push_raw(top2);
+      stack->push_raw(top1);
+      stack->push_raw(top3);
+      stack->push_raw(top2);
+      stack->push_raw(top1);
+      break;
+    }
+
+    case Bytecodes::_dup2_x2: {
+      StackSlotAnalysisData top1 = stack->get_slot_data(0);
+      StackSlotAnalysisData top2 = stack->get_slot_data(1);
+      StackSlotAnalysisData top3 = stack->get_slot_data(2);
+      StackSlotAnalysisData top4 = stack->get_slot_data(3);
+      stack->pop(4);
+      stack->push_raw(top2);
+      stack->push_raw(top1);
+      stack->push_raw(top4);
+      stack->push_raw(top3);
+      stack->push_raw(top2);
+      stack->push_raw(top1);
+      break;
+    }
+
+    case Bytecodes::_swap: {
+      StackSlotAnalysisData top1 = stack->get_slot_data(0);
+      StackSlotAnalysisData top2 = stack->get_slot_data(1);
+      stack->pop(2);
+      stack->push(top1);
+      stack->push(top2);
+      break;
+    }
+
+    case Bytecodes::_iadd:
+    case Bytecodes::_ladd:
+    case Bytecodes::_fadd:
+    case Bytecodes::_dadd:
+    case Bytecodes::_isub:
+    case Bytecodes::_lsub:
+    case Bytecodes::_fsub:
+    case Bytecodes::_dsub:
+    case Bytecodes::_imul:
+    case Bytecodes::_lmul:
+    case Bytecodes::_fmul:
+    case Bytecodes::_dmul:
+    case Bytecodes::_idiv:
+    case Bytecodes::_ldiv:
+    case Bytecodes::_fdiv:
+    case Bytecodes::_ddiv:
+    case Bytecodes::_irem:
+    case Bytecodes::_lrem:
+    case Bytecodes::_frem:
+    case Bytecodes::_drem:
+    case Bytecodes::_iand:
+    case Bytecodes::_land:
+    case Bytecodes::_ior:
+    case Bytecodes::_lor:
+    case Bytecodes::_ixor:
+    case Bytecodes::_lxor:
+      stack->pop(2 * type2size[Bytecodes::result_type(code)]);
+      stack->push(bci, Bytecodes::result_type(code));
+      break;
+
+    case Bytecodes::_ineg:
+    case Bytecodes::_lneg:
+    case Bytecodes::_fneg:
+    case Bytecodes::_dneg:
+      stack->pop(type2size[Bytecodes::result_type(code)]);
+      stack->push(bci, Bytecodes::result_type(code));
+      break;
+
+    case Bytecodes::_ishl:
+    case Bytecodes::_lshl:
+    case Bytecodes::_ishr:
+    case Bytecodes::_lshr:
+    case Bytecodes::_iushr:
+    case Bytecodes::_lushr:
+      stack->pop(1 + type2size[Bytecodes::result_type(code)]);
+      stack->push(bci, Bytecodes::result_type(code));
+      break;
+
+    case Bytecodes::_i2l:
+    case Bytecodes::_i2f:
+    case Bytecodes::_i2d:
+    case Bytecodes::_f2i:
+    case Bytecodes::_f2l:
+    case Bytecodes::_f2d:
+    case Bytecodes::_i2b:
+    case Bytecodes::_i2c:
+    case Bytecodes::_i2s:
+      stack->pop(1);
+      stack->push(bci, Bytecodes::result_type(code));
+      break;
+
+    case Bytecodes::_l2i:
+    case Bytecodes::_l2f:
+    case Bytecodes::_l2d:
+    case Bytecodes::_d2i:
+    case Bytecodes::_d2l:
+    case Bytecodes::_d2f:
+      stack->pop(2);
+      stack->push(bci, Bytecodes::result_type(code));
+      break;
+
+    case Bytecodes::_lcmp:
+    case Bytecodes::_fcmpl:
+    case Bytecodes::_fcmpg:
+    case Bytecodes::_dcmpl:
+    case Bytecodes::_dcmpg:
+      stack->pop(1 - Bytecodes::depth(code));
+      stack->push(bci, T_INT);
+      break;
+
+    case Bytecodes::_ifeq:
+    case Bytecodes::_ifne:
+    case Bytecodes::_iflt:
+    case Bytecodes::_ifge:
+    case Bytecodes::_ifgt:
+    case Bytecodes::_ifle:
+    case Bytecodes::_if_icmpeq:
+    case Bytecodes::_if_icmpne:
+    case Bytecodes::_if_icmplt:
+    case Bytecodes::_if_icmpge:
+    case Bytecodes::_if_icmpgt:
+    case Bytecodes::_if_icmple:
+    case Bytecodes::_if_acmpeq:
+    case Bytecodes::_if_acmpne:
+    case Bytecodes::_ifnull:
+    case Bytecodes::_ifnonnull:
+      stack->pop(-Bytecodes::depth(code));
+      dest_bci = bci + (int16_t) Bytes::get_Java_u2(code_base + pos);
+      break;
+
+    case Bytecodes::_jsr:
+      // NOTE: Bytecodes has wrong depth for jsr.
+      stack->push(bci, T_ADDRESS);
+      dest_bci = bci + (int16_t) Bytes::get_Java_u2(code_base + pos);
+      flow_ended = true;
+      break;
+
+    case Bytecodes::_jsr_w: {
+      // NOTE: Bytecodes has wrong depth for jsr.
+      stack->push(bci, T_ADDRESS);
+      dest_bci = bci + (int32_t) Bytes::get_Java_u4(code_base + pos);
+      flow_ended = true;
+      break;
+    }
+
+    case Bytecodes::_ret:
+      // We don't track local variables, so we cannot know were we
+      // return. This makes the stacks imprecise, but we have to
+      // live with that.
+      flow_ended = true;
+      break;
+
+    case Bytecodes::_tableswitch: {
+      stack->pop(1);
+      pos = (pos + 3) & ~3;
+      dest_bci = bci + (int32_t) Bytes::get_Java_u4(code_base + pos);
+      int low = (int32_t) Bytes::get_Java_u4(code_base + pos + 4);
+      int high = (int32_t) Bytes::get_Java_u4(code_base + pos + 8);
+
+      for (int64_t i = low; i <= high; ++i) {
+        dests.push(bci + (int32_t) Bytes::get_Java_u4(code_base + pos + 12 + 4 * (i - low)));
+      }
+
+      break;
+    }
+
+    case Bytecodes::_lookupswitch: {
+      stack->pop(1);
+      pos = (pos + 3) & ~3;
+      dest_bci = bci + (int32_t) Bytes::get_Java_u4(code_base + pos);
+      int nr_of_dests = (int32_t) Bytes::get_Java_u4(code_base + pos + 4);
+
+      for (int i = 0; i < nr_of_dests; ++i) {
+        dests.push(bci + (int32_t) Bytes::get_Java_u4(code_base + pos + 12 + 8 * i));
+      }
+
+      break;
+    }
+
+    case Bytecodes::_ireturn:
+    case Bytecodes::_lreturn:
+    case Bytecodes::_freturn:
+    case Bytecodes::_dreturn:
+    case Bytecodes::_areturn:
+    case Bytecodes::_return:
+    case Bytecodes::_athrow:
+      stack->pop(-Bytecodes::depth(code));
+      flow_ended = true;
+      break;
+
+    case Bytecodes::_getstatic:
+    case Bytecodes::_getfield: {
+      // Find out the type of the field accessed.
+      int cp_index = Bytes::get_native_u2(code_base + pos) DEBUG_ONLY(+ ConstantPool::CPCACHE_INDEX_TAG);
+      ConstantPool* cp = _method->constants();
+      int name_and_type_index = cp->name_and_type_ref_index_at(cp_index);
+      int type_index = cp->signature_ref_index_at(name_and_type_index);
+      Symbol* signature = cp->symbol_at(type_index);
+      // Simulate the bytecode: pop the address, push the 'value' loaded
+      // from the field.
+      stack->pop(1 - Bytecodes::depth(code));
+      stack->push(bci, char2type((char) signature->char_at(0)));
+      break;
+    }
+
+    case Bytecodes::_putstatic:
+    case Bytecodes::_putfield: {
+      int cp_index = Bytes::get_native_u2(code_base + pos) DEBUG_ONLY(+ ConstantPool::CPCACHE_INDEX_TAG);
+      ConstantPool* cp = _method->constants();
+      int name_and_type_index = cp->name_and_type_ref_index_at(cp_index);
+      int type_index = cp->signature_ref_index_at(name_and_type_index);
+      Symbol* signature = cp->symbol_at(type_index);
+      ResultTypeFinder result_type(signature);
+      stack->pop(type2size[char2type((char) signature->char_at(0))] - Bytecodes::depth(code) - 1);
+      break;
+    }
+
+    case Bytecodes::_invokevirtual:
+    case Bytecodes::_invokespecial:
+    case Bytecodes::_invokestatic:
+    case Bytecodes::_invokeinterface:
+    case Bytecodes::_invokedynamic: {
+      ConstantPool* cp = _method->constants();
+      int cp_index;
+
+      if (code == Bytecodes::_invokedynamic) {
+        cp_index = ((int) Bytes::get_native_u4(code_base + pos));
+      } else {
+        cp_index = Bytes::get_native_u2(code_base + pos) DEBUG_ONLY(+ ConstantPool::CPCACHE_INDEX_TAG);
+      }
+
+      int name_and_type_index = cp->name_and_type_ref_index_at(cp_index);
+      int type_index = cp->signature_ref_index_at(name_and_type_index);
+      Symbol* signature = cp->symbol_at(type_index);
+
+      if ((code != Bytecodes::_invokestatic) && (code != Bytecodes::_invokedynamic)) {
+        // Pop receiver.
+        stack->pop(1);
+      }
+
+      stack->pop(ArgumentSizeComputer(signature).size());
+      ResultTypeFinder result_type(signature);
+      stack->push(bci, result_type.type());
+      break;
+    }
+
+    case Bytecodes::_newarray:
+    case Bytecodes::_anewarray:
+    case Bytecodes::_instanceof:
+      stack->pop(1);
+      stack->push(bci, Bytecodes::result_type(code));
+      break;
+
+    case Bytecodes::_arraylength:
+      // The return type of arraylength is wrong in the bytecodes table (T_VOID).
+      stack->pop(1);
+      stack->push(bci, T_INT);
+      break;
+
+    case Bytecodes::_checkcast:
+      break;
+
+    case Bytecodes::_multianewarray:
+      stack->pop(*(uint8_t*) (code_base + pos + 2));
+      stack->push(bci, T_OBJECT);
+      break;
+
+   case Bytecodes::_goto:
+      stack->pop(-Bytecodes::depth(code));
+      dest_bci = bci + (int16_t) Bytes::get_Java_u2(code_base + pos);
+      flow_ended = true;
+      break;
+
+
+   case Bytecodes::_goto_w:
+      stack->pop(-Bytecodes::depth(code));
+      dest_bci = bci + (int32_t) Bytes::get_Java_u4(code_base + pos);
+      flow_ended = true;
+      break;
+
+    default:
+      // Allow at least the bcis which have stack info to work.
+      _all_processed = false;
+      _added_one = false;
+      delete stack;
+
+      return len;
+  }
+
+  // Put new stack to the next instruction, if we might reach it from
+  // this bci.
+  if (!flow_ended) {
+    if (_stacks->at(bci + len) == NULL) {
+      _added_one = true;
+    }
+    merge(bci + len, stack);
+  }
+
+  // Put the stack to the branch target too.
+  if (dest_bci != -1) {
+    if (_stacks->at(dest_bci) == NULL) {
+      _added_one = true;
+    }
+    merge(dest_bci, stack);
+  }
+
+  // If we have more than one branch target, process these too.
+  for (int64_t i = 0; i < dests.length(); ++i) {
+    if (_stacks->at(dests.at(i)) == NULL) {
+      _added_one = true;
+    }
+    merge(dests.at(i), stack);
+  }
+
+  delete stack;
+
+  return len;
+}
+
+#define INVALID_BYTECODE_ENCOUNTERED -1
+#define NPE_EXPLICIT_CONSTRUCTED -2
+int ExceptionMessageBuilder::get_NPE_null_slot(int bci) {
+  // Get the bytecode.
+  address code_base = _method->constMethod()->code_base();
+  Bytecodes::Code code = Bytecodes::java_code_at(_method, code_base + bci);
+  int pos = bci + 1;  // Position of argument of the bytecode.
+  if (code == Bytecodes::_wide) {
+    code = Bytecodes::java_code_at(_method, code_base + bci + 1);
+    pos += 1;
+  }
+
+  switch (code) {
+    case Bytecodes::_getfield:
+    case Bytecodes::_arraylength:
+    case Bytecodes::_athrow:
+    case Bytecodes::_monitorenter:
+    case Bytecodes::_monitorexit:
+      return 0;
+    case Bytecodes::_iaload:
+    case Bytecodes::_faload:
+    case Bytecodes::_aaload:
+    case Bytecodes::_baload:
+    case Bytecodes::_caload:
+    case Bytecodes::_saload:
+    case Bytecodes::_laload:
+    case Bytecodes::_daload:
+      return 1;
+    case Bytecodes::_iastore:
+    case Bytecodes::_fastore:
+    case Bytecodes::_aastore:
+    case Bytecodes::_bastore:
+    case Bytecodes::_castore:
+    case Bytecodes::_sastore:
+      return 2;
+    case Bytecodes::_lastore:
+    case Bytecodes::_dastore:
+      return 3;
+    case Bytecodes::_putfield: {
+        int cp_index = Bytes::get_native_u2(code_base + pos) DEBUG_ONLY(+ ConstantPool::CPCACHE_INDEX_TAG);
+        ConstantPool* cp = _method->constants();
+        int name_and_type_index = cp->name_and_type_ref_index_at(cp_index);
+        int type_index = cp->signature_ref_index_at(name_and_type_index);
+        Symbol* signature = cp->symbol_at(type_index);
+        return type2size[char2type((char) signature->char_at(0))];
+      }
+    case Bytecodes::_invokevirtual:
+    case Bytecodes::_invokespecial:
+    case Bytecodes::_invokeinterface: {
+        int cp_index = Bytes::get_native_u2(code_base+ pos) DEBUG_ONLY(+ ConstantPool::CPCACHE_INDEX_TAG);
+        ConstantPool* cp = _method->constants();
+        int name_and_type_index = cp->name_and_type_ref_index_at(cp_index);
+        int name_index = cp->name_ref_index_at(name_and_type_index);
+        Symbol* name = cp->symbol_at(name_index);
+
+        // Assume the the call of a constructor can never cause a NullPointerException
+        // (which is true in Java). This is mainly used to avoid generating wrong
+        // messages for NullPointerExceptions created explicitly by new in Java code.
+        if (name != vmSymbols::object_initializer_name()) {
+          int     type_index = cp->signature_ref_index_at(name_and_type_index);
+          Symbol* signature  = cp->symbol_at(type_index);
+          // The 'this' parameter was null. Return the slot of it.
+          return ArgumentSizeComputer(signature).size();
+        } else {
+          return NPE_EXPLICIT_CONSTRUCTED;
+        }
+      }
+
+    default:
+      break;
+  }
+
+  return INVALID_BYTECODE_ENCOUNTERED;
+}
+
+bool ExceptionMessageBuilder::print_NPE_cause(outputStream* os, int bci, int slot) {
+  if (print_NPE_cause0(os, bci, slot, _max_cause_detail, false, " because \"")) {
+    os->print("\" is null");
+    return true;
+  }
+  return false;
+}
+
+// Recursively print what was null.
+//
+// Go to the bytecode that pushed slot 'slot' on the operand stack
+// at bytecode 'bci'. Compute a message for that bytecode. If
+// necessary (array, field), recur further.
+// At most do max_detail recursions.
+// Prefix is used to print a proper beginning of the whole
+// sentence.
+// inner_expr is used to omit some text, like 'static' in
+// inner expressions like array subscripts.
+//
+// Returns true if something was printed.
+//
+bool ExceptionMessageBuilder::print_NPE_cause0(outputStream* os, int bci, int slot,
+                                               int max_detail,
+                                               bool inner_expr, const char *prefix) {
+  assert(bci >= 0, "BCI too low");
+  assert(bci < get_size(), "BCI too large");
+
+  if (max_detail <= 0) {
+    return false;
+  }
+
+  if (_stacks->at(bci) == NULL) {
+    return false;
+  }
+
+  SimulatedOperandStack* stack = _stacks->at(bci);
+  assert(slot >= 0, "Slot nr. too low");
+  assert(slot < stack->get_size(), "Slot nr. too large");
+
+  StackSlotAnalysisData slotData = stack->get_slot_data(slot);
+
+  if (!slotData.has_bci()) {
+    return false;
+  }
+
+  // Get the bytecode.
+  unsigned int source_bci = slotData.get_bci();
+  address code_base = _method->constMethod()->code_base();
+  Bytecodes::Code code = Bytecodes::java_code_at(_method, code_base + source_bci);
+  bool is_wide = false;
+  int pos = source_bci + 1;
+
+  if (code == Bytecodes::_wide) {
+    is_wide = true;
+    code = Bytecodes::java_code_at(_method, code_base + source_bci + 1);
+    pos += 1;
+  }
+
+  if (max_detail == _max_cause_detail &&
+      prefix != NULL &&
+      code != Bytecodes::_invokevirtual &&
+      code != Bytecodes::_invokespecial &&
+      code != Bytecodes::_invokestatic &&
+      code != Bytecodes::_invokeinterface) {
+    os->print("%s", prefix);
+  }
+
+  switch (code) {
+    case Bytecodes::_iload_0:
+    case Bytecodes::_aload_0:
+      print_local_var(os, source_bci, _method, 0, !stack->local_slot_was_written(0));
+      return true;
+
+    case Bytecodes::_iload_1:
+    case Bytecodes::_aload_1:
+      print_local_var(os, source_bci, _method, 1, !stack->local_slot_was_written(1));
+      return true;
+
+    case Bytecodes::_iload_2:
+    case Bytecodes::_aload_2:
+      print_local_var(os, source_bci, _method, 2, !stack->local_slot_was_written(2));
+      return true;
+
+    case Bytecodes::_iload_3:
+    case Bytecodes::_aload_3:
+      print_local_var(os, source_bci, _method, 3, !stack->local_slot_was_written(3));
+      return true;
+
+    case Bytecodes::_iload:
+    case Bytecodes::_aload: {
+      int index;
+      if (is_wide) {
+        index = Bytes::get_Java_u2(code_base + source_bci + 2);
+      } else {
+        index = *(uint8_t*) (code_base + source_bci + 1);
+      }
+      print_local_var(os, source_bci, _method, index, !stack->local_slot_was_written(index));
+      return true;
+    }
+
+    case Bytecodes::_aconst_null:
+      os->print("null");
+      return true;
+    case Bytecodes::_iconst_m1:
+      os->print("-1");
+      return true;
+    case Bytecodes::_iconst_0:
+      os->print("0");
+      return true;
+    case Bytecodes::_iconst_1:
+      os->print("1");
+      return true;
+    case Bytecodes::_iconst_2:
+      os->print("2");
+      return true;
+    case Bytecodes::_iconst_3:
+      os->print("3");
+      return true;
+    case Bytecodes::_iconst_4:
+      os->print("4");
+      return true;
+    case Bytecodes::_iconst_5:
+      os->print("5");
+      return true;
+    case Bytecodes::_bipush: {
+      jbyte con = *(jbyte*) (code_base + source_bci + 1);
+      os->print("%d", con);
+      return true;
+    }
+    case Bytecodes::_sipush: {
+      u2 con = Bytes::get_Java_u2(code_base + source_bci + 1);
+      os->print("%d", con);
+      return true;
+    }
+   case Bytecodes::_iaload:
+   case Bytecodes::_aaload: {
+      // Print the 'name' of the array. Go back to the bytecode that
+      // pushed the array reference on the operand stack.
+     if (!print_NPE_cause0(os, source_bci, 1, max_detail - 1, inner_expr)) {
+        //  Returned false. Max recursion depth was reached. Print dummy.
+        os->print("<array>");
+      }
+      os->print("[");
+      // Print the index expression. Go back to the bytecode that
+      // pushed the index on the operand stack.
+      // inner_expr == true so we don't print unwanted strings
+      // as "The return value of'". And don't decrement max_detail so we always
+      // get a value here and only cancel out on the dereference.
+      if (!print_NPE_cause0(os, source_bci, 0, max_detail, true)) {
+        // Returned false. We don't print complex array index expressions. Print placeholder.
+        os->print("...");
+      }
+      os->print("]");
+      return true;
+    }
+
+    case Bytecodes::_getstatic: {
+      int cp_index = Bytes::get_native_u2(code_base + pos) + ConstantPool::CPCACHE_INDEX_TAG;
+      print_field_and_class(os, _method, cp_index);
+      return true;
+    }
+
+    case Bytecodes::_getfield: {
+      // Print the sender. Go back to the bytecode that
+      // pushed the sender on the operand stack.
+      if (print_NPE_cause0(os, source_bci, 0, max_detail - 1, inner_expr)) {
+        os->print(".");
+      }
+      int cp_index = Bytes::get_native_u2(code_base + pos) + ConstantPool::CPCACHE_INDEX_TAG;
+      os->print("%s", get_field_name(_method, cp_index));
+      return true;
+    }
+
+    case Bytecodes::_invokevirtual:
+    case Bytecodes::_invokespecial:
+    case Bytecodes::_invokestatic:
+    case Bytecodes::_invokeinterface: {
+      int cp_index = Bytes::get_native_u2(code_base + pos) DEBUG_ONLY(+ ConstantPool::CPCACHE_INDEX_TAG);
+      if (max_detail == _max_cause_detail && !inner_expr) {
+        os->print(" because the return value of \"");
+      }
+      print_method_name(os, _method, cp_index);
+      return true;
+    }
+
+    default: break;
+  }
+  return false;
+}
+
+void ExceptionMessageBuilder::print_NPE_failed_action(outputStream *os, int bci) {
+
+  // Get the bytecode.
+  address code_base = _method->constMethod()->code_base();
+  Bytecodes::Code code = Bytecodes::java_code_at(_method, code_base + bci);
+  int pos = bci + 1;
+  if (code == Bytecodes::_wide) {
+    code = Bytecodes::java_code_at(_method, code_base + bci + 1);
+    pos += 1;
+  }
+
+  switch (code) {
+    case Bytecodes::_iaload:
+      os->print("Cannot load from int array"); break;
+    case Bytecodes::_faload:
+      os->print("Cannot load from float array"); break;
+    case Bytecodes::_aaload:
+      os->print("Cannot load from object array"); break;
+    case Bytecodes::_baload:
+      os->print("Cannot load from byte/boolean array"); break;
+    case Bytecodes::_caload:
+      os->print("Cannot load from char array"); break;
+    case Bytecodes::_saload:
+      os->print("Cannot load from short array"); break;
+    case Bytecodes::_laload:
+      os->print("Cannot load from long array"); break;
+    case Bytecodes::_daload:
+      os->print("Cannot load from double array"); break;
+
+    case Bytecodes::_iastore:
+      os->print("Cannot store to int array"); break;
+    case Bytecodes::_fastore:
+      os->print("Cannot store to float array"); break;
+    case Bytecodes::_aastore:
+      os->print("Cannot store to object array"); break;
+    case Bytecodes::_bastore:
+      os->print("Cannot store to byte/boolean array"); break;
+    case Bytecodes::_castore:
+      os->print("Cannot store to char array"); break;
+    case Bytecodes::_sastore:
+      os->print("Cannot store to short array"); break;
+    case Bytecodes::_lastore:
+      os->print("Cannot store to long array"); break;
+    case Bytecodes::_dastore:
+      os->print("Cannot store to double array"); break;
+
+    case Bytecodes::_arraylength:
+      os->print("Cannot read the array length"); break;
+    case Bytecodes::_athrow:
+      os->print("Cannot throw exception"); break;
+    case Bytecodes::_monitorenter:
+      os->print("Cannot enter synchronized block"); break;
+    case Bytecodes::_monitorexit:
+      os->print("Cannot exit synchronized block"); break;
+    case Bytecodes::_getfield: {
+        int cp_index = Bytes::get_native_u2(code_base + pos) DEBUG_ONLY(+ ConstantPool::CPCACHE_INDEX_TAG);
+        ConstantPool* cp = _method->constants();
+        int name_and_type_index = cp->name_and_type_ref_index_at(cp_index);
+        int name_index = cp->name_ref_index_at(name_and_type_index);
+        Symbol* name = cp->symbol_at(name_index);
+        os->print("Cannot read field \"%s\"", name->as_C_string());
+      } break;
+    case Bytecodes::_putfield: {
+        int cp_index = Bytes::get_native_u2(code_base + pos) DEBUG_ONLY(+ ConstantPool::CPCACHE_INDEX_TAG);
+        os->print("Cannot assign field \"%s\"", get_field_name(_method, cp_index));
+      } break;
+    case Bytecodes::_invokevirtual:
+    case Bytecodes::_invokespecial:
+    case Bytecodes::_invokeinterface: {
+        int cp_index = Bytes::get_native_u2(code_base+ pos) DEBUG_ONLY(+ ConstantPool::CPCACHE_INDEX_TAG);
+        os->print("Cannot invoke \"");
+        print_method_name(os, _method, cp_index);
+        os->print("\"");
+      } break;
+
+    default:
+      assert(0, "We should have checked this bytecode in get_NPE_null_slot().");
+      break;
+  }
+}
+
+// Main API
+bool BytecodeUtils::get_NPE_message_at(outputStream* ss, Method* method, int bci) {
+
+  NoSafepointVerifier _nsv;   // Cannot use this object over a safepoint.
+
+  // If this NPE was created via reflection, we have no real NPE.
+  if (method->method_holder() ==
+      SystemDictionary::reflect_NativeConstructorAccessorImpl_klass()) {
+    return false;
+  }
+
+  // Analyse the bytecodes.
+  ResourceMark rm;
+  ExceptionMessageBuilder emb(method, bci);
+
+  // The slot of the operand stack that contains the null reference.
+  // Also checks for NPE explicitly constructed and returns NPE_EXPLICIT_CONSTRUCTED.
+  int slot = emb.get_NPE_null_slot(bci);
+
+  // Build the message.
+  if (slot == NPE_EXPLICIT_CONSTRUCTED) {
+    // We don't want to print a message.
+    return false;
+  } else if (slot == INVALID_BYTECODE_ENCOUNTERED) {
+    // We encountered a bytecode that does not dereference a reference.
+    DEBUG_ONLY(ss->print("There cannot be a NullPointerException at bci %d of method %s",
+                         bci, method->external_name()));
+    NOT_DEBUG(return false);
+  } else {
+    // Print string describing which action (bytecode) could not be
+    // performed because of the null reference.
+    emb.print_NPE_failed_action(ss, bci);
+    // Print a description of what is null.
+    if (!emb.print_NPE_cause(ss, bci, slot)) {
+      // Nothing was printed. End the sentence without the 'because'
+      // subordinate sentence.
+    }
+  }
+  return true;
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/hotspot/share/interpreter/bytecodeUtils.hpp	Fri Oct 18 09:25:06 2019 -0700
@@ -0,0 +1,41 @@
+/*
+ * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2019 SAP SE. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ *
+ */
+
+#ifndef SHARE_INTERPRETER_BYTECODEUTILS_HPP
+#define SHARE_INTERPRETER_BYTECODEUTILS_HPP
+
+#include "memory/allocation.hpp"
+#include "utilities/globalDefinitions.hpp"
+
+class Method;
+class outputStream;
+
+class BytecodeUtils : public AllStatic {
+ public:
+  // NPE extended message. Return true if string is printed.
+  static bool get_NPE_message_at(outputStream* ss, Method* method, int bci);
+};
+
+#endif // SHARE_INTERPRETER_BYTECODEUTILS_HPP
--- a/src/hotspot/share/oops/instanceKlass.cpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/share/oops/instanceKlass.cpp	Fri Oct 18 09:25:06 2019 -0700
@@ -2497,10 +2497,18 @@
 #endif
 }
 
+static void method_release_C_heap_structures(Method* m) {
+  m->release_C_heap_structures();
+}
+
 void InstanceKlass::release_C_heap_structures(InstanceKlass* ik) {
   // Clean up C heap
   ik->release_C_heap_structures();
   ik->constants()->release_C_heap_structures();
+
+  // Deallocate and call destructors for MDO mutexes
+  ik->methods_do(method_release_C_heap_structures);
+
 }
 
 void InstanceKlass::release_C_heap_structures() {
--- a/src/hotspot/share/oops/method.cpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/share/oops/method.cpp	Fri Oct 18 09:25:06 2019 -0700
@@ -118,11 +118,6 @@
 void Method::deallocate_contents(ClassLoaderData* loader_data) {
   MetadataFactory::free_metadata(loader_data, constMethod());
   set_constMethod(NULL);
-#if INCLUDE_JVMCI
-  if (method_data()) {
-    FailedSpeculation::free_failed_speculations(method_data()->get_failed_speculations_address());
-  }
-#endif
   MetadataFactory::free_metadata(loader_data, method_data());
   set_method_data(NULL);
   MetadataFactory::free_metadata(loader_data, method_counters());
@@ -131,6 +126,16 @@
   if (code() != NULL) _code = NULL;
 }
 
+void Method::release_C_heap_structures() {
+  if (method_data()) {
+#if INCLUDE_JVMCI
+    FailedSpeculation::free_failed_speculations(method_data()->get_failed_speculations_address());
+#endif
+    // Destroy MethodData
+    method_data()->~MethodData();
+  }
+}
+
 address Method::get_i2c_entry() {
   assert(adapter() != NULL, "must have");
   return adapter()->get_i2c_entry();
--- a/src/hotspot/share/oops/method.hpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/share/oops/method.hpp	Fri Oct 18 09:25:06 2019 -0700
@@ -1006,6 +1006,8 @@
   // Deallocation function for redefine classes or if an error occurs
   void deallocate_contents(ClassLoaderData* loader_data);
 
+  void release_C_heap_structures();
+
   Method* get_new_method() const {
     InstanceKlass* holder = method_holder();
     Method* new_method = holder->method_with_idnum(orig_method_idnum());
--- a/src/hotspot/share/oops/methodData.hpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/share/oops/methodData.hpp	Fri Oct 18 09:25:06 2019 -0700
@@ -2445,7 +2445,7 @@
   virtual void metaspace_pointers_do(MetaspaceClosure* iter);
   virtual MetaspaceObj::Type type() const { return MethodDataType; }
 
-  // Deallocation support - no pointer fields to deallocate
+  // Deallocation support - no metaspace pointer fields to deallocate
   void deallocate_contents(ClassLoaderData* loader_data) {}
 
   // GC support
--- a/src/hotspot/share/prims/jvm.cpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/share/prims/jvm.cpp	Fri Oct 18 09:25:06 2019 -0700
@@ -38,6 +38,7 @@
 #include "classfile/vmSymbols.hpp"
 #include "gc/shared/collectedHeap.inline.hpp"
 #include "interpreter/bytecode.hpp"
+#include "interpreter/bytecodeUtils.hpp"
 #include "jfr/jfrEvents.hpp"
 #include "logging/log.hpp"
 #include "memory/heapShared.hpp"
@@ -531,13 +532,37 @@
 
 // java.lang.Throwable //////////////////////////////////////////////////////
 
-
 JVM_ENTRY(void, JVM_FillInStackTrace(JNIEnv *env, jobject receiver))
   JVMWrapper("JVM_FillInStackTrace");
   Handle exception(thread, JNIHandles::resolve_non_null(receiver));
   java_lang_Throwable::fill_in_stack_trace(exception);
 JVM_END
 
+// java.lang.NullPointerException ///////////////////////////////////////////
+
+JVM_ENTRY(jstring, JVM_GetExtendedNPEMessage(JNIEnv *env, jthrowable throwable))
+  if (!ShowCodeDetailsInExceptionMessages) return NULL;
+
+  oop exc = JNIHandles::resolve_non_null(throwable);
+
+  Method* method;
+  int bci;
+  if (!java_lang_Throwable::get_top_method_and_bci(exc, &method, &bci)) {
+    return NULL;
+  }
+  if (method->is_native()) {
+    return NULL;
+  }
+
+  stringStream ss;
+  bool ok = BytecodeUtils::get_NPE_message_at(&ss, method, bci);
+  if (ok) {
+    oop result = java_lang_String::create_oop_from_str(ss.base(), CHECK_0);
+    return (jstring) JNIHandles::make_local(env, result);
+  } else {
+    return NULL;
+  }
+JVM_END
 
 // java.lang.StackTraceElement //////////////////////////////////////////////
 
--- a/src/hotspot/share/runtime/deoptimization.cpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/share/runtime/deoptimization.cpp	Fri Oct 18 09:25:06 2019 -0700
@@ -295,7 +295,7 @@
 
   // Reallocate the non-escaping objects and restore their fields. Then
   // relock objects if synchronization on them was eliminated.
-  if (jvmci_enabled || ((DoEscapeAnalysis || EliminateNestedLocks) && EliminateAllocations)) {
+  if (jvmci_enabled || (DoEscapeAnalysis && EliminateAllocations)) {
     realloc_failures = eliminate_allocations(thread, exec_mode, cm, deoptee, map, chunk);
   }
 #endif // COMPILER2_OR_JVMCI
--- a/src/hotspot/share/runtime/globals.hpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/share/runtime/globals.hpp	Fri Oct 18 09:25:06 2019 -0700
@@ -643,6 +643,10 @@
   product(bool, OmitStackTraceInFastThrow, true,                            \
           "Omit backtraces for some 'hot' exceptions in optimized code")    \
                                                                             \
+  manageable(bool, ShowCodeDetailsInExceptionMessages, false,               \
+          "Show exception messages from RuntimeExceptions that contain "    \
+          "snippets of the failing code. Disable this to improve privacy.") \
+                                                                            \
   product(bool, PrintWarnings, true,                                        \
           "Print JVM warnings to output stream")                            \
                                                                             \
--- a/src/hotspot/share/runtime/os.hpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/share/runtime/os.hpp	Fri Oct 18 09:25:06 2019 -0700
@@ -47,8 +47,6 @@
 // OS services (time, I/O) as well as other functionality with system-
 // dependent code.
 
-typedef void (*dll_func)(...);
-
 class Thread;
 class JavaThread;
 class NativeCallStack;
@@ -195,14 +193,9 @@
 
   // The "virtual time" of a thread is the amount of time a thread has
   // actually run.  The first function indicates whether the OS supports
-  // this functionality for the current thread, and if so:
-  //   * the second enables vtime tracking (if that is required).
-  //   * the third tells whether vtime is enabled.
-  //   * the fourth returns the elapsed virtual time for the current
-  //     thread.
+  // this functionality for the current thread, and if so the second
+  // returns the elapsed virtual time for the current thread.
   static bool supports_vtime();
-  static bool enable_vtime();
-  static bool vtime_enabled();
   static double elapsedVTime();
 
   // Return current local time in a string (YYYY-MM-DD HH:MM:SS).
@@ -254,14 +247,6 @@
     return _initial_active_processor_count;
   }
 
-  // Bind processes to processors.
-  //     This is a two step procedure:
-  //     first you generate a distribution of processes to processors,
-  //     then you bind processes according to that distribution.
-  // Compute a distribution for number of processes to processors.
-  //    Stores the processor id's into the distribution array argument.
-  //    Returns true if it worked, false if it didn't.
-  static bool distribute_processes(uint length, uint* distribution);
   // Binds the current process to a processor.
   //    Returns true if it worked, false if it didn't.
   static bool bind_to_processor(uint processor_id);
@@ -496,7 +481,6 @@
   static void verify_stack_alignment() PRODUCT_RETURN;
 
   static bool message_box(const char* title, const char* message);
-  static char* do_you_want_to_debug(const char* message);
 
   // run cmd in a separate process and return its exit code; or -1 on failures
   static int fork_and_exec(char *cmd, bool use_vfork_if_available = false);
@@ -520,7 +504,6 @@
   static void die();
 
   // File i/o operations
-  static const int default_file_open_flags();
   static int open(const char *path, int oflag, int mode);
   static FILE* open(int fd, const char* mode);
   static FILE* fopen(const char* path, const char* mode);
@@ -668,9 +651,6 @@
   // Will not change the value of errno.
   static const char* errno_name(int e);
 
-  // Determines whether the calling process is being debugged by a user-mode debugger.
-  static bool is_debugger_attached();
-
   // wait for a key press if PauseAtExit is set
   static void wait_for_keypress_at_exit(void);
 
@@ -966,10 +946,6 @@
       return _state == SR_RUNNING;
     }
 
-    bool is_suspend_request() const {
-      return _state == SR_SUSPEND_REQUEST;
-    }
-
     bool is_suspended() const {
       return _state == SR_SUSPENDED;
     }
--- a/src/hotspot/share/services/diagnosticArgument.cpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/share/services/diagnosticArgument.cpp	Fri Oct 18 09:25:06 2019 -0700
@@ -151,7 +151,13 @@
       ResourceMark rm;
 
       char* buf = NEW_RESOURCE_ARRAY(char, len + 1);
+
+PRAGMA_DIAG_PUSH
+PRAGMA_STRINGOP_TRUNCATION_IGNORED
+      // This code can incorrectly cause a "stringop-truncation" warning with gcc
       strncpy(buf, str, len);
+PRAGMA_DIAG_POP
+
       buf[len] = '\0';
       Exceptions::fthrow(THREAD_AND_LOCATION, vmSymbols::java_lang_IllegalArgumentException(),
         "Boolean parsing error in command argument '%s'. Could not parse: %s.\n", _name, buf);
--- a/src/hotspot/share/utilities/compilerWarnings.hpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/share/utilities/compilerWarnings.hpp	Fri Oct 18 09:25:06 2019 -0700
@@ -62,4 +62,8 @@
 #define PRAGMA_FORMAT_IGNORED
 #endif
 
+#ifndef PRAGMA_STRINGOP_TRUNCATION_IGNORED
+#define PRAGMA_STRINGOP_TRUNCATION_IGNORED
+#endif
+
 #endif // SHARE_UTILITIES_COMPILERWARNINGS_HPP
--- a/src/hotspot/share/utilities/compilerWarnings_gcc.hpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/hotspot/share/utilities/compilerWarnings_gcc.hpp	Fri Oct 18 09:25:06 2019 -0700
@@ -50,6 +50,12 @@
 
 #define PRAGMA_FORMAT_IGNORED PRAGMA_DISABLE_GCC_WARNING("-Wformat")
 
+// Disable -Wstringop-truncation which is introduced in GCC 8.
+// https://gcc.gnu.org/gcc-8/changes.html
+#if !defined(__clang_major__) && (__GNUC__ >= 8)
+#define PRAGMA_STRINGOP_TRUNCATION_IGNORED PRAGMA_DISABLE_GCC_WARNING("-Wstringop-truncation")
+#endif
+
 #if defined(__clang_major__) && \
       (__clang_major__ >= 4 || \
       (__clang_major__ >= 3 && __clang_minor__ >= 1)) || \
--- a/src/java.base/share/classes/java/io/FilePermission.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.base/share/classes/java/io/FilePermission.java	Fri Oct 18 09:25:06 2019 -0700
@@ -367,12 +367,22 @@
             this.mask = mask;
 
             if (cpath.equals("<<ALL FILES>>")) {
+                allFiles = true;
                 directory = true;
                 recursive = true;
                 cpath = "";
                 return;
             }
 
+            // Validate path by platform's default file system
+            try {
+                String name = cpath.endsWith("*") ? cpath.substring(0, cpath.length() - 1) + "-" : cpath;
+                builtInFS.getPath(new File(name).getPath());
+            } catch (InvalidPathException ipe) {
+                invalid = true;
+                return;
+            }
+
             // store only the canonical cpath if possible
             cpath = AccessController.doPrivileged(new PrivilegedAction<>() {
                 public String run() {
@@ -463,13 +473,16 @@
      * <P>
      * The default value of the {@code jdk.io.permissionsUseCanonicalPath}
      * system property is {@code false} in this implementation.
+     * <p>
+     * The value can also be set with a security property using the same name,
+     * but setting a system property will override the security property value.
      *
      * @param path the pathname of the file/directory.
      * @param actions the action string.
      *
-     * @throws IllegalArgumentException
-     *          If actions is {@code null}, empty or contains an action
-     *          other than the specified possible actions.
+     * @throws IllegalArgumentException if actions is {@code null}, empty,
+     *         malformed or contains an action other than the specified
+     *         possible actions
      */
     public FilePermission(String path, String actions) {
         super(path);
@@ -573,19 +586,19 @@
      * @return the effective mask
      */
     boolean impliesIgnoreMask(FilePermission that) {
+        if (this == that) {
+            return true;
+        }
+        if (allFiles) {
+            return true;
+        }
+        if (this.invalid || that.invalid) {
+            return false;
+        }
+        if (that.allFiles) {
+            return false;
+        }
         if (FilePermCompat.nb) {
-            if (this == that) {
-                return true;
-            }
-            if (allFiles) {
-                return true;
-            }
-            if (this.invalid || that.invalid) {
-                return false;
-            }
-            if (that.allFiles) {
-                return false;
-            }
             // Left at least same level of wildness as right
             if ((this.recursive && that.recursive) != that.recursive
                     || (this.directory && that.directory) != that.directory) {
@@ -783,10 +796,10 @@
 
         FilePermission that = (FilePermission) obj;
 
+        if (this.invalid || that.invalid) {
+            return false;
+        }
         if (FilePermCompat.nb) {
-            if (this.invalid || that.invalid) {
-                return false;
-            }
             return (this.mask == that.mask) &&
                     (this.allFiles == that.allFiles) &&
                     this.npath.equals(that.npath) &&
@@ -795,6 +808,7 @@
                     (this.recursive == that.recursive);
         } else {
             return (this.mask == that.mask) &&
+                    (this.allFiles == that.allFiles) &&
                     this.cpath.equals(that.cpath) &&
                     (this.directory == that.directory) &&
                     (this.recursive == that.recursive);
@@ -921,17 +935,18 @@
             }
 
             // make sure we didn't just match the tail of a word
-            // like "ackbarfaccept".  Also, skip to the comma.
+            // like "ackbarfdelete".  Also, skip to the comma.
             boolean seencomma = false;
             while (i >= matchlen && !seencomma) {
-                switch(a[i-matchlen]) {
-                case ',':
-                    seencomma = true;
-                    break;
+                switch (c = a[i-matchlen]) {
                 case ' ': case '\r': case '\n':
                 case '\f': case '\t':
                     break;
                 default:
+                    if (c == ',' && i > matchlen) {
+                        seencomma = true;
+                        break;
+                    }
                     throw new IllegalArgumentException(
                             "invalid permission: " + actions);
                 }
@@ -1127,10 +1142,10 @@
      *
      * @param permission the Permission object to add.
      *
-     * @throws    IllegalArgumentException - if the permission is not a
+     * @throws    IllegalArgumentException   if the permission is not a
      *                                       FilePermission
      *
-     * @throws    SecurityException - if this FilePermissionCollection object
+     * @throws    SecurityException   if this FilePermissionCollection object
      *                                has been marked readonly
      */
     @Override
--- a/src/java.base/share/classes/java/lang/NullPointerException.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.base/share/classes/java/lang/NullPointerException.java	Fri Oct 18 09:25:06 2019 -0700
@@ -70,4 +70,35 @@
     public NullPointerException(String s) {
         super(s);
     }
+
+    /**
+     * Returns the detail message string of this throwable.
+     *
+     * <p> If a non-null message was supplied in a constructor it is
+     * returned. Otherwise, an implementation specific message or
+     * {@code null} is returned.
+     *
+     * @implNote
+     * If no explicit message was passed to the constructor, and as
+     * long as certain internal information is available, a verbose
+     * description of the null reference is returned.
+     * The internal information is not available in deserialized
+     * NullPointerExceptions.
+     *
+     * @return the detail message string, which may be {@code null}.
+     */
+    public String getMessage() {
+        String message = super.getMessage();
+        if (message == null) {
+            return getExtendedNPEMessage();
+        }
+        return message;
+    }
+
+    /**
+     * Get an extended exception message. This returns a string describing
+     * the location and cause of the exception. It returns null for
+     * exceptions where this is not applicable.
+     */
+    private native String getExtendedNPEMessage();
 }
--- a/src/java.base/share/classes/java/net/NetPermission.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.base/share/classes/java/net/NetPermission.java	Fri Oct 18 09:25:06 2019 -0700
@@ -145,6 +145,15 @@
  *   </tr>
  *
  * <tr>
+ *   <th scope="row">setSocketImpl</th>
+ *   <td>The ability to create a sub-class of Socket or ServerSocket with a
+ *   user specified SocketImpl.</td>
+ *   <td>Malicious user-defined SocketImpls can change the behavior of
+ *   Socket and ServerSocket in surprising ways, by virtue of their
+ *   ability to access the protected fields of SocketImpl.</td>
+ *   </tr>
+ *
+ * <tr>
  *   <th scope="row">specifyStreamHandler</th>
  *   <td>The ability
  *   to specify a stream handler when constructing a URL</td>
--- a/src/java.base/share/classes/java/net/ServerSocket.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.base/share/classes/java/net/ServerSocket.java	Fri Oct 18 09:25:06 2019 -0700
@@ -32,6 +32,7 @@
 import java.util.Set;
 import java.util.Collections;
 
+import sun.security.util.SecurityConstants;
 import sun.net.PlatformSocketImpl;
 
 /**
@@ -73,13 +74,25 @@
      *
      * @throws     NullPointerException if impl is {@code null}.
      *
+     * @throws     SecurityException if a security manager is set and
+     *             its {@code checkPermission} method doesn't allow
+     *             {@code NetPermission("setSocketImpl")}.
      * @since 12
      */
     protected ServerSocket(SocketImpl impl) {
         Objects.requireNonNull(impl);
+        checkPermission();
         this.impl = impl;
     }
 
+    private static Void checkPermission() {
+        SecurityManager sm = System.getSecurityManager();
+        if (sm != null) {
+            sm.checkPermission(SecurityConstants.SET_SOCKETIMPL_PERMISSION);
+        }
+        return null;
+    }
+
     /**
      * Creates an unbound server socket.
      *
--- a/src/java.base/share/classes/java/net/Socket.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.base/share/classes/java/net/Socket.java	Fri Oct 18 09:25:06 2019 -0700
@@ -25,6 +25,8 @@
 
 package java.net;
 
+import sun.security.util.SecurityConstants;
+
 import java.io.InputStream;
 import java.io.OutputStream;
 import java.io.IOException;
@@ -182,12 +184,28 @@
      *
      * @throws    SocketException if there is an error in the underlying protocol,
      * such as a TCP error.
+     *
+     * @throws SecurityException if {@code impl} is non-null and a security manager is set
+     * and its {@code checkPermission} method doesn't allow {@code NetPermission("setSocketImpl")}.
+     *
      * @since   1.1
      */
     protected Socket(SocketImpl impl) throws SocketException {
+        checkPermission(impl);
         this.impl = impl;
     }
 
+    private static Void checkPermission(SocketImpl impl) {
+        if (impl == null) {
+            return null;
+        }
+        SecurityManager sm = System.getSecurityManager();
+        if (sm != null) {
+            sm.checkPermission(SecurityConstants.SET_SOCKETIMPL_PERMISSION);
+        }
+        return null;
+    }
+
     /**
      * Creates a stream socket and connects it to the specified port
      * number on the named host.
--- a/src/java.base/share/classes/java/net/SocketPermission.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.base/share/classes/java/net/SocketPermission.java	Fri Oct 18 09:25:06 2019 -0700
@@ -287,6 +287,11 @@
      * @param host the hostname or IP address of the computer, optionally
      * including a colon followed by a port or port range.
      * @param action the action string.
+     *
+     * @throws NullPointerException if any parameters are null
+     * @throws IllegalArgumentException if the format of {@code host} is
+     *         invalid, or if the {@code action} string is empty, malformed, or
+     *         contains an action other than the specified possible actions
      */
     public SocketPermission(String host, String action) {
         super(getHost(host));
@@ -589,14 +594,15 @@
             // like "ackbarfaccept".  Also, skip to the comma.
             boolean seencomma = false;
             while (i >= matchlen && !seencomma) {
-                switch(a[i-matchlen]) {
-                case ',':
-                    seencomma = true;
-                    break;
+                switch (c = a[i-matchlen]) {
                 case ' ': case '\r': case '\n':
                 case '\f': case '\t':
                     break;
                 default:
+                    if (c == ',' && i > matchlen) {
+                        seencomma = true;
+                        break;
+                    }
                     throw new IllegalArgumentException(
                             "invalid permission: " + action);
                 }
@@ -1361,10 +1367,10 @@
      *
      * @param permission the Permission object to add.
      *
-     * @throws    IllegalArgumentException - if the permission is not a
+     * @throws    IllegalArgumentException   if the permission is not a
      *                                       SocketPermission
      *
-     * @throws    SecurityException - if this SocketPermissionCollection object
+     * @throws    SecurityException   if this SocketPermissionCollection object
      *                                has been marked readonly
      */
     @Override
--- a/src/java.base/share/classes/java/net/URL.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.base/share/classes/java/net/URL.java	Fri Oct 18 09:25:06 2019 -0700
@@ -484,6 +484,16 @@
                 throw new MalformedURLException(s);
             }
         }
+        if ("jar".equalsIgnoreCase(protocol)) {
+            if (handler instanceof sun.net.www.protocol.jar.Handler) {
+                // URL.openConnection() would throw a confusing exception
+                // so generate a better exception here instead.
+                String s = ((sun.net.www.protocol.jar.Handler) handler).checkNestedProtocol(file);
+                if (s != null) {
+                    throw new MalformedURLException(s);
+                }
+            }
+        }
     }
 
     /**
--- a/src/java.base/share/classes/java/security/AllPermission.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.base/share/classes/java/security/AllPermission.java	Fri Oct 18 09:25:06 2019 -0700
@@ -178,10 +178,10 @@
      *
      * @param permission the Permission object to add.
      *
-     * @throws    IllegalArgumentException - if the permission is not a
+     * @throws    IllegalArgumentException   if the permission is not an
      *                                       AllPermission
      *
-     * @throws    SecurityException - if this AllPermissionCollection object
+     * @throws    SecurityException   if this AllPermissionCollection object
      *                                has been marked readonly
      */
 
--- a/src/java.base/share/classes/java/security/BasicPermission.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.base/share/classes/java/security/BasicPermission.java	Fri Oct 18 09:25:06 2019 -0700
@@ -349,13 +349,13 @@
      *
      * @param permission the Permission object to add.
      *
-     * @throws    IllegalArgumentException - if the permission is not a
+     * @throws    IllegalArgumentException   if the permission is not a
      *                                       BasicPermission, or if
      *                                       the permission is not of the
      *                                       same Class as the other
      *                                       permissions in this collection.
      *
-     * @throws    SecurityException - if this BasicPermissionCollection object
+     * @throws    SecurityException   if this BasicPermissionCollection object
      *                                has been marked readonly
      */
     @Override
--- a/src/java.base/share/classes/java/security/PermissionCollection.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.base/share/classes/java/security/PermissionCollection.java	Fri Oct 18 09:25:06 2019 -0700
@@ -107,9 +107,9 @@
      *
      * @param permission the Permission object to add.
      *
-     * @throws    SecurityException -  if this PermissionCollection object
+     * @throws    SecurityException    if this PermissionCollection object
      *                                 has been marked readonly
-     * @throws    IllegalArgumentException - if this PermissionCollection
+     * @throws    IllegalArgumentException   if this PermissionCollection
      *                object is a homogeneous collection and the permission
      *                is not of the correct type.
      */
--- a/src/java.base/share/classes/java/security/Policy.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.base/share/classes/java/security/Policy.java	Fri Oct 18 09:25:06 2019 -0700
@@ -837,7 +837,7 @@
          *
          * @param permission the Permission object to add.
          *
-         * @throws    SecurityException - if this PermissionCollection object
+         * @throws    SecurityException   if this PermissionCollection object
          *                                has been marked readonly
          */
         @Override public void add(Permission permission) {
--- a/src/java.base/share/classes/java/text/DecimalFormat.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.base/share/classes/java/text/DecimalFormat.java	Fri Oct 18 09:25:06 2019 -0700
@@ -2756,7 +2756,10 @@
     /**
      * Return the grouping size. Grouping size is the number of digits between
      * grouping separators in the integer portion of a number.  For example,
-     * in the number "123,456.78", the grouping size is 3.
+     * in the number "123,456.78", the grouping size is 3. Grouping size of
+     * zero designates that grouping is not used, which provides the same
+     * formatting as if calling {@link #setGroupingUsed(boolean)
+     * setGroupingUsed(false)}.
      *
      * @return the grouping size
      * @see #setGroupingSize
@@ -2770,16 +2773,28 @@
     /**
      * Set the grouping size. Grouping size is the number of digits between
      * grouping separators in the integer portion of a number.  For example,
-     * in the number "123,456.78", the grouping size is 3.
-     * <br>
+     * in the number "123,456.78", the grouping size is 3. Grouping size of
+     * zero designates that grouping is not used, which provides the same
+     * formatting as if calling {@link #setGroupingUsed(boolean)
+     * setGroupingUsed(false)}.
+     * <p>
      * The value passed in is converted to a byte, which may lose information.
+     * Values that are negative or greater than
+     * {@link java.lang.Byte#MAX_VALUE Byte.MAX_VALUE}, will throw an
+     * {@code IllegalArgumentException}.
      *
      * @param newValue the new grouping size
      * @see #getGroupingSize
      * @see java.text.NumberFormat#setGroupingUsed
      * @see java.text.DecimalFormatSymbols#setGroupingSeparator
+     * @throws IllegalArgumentException if {@code newValue} is negative or
+     *          greater than {@link java.lang.Byte#MAX_VALUE Byte.MAX_VALUE}
      */
     public void setGroupingSize (int newValue) {
+        if (newValue < 0 || newValue > Byte.MAX_VALUE) {
+            throw new IllegalArgumentException(
+                "newValue is out of valid range. value: " + newValue);
+        }
         groupingSize = (byte)newValue;
         fastPathCheckNeeded = true;
     }
@@ -3906,6 +3921,12 @@
             // Didn't have exponential fields
             useExponentialNotation = false;
         }
+
+        // Restore the invariant value if groupingSize is invalid.
+        if (groupingSize < 0) {
+            groupingSize = 3;
+        }
+
         serialVersionOnStream = currentSerialVersion;
     }
 
@@ -4009,14 +4030,15 @@
 
     /**
      * The number of digits between grouping separators in the integer
-     * portion of a number.  Must be greater than 0 if
+     * portion of a number.  Must be non-negative and less than or equal to
+     * {@link java.lang.Byte#MAX_VALUE Byte.MAX_VALUE} if
      * {@code NumberFormat.groupingUsed} is true.
      *
      * @serial
      * @see #getGroupingSize
      * @see java.text.NumberFormat#isGroupingUsed
      */
-    private byte    groupingSize = 3;  // invariant, > 0 if useThousands
+    private byte    groupingSize = 3;  // invariant, 0 - 127, if groupingUsed
 
     /**
      * If true, forces the decimal separator to always appear in a formatted
--- a/src/java.base/share/classes/java/util/PropertyPermission.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.base/share/classes/java/util/PropertyPermission.java	Fri Oct 18 09:25:06 2019 -0700
@@ -463,10 +463,10 @@
      *
      * @param permission the Permission object to add.
      *
-     * @throws    IllegalArgumentException - if the permission is not a
+     * @throws    IllegalArgumentException   if the permission is not a
      *                                       PropertyPermission
      *
-     * @throws    SecurityException - if this PropertyPermissionCollection
+     * @throws    SecurityException   if this PropertyPermissionCollection
      *                                object has been marked readonly
      */
     @Override
--- a/src/java.base/share/classes/java/util/concurrent/ArrayBlockingQueue.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.base/share/classes/java/util/concurrent/ArrayBlockingQueue.java	Fri Oct 18 09:25:06 2019 -0700
@@ -100,6 +100,7 @@
     private static final long serialVersionUID = -817911632652898426L;
 
     /** The queued items */
+    @SuppressWarnings("serial") // Conditionally serializable
     final Object[] items;
 
     /** items index for next take, poll, peek or remove */
@@ -120,9 +121,11 @@
     final ReentrantLock lock;
 
     /** Condition for waiting takes */
+    @SuppressWarnings("serial")  // Classes implementing Condition may be serializable.
     private final Condition notEmpty;
 
     /** Condition for waiting puts */
+    @SuppressWarnings("serial")  // Classes implementing Condition may be serializable.
     private final Condition notFull;
 
     /**
--- a/src/java.base/share/classes/java/util/concurrent/ConcurrentHashMap.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.base/share/classes/java/util/concurrent/ConcurrentHashMap.java	Fri Oct 18 09:25:06 2019 -0700
@@ -4584,6 +4584,7 @@
     public static class KeySetView<K,V> extends CollectionView<K,V,K>
         implements Set<K>, java.io.Serializable {
         private static final long serialVersionUID = 7249069246763182397L;
+        @SuppressWarnings("serial") // Conditionally serializable
         private final V value;
         KeySetView(ConcurrentHashMap<K,V> map, V value) {  // non-public
             super(map);
--- a/src/java.base/share/classes/java/util/concurrent/ConcurrentSkipListMap.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.base/share/classes/java/util/concurrent/ConcurrentSkipListMap.java	Fri Oct 18 09:25:06 2019 -0700
@@ -334,6 +334,7 @@
      * nested classes.)
      * @serial
      */
+    @SuppressWarnings("serial") // Conditionally serializable
     final Comparator<? super K> comparator;
 
     /** Lazily initialized topmost index of the skiplist. */
@@ -2375,8 +2376,10 @@
         /** Underlying map */
         final ConcurrentSkipListMap<K,V> m;
         /** lower bound key, or null if from start */
+        @SuppressWarnings("serial") // Conditionally serializable
         private final K lo;
         /** upper bound key, or null if to end */
+        @SuppressWarnings("serial") // Conditionally serializable
         private final K hi;
         /** inclusion flag for lo */
         private final boolean loInclusive;
--- a/src/java.base/share/classes/java/util/concurrent/ConcurrentSkipListSet.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.base/share/classes/java/util/concurrent/ConcurrentSkipListSet.java	Fri Oct 18 09:25:06 2019 -0700
@@ -103,6 +103,7 @@
      * element.  This field is declared final for the sake of thread
      * safety, which entails some ugliness in clone().
      */
+    @SuppressWarnings("serial") // Conditionally serializable
     private final ConcurrentNavigableMap<E,Object> m;
 
     /**
--- a/src/java.base/share/classes/java/util/concurrent/ForkJoinTask.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.base/share/classes/java/util/concurrent/ForkJoinTask.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1374,7 +1374,9 @@
      */
     static final class AdaptedRunnable<T> extends ForkJoinTask<T>
         implements RunnableFuture<T> {
+        @SuppressWarnings("serial") // Conditionally serializable
         final Runnable runnable;
+        @SuppressWarnings("serial") // Conditionally serializable
         T result;
         AdaptedRunnable(Runnable runnable, T result) {
             if (runnable == null) throw new NullPointerException();
@@ -1396,6 +1398,7 @@
      */
     static final class AdaptedRunnableAction extends ForkJoinTask<Void>
         implements RunnableFuture<Void> {
+        @SuppressWarnings("serial") // Conditionally serializable
         final Runnable runnable;
         AdaptedRunnableAction(Runnable runnable) {
             if (runnable == null) throw new NullPointerException();
@@ -1415,6 +1418,7 @@
      * Adapter for Runnables in which failure forces worker exception.
      */
     static final class RunnableExecuteAction extends ForkJoinTask<Void> {
+        @SuppressWarnings("serial") // Conditionally serializable
         final Runnable runnable;
         RunnableExecuteAction(Runnable runnable) {
             if (runnable == null) throw new NullPointerException();
@@ -1434,7 +1438,9 @@
      */
     static final class AdaptedCallable<T> extends ForkJoinTask<T>
         implements RunnableFuture<T> {
+        @SuppressWarnings("serial") // Conditionally serializable
         final Callable<? extends T> callable;
+        @SuppressWarnings("serial") // Conditionally serializable
         T result;
         AdaptedCallable(Callable<? extends T> callable) {
             if (callable == null) throw new NullPointerException();
--- a/src/java.base/share/classes/java/util/concurrent/LinkedBlockingDeque.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.base/share/classes/java/util/concurrent/LinkedBlockingDeque.java	Fri Oct 18 09:25:06 2019 -0700
@@ -159,9 +159,11 @@
     final ReentrantLock lock = new ReentrantLock();
 
     /** Condition for waiting takes */
+    @SuppressWarnings("serial") // Classes implementing Condition may be serializable.
     private final Condition notEmpty = lock.newCondition();
 
     /** Condition for waiting puts */
+    @SuppressWarnings("serial") // Classes implementing Condition may be serializable.
     private final Condition notFull = lock.newCondition();
 
     /**
--- a/src/java.base/share/classes/java/util/concurrent/LinkedBlockingQueue.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.base/share/classes/java/util/concurrent/LinkedBlockingQueue.java	Fri Oct 18 09:25:06 2019 -0700
@@ -156,12 +156,14 @@
     private final ReentrantLock takeLock = new ReentrantLock();
 
     /** Wait queue for waiting takes */
+    @SuppressWarnings("serial") // Classes implementing Condition may be serializable.
     private final Condition notEmpty = takeLock.newCondition();
 
     /** Lock held by put, offer, etc */
     private final ReentrantLock putLock = new ReentrantLock();
 
     /** Wait queue for waiting puts */
+    @SuppressWarnings("serial") // Classes implementing Condition may be serializable.
     private final Condition notFull = putLock.newCondition();
 
     /**
--- a/src/java.base/share/classes/java/util/concurrent/PriorityBlockingQueue.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.base/share/classes/java/util/concurrent/PriorityBlockingQueue.java	Fri Oct 18 09:25:06 2019 -0700
@@ -173,6 +173,7 @@
     /**
      * Condition for blocking when empty.
      */
+    @SuppressWarnings("serial") // Classes implementing Condition may be serializable.
     private final Condition notEmpty = lock.newCondition();
 
     /**
--- a/src/java.base/share/classes/java/util/concurrent/RecursiveTask.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.base/share/classes/java/util/concurrent/RecursiveTask.java	Fri Oct 18 09:25:06 2019 -0700
@@ -71,6 +71,7 @@
     /**
      * The result of the computation.
      */
+    @SuppressWarnings("serial") // Conditionally serializable
     V result;
 
     /**
--- a/src/java.base/share/classes/java/util/concurrent/ThreadPoolExecutor.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.base/share/classes/java/util/concurrent/ThreadPoolExecutor.java	Fri Oct 18 09:25:06 2019 -0700
@@ -604,8 +604,10 @@
         private static final long serialVersionUID = 6138294804551838833L;
 
         /** Thread this worker is running in.  Null if factory fails. */
+        @SuppressWarnings("serial") // Unlikely to be serializable
         final Thread thread;
         /** Initial task to run.  Possibly null. */
+        @SuppressWarnings("serial") // Not statically typed as Serializable
         Runnable firstTask;
         /** Per-thread task counter */
         volatile long completedTasks;
--- a/src/java.base/share/classes/java/util/concurrent/atomic/AtomicReference.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.base/share/classes/java/util/concurrent/atomic/AtomicReference.java	Fri Oct 18 09:25:06 2019 -0700
@@ -60,6 +60,7 @@
         }
     }
 
+    @SuppressWarnings("serial") // Conditionally serializable
     private volatile V value;
 
     /**
--- a/src/java.base/share/classes/java/util/concurrent/atomic/AtomicReferenceArray.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.base/share/classes/java/util/concurrent/atomic/AtomicReferenceArray.java	Fri Oct 18 09:25:06 2019 -0700
@@ -55,6 +55,7 @@
     private static final long serialVersionUID = -6209656149925076980L;
     private static final VarHandle AA
         = MethodHandles.arrayElementVarHandle(Object[].class);
+    @SuppressWarnings("serial") // Conditionally serializable
     private final Object[] array; // must have exact type Object[]
 
     /**
--- a/src/java.base/share/classes/java/util/concurrent/atomic/DoubleAccumulator.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.base/share/classes/java/util/concurrent/atomic/DoubleAccumulator.java	Fri Oct 18 09:25:06 2019 -0700
@@ -84,6 +84,7 @@
 public class DoubleAccumulator extends Striped64 implements Serializable {
     private static final long serialVersionUID = 7249069246863182397L;
 
+    @SuppressWarnings("serial") // Not statically typed as Serializable
     private final DoubleBinaryOperator function;
     private final long identity; // use long representation
 
@@ -245,6 +246,7 @@
          * The function used for updates.
          * @serial
          */
+        @SuppressWarnings("serial") // Not statically typed as Serializable
         private final DoubleBinaryOperator function;
 
         /**
--- a/src/java.base/share/classes/java/util/concurrent/atomic/LongAccumulator.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.base/share/classes/java/util/concurrent/atomic/LongAccumulator.java	Fri Oct 18 09:25:06 2019 -0700
@@ -82,6 +82,7 @@
 public class LongAccumulator extends Striped64 implements Serializable {
     private static final long serialVersionUID = 7249069246863182397L;
 
+    @SuppressWarnings("serial") // Not statically typed as Serializable
     private final LongBinaryOperator function;
     private final long identity;
 
@@ -239,6 +240,7 @@
          * The function used for updates.
          * @serial
          */
+        @SuppressWarnings("serial") // Not statically typed as Serializable
         private final LongBinaryOperator function;
 
         /**
--- a/src/java.base/share/classes/java/util/regex/Pattern.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.base/share/classes/java/util/regex/Pattern.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1427,7 +1427,11 @@
         localTCNCount = 0;
 
         if (!pattern.isEmpty()) {
-            compile();
+            try {
+                compile();
+            } catch (StackOverflowError soe) {
+                throw error("Stack overflow during pattern compilation");
+            }
         } else {
             root = new Start(lastAccept);
             matchRoot = lastAccept;
@@ -1965,6 +1969,10 @@
         int ch = temp[cursor++];
         while (ch != 0 && !isLineSeparator(ch))
             ch = temp[cursor++];
+        if (ch == 0 && cursor > patternLength) {
+            cursor = patternLength;
+            ch = temp[cursor++];
+        }
         return ch;
     }
 
@@ -1975,6 +1983,10 @@
         int ch = temp[++cursor];
         while (ch != 0 && !isLineSeparator(ch))
             ch = temp[++cursor];
+        if (ch == 0 && cursor > patternLength) {
+            cursor = patternLength;
+            ch = temp[cursor];
+        }
         return ch;
     }
 
@@ -3415,9 +3427,10 @@
     private int N() {
         if (read() == '{') {
             int i = cursor;
-            while (cursor < patternLength && read() != '}') {}
-            if (cursor > patternLength)
-                throw error("Unclosed character name escape sequence");
+            while (read() != '}') {
+                if (cursor >= patternLength)
+                    throw error("Unclosed character name escape sequence");
+            }
             String name = new String(temp, i, cursor - i - 1);
             try {
                 return Character.codePointOf(name);
--- a/src/java.base/share/classes/sun/net/www/protocol/http/HttpURLConnection.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.base/share/classes/sun/net/www/protocol/http/HttpURLConnection.java	Fri Oct 18 09:25:06 2019 -0700
@@ -2171,6 +2171,10 @@
             } while (retryTunnel < maxRedirects);
 
             if (retryTunnel >= maxRedirects || (respCode != HTTP_OK)) {
+                if (respCode != HTTP_PROXY_AUTH) {
+                    // remove all but authenticate responses
+                    responses.reset();
+                }
                 throw new IOException("Unable to tunnel through proxy."+
                                       " Proxy returns \"" +
                                       statusLine + "\"");
--- a/src/java.base/share/classes/sun/net/www/protocol/jar/Handler.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.base/share/classes/sun/net/www/protocol/jar/Handler.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -121,6 +121,13 @@
         return h;
     }
 
+    public String checkNestedProtocol(String spec) {
+        if (spec.regionMatches(true, 0, "jar:", 0, 4)) {
+            return "Nested JAR URLs are not supported";
+        } else {
+            return null;
+        }
+    }
 
     @Override
     @SuppressWarnings("deprecation")
@@ -146,6 +153,12 @@
                 : false;
         spec = spec.substring(start, limit);
 
+        String exceptionMessage = checkNestedProtocol(spec);
+        if (exceptionMessage != null) {
+            // NPE will be transformed into MalformedURLException by the caller
+            throw new NullPointerException(exceptionMessage);
+        }
+
         if (absoluteSpec) {
             file = parseAbsoluteSpec(spec);
         } else if (!refOnly) {
--- a/src/java.base/share/classes/sun/nio/ch/ServerSocketAdaptor.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.base/share/classes/sun/nio/ch/ServerSocketAdaptor.java	Fri Oct 18 09:25:06 2019 -0700
@@ -37,6 +37,9 @@
 import java.nio.channels.IllegalBlockingModeException;
 import java.nio.channels.ServerSocketChannel;
 import java.nio.channels.SocketChannel;
+import java.security.AccessController;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
 import java.util.Set;
 
 import static java.util.concurrent.TimeUnit.MILLISECONDS;
@@ -59,7 +62,12 @@
     private volatile int timeout;
 
     static ServerSocket create(ServerSocketChannelImpl ssc) {
-        return new ServerSocketAdaptor(ssc);
+        PrivilegedExceptionAction<ServerSocket> pa = () -> new ServerSocketAdaptor(ssc);
+        try {
+            return AccessController.doPrivileged(pa);
+        } catch (PrivilegedActionException pae) {
+            throw new InternalError("Should not reach here", pae);
+        }
     }
 
     private ServerSocketAdaptor(ServerSocketChannelImpl ssc) {
--- a/src/java.base/share/classes/sun/nio/ch/SocketAdaptor.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.base/share/classes/sun/nio/ch/SocketAdaptor.java	Fri Oct 18 09:25:06 2019 -0700
@@ -36,6 +36,9 @@
 import java.net.SocketOption;
 import java.net.StandardSocketOptions;
 import java.nio.channels.SocketChannel;
+import java.security.AccessController;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
 import java.util.Set;
 
 import static java.util.concurrent.TimeUnit.MILLISECONDS;
@@ -61,10 +64,11 @@
     }
 
     static Socket create(SocketChannelImpl sc) {
+        PrivilegedExceptionAction<Socket> pa = () -> new SocketAdaptor(sc);
         try {
-            return new SocketAdaptor(sc);
-        } catch (SocketException e) {
-            throw new InternalError("Should not reach here");
+            return AccessController.doPrivileged(pa);
+        } catch (PrivilegedActionException pae) {
+            throw new InternalError("Should not reach here", pae);
         }
     }
 
--- a/src/java.base/share/classes/sun/security/ssl/SupportedGroupsExtension.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.base/share/classes/sun/security/ssl/SupportedGroupsExtension.java	Fri Oct 18 09:25:06 2019 -0700
@@ -201,7 +201,7 @@
                         // Primary XDH (RFC 7748) curves
                         NamedGroup.X25519,
 
-                        // Primary NIST curves (e.g. used in TLSv1.3)
+                        // Primary NIST Suite B curves
                         NamedGroup.SECP256_R1,
                         NamedGroup.SECP384_R1,
                         NamedGroup.SECP521_R1,
@@ -209,17 +209,6 @@
                         // Secondary XDH curves
                         NamedGroup.X448,
 
-                        // Secondary NIST curves
-                        NamedGroup.SECT283_K1,
-                        NamedGroup.SECT283_R1,
-                        NamedGroup.SECT409_K1,
-                        NamedGroup.SECT409_R1,
-                        NamedGroup.SECT571_K1,
-                        NamedGroup.SECT571_R1,
-
-                        // non-NIST curves
-                        NamedGroup.SECP256_K1,
-
                         // FFDHE (RFC 7919)
                         NamedGroup.FFDHE_2048,
                         NamedGroup.FFDHE_3072,
--- a/src/java.base/share/classes/sun/security/util/FilePermCompat.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.base/share/classes/sun/security/util/FilePermCompat.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2016, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2016, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -42,8 +42,11 @@
     public static final boolean compat;
 
     static {
-        String flag = GetPropertyAction.privilegedGetProperty(
-                "jdk.io.permissionsUseCanonicalPath", "false");
+        String flag = SecurityProperties.privilegedGetOverridable(
+                "jdk.io.permissionsUseCanonicalPath");
+        if (flag == null) {
+            flag = "false";
+        }
         switch (flag) {
             case "true":
                 nb = false;
--- a/src/java.base/share/classes/sun/security/util/SecurityConstants.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.base/share/classes/sun/security/util/SecurityConstants.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2016, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -97,6 +97,10 @@
     public static final NetPermission GET_RESPONSECACHE_PERMISSION =
        new NetPermission("getResponseCache");
 
+    // java.net.ServerSocket, java.net.Socket
+    public static final NetPermission SET_SOCKETIMPL_PERMISSION =
+        new NetPermission("setSocketImpl");
+
     // java.lang.SecurityManager, sun.applet.AppletPanel
     public static final RuntimePermission CREATE_CLASSLOADER_PERMISSION =
         new RuntimePermission("createClassLoader");
--- a/src/java.base/share/conf/security/java.security	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.base/share/conf/security/java.security	Fri Oct 18 09:25:06 2019 -0700
@@ -1213,3 +1213,51 @@
 # if this property is not enabled.
 #
 jdk.security.caDistrustPolicies=SYMANTEC_TLS
+
+#
+# FilePermission path canonicalization
+#
+# This security property dictates how the path argument is processed and stored
+# while constructing a FilePermission object. If the value is set to true, the
+# path argument is canonicalized and FilePermission methods (such as implies,
+# equals, and hashCode) are implemented based on this canonicalized result.
+# Otherwise, the path argument is not canonicalized and FilePermission methods are
+# implemented based on the original input. See the implementation note of the
+# FilePermission class for more details.
+#
+# If a system property of the same name is also specified, it supersedes the
+# security property value defined here.
+#
+# The default value for this property is false.
+#
+jdk.io.permissionsUseCanonicalPath=false
+
+
+#
+# Policies for the proxy_impersonator Kerberos ccache configuration entry
+#
+# The proxy_impersonator ccache configuration entry indicates that the ccache
+# is a synthetic delegated credential for use with S4U2Proxy by an intermediate
+# server. The ccache file should also contain the TGT of this server and
+# an evidence ticket from the default principal of the ccache to this server.
+#
+# This security property determines how Java uses this configuration entry.
+# There are 3 possible values:
+#
+#  no-impersonate     - Ignore this configuration entry, and always act as
+#                       the owner of the TGT (if it exists).
+#
+#  try-impersonate    - Try impersonation when this configuration entry exists.
+#                       If no matching TGT or evidence ticket is found,
+#                       fallback to no-impersonate.
+#
+#  always-impersonate - Always impersonate when this configuration entry exists.
+#                       If no matching TGT or evidence ticket is found,
+#                       no initial credential is read from the ccache.
+#
+# The default value is "always-impersonate".
+#
+# If a system property of the same name is also specified, it supersedes the
+# security property value defined here.
+#
+#jdk.security.krb5.default.initiate.credential=always-impersonate
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/java.base/share/native/libjava/NullPointerException.c	Fri Oct 18 09:25:06 2019 -0700
@@ -0,0 +1,36 @@
+/*
+ * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2019 SAP SE. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+#include "jni.h"
+#include "jvm.h"
+
+#include "java_lang_NullPointerException.h"
+
+JNIEXPORT jstring JNICALL
+Java_java_lang_NullPointerException_getExtendedNPEMessage(JNIEnv *env, jobject throwable)
+{
+    return JVM_GetExtendedNPEMessage(env, throwable);
+}
--- a/src/java.base/windows/classes/java/lang/ProcessImpl.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.base/windows/classes/java/lang/ProcessImpl.java	Fri Oct 18 09:25:06 2019 -0700
@@ -38,6 +38,7 @@
 import java.security.AccessController;
 import java.security.PrivilegedAction;
 import java.util.ArrayList;
+import java.util.Locale;
 import java.util.concurrent.CompletableFuture;
 import java.util.concurrent.TimeUnit;
 import java.util.regex.Matcher;
@@ -46,6 +47,8 @@
 import jdk.internal.access.JavaIOFileDescriptorAccess;
 import jdk.internal.access.SharedSecrets;
 import jdk.internal.ref.CleanerFactory;
+import sun.security.action.GetBooleanAction;
+import sun.security.action.GetPropertyAction;
 
 /* This class is for the exclusive use of ProcessBuilder.start() to
  * create new processes.
@@ -209,12 +212,15 @@
 
     private static final int VERIFICATION_CMD_BAT = 0;
     private static final int VERIFICATION_WIN32 = 1;
-    private static final int VERIFICATION_LEGACY = 2;
+    private static final int VERIFICATION_WIN32_SAFE = 2; // inside quotes not allowed
+    private static final int VERIFICATION_LEGACY = 3;
+    // See Command shell overview for documentation of special characters.
+    // https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-xp/bb490954(v=technet.10)
     private static final char ESCAPE_VERIFICATION[][] = {
         // We guarantee the only command file execution for implicit [cmd.exe] run.
         //    http://technet.microsoft.com/en-us/library/bb490954.aspx
         {' ', '\t', '<', '>', '&', '|', '^'},
-
+        {' ', '\t', '<', '>'},
         {' ', '\t', '<', '>'},
         {' ', '\t'}
     };
@@ -231,8 +237,25 @@
             cmdbuf.append(' ');
             String s = cmd[i];
             if (needsEscaping(verificationType, s)) {
-                cmdbuf.append('"').append(s);
+                cmdbuf.append('"');
 
+                if (verificationType == VERIFICATION_WIN32_SAFE) {
+                    // Insert the argument, adding '\' to quote any interior quotes
+                    int length = s.length();
+                    for (int j = 0; j < length; j++) {
+                        char c = s.charAt(j);
+                        if (c == DOUBLEQUOTE) {
+                            int count = countLeadingBackslash(verificationType, s, j);
+                            while (count-- > 0) {
+                                cmdbuf.append(BACKSLASH);   // double the number of backslashes
+                            }
+                            cmdbuf.append(BACKSLASH);       // backslash to quote the quote
+                        }
+                        cmdbuf.append(c);
+                    }
+                } else {
+                    cmdbuf.append(s);
+                }
                 // The code protects the [java.exe] and console command line
                 // parser, that interprets the [\"] combination as an escape
                 // sequence for the ["] char.
@@ -245,8 +268,9 @@
                 // command line parser. The case of the [""] tail escape
                 // sequence could not be realized due to the argument validation
                 // procedure.
-                if ((verificationType != VERIFICATION_CMD_BAT) && s.endsWith("\\")) {
-                    cmdbuf.append('\\');
+                int count = countLeadingBackslash(verificationType, s, s.length());
+                while (count-- > 0) {
+                    cmdbuf.append(BACKSLASH);   // double the number of backslashes
                 }
                 cmdbuf.append('"');
             } else {
@@ -256,26 +280,16 @@
         return cmdbuf.toString();
     }
 
-    private static boolean isQuoted(boolean noQuotesInside, String arg,
-            String errorMessage) {
-        int lastPos = arg.length() - 1;
-        if (lastPos >=1 && arg.charAt(0) == '"' && arg.charAt(lastPos) == '"') {
-            // The argument has already been quoted.
-            if (noQuotesInside) {
-                if (arg.indexOf('"', 1) != lastPos) {
-                    // There is ["] inside.
-                    throw new IllegalArgumentException(errorMessage);
-                }
-            }
-            return true;
-        }
-        if (noQuotesInside) {
-            if (arg.indexOf('"') >= 0) {
-                // There is ["] inside.
-                throw new IllegalArgumentException(errorMessage);
-            }
-        }
-        return false;
+    /**
+     * Return the argument without quotes (1st and last) if present, else the arg.
+     * @param str a string
+     * @return the string without 1st and last quotes
+     */
+    private static String unQuote(String str) {
+        int len = str.length();
+        return (len >= 2 && str.charAt(0) == DOUBLEQUOTE && str.charAt(len - 1) == DOUBLEQUOTE)
+                ? str.substring(1, len - 1)
+                : str;
     }
 
     private static boolean needsEscaping(int verificationType, String arg) {
@@ -286,9 +300,26 @@
 
         // For [.exe] or [.com] file the unpaired/internal ["]
         // in the argument is not a problem.
-        boolean argIsQuoted = isQuoted(
-            (verificationType == VERIFICATION_CMD_BAT),
-            arg, "Argument has embedded quote, use the explicit CMD.EXE call.");
+        String unquotedArg = unQuote(arg);
+        boolean argIsQuoted = !arg.equals(unquotedArg);
+        boolean embeddedQuote = unquotedArg.indexOf(DOUBLEQUOTE) >= 0;
+
+        switch (verificationType) {
+            case VERIFICATION_CMD_BAT:
+                if (embeddedQuote) {
+                    throw new IllegalArgumentException("Argument has embedded quote, " +
+                            "use the explicit CMD.EXE call.");
+                }
+                break;  // break determine whether to quote
+            case VERIFICATION_WIN32_SAFE:
+                if (argIsQuoted && embeddedQuote)  {
+                    throw new IllegalArgumentException("Malformed argument has embedded quote: "
+                            + unquotedArg);
+                }
+                break;
+            default:
+                break;
+        }
 
         if (!argIsQuoted) {
             char testEscape[] = ESCAPE_VERIFICATION[verificationType];
@@ -304,13 +335,13 @@
     private static String getExecutablePath(String path)
         throws IOException
     {
-        boolean pathIsQuoted = isQuoted(true, path,
-                "Executable name has embedded quote, split the arguments");
-
+        String name = unQuote(path);
+        if (name.indexOf(DOUBLEQUOTE) >= 0) {
+            throw new IllegalArgumentException("Executable name has embedded quote, " +
+                    "split the arguments: " + name);
+        }
         // Win32 CreateProcess requires path to be normalized
-        File fileToRun = new File(pathIsQuoted
-            ? path.substring(1, path.length() - 1)
-            : path);
+        File fileToRun = new File(name);
 
         // From the [CreateProcess] function documentation:
         //
@@ -325,13 +356,26 @@
         // sequence:..."
         //
         // In practice ANY non-existent path is extended by [.exe] extension
-        // in the [CreateProcess] funcion with the only exception:
+        // in the [CreateProcess] function with the only exception:
         // the path ends by (.)
 
         return fileToRun.getPath();
     }
 
+    /**
+     * An executable is any program that is an EXE or does not have an extension
+     * and the Windows createProcess will be looking for .exe.
+     * The comparison is case insensitive based on the name.
+     * @param executablePath the executable file
+     * @return true if the path ends in .exe or does not have an extension.
+     */
+    private boolean isExe(String executablePath) {
+        File file = new File(executablePath);
+        String upName = file.getName().toUpperCase(Locale.ROOT);
+        return (upName.endsWith(".EXE") || upName.indexOf('.') < 0);
+    }
 
+    // Old version that can be bypassed
     private boolean isShellFile(String executablePath) {
         String upPath = executablePath.toUpperCase();
         return (upPath.endsWith(".CMD") || upPath.endsWith(".BAT"));
@@ -342,6 +386,21 @@
         return argbuf.append('"').append(arg).append('"').toString();
     }
 
+    // Count backslashes before start index of string.
+    // .bat files don't include backslashes as part of the quote
+    private static int countLeadingBackslash(int verificationType,
+                                             CharSequence input, int start) {
+        if (verificationType == VERIFICATION_CMD_BAT)
+            return 0;
+        int j;
+        for (j = start - 1; j >= 0 && input.charAt(j) == BACKSLASH; j--) {
+            // just scanning backwards
+        }
+        return (start - 1) - j;  // number of BACKSLASHES
+    }
+
+    private static final char DOUBLEQUOTE = '\"';
+    private static final char BACKSLASH = '\\';
 
     private final long handle;
     private final ProcessHandle processHandle;
@@ -358,15 +417,13 @@
         throws IOException
     {
         String cmdstr;
-        SecurityManager security = System.getSecurityManager();
-        boolean allowAmbiguousCommands = false;
-        if (security == null) {
-            allowAmbiguousCommands = true;
-            String value = System.getProperty("jdk.lang.Process.allowAmbiguousCommands");
-            if (value != null)
-                allowAmbiguousCommands = !"false".equalsIgnoreCase(value);
-        }
-        if (allowAmbiguousCommands) {
+        final SecurityManager security = System.getSecurityManager();
+        final String value = GetPropertyAction.
+                privilegedGetProperty("jdk.lang.Process.allowAmbiguousCommands",
+                        (security == null ? "true" : "false"));
+        final boolean allowAmbiguousCommands = !"false".equalsIgnoreCase(value);
+
+        if (allowAmbiguousCommands && security == null) {
             // Legacy mode.
 
             // Normalize path if possible.
@@ -413,11 +470,12 @@
             // Quotation protects from interpretation of the [path] argument as
             // start of longer path with spaces. Quotation has no influence to
             // [.exe] extension heuristic.
+            boolean isShell = allowAmbiguousCommands ? isShellFile(executablePath)
+                    : !isExe(executablePath);
             cmdstr = createCommandLine(
-                    // We need the extended verification procedure for CMD files.
-                    isShellFile(executablePath)
-                        ? VERIFICATION_CMD_BAT
-                        : VERIFICATION_WIN32,
+                    // We need the extended verification procedures
+                    isShell ? VERIFICATION_CMD_BAT
+                            : (allowAmbiguousCommands ? VERIFICATION_WIN32 : VERIFICATION_WIN32_SAFE),
                     quoteString(executablePath),
                     cmd);
         }
--- a/src/java.desktop/share/classes/java/awt/Font.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.desktop/share/classes/java/awt/Font.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1929,6 +1929,7 @@
         // value is the default.
 
         if (fRequestedAttributes != null) {
+            try {
             values = getAttributeValues(); // init
             AttributeValues extras =
                 AttributeValues.fromSerializableHashtable(fRequestedAttributes);
@@ -1938,10 +1939,13 @@
             values = getAttributeValues().merge(extras);
             this.nonIdentityTx = values.anyNonDefault(EXTRA_MASK);
             this.hasLayoutAttributes =  values.anyNonDefault(LAYOUT_MASK);
-
+            } catch (Throwable t) {
+                throw new IOException(t);
+            } finally {
             fRequestedAttributes = null; // don't need it any more
         }
     }
+    }
 
     /**
      * Returns the number of glyphs in this {@code Font}. Glyph codes
--- a/src/java.desktop/share/classes/sun/font/CMap.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.desktop/share/classes/sun/font/CMap.java	Fri Oct 18 09:25:06 2019 -0700
@@ -130,7 +130,7 @@
 
     static final char noSuchChar = (char)0xfffd;
     static final int SHORTMASK = 0x0000ffff;
-    static final int INTMASK   = 0xffffffff;
+    static final int INTMASK   = 0x7fffffff;
 
     static final char[][] converterMaps = new char[7][];
 
@@ -919,7 +919,11 @@
 
              bbuffer.position(12);
              bbuffer.get(is32);
-             nGroups = bbuffer.getInt();
+             nGroups = bbuffer.getInt() & INTMASK;
+             // A map group record is three uint32's making for 12 bytes total
+             if (bbuffer.remaining() < (12 * (long)nGroups)) {
+                 throw new RuntimeException("Format 8 table exceeded");
+             }
              startCharCode = new int[nGroups];
              endCharCode   = new int[nGroups];
              startGlyphID  = new int[nGroups];
@@ -947,9 +951,13 @@
 
          CMapFormat10(ByteBuffer bbuffer, int offset, char[] xlat) {
 
+             bbuffer.position(offset+12);
              firstCode = bbuffer.getInt() & INTMASK;
              entryCount = bbuffer.getInt() & INTMASK;
-             bbuffer.position(offset+20);
+             // each glyph is a uint16, so 2 bytes per value.
+             if (bbuffer.remaining() < (2 * (long)entryCount)) {
+                 throw new RuntimeException("Format 10 table exceeded");
+             }
              CharBuffer buffer = bbuffer.asCharBuffer();
              glyphIdArray = new char[entryCount];
              for (int i=0; i< entryCount; i++) {
@@ -989,11 +997,15 @@
                 throw new RuntimeException("xlat array for cmap fmt=12");
             }
 
-            numGroups = buffer.getInt(offset+12);
+            buffer.position(offset+12);
+            numGroups = buffer.getInt() & INTMASK;
+            // A map group record is three uint32's making for 12 bytes total
+            if (buffer.remaining() < (12 * (long)numGroups)) {
+                throw new RuntimeException("Format 12 table exceeded");
+            }
             startCharCode = new long[numGroups];
             endCharCode = new long[numGroups];
             startGlyphID = new int[numGroups];
-            buffer.position(offset+16);
             buffer = buffer.slice();
             IntBuffer ibuffer = buffer.asIntBuffer();
             for (int i=0; i<numGroups; i++) {
@@ -1110,7 +1122,13 @@
         char[][] glyphID;
 
         UVS(ByteBuffer buffer, int offset) {
-            numSelectors = buffer.getInt(offset+6);
+            buffer.position(offset+6);
+            numSelectors = buffer.getInt() & INTMASK;
+            // A variation selector record is one 3 byte int + two int32's
+            // making for 11 bytes per record.
+            if (buffer.remaining() < (11 * (long)numSelectors)) {
+                throw new RuntimeException("Variations exceed buffer");
+            }
             selector = new int[numSelectors];
             numUVSMapping = new int[numSelectors];
             unicodeValue = new int[numSelectors][];
@@ -1131,6 +1149,11 @@
                 } else if (tableOffset > 0) {
                     buffer.position(offset+tableOffset);
                     numUVSMapping[i] = buffer.getInt() & INTMASK;
+                    // a UVS mapping record is one 3 byte int + uint16
+                    // making for 5 bytes per record.
+                    if (buffer.remaining() < (5 * (long)numUVSMapping[i])) {
+                        throw new RuntimeException("Variations exceed buffer");
+                    }
                     unicodeValue[i] = new int[numUVSMapping[i]];
                     glyphID[i] = new char[numUVSMapping[i]];
 
--- a/src/java.desktop/share/classes/sun/font/FileFont.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.desktop/share/classes/sun/font/FileFont.java	Fri Oct 18 09:25:06 2019 -0700
@@ -172,7 +172,7 @@
             }
         }
         if (scaler != null) {
-            scaler.dispose();
+            scaler.disposeScaler();
         }
         scaler = FontScaler.getNullScaler();
     }
--- a/src/java.desktop/share/classes/sun/font/FontScaler.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.desktop/share/classes/sun/font/FontScaler.java	Fri Oct 18 09:25:06 2019 -0700
@@ -173,6 +173,12 @@
              scaler context objects! */
     public void dispose() {}
 
+    /**
+     * Used when the native resources held by the scaler need
+     * to be released before the 2D disposer runs.
+     */
+    public void disposeScaler() {}
+
     /* At the moment these 3 methods are needed for Type1 fonts only.
      * For Truetype fonts we extract required info outside of scaler
      * on java layer.
--- a/src/java.desktop/share/classes/sun/font/FreetypeFontScaler.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.desktop/share/classes/sun/font/FreetypeFontScaler.java	Fri Oct 18 09:25:06 2019 -0700
@@ -163,6 +163,9 @@
             .getNullScaler().getGlyphVectorOutline(0L, glyphs, numGlyphs, x, y);
     }
 
+    /* This method should not be called directly, in case
+     * it is being invoked from a thread with a native context.
+     */
     public synchronized void dispose() {
         if (nativeScaler != 0L) {
             disposeNativeScaler(font.get(), nativeScaler);
@@ -170,6 +173,21 @@
         }
     }
 
+    public synchronized void disposeScaler() {
+        if (nativeScaler != 0L) {
+           /*
+            * The current thread may be calling this method from the context
+            * of a JNI up-call. It will hold the native lock from the
+            * original down-call so can directly enter dispose and free
+            * the resources. So we need to schedule the disposal to happen
+            * only once we've returned from native. So by running the dispose
+            * on another thread which does nothing except that disposal we
+            * are sure that this is safe.
+            */
+            new Thread(null, () -> dispose(), "free scaler", 0, false).start();
+        }
+    }
+
     synchronized int getNumGlyphs() throws FontScalerException {
         if (nativeScaler != 0L) {
             return getNumGlyphsNative(nativeScaler);
@@ -206,7 +224,7 @@
         return getUnitsPerEMNative(nativeScaler);
     }
 
-    long createScalerContext(double[] matrix,
+    synchronized long createScalerContext(double[] matrix,
             int aa, int fm, float boldness, float italic,
             boolean disableHinting) {
         if (nativeScaler != 0L) {
@@ -236,7 +254,7 @@
     private native GeneralPath getGlyphVectorOutlineNative(Font2D font,
             long pScalerContext, long pScaler,
             int[] glyphs, int numGlyphs, float x, float y);
-    native Point2D.Float getGlyphPointNative(Font2D font,
+    private native Point2D.Float getGlyphPointNative(Font2D font,
             long pScalerContext, long pScaler, int glyphCode, int ptNumber);
 
     private native void disposeNativeScaler(Font2D font2D, long pScaler);
@@ -247,7 +265,7 @@
 
     private native long getUnitsPerEMNative(long pScaler);
 
-    native long createScalerContextNative(long pScaler, double[] matrix,
+    private native long createScalerContextNative(long pScaler, double[] matrix,
             int aa, int fm, float boldness, float italic);
 
     /* Freetype scaler context does not contain any pointers that
--- a/src/java.desktop/share/classes/sun/font/GlyphList.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.desktop/share/classes/sun/font/GlyphList.java	Fri Oct 18 09:25:06 2019 -0700
@@ -303,6 +303,14 @@
      */
     public void setGlyphIndex(int i) {
         glyphindex = i;
+        if (images[i] == 0L) {
+           metrics[0] = (int)gposx;
+           metrics[1] = (int)gposy;
+           metrics[2] = 0;
+           metrics[3] = 0;
+           metrics[4] = 0;
+           return;
+        }
         float gx =
             StrikeCache.unsafe.getFloat(images[i]+StrikeCache.topLeftXOffset);
         float gy =
@@ -341,6 +349,9 @@
                 graybits = new byte[len];
             }
         }
+        if (images[glyphindex] == 0L) {
+            return graybits;
+        }
         long pixelDataAddress =
             StrikeCache.unsafe.getAddress(images[glyphindex] +
                                           StrikeCache.pixelDataOffset);
@@ -448,6 +459,9 @@
         char gw, gh;
         float gx, gy, gx0, gy0, gx1, gy1;
         for (int i=0; i<len; i++) {
+            if (images[i] == 0L) {
+                continue;
+            }
             gx = StrikeCache.unsafe.getFloat(images[i]+xOffset);
             gy = StrikeCache.unsafe.getFloat(images[i]+yOffset);
             gw = StrikeCache.unsafe.getChar(images[i]+wOffset);
--- a/src/java.desktop/share/classes/sun/java2d/SunGraphics2D.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.desktop/share/classes/sun/java2d/SunGraphics2D.java	Fri Oct 18 09:25:06 2019 -0700
@@ -3021,7 +3021,8 @@
         if (data == null) {
             throw new NullPointerException("char data is null");
         }
-        if (offset < 0 || length < 0 || offset + length > data.length) {
+        if (offset < 0 || length < 0 || offset + length < length ||
+            offset + length > data.length) {
             throw new ArrayIndexOutOfBoundsException("bad offset/length");
         }
         if (font.hasLayoutAttributes()) {
@@ -3053,7 +3054,8 @@
         if (data == null) {
             throw new NullPointerException("byte data is null");
         }
-        if (offset < 0 || length < 0 || offset + length > data.length) {
+        if (offset < 0 || length < 0 || offset + length < length ||
+            offset + length > data.length) {
             throw new ArrayIndexOutOfBoundsException("bad offset/length");
         }
         /* Byte data is interpreted as 8-bit ASCII. Re-use drawChars loops */
--- a/src/java.desktop/share/native/common/java2d/opengl/OGLBlitLoops.c	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.desktop/share/native/common/java2d/opengl/OGLBlitLoops.c	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -208,21 +208,22 @@
 
     j2d_glPixelZoom(scalex, -scaley);
 
+    GLvoid *pSrc = PtrCoord(srcInfo->rasBase, sx1, srcInfo->pixelStride,
+                                              sy1, srcInfo->scanStride);
+
     // in case pixel stride is not a multiple of scanline stride the copy
     // has to be done line by line (see 6207877)
     if (srcInfo->scanStride % srcInfo->pixelStride != 0) {
         jint width = sx2-sx1;
         jint height = sy2-sy1;
-        GLvoid *pSrc = srcInfo->rasBase;
-
         while (height > 0) {
             j2d_glDrawPixels(width, 1, pf->format, pf->type, pSrc);
-            j2d_glBitmap(0, 0, 0, 0, (GLfloat)0, (GLfloat)-1, NULL);
+            j2d_glBitmap(0, 0, 0, 0, (GLfloat)0, (GLfloat)-scaley, NULL);
             pSrc = PtrAddBytes(pSrc, srcInfo->scanStride);
             height--;
         }
     } else {
-        j2d_glDrawPixels(sx2-sx1, sy2-sy1, pf->format, pf->type, srcInfo->rasBase);
+        j2d_glDrawPixels(sx2-sx1, sy2-sy1, pf->format, pf->type, pSrc);
     }
 
     j2d_glPixelZoom(1.0, 1.0);
@@ -317,12 +318,11 @@
             ty2 = ((GLdouble)sh) / th;
 
             if (swsurface) {
+                GLvoid *pSrc = PtrCoord(srcInfo->rasBase,
+                                        sx, srcInfo->pixelStride,
+                                        sy, srcInfo->scanStride);
                 if (slowPath) {
                     jint tmph = sh;
-                    GLvoid *pSrc = PtrCoord(srcInfo->rasBase,
-                                            sx, srcInfo->pixelStride,
-                                            sy, srcInfo->scanStride);
-
                     while (tmph > 0) {
                         j2d_glTexSubImage2D(GL_TEXTURE_2D, 0,
                                             0, sh - tmph, sw, 1,
@@ -332,16 +332,10 @@
                         tmph--;
                     }
                 } else {
-                    j2d_glPixelStorei(GL_UNPACK_SKIP_PIXELS, sx);
-                    j2d_glPixelStorei(GL_UNPACK_SKIP_ROWS, sy);
-
                     j2d_glTexSubImage2D(GL_TEXTURE_2D, 0,
                                         0, 0, sw, sh,
                                         pf->format, pf->type,
-                                        srcInfo->rasBase);
-
-                    j2d_glPixelStorei(GL_UNPACK_SKIP_PIXELS, 0);
-                    j2d_glPixelStorei(GL_UNPACK_SKIP_ROWS, 0);
+                                        pSrc);
                 }
 
                 // the texture image is "right side up", so we align the
@@ -638,8 +632,9 @@
             J2dTraceLn4(J2D_TRACE_VERBOSE, "  dx1=%f dy1=%f dx2=%f dy2=%f",
                         dx1, dy1, dx2, dy2);
 
-            j2d_glPixelStorei(GL_UNPACK_SKIP_PIXELS, sx1);
-            j2d_glPixelStorei(GL_UNPACK_SKIP_ROWS, sy1);
+            // Note: we will calculate x/y positions in the raster manually
+            j2d_glPixelStorei(GL_UNPACK_SKIP_PIXELS, 0);
+            j2d_glPixelStorei(GL_UNPACK_SKIP_ROWS, 0);
             j2d_glPixelStorei(GL_UNPACK_ROW_LENGTH,
                               srcInfo.scanStride / srcInfo.pixelStride);
             j2d_glPixelStorei(GL_UNPACK_ALIGNMENT, pf.alignment);
@@ -696,8 +691,6 @@
                 }
             }
 
-            j2d_glPixelStorei(GL_UNPACK_SKIP_PIXELS, 0);
-            j2d_glPixelStorei(GL_UNPACK_SKIP_ROWS, 0);
             j2d_glPixelStorei(GL_UNPACK_ROW_LENGTH, 0);
             j2d_glPixelStorei(GL_UNPACK_ALIGNMENT, 4);
         }
@@ -717,8 +710,8 @@
     juint step = 0;
     // vertical flip and convert argbpre to argb if necessary
     for (; i < h / 2; ++i) {
-        juint *r1 = PtrAddBytes(pDst, (i * scanStride));
-        juint *r2 = PtrAddBytes(pDst, (h - i - 1) * scanStride);
+        juint *r1 = PtrPixelsRow(pDst, i, scanStride);
+        juint *r2 = PtrPixelsRow(pDst, h - i - 1, scanStride);
         if (tempRow) {
             // fast path
             memcpy(tempRow, r1, clippedStride);
@@ -740,7 +733,7 @@
     }
     // convert the middle line if necessary
     if (convert && h % 2) {
-        juint *r1 = PtrAddBytes(pDst, (i * scanStride));
+        juint *r1 = PtrPixelsRow(pDst, i, scanStride);
         for (step = 0; step < w; ++step) {
             LoadIntArgbPreTo1IntArgb(r1, 0, step, r1[step]);
         }
@@ -813,7 +806,7 @@
             height = srcInfo.bounds.y2 - srcInfo.bounds.y1;
 
             pDst = PtrAddBytes(pDst, dstx * dstInfo.pixelStride);
-            pDst = PtrAddBytes(pDst, dsty * dstInfo.scanStride);
+            pDst = PtrPixelsRow(pDst, dsty, dstInfo.scanStride);
 
             j2d_glPixelStorei(GL_PACK_ROW_LENGTH,
                               dstInfo.scanStride / dstInfo.pixelStride);
--- a/src/java.desktop/share/native/libawt/java2d/loops/GraphicsPrimitiveMgr.h	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.desktop/share/native/libawt/java2d/loops/GraphicsPrimitiveMgr.h	Fri Oct 18 09:25:06 2019 -0700
@@ -490,6 +490,8 @@
 #define PtrCoord(p, x, xinc, y, yinc)   PtrAddBytes(p, \
                                                     ((ptrdiff_t)(y))*(yinc) + \
                                                     ((ptrdiff_t)(x))*(xinc))
+#define PtrPixelsRow(p, y, scanStride)    PtrAddBytes(p, \
+    ((intptr_t) (y)) * (scanStride))
 
 /*
  * The function to call with an array of NativePrimitive structures
--- a/src/java.desktop/share/native/libawt/java2d/loops/LoopMacros.h	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.desktop/share/native/libawt/java2d/loops/LoopMacros.h	Fri Oct 18 09:25:06 2019 -0700
@@ -137,7 +137,7 @@
         do { \
             juint w = WIDTH; \
             jint tmpsxloc = SXLOC; \
-            SRCPTR = PtrAddBytes(SRCBASE, ((SYLOC >> SHIFT) * srcScan)); \
+            SRCPTR = PtrPixelsRow(SRCBASE, (SYLOC >> SHIFT), srcScan); \
             Init ## DSTTYPE ## StoreVarsX(DSTPREFIX, DSTINFO); \
             do { \
                 jint XVAR = (tmpsxloc >> SHIFT); \
@@ -2067,7 +2067,7 @@
  \
     Init ## SRC ## LoadVars(SrcRead, pSrcInfo); \
     while (pRGB < pEnd) { \
-        SRC ## DataType *pRow = PtrAddBytes(pBase, WholeOfLong(ylong) * scan); \
+        SRC ## DataType *pRow = PtrPixelsRow(pBase, WholeOfLong(ylong), scan); \
         Copy ## SRC ## ToIntArgbPre(pRGB, 0, \
                                     SrcRead, pRow, WholeOfLong(xlong)); \
         pRGB++; \
@@ -2115,7 +2115,7 @@
         ydelta &= scan; \
  \
         xwhole += cx; \
-        pRow = PtrAddBytes(pSrcInfo->rasBase, (ywhole + cy) * scan); \
+        pRow = PtrPixelsRow(pSrcInfo->rasBase, ywhole + cy, scan); \
         Copy ## SRC ## ToIntArgbPre(pRGB, 0, SrcRead, pRow, xwhole); \
         Copy ## SRC ## ToIntArgbPre(pRGB, 1, SrcRead, pRow, xwhole+xdelta); \
         pRow = PtrAddBytes(pRow, ydelta); \
@@ -2173,7 +2173,7 @@
         ydelta1 += (isneg & -scan); \
  \
         xwhole += cx; \
-        pRow = PtrAddBytes(pSrcInfo->rasBase, (ywhole + cy) * scan); \
+        pRow = PtrPixelsRow(pSrcInfo->rasBase, ywhole + cy, scan); \
         pRow = PtrAddBytes(pRow, ydelta0); \
         Copy ## SRC ## ToIntArgbPre(pRGB,  0, SrcRead, pRow, xwhole+xdelta0); \
         Copy ## SRC ## ToIntArgbPre(pRGB,  1, SrcRead, pRow, xwhole        ); \
--- a/src/java.desktop/share/native/libfontmanager/DrawGlyphList.c	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.desktop/share/native/libfontmanager/DrawGlyphList.c	Fri Oct 18 09:25:06 2019 -0700
@@ -532,6 +532,12 @@
      */
     if (subPixPos && len > 0) {
         ginfo = (GlyphInfo*)imagePtrs[0];
+        if (ginfo == NULL) {
+            (*env)->ReleasePrimitiveArrayCritical(env, glyphImages,
+                                                  imagePtrs, JNI_ABORT);
+            free(gbv);
+            return (GlyphBlitVector*)NULL;
+        }
         /* rowBytes==width tests if its a B&W or LCD glyph */
         if (ginfo->width == ginfo->rowBytes) {
             subPixPos = JNI_FALSE;
@@ -561,6 +567,12 @@
             jfloat px, py;
 
             ginfo = (GlyphInfo*)imagePtrs[g];
+            if (ginfo == NULL) {
+                (*env)->ReleasePrimitiveArrayCritical(env, glyphImages,
+                                                  imagePtrs, JNI_ABORT);
+                free(gbv);
+                return (GlyphBlitVector*)NULL;
+            }
             gbv->glyphs[g].glyphInfo = ginfo;
             gbv->glyphs[g].pixels = ginfo->image;
             gbv->glyphs[g].width = ginfo->width;
@@ -636,6 +648,12 @@
     } else {
         for (g=0; g<len; g++) {
             ginfo = (GlyphInfo*)imagePtrs[g];
+            if (ginfo == NULL) {
+                (*env)->ReleasePrimitiveArrayCritical(env, glyphImages,
+                                                  imagePtrs, JNI_ABORT);
+                free(gbv);
+                return (GlyphBlitVector*)NULL;
+            }
             gbv->glyphs[g].glyphInfo = ginfo;
             gbv->glyphs[g].pixels = ginfo->image;
             gbv->glyphs[g].width = ginfo->width;
--- a/src/java.desktop/share/native/libfontmanager/freetypeScaler.c	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.desktop/share/native/libfontmanager/freetypeScaler.c	Fri Oct 18 09:25:06 2019 -0700
@@ -154,7 +154,31 @@
     jobject bBuffer;
     int bread = 0;
 
-    if (numBytes == 0) return 0;
+    /* A call with numBytes == 0 is a seek. It should return 0 if the
+     * seek position is within the file and non-zero otherwise.
+     * For all other cases, ie numBytes !=0, return the number of bytes
+     * actually read. This applies to truncated reads and also failed reads.
+     */
+
+    if (numBytes == 0) {
+        if (offset > scalerInfo->fileSize) {
+            return -1;
+        } else {
+            return 0;
+       }
+    }
+
+    if (offset + numBytes < offset) {
+        return 0; // ft should not do this, but just in case.
+    }
+
+    if (offset >= scalerInfo->fileSize) {
+        return 0;
+    }
+
+    if (offset + numBytes > scalerInfo->fileSize) {
+        numBytes = scalerInfo->fileSize - offset;
+    }
 
     /* Large reads will bypass the cache and data copying */
     if (numBytes > FILEDATACACHESIZE) {
@@ -164,7 +188,11 @@
                                           scalerInfo->font2D,
                                           sunFontIDs.ttReadBlockMID,
                                           bBuffer, offset, numBytes);
-            return bread;
+            if (bread < 0) {
+                return 0;
+            } else {
+               return bread;
+            }
         } else {
             /* We probably hit bug 4845371. For reasons that
              * are currently unclear, the call stacks after the initial
@@ -179,9 +207,18 @@
             (*env)->CallObjectMethod(env, scalerInfo->font2D,
                                      sunFontIDs.ttReadBytesMID,
                                      offset, numBytes);
-            (*env)->GetByteArrayRegion(env, byteArray,
-                                       0, numBytes, (jbyte*)destBuffer);
-            return numBytes;
+            /* If there's an OutofMemoryError then byteArray will be null */
+            if (byteArray == NULL) {
+                return 0;
+            } else {
+                jsize len = (*env)->GetArrayLength(env, byteArray);
+                if (len < numBytes) {
+                    numBytes = len; // don't get more bytes than there are ..
+                }
+                (*env)->GetByteArrayRegion(env, byteArray,
+                                           0, numBytes, (jbyte*)destBuffer);
+                return numBytes;
+            }
         }
     } /* Do we have a cache hit? */
       else if (scalerInfo->fontDataOffset <= offset &&
@@ -203,6 +240,11 @@
                                       sunFontIDs.ttReadBlockMID,
                                       bBuffer, offset,
                                       scalerInfo->fontDataLength);
+        if (bread <= 0) {
+            return 0;
+        } else if (bread < numBytes) {
+           numBytes = bread;
+        }
         memcpy(destBuffer, scalerInfo->fontData, numBytes);
         return numBytes;
     }
@@ -593,16 +635,17 @@
       to avoid unnecesary work with bitmaps. */
 
     GlyphInfo *info;
-    jfloat advance;
+    jfloat advance = 0.0f;
     jlong image;
 
     image = Java_sun_font_FreetypeFontScaler_getGlyphImageNative(
                  env, scaler, font2D, pScalerContext, pScaler, glyphCode);
     info = (GlyphInfo*) jlong_to_ptr(image);
 
-    advance = info->advanceX;
-
-    free(info);
+    if (info != NULL) {
+        advance = info->advanceX;
+        free(info);
+    }
 
     return advance;
 }
@@ -630,10 +673,14 @@
                                  pScalerContext, pScaler, glyphCode);
      info = (GlyphInfo*) jlong_to_ptr(image);
 
-     (*env)->SetFloatField(env, metrics, sunFontIDs.xFID, info->advanceX);
-     (*env)->SetFloatField(env, metrics, sunFontIDs.yFID, info->advanceY);
-
-     free(info);
+     if (info != NULL) {
+         (*env)->SetFloatField(env, metrics, sunFontIDs.xFID, info->advanceX);
+         (*env)->SetFloatField(env, metrics, sunFontIDs.yFID, info->advanceY);
+         free(info);
+     } else {
+         (*env)->SetFloatField(env, metrics, sunFontIDs.xFID, 0.0f);
+         (*env)->SetFloatField(env, metrics, sunFontIDs.yFID, 0.0f);
+     }
 }
 
 
@@ -740,6 +787,13 @@
 }
 
 
+/* JDK does not use glyph images for fonts with a
+ * pixel size > 100 (see THRESHOLD in OutlineTextRenderer.java)
+ * so if the glyph bitmap image dimension is > 1024 pixels,
+ * something is up.
+ */
+#define MAX_GLYPH_DIM 1024
+
 /*
  * Class:     sun_font_FreetypeFontScaler
  * Method:    getGlyphImageNative
@@ -813,6 +867,14 @@
     /* generate bitmap if it is not done yet
      e.g. if algorithmic styling is performed and style was added to outline */
     if (ftglyph->format == FT_GLYPH_FORMAT_OUTLINE) {
+        FT_BBox bbox;
+        FT_Outline_Get_CBox(&(ftglyph->outline), &bbox);
+        int w = (int)((bbox.xMax>>6)-(bbox.xMin>>6));
+        int h = (int)((bbox.yMax>>6)-(bbox.yMin>>6));
+        if (w > MAX_GLYPH_DIM || h > MAX_GLYPH_DIM) {
+            glyphInfo = getNullGlyphImage();
+            return ptr_to_jlong(glyphInfo);
+        }
         error = FT_Render_Glyph(ftglyph, FT_LOAD_TARGET_MODE(target));
         if (error != 0) {
             return ptr_to_jlong(getNullGlyphImage());
@@ -821,6 +883,11 @@
 
     width  = (UInt16) ftglyph->bitmap.width;
     height = (UInt16) ftglyph->bitmap.rows;
+    if (width > MAX_GLYPH_DIM || height > MAX_GLYPH_DIM) {
+        glyphInfo = getNullGlyphImage();
+        return ptr_to_jlong(glyphInfo);
+    }
+
 
     imageSize = width*height;
     glyphInfo = (GlyphInfo*) malloc(sizeof(GlyphInfo) + imageSize);
--- a/src/java.desktop/share/native/libfontmanager/hb-jdk-font.cc	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.desktop/share/native/libfontmanager/hb-jdk-font.cc	Fri Oct 18 09:25:06 2019 -0700
@@ -351,6 +351,9 @@
   }
   length = env->GetArrayLength(tableBytes);
   buffer = calloc(length, sizeof(jbyte));
+  if (buffer == NULL) {
+      return NULL;
+  }
   env->GetByteArrayRegion(tableBytes, 0, length, (jbyte*)buffer);
 
   return hb_blob_create((const char *)buffer, length,
--- a/src/java.desktop/unix/classes/sun/font/XRGlyphCache.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.desktop/unix/classes/sun/font/XRGlyphCache.java	Fri Oct 18 09:25:06 2019 -0700
@@ -114,6 +114,9 @@
         for (int i = 0; i < glyphList.getNumGlyphs(); i++) {
             XRGlyphCacheEntry glyph;
 
+            if (imgPtrs[i] == 0L) {
+                continue;
+            }
             // Find uncached glyphs and queue them for upload
             if ((glyph = getEntryForPointer(imgPtrs[i])) == null) {
                 glyph = new XRGlyphCacheEntry(imgPtrs[i], glyphList);
--- a/src/java.desktop/unix/classes/sun/font/XRTextRenderer.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.desktop/unix/classes/sun/font/XRTextRenderer.java	Fri Oct 18 09:25:06 2019 -0700
@@ -88,6 +88,9 @@
             for (int i = 0; i < gl.getNumGlyphs(); i++) {
                 gl.setGlyphIndex(i);
                 XRGlyphCacheEntry cacheEntry = cachedGlyphs[i];
+                if (cacheEntry == null) {
+                    continue;
+                }
 
                 eltList.getGlyphs().addInt(cacheEntry.getGlyphID());
                 int glyphSet = cacheEntry.getGlyphSet();
--- a/src/java.desktop/unix/native/common/java2d/x11/X11FontScaler_md.c	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.desktop/unix/native/common/java2d/x11/X11FontScaler_md.c	Fri Oct 18 09:25:06 2019 -0700
@@ -273,6 +273,7 @@
     unsigned int imageSize;
     JNIEnv *env;
 
+
     FONT_AWT_LOCK();
 /*     XTextExtents16(xFont, xChar, 1, &direction, &ascent, &descent, &xcs); */
     XQueryTextExtents16(awt_display,xFont->fid, xChar, 1,
@@ -280,8 +281,11 @@
     width = xcs.rbearing - xcs.lbearing;
     height = xcs.ascent+xcs.descent;
     imageSize = width*height;
-
     glyphInfo = (GlyphInfo*)malloc(sizeof(GlyphInfo)+imageSize);
+    if (glyphInfo == NULL) {
+        AWT_UNLOCK();
+        return (jlong)(uintptr_t)NULL;
+    }
     glyphInfo->cellInfo = NULL;
     glyphInfo->width = width;
     glyphInfo->height = height;
--- a/src/java.desktop/windows/native/libawt/java2d/d3d/D3DContext.cpp	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.desktop/windows/native/libawt/java2d/d3d/D3DContext.cpp	Fri Oct 18 09:25:06 2019 -0700
@@ -1092,7 +1092,9 @@
 {
 #ifndef PtrAddBytes
 #define PtrAddBytes(p, b)               ((void *) (((intptr_t) (p)) + (b)))
-#define PtrCoord(p, x, xinc, y, yinc)   PtrAddBytes(p, (y)*(yinc) + (x)*(xinc))
+#define PtrCoord(p, x, xinc, y, yinc)   PtrAddBytes(p, \
+                                                    ((ptrdiff_t)(y))*(yinc) + \
+                                                    ((ptrdiff_t)(x))*(xinc))
 #endif // PtrAddBytes
 
     HRESULT res = S_OK;
--- a/src/java.management/share/classes/com/sun/jmx/mbeanserver/Introspector.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.management/share/classes/com/sun/jmx/mbeanserver/Introspector.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -450,7 +450,7 @@
      * @return nothing - this method always throw an exception.
      *         The return type makes it possible to write
      *         <pre> throw throwException(clazz,cause); </pre>
-     * @throws SecurityException - if cause is a SecurityException
+     * @throws SecurityException   if cause is a SecurityException
      * @throws NotCompliantMBeanException otherwise.
      **/
     static NotCompliantMBeanException throwException(Class<?> notCompliant,
--- a/src/java.net.http/share/classes/jdk/internal/net/http/common/SSLFlowDelegate.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.net.http/share/classes/jdk/internal/net/http/common/SSLFlowDelegate.java	Fri Oct 18 09:25:06 2019 -0700
@@ -318,14 +318,19 @@
 
         @Override
         protected long upstreamWindowUpdate(long currentWindow, long downstreamQsize) {
-            if (readBuf.remaining() > TARGET_BUFSIZE) {
-                if (debugr.on())
-                    debugr.log("readBuf has more than TARGET_BUFSIZE: %d",
-                            readBuf.remaining());
-                return 0;
-            } else {
-                return super.upstreamWindowUpdate(currentWindow, downstreamQsize);
+            if (needsMoreData()) {
+                // run the scheduler to see if more data should be requested
+                if (debugr.on()) {
+                    int remaining = readBuf.remaining();
+                    if (remaining > TARGET_BUFSIZE) {
+                        // just some logging to check how much we have in the read buffer
+                        debugr.log("readBuf has more than TARGET_BUFSIZE: %d",
+                                remaining);
+                    }
+                }
+                scheduler.runOrSchedule();
             }
+            return 0; // we will request more from the scheduler loop (processData).
         }
 
         // readBuf is kept ready for reading outside of this method
@@ -368,6 +373,32 @@
         // we had before calling unwrap() again.
         volatile int minBytesRequired;
 
+        // We might need to request more data if:
+        //  - we have a subscription from upstream
+        //  - and we don't have enough data to decrypt in the read buffer
+        //  - *and* - either we're handshaking, and more data is required (NEED_UNWRAP),
+        //          - or we have demand from downstream, but we have nothing decrypted
+        //            to forward downstream.
+        boolean needsMoreData() {
+            if (upstreamSubscription != null && readBuf.remaining() <= minBytesRequired &&
+                    (engine.getHandshakeStatus() == HandshakeStatus.NEED_UNWRAP
+                            || !downstreamSubscription.demand.isFulfilled() && hasNoOutputData())) {
+                return true;
+            }
+            return false;
+        }
+
+        // If the readBuf has not enough data, and we either need to
+        // unwrap (handshaking) or we have demand from downstream,
+        // then request more data
+        void requestMoreDataIfNeeded() {
+            if (needsMoreData()) {
+                // request more will only request more if our
+                // demand from upstream is fulfilled
+                requestMore();
+            }
+        }
+
         // work function where it all happens
         final void processData() {
             try {
@@ -434,6 +465,7 @@
                             outgoing(Utils.EMPTY_BB_LIST, true);
                             // complete ALPN if not yet completed
                             setALPN();
+                            requestMoreDataIfNeeded();
                             return;
                         }
                         if (result.handshaking()) {
@@ -451,8 +483,10 @@
                         handleError(ex);
                         return;
                     }
-                    if (handshaking && !complete)
+                    if (handshaking && !complete) {
+                        requestMoreDataIfNeeded();
                         return;
+                    }
                 }
                 if (!complete) {
                     synchronized (readBufferLock) {
@@ -466,6 +500,8 @@
                     // activity.
                     setALPN();
                     outgoing(Utils.EMPTY_BB_LIST, true);
+                } else {
+                    requestMoreDataIfNeeded();
                 }
             } catch (Throwable ex) {
                 errorCommon(ex);
--- a/src/java.net.http/share/classes/jdk/internal/net/http/common/SubscriberWrapper.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.net.http/share/classes/jdk/internal/net/http/common/SubscriberWrapper.java	Fri Oct 18 09:25:06 2019 -0700
@@ -26,9 +26,7 @@
 package jdk.internal.net.http.common;
 
 import java.io.Closeable;
-import java.lang.System.Logger.Level;
 import java.nio.ByteBuffer;
-import java.util.ArrayList;
 import java.util.List;
 import java.util.Objects;
 import java.util.concurrent.CompletableFuture;
@@ -318,11 +316,33 @@
                 downstreamSubscriber.onNext(b);
                 datasent = true;
             }
-            if (datasent) upstreamWindowUpdate();
+
+            // If we have sent some decrypted data downstream,
+            // or if:
+            //    - there's nothing more available to send downstream
+            //    - and we still have some demand from downstream
+            //    - and upstream is not completed yet
+            //    - and our demand from upstream has reached 0,
+            // then check whether we should request more data from
+            // upstream
+            if (datasent || outputQ.isEmpty()
+                    && !downstreamSubscription.demand.isFulfilled()
+                    && !upstreamCompleted
+                    && upstreamWindow.get() == 0) {
+                upstreamWindowUpdate();
+            }
             checkCompletion();
         }
     }
 
+    final int outputQueueSize() {
+        return outputQ.size();
+    }
+
+    final boolean hasNoOutputData() {
+        return outputQ.isEmpty();
+    }
+
     void upstreamWindowUpdate() {
         long downstreamQueueSize = outputQ.size();
         long upstreamWindowSize = upstreamWindow.get();
@@ -341,7 +361,7 @@
             throw new IllegalStateException("Single shot publisher");
         }
         this.upstreamSubscription = subscription;
-        upstreamRequest(upstreamWindowUpdate(0, 0));
+        upstreamRequest(initialUpstreamDemand());
         if (debug.on())
             debug.log("calling downstreamSubscriber::onSubscribe on %s",
                       downstreamSubscriber);
@@ -356,7 +376,6 @@
         if (prev <= 0)
             throw new IllegalStateException("invalid onNext call");
         incomingCaller(item, false);
-        upstreamWindowUpdate();
     }
 
     private void upstreamRequest(long n) {
@@ -365,6 +384,16 @@
         upstreamSubscription.request(n);
     }
 
+    /**
+     * Initial demand that should be requested
+     * from upstream when we get the upstream subscription
+     * from {@link #onSubscribe(Flow.Subscription)}.
+     * @return The initial demand to request from upstream.
+     */
+    protected long initialUpstreamDemand() {
+        return 1;
+    }
+
     protected void requestMore() {
         if (upstreamWindow.get() == 0) {
             upstreamRequest(1);
--- a/src/java.rmi/share/classes/java/rmi/activation/ActivationGroup.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.rmi/share/classes/java/rmi/activation/ActivationGroup.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -107,6 +107,7 @@
     /**
      * @serial the group's monitor
      */
+    @SuppressWarnings("serial") // Not statically typed as Serializable
     private ActivationMonitor monitor;
 
     /**
--- a/src/java.rmi/share/classes/java/rmi/activation/ActivationGroupID.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.rmi/share/classes/java/rmi/activation/ActivationGroupID.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -49,6 +49,7 @@
     /**
      * @serial The group's activation system.
      */
+    @SuppressWarnings("serial") // Not statically typed as Serializable
     private ActivationSystem system;
 
     /**
--- a/src/java.rmi/share/classes/java/rmi/server/UnicastRemoteObject.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.rmi/share/classes/java/rmi/server/UnicastRemoteObject.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2017, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -189,12 +189,14 @@
     /**
      * @serial client-side socket factory (if any)
      */
+    @SuppressWarnings("serial") // Not statically typed as Serializable
     private RMIClientSocketFactory csf = null;
 
     /**
      * @serial server-side socket factory (if any) to use when
      * exporting object
      */
+    @SuppressWarnings("serial") // Not statically typed as Serializable
     private RMIServerSocketFactory ssf = null;
 
     /* indicate compatibility with JDK 1.1.x version of class */
--- a/src/java.rmi/share/classes/sun/rmi/registry/RegistryImpl_Skel.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.rmi/share/classes/sun/rmi/registry/RegistryImpl_Skel.java	Fri Oct 18 09:25:06 2019 -0700
@@ -27,13 +27,8 @@
 package sun.rmi.registry;
 
 import java.io.IOException;
-import java.io.InputStream;
-import java.rmi.AccessException;
-import java.rmi.server.RemoteCall;
 
-import sun.rmi.transport.Connection;
 import sun.rmi.transport.StreamRemoteCall;
-import sun.rmi.transport.tcp.TCPConnection;
 
 /**
  * Skeleton to dispatch RegistryImpl methods.
@@ -56,7 +51,7 @@
         return operations.clone();
     }
 
-    public void dispatch(java.rmi.Remote obj, java.rmi.server.RemoteCall call, int opnum, long hash)
+    public void dispatch(java.rmi.Remote obj, java.rmi.server.RemoteCall remoteCall, int opnum, long hash)
             throws java.lang.Exception {
         if (opnum < 0) {
             if (hash == 7583982177005850366L) {
@@ -78,6 +73,7 @@
         }
 
         sun.rmi.registry.RegistryImpl server = (sun.rmi.registry.RegistryImpl) obj;
+        StreamRemoteCall call = (StreamRemoteCall) remoteCall;
         switch (opnum) {
             case 0: // bind(String, Remote)
             {
@@ -90,7 +86,8 @@
                     java.io.ObjectInput in = call.getInputStream();
                     $param_String_1 = (java.lang.String) in.readObject();
                     $param_Remote_2 = (java.rmi.Remote) in.readObject();
-                } catch (java.io.IOException | java.lang.ClassNotFoundException e) {
+                } catch (ClassCastException | IOException | ClassNotFoundException e) {
+                    call.discardPendingRefs();
                     throw new java.rmi.UnmarshalException("error unmarshalling arguments", e);
                 } finally {
                     call.releaseInputStream();
@@ -123,7 +120,8 @@
                 try {
                     java.io.ObjectInput in = call.getInputStream();
                     $param_String_1 = (java.lang.String) in.readObject();
-                } catch (java.io.IOException | java.lang.ClassNotFoundException e) {
+                } catch (ClassCastException | IOException | ClassNotFoundException e) {
+                    call.discardPendingRefs();
                     throw new java.rmi.UnmarshalException("error unmarshalling arguments", e);
                 } finally {
                     call.releaseInputStream();
@@ -149,7 +147,8 @@
                     java.io.ObjectInput in = call.getInputStream();
                     $param_String_1 = (java.lang.String) in.readObject();
                     $param_Remote_2 = (java.rmi.Remote) in.readObject();
-                } catch (java.io.IOException | java.lang.ClassNotFoundException e) {
+                } catch (ClassCastException | IOException | java.lang.ClassNotFoundException e) {
+                    call.discardPendingRefs();
                     throw new java.rmi.UnmarshalException("error unmarshalling arguments", e);
                 } finally {
                     call.releaseInputStream();
@@ -172,7 +171,8 @@
                 try {
                     java.io.ObjectInput in = call.getInputStream();
                     $param_String_1 = (java.lang.String) in.readObject();
-                } catch (java.io.IOException | java.lang.ClassNotFoundException e) {
+                } catch (ClassCastException | IOException | ClassNotFoundException e) {
+                    call.discardPendingRefs();
                     throw new java.rmi.UnmarshalException("error unmarshalling arguments", e);
                 } finally {
                     call.releaseInputStream();
--- a/src/java.rmi/share/classes/sun/rmi/registry/RegistryImpl_Stub.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.rmi/share/classes/sun/rmi/registry/RegistryImpl_Stub.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -24,6 +24,11 @@
  */
 
 package sun.rmi.registry;
+
+import java.io.IOException;
+
+import sun.rmi.transport.StreamRemoteCall;
+
 /**
  * Stubs to invoke RegistryImpl remote methods.
  * Originally generated from RMIC but frozen to match RegistryImpl_Skel.
@@ -57,7 +62,7 @@
     public void bind(java.lang.String $param_String_1, java.rmi.Remote $param_Remote_2)
             throws java.rmi.AccessException, java.rmi.AlreadyBoundException, java.rmi.RemoteException {
         try {
-            java.rmi.server.RemoteCall call = ref.newCall((java.rmi.server.RemoteObject) this, operations, 0, interfaceHash);
+            StreamRemoteCall call = (StreamRemoteCall)ref.newCall(this, operations, 0, interfaceHash);
             try {
                 java.io.ObjectOutput out = call.getOutputStream();
                 out.writeObject($param_String_1);
@@ -82,15 +87,14 @@
     public java.lang.String[] list()
             throws java.rmi.AccessException, java.rmi.RemoteException {
         try {
-            java.rmi.server.RemoteCall call = ref.newCall((java.rmi.server.RemoteObject) this, operations, 1, interfaceHash);
+            StreamRemoteCall call = (StreamRemoteCall)ref.newCall(this, operations, 1, interfaceHash);
             ref.invoke(call);
             java.lang.String[] $result;
             try {
                 java.io.ObjectInput in = call.getInputStream();
                 $result = (java.lang.String[]) in.readObject();
-            } catch (java.io.IOException e) {
-                throw new java.rmi.UnmarshalException("error unmarshalling return", e);
-            } catch (java.lang.ClassNotFoundException e) {
+            } catch (ClassCastException | IOException | ClassNotFoundException e) {
+                call.discardPendingRefs();
                 throw new java.rmi.UnmarshalException("error unmarshalling return", e);
             } finally {
                 ref.done(call);
@@ -109,7 +113,7 @@
     public java.rmi.Remote lookup(java.lang.String $param_String_1)
             throws java.rmi.AccessException, java.rmi.NotBoundException, java.rmi.RemoteException {
         try {
-            java.rmi.server.RemoteCall call = ref.newCall((java.rmi.server.RemoteObject) this, operations, 2, interfaceHash);
+            StreamRemoteCall call = (StreamRemoteCall)ref.newCall(this, operations, 2, interfaceHash);
             try {
                 java.io.ObjectOutput out = call.getOutputStream();
                 out.writeObject($param_String_1);
@@ -121,9 +125,8 @@
             try {
                 java.io.ObjectInput in = call.getInputStream();
                 $result = (java.rmi.Remote) in.readObject();
-            } catch (java.io.IOException e) {
-                throw new java.rmi.UnmarshalException("error unmarshalling return", e);
-            } catch (java.lang.ClassNotFoundException e) {
+            } catch (ClassCastException | IOException | ClassNotFoundException e) {
+                call.discardPendingRefs();
                 throw new java.rmi.UnmarshalException("error unmarshalling return", e);
             } finally {
                 ref.done(call);
@@ -144,7 +147,7 @@
     public void rebind(java.lang.String $param_String_1, java.rmi.Remote $param_Remote_2)
             throws java.rmi.AccessException, java.rmi.RemoteException {
         try {
-            java.rmi.server.RemoteCall call = ref.newCall((java.rmi.server.RemoteObject) this, operations, 3, interfaceHash);
+            StreamRemoteCall call = (StreamRemoteCall)ref.newCall(this, operations, 3, interfaceHash);
             try {
                 java.io.ObjectOutput out = call.getOutputStream();
                 out.writeObject($param_String_1);
@@ -167,7 +170,7 @@
     public void unbind(java.lang.String $param_String_1)
             throws java.rmi.AccessException, java.rmi.NotBoundException, java.rmi.RemoteException {
         try {
-            java.rmi.server.RemoteCall call = ref.newCall((java.rmi.server.RemoteObject) this, operations, 4, interfaceHash);
+            StreamRemoteCall call = (StreamRemoteCall)ref.newCall(this, operations, 4, interfaceHash);
             try {
                 java.io.ObjectOutput out = call.getOutputStream();
                 out.writeObject($param_String_1);
--- a/src/java.rmi/share/classes/sun/rmi/server/ActivatableServerRef.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.rmi/share/classes/sun/rmi/server/ActivatableServerRef.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -38,6 +38,7 @@
  *
  * @author Ann Wollrath
  */
+@SuppressWarnings("serial") // Externalizable class w/o no-arg c'tor
 public class ActivatableServerRef extends UnicastServerRef2 {
 
     private static final long serialVersionUID = 2002967993223003793L;
--- a/src/java.rmi/share/classes/sun/rmi/server/Activation.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.rmi/share/classes/sun/rmi/server/Activation.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -145,9 +145,11 @@
     private static boolean debugExec;
 
     /** maps activation id to its respective group id */
+    @SuppressWarnings("serial") // Conditionally serializable
     private Map<ActivationID,ActivationGroupID> idTable =
         new ConcurrentHashMap<>();
     /** maps group id to its GroupEntry groups */
+    @SuppressWarnings("serial") // Conditionally serializable
     private Map<ActivationGroupID,GroupEntry> groupTable =
         new ConcurrentHashMap<>();
 
@@ -297,6 +299,7 @@
 
         private static final String NAME = ActivationSystem.class.getName();
         private static final long serialVersionUID = 4877330021609408794L;
+        @SuppressWarnings("serial") // Not statically typed as Serializable
         private ActivationSystem systemStub = null;
 
         SystemRegistryImpl(int port,
@@ -498,6 +501,7 @@
      * with RegistryImpl.checkAccess().
      * The kind of access is retained for an exception if one is thrown.
      */
+    @SuppressWarnings("serial") // Externalizable class w/o no-arg c'tor
     static class SameHostOnlyServerRef extends UnicastServerRef {
         private static final long serialVersionUID = 1234L;
         private String accessKind;      // an exception message
@@ -873,7 +877,9 @@
         ActivationGroupDesc desc = null;
         ActivationGroupID groupID = null;
         long incarnation = 0;
+        @SuppressWarnings("serial") // Conditionally serializable
         Map<ActivationID,ObjectEntry> objects = new HashMap<>();
+        @SuppressWarnings("serial") // Conditionally serializable
         Set<ActivationID> restartSet = new HashSet<>();
 
         transient ActivationInstantiator group = null;
--- a/src/java.rmi/share/classes/sun/rmi/server/ActivationGroupImpl.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.rmi/share/classes/sun/rmi/server/ActivationGroupImpl.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -69,6 +69,7 @@
         new Hashtable<>();
     private boolean groupInactive = false;
     private final ActivationGroupID groupID;
+    @SuppressWarnings("serial")  // Conditionally serializable
     private final List<ActivationID> lockedIDs = new ArrayList<>();
 
     /**
--- a/src/java.rmi/share/classes/sun/rmi/transport/DGCImpl_Skel.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.rmi/share/classes/sun/rmi/transport/DGCImpl_Skel.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -25,6 +25,8 @@
 
 package sun.rmi.transport;
 
+import java.io.IOException;
+
 /**
  * Skeleton to dispatch DGC methods.
  * Originally generated by RMIC but frozen to match the stubs.
@@ -43,12 +45,13 @@
         return operations.clone();
     }
 
-    public void dispatch(java.rmi.Remote obj, java.rmi.server.RemoteCall call, int opnum, long hash)
+    public void dispatch(java.rmi.Remote obj, java.rmi.server.RemoteCall remoteCall, int opnum, long hash)
             throws java.lang.Exception {
         if (hash != interfaceHash)
             throw new java.rmi.server.SkeletonMismatchException("interface hash mismatch");
 
         sun.rmi.transport.DGCImpl server = (sun.rmi.transport.DGCImpl) obj;
+        StreamRemoteCall call = (StreamRemoteCall) remoteCall;
         switch (opnum) {
             case 0: // clean(ObjID[], long, VMID, boolean)
             {
@@ -62,9 +65,8 @@
                     $param_long_2 = in.readLong();
                     $param_VMID_3 = (java.rmi.dgc.VMID) in.readObject();
                     $param_boolean_4 = in.readBoolean();
-                } catch (java.io.IOException e) {
-                    throw new java.rmi.UnmarshalException("error unmarshalling arguments", e);
-                } catch (java.lang.ClassNotFoundException e) {
+                } catch (ClassCastException | IOException | ClassNotFoundException e) {
+                    call.discardPendingRefs();
                     throw new java.rmi.UnmarshalException("error unmarshalling arguments", e);
                 } finally {
                     call.releaseInputStream();
@@ -88,9 +90,8 @@
                     $param_arrayOf_ObjID_1 = (java.rmi.server.ObjID[]) in.readObject();
                     $param_long_2 = in.readLong();
                     $param_Lease_3 = (java.rmi.dgc.Lease) in.readObject();
-                } catch (java.io.IOException e) {
-                    throw new java.rmi.UnmarshalException("error unmarshalling arguments", e);
-                } catch (java.lang.ClassNotFoundException e) {
+                } catch (ClassCastException | IOException | ClassNotFoundException e) {
+                    call.discardPendingRefs();
                     throw new java.rmi.UnmarshalException("error unmarshalling arguments", e);
                 } finally {
                     call.releaseInputStream();
--- a/src/java.rmi/share/classes/sun/rmi/transport/DGCImpl_Stub.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.rmi/share/classes/sun/rmi/transport/DGCImpl_Stub.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -25,16 +25,17 @@
 
 package sun.rmi.transport;
 
+import sun.rmi.transport.tcp.TCPConnection;
+
+import java.io.IOException;
 import java.io.ObjectInputFilter;
-import java.io.ObjectInputStream;
+import java.rmi.RemoteException;
 import java.rmi.dgc.Lease;
 import java.rmi.dgc.VMID;
 import java.rmi.server.UID;
 import java.security.AccessController;
 import java.security.PrivilegedAction;
-
-import sun.rmi.server.UnicastRef;
-import sun.rmi.transport.tcp.TCPConnection;
+import java.util.ArrayList;
 
 /**
  * Stubs to invoke DGC remote methods.
@@ -72,7 +73,9 @@
     public void clean(java.rmi.server.ObjID[] $param_arrayOf_ObjID_1, long $param_long_2, java.rmi.dgc.VMID $param_VMID_3, boolean $param_boolean_4)
             throws java.rmi.RemoteException {
         try {
-            java.rmi.server.RemoteCall call = ref.newCall((java.rmi.server.RemoteObject) this, operations, 0, interfaceHash);
+            StreamRemoteCall call = (StreamRemoteCall)ref.newCall((java.rmi.server.RemoteObject) this,
+                    operations, 0, interfaceHash);
+            call.setObjectInputFilter(DGCImpl_Stub::leaseFilter);
             try {
                 java.io.ObjectOutput out = call.getOutputStream();
                 out.writeObject($param_arrayOf_ObjID_1);
@@ -97,7 +100,10 @@
     public java.rmi.dgc.Lease dirty(java.rmi.server.ObjID[] $param_arrayOf_ObjID_1, long $param_long_2, java.rmi.dgc.Lease $param_Lease_3)
             throws java.rmi.RemoteException {
         try {
-            java.rmi.server.RemoteCall call = ref.newCall((java.rmi.server.RemoteObject) this, operations, 1, interfaceHash);
+            StreamRemoteCall call =
+                    (StreamRemoteCall)ref.newCall((java.rmi.server.RemoteObject) this,
+                            operations, 1, interfaceHash);
+            call.setObjectInputFilter(DGCImpl_Stub::leaseFilter);
             try {
                 java.io.ObjectOutput out = call.getOutputStream();
                 out.writeObject($param_arrayOf_ObjID_1);
@@ -108,26 +114,16 @@
             }
             ref.invoke(call);
             java.rmi.dgc.Lease $result;
-            Connection connection = ((StreamRemoteCall) call).getConnection();
+            Connection connection = call.getConnection();
             try {
                 java.io.ObjectInput in = call.getInputStream();
-
-                if (in instanceof ObjectInputStream) {
-                    /**
-                     * Set a filter on the stream for the return value.
-                     */
-                    ObjectInputStream ois = (ObjectInputStream) in;
-                    AccessController.doPrivileged((PrivilegedAction<Void>)() -> {
-                        ois.setObjectInputFilter(DGCImpl_Stub::leaseFilter);
-                        return null;
-                    });
-                }
                 $result = (java.rmi.dgc.Lease) in.readObject();
-            } catch (java.io.IOException | java.lang.ClassNotFoundException e) {
+            } catch (ClassCastException | IOException | ClassNotFoundException e) {
                 if (connection instanceof TCPConnection) {
                     // Modified to prevent re-use of the connection after an exception
                     ((TCPConnection) connection).getChannel().free(connection, false);
                 }
+                call.discardPendingRefs();
                 throw new java.rmi.UnmarshalException("error unmarshalling return", e);
             } finally {
                 ref.done(call);
@@ -146,6 +142,11 @@
      * ObjectInputFilter to filter DGCClient return value (a Lease).
      * The list of acceptable classes is very short and explicit.
      * The depth and array sizes are limited.
+     * <p>
+     * The filter must accept normal and exception returns.
+     * A DGC server may throw exceptions that may have a cause
+     * and suppressed exceptions.
+     * Only exceptions in {@code java.base} and {@code java.rmi} are allowed.
      *
      * @param filterInfo access to class, arrayLength, etc.
      * @return  {@link ObjectInputFilter.Status#ALLOWED} if allowed,
@@ -172,7 +173,14 @@
             }
             return (clazz == UID.class ||
                     clazz == VMID.class ||
-                    clazz == Lease.class)
+                    clazz == Lease.class ||
+                    (Throwable.class.isAssignableFrom(clazz) &&
+                            (Object.class.getModule() == clazz.getModule() ||
+                                    RemoteException.class.getModule() == clazz.getModule())) ||
+                    clazz == StackTraceElement.class ||
+                    clazz == ArrayList.class ||     // for suppressed exceptions, if any
+                    clazz == Object.class ||
+                    clazz.getName().equals("java.util.Collections$EmptyList"))
                     ? ObjectInputFilter.Status.ALLOWED
                     : ObjectInputFilter.Status.REJECTED;
         }
--- a/src/java.rmi/share/classes/sun/rmi/transport/StreamRemoteCall.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.rmi/share/classes/sun/rmi/transport/StreamRemoteCall.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2017, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -29,6 +29,7 @@
 import java.io.DataOutputStream;
 import java.io.IOException;
 import java.io.ObjectInput;
+import java.io.ObjectInputFilter;
 import java.io.ObjectOutput;
 import java.io.StreamCorruptedException;
 import java.rmi.RemoteException;
@@ -36,6 +37,9 @@
 import java.rmi.UnmarshalException;
 import java.rmi.server.ObjID;
 import java.rmi.server.RemoteCall;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+
 import sun.rmi.runtime.Log;
 import sun.rmi.server.UnicastRef;
 import sun.rmi.transport.tcp.TCPEndpoint;
@@ -50,6 +54,7 @@
     private ConnectionInputStream in = null;
     private ConnectionOutputStream out = null;
     private Connection conn;
+    private ObjectInputFilter filter = null;
     private boolean resultStarted = false;
     private Exception serverException = null;
 
@@ -123,6 +128,13 @@
         }
     }
 
+    public void setObjectInputFilter(ObjectInputFilter filter) {
+        if (in != null) {
+            throw new IllegalStateException("set filter must occur before calling getInputStream");
+        }
+        this.filter = filter;
+    }
+
     /**
      * Get the InputStream the stub/skeleton should get results/arguments
      * from.
@@ -132,6 +144,12 @@
             Transport.transportLog.log(Log.VERBOSE, "getting input stream");
 
             in = new ConnectionInputStream(conn.getInputStream());
+            if (filter != null) {
+                AccessController.doPrivileged((PrivilegedAction<Void>) () -> {
+                    in.setObjectInputFilter(filter);
+                    return null;
+                });
+            }
         }
         return in;
     }
@@ -251,6 +269,7 @@
             try {
                 ex = in.readObject();
             } catch (Exception e) {
+                discardPendingRefs();
                 throw new UnmarshalException("Error unmarshaling return", e);
             }
 
@@ -259,6 +278,7 @@
             if (ex instanceof Exception) {
                 exceptionReceivedFromServer((Exception) ex);
             } else {
+                discardPendingRefs();
                 throw new UnmarshalException("Return type not Exception");
             }
             // Exception is thrown before fallthrough can occur
--- a/src/java.security.jgss/macosx/native/libosxkrb5/nativeccache.c	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.security.jgss/macosx/native/libosxkrb5/nativeccache.c	Fri Oct 18 09:25:06 2019 -0700
@@ -247,6 +247,7 @@
 
     int netypes;
     jint *etypes = NULL;
+    int proxy_flag = 0;
 
     /* Initialize the Kerberos 5 context */
     err = krb5_init_context (&kcontext);
@@ -259,6 +260,48 @@
         err = krb5_cc_set_flags (kcontext, ccache, flags); /* turn off OPENCLOSE */
     }
 
+    // First round read. The proxy_impersonator config flag is not supported.
+    // This ccache will not be used if this flag exists.
+    if (!err) {
+        err = krb5_cc_start_seq_get (kcontext, ccache, &cursor);
+    }
+
+    if (!err) {
+        while ((err = krb5_cc_next_cred (kcontext, ccache, &cursor, &creds)) == 0) {
+            char *serverName = NULL;
+
+            if (!err) {
+                err = krb5_unparse_name (kcontext, creds.server, &serverName);
+                printiferr (err, "while unparsing server name");
+            }
+
+            if (!err) {
+                if (!strcmp(serverName, "krb5_ccache_conf_data/proxy_impersonator@X-CACHECONF:")) {
+                    proxy_flag = 1;
+                }
+            }
+
+            if (serverName != NULL) { krb5_free_unparsed_name (kcontext, serverName); }
+
+            krb5_free_cred_contents (kcontext, &creds);
+
+            if (proxy_flag) break;
+        }
+
+        if (err == KRB5_CC_END) { err = 0; }
+        printiferr (err, "while retrieving a ticket");
+    }
+
+    if (!err) {
+        err = krb5_cc_end_seq_get (kcontext, ccache, &cursor);
+        printiferr (err, "while finishing ticket retrieval");
+    }
+
+    if (proxy_flag) {
+        goto outer_cleanup;
+    }
+    // End of first round read
+
     if (!err) {
         err = krb5_cc_start_seq_get (kcontext, ccache, &cursor);
     }
@@ -388,6 +431,7 @@
         printiferr (err, "while finishing ticket retrieval");
     }
 
+outer_cleanup:
     if (!err) {
         flags = KRB5_TC_OPENCLOSE; /* restore OPENCLOSE mode */
         err = krb5_cc_set_flags (kcontext, ccache, flags);
--- a/src/java.security.jgss/share/classes/javax/security/auth/kerberos/JavaxSecurityAuthKerberosAccessImpl.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.security.jgss/share/classes/javax/security/auth/kerberos/JavaxSecurityAuthKerberosAccessImpl.java	Fri Oct 18 09:25:06 2019 -0700
@@ -49,4 +49,12 @@
     public void kerberosTicketSetServerAlias(KerberosTicket t, KerberosPrincipal a) {
         t.serverAlias = a;
     }
+
+    public KerberosTicket kerberosTicketGetProxy(KerberosTicket t) {
+        return t.proxy;
+    }
+
+    public void kerberosTicketSetProxy(KerberosTicket t, KerberosTicket p) {
+        t.proxy = p;
+    }
 }
--- a/src/java.security.jgss/share/classes/javax/security/auth/kerberos/KerberosTicket.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.security.jgss/share/classes/javax/security/auth/kerberos/KerberosTicket.java	Fri Oct 18 09:25:06 2019 -0700
@@ -29,11 +29,13 @@
 import java.util.Date;
 import java.util.Arrays;
 import java.net.InetAddress;
+import java.util.Objects;
 import javax.crypto.SecretKey;
 import javax.security.auth.Refreshable;
 import javax.security.auth.Destroyable;
 import javax.security.auth.RefreshFailedException;
 import javax.security.auth.DestroyFailedException;
+
 import sun.security.util.HexDumpEncoder;
 
 /**
@@ -190,8 +192,13 @@
      * @serial
      */
 
+    private InetAddress[] clientAddresses;
 
-    private InetAddress[] clientAddresses;
+    /**
+     * Evidence ticket if proxy_impersonator. This field can be accessed
+     * by KerberosSecrets. It's serialized.
+     */
+    KerberosTicket proxy = null;
 
     private transient boolean destroyed = false;
 
@@ -711,6 +718,7 @@
                 "Renew Till = " + String.valueOf(renewTill) + "\n" +
                 "Client Addresses " +
                 (clientAddresses == null ? " Null " : caddrString.toString() +
+                (proxy == null ? "" : "\nwith a proxy ticket") +
                 "\n"));
     }
 
@@ -748,6 +756,10 @@
 
         // clientAddress may be null, the array's hashCode is 0
         result = result * 37 + Arrays.hashCode(clientAddresses);
+
+        if (proxy != null) {
+            result = result * 37 + proxy.hashCode();
+        }
         return result * 37 + Arrays.hashCode(flags);
     }
 
@@ -820,6 +832,10 @@
             }
         }
 
+        if (!Objects.equals(proxy, otherTicket.proxy)) {
+            return false;
+        }
+
         return true;
     }
 
--- a/src/java.security.jgss/share/classes/sun/security/jgss/krb5/Krb5Context.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.security.jgss/share/classes/sun/security/jgss/krb5/Krb5Context.java	Fri Oct 18 09:25:06 2019 -0700
@@ -617,6 +617,8 @@
                     if (myCred == null) {
                         myCred = Krb5InitCredential.getInstance(caller, myName,
                                               GSSCredential.DEFAULT_LIFETIME);
+                        myCred = Krb5ProxyCredential.tryImpersonation(
+                                caller, (Krb5InitCredential)myCred);
                     } else if (!myCred.isInitiatorCredential()) {
                         throw new GSSException(errorCode, -1,
                                            "No TGT available");
@@ -653,8 +655,8 @@
                                     // highly consider just calling:
                                     // Subject.getSubject
                                     // SubjectComber.find
-                                    // instead of Krb5Util.getTicket
-                                    return Krb5Util.getTicket(
+                                    // instead of Krb5Util.getServiceTicket
+                                    return Krb5Util.getServiceTicket(
                                         GSSCaller.CALLER_UNKNOWN,
                                         // since it's useSubjectCredsOnly here,
                                         // don't worry about the null
--- a/src/java.security.jgss/share/classes/sun/security/jgss/krb5/Krb5InitCredential.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.security.jgss/share/classes/sun/security/jgss/krb5/Krb5InitCredential.java	Fri Oct 18 09:25:06 2019 -0700
@@ -57,6 +57,7 @@
     private Krb5NameElement name;
     @SuppressWarnings("serial") // Not statically typed as Serializable
     private Credentials krb5Credentials;
+    public KerberosTicket proxyTicket;
 
     private Krb5InitCredential(Krb5NameElement name,
                                byte[] asn1Encoding,
@@ -175,7 +176,7 @@
         KerberosPrincipal serverAlias = KerberosSecrets
                 .getJavaxSecurityAuthKerberosAccess()
                 .kerberosTicketGetServerAlias(tgt);
-        return new Krb5InitCredential(name,
+        Krb5InitCredential result = new Krb5InitCredential(name,
                                       tgt.getEncoded(),
                                       tgt.getClient(),
                                       clientAlias,
@@ -189,6 +190,9 @@
                                       tgt.getEndTime(),
                                       tgt.getRenewTill(),
                                       tgt.getClientAddresses());
+        result.proxyTicket = KerberosSecrets.getJavaxSecurityAuthKerberosAccess().
+            kerberosTicketGetProxy(tgt);
+        return result;
     }
 
     static Krb5InitCredential getInstance(Krb5NameElement name,
@@ -371,9 +375,9 @@
                 public KerberosTicket run() throws Exception {
                     // It's OK to use null as serverPrincipal. TGT is almost
                     // the first ticket for a principal and we use list.
-                    return Krb5Util.getTicket(
+                    return Krb5Util.getInitialTicket(
                         realCaller,
-                        clientPrincipal, null, acc);
+                        clientPrincipal, acc);
                         }});
         } catch (PrivilegedActionException e) {
             GSSException ge =
--- a/src/java.security.jgss/share/classes/sun/security/jgss/krb5/Krb5MechFactory.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.security.jgss/share/classes/sun/security/jgss/krb5/Krb5MechFactory.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -124,6 +124,8 @@
                 usage == GSSCredential.INITIATE_AND_ACCEPT) {
                 credElement = Krb5InitCredential.getInstance
                     (caller, (Krb5NameElement) name, initLifetime);
+                credElement = Krb5ProxyCredential.tryImpersonation(
+                        caller, (Krb5InitCredential)credElement);
                 checkInitCredPermission
                     ((Krb5NameElement) credElement.getName());
             } else if (usage == GSSCredential.ACCEPT_ONLY) {
--- a/src/java.security.jgss/share/classes/sun/security/jgss/krb5/Krb5NameElement.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.security.jgss/share/classes/sun/security/jgss/krb5/Krb5NameElement.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -144,7 +144,7 @@
         return new Krb5NameElement(principalName, gssNameStr, gssNameType);
     }
 
-    static Krb5NameElement getInstance(PrincipalName principalName) {
+    public static Krb5NameElement getInstance(PrincipalName principalName) {
         return new Krb5NameElement(principalName,
                                    principalName.getName(),
                                    Krb5MechFactory.NT_GSS_KRB5_PRINCIPAL);
--- a/src/java.security.jgss/share/classes/sun/security/jgss/krb5/Krb5ProxyCredential.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.security.jgss/share/classes/sun/security/jgss/krb5/Krb5ProxyCredential.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2012, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -26,10 +26,17 @@
 package sun.security.jgss.krb5;
 
 import org.ietf.jgss.*;
+import sun.security.jgss.GSSCaller;
 import sun.security.jgss.spi.*;
-import java.util.Date;
+
+import java.io.IOException;
+
+import sun.security.krb5.Credentials;
+import sun.security.krb5.KrbException;
 import sun.security.krb5.internal.Ticket;
 
+import javax.security.auth.kerberos.KerberosTicket;
+
 /**
  * Implements the krb5 proxy credential element used in constrained
  * delegation. It is used in both impersonation (where there is no Kerberos 5
@@ -112,4 +119,24 @@
         throw new GSSException(GSSException.FAILURE, -1,
                 "Only an initiate credentials can impersonate");
     }
+
+    // Try to see if a default credential should act as an impersonator.
+    static Krb5CredElement tryImpersonation(GSSCaller caller,
+            Krb5InitCredential initiator) throws GSSException {
+
+        try {
+            KerberosTicket proxy = initiator.proxyTicket;
+            if (proxy != null) {
+                Credentials proxyCreds = Krb5Util.ticketToCreds(proxy);
+                return new Krb5ProxyCredential(initiator,
+                        Krb5NameElement.getInstance(proxyCreds.getClient()),
+                        proxyCreds.getTicket());
+            } else {
+                return initiator;
+            }
+        } catch (KrbException | IOException e) {
+            throw new GSSException(GSSException.DEFECTIVE_CREDENTIAL, -1,
+                    "Cannot create proxy credential");
+        }
+    }
 }
--- a/src/java.security.jgss/share/classes/sun/security/jgss/krb5/Krb5Util.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.security.jgss/share/classes/sun/security/jgss/krb5/Krb5Util.java	Fri Oct 18 09:25:06 2019 -0700
@@ -60,11 +60,8 @@
     /**
      * Retrieves the ticket corresponding to the client/server principal
      * pair from the Subject in the specified AccessControlContext.
-     * If the ticket can not be found in the Subject, and if
-     * useSubjectCredsOnly is false, then obtain ticket from
-     * a LoginContext.
      */
-    static KerberosTicket getTicket(GSSCaller caller,
+    static KerberosTicket getServiceTicket(GSSCaller caller,
         String clientPrincipal, String serverPrincipal,
         AccessControlContext acc) throws LoginException {
 
@@ -74,11 +71,31 @@
             SubjectComber.find(accSubj, serverPrincipal, clientPrincipal,
                   KerberosTicket.class);
 
+        return ticket;
+    }
+
+    /**
+     * Retrieves the initial TGT corresponding to the client principal
+     * from the Subject in the specified AccessControlContext.
+     * If the ticket can not be found in the Subject, and if
+     * useSubjectCredsOnly is false, then obtain ticket from
+     * a LoginContext.
+     */
+    static KerberosTicket getInitialTicket(GSSCaller caller,
+            String clientPrincipal,
+            AccessControlContext acc) throws LoginException {
+
+        // Try to get ticket from acc's Subject
+        Subject accSubj = Subject.getSubject(acc);
+        KerberosTicket ticket =
+                SubjectComber.find(accSubj, null, clientPrincipal,
+                        KerberosTicket.class);
+
         // Try to get ticket from Subject obtained from GSSUtil
         if (ticket == null && !GSSUtil.useSubjectCredsOnly(caller)) {
             Subject subject = GSSUtil.login(caller, GSSUtil.GSS_KRB5_MECH_OID);
             ticket = SubjectComber.find(subject,
-                serverPrincipal, clientPrincipal, KerberosTicket.class);
+                    null, clientPrincipal, KerberosTicket.class);
         }
         return ticket;
     }
--- a/src/java.security.jgss/share/classes/sun/security/krb5/Credentials.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.security.jgss/share/classes/sun/security/krb5/Credentials.java	Fri Oct 18 09:25:06 2019 -0700
@@ -59,13 +59,23 @@
     KerberosTime endTime;
     KerberosTime renewTill;
     HostAddresses cAddr;
-    EncryptionKey serviceKey;
     AuthorizationData authzData;
     private static boolean DEBUG = Krb5.DEBUG;
     private static CredentialsCache cache;
     static boolean alreadyLoaded = false;
     private static boolean alreadyTried = false;
 
+    private Credentials proxy = null;
+
+    public Credentials getProxy() {
+        return proxy;
+    }
+
+    public Credentials setProxy(Credentials proxy) {
+        this.proxy = proxy;
+        return this;
+    }
+
     // Read native ticket with session key type in the given list
     private static native Credentials acquireDefaultNativeCreds(int[] eTypes);
 
@@ -361,20 +371,19 @@
             return null;
         }
 
-        sun.security.krb5.internal.ccache.Credentials tgtCred  =
-            ccache.getDefaultCreds();
+        Credentials tgtCred = ccache.getInitialCreds();
 
         if (tgtCred == null) {
             return null;
         }
 
-        if (EType.isSupported(tgtCred.getEType())) {
-            return tgtCred.setKrbCreds();
+        if (EType.isSupported(tgtCred.key.getEType())) {
+            return tgtCred;
         } else {
             if (DEBUG) {
                 System.out.println(
                     ">>> unsupported key type found the default TGT: " +
-                    tgtCred.getEType());
+                    tgtCred.key.getEType());
             }
             return null;
         }
@@ -409,20 +418,19 @@
             cache = CredentialsCache.getInstance();
         }
         if (cache != null) {
-            sun.security.krb5.internal.ccache.Credentials temp =
-                cache.getDefaultCreds();
+            Credentials temp = cache.getInitialCreds();
             if (temp != null) {
                 if (DEBUG) {
                     System.out.println(">>> KrbCreds found the default ticket"
                             + " granting ticket in credential cache.");
                 }
-                if (EType.isSupported(temp.getEType())) {
-                    result = temp.setKrbCreds();
+                if (EType.isSupported(temp.key.getEType())) {
+                    result = temp;
                 } else {
                     if (DEBUG) {
                         System.out.println(
                             ">>> unsupported key type found the default TGT: " +
-                            temp.getEType());
+                            temp.key.getEType());
                     }
                 }
             }
@@ -499,10 +507,6 @@
         return cache;
     }
 
-    public EncryptionKey getServiceKey() {
-        return serviceKey;
-    }
-
     /*
      * Prints out debug info.
      */
--- a/src/java.security.jgss/share/classes/sun/security/krb5/JavaxSecurityAuthKerberosAccess.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.security.jgss/share/classes/sun/security/krb5/JavaxSecurityAuthKerberosAccess.java	Fri Oct 18 09:25:06 2019 -0700
@@ -28,8 +28,6 @@
 import javax.security.auth.kerberos.KerberosPrincipal;
 import javax.security.auth.kerberos.KerberosTicket;
 import javax.security.auth.kerberos.KeyTab;
-import sun.security.krb5.EncryptionKey;
-import sun.security.krb5.PrincipalName;
 
 /**
  * An unsafe tunnel to get non-public access to classes in the
@@ -49,4 +47,13 @@
     public KerberosPrincipal kerberosTicketGetServerAlias(KerberosTicket t);
 
     public void kerberosTicketSetServerAlias(KerberosTicket t, KerberosPrincipal a);
+    /**
+     * Returns the proxy for a KerberosTicket.
+     */
+    public KerberosTicket kerberosTicketGetProxy(KerberosTicket t);
+
+    /**
+     * Sets the proxy for a KerberosTicket.
+     */
+    public void kerberosTicketSetProxy(KerberosTicket t, KerberosTicket p);
 }
--- a/src/java.security.jgss/share/classes/sun/security/krb5/Realm.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.security.jgss/share/classes/sun/security/krb5/Realm.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -186,7 +186,6 @@
             return false;
         for (int i = 0; i < name.length(); i++) {
             if (name.charAt(i) == '/' ||
-                name.charAt(i) == ':' ||
                 name.charAt(i) == '\0') {
                 return false;
             }
--- a/src/java.security.jgss/share/classes/sun/security/krb5/internal/ccache/CCacheInputStream.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.security.jgss/share/classes/sun/security/krb5/internal/ccache/CCacheInputStream.java	Fri Oct 18 09:25:06 2019 -0700
@@ -325,16 +325,13 @@
     }
 
     /**
-     * Reads the next cred in stream.
-     * @return the next cred, null if ticket or second_ticket unparseable.
+     * Reads the next cred or config entry in stream.
+     * @return the next cred or config entry, null if data unparseable.
      *
-     * Note: MIT krb5 1.8.1 might generate a config entry with server principal
-     * X-CACHECONF:/krb5_ccache_conf_data/fast_avail/krbtgt/REALM@REALM. The
-     * entry is used by KDC to inform the client that it support certain
-     * features. Its ticket is not a valid krb5 ticket and thus this method
-     * returns null.
+     * When data is unparseable, this method makes sure the correct number of
+     * bytes are consumed so it's safe to start reading the next element.
      */
-    Credentials readCred(int version) throws IOException,RealmException, KrbApErrException, Asn1Exception {
+    Object readCred(int version) throws IOException,RealmException, KrbApErrException, Asn1Exception {
         PrincipalName cpname = null;
         try {
             cpname = readPrincipal(version);
@@ -396,12 +393,23 @@
         }
 
         try {
+            if (spname.getRealmString().equals("X-CACHECONF:")) {
+                String[] nameParts = spname.getNameStrings();
+                if (nameParts[0].equals("krb5_ccache_conf_data")) {
+                    return new CredentialsCache.ConfigEntry(nameParts[1],
+                            nameParts.length > 2 ? new PrincipalName(nameParts[2]) : null,
+                            ticketData);
+                }
+            }
             return new Credentials(cpname, spname, key, authtime, starttime,
-                endtime, renewTill, skey, tFlags,
-                addrs, auData,
-                ticketData != null ? new Ticket(ticketData) : null,
-                ticketData2 != null ? new Ticket(ticketData2) : null);
+                    endtime, renewTill, skey, tFlags,
+                    addrs, auData,
+                    ticketData != null ? new Ticket(ticketData) : null,
+                    ticketData2 != null ? new Ticket(ticketData2) : null);
         } catch (Exception e) {     // If any of new Ticket(*) fails.
+            if (DEBUG) {
+                e.printStackTrace(System.out);
+            }
             return null;
         }
     }
--- a/src/java.security.jgss/share/classes/sun/security/krb5/internal/ccache/CCacheOutputStream.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.security.jgss/share/classes/sun/security/krb5/internal/ccache/CCacheOutputStream.java	Fri Oct 18 09:25:06 2019 -0700
@@ -31,7 +31,6 @@
 package sun.security.krb5.internal.ccache;
 
 import java.io.IOException;
-import java.io.FileOutputStream;
 import java.io.OutputStream;
 import sun.security.krb5.internal.util.KrbDataOutputStream;
 import sun.security.krb5.*;
@@ -98,6 +97,21 @@
         writeTicket(creds.secondTicket);
     }
 
+    public void addConfigEntry(PrincipalName cname, CredentialsCache.ConfigEntry e)
+            throws IOException {
+        cname.writePrincipal(this);
+        e.getSName().writePrincipal(this);
+        write16(0); write16(0); write32(0);
+        write32(0); write32(0); write32(0); write32(0);
+        write8(0);
+        write32(0);
+        write32(0);
+        write32(0);
+        write32(e.getData().length);
+        write(e.getData());
+        write32(0);
+    }
+
     void writeTicket(Ticket t) throws IOException, Asn1Exception {
         if (t == null) {
             write32(0);
--- a/src/java.security.jgss/share/classes/sun/security/krb5/internal/ccache/Credentials.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.security.jgss/share/classes/sun/security/krb5/internal/ccache/Credentials.java	Fri Oct 18 09:25:06 2019 -0700
@@ -169,6 +169,18 @@
         return sname;
     }
 
+    public Ticket getTicket() throws RealmException {
+        return ticket;
+    }
+
+    public PrincipalName getServicePrincipal2() throws RealmException {
+        return secondTicket == null ? null : secondTicket.sname;
+    }
+
+    public PrincipalName getClientPrincipal() throws RealmException {
+        return cname;
+    }
+
     public sun.security.krb5.Credentials setKrbCreds() {
         // Note: We will not pass authorizationData to s.s.k.Credentials. The
         // field in that class will be passed to Krb5Context as the return
@@ -209,7 +221,15 @@
         return key.getEType();
     }
 
+    public EncryptionKey getKey() {
+        return key;
+    }
+
     public int getTktEType() {
         return ticket.encPart.getEType();
     }
+
+    public int getTktEType2() {
+        return (secondTicket == null) ? 0 : secondTicket.encPart.getEType();
+    }
 }
--- a/src/java.security.jgss/share/classes/sun/security/krb5/internal/ccache/CredentialsCache.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.security.jgss/share/classes/sun/security/krb5/internal/ccache/CredentialsCache.java	Fri Oct 18 09:25:06 2019 -0700
@@ -32,14 +32,9 @@
 
 import sun.security.krb5.*;
 import sun.security.krb5.internal.*;
-import java.util.StringTokenizer;
-import java.util.Vector;
+
+import java.util.List;
 import java.io.IOException;
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileOutputStream;
-import java.io.BufferedReader;
-import java.io.InputStreamReader;
 
 /**
  * CredentialsCache stores credentials(tickets, session keys, etc) in a semi-permanent store
@@ -120,6 +115,62 @@
     public abstract void save() throws IOException, KrbException;
     public abstract Credentials[] getCredsList();
     public abstract Credentials getDefaultCreds();
+    public abstract sun.security.krb5.Credentials getInitialCreds();
     public abstract Credentials getCreds(PrincipalName sname);
     public abstract Credentials getCreds(LoginOptions options, PrincipalName sname);
+    public abstract void addConfigEntry(ConfigEntry e);
+    public abstract List<ConfigEntry> getConfigEntries();
+
+    public ConfigEntry getConfigEntry(String name) {
+        List<ConfigEntry> entries = getConfigEntries();
+        if (entries != null) {
+            for (ConfigEntry e : entries) {
+                if (e.getName().equals(name)) {
+                    return e;
+                }
+            }
+        }
+        return null;
+    }
+
+    public static class ConfigEntry {
+
+        public ConfigEntry(String name, PrincipalName princ, byte[] data) {
+            this.name = name;
+            this.princ = princ;
+            this.data = data;
+        }
+
+        private final String name;
+        private final PrincipalName princ;
+        private final byte[] data; // not worth cloning
+
+        public String getName() {
+            return name;
+        }
+
+        public PrincipalName getPrinc() {
+            return princ;
+        }
+
+        public byte[] getData() {
+            return data;
+        }
+
+        @Override
+        public String toString() {
+            return name + (princ != null ? ("." + princ) : "")
+                    + ": " + new String(data);
+        }
+
+        public PrincipalName getSName() {
+            try {
+                return new PrincipalName("krb5_ccache_conf_data/" + name
+                        + (princ != null ? ("/" + princ) : "")
+                        + "@X-CACHECONF:");
+            } catch (RealmException e) {
+                throw new AssertionError(e);
+            }
+        }
+    }
 }
--- a/src/java.security.jgss/share/classes/sun/security/krb5/internal/ccache/FileCredentialsCache.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.security.jgss/share/classes/sun/security/krb5/internal/ccache/FileCredentialsCache.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -36,6 +36,12 @@
 import sun.security.action.GetPropertyAction;
 import sun.security.krb5.*;
 import sun.security.krb5.internal.*;
+import sun.security.util.SecurityProperties;
+
+import java.nio.charset.StandardCharsets;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
 import java.util.StringTokenizer;
 import java.util.Vector;
 import java.io.IOException;
@@ -182,9 +188,13 @@
                 primaryPrincipal = p;
             credentialsList = new Vector<Credentials>();
             while (cis.available() > 0) {
-                Credentials cred = cis.readCred(version);
+                Object cred = cis.readCred(version);
                 if (cred != null) {
-                    credentialsList.addElement(cred);
+                    if (cred instanceof Credentials) {
+                        credentialsList.addElement((Credentials)cred);
+                    } else {
+                        addConfigEntry((CredentialsCache.ConfigEntry)cred);
+                    }
                 }
             }
         }
@@ -255,6 +265,9 @@
                     cos.addCreds(tmp[i]);
                 }
             }
+            for (ConfigEntry e : getConfigEntries()) {
+                cos.addConfigEntry(primaryPrincipal, e);
+            }
         }
     }
 
@@ -307,6 +320,17 @@
         }
     }
 
+    private List<ConfigEntry> configEntries = new ArrayList<>();
+
+    @Override
+    public void addConfigEntry(ConfigEntry e) {
+        configEntries.add(e);
+    }
+
+    @Override
+    public List<ConfigEntry> getConfigEntries() {
+        return Collections.unmodifiableList(configEntries);
+    }
 
     /**
      * Gets a credentials for a specified service.
@@ -326,6 +350,81 @@
         return null;
     }
 
+    public sun.security.krb5.Credentials getInitialCreds() {
+
+        Credentials defaultCreds = getDefaultCreds();
+        if (defaultCreds == null) {
+            return null;
+        }
+        sun.security.krb5.Credentials tgt = defaultCreds.setKrbCreds();
+
+        CredentialsCache.ConfigEntry entry = getConfigEntry("proxy_impersonator");
+        if (entry == null) {
+            if (DEBUG) {
+                System.out.println("get normal credential");
+            }
+            return tgt;
+        }
+
+        boolean force;
+        String prop = SecurityProperties.privilegedGetOverridable(
+                "jdk.security.krb5.default.initiate.credential");
+        if (prop == null) {
+            prop = "always-impersonate";
+        }
+        switch (prop) {
+            case "no-impersonate": // never try impersonation
+                if (DEBUG) {
+                    System.out.println("get normal credential");
+                }
+                return tgt;
+            case "try-impersonate":
+                force = false;
+                break;
+            case "always-impersonate":
+                force = true;
+                break;
+            default:
+                throw new RuntimeException(
+                        "Invalid jdk.security.krb5.default.initiate.credential");
+        }
+
+        try {
+            PrincipalName service = new PrincipalName(
+                    new String(entry.getData(), StandardCharsets.UTF_8));
+            if (!tgt.getClient().equals(service)) {
+                if (DEBUG) {
+                    System.out.println("proxy_impersonator does not match service name");
+                }
+                return force ? null : tgt;
+            }
+            PrincipalName client = getPrimaryPrincipal();
+            Credentials proxy = null;
+            for (Credentials c : getCredsList()) {
+                if (c.getClientPrincipal().equals(client)
+                        && c.getServicePrincipal().equals(service)) {
+                    proxy = c;
+                    break;
+                }
+            }
+            if (proxy == null) {
+                if (DEBUG) {
+                    System.out.println("Cannot find evidence ticket in ccache");
+                }
+                return force ? null : tgt;
+            }
+            if (DEBUG) {
+                System.out.println("Get proxied credential");
+            }
+            return tgt.setProxy(proxy.setKrbCreds());
+        } catch (KrbException e) {
+            if (DEBUG) {
+                System.out.println("Impersonation with ccache failed");
+            }
+            return force ? null : tgt;
+        }
+    }
+
     public Credentials getDefaultCreds() {
         Credentials[] list = getCredsList();
         if (list == null) {
--- a/src/java.security.jgss/windows/classes/sun/security/krb5/internal/tools/Klist.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.security.jgss/windows/classes/sun/security/krb5/internal/tools/Klist.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -31,6 +31,8 @@
 package sun.security.krb5.internal.tools;
 
 import java.net.InetAddress;
+import java.util.List;
+
 import sun.security.krb5.*;
 import sun.security.krb5.internal.*;
 import sun.security.krb5.internal.ccache.*;
@@ -249,6 +251,8 @@
                     String endtime;
                     String renewTill;
                     String servicePrincipal;
+                    PrincipalName servicePrincipal2;
+                    String clientPrincipal;
                     if (creds[i].getStartTime() != null) {
                         starttime = format(creds[i].getStartTime());
                     } else {
@@ -260,6 +264,18 @@
                     System.out.println("[" + (i + 1) + "] " +
                                        " Service Principal:  " +
                                        servicePrincipal);
+                    servicePrincipal2 =
+                            creds[i].getServicePrincipal2();
+                    if (servicePrincipal2 != null) {
+                        System.out.println("     Second Service:     "
+                                + servicePrincipal2);
+                    }
+                    clientPrincipal =
+                            creds[i].getClientPrincipal().toString();
+                    if (!clientPrincipal.equals(defaultPrincipal)) {
+                        System.out.println("     Client Principal:   " +
+                                clientPrincipal);
+                    }
                     System.out.println("     Valid starting:     " + starttime);
                     System.out.println("     Expires:            " + endtime);
                     if (creds[i].getRenewTill() != null) {
@@ -270,8 +286,15 @@
                     if (options[0] == 'e') {
                         String eskey = EType.toString(creds[i].getEType());
                         String etkt = EType.toString(creds[i].getTktEType());
-                        System.out.println("     EType (skey, tkt):  "
-                                + eskey + ", " + etkt);
+                        if (creds[i].getTktEType2() == 0) {
+                            System.out.println("     EType (skey, tkt):  "
+                                    + eskey + ", " + etkt);
+                        } else {
+                            String etkt2 = EType.toString(creds[i].getTktEType2());
+                            System.out.println("     EType (skey, tkts): "
+                                    + eskey + ", " + etkt
+                                    + ", " + etkt2);
+                        }
                     }
                     if (options[1] == 'f') {
                         System.out.println("     Flags:              " +
@@ -310,6 +333,15 @@
         } else {
             System.out.println("\nNo entries found.");
         }
+
+        List<CredentialsCache.ConfigEntry> configEntries
+                = cache.getConfigEntries();
+        if (configEntries != null && !configEntries.isEmpty()) {
+            System.out.println("\nConfig entries:");
+            for (CredentialsCache.ConfigEntry e : configEntries) {
+                System.out.println("     " + e);
+            }
+        }
     }
 
     void displayMessage(String target) {
--- a/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/XMLDSigRI.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/XMLDSigRI.java	Fri Oct 18 09:25:06 2019 -0700
@@ -134,7 +134,8 @@
     }
 
     public XMLDSigRI() {
-        /* We are the XMLDSig provider */
+        // This is the JDK XMLDSig provider, synced from
+        // Apache Santuario XML Security for Java, version 2.1.3
         super("XMLDSig", VER, INFO);
 
         final Provider p = this;
--- a/src/java.xml/share/classes/com/sun/org/apache/xpath/internal/XPath.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.xml/share/classes/com/sun/org/apache/xpath/internal/XPath.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved.
  */
 /*
  * Licensed to the Apache Software Foundation (ASF) under one or more
@@ -40,7 +40,7 @@
  * The XPath class wraps an expression object and provides general services
  * for execution of that expression.
  * @xsl.usage advanced
- * @LastModified: Oct 2017
+ * @LastModified: May 2019
  */
 public class XPath implements Serializable, ExpressionOwner
 {
@@ -179,10 +179,12 @@
     else if (MATCH == type)
       parser.initMatchPattern(compiler, exprString, prefixResolver);
     else
-      throw new RuntimeException(XSLMessages.createXPATHMessage(XPATHErrorResources.ER_CANNOT_DEAL_XPATH_TYPE, new Object[]{Integer.toString(type)})); //"Can not deal with XPath type: " + type);
+      throw new RuntimeException(XSLMessages.createXPATHMessage(
+              XPATHErrorResources.ER_CANNOT_DEAL_XPATH_TYPE,
+              new Object[]{Integer.toString(type)}));
 
     // System.out.println("----------------");
-    Expression expr = compiler.compile(0);
+    Expression expr = compiler.compileExpression(0);
 
     // System.out.println("expr: "+expr);
     this.setExpression(expr);
@@ -234,7 +236,7 @@
             //"Can not deal with XPath type: " + type);
 
     // System.out.println("----------------");
-    Expression expr = compiler.compile(0);
+    Expression expr = compiler.compileExpression(0);
 
     // System.out.println("expr: "+expr);
     this.setExpression(expr);
--- a/src/java.xml/share/classes/com/sun/org/apache/xpath/internal/axes/FilterExprWalker.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.xml/share/classes/com/sun/org/apache/xpath/internal/axes/FilterExprWalker.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved.
  */
 /*
  * Licensed to the Apache Software Foundation (ASF) under one or more
@@ -37,7 +37,7 @@
  * Walker for the OP_VARIABLE, or OP_EXTFUNCTION, or OP_FUNCTION, or OP_GROUP,
  * op codes.
  * @see <a href="http://www.w3.org/TR/xpath#NT-FilterExpr">XPath FilterExpr descriptions</a>
- * @LastModified: Oct 2017
+ * @LastModified: May 2019
  */
 public class FilterExprWalker extends AxesWalker
 {
@@ -77,7 +77,7 @@
         m_mustHardReset = true;
     case OpCodes.OP_GROUP :
     case OpCodes.OP_VARIABLE :
-      m_expr = compiler.compile(opPos);
+      m_expr = compiler.compileExpression(opPos);
       m_expr.exprSetParent(this);
       //if((OpCodes.OP_FUNCTION == stepType) && (m_expr instanceof com.sun.org.apache.xalan.internal.templates.FuncKey))
       if(m_expr instanceof com.sun.org.apache.xpath.internal.operations.Variable)
@@ -87,7 +87,7 @@
       }
       break;
     default :
-      m_expr = compiler.compile(opPos + 2);
+      m_expr = compiler.compileExpression(opPos + 2);
       m_expr.exprSetParent(this);
     }
 //    if(m_expr instanceof WalkingIterator)
--- a/src/java.xml/share/classes/com/sun/org/apache/xpath/internal/axes/WalkerFactory.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.xml/share/classes/com/sun/org/apache/xpath/internal/axes/WalkerFactory.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved.
  */
 /*
  * Licensed to the Apache Software Foundation (ASF) under one or more
@@ -41,7 +41,7 @@
  * which are built from the opcode map output, and an analysis engine
  * for the location path expressions in order to provide optimization hints.
  *
- * @LastModified: Oct 2017
+ * @LastModified: May 2019
  */
 public class WalkerFactory
 {
@@ -1008,10 +1008,10 @@
       case OpCodes.OP_EXTFUNCTION :
       case OpCodes.OP_FUNCTION :
       case OpCodes.OP_GROUP :
-        expr = compiler.compile(opPos);
+        expr = compiler.compileExpression(opPos);
         break;
       default :
-        expr = compiler.compile(opPos + 2);
+        expr = compiler.compileExpression(opPos + 2);
       }
 
       axis = Axis.FILTEREDLIST;
--- a/src/java.xml/share/classes/com/sun/org/apache/xpath/internal/compiler/Compiler.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.xml/share/classes/com/sun/org/apache/xpath/internal/compiler/Compiler.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,6 +1,5 @@
 /*
- * reserved comment block
- * DO NOT REMOVE OR ALTER!
+ * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
  */
 /*
  * Licensed to the Apache Software Foundation (ASF) under one or more
@@ -70,9 +69,12 @@
  * of operation codes (op map) and then builds from that into an Expression
  * tree.
  * @xsl.usage advanced
+ * @LastModified: May 2019
  */
 public class Compiler extends OpMap
 {
+  // count the number of operations or calls to compileOperation
+  int countOp;
 
   /**
    * Construct a Compiler object with a specific ErrorListener and
@@ -106,15 +108,40 @@
 
   /**
    * Execute the XPath object from a given opcode position.
+   *
+   * Note that this method is added so that when StackOverflowError is caught
+   * the address space can be freed to this point allowing further activities
+   * such as reporting the error.
+   *
    * @param opPos The current position in the xpath.m_opMap array.
    * @return The result of the XPath.
    *
    * @throws TransformerException if there is a syntax or other error.
    * @xsl.usage advanced
    */
-  public Expression compile(int opPos) throws TransformerException
+   public Expression compileExpression(int opPos) throws TransformerException
+   {
+       try {
+           countOp = 0;
+           return compile(opPos);
+       } catch (StackOverflowError sof) {
+           error(XPATHErrorResources.ER_COMPILATION_TOO_MANY_OPERATION, new Object[]{countOp});
+       }
+       return null;
+   }
+
+  /**
+   * This method handles the actual compilation process. It is called from the
+   * compileExpression method as well as the subsequent processes. See the note
+   * for compileExpression.
+   *
+   * @param opPos The current position in the xpath.m_opMap array.
+   * @return The result of the XPath.
+   *
+   * @throws TransformerException if there is a syntax or other error.
+   */
+  private Expression compile(int opPos) throws TransformerException
   {
-
     int op = getOp(opPos);
 
     Expression expr = null;
@@ -210,6 +237,7 @@
   private Expression compileOperation(Operation operation, int opPos)
           throws TransformerException
   {
+    ++countOp;
 
     int leftPos = getFirstChildPos(opPos);
     int rightPos = getNextOpPos(leftPos);
--- a/src/java.xml/share/classes/com/sun/org/apache/xpath/internal/compiler/XPathParser.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.xml/share/classes/com/sun/org/apache/xpath/internal/compiler/XPathParser.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved.
  */
 /*
  * Licensed to the Apache Software Foundation (ASF) under one or more
@@ -34,6 +34,7 @@
  * Tokenizes and parses XPath expressions. This should really be named
  * XPathParserImpl, and may be renamed in the future.
  * @xsl.usage general
+ * @LastModified: May 2019
  */
 public class XPathParser
 {
@@ -71,6 +72,9 @@
   protected final static int FILTER_MATCH_PRIMARY    = 1;
   protected final static int FILTER_MATCH_PREDICATES = 2;
 
+  // counts open predicates
+  private int countPredicate;
+
   /**
    * The parser constructor.
    */
@@ -157,6 +161,9 @@
           }
           else
                 throw e;
+    } catch (StackOverflowError sof) {
+        error(XPATHErrorResources.ER_PREDICATE_TOO_MANY_OPEN,
+              new Object[]{m_token, m_queueMark, countPredicate});
     }
 
     compiler.shrink();
@@ -190,7 +197,12 @@
     m_ops.setOp(OpMap.MAPINDEX_LENGTH, 2);
 
     nextToken();
-    Pattern();
+    try {
+        Pattern();
+    } catch (StackOverflowError sof) {
+        error(XPATHErrorResources.ER_PREDICATE_TOO_MANY_OPEN,
+              new Object[]{m_token, m_queueMark, countPredicate});
+    }
 
     if (null != m_token)
     {
@@ -741,7 +753,7 @@
    */
   protected void Expr() throws javax.xml.transform.TransformerException
   {
-    OrExpr();
+       OrExpr();
   }
 
   /**
@@ -1883,11 +1895,12 @@
    */
   protected void Predicate() throws javax.xml.transform.TransformerException
   {
-
     if (tokenIs('['))
     {
+      countPredicate++;
       nextToken();
       PredicateExpr();
+      countPredicate--;
       consumeExpected(']');
     }
   }
--- a/src/java.xml/share/classes/com/sun/org/apache/xpath/internal/res/XPATHErrorResources.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/java.xml/share/classes/com/sun/org/apache/xpath/internal/res/XPATHErrorResources.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,6 +1,5 @@
 /*
- * reserved comment block
- * DO NOT REMOVE OR ALTER!
+ * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
  */
 /*
  * Licensed to the Apache Software Foundation (ASF) under one or more
@@ -32,6 +31,7 @@
   * Also you need to  update the count of messages(MAX_CODE)or
  * the count of warnings(MAX_WARNING) [ Information purpose only]
  * @xsl.usage advanced
+ * @LastModified: May 2019
  */
 public class XPATHErrorResources extends ListResourceBundle
 {
@@ -150,6 +150,10 @@
          "ER_FOUND_COMMA_BUT_NO_FOLLOWING_ARG";
   public static final String ER_PREDICATE_ILLEGAL_SYNTAX =
          "ER_PREDICATE_ILLEGAL_SYNTAX";
+  public static final String ER_PREDICATE_TOO_MANY_OPEN =
+         "ER_PREDICATE_TOO_MANY_OPEN";
+  public static final String ER_COMPILATION_TOO_MANY_OPERATION =
+         "ER_COMPILATION_TOO_MANY_OPERATION";
   public static final String ER_ILLEGAL_AXIS_NAME = "ER_ILLEGAL_AXIS_NAME";
   public static final String ER_UNKNOWN_NODETYPE = "ER_UNKNOWN_NODETYPE";
   public static final String ER_PATTERN_LITERAL_NEEDS_BE_QUOTED =
@@ -464,6 +468,12 @@
   { ER_PREDICATE_ILLEGAL_SYNTAX,
       "'..[predicate]' or '.[predicate]' is illegal syntax.  Use 'self::node()[predicate]' instead."},
 
+  { ER_PREDICATE_TOO_MANY_OPEN,
+      "Stack overflow while parsing {0} at {1}. Too many open predicates({2})."},
+
+  { ER_COMPILATION_TOO_MANY_OPERATION,
+      "Stack overflow while compiling the expression. Too many operations({0})."},
+
   { ER_ILLEGAL_AXIS_NAME,
      "illegal axis name: {0}"},
 
--- a/src/jdk.internal.vm.ci/share/classes/jdk.vm.ci.hotspot.aarch64/src/jdk/vm/ci/hotspot/aarch64/AArch64HotSpotJVMCIBackendFactory.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/jdk.internal.vm.ci/share/classes/jdk.vm.ci.hotspot.aarch64/src/jdk/vm/ci/hotspot/aarch64/AArch64HotSpotJVMCIBackendFactory.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2015, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -127,8 +127,8 @@
         return new HotSpotConstantReflectionProvider(runtime);
     }
 
-    private static RegisterConfig createRegisterConfig(AArch64HotSpotVMConfig config, TargetDescription target) {
-        return new AArch64HotSpotRegisterConfig(target, config.useCompressedOops);
+    private static RegisterConfig createRegisterConfig(TargetDescription target) {
+        return new AArch64HotSpotRegisterConfig(target);
     }
 
     protected HotSpotCodeCacheProvider createCodeCache(HotSpotJVMCIRuntime runtime, TargetDescription target, RegisterConfig regConfig) {
@@ -167,7 +167,7 @@
                 metaAccess = createMetaAccess(runtime);
             }
             try (InitTimer rt = timer("create RegisterConfig")) {
-                regConfig = createRegisterConfig(config, target);
+                regConfig = createRegisterConfig(target);
             }
             try (InitTimer rt = timer("create CodeCache provider")) {
                 codeCache = createCodeCache(runtime, target, regConfig);
--- a/src/jdk.internal.vm.ci/share/classes/jdk.vm.ci.hotspot.aarch64/src/jdk/vm/ci/hotspot/aarch64/AArch64HotSpotRegisterConfig.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/jdk.internal.vm.ci/share/classes/jdk.vm.ci.hotspot.aarch64/src/jdk/vm/ci/hotspot/aarch64/AArch64HotSpotRegisterConfig.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2015, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -126,11 +126,19 @@
     public static final Register threadRegister = r28;
     public static final Register fp = r29;
 
-    private static final RegisterArray reservedRegisters = new RegisterArray(rscratch1, rscratch2, threadRegister, fp, lr, r31, zr, sp);
+    /**
+     * The heapBaseRegister, i.e. r27, is reserved unconditionally because HotSpot does not intend
+     * to support it as an allocatable register even when compressed oops is off. This register is
+     * excluded from callee-saved register at
+     * cpu/aarch64/sharedRuntime_aarch64.cpp:RegisterSaver::save_live_registers, which may lead to
+     * dereferencing unknown value from the stack at
+     * share/runtime/stackValue.cpp:StackValue::create_stack_value during deoptimization.
+     */
+    private static final RegisterArray reservedRegisters = new RegisterArray(rscratch1, rscratch2, heapBaseRegister, threadRegister, fp, lr, r31, zr, sp);
 
-    private static RegisterArray initAllocatable(Architecture arch, boolean reserveForHeapBase) {
+    private static RegisterArray initAllocatable(Architecture arch) {
         RegisterArray allRegisters = arch.getAvailableValueRegisters();
-        Register[] registers = new Register[allRegisters.size() - reservedRegisters.size() - (reserveForHeapBase ? 1 : 0)];
+        Register[] registers = new Register[allRegisters.size() - reservedRegisters.size()];
         List<Register> reservedRegistersList = reservedRegisters.asList();
 
         int idx = 0;
@@ -139,12 +147,7 @@
                 // skip reserved registers
                 continue;
             }
-            assert !(reg.equals(threadRegister) || reg.equals(fp) || reg.equals(lr) || reg.equals(r31) || reg.equals(zr) || reg.equals(sp));
-            if (reserveForHeapBase && reg.equals(heapBaseRegister)) {
-                // skip heap base register
-                continue;
-            }
-
+            assert !(reg.equals(heapBaseRegister) || reg.equals(threadRegister) || reg.equals(fp) || reg.equals(lr) || reg.equals(r31) || reg.equals(zr) || reg.equals(sp)) : reg;
             registers[idx++] = reg;
         }
 
@@ -152,8 +155,8 @@
         return new RegisterArray(registers);
     }
 
-    public AArch64HotSpotRegisterConfig(TargetDescription target, boolean useCompressedOops) {
-        this(target, initAllocatable(target.arch, useCompressedOops));
+    public AArch64HotSpotRegisterConfig(TargetDescription target) {
+        this(target, initAllocatable(target.arch));
         assert callerSaved.size() >= allocatable.size();
     }
 
--- a/src/jdk.javadoc/share/classes/jdk/javadoc/internal/doclets/toolkit/util/JavaScriptScanner.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/jdk.javadoc/share/classes/jdk/javadoc/internal/doclets/toolkit/util/JavaScriptScanner.java	Fri Oct 18 09:25:06 2019 -0700
@@ -61,34 +61,8 @@
     public Void visitAttribute(AttributeTree tree, Consumer<DocTreePath> f) {
         String name = tree.getName().toString().toLowerCase(Locale.ENGLISH);
         switch (name) {
-            // See https://www.w3.org/TR/html-markup/global-attributes.html#common.attrs.event-handler
-            case "onabort":  case "onblur":  case "oncanplay":  case "oncanplaythrough":
-            case "onchange":  case "onclick":  case "oncontextmenu":  case "ondblclick":
-            case "ondrag":  case "ondragend":  case "ondragenter":  case "ondragleave":
-            case "ondragover":  case "ondragstart":  case "ondrop":  case "ondurationchange":
-            case "onemptied":  case "onended":  case "onerror":  case "onfocus":  case "oninput":
-            case "oninvalid":  case "onkeydown":  case "onkeypress":  case "onkeyup":
-            case "onload":  case "onloadeddata":  case "onloadedmetadata":  case "onloadstart":
-            case "onmousedown":  case "onmousemove":  case "onmouseout":  case "onmouseover":
-            case "onmouseup":  case "onmousewheel":  case "onpause":  case "onplay":
-            case "onplaying":  case "onprogress":  case "onratechange":  case "onreadystatechange":
-            case "onreset":  case "onscroll":  case "onseeked":  case "onseeking":
-            case "onselect":  case "onshow":  case "onstalled":  case "onsubmit":  case "onsuspend":
-            case "ontimeupdate":  case "onvolumechange":  case "onwaiting":
-
             // See https://www.w3.org/TR/html4/sgml/dtd.html
-            // Most of the attributes that take a %Script are also defined as event handlers
-            // in HTML 5. The one exception is onunload.
-            // case "onchange":  case "onclick":   case "ondblclick":  case "onfocus":
-            // case "onkeydown":  case "onkeypress":  case "onkeyup":  case "onload":
-            // case "onmousedown":  case "onmousemove":  case "onmouseout":  case "onmouseover":
-            // case "onmouseup":  case "onreset":  case "onselect":  case "onsubmit":
-            case "onunload":
-                f.accept(getCurrentPath());
-                break;
-
-            // See https://www.w3.org/TR/html4/sgml/dtd.html
-            //     https://www.w3.org/TR/html5/
+            //     https://www.w3.org/TR/html52/fullindex.html#attributes-table
             // These are all the attributes that take a %URI or a valid URL potentially surrounded
             // by spaces
             case "action":  case "cite":  case "classid":  case "codebase":  case "data":
@@ -102,6 +76,14 @@
                     }
                 }
                 break;
+            // See https://www.w3.org/TR/html52/webappapis.html#events-event-handlers
+            // An event handler has a name, which always starts with "on" and is followed by
+            // the name of the event for which it is intended.
+            default:
+                if (name.startsWith("on")) {
+                    f.accept(getCurrentPath());
+                }
+                break;
         }
         return super.visitAttribute(tree, f);
     }
--- a/src/jdk.jdi/share/classes/com/sun/jdi/InvocationException.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/jdk.jdi/share/classes/com/sun/jdi/InvocationException.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998, 2017, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -36,6 +36,7 @@
 
     private static final long serialVersionUID = 6066780907971918568L;
 
+    @SuppressWarnings("serial") // Not statically typed as Serializable
     ObjectReference exception;
 
     public InvocationException(ObjectReference exception) {
--- a/src/jdk.jdi/share/classes/com/sun/jdi/connect/IllegalConnectorArgumentsException.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/jdk.jdi/share/classes/com/sun/jdi/connect/IllegalConnectorArgumentsException.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998, 2017, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -40,6 +40,7 @@
 
     private static final long serialVersionUID = -3042212603611350941L;
 
+    @SuppressWarnings("serial") // Conditionally serializable
     List<String> names;
 
     /**
--- a/src/jdk.jdi/share/classes/com/sun/jdi/connect/VMStartException.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/jdk.jdi/share/classes/com/sun/jdi/connect/VMStartException.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998, 2017, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -38,6 +38,7 @@
 
     private static final long serialVersionUID = 6408644824640801020L;
 
+    @SuppressWarnings("serial") // Not statically typed as Serializable
     Process process;
 
     public VMStartException(Process process) {
--- a/src/jdk.scripting.nashorn/share/classes/jdk/nashorn/internal/runtime/regexp/JdkRegExp.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/jdk.scripting.nashorn/share/classes/jdk/nashorn/internal/runtime/regexp/JdkRegExp.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2010, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -82,6 +82,8 @@
             }
         } catch (final PatternSyntaxException e2) {
             throwParserException("syntax", e2.getMessage());
+        } catch (StackOverflowError e3) {
+            throw new RuntimeException(e3);
         }
     }
 
--- a/src/jdk.scripting.nashorn/share/classes/jdk/nashorn/internal/runtime/regexp/JoniRegExp.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/jdk.scripting.nashorn/share/classes/jdk/nashorn/internal/runtime/regexp/JoniRegExp.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2010, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -82,6 +82,8 @@
             }
         } catch (final PatternSyntaxException | JOniException e2) {
             throwParserException("syntax", e2.getMessage());
+        } catch (StackOverflowError e3) {
+            throw new RuntimeException(e3);
         }
     }
 
--- a/src/jdk.security.auth/share/classes/com/sun/security/auth/module/Krb5LoginModule.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/src/jdk.security.auth/share/classes/com/sun/security/auth/module/Krb5LoginModule.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -644,6 +644,7 @@
                         // renew if ticket is old.
                         Credentials newCred = renewCredentials(cred);
                         if (newCred != null) {
+                            newCred.setProxy(cred.getProxy());
                             cred = newCred;
                         }
                     }
@@ -1070,6 +1071,10 @@
             // create Kerberos Ticket
             if (isInitiator) {
                 kerbTicket = Krb5Util.credsToTicket(cred);
+                if (cred.getProxy() != null) {
+                    KerberosSecrets.getJavaxSecurityAuthKerberosAccess()
+                            .kerberosTicketSetProxy(kerbTicket,Krb5Util.credsToTicket(cred.getProxy()));
+                }
             }
 
             if (storeKey && encKeys != null) {
--- a/test/hotspot/jtreg/gc/CriticalNativeArgs.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/test/hotspot/jtreg/gc/CriticalNativeArgs.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2018, Red Hat, Inc. and/or its affiliates.
+ * Copyright (c) 2018, 2019, Red Hat, Inc. and/or its affiliates.
  *
  * This code is free software; you can redistribute it and/or modify it
  * under the terms of the GNU General Public License version 2 only, as
@@ -28,7 +28,7 @@
  * @key gc
  * @bug 8199868
  * @library /
- * @requires (os.arch =="x86_64" | os.arch == "amd64") & vm.gc.Epsilon & !vm.graal.enabled
+ * @requires (os.arch =="x86_64" | os.arch == "amd64" | os.arch=="x86" | os.arch=="i386") & vm.gc.Epsilon & !vm.graal.enabled
  * @summary test argument unpacking nmethod wrapper of critical native method
  * @run main/othervm/native -XX:+UnlockExperimentalVMOptions -XX:+UseEpsilonGC -Xcomp -Xmx256M -XX:+CriticalJNINatives gc.CriticalNativeArgs
  */
@@ -38,7 +38,7 @@
  * @key gc
  * @bug 8199868
  * @library /
- * @requires (os.arch =="x86_64" | os.arch == "amd64") & vm.gc.Shenandoah & !vm.graal.enabled
+ * @requires (os.arch =="x86_64" | os.arch == "amd64" | os.arch=="x86" | os.arch=="i386") & vm.gc.Shenandoah & !vm.graal.enabled
  * @summary test argument unpacking nmethod wrapper of critical native method
  * @run main/othervm/native -XX:+UnlockDiagnosticVMOptions -XX:+UnlockExperimentalVMOptions -XX:+UseShenandoahGC -XX:ShenandoahGCMode=passive    -XX:+ShenandoahDegeneratedGC -Xcomp -Xmx512M -XX:+CriticalJNINatives gc.CriticalNativeArgs
  * @run main/othervm/native -XX:+UnlockDiagnosticVMOptions -XX:+UnlockExperimentalVMOptions -XX:+UseShenandoahGC -XX:ShenandoahGCMode=passive    -XX:-ShenandoahDegeneratedGC -Xcomp -Xmx512M -XX:+CriticalJNINatives gc.CriticalNativeArgs
--- a/test/hotspot/jtreg/gc/epsilon/TestAlwaysPretouch.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/test/hotspot/jtreg/gc/epsilon/TestAlwaysPretouch.java	Fri Oct 18 09:25:06 2019 -0700
@@ -26,7 +26,12 @@
  * @key gc
  * @requires vm.gc.Epsilon & !vm.graal.enabled
  * @summary Basic sanity test for Epsilon
- * @run main/othervm -Xmx1g -XX:+AlwaysPreTouch -XX:+UnlockExperimentalVMOptions -XX:+UseEpsilonGC gc.epsilon.TestAlwaysPretouch
+ * @run main/othervm -Xms128m -Xmx1g                     -XX:+UnlockExperimentalVMOptions -XX:+UseEpsilonGC gc.epsilon.TestAlwaysPretouch
+ * @run main/othervm -Xms128m -Xmx1g -XX:-AlwaysPreTouch -XX:+UnlockExperimentalVMOptions -XX:+UseEpsilonGC gc.epsilon.TestAlwaysPretouch
+ * @run main/othervm -Xms128m -Xmx1g -XX:+AlwaysPreTouch -XX:+UnlockExperimentalVMOptions -XX:+UseEpsilonGC gc.epsilon.TestAlwaysPretouch
+ * @run main/othervm          -Xmx1g                     -XX:+UnlockExperimentalVMOptions -XX:+UseEpsilonGC gc.epsilon.TestAlwaysPretouch
+ * @run main/othervm          -Xmx1g -XX:-AlwaysPreTouch -XX:+UnlockExperimentalVMOptions -XX:+UseEpsilonGC gc.epsilon.TestAlwaysPretouch
+ * @run main/othervm          -Xmx1g -XX:+AlwaysPreTouch -XX:+UnlockExperimentalVMOptions -XX:+UseEpsilonGC gc.epsilon.TestAlwaysPretouch
  */
 
 package gc.epsilon;
--- a/test/hotspot/jtreg/gc/stress/CriticalNativeStress.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/test/hotspot/jtreg/gc/stress/CriticalNativeStress.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2018, Red Hat, Inc. and/or its affiliates.
+ * Copyright (c) 2018, 2019, Red Hat, Inc. and/or its affiliates.
  *
  * This code is free software; you can redistribute it and/or modify it
  * under the terms of the GNU General Public License version 2 only, as
@@ -31,7 +31,7 @@
  * @key gc
  * @bug 8199868
  * @library /
- * @requires (os.arch =="x86_64" | os.arch == "amd64") & vm.gc.Epsilon & !vm.graal.enabled
+ * @requires (os.arch =="x86_64" | os.arch == "amd64" | os.arch=="x86" | os.arch=="i386") & vm.gc.Epsilon & !vm.graal.enabled
  * @summary test argument pinning by nmethod wrapper of critical native method
  * @run main/othervm/native -XX:+UnlockExperimentalVMOptions -XX:+UseEpsilonGC -Xcomp -Xmx1G -XX:+CriticalJNINatives gc.stress.CriticalNativeStress
  */
@@ -41,7 +41,7 @@
  * @key gc
  * @bug 8199868
  * @library /
- * @requires (os.arch =="x86_64" | os.arch == "amd64") & vm.gc.Shenandoah & !vm.graal.enabled
+ * @requires (os.arch =="x86_64" | os.arch == "amd64" | os.arch=="x86" | os.arch=="i386") & vm.gc.Shenandoah & !vm.graal.enabled
  * @summary test argument pinning by nmethod wrapper of critical native method
  * @run main/othervm/native -XX:+UnlockDiagnosticVMOptions -XX:+UnlockExperimentalVMOptions -XX:+UseShenandoahGC -XX:ShenandoahGCMode=passive    -XX:-ShenandoahDegeneratedGC -Xcomp -Xmx512M -XX:+CriticalJNINatives gc.stress.CriticalNativeStress
  * @run main/othervm/native -XX:+UnlockDiagnosticVMOptions -XX:+UnlockExperimentalVMOptions -XX:+UseShenandoahGC -XX:ShenandoahGCMode=passive    -XX:+ShenandoahDegeneratedGC -Xcomp -Xmx512M -XX:+CriticalJNINatives gc.stress.CriticalNativeStress
--- a/test/hotspot/jtreg/runtime/cds/CheckDefaultArchiveFile.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/test/hotspot/jtreg/runtime/cds/CheckDefaultArchiveFile.java	Fri Oct 18 09:25:06 2019 -0700
@@ -25,6 +25,7 @@
  * @test Default CDS archive file
  * @summary JDK platforms/binaries do not support default CDS archive should
  *          not contain classes.jsa in the default location.
+ * @requires vm.cds
  * @library /test/lib
  * @build sun.hotspot.WhiteBox
  * @run driver ClassFileInstaller sun.hotspot.WhiteBox
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/hotspot/jtreg/runtime/exceptionMsgs/NullPointerException/NPEInHiddenTopFrameTest.java	Fri Oct 18 09:25:06 2019 -0700
@@ -0,0 +1,84 @@
+/*
+ * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2019 SAP SE. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/**
+ * @test
+ * @summary Test NullPointerException messages thrown in frames that
+ *   are hidden in the backtrace/stackTrace.
+ * @bug 8218628
+ * @library /test/lib
+ * @compile -g NPEInHiddenTopFrameTest.java
+ * @run main/othervm -XX:+UnlockDiagnosticVMOptions -XX:-ShowHiddenFrames -XX:+ShowCodeDetailsInExceptionMessages NPEInHiddenTopFrameTest hidden
+ * @run main/othervm -XX:+UnlockDiagnosticVMOptions -XX:+ShowHiddenFrames -XX:+ShowCodeDetailsInExceptionMessages NPEInHiddenTopFrameTest visible
+ */
+
+import jdk.test.lib.Asserts;
+
+public class NPEInHiddenTopFrameTest {
+
+    @FunctionalInterface
+    private static interface SomeFunctionalInterface {
+        String someMethod(String a, String b);
+    }
+
+    public static void checkMessage(String expression,
+                                    String obtainedMsg, String expectedMsg) {
+        System.out.println();
+        System.out.println(" source code: " + expression);
+        System.out.println("  thrown msg: " + obtainedMsg);
+        if (obtainedMsg == null && expectedMsg == null) return;
+        System.out.println("expected msg: " + expectedMsg);
+        Asserts.assertEquals(expectedMsg, obtainedMsg);
+    }
+
+    public static void main(String[] args) throws Exception {
+        boolean framesAreHidden = false;
+        if (args.length > 0) {
+            String arg = args[0];
+            if (arg.equals("hidden")) framesAreHidden = true;
+        }
+
+        try {
+            final SomeFunctionalInterface concatter = String::concat;
+            final String nullString = null;
+            if (concatter != null) {
+                // This throws NPE from the lambda expression which is a hidden frame.
+                concatter.someMethod(nullString, "validString");
+            }
+        } catch (NullPointerException e) {
+            checkMessage("concatter.someMethod(nullString, \"validString\");", e.getMessage(),
+                         framesAreHidden ?
+                         // This is the message that would be printed if the wrong method/bci are used:
+                         // "Cannot invoke 'NPEInHiddenTopFrameTest$SomeFunctionalInterface.someMethod(String, String)'" +
+                         // " because 'concatter' is null."
+                         // But the NPE message generation now recognizes this situation and skips the
+                         // message. So we expect null:
+                         null :
+                         // This is the correct message, but it describes code generated on-the-fly.
+                         // You get it if you disable hiding frames (-XX:+ShowHiddenframes).
+                         "Cannot invoke \"String.concat(String)\" because \"<parameter1>\" is null" );
+            e.printStackTrace();
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/hotspot/jtreg/runtime/exceptionMsgs/NullPointerException/NullPointerExceptionTest.java	Fri Oct 18 09:25:06 2019 -0700
@@ -0,0 +1,1782 @@
+/*
+ * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2019 SAP SE. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/**
+ * @test
+ * @summary Test extended NullPointerException message for
+ *   classfiles generated with debug information. In this case the name
+ *   of the variable containing the array is printed.
+ * @bug 8218628
+ * @modules java.base/java.lang:open
+ *          java.base/jdk.internal.org.objectweb.asm
+ * @library /test/lib
+ * @compile -g NullPointerExceptionTest.java
+ * @run main/othervm -XX:MaxJavaStackTraceDepth=1 -XX:+ShowCodeDetailsInExceptionMessages NullPointerExceptionTest hasDebugInfo
+ */
+/**
+ * @test
+ * @summary Test extended NullPointerException message for class
+ *   files generated without debugging information. The message lists
+ *   detailed information about the entity that is null.
+ * @bug 8218628
+ * @modules java.base/java.lang:open
+ *          java.base/jdk.internal.org.objectweb.asm
+ * @library /test/lib
+ * @compile NullPointerExceptionTest.java
+ * @run main/othervm -XX:MaxJavaStackTraceDepth=1 -XX:+ShowCodeDetailsInExceptionMessages NullPointerExceptionTest
+ */
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.ObjectInputStream;
+import java.io.ObjectOutputStream;
+import java.lang.invoke.MethodHandles.Lookup;
+import java.util.ArrayList;
+
+import jdk.internal.org.objectweb.asm.ClassWriter;
+import jdk.internal.org.objectweb.asm.Label;
+import jdk.internal.org.objectweb.asm.MethodVisitor;
+import jdk.test.lib.Asserts;
+
+import static java.lang.invoke.MethodHandles.lookup;
+import static jdk.internal.org.objectweb.asm.Opcodes.ACC_PUBLIC;
+import static jdk.internal.org.objectweb.asm.Opcodes.ACC_SUPER;
+import static jdk.internal.org.objectweb.asm.Opcodes.ACONST_NULL;
+import static jdk.internal.org.objectweb.asm.Opcodes.ALOAD;
+import static jdk.internal.org.objectweb.asm.Opcodes.ASTORE;
+import static jdk.internal.org.objectweb.asm.Opcodes.GETFIELD;
+import static jdk.internal.org.objectweb.asm.Opcodes.GETSTATIC;
+import static jdk.internal.org.objectweb.asm.Opcodes.ICONST_1;
+import static jdk.internal.org.objectweb.asm.Opcodes.ICONST_2;
+import static jdk.internal.org.objectweb.asm.Opcodes.INVOKESPECIAL;
+import static jdk.internal.org.objectweb.asm.Opcodes.INVOKEVIRTUAL;
+import static jdk.internal.org.objectweb.asm.Opcodes.ARETURN;
+import static jdk.internal.org.objectweb.asm.Opcodes.IRETURN;
+import static jdk.internal.org.objectweb.asm.Opcodes.RETURN;
+
+/**
+ * Tests NullPointerExceptions
+ */
+public class NullPointerExceptionTest {
+
+    // Some fields used in the test.
+    static Object nullStaticField;
+    NullPointerExceptionTest nullInstanceField;
+    static int[][][][] staticArray;
+    static long[][] staticLongArray = new long[1000][];
+    DoubleArrayGen dag;
+    ArrayList<String> names = new ArrayList<>();
+    ArrayList<String> curr;
+    static boolean hasDebugInfo = false;
+
+    static {
+        staticArray       = new int[1][][][];
+        staticArray[0]    = new int[1][][];
+        staticArray[0][0] = new int[1][];
+    }
+
+    public static void checkMessage(Throwable t, String expression,
+                                    String obtainedMsg, String expectedMsg) {
+        System.out.println("\nSource code:\n  " + expression + "\n\nOutput:");
+        t.printStackTrace(System.out);
+        if (obtainedMsg != expectedMsg && // E.g. both are null.
+            !obtainedMsg.equals(expectedMsg)) {
+            System.out.println("expected msg: " + expectedMsg);
+            Asserts.assertEquals(expectedMsg, obtainedMsg);
+        }
+        System.out.println("\n----");
+    }
+
+    public static void main(String[] args) throws Exception {
+        NullPointerExceptionTest t = new NullPointerExceptionTest();
+        if (args.length > 0) {
+            hasDebugInfo = true;
+        }
+
+        System.out.println("Tests for the first part of the message:");
+        System.out.println("========================================\n");
+
+        // Test the message printed for the failed action.
+        t.testFailedAction();
+
+        System.out.println("Tests for the second part of the message:");
+        System.out.println("=========================================\n");
+        // Test the method printed for the null entity.
+        t.testNullEntity();
+
+        System.out.println("Further tests:");
+        System.out.println("==============\n");
+
+        // Test if parameters are used in the code.
+        // This is relevant if there is no debug information.
+        t.testParameters();
+
+        // Test that no message is printed for exceptions
+        // allocated explicitly.
+        t.testCreation();
+
+        // Test that no message is printed for exceptions
+        // thrown in native methods.
+        t.testNative();
+
+        // Test that two calls to getMessage() return the same
+        // message.
+        // It is a design decision that it returns two different
+        // String objects.
+        t.testSameMessage();
+
+        // Test serialization.
+        // It is a design decision that after serialization the
+        // the message is lost.
+        t.testSerialization();
+
+        // Test that messages are printed for code generated
+        // on-the-fly.
+        t.testGeneratedCode();
+
+        // Some more interesting complex messages.
+        t.testComplexMessages();
+    }
+
+    // Helper method to cause test case.
+    private double callWithTypes(String[][] dummy1, int[][][] dummy2, float dummy3, long dummy4, short dummy5,
+                                 boolean dummy6, byte dummy7, double dummy8, char dummy9) {
+        return 0.0;
+    }
+
+    @SuppressWarnings("null")
+    public void testFailedAction() {
+        int[]     ia1 = null;
+        float[]   fa1 = null;
+        Object[]  oa1 = null;
+        boolean[] za1 = null;
+        byte[]    ba1 = null;
+        char[]    ca1 = null;
+        short[]   sa1 = null;
+        long[]    la1 = null;
+        double[]  da1 = null;
+
+        // iaload
+        try {
+            int val = ia1[0];
+            System.out.println(val);
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "int val = ia1[0];", e.getMessage(),
+                         "Cannot load from int array because " +
+                         (hasDebugInfo ? "\"ia1\"" : "\"<local1>\"") + " is null");
+        }
+        // faload
+        try {
+            float val = fa1[0];
+            System.out.println(val);
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "float val = fa1[0];", e.getMessage(),
+                         "Cannot load from float array because " +
+                         (hasDebugInfo ? "\"fa1\"" : "\"<local2>\"") + " is null");
+        }
+        // aaload
+        try {
+            Object val = oa1[0];
+            System.out.println(val);
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "Object val = oa1[0];", e.getMessage(),
+                         "Cannot load from object array because " +
+                         (hasDebugInfo ? "\"oa1\"" : "\"<local3>\"") + " is null");
+        }
+        // baload (boolean)
+        try {
+            boolean val = za1[0];
+            System.out.println(val);
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "boolean val = za1[0];", e.getMessage(),
+                         "Cannot load from byte/boolean array because " +
+                         (hasDebugInfo ? "\"za1\"" : "\"<local4>\"") + " is null");
+        }
+        // baload (byte)
+        try {
+            byte val = ba1[0];
+            System.out.println(val);
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "byte val = ba1[0];", e.getMessage(),
+                         "Cannot load from byte/boolean array because " +
+                         (hasDebugInfo ? "\"ba1\"" : "\"<local5>\"") + " is null");
+        }
+        // caload
+        try {
+            char val = ca1[0];
+            System.out.println(val);
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "char val = ca1[0];", e.getMessage(),
+                         "Cannot load from char array because " +
+                         (hasDebugInfo ? "\"ca1\"" : "\"<local6>\"") + " is null");
+        }
+        // saload
+        try {
+            short val = sa1[0];
+            System.out.println(val);
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "short val = sa1[0];", e.getMessage(),
+                         "Cannot load from short array because " +
+                         (hasDebugInfo ? "\"sa1\"" : "\"<local7>\"") + " is null");
+        }
+        // laload
+        try {
+            long val = la1[0];
+            System.out.println(val);
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "long val = la1[0];", e.getMessage(),
+                         "Cannot load from long array because " +
+                         (hasDebugInfo ? "\"la1\"" : "\"<local8>\"") + " is null");
+        }
+        // daload
+        try {
+            double val = da1[0];
+            System.out.println(val);
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "double val = da1[0];", e.getMessage(),
+                         "Cannot load from double array because " +
+                         (hasDebugInfo ? "\"da1\"" : "\"<local9>\"") + " is null");
+        }
+
+        // iastore
+        try {
+            ia1[0] = 0;
+            System.out.println(ia1[0]);
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "ia1[0] = 0;", e.getMessage(),
+                         "Cannot store to int array because " +
+                         (hasDebugInfo ? "\"ia1\"" : "\"<local1>\"") + " is null");
+        }
+        // fastore
+        try {
+            fa1[0] = 0.7f;
+            System.out.println(fa1[0]);
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "fa1[0] = 0.7f;", e.getMessage(),
+                         "Cannot store to float array because " +
+                         (hasDebugInfo ? "\"fa1\"" : "\"<local2>\"") + " is null");
+        }
+        // aastore
+        try {
+            oa1[0] = new Object();
+            System.out.println(oa1[0]);
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "oa1[0] = new Object();", e.getMessage(),
+                         "Cannot store to object array because " +
+                         (hasDebugInfo ? "\"oa1\"" : "\"<local3>\"") + " is null");
+        }
+        // bastore (boolean)
+        try {
+            za1[0] = false;
+            System.out.println(za1[0]);
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "za1[0] = false;", e.getMessage(),
+                         "Cannot store to byte/boolean array because " +
+                         (hasDebugInfo ? "\"za1\"" : "\"<local4>\"") + " is null");
+        }
+        // bastore (byte)
+        try {
+            ba1[0] = 0;
+            System.out.println(ba1[0]);
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "ba1[0] = 0;", e.getMessage(),
+                         "Cannot store to byte/boolean array because " +
+                         (hasDebugInfo ? "\"ba1\"" : "\"<local5>\"") + " is null");
+        }
+        // castore
+        try {
+            ca1[0] = 0;
+            System.out.println(ca1[0]);
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "ca1[0] = 0;", e.getMessage(),
+                         "Cannot store to char array because " +
+                         (hasDebugInfo ? "\"ca1\"" : "\"<local6>\"") + " is null");
+        }
+        // sastore
+        try {
+            sa1[0] = 0;
+            System.out.println(sa1[0]);
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "sa1[0] = 0;", e.getMessage(),
+                         "Cannot store to short array because " +
+                         (hasDebugInfo ? "\"sa1\"" : "\"<local7>\"") + " is null");
+        }
+        // lastore
+        try {
+            la1[0] = 0;
+            System.out.println(la1[0]);
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "la1[0] = 0;", e.getMessage(),
+                         "Cannot store to long array because " +
+                         (hasDebugInfo ? "\"la1\"" : "\"<local8>\"") + " is null");
+        }
+        // dastore
+        try {
+            da1[0] = 0;
+            System.out.println(da1[0]);
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "da1[0] = 0;", e.getMessage(),
+                         "Cannot store to double array because " +
+                         (hasDebugInfo ? "\"da1\"" : "\"<local9>\"") + " is null");
+        }
+
+        // arraylength
+        try {
+            int val = za1.length;
+            System.out.println(val);
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, " int val = za1.length;", e.getMessage(),
+                         "Cannot read the array length because " +
+                         (hasDebugInfo ? "\"za1\"" : "\"<local4>\"") + " is null");
+        }
+        // athrow
+        try {
+            RuntimeException exc = null;
+            throw exc;
+        } catch (NullPointerException e) {
+            checkMessage(e, "throw exc;", e.getMessage(),
+                         "Cannot throw exception because " +
+                         (hasDebugInfo ? "\"exc\"" : "\"<local10>\"") + " is null");
+        }
+        // monitorenter
+        try {
+            synchronized (nullInstanceField) {
+                // desired
+            }
+        } catch (NullPointerException e) {
+            checkMessage(e, "synchronized (nullInstanceField) { ... }", e.getMessage(),
+                         "Cannot enter synchronized block because " +
+                         "\"this.nullInstanceField\" is null");
+        }
+        // monitorexit
+        // No test available
+
+        // getfield
+        try {
+            Object val = nullInstanceField.nullInstanceField;
+            System.out.println(val);
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "Object val = nullInstanceField.nullInstanceField;", e.getMessage(),
+                         "Cannot read field \"nullInstanceField\" because " +
+                         "\"this.nullInstanceField\" is null");
+        }
+        // putfield
+        try {
+            nullInstanceField.nullInstanceField = new NullPointerExceptionTest();
+            System.out.println(nullInstanceField.nullInstanceField);
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "nullInstanceField.nullInstanceField = new NullPointerExceptionTest();", e.getMessage(),
+                         "Cannot assign field \"nullInstanceField\" because " +
+                         "\"this.nullInstanceField\" is null");
+        }
+        // invokevirtual
+        try {
+            String val = nullInstanceField.toString();
+            System.out.println(val);
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "String val = nullInstanceField.toString();", e.getMessage(),
+                         "Cannot invoke \"Object.toString()\" because " +
+                         "\"this.nullInstanceField\" is null");
+        }
+        // invokeinterface
+        try {
+            NullPointerExceptionTest obj = this;
+            Object val = obj.dag.getArray();
+            Asserts.assertNull(val);
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "Object val = obj.dag.getArray();", e.getMessage(),
+                         "Cannot invoke \"NullPointerExceptionTest$DoubleArrayGen.getArray()\" because " +
+                         (hasDebugInfo ? "\"obj" : "\"<local10>") + ".dag\" is null");
+        }
+        // invokespecial
+        G g = null;
+        try {
+            byte[] classBytes = G.generateSub2GTestClass();
+            Lookup lookup = lookup();
+            Class<?> clazz = lookup.defineClass(classBytes);
+            g = (G) clazz.getDeclaredConstructor().newInstance();
+        } catch (Exception e) {
+            e.printStackTrace();
+            Asserts.fail("Generating class Sub2G failed.");
+        }
+        try {
+            g.m2("Beginning");
+        } catch (NullPointerException e) {
+            checkMessage(e, "return super.m2(x).substring(2); // ... where super is null by bytecode manipulation.", e.getMessage(),
+                         "Cannot invoke \"G.m2(String)\" because \"null\" is null");
+        }
+        // Test parameter and return types
+        try {
+            boolean val = (nullInstanceField.callWithTypes(null, null, 0.0f, 0L, (short)0, false, (byte)0, 0.0, 'x') == 0.0);
+            Asserts.assertTrue(val);
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "boolean val = (nullInstanceField.callWithTypes(null, null, 0.0f, 0L, (short)0, false, (byte)0, 0.0, 'x') == 0.0);", e.getMessage(),
+                         "Cannot invoke \"NullPointerExceptionTest.callWithTypes(String[][], int[][][], float, long, short, boolean, byte, double, char)\" because " +
+                         "\"this.nullInstanceField\" is null");
+        }
+    }
+
+    static void test_iload() {
+        int i0 = 0;
+        int i1 = 1;
+        int i2 = 2;
+        int i3 = 3;
+        @SuppressWarnings("unused")
+        int i4 = 4;
+        int i5 = 5;
+
+        int[][] a = new int[6][];
+
+        // iload_0
+        try {
+            a[i0][0] = 77;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a[i0][0] = 77;", e.getMessage(),
+                         "Cannot store to int array because " +
+                         (hasDebugInfo ? "\"a[i0]\"" : "\"<local6>[<local0>]\"") + " is null");
+        }
+        // iload_1
+        try {
+            a[i1][0] = 77;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a[i1][0] = 77;", e.getMessage(),
+                         "Cannot store to int array because " +
+                         (hasDebugInfo ? "\"a[i1]\"" : "\"<local6>[<local1>]\"") + " is null");
+        }
+        // iload_2
+        try {
+            a[i2][0] = 77;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a[i2][0] = 77;", e.getMessage(),
+                         "Cannot store to int array because " +
+                         (hasDebugInfo ? "\"a[i2]\"" : "\"<local6>[<local2>]\"") + " is null");
+        }
+        // iload_3
+        try {
+            a[i3][0] = 77;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a[i3][0] = 77;", e.getMessage(),
+                         "Cannot store to int array because " +
+                         (hasDebugInfo ? "\"a[i3]\"" : "\"<local6>[<local3>]\"") + " is null");
+        }
+        // iload
+        try {
+            a[i5][0] = 77;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a[i5][0] = 77;", e.getMessage(),
+                         "Cannot store to int array because " +
+                         (hasDebugInfo ? "\"a[i5]\"" : "\"<local6>[<local5>]\"") + " is null");
+        }
+    }
+
+    // Other datatyes than int are not needed.
+    // If we implement l2d and similar bytecodes, we can print
+    // long expressions as array indexes. Then these here could
+    // be used.
+    static void test_lload() {
+        long long0 = 0L;  // l0 looks like 10. Therefore long0.
+        long long1 = 1L;
+        long long2 = 2L;
+        long long3 = 3L;
+        @SuppressWarnings("unused")
+        long long4 = 4L;
+        long long5 = 5L;
+
+        int[][] a = new int[6][];
+
+        // lload_0
+        try {
+            a[(int)long0][0] = 77;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a[(int)long0][0] = 77;", e.getMessage(),
+                         "Cannot store to int array because " +
+                         (hasDebugInfo ? "\"a[...]\"" : "\"<local12>[...]\"") + " is null");
+        }
+        // lload_1
+        try {
+            a[(int)long1][0] = 77;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a[(int)long1][0] = 77;", e.getMessage(),
+                         "Cannot store to int array because " +
+                         (hasDebugInfo ? "\"a[...]\"" : "\"<local12>[...]\"") + " is null");
+        }
+        // lload_2
+        try {
+            a[(int)long2][0] = 77;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a[(int)long2][0] = 77;", e.getMessage(),
+                         "Cannot store to int array because " +
+                         (hasDebugInfo ? "\"a[...]\"" : "\"<local12>[...]\"") + " is null");
+        }
+        // lload_3
+        try {
+            a[(int)long3][0] = 77;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a[(int)long3][0] = 77;", e.getMessage(),
+                         "Cannot store to int array because " +
+                         (hasDebugInfo ? "\"a[...]\"" : "\"<local12>[...]\"") + " is null");
+        }
+        // lload
+        try {
+            a[(int)long5][0] = 77;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a[(int)long5][0] = 77;", e.getMessage(),
+                         "Cannot store to int array because " +
+                         (hasDebugInfo ? "\"a[...]\"" : "\"<local12>[...]\"") + " is null");
+        }
+    }
+
+    static void test_fload() {
+        float f0 = 0.0f;
+        float f1 = 1.0f;
+        float f2 = 2.0f;
+        float f3 = 3.0f;
+        @SuppressWarnings("unused")
+        float f4 = 4.0f;
+        float f5 = 5.0f;
+
+        int[][] a = new int[6][];
+
+        // fload_0
+        try {
+            a[(int)f0][0] = 77;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a[(int)f0][0] = 77;", e.getMessage(),
+                         "Cannot store to int array because " +
+                         (hasDebugInfo ? "\"a[...]\"" : "\"<local6>[...]\"") + " is null");
+        }
+        // fload_1
+        try {
+            a[(int)f1][0] = 77;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a[(int)f1][0] = 77;", e.getMessage(),
+                         "Cannot store to int array because " +
+                         (hasDebugInfo ? "\"a[...]\"" : "\"<local6>[...]\"") + " is null");
+        }
+        // fload_2
+        try {
+            a[(int)f2][0] = 77;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a[(int)f2][0] = 77;", e.getMessage(),
+                         "Cannot store to int array because " +
+                         (hasDebugInfo ? "\"a[...]\"" : "\"<local6>[...]\"") + " is null");
+        }
+        // fload_3
+        try {
+            a[(int)f3][0] = 77;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a[(int)f3][0] = 77;", e.getMessage(),
+                         "Cannot store to int array because " +
+                         (hasDebugInfo ? "\"a[...]\"" : "\"<local6>[...]\"") + " is null");
+        }
+        // fload
+        try {
+            a[(int)f5][0] = 77;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a[(int)f5][0] = 77;", e.getMessage(),
+                         "Cannot store to int array because " +
+                         (hasDebugInfo ? "\"a[...]\"" : "\"<local6>[...]\"") + " is null");
+        }
+    }
+
+    @SuppressWarnings("null")
+    static void test_aload() {
+        F f0 = null;
+        F f1 = null;
+        F f2 = null;
+        F f3 = null;
+        @SuppressWarnings("unused")
+        F f4 = null;
+        F f5 = null;
+
+        // aload_0
+        try {
+            f0.i = 33;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "f0.i = 33;", e.getMessage(),
+                         "Cannot assign field \"i\" because " +
+                         (hasDebugInfo ? "\"f0\"" : "\"<local0>\"") + " is null");
+        }
+        // aload_1
+        try {
+            f1.i = 33;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "f1.i = 33;", e.getMessage(),
+                         "Cannot assign field \"i\" because " +
+                         (hasDebugInfo ? "\"f1\"" : "\"<local1>\"") + " is null");
+        }
+        // aload_2
+        try {
+            f2.i = 33;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "f2.i = 33;", e.getMessage(),
+                         "Cannot assign field \"i\" because " +
+                         (hasDebugInfo ? "\"f2\"" : "\"<local2>\"") + " is null");
+        }
+        // aload_3
+        try {
+            f3.i = 33;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "f3.i = 33;", e.getMessage(),
+                         "Cannot assign field \"i\" because " +
+                         (hasDebugInfo ? "\"f3\"" : "\"<local3>\"") + " is null");
+        }
+        // aload
+        try {
+            f5.i = 33;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "f5.i = 33;", e.getMessage(),
+                         "Cannot assign field \"i\" because " +
+                         (hasDebugInfo ? "\"f5\"" : "\"<local5>\"") + " is null");
+        }
+    }
+
+    // Helper class for test cases.
+    class A {
+        public B to_b;
+        public B getB() { return to_b; }
+    }
+
+    // Helper class for test cases.
+    class B {
+        public C to_c;
+        public B to_b;
+        public C getC() { return to_c; }
+        public B getBfromB() { return to_b; }
+    }
+
+    // Helper class for test cases.
+    class C {
+        public D to_d;
+        public D getD() { return to_d; }
+    }
+
+    // Helper class for test cases.
+    class D {
+        public int num;
+        public int[][] ar;
+    }
+
+
+    @SuppressWarnings("null")
+    public void testArrayChasing() {
+        int[][][][][][] a = null;
+        try {
+            a[0][0][0][0][0][0] = 99;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a[0][0][0][0][0] = 99; // a is null", e.getMessage(),
+                         "Cannot load from object array because " +
+                         (hasDebugInfo ? "\"a\"" : "\"<local1>\"") + " is null");
+        }
+        a = new int[1][][][][][];
+        try {
+            a[0][0][0][0][0][0] = 99;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a[0][0][0][0][0] = 99; // a[0] is null", e.getMessage(),
+                         "Cannot load from object array because " +
+                         (hasDebugInfo ? "\"a[0]\"" : "\"<local1>[0]\"") + " is null");
+        }
+        a[0] = new int[1][][][][];
+        try {
+            a[0][0][0][0][0][0] = 99;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a[0][0][0][0][0] = 99; // a[0][0] is null", e.getMessage(),
+                         "Cannot load from object array because " +
+                         (hasDebugInfo ? "\"a[0][0]\"" : "\"<local1>[0][0]\"") + " is null");
+        }
+        a[0][0] = new int[1][][][];
+        try {
+            a[0][0][0][0][0][0] = 99;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a[0][0][0][0][0] = 99; // a[0][0][0] is null", e.getMessage(),
+                         "Cannot load from object array because " +
+                         (hasDebugInfo ? "\"a[0][0][0]\"" : "\"<local1>[0][0][0]\"") + " is null");
+        }
+        try {
+            System.out.println(a[0][0][0].length);
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a[0][0][0].length; // a[0][0][0] is null", e.getMessage(),
+                         "Cannot read the array length because " +
+                         (hasDebugInfo ? "\"a[0][0][0]\"" : "\"<local1>[0][0][0]\"") + " is null");
+        }
+        a[0][0][0] = new int[1][][];
+        try {
+            a[0][0][0][0][0][0] = 99;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a[0][0][0][0][0] = 99; // a[0][0][0][0] is null", e.getMessage(),
+                         "Cannot load from object array because " +
+                         (hasDebugInfo ? "\"a[0][0][0][0]\"" : "\"<local1>[0][0][0][0]\"") + " is null");
+        }
+        a[0][0][0][0] = new int[1][];
+        // Reaching max recursion depth. Prints <array>.
+        try {
+            a[0][0][0][0][0][0] = 99;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a[0][0][0][0][0] = 99; // a[0][0][0][0][0] is null", e.getMessage(),
+                         "Cannot store to int array because " +
+                         "\"<array>[0][0][0][0][0]\" is null");
+        }
+        a[0][0][0][0][0] = new int[1];
+        try {
+            a[0][0][0][0][0][0] = 99;
+        } catch (NullPointerException e) {
+            Asserts.fail();
+        }
+    }
+
+    @SuppressWarnings("null")
+    public void testPointerChasing() {
+        A a = null;
+        try {
+            a.to_b.to_c.to_d.num = 99;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a.to_b.to_c.to_d.num = 99; // a is null", e.getMessage(),
+                         "Cannot read field \"to_b\" because " +
+                         (hasDebugInfo ? "\"a\"" : "\"<local1>\"") + " is null");
+        }
+        a = new A();
+        try {
+            a.to_b.to_c.to_d.num = 99;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a.to_b.to_c.to_d.num = 99; // a.to_b is null", e.getMessage(),
+                         "Cannot read field \"to_c\" because " +
+                         (hasDebugInfo ? "\"a.to_b\"" : "\"<local1>.to_b\"") + " is null");
+        }
+        a.to_b = new B();
+        try {
+            a.to_b.to_c.to_d.num = 99;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a.to_b.to_c.to_d.num = 99; // a.to_b.to_c is null", e.getMessage(),
+                         "Cannot read field \"to_d\" because " +
+                         (hasDebugInfo ? "\"a.to_b.to_c\"" : "\"<local1>.to_b.to_c\"") + " is null");
+        }
+        a.to_b.to_c = new C();
+        try {
+            a.to_b.to_c.to_d.num = 99;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a.to_b.to_c.to_d.num = 99; // a.to_b.to_c.to_d is null", e.getMessage(),
+                         "Cannot assign field \"num\" because " +
+                         (hasDebugInfo ? "\"a.to_b.to_c.to_d\"" : "\"<local1>.to_b.to_c.to_d\"") + " is null");
+        }
+    }
+
+    @SuppressWarnings("null")
+    public void testMethodChasing() {
+        A a = null;
+        try {
+            a.getB().getBfromB().getC().getD().num = 99;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a.getB().getBfromB().getC().getD().num = 99; // a is null", e.getMessage(),
+                         "Cannot invoke \"NullPointerExceptionTest$A.getB()\" because " +
+                         (hasDebugInfo ? "\"a" : "\"<local1>") + "\" is null");
+        }
+        a = new A();
+        try {
+            a.getB().getBfromB().getC().getD().num = 99;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a.getB().getBfromB().getC().getD().num = 99; // a.getB() is null", e.getMessage(),
+                         "Cannot invoke \"NullPointerExceptionTest$B.getBfromB()\" because " +
+                         "the return value of \"NullPointerExceptionTest$A.getB()\" is null");
+        }
+        a.to_b = new B();
+        try {
+            a.getB().getBfromB().getC().getD().num = 99;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a.getB().getBfromB().getC().getD().num = 99; // a.getB().getBfromB() is null", e.getMessage(),
+                         "Cannot invoke \"NullPointerExceptionTest$B.getC()\" because " +
+                         "the return value of \"NullPointerExceptionTest$B.getBfromB()\" is null");
+        }
+        a.to_b.to_b = new B();
+        try {
+            a.getB().getBfromB().getC().getD().num = 99;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a.getB().getBfromB().getC().getD().num = 99; // a.getB().getBfromB().getC() is null", e.getMessage(),
+                         "Cannot invoke \"NullPointerExceptionTest$C.getD()\" because " +
+                         "the return value of \"NullPointerExceptionTest$B.getC()\" is null");
+        }
+        a.to_b.to_b.to_c = new C();
+        try {
+            a.getB().getBfromB().getC().getD().num = 99;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a.getB().getBfromB().getC().getD().num = 99; // a.getB().getBfromB().getC().getD() is null", e.getMessage(),
+                         "Cannot assign field \"num\" because " +
+                         "the return value of \"NullPointerExceptionTest$C.getD()\" is null");
+        }
+    }
+
+    @SuppressWarnings("null")
+    public void testMixedChasing() {
+        A a = null;
+        try {
+            a.getB().getBfromB().to_c.to_d.ar[0][0] = 99;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a.getB().getBfromB().to_c.to_d.ar[0][0] = 99; // a is null", e.getMessage(),
+                         "Cannot invoke \"NullPointerExceptionTest$A.getB()\" because " +
+                         (hasDebugInfo ? "\"a\"" : "\"<local1>\"") + " is null");
+        }
+        a = new A();
+        try {
+            a.getB().getBfromB().to_c.to_d.ar[0][0] = 99;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a.getB().getBfromB().to_c.to_d.ar[0][0] = 99; // a.getB() is null", e.getMessage(),
+                         "Cannot invoke \"NullPointerExceptionTest$B.getBfromB()\" because " +
+                         "the return value of \"NullPointerExceptionTest$A.getB()\" is null");
+        }
+        a.to_b = new B();
+        try {
+            a.getB().getBfromB().to_c.to_d.ar[0][0] = 99;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a.getB().getBfromB().to_c.to_d.ar[0][0] = 99; // a.getB().getBfromB() is null", e.getMessage(),
+                         "Cannot read field \"to_c\" because " +
+                         "the return value of \"NullPointerExceptionTest$B.getBfromB()\" is null");
+        }
+        a.to_b.to_b = new B();
+        try {
+            a.getB().getBfromB().to_c.to_d.ar[0][0] = 99;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a.getB().getBfromB().to_c.to_d.ar[0][0] = 99; // a.getB().getBfromB().to_c is null", e.getMessage(),
+                         "Cannot read field \"to_d\" because " +
+                         "\"NullPointerExceptionTest$B.getBfromB().to_c\" is null");
+        }
+        a.to_b.to_b.to_c = new C();
+        try {
+            a.getB().getBfromB().to_c.to_d.ar[0][0] = 99;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a.getB().getBfromB().to_c.to_d.ar[0][0] = 99; // a.getB().getBfromB().to_c.to_d is null", e.getMessage(),
+                         "Cannot read field \"ar\" because " +
+                         "\"NullPointerExceptionTest$B.getBfromB().to_c.to_d\" is null");
+        }
+        a.to_b.to_b.to_c.to_d = new D();
+        try {
+            a.getB().getBfromB().to_c.to_d.ar[0][0] = 99;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a.getB().getBfromB().to_c.to_d.ar[0][0] = 99; // a.getB().getBfromB().to_c.to_d.ar is null", e.getMessage(),
+                         "Cannot load from object array because " +
+                         "\"NullPointerExceptionTest$B.getBfromB().to_c.to_d.ar\" is null");
+        }
+        try {
+            a.getB().getBfromB().getC().getD().ar[0][0] = 99;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a.getB().getBfromB().getC().getD().ar[0][0] = 99; // a.getB().getBfromB().getC().getD().ar is null", e.getMessage(),
+                         "Cannot load from object array because " +
+                         "\"NullPointerExceptionTest$C.getD().ar\" is null");
+        }
+        a.to_b.to_b.to_c.to_d.ar = new int[1][];
+        try {
+            a.getB().getBfromB().to_c.to_d.ar[0][0] = 99;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a.getB().getBfromB().to_c.to_d.ar[0][0] = 99; // a.getB().getBfromB().to_c.to_d.ar[0] is null", e.getMessage(),
+                         "Cannot store to int array because " +
+                         "\"NullPointerExceptionTest$B.getBfromB().to_c.to_d.ar[0]\" is null");
+        }
+        try {
+            a.getB().getBfromB().getC().getD().ar[0][0] = 99;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a.getB().getBfromB().getC().getD().ar[0][0] = 99; // a.getB().getBfromB().getC().getD().ar[0] is null", e.getMessage(),
+                         "Cannot store to int array because " +
+                         "\"NullPointerExceptionTest$C.getD().ar[0]\" is null");
+        }
+    }
+
+    // Helper method to cause test case.
+    private Object returnNull(String[][] dummy1, int[][][] dummy2, float dummy3) {
+        return null;
+    }
+
+    // Helper method to cause test case.
+    private NullPointerExceptionTest returnMeAsNull(Throwable dummy1, int dummy2, char dummy3) {
+        return null;
+    }
+
+    // Helper interface for test cases.
+    static interface DoubleArrayGen {
+        public double[] getArray();
+    }
+
+    // Helper class for test cases.
+    static class DoubleArrayGenImpl implements DoubleArrayGen {
+        @Override
+        public double[] getArray() {
+            return null;
+        }
+    }
+
+    // Helper class for test cases.
+    static class NullPointerGenerator {
+        public static Object nullReturner(boolean dummy1) {
+            return null;
+        }
+
+        public Object returnMyNull(double dummy1, long dummy2, short dummy3) {
+            return null;
+        }
+    }
+
+    // Helper method to cause test case.
+    public void ImplTestLoadedFromMethod(DoubleArrayGen gen) {
+        try {
+            (gen.getArray())[0] = 1.0;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "(gen.getArray())[0] = 1.0;", e.getMessage(),
+                         "Cannot store to double array because " +
+                         "the return value of \"NullPointerExceptionTest$DoubleArrayGen.getArray()\" is null");
+        }
+    }
+
+    public void testNullEntity() {
+        int[][] a = new int[820][];
+
+        test_iload();
+        test_lload();
+        test_fload();
+        // test_dload();
+        test_aload();
+        // aload_0: 'this'
+        try {
+            this.nullInstanceField.nullInstanceField = new NullPointerExceptionTest();
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "this.nullInstanceField.nullInstanceField = new NullPointerExceptionTest();", e.getMessage(),
+                         "Cannot assign field \"nullInstanceField\" because \"this.nullInstanceField\" is null");
+        }
+
+        // aconst_null
+        try {
+            throw null;
+        } catch (NullPointerException e) {
+            checkMessage(e, "throw null;", e.getMessage(),
+                         "Cannot throw exception because \"null\" is null");
+        }
+        // iconst_0
+        try {
+            a[0][0] = 77;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a[0][0] = 77;", e.getMessage(),
+                         "Cannot store to int array because " +
+                         (hasDebugInfo ? "\"a[0]\"" : "\"<local1>[0]\"") + " is null");
+        }
+        // iconst_1
+        try {
+            a[1][0] = 77;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a[1][0] = 77;", e.getMessage(),
+                         "Cannot store to int array because " +
+                         (hasDebugInfo ? "\"a[1]\"" : "\"<local1>[1]\"") + " is null");
+        }
+        // iconst_2
+        try {
+            a[2][0] = 77;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a[2][0] = 77;", e.getMessage(),
+                         "Cannot store to int array because " +
+                         (hasDebugInfo ? "\"a[2]\"" : "\"<local1>[2]\"") + " is null");
+        }
+        // iconst_3
+        try {
+            a[3][0] = 77;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a[3][0] = 77;", e.getMessage(),
+                         "Cannot store to int array because " +
+                         (hasDebugInfo ? "\"a[3]\"" : "\"<local1>[3]\"") + " is null");
+        }
+        // iconst_4
+        try {
+            a[4][0] = 77;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a[4][0] = 77;", e.getMessage(),
+                         "Cannot store to int array because " +
+                         (hasDebugInfo ? "\"a[4]\"" : "\"<local1>[4]\"") + " is null");
+        }
+        // iconst_5
+        try {
+            a[5][0] = 77;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a[5][0] = 77;", e.getMessage(),
+                         "Cannot store to int array because " +
+                         (hasDebugInfo ? "\"a[5]\"" : "\"<local1>[5]\"") + " is null");
+        }
+        // long --> iconst
+        try {
+            a[(int)0L][0] = 77;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a[(int)0L][0] = 77;", e.getMessage(),
+                         "Cannot store to int array because " +
+                         (hasDebugInfo ? "\"a[0]\"" : "\"<local1>[0]\"") + " is null");
+        }
+        // bipush
+        try {
+            a[139 /*0x77*/][0] = 77;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a[139][0] = 77;", e.getMessage(),
+                         "Cannot store to int array because " +
+                         (hasDebugInfo ? "\"a[139]\"" : "\"<local1>[139]\"") + " is null");
+        }
+        // sipush
+        try {
+            a[819 /*0x333*/][0] = 77;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a[819][0] = 77;", e.getMessage(),
+                         "Cannot store to int array because " +
+                         (hasDebugInfo ? "\"a[819]\"" : "\"<local1>[819]\"") + " is null");
+        }
+
+        // aaload, with recursive descend.
+        testArrayChasing();
+
+        // getstatic
+        try {
+            boolean val = (((float[]) nullStaticField)[0] == 1.0f);
+            Asserts.assertTrue(val);
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "boolean val = (((float[]) nullStaticField)[0] == 1.0f);", e.getMessage(),
+                         "Cannot load from float array because \"NullPointerExceptionTest.nullStaticField\" is null");
+        }
+
+        // getfield, with recursive descend.
+        testPointerChasing();
+
+        // invokestatic
+        try {
+            char val = ((char[]) NullPointerGenerator.nullReturner(false))[0];
+            System.out.println(val);
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "char val = ((char[]) NullPointerGenerator.nullReturner(false))[0];", e.getMessage(),
+                         "Cannot load from char array because " +
+                         "the return value of \"NullPointerExceptionTest$NullPointerGenerator.nullReturner(boolean)\" is null");
+        }
+        // invokevirtual
+        try {
+            char val = ((char[]) (new NullPointerGenerator().returnMyNull(1, 1, (short) 1)))[0];
+            System.out.println(val);
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "char val = ((char[]) (new NullPointerGenerator().returnMyNull(1, 1, (short) 1)))[0];", e.getMessage(),
+                         "Cannot load from char array because " +
+                         "the return value of \"NullPointerExceptionTest$NullPointerGenerator.returnMyNull(double, long, short)\" is null");
+        }
+        // Call with array arguments.
+        try {
+            double val = ((double[]) returnNull(null, null, 1f))[0];
+            System.out.println(val);
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "double val = ((double[]) returnNull(null, null, 1f))[0];", e.getMessage(),
+                         "Cannot load from double array because " +
+                         "the return value of \"NullPointerExceptionTest.returnNull(String[][], int[][][], float)\" is null");
+        }
+        // invokespecial
+        try {
+            SubG g = new SubG();
+            g.m2("Beginning");
+        } catch (NullPointerException e) {
+            checkMessage(e, "return super.m2(x).substring(2);", e.getMessage(),
+                         "Cannot invoke \"String.substring(int)\" because " +
+                         "the return value of \"G.m2(String)\" is null");
+        }
+        // invokeinterface
+        ImplTestLoadedFromMethod(new DoubleArrayGenImpl());
+        try {
+            returnMeAsNull(null, 1, 'A').dag = new DoubleArrayGenImpl();
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "returnMeAsNull(null, 1, 'A').dag = new DoubleArrayGenImpl();", e.getMessage(),
+                         "Cannot assign field \"dag\" because " +
+                         "the return value of \"NullPointerExceptionTest.returnMeAsNull(java.lang.Throwable, int, char)\" is null");
+        }
+        testMethodChasing();
+
+        // Mixed recursive descend.
+        testMixedChasing();
+    }
+
+    // Assure 64 parameters are printed as 'parameteri'.
+    public String manyParameters(
+        int  i1, int  i2, int  i3, int  i4, int  i5, int  i6, int  i7, int  i8, int  i9, int i10,
+        int i11, int i12, int i13, int i14, int i15, int i16, int i17, int i18, int i19, int i20,
+        int i21, int i22, int i23, int i24, int i25, int i26, int i27, int i28, int i29, int i30,
+        int i31, int i32, int i33, int i34, int i35, int i36, int i37, int i38, int i39, int i40,
+        int i41, int i42, int i43, int i44, int i45, int i46, int i47, int i48, int i49, int i50,
+        int i51, int i52, int i53, int i54, int i55, int i56, int i57, int i58, int i59, int i60,
+        int i61, int i62, int i63, int i64, int i65, int i66, int i67, int i68, int i69, int i70) {
+        String[][][][] ar5 = new String[1][1][1][1];
+        int[][][] idx3 = new int[1][1][1];
+        int[][]   idx2 = new int[1][1];
+        return ar5[i70]
+                  [idx2[i65][i64]]
+                  [idx3[i63][i62][i47]]
+                  [idx3[idx2[i33][i32]][i31][i17]]
+                  .substring(2);
+    }
+
+    // The double placeholder takes two slots on the stack.
+    public void testParametersTestMethod(A a, double placeholder, B b, Integer i) throws Exception {
+        try {
+            a.to_b.to_c.to_d.num = 99;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "a.to_b.to_c.to_d.num = 99; // to_c is null, a is a parameter.", e.getMessage(),
+                         "Cannot read field \"to_d\" because \"" +
+                         (hasDebugInfo ? "a" : "<parameter1>") + ".to_b.to_c\" is null");
+        }
+
+        try {
+            b.to_c.to_d.num = 99;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "b.to_c.to_d.num = 99; // b is null and b is a parameter.", e.getMessage(),
+                         "Cannot read field \"to_c\" because " +
+                         // We expect number '3' for the parameter.
+                         (hasDebugInfo ? "\"b\"" : "\"<parameter3>\"") + " is null");
+        }
+
+
+        try {
+            @SuppressWarnings("unused")
+            int my_i = i;
+        }  catch (NullPointerException e) {
+            checkMessage(e, "int my_i = i; // i is a parameter of type Integer.",  e.getMessage(),
+                         "Cannot invoke \"java.lang.Integer.intValue()\" because " +
+                         (hasDebugInfo ? "\"i\"" : "\"<parameter4>\"") + " is null");
+        }
+
+        // If no debug information is available, only 64 parameters (this and i1 through i63)
+        // will be reported in the message as 'parameteri'. Others will be reported as 'locali'.
+        try {
+            manyParameters(0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+                           0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+                           0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+                           0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+                           0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+                           0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+                           0, 0, 0, 0, 0, 0, 0, 0, 0, 0);
+            } catch (NullPointerException e) {
+                checkMessage(e, "return ar5[i70][idx2[i65][i64]][idx3[i63][i62][i47]][idx3[idx2[i33][i32]][i31][i17]].substring(2);", e.getMessage(),
+                             "Cannot invoke \"String.substring(int)\" because " +
+                             (hasDebugInfo ?
+                               "\"ar5[i70][idx2[i65][i64]][idx3[i63][i62][i47]][idx3[idx2[i33][i32]][i31][i17]]\"" :
+                               "\"<local71>[<local70>][<local73>[<local65>][<local64>]][<local72>[<parameter63>][<parameter62>]" +
+                                  "[<parameter47>]][<local72>[<local73>[<parameter33>][<parameter32>]][<parameter31>][<parameter17>]]\"") +
+                             " is null");
+            }
+    }
+
+
+    public void testParameters() throws Exception {
+        A a = new A();
+        a.to_b = new B();
+        testParametersTestMethod(a, 0.0, null, null);
+    }
+
+
+    public void testCreation() throws Exception {
+        // If allocated with new, the message should not be generated.
+        Asserts.assertNull(new NullPointerException().getMessage());
+        String msg = new String("A pointless message");
+        Asserts.assertTrue(new NullPointerException(msg).getMessage() == msg);
+
+        // If created via reflection, the message should not be generated.
+        Exception ex = NullPointerException.class.getDeclaredConstructor().newInstance();
+        Asserts.assertNull(ex.getMessage());
+    }
+
+    public void testNative() throws Exception {
+        // If NPE is thrown in a native method, the message should
+        // not be generated.
+        try {
+            Class.forName(null);
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            Asserts.assertNull(e.getMessage());
+        }
+
+    }
+
+    // Test we get the same message calling npe.getMessage() twice.
+    @SuppressWarnings("null")
+    public void testSameMessage() throws Exception {
+        Object null_o = null;
+        String expectedMsg =
+            "Cannot invoke \"Object.hashCode()\" because " +
+            (hasDebugInfo ? "\"null_o" : "\"<local1>") + "\" is null";
+
+        try {
+            null_o.hashCode();
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            String msg1 = e.getMessage();
+            checkMessage(e, "null_o.hashCode()", msg1, expectedMsg);
+            String msg2 = e.getMessage();
+            Asserts.assertTrue(msg1.equals(msg2));
+            // It was decided that getMessage should generate the
+            // message anew on every call, so this does not hold.
+            //Asserts.assertTrue(msg1 == msg2);
+            Asserts.assertFalse(msg1 == msg2);
+        }
+    }
+
+    @SuppressWarnings("null")
+    public void testSerialization() throws Exception {
+        // NPE without message.
+        Object o1 = new NullPointerException();
+        ByteArrayOutputStream bos1 = new ByteArrayOutputStream();
+        ObjectOutputStream oos1 = new ObjectOutputStream(bos1);
+        oos1.writeObject(o1);
+        ByteArrayInputStream bis1 = new ByteArrayInputStream(bos1.toByteArray());
+        ObjectInputStream ois1 = new ObjectInputStream(bis1);
+        Exception ex1 = (Exception) ois1.readObject();
+        Asserts.assertNull(ex1.getMessage());
+
+        // NPE with custom message.
+        String msg2 = "A useless message";
+        Object o2 = new NullPointerException(msg2);
+        ByteArrayOutputStream bos2 = new ByteArrayOutputStream();
+        ObjectOutputStream oos2 = new ObjectOutputStream(bos2);
+        oos2.writeObject(o2);
+        ByteArrayInputStream bis2 = new ByteArrayInputStream(bos2.toByteArray());
+        ObjectInputStream ois2 = new ObjectInputStream(bis2);
+        Exception ex2 = (Exception) ois2.readObject();
+        Asserts.assertEquals(ex2.getMessage(), msg2);
+
+        // NPE with generated message.
+        Object null_o3 = null;
+        Object o3 = null;
+        String msg3 = null;
+        try {
+            int hc = null_o3.hashCode();
+            System.out.println(hc);
+            Asserts.fail();
+        } catch (NullPointerException npe3) {
+            o3 = npe3;
+            msg3 = npe3.getMessage();
+            checkMessage(npe3, "int hc = null_o3.hashCode();", msg3,
+                         "Cannot invoke \"Object.hashCode()\" because " +
+                         (hasDebugInfo ? "\"null_o3\"" : "\"<local14>\"") + " is null");
+        }
+        ByteArrayOutputStream bos3 = new ByteArrayOutputStream();
+        ObjectOutputStream oos3 = new ObjectOutputStream(bos3);
+        oos3.writeObject(o3);
+        ByteArrayInputStream bis3 = new ByteArrayInputStream(bos3.toByteArray());
+        ObjectInputStream ois3 = new ObjectInputStream(bis3);
+        Exception ex3 = (Exception) ois3.readObject();
+        // It was decided that getMessage should not store the
+        // message in Throwable.detailMessage or implement writeReplace(),
+        // thus it can not be recovered by serialization.
+        //Asserts.assertEquals(ex3.getMessage(), msg3);
+        Asserts.assertEquals(ex3.getMessage(), null);
+    }
+
+    static int index17 = 17;
+    int getIndex17() { return 17; };
+
+    @SuppressWarnings({ "unused", "null" })
+    public void testComplexMessages() {
+        try {
+            staticLongArray[0][0] = 2L;
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "staticLongArray[0][0] = 2L;", e.getMessage(),
+                         "Cannot store to long array because " +
+                         "\"NullPointerExceptionTest.staticLongArray[0]\" is null");
+        }
+
+        try {
+            NullPointerExceptionTest obj = this;
+            Object val = obj.dag.getArray().clone();
+            Asserts.assertNull(val);
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "Object val = obj.dag.getArray().clone();", e.getMessage(),
+                         "Cannot invoke \"NullPointerExceptionTest$DoubleArrayGen.getArray()\" because " +
+                         (hasDebugInfo ? "\"obj" : "\"<local1>") + ".dag\" is null");
+        }
+        try {
+            int indexes[] = new int[1];
+            NullPointerExceptionTest[] objs = new NullPointerExceptionTest[] {this};
+            Object val = objs[indexes[0]].nullInstanceField.returnNull(null, null, 1f);
+            Asserts.assertNull(val);
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            checkMessage(e, "Object val = objs[indexes[0]].nullInstanceField.returnNull(null, null, 1f);", e.getMessage(),
+                         "Cannot invoke \"NullPointerExceptionTest.returnNull(String[][], int[][][], float)\" because " +
+                         (hasDebugInfo ? "\"objs[indexes" : "\"<local2>[<local1>") + "[0]].nullInstanceField\" is null");
+        }
+
+        try {
+            int indexes[] = new int[1];
+            NullPointerExceptionTest[][] objs =
+                new NullPointerExceptionTest[][] {new NullPointerExceptionTest[] {this}};
+            synchronized (objs[indexes[0]][0].nullInstanceField) {
+                Asserts.fail();
+            }
+        } catch (NullPointerException e) {
+            checkMessage(e, "synchronized (objs[indexes[0]][0].nullInstanceField) { ... }", e.getMessage(),
+                         "Cannot enter synchronized block because " +
+                         (hasDebugInfo ? "\"objs[indexes" : "\"<local2>[<local1>" ) + "[0]][0].nullInstanceField\" is null");
+        }
+
+        try {
+            // If we can get the value from more than one bci, we cannot know which one
+            // is null. Make sure we don't print the wrong value.
+            String s = null;
+            @SuppressWarnings("unused")
+            byte[] val = (Math.random() < 0.5 ? s : (new String[1])[0]).getBytes();
+        } catch (NullPointerException e) {
+            checkMessage(e, "byte[] val = (Math.random() < 0.5 ? s : (new String[1])[0]).getBytes();", e.getMessage(),
+                         "Cannot invoke \"String.getBytes()\"");
+        }
+
+        try {
+            // If we can get the value from more than one bci, we cannot know which one
+            // is null. Make sure we don't print the wrong value.  Also make sure if
+            // we don't print the failed action we don't print a string at all.
+            int[][] a = new int[1][];
+            int[][] b = new int[2][];
+            long index = 0;
+            @SuppressWarnings("unused")
+            int val = (Math.random() < 0.5 ? a[(int)index] : b[(int)index])[13];
+        } catch (NullPointerException e) {
+            checkMessage(e, "int val = (Math.random() < 0.5 ? a[(int)index] : b[(int)index])[13]", e.getMessage(),
+                         "Cannot load from int array");
+        }
+
+        try {
+            // If we can get the value from more than one bci, we cannot know which one
+            // is null. Make sure we don't print the wrong value.  Also make sure if
+            // we don't print the failed action we don't print a string at all.
+            int[][] a = new int[1][];
+            int[][] b = new int[2][];
+            long index = 0;
+            int val = (Math.random() < 0.5 ? a : b)[(int)index][13];
+        } catch (NullPointerException e) {
+            checkMessage(e, "int val = (Math.random() < 0.5 ? a : b)[(int)index][13]", e.getMessage(),
+                         "Cannot load from int array because \"<array>[...]\" is null");
+        }
+
+        try {
+            C c1 = new C();
+            C c2 = new C();
+            (Math.random() < 0.5 ? c1 : c2).to_d.num = 77;
+        } catch (NullPointerException e) {
+            checkMessage(e, "(Math.random() < 0.5 ? c1 : c2).to_d.num = 77;", e.getMessage(),
+                         "Cannot assign field \"num\" because \"to_d\" is null");
+        }
+
+        // Static variable as array index.
+        try {
+            staticLongArray[index17][0] = 2L;
+        }  catch (NullPointerException e) {
+            checkMessage(e, "staticLongArray[index17][0] = 2L;",  e.getMessage(),
+                         "Cannot store to long array because " +
+                         "\"NullPointerExceptionTest.staticLongArray[NullPointerExceptionTest.index17]\" is null");
+        }
+
+        // Method call as array index.
+        try {
+            staticLongArray[getIndex17()][0] = 2L;
+        }  catch (NullPointerException e) {
+            checkMessage(e, "staticLongArray[getIndex17()][0] = 2L;",  e.getMessage(),
+                         "Cannot store to long array because " +
+                         "\"NullPointerExceptionTest.staticLongArray[NullPointerExceptionTest.getIndex17()]\" is null");
+        }
+
+        // Unboxing.
+        Integer a = null;
+        try {
+            int b = a;
+        }  catch (NullPointerException e) {
+            checkMessage(e, "Integer a = null; int b = a;",  e.getMessage(),
+                         "Cannot invoke \"java.lang.Integer.intValue()\" because " +
+                         (hasDebugInfo ? "\"a\"" : "\"<local1>\"") + " is null");
+        }
+
+        // Unboxing by hand. Has the same message as above.
+        try {
+            int b = a.intValue();
+        }  catch (NullPointerException e) {
+            checkMessage(e, "Integer a = null; int b = a.intValue();",  e.getMessage(),
+                         "Cannot invoke \"java.lang.Integer.intValue()\" because " +
+                         (hasDebugInfo ? "\"a\"" : "\"<local1>\"") + " is null");
+        }
+    }
+
+    // Generates:
+    // class E implements E0 {
+    //     public int throwNPE(F f) {
+    //         return f.i;
+    //     }
+    //     public void throwNPE_reuseStackSlot1(String s1) {
+    //         System.out.println(s1.substring(1));
+    //         String s1_2 = null; // Reuses slot 1.
+    //         System.out.println(s1_2.substring(1));
+    //     }
+    //     public void throwNPE_reuseStackSlot4(String s1, String s2, String s3, String s4) {
+    //         System.out.println(s4.substring(1));
+    //         String s4_2 = null;  // Reuses slot 4.
+    //         System.out.println(s4_2.substring(1));
+    //     }
+    // }
+    //
+    // This code was adapted from output of
+    //   java jdk.internal.org.objectweb.asm.util.ASMifier E0.class
+    static byte[] generateTestClass() {
+        ClassWriter cw = new ClassWriter(0);
+        MethodVisitor mv;
+
+        cw.visit(50, ACC_SUPER, "E", null, "java/lang/Object", new String[] { "E0" });
+
+        {
+            mv = cw.visitMethod(0, "<init>", "()V", null, null);
+            mv.visitCode();
+            mv.visitVarInsn(ALOAD, 0);
+            mv.visitMethodInsn(INVOKESPECIAL, "java/lang/Object", "<init>", "()V", false);
+            mv.visitInsn(RETURN);
+            mv.visitMaxs(1, 1);
+            mv.visitEnd();
+        }
+
+        {
+            mv = cw.visitMethod(ACC_PUBLIC, "throwNPE", "(LF;)I", null, null);
+            mv.visitCode();
+            Label label0 = new Label();
+            mv.visitLabel(label0);
+            mv.visitLineNumber(118, label0);
+            mv.visitVarInsn(ALOAD, 1);
+            mv.visitFieldInsn(GETFIELD, "F", "i", "I");
+            mv.visitInsn(IRETURN);
+            Label label1 = new Label();
+            mv.visitLabel(label1);
+            mv.visitLocalVariable("this", "LE;", null, label0, label1, 0);
+            mv.visitLocalVariable("f", "LE;", null, label0, label1, 1);
+            mv.visitMaxs(1, 2);
+            mv.visitEnd();
+        }
+
+        {
+            mv = cw.visitMethod(ACC_PUBLIC, "throwNPE_reuseStackSlot1", "(Ljava/lang/String;)V", null, null);
+            mv.visitCode();
+            Label label0 = new Label();
+            mv.visitLabel(label0);
+            mv.visitLineNumber(7, label0);
+            mv.visitFieldInsn(GETSTATIC, "java/lang/System", "out", "Ljava/io/PrintStream;");
+            mv.visitVarInsn(ALOAD, 1);
+            mv.visitInsn(ICONST_1);
+            mv.visitMethodInsn(INVOKEVIRTUAL, "java/lang/String", "substring", "(I)Ljava/lang/String;", false);
+            mv.visitMethodInsn(INVOKEVIRTUAL, "java/io/PrintStream", "println", "(Ljava/lang/String;)V", false);
+            Label label1 = new Label();
+            mv.visitLabel(label1);
+            mv.visitLineNumber(8, label1);
+            mv.visitInsn(ACONST_NULL);
+            mv.visitVarInsn(ASTORE, 1);
+            Label label2 = new Label();
+            mv.visitLabel(label2);
+            mv.visitLineNumber(9, label2);
+            mv.visitFieldInsn(GETSTATIC, "java/lang/System", "out", "Ljava/io/PrintStream;");
+            mv.visitVarInsn(ALOAD, 1);
+            mv.visitInsn(ICONST_1);
+            mv.visitMethodInsn(INVOKEVIRTUAL, "java/lang/String", "substring", "(I)Ljava/lang/String;", false);
+            mv.visitMethodInsn(INVOKEVIRTUAL, "java/io/PrintStream", "println", "(Ljava/lang/String;)V", false);
+            Label label3 = new Label();
+            mv.visitLabel(label3);
+            mv.visitLineNumber(10, label3);
+            mv.visitInsn(RETURN);
+            mv.visitMaxs(3, 3);
+            mv.visitEnd();
+        }
+
+        {
+            mv = cw.visitMethod(ACC_PUBLIC, "throwNPE_reuseStackSlot4", "(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)V", null, null);
+            mv.visitCode();
+            Label label0 = new Label();
+            mv.visitLabel(label0);
+            mv.visitLineNumber(12, label0);
+            mv.visitFieldInsn(GETSTATIC, "java/lang/System", "out", "Ljava/io/PrintStream;");
+            mv.visitVarInsn(ALOAD, 4);
+            mv.visitInsn(ICONST_1);
+            mv.visitMethodInsn(INVOKEVIRTUAL, "java/lang/String", "substring", "(I)Ljava/lang/String;", false);
+            mv.visitMethodInsn(INVOKEVIRTUAL, "java/io/PrintStream", "println", "(Ljava/lang/String;)V", false);
+            Label label1 = new Label();
+            mv.visitLabel(label1);
+            mv.visitLineNumber(13, label1);
+            mv.visitInsn(ACONST_NULL);
+            mv.visitVarInsn(ASTORE, 4);
+            Label label2 = new Label();
+            mv.visitLabel(label2);
+            mv.visitLineNumber(14, label2);
+            mv.visitFieldInsn(GETSTATIC, "java/lang/System", "out", "Ljava/io/PrintStream;");
+            mv.visitVarInsn(ALOAD, 4);
+            mv.visitInsn(ICONST_1);
+            mv.visitMethodInsn(INVOKEVIRTUAL, "java/lang/String", "substring", "(I)Ljava/lang/String;", false);
+            mv.visitMethodInsn(INVOKEVIRTUAL, "java/io/PrintStream", "println", "(Ljava/lang/String;)V", false);
+            Label label3 = new Label();
+            mv.visitLabel(label3);
+            mv.visitLineNumber(15, label3);
+            mv.visitInsn(RETURN);
+            mv.visitMaxs(3, 6);
+            mv.visitEnd();
+        }
+
+        cw.visitEnd();
+
+        return cw.toByteArray();
+    }
+
+    // Assign to a parameter.
+    // Without debug information, this will print "parameter1" if a NPE
+    // is raised in the first line because null was passed to the method.
+    // It will print "local1" if a NPE is raised in line three.
+    public void assign_to_parameter(String s1) {
+        System.out.println(s1.substring(1));
+        s1 = null;
+        System.out.println(s1.substring(2));
+    }
+
+    // Tests that a class generated on the fly is handled properly.
+    public void testGeneratedCode() throws Exception {
+        byte[] classBytes = generateTestClass();
+        Lookup lookup = lookup();
+        Class<?> clazz = lookup.defineClass(classBytes);
+        E0 e = (E0) clazz.getDeclaredConstructor().newInstance();
+        try {
+            e.throwNPE(null);
+        } catch (NullPointerException ex) {
+            checkMessage(ex, "return f.i;",
+                         ex.getMessage(),
+                         "Cannot read field \"i\" because \"f\" is null");
+        }
+
+        // Optimized bytecode can reuse local variable slots for several
+        // local variables.
+        // If there is no variable name information, we print 'parameteri'
+        // if a parameter maps to a local slot. Once a local slot has been
+        // written, we don't know any more whether it was written as the
+        // corresponding parameter, or whether another local has been
+        // mapped to the slot. So we don't want to print 'parameteri' any
+        // more, but 'locali'. Similary for 'this'.
+
+        // Expect message saying "parameter0".
+        try {
+            e.throwNPE_reuseStackSlot1(null);
+        } catch (NullPointerException ex) {
+            checkMessage(ex, "s1.substring(1)",
+                         ex.getMessage(),
+                         "Cannot invoke \"String.substring(int)\" because \"<parameter1>\" is null");
+        }
+        // Expect message saying "local0".
+        try {
+            e.throwNPE_reuseStackSlot1("aa");
+        } catch (NullPointerException ex) {
+            checkMessage(ex, "s1_2.substring(1)",
+                         ex.getMessage(),
+                         "Cannot invoke \"String.substring(int)\" because \"<local1>\" is null");
+        }
+        // Expect message saying "parameter4".
+        try {
+            e.throwNPE_reuseStackSlot4("aa", "bb", "cc", null);
+        } catch (NullPointerException ex) {
+            checkMessage(ex, "s4.substring(1)",
+                         ex.getMessage(),
+                         "Cannot invoke \"String.substring(int)\" because \"<parameter4>\" is null");
+        }
+        // Expect message saying "local4".
+        try {
+            e.throwNPE_reuseStackSlot4("aa", "bb", "cc", "dd");
+        } catch (NullPointerException ex) {
+            checkMessage(ex, "s4_2.substring(1)",
+                         ex.getMessage(),
+                         "Cannot invoke \"String.substring(int)\" because \"<local4>\" is null");
+        }
+
+        // Unfortunately, with the fix for optimized code as described above
+        // we don't write 'parameteri' any more after the parameter variable
+        // has been assigned.
+
+        if (!hasDebugInfo) {
+            // Expect message saying "parameter1".
+            try {
+                assign_to_parameter(null);
+            } catch (NullPointerException ex) {
+                checkMessage(ex, "s1.substring(1)",
+                             ex.getMessage(),
+                             "Cannot invoke \"String.substring(int)\" because \"<parameter1>\" is null");
+            }
+            // The message says "local1" although "parameter1" would be correct.
+            try {
+                assign_to_parameter("aaa");
+            } catch (NullPointerException ex) {
+                checkMessage(ex, "s1.substring(2)",
+                             ex.getMessage(),
+                             "Cannot invoke \"String.substring(int)\" because \"<local1>\" is null");
+            }
+        }
+    }
+}
+
+// Helper interface for test cases needed for generateTestClass().
+interface E0 {
+    public int  throwNPE(F f);
+    public void throwNPE_reuseStackSlot1(String s1);
+    public void throwNPE_reuseStackSlot4(String s1, String s2, String s3, String s4);
+}
+
+// Helper class for test cases needed for generateTestClass().
+class F {
+    int i;
+}
+
+// For invokespecial test cases.
+class G {
+    public String m2(String x) {
+        return null;
+    }
+
+    // This generates the following class:
+    //
+    // class Sub2G extends G {
+    //   public String m2(String x) {
+    //       super = null;  // Possible in raw bytecode.
+    //       return super.m2(x).substring(2);  // Uses invokespecial.
+    //   }
+    // }
+    //
+    // This code was adapted from output of
+    //   java jdk.internal.org.objectweb.asm.util.ASMifier Sub2G.class
+    static byte[] generateSub2GTestClass() {
+        ClassWriter cw = new ClassWriter(0);
+        MethodVisitor mv;
+
+        cw.visit(50, ACC_SUPER, "Sub2G", null, "G", null);
+
+        {
+            mv = cw.visitMethod(0, "<init>", "()V", null, null);
+            mv.visitCode();
+            mv.visitVarInsn(ALOAD, 0);
+            mv.visitMethodInsn(INVOKESPECIAL, "G", "<init>", "()V", false);
+            mv.visitInsn(RETURN);
+            mv.visitMaxs(1, 1);
+            mv.visitEnd();
+        }
+        {
+            mv = cw.visitMethod(ACC_PUBLIC, "m2", "(Ljava/lang/String;)Ljava/lang/String;", null, null);
+            mv.visitCode();
+            mv.visitInsn(ACONST_NULL);   // Will cause NPE.
+            mv.visitVarInsn(ALOAD, 1);
+            mv.visitMethodInsn(INVOKESPECIAL, "G", "m2", "(Ljava/lang/String;)Ljava/lang/String;", false);
+            mv.visitInsn(ICONST_2);
+            mv.visitMethodInsn(INVOKEVIRTUAL, "java/lang/String", "substring", "(I)Ljava/lang/String;", false);
+            mv.visitInsn(ARETURN);
+            mv.visitMaxs(2, 2);
+            mv.visitEnd();
+        }
+
+        cw.visitEnd();
+
+        return cw.toByteArray();
+    }
+}
+class SubG extends G {
+    public String m2(String x) {
+        return super.m2(x).substring(2);
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/hotspot/jtreg/runtime/exceptionMsgs/NullPointerException/SuppressMessagesTest.java	Fri Oct 18 09:25:06 2019 -0700
@@ -0,0 +1,82 @@
+/*
+ * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2019 SAP SE. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/**
+ * @test
+ * @summary Test that the default of flag ShowCodeDetailsInExceptionMessages is 'false',
+ *          i.e., make sure the VM does not print the message on default.
+ * @bug 8218628
+ * @library /test/lib
+ * @compile -g SuppressMessagesTest.java
+ * @run main/othervm SuppressMessagesTest noMessage
+ */
+/**
+ * @test
+ * @summary Test that the messages are suppressed if flag ShowCodeDetailsInExceptionMessages is 'false'.
+ * @bug 8218628
+ * @library /test/lib
+ * @compile -g SuppressMessagesTest.java
+ * @run main/othervm -XX:-ShowCodeDetailsInExceptionMessages SuppressMessagesTest noMessage
+ */
+/**
+ * @test
+ * @summary Test that the messages are printed if flag ShowCodeDetailsInExceptionMessages is 'true'.
+ * @bug 8218628
+ * @library /test/lib
+ * @compile -g SuppressMessagesTest.java
+ * @run main/othervm -XX:+ShowCodeDetailsInExceptionMessages SuppressMessagesTest printMessage
+ */
+
+import jdk.test.lib.Asserts;
+
+class A {
+    int aFld;
+}
+
+// Tests that the messages are suppressed by flag ShowCodeDetailsInExceptionMessages.
+public class SuppressMessagesTest {
+
+    public static void main(String[] args) throws Exception {
+        A a = null;
+
+        if (args.length != 1) {
+            Asserts.fail("You must specify one arg for this test");
+        }
+
+        try {
+            @SuppressWarnings("null")
+            int val = a.aFld;
+            System.out.println(val);
+            Asserts.fail();
+        } catch (NullPointerException e) {
+            System.out.println("Stacktrace of the expected exception:");
+            e.printStackTrace(System.out);
+            if (args[0].equals("noMessage")) {
+                Asserts.assertNull(e.getMessage());
+            } else {
+                Asserts.assertEquals(e.getMessage(), "Cannot read field \"aFld\" because \"a\" is null");
+            }
+        }
+    }
+}
--- a/test/hotspot/jtreg/serviceability/logging/TestQuotedLogOutputs.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/test/hotspot/jtreg/serviceability/logging/TestQuotedLogOutputs.java	Fri Oct 18 09:25:06 2019 -0700
@@ -26,6 +26,7 @@
  * @summary Ensure proper parsing of quoted output names for -Xlog arguments.
  * @modules java.base/jdk.internal.misc
  * @library /test/lib
+ * @run main/othervm TestQuotedLogOutputs
  */
 
 import java.io.File;
--- a/test/jdk/com/sun/jdi/MonitorEventTest.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/test/jdk/com/sun/jdi/MonitorEventTest.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -31,15 +31,22 @@
  * @run compile -g MonitorEventTest.java
  * @run driver MonitorEventTest
  */
-import com.sun.jdi.*;
-import com.sun.jdi.event.*;
-import com.sun.jdi.request.*;
-
-import java.util.*;
+import com.sun.jdi.ReferenceType;
+import com.sun.jdi.ThreadReference;
+import com.sun.jdi.event.BreakpointEvent;
+import com.sun.jdi.event.MonitorContendedEnterEvent;
+import com.sun.jdi.event.MonitorContendedEnteredEvent;
+import com.sun.jdi.event.MonitorWaitEvent;
+import com.sun.jdi.event.MonitorWaitedEvent;
+import com.sun.jdi.request.EventRequest;
+import com.sun.jdi.request.MonitorContendedEnterRequest;
+import com.sun.jdi.request.MonitorContendedEnteredRequest;
+import com.sun.jdi.request.MonitorWaitRequest;
+import com.sun.jdi.request.MonitorWaitedRequest;
 
 /********** target program **********/
 
-class MonitorTestTarg {
+class MonitorEventTestTarg {
     public static Object endingMonitor;
     public static Object startingMonitor;
     public static final long timeout = 30 * 6000; // milliseconds
@@ -91,13 +98,13 @@
 
 class myThread extends Thread {
     public void run() {
-        synchronized(MonitorTestTarg.startingMonitor) {
-            MonitorTestTarg.startingMonitor.notify();
+        synchronized(MonitorEventTestTarg.startingMonitor) {
+            MonitorEventTestTarg.startingMonitor.notify();
         }
 
         // contended enter wait until main thread release monitor
-        MonitorTestTarg.aboutEnterLock = true;
-        synchronized (MonitorTestTarg.endingMonitor) {
+        MonitorEventTestTarg.aboutEnterLock = true;
+        synchronized (MonitorEventTestTarg.endingMonitor) {
         }
     }
 }
@@ -108,7 +115,6 @@
 public class MonitorEventTest extends TestScaffold {
     ReferenceType targetClass;
     ThreadReference mainThread;
-    List monitors;
     MonitorContendedEnterRequest contendedEnterRequest;
     MonitorWaitedRequest monitorWaitedRequest;
     MonitorContendedEnteredRequest contendedEnteredRequest;
@@ -160,11 +166,10 @@
          * Get to the top of main()
          * to determine targetClass and mainThread
          */
-        BreakpointEvent bpe = startToMain("MonitorTestTarg");
+        BreakpointEvent bpe = startToMain("MonitorEventTestTarg");
         targetClass = bpe.location().declaringType();
         mainThread = bpe.thread();
 
-        int initialSize = mainThread.frames().size();
         if (vm().canRequestMonitorEvents()) {
             contendedEnterRequest = eventRequestManager().createMonitorContendedEnterRequest();
             contendedEnterRequest.setSuspendPolicy(EventRequest.SUSPEND_NONE);
@@ -183,7 +188,7 @@
         }
 
 
-        resumeTo("MonitorTestTarg", "foo", "()V");
+        resumeTo("MonitorEventTestTarg", "foo", "()V");
 
         /*
          * resume until end
--- a/test/jdk/com/sun/jdi/MonitorFrameInfo.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/test/jdk/com/sun/jdi/MonitorFrameInfo.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -33,15 +33,17 @@
  * @run compile -g MonitorFrameInfo.java
  * @run driver MonitorFrameInfo
  */
-import com.sun.jdi.*;
-import com.sun.jdi.event.*;
-import com.sun.jdi.request.*;
+import java.util.List;
 
-import java.util.*;
+import com.sun.jdi.InvalidStackFrameException;
+import com.sun.jdi.MonitorInfo;
+import com.sun.jdi.ReferenceType;
+import com.sun.jdi.ThreadReference;
+import com.sun.jdi.event.BreakpointEvent;
 
     /********** target program **********/
 
-class MonitorTestTarg {
+class MonitorFrameInfoTarg {
     static void foo3() {
         System.out.println("executing foo3");
 
@@ -71,7 +73,7 @@
 public class MonitorFrameInfo extends TestScaffold {
     ReferenceType targetClass;
     ThreadReference mainThread;
-    List monitors;
+    List<MonitorInfo> monitors;
 
     static int expectedCount = 2;
     static int[] expectedDepth = { 1, 3 };
@@ -93,13 +95,13 @@
          * Get to the top of main()
          * to determine targetClass and mainThread
          */
-        BreakpointEvent bpe = startToMain("MonitorTestTarg");
+        BreakpointEvent bpe = startToMain("MonitorFrameInfoTarg");
         targetClass = bpe.location().declaringType();
         mainThread = bpe.thread();
 
         int initialSize = mainThread.frames().size();
 
-        resumeTo("MonitorTestTarg", "foo3", "()V");
+        resumeTo("MonitorFrameInfoTarg", "foo3", "()V");
 
         if (!mainThread.frame(0).location().method().name()
                         .equals("foo3")) {
--- a/test/jdk/com/sun/jdi/RedefineImplementor.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/test/jdk/com/sun/jdi/RedefineImplementor.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2006, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2006, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -44,14 +44,14 @@
     }
 
     public static void main(String[] args) {
-        Runnable r = new B();
-        B.func(r);
-        B.func(r);  // @1 breakpoint
+        Runnable r = new RedefineImplementorB();
+        RedefineImplementorB.func(r);
+        RedefineImplementorB.func(r);  // @1 breakpoint
     }
 
 }
 
-class B extends RedefineImplementorTarg {
+class RedefineImplementorB extends RedefineImplementorTarg {
     static void func(Runnable r) {
         r.run();
     }
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/jdk/java/awt/FontMetrics/SpaceAdvance.java	Fri Oct 18 09:25:06 2019 -0700
@@ -0,0 +1,49 @@
+/*
+ * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 8227662
+ */
+
+import java.awt.Font;
+import java.awt.FontMetrics ;
+import java.awt.Graphics2D;
+import java.awt.image.BufferedImage;
+
+public class SpaceAdvance {
+    public static void main(String[] args) throws Exception {
+
+        BufferedImage bi = new BufferedImage(1,1,1);
+        Graphics2D g2d = bi.createGraphics();
+        Font font = new Font(Font.DIALOG, Font.PLAIN, 12);
+        if (!font.canDisplay(' ')) {
+            return;
+        }
+        g2d.setFont(font);
+        FontMetrics fm = g2d.getFontMetrics();
+        if (fm.charWidth(' ') == 0) {
+            throw new RuntimeException("Space has char width of 0");
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/jdk/java/awt/image/DrawImage/IncorrectManagedImageSourceOffset.java	Fri Oct 18 09:25:06 2019 -0700
@@ -0,0 +1,188 @@
+/*
+ * Copyright (c) 2014, 2019, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.awt.AlphaComposite;
+import java.awt.Color;
+import java.awt.Graphics2D;
+import java.awt.GraphicsConfiguration;
+import java.awt.GraphicsEnvironment;
+import java.awt.Image;
+import java.awt.Transparency;
+import java.awt.color.ColorSpace;
+import java.awt.image.BufferedImage;
+import java.awt.image.ColorModel;
+import java.awt.image.ComponentColorModel;
+import java.awt.image.DataBuffer;
+import java.awt.image.Raster;
+import java.awt.image.VolatileImage;
+import java.awt.image.WritableRaster;
+import java.io.File;
+import java.io.IOException;
+
+import javax.imageio.ImageIO;
+
+import sun.awt.image.SunWritableRaster;
+
+import static java.awt.Transparency.BITMASK;
+import static java.awt.Transparency.OPAQUE;
+import static java.awt.Transparency.TRANSLUCENT;
+import static java.awt.image.BufferedImage.TYPE_3BYTE_BGR;
+import static java.awt.image.BufferedImage.TYPE_4BYTE_ABGR;
+import static java.awt.image.BufferedImage.TYPE_4BYTE_ABGR_PRE;
+import static java.awt.image.BufferedImage.TYPE_BYTE_BINARY;
+import static java.awt.image.BufferedImage.TYPE_BYTE_INDEXED;
+import static java.awt.image.BufferedImage.TYPE_CUSTOM;
+import static java.awt.image.BufferedImage.TYPE_INT_ARGB;
+import static java.awt.image.BufferedImage.TYPE_INT_ARGB_PRE;
+import static java.awt.image.BufferedImage.TYPE_INT_BGR;
+import static java.awt.image.BufferedImage.TYPE_INT_RGB;
+
+/**
+ * @test
+ * @key headful
+ * @bug 8029253 6207877
+ * @summary Tests asymmetric source offsets when managed image is drawn to VI.
+ *          Results of the blit to compatibleImage are used for comparison.
+ * @author Sergey Bylokhov
+ * @modules java.desktop/sun.awt.image
+ * @run main/othervm -Dsun.java2d.accthreshold=0 IncorrectManagedImageSourceOffset
+ * @run main/othervm -Dsun.java2d.accthreshold=0 -Dsun.java2d.uiScale=1 IncorrectManagedImageSourceOffset
+ * @run main/othervm -Dsun.java2d.accthreshold=0 -Dsun.java2d.uiScale=2 IncorrectManagedImageSourceOffset
+ */
+public final class IncorrectManagedImageSourceOffset {
+
+    // See the same test for unmanaged images: IncorrectUnmanagedImageSourceOffset
+
+    private static final int[] TYPES = {TYPE_INT_RGB, TYPE_INT_ARGB,
+                                        TYPE_INT_ARGB_PRE, TYPE_INT_BGR,
+                                        TYPE_3BYTE_BGR, TYPE_4BYTE_ABGR,
+                                        TYPE_4BYTE_ABGR_PRE,
+                                        /*TYPE_USHORT_565_RGB,
+                                        TYPE_USHORT_555_RGB, TYPE_BYTE_GRAY,
+                                        TYPE_USHORT_GRAY,*/ TYPE_BYTE_BINARY,
+                                        TYPE_BYTE_INDEXED, TYPE_CUSTOM};
+    private static final int[] TRANSPARENCIES = {OPAQUE, BITMASK, TRANSLUCENT};
+
+    public static void main(final String[] args) throws IOException {
+        for (final int viType : TRANSPARENCIES) {
+            for (final int biType : TYPES) {
+                BufferedImage bi = makeManagedBI(biType);
+                fill(bi);
+                test(bi, viType);
+            }
+        }
+    }
+
+    private static void test(BufferedImage bi, int type)
+            throws IOException {
+        GraphicsEnvironment ge = GraphicsEnvironment
+                .getLocalGraphicsEnvironment();
+        GraphicsConfiguration gc = ge.getDefaultScreenDevice()
+                                     .getDefaultConfiguration();
+        VolatileImage vi = gc.createCompatibleVolatileImage(511, 255, type);
+        BufferedImage gold = gc.createCompatibleImage(511, 255, type);
+        // draw to compatible Image
+        Graphics2D big = gold.createGraphics();
+        // force scaled blit
+        big.drawImage(bi, 7, 11, 127, 111, 7, 11, 127 * 2, 111, null);
+        big.dispose();
+        // draw to volatile image
+        BufferedImage snapshot;
+        while (true) {
+            vi.validate(gc);
+            if (vi.validate(gc) != VolatileImage.IMAGE_OK) {
+                try {
+                    Thread.sleep(100);
+                } catch (final InterruptedException ignored) {
+                }
+                continue;
+            }
+            Graphics2D vig = vi.createGraphics();
+            // force scaled blit
+            vig.drawImage(bi, 7, 11, 127, 111, 7, 11, 127 * 2, 111, null);
+            vig.dispose();
+            snapshot = vi.getSnapshot();
+            if (vi.contentsLost()) {
+                try {
+                    Thread.sleep(100);
+                } catch (final InterruptedException ignored) {
+                }
+                continue;
+            }
+            break;
+        }
+        // validate images
+        for (int x = 7; x < 127; ++x) {
+            for (int y = 11; y < 111; ++y) {
+                if (gold.getRGB(x, y) != snapshot.getRGB(x, y)) {
+                    ImageIO.write(gold, "png", new File("gold.png"));
+                    ImageIO.write(snapshot, "png", new File("bi.png"));
+                    throw new RuntimeException("Test failed.");
+                }
+            }
+        }
+    }
+
+    private static BufferedImage makeManagedBI(final int type) {
+        final BufferedImage bi;
+        if (type == TYPE_CUSTOM) {
+            bi = makeCustomManagedBI();
+        } else {
+            bi = new BufferedImage(511, 255, type);
+        }
+        bi.setAccelerationPriority(1.0f);
+        return bi;
+    }
+
+    /**
+     * Returns the custom buffered image, which mostly identical to
+     * BufferedImage.(w,h,TYPE_3BYTE_BGR), but uses the bigger scanlineStride.
+     * This means that the raster will have gaps, between the rows.
+     */
+    private static BufferedImage makeCustomManagedBI() {
+        int w = 511, h = 255;
+        ColorSpace cs = ColorSpace.getInstance(ColorSpace.CS_sRGB);
+        int[] nBits = {8, 8, 8};
+        int[] bOffs = {2, 1, 0};
+        ColorModel colorModel = new ComponentColorModel(cs, nBits, false, false,
+                                                        Transparency.OPAQUE,
+                                                        DataBuffer.TYPE_BYTE);
+        WritableRaster raster =
+                Raster.createInterleavedRaster(DataBuffer.TYPE_BYTE, w, h,
+                                               w * 3 + 2, 3, bOffs, null);
+        BufferedImage bi = new BufferedImage(colorModel, raster, true, null);
+        SunWritableRaster.makeTrackable(raster.getDataBuffer());
+        SunWritableRaster.markDirty(bi);
+        return bi;
+    }
+
+    private static void fill(final Image image) {
+        final Graphics2D graphics = (Graphics2D) image.getGraphics();
+        graphics.setComposite(AlphaComposite.Src);
+        for (int i = 0; i < image.getHeight(null); ++i) {
+            graphics.setColor(new Color(i, 0, 0));
+            graphics.fillRect(0, i, image.getWidth(null), 1);
+        }
+        graphics.dispose();
+    }
+}
--- a/test/jdk/java/awt/image/DrawImage/IncorrectUnmanagedImageSourceOffset.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/test/jdk/java/awt/image/DrawImage/IncorrectUnmanagedImageSourceOffset.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2014, 2016, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2014, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -27,30 +27,52 @@
 import java.awt.GraphicsConfiguration;
 import java.awt.GraphicsEnvironment;
 import java.awt.Image;
+import java.awt.Transparency;
+import java.awt.color.ColorSpace;
 import java.awt.image.BufferedImage;
+import java.awt.image.ColorModel;
+import java.awt.image.ComponentColorModel;
 import java.awt.image.DataBuffer;
 import java.awt.image.DataBufferByte;
 import java.awt.image.DataBufferInt;
 import java.awt.image.DataBufferShort;
+import java.awt.image.Raster;
 import java.awt.image.VolatileImage;
+import java.awt.image.WritableRaster;
 import java.io.File;
 import java.io.IOException;
 
 import javax.imageio.ImageIO;
 
-import static java.awt.Transparency.*;
-import static java.awt.image.BufferedImage.*;
+import static java.awt.Transparency.BITMASK;
+import static java.awt.Transparency.OPAQUE;
+import static java.awt.Transparency.TRANSLUCENT;
+import static java.awt.image.BufferedImage.TYPE_3BYTE_BGR;
+import static java.awt.image.BufferedImage.TYPE_4BYTE_ABGR;
+import static java.awt.image.BufferedImage.TYPE_4BYTE_ABGR_PRE;
+import static java.awt.image.BufferedImage.TYPE_BYTE_BINARY;
+import static java.awt.image.BufferedImage.TYPE_BYTE_INDEXED;
+import static java.awt.image.BufferedImage.TYPE_CUSTOM;
+import static java.awt.image.BufferedImage.TYPE_INT_ARGB;
+import static java.awt.image.BufferedImage.TYPE_INT_ARGB_PRE;
+import static java.awt.image.BufferedImage.TYPE_INT_BGR;
+import static java.awt.image.BufferedImage.TYPE_INT_RGB;
 
 /**
  * @test
  * @key headful
- * @bug 8029253
+ * @bug 8029253 6207877
  * @summary Tests asymmetric source offsets when unmanaged image is drawn to VI.
  *          Results of the blit to compatibleImage are used for comparison.
  * @author Sergey Bylokhov
+ * @run main/othervm IncorrectUnmanagedImageSourceOffset
+ * @run main/othervm -Dsun.java2d.uiScale=1 IncorrectUnmanagedImageSourceOffset
+ * @run main/othervm -Dsun.java2d.uiScale=2 IncorrectUnmanagedImageSourceOffset
  */
 public final class IncorrectUnmanagedImageSourceOffset {
 
+    // See the same test for managed images: IncorrectManagedImageSourceOffset
+
     private static final int[] TYPES = {TYPE_INT_RGB, TYPE_INT_ARGB,
                                         TYPE_INT_ARGB_PRE, TYPE_INT_BGR,
                                         TYPE_3BYTE_BGR, TYPE_4BYTE_ABGR,
@@ -58,7 +80,7 @@
                                         /*TYPE_USHORT_565_RGB,
                                         TYPE_USHORT_555_RGB, TYPE_BYTE_GRAY,
                                         TYPE_USHORT_GRAY,*/ TYPE_BYTE_BINARY,
-                                        TYPE_BYTE_INDEXED};
+                                        TYPE_BYTE_INDEXED, TYPE_CUSTOM};
     private static final int[] TRANSPARENCIES = {OPAQUE, BITMASK, TRANSLUCENT};
 
     public static void main(final String[] args) throws IOException {
@@ -122,7 +144,12 @@
     }
 
     private static BufferedImage makeUnmanagedBI(final int type) {
-        final BufferedImage bi = new BufferedImage(511, 255, type);
+        final BufferedImage bi;
+        if (type == TYPE_CUSTOM) {
+            bi = makeCustomUnmanagedBI();
+        } else {
+            bi = new BufferedImage(511, 255, type);
+        }
         final DataBuffer db = bi.getRaster().getDataBuffer();
         if (db instanceof DataBufferInt) {
             ((DataBufferInt) db).getData();
@@ -130,15 +157,30 @@
             ((DataBufferShort) db).getData();
         } else if (db instanceof DataBufferByte) {
             ((DataBufferByte) db).getData();
-        } else {
-            try {
-                bi.setAccelerationPriority(0.0f);
-            } catch (final Throwable ignored) {
-            }
         }
+        bi.setAccelerationPriority(0.0f);
         return bi;
     }
 
+    /**
+     * Returns the custom buffered image, which mostly identical to
+     * BufferedImage.(w,h,TYPE_3BYTE_BGR), but uses the bigger scanlineStride.
+     * This means that the raster will have gaps, between the rows.
+     */
+    private static BufferedImage makeCustomUnmanagedBI() {
+        int w = 511, h = 255;
+        ColorSpace cs = ColorSpace.getInstance(ColorSpace.CS_sRGB);
+        int[] nBits = {8, 8, 8};
+        int[] bOffs = {2, 1, 0};
+        ColorModel colorModel = new ComponentColorModel(cs, nBits, false, false,
+                                                        Transparency.OPAQUE,
+                                                        DataBuffer.TYPE_BYTE);
+        WritableRaster raster =
+                Raster.createInterleavedRaster(DataBuffer.TYPE_BYTE, w, h,
+                                               w * 3 + 2, 3, bOffs, null);
+        return new BufferedImage(colorModel, raster, true, null);
+    }
+
     private static void fill(final Image image) {
         final Graphics2D graphics = (Graphics2D) image.getGraphics();
         graphics.setComposite(AlphaComposite.Src);
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/jdk/java/awt/image/DrawImage/SimpleManagedImage.java	Fri Oct 18 09:25:06 2019 -0700
@@ -0,0 +1,196 @@
+/*
+ * Copyright (c) 2014, 2019, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.awt.AlphaComposite;
+import java.awt.Color;
+import java.awt.Graphics2D;
+import java.awt.GraphicsConfiguration;
+import java.awt.GraphicsEnvironment;
+import java.awt.Image;
+import java.awt.Transparency;
+import java.awt.color.ColorSpace;
+import java.awt.image.BufferedImage;
+import java.awt.image.ColorModel;
+import java.awt.image.ComponentColorModel;
+import java.awt.image.DataBuffer;
+import java.awt.image.Raster;
+import java.awt.image.VolatileImage;
+import java.awt.image.WritableRaster;
+import java.io.File;
+import java.io.IOException;
+
+import javax.imageio.ImageIO;
+
+import sun.awt.image.SunWritableRaster;
+
+import static java.awt.Transparency.BITMASK;
+import static java.awt.Transparency.OPAQUE;
+import static java.awt.Transparency.TRANSLUCENT;
+import static java.awt.image.BufferedImage.TYPE_3BYTE_BGR;
+import static java.awt.image.BufferedImage.TYPE_4BYTE_ABGR;
+import static java.awt.image.BufferedImage.TYPE_4BYTE_ABGR_PRE;
+import static java.awt.image.BufferedImage.TYPE_BYTE_BINARY;
+import static java.awt.image.BufferedImage.TYPE_BYTE_INDEXED;
+import static java.awt.image.BufferedImage.TYPE_CUSTOM;
+import static java.awt.image.BufferedImage.TYPE_INT_ARGB;
+import static java.awt.image.BufferedImage.TYPE_INT_ARGB_PRE;
+import static java.awt.image.BufferedImage.TYPE_INT_BGR;
+import static java.awt.image.BufferedImage.TYPE_INT_RGB;
+
+/**
+ * @test
+ * @key headful
+ * @bug 8029253 6207877
+ * @summary Tests the case when managed image is drawn to VI.
+ *          Results of the blit to compatibleImage are used for comparison.
+ * @author Sergey Bylokhov
+ * @modules java.desktop/sun.awt.image
+ * @run main/othervm -Dsun.java2d.accthreshold=0 SimpleManagedImage
+ * @run main/othervm -Dsun.java2d.accthreshold=0 -Dsun.java2d.uiScale=1 SimpleManagedImage
+ * @run main/othervm -Dsun.java2d.accthreshold=0 -Dsun.java2d.uiScale=2 SimpleManagedImage
+ */
+public final class SimpleManagedImage {
+
+    // See the same test for unmanaged images: SimpleUnmanagedImage
+
+    private static final int[] TYPES = {TYPE_INT_RGB, TYPE_INT_ARGB,
+                                        TYPE_INT_ARGB_PRE, TYPE_INT_BGR,
+                                        TYPE_3BYTE_BGR, TYPE_4BYTE_ABGR,
+                                        TYPE_4BYTE_ABGR_PRE,
+                                        /*TYPE_USHORT_565_RGB,
+                                        TYPE_USHORT_555_RGB, TYPE_BYTE_GRAY,
+                                        TYPE_USHORT_GRAY,*/ TYPE_BYTE_BINARY,
+                                        TYPE_BYTE_INDEXED, TYPE_CUSTOM};
+    private static final int[] TRANSPARENCIES = {OPAQUE, BITMASK, TRANSLUCENT};
+
+    public static void main(final String[] args) throws IOException {
+        for (final int viType : TRANSPARENCIES) {
+            for (final int biType : TYPES) {
+                BufferedImage bi = makeManagedBI(biType);
+                fill(bi);
+                test(bi, viType);
+            }
+        }
+    }
+
+    private static void test(BufferedImage bi, int type)
+            throws IOException {
+        GraphicsEnvironment ge = GraphicsEnvironment
+                .getLocalGraphicsEnvironment();
+        GraphicsConfiguration gc = ge.getDefaultScreenDevice()
+                                     .getDefaultConfiguration();
+        VolatileImage vi = gc.createCompatibleVolatileImage(1000, 1000, type);
+        BufferedImage gold = gc.createCompatibleImage(1000, 1000, type);
+        // draw to compatible Image
+        init(gold);
+        Graphics2D big = gold.createGraphics();
+        big.drawImage(bi, 7, 11, null);
+        big.dispose();
+        // draw to volatile image
+        BufferedImage snapshot;
+        while (true) {
+            vi.validate(gc);
+            if (vi.validate(gc) != VolatileImage.IMAGE_OK) {
+                try {
+                    Thread.sleep(100);
+                } catch (final InterruptedException ignored) {
+                }
+                continue;
+            }
+            init(vi);
+            Graphics2D vig = vi.createGraphics();
+            vig.drawImage(bi, 7, 11, null);
+            vig.dispose();
+            snapshot = vi.getSnapshot();
+            if (vi.contentsLost()) {
+                try {
+                    Thread.sleep(100);
+                } catch (final InterruptedException ignored) {
+                }
+                continue;
+            }
+            break;
+        }
+        // validate images
+        for (int x = 0; x < 1000; ++x) {
+            for (int y = 0; y < 1000; ++y) {
+                if (gold.getRGB(x, y) != snapshot.getRGB(x, y)) {
+                    ImageIO.write(gold, "png", new File("gold.png"));
+                    ImageIO.write(snapshot, "png", new File("bi.png"));
+                    throw new RuntimeException("Test failed.");
+                }
+            }
+        }
+    }
+
+    private static BufferedImage makeManagedBI(final int type) {
+        final BufferedImage bi;
+        if (type == TYPE_CUSTOM) {
+            bi = makeCustomManagedBI();
+        } else {
+            bi = new BufferedImage(511, 255, type);
+        }
+        bi.setAccelerationPriority(1.0f);
+        return bi;
+    }
+
+    /**
+     * Returns the custom buffered image, which mostly identical to
+     * BufferedImage.(w,h,TYPE_3BYTE_BGR), but uses the bigger scanlineStride.
+     * This means that the raster will have gaps, between the rows.
+     */
+    private static BufferedImage makeCustomManagedBI() {
+        int w = 511, h = 255;
+        ColorSpace cs = ColorSpace.getInstance(ColorSpace.CS_sRGB);
+        int[] nBits = {8, 8, 8};
+        int[] bOffs = {2, 1, 0};
+        ColorModel colorModel = new ComponentColorModel(cs, nBits, false, false,
+                                                        Transparency.OPAQUE,
+                                                        DataBuffer.TYPE_BYTE);
+        WritableRaster raster =
+                Raster.createInterleavedRaster(DataBuffer.TYPE_BYTE, w, h,
+                                               w * 3 + 2, 3, bOffs, null);
+        BufferedImage bi = new BufferedImage(colorModel, raster, true, null);
+        SunWritableRaster.makeTrackable(raster.getDataBuffer());
+        SunWritableRaster.markDirty(bi);
+        return bi;
+    }
+
+    private static void init(final Image image) {
+        final Graphics2D graphics = (Graphics2D) image.getGraphics();
+        graphics.setComposite(AlphaComposite.Src);
+        graphics.setColor(new Color(0, 0, 0, 0));
+        graphics.fillRect(0, 0, image.getWidth(null), image.getHeight(null));
+        graphics.dispose();
+    }
+
+    private static void fill(final Image image) {
+        final Graphics2D graphics = (Graphics2D) image.getGraphics();
+        graphics.setComposite(AlphaComposite.Src);
+        for (int i = 0; i < image.getHeight(null); ++i) {
+            graphics.setColor(new Color(i, 0, 0));
+            graphics.fillRect(0, i, image.getWidth(null), 1);
+        }
+        graphics.dispose();
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/jdk/java/awt/image/DrawImage/SimpleUnmanagedImage.java	Fri Oct 18 09:25:06 2019 -0700
@@ -0,0 +1,201 @@
+/*
+ * Copyright (c) 2014, 2019, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.awt.AlphaComposite;
+import java.awt.Color;
+import java.awt.Graphics2D;
+import java.awt.GraphicsConfiguration;
+import java.awt.GraphicsEnvironment;
+import java.awt.Image;
+import java.awt.Transparency;
+import java.awt.color.ColorSpace;
+import java.awt.image.BufferedImage;
+import java.awt.image.ColorModel;
+import java.awt.image.ComponentColorModel;
+import java.awt.image.DataBuffer;
+import java.awt.image.DataBufferByte;
+import java.awt.image.DataBufferInt;
+import java.awt.image.DataBufferShort;
+import java.awt.image.Raster;
+import java.awt.image.VolatileImage;
+import java.awt.image.WritableRaster;
+import java.io.File;
+import java.io.IOException;
+
+import javax.imageio.ImageIO;
+
+import static java.awt.Transparency.BITMASK;
+import static java.awt.Transparency.OPAQUE;
+import static java.awt.Transparency.TRANSLUCENT;
+import static java.awt.image.BufferedImage.TYPE_3BYTE_BGR;
+import static java.awt.image.BufferedImage.TYPE_4BYTE_ABGR;
+import static java.awt.image.BufferedImage.TYPE_4BYTE_ABGR_PRE;
+import static java.awt.image.BufferedImage.TYPE_BYTE_BINARY;
+import static java.awt.image.BufferedImage.TYPE_BYTE_INDEXED;
+import static java.awt.image.BufferedImage.TYPE_CUSTOM;
+import static java.awt.image.BufferedImage.TYPE_INT_ARGB;
+import static java.awt.image.BufferedImage.TYPE_INT_ARGB_PRE;
+import static java.awt.image.BufferedImage.TYPE_INT_BGR;
+import static java.awt.image.BufferedImage.TYPE_INT_RGB;
+
+/**
+ * @test
+ * @key headful
+ * @bug 8029253 6207877
+ * @summary Tests the case when unmanaged image is drawn to VI.
+ *          Results of the blit to compatibleImage are used for comparison.
+ * @author Sergey Bylokhov
+ * @run main/othervm SimpleUnmanagedImage
+ * @run main/othervm -Dsun.java2d.uiScale=1 SimpleUnmanagedImage
+ * @run main/othervm -Dsun.java2d.uiScale=2 SimpleUnmanagedImage
+ */
+public final class SimpleUnmanagedImage {
+
+    // See the same test for managed images: SimpleManagedImage
+
+    private static final int[] TYPES = {TYPE_INT_RGB, TYPE_INT_ARGB,
+                                        TYPE_INT_ARGB_PRE, TYPE_INT_BGR,
+                                        TYPE_3BYTE_BGR, TYPE_4BYTE_ABGR,
+                                        TYPE_4BYTE_ABGR_PRE,
+                                        /*TYPE_USHORT_565_RGB,
+                                        TYPE_USHORT_555_RGB, TYPE_BYTE_GRAY,
+                                        TYPE_USHORT_GRAY,*/ TYPE_BYTE_BINARY,
+                                        TYPE_BYTE_INDEXED, TYPE_CUSTOM};
+    private static final int[] TRANSPARENCIES = {OPAQUE, BITMASK, TRANSLUCENT};
+
+    public static void main(final String[] args) throws IOException {
+        for (final int viType : TRANSPARENCIES) {
+            for (final int biType : TYPES) {
+                BufferedImage bi = makeUnmanagedBI(biType);
+                fill(bi);
+                test(bi, viType);
+            }
+        }
+    }
+
+    private static void test(BufferedImage bi, int type)
+            throws IOException {
+        GraphicsEnvironment ge = GraphicsEnvironment
+                .getLocalGraphicsEnvironment();
+        GraphicsConfiguration gc = ge.getDefaultScreenDevice()
+                                     .getDefaultConfiguration();
+        VolatileImage vi = gc.createCompatibleVolatileImage(1000, 1000, type);
+        BufferedImage gold = gc.createCompatibleImage(1000, 1000, type);
+        // draw to compatible Image
+        init(gold);
+        Graphics2D big = gold.createGraphics();
+        big.drawImage(bi, 7, 11, null);
+        big.dispose();
+        // draw to volatile image
+        BufferedImage snapshot;
+        while (true) {
+            vi.validate(gc);
+            if (vi.validate(gc) != VolatileImage.IMAGE_OK) {
+                try {
+                    Thread.sleep(100);
+                } catch (final InterruptedException ignored) {
+                }
+                continue;
+            }
+            init(vi);
+            Graphics2D vig = vi.createGraphics();
+            vig.drawImage(bi, 7, 11, null);
+            vig.dispose();
+            snapshot = vi.getSnapshot();
+            if (vi.contentsLost()) {
+                try {
+                    Thread.sleep(100);
+                } catch (final InterruptedException ignored) {
+                }
+                continue;
+            }
+            break;
+        }
+        // validate images
+        for (int x = 0; x < 1000; ++x) {
+            for (int y = 0; y < 1000; ++y) {
+                if (gold.getRGB(x, y) != snapshot.getRGB(x, y)) {
+                    ImageIO.write(gold, "png", new File("gold.png"));
+                    ImageIO.write(snapshot, "png", new File("bi.png"));
+                    throw new RuntimeException("Test failed.");
+                }
+            }
+        }
+    }
+
+    private static BufferedImage makeUnmanagedBI(final int type) {
+        final BufferedImage bi;
+        if (type == TYPE_CUSTOM) {
+            bi = makeCustomUnmanagedBI();
+        } else {
+            bi = new BufferedImage(511, 255, type);
+        }
+        final DataBuffer db = bi.getRaster().getDataBuffer();
+        if (db instanceof DataBufferInt) {
+            ((DataBufferInt) db).getData();
+        } else if (db instanceof DataBufferShort) {
+            ((DataBufferShort) db).getData();
+        } else if (db instanceof DataBufferByte) {
+            ((DataBufferByte) db).getData();
+        }
+        bi.setAccelerationPriority(0.0f);
+        return bi;
+    }
+
+    /**
+     * Returns the custom buffered image, which mostly identical to
+     * BufferedImage.(w,h,TYPE_3BYTE_BGR), but uses the bigger scanlineStride.
+     * This means that the raster will have gaps, between the rows.
+     */
+    private static BufferedImage makeCustomUnmanagedBI() {
+        int w = 511, h = 255;
+        ColorSpace cs = ColorSpace.getInstance(ColorSpace.CS_sRGB);
+        int[] nBits = {8, 8, 8};
+        int[] bOffs = {2, 1, 0};
+        ColorModel colorModel = new ComponentColorModel(cs, nBits, false, false,
+                                                        Transparency.OPAQUE,
+                                                        DataBuffer.TYPE_BYTE);
+        WritableRaster raster =
+                Raster.createInterleavedRaster(DataBuffer.TYPE_BYTE, w, h,
+                                               w * 3 + 2, 3, bOffs, null);
+        return new BufferedImage(colorModel, raster, true, null);
+    }
+
+    private static void init(final Image image) {
+        final Graphics2D graphics = (Graphics2D) image.getGraphics();
+        graphics.setComposite(AlphaComposite.Src);
+        graphics.setColor(new Color(0, 0, 0, 0));
+        graphics.fillRect(0, 0, image.getWidth(null), image.getHeight(null));
+        graphics.dispose();
+    }
+
+    private static void fill(final Image image) {
+        final Graphics2D graphics = (Graphics2D) image.getGraphics();
+        graphics.setComposite(AlphaComposite.Src);
+        for (int i = 0; i < image.getHeight(null); ++i) {
+            graphics.setColor(new Color(i, 0, 0));
+            graphics.fillRect(0, i, image.getWidth(null), 1);
+        }
+        graphics.dispose();
+    }
+}
--- a/test/jdk/java/io/FilePermission/SpecTests.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/test/jdk/java/io/FilePermission/SpecTests.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -22,11 +22,10 @@
  */
 
 /**
- *
  * @test
- * @bug 4955804
- * @summary Tests for FilePermission constructor spec for null
- *      and empty String parameters
+ * @bug 4955804 8230407
+ * @summary Tests for FilePermission constructor spec for null,
+ *      empty and misformated String parameters
  */
 
 import java.io.*;
@@ -37,10 +36,11 @@
         String ILE = "java.lang.IllegalArgumentException";
         String NPE = "java.lang.NullPointerException";
 
-        String names[] =   {"", null, "foo", "foo", "foo", "foo"};
+        String names[] =   {"", null, "foo", "foo", "foo", "foo", "foo"};
         String actions[] = {"read", "read", "", null, "junk",
-                         "read,write,execute,delete,rename"};
-        String exps[] = { null, NPE, ILE, ILE, ILE, ILE };
+                            "read,write,execute,delete,rename",
+                            ",read"};
+        String exps[] = { null, NPE, ILE, ILE, ILE, ILE, ILE };
 
         FilePermission permit;
         for (int i = 0; i < names.length; i++) {
@@ -54,15 +54,19 @@
                                         " for name:" + names[i] +
                                         " actions:" + actions[i]);
                 } else {
-                   System.out.println(names[i] + ", [" + actions[i] + "] " +
-                         "resulted in " + exps[i] + " as Expected");
+                    System.out.println(names[i] + ", [" + actions[i] + "] " +
+                            "resulted in " + exps[i] + " as Expected");
+                    continue;
                 }
-           }
-           if (exps[i] == null) {
+            }
+            if (exps[i] == null) {
                 System.out.println(names[i] + ", [" + actions[i] + "] " +
-                         "resulted in No Exception as Expected");
+                        "resulted in No Exception as Expected");
+            } else {
+                throw new Exception("Expecting: " + exps[i] +
+                                    " for name:" + names[i] +
+                                    " actions:" + actions[i]);
             }
         }
-
     }
 }
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/jdk/java/lang/ThreadLocal/ReplaceStaleEntry.java	Fri Oct 18 09:25:06 2019 -0700
@@ -0,0 +1,83 @@
+/*
+ * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 8209824
+ * @summary per latest JDK code coverage report, 2 methods replaceStaleEntry
+ *          and prevIndex in ThreadLocal.ThreadLocalMap are not touched
+ *          by any JDK regression tests, this is to trigger the code paths.
+ * @modules java.base/java.lang:+open
+ * @run testng ReplaceStaleEntry
+ */
+
+import java.lang.reflect.Field;
+import java.util.HashMap;
+import java.util.Map;
+
+import static org.testng.Assert.assertEquals;
+import org.testng.annotations.BeforeClass;
+import org.testng.annotations.Test;
+
+public class ReplaceStaleEntry {
+
+    public static int INITIAL_CAPACITY;
+
+    @BeforeClass
+    public static void setup() throws Exception {
+        Class<?> clazz = Class.forName("java.lang.ThreadLocal$ThreadLocalMap");
+        Field f = clazz.getDeclaredField("INITIAL_CAPACITY");
+        f.setAccessible(true);
+        INITIAL_CAPACITY = f.getInt(null);
+        System.out.println("INITIAL_CAPACITY: " + INITIAL_CAPACITY);
+    }
+
+    /**
+     * This test triggers the code path to replaceStaleEntry, so as prevIndex is
+     * triggered too as it's called by replaceStaleEntry.
+     * The code paths must be triggered by reusing an already used entry in the
+     * map's entry table. The code below
+     *  1. first occupies the entries
+     *  2. then expunges the entries by removing strong references to thread locals
+     *  3. then reuse some of entries by adding more thread locals to the thread
+     * and, the above steps are run for several times by adding more and more
+     * thread locals, also trigger rehash of the map.
+     */
+    @Test
+    public static void test() {
+        Map<Integer, ThreadLocal> locals = new HashMap<>();
+        for (int j = 1; j < 32; j *= 2) {
+            int loop = INITIAL_CAPACITY * j;
+            for (int i = 0; i < loop; i++) {
+                ThreadLocal l = new ThreadLocal<Integer>();
+                l.set(i);
+                locals.put(i, l);
+            }
+            locals.keySet().stream().forEach(i -> {
+                assertEquals((int)locals.get(i).get(), (int)i, "Unexpected thread local value!");
+            });
+            locals.clear();
+            System.gc();
+        }
+    }
+}
--- a/test/jdk/java/net/SocketPermission/Ctor.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/test/jdk/java/net/SocketPermission/Ctor.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2001, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2001, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,19 +23,64 @@
 
 /*
  * @test
- * @bug 4391898
+ * @bug 4391898 8230407
  * @summary SocketPermission(":",...) throws ArrayIndexOutOfBoundsException
+ *          SocketPermission constructor argument checks
+ * @run testng Ctor
  */
 
-import java.net.*;
+import java.net.SocketPermission;
+import org.testng.annotations.Test;
+import static java.lang.System.out;
+import static org.testng.Assert.*;
 
 public class Ctor {
-    public static void main(String[] args) {
-        try {
-            SocketPermission sp = new java.net.SocketPermission(":", "connect");
-        } catch (java.lang.ArrayIndexOutOfBoundsException e) {
-            throw new RuntimeException(e);
-        }
-        System.out.println("Test passed!!!");
+
+    static final Class<NullPointerException> NPE = NullPointerException.class;
+    static final Class<IllegalArgumentException> IAE = IllegalArgumentException.class;
+
+    @Test
+    public void positive() {
+        // ArrayIndexOutOfBoundsException is the bug, 4391898, exists
+        SocketPermission sp1 =  new SocketPermission(":", "connect");
+    }
+
+    @Test
+    public void npe() {
+        NullPointerException e;
+        e = expectThrows(NPE, () -> new SocketPermission(null, null));
+        out.println("caught expected NPE: " + e);
+        e = expectThrows(NPE, () -> new SocketPermission("foo", null));
+        out.println("caught expected NPE: " + e);
+        e = expectThrows(NPE, () -> new SocketPermission(null, "connect"));
+        out.println("caught expected NPE: " + e);
+    }
+
+    @Test
+    public void iae() {
+        IllegalArgumentException e;
+        // host
+        e = expectThrows(IAE, () -> new SocketPermission("1:2:3:4", "connect"));
+        out.println("caught expected IAE: " + e);
+        e = expectThrows(IAE, () -> new SocketPermission("foo:5-4", "connect"));
+        out.println("caught expected IAE: " + e);
+
+        // actions
+        e = expectThrows(IAE, () -> new SocketPermission("foo", ""));
+        out.println("caught expected IAE: " + e);
+        e = expectThrows(IAE, () -> new SocketPermission("foo", "badAction"));
+        out.println("caught expected IAE: " + e);
+        e = expectThrows(IAE, () -> new SocketPermission("foo", "badAction,connect"));
+        out.println("caught expected IAE: " + e);
+        e = expectThrows(IAE, () -> new SocketPermission("foo", "badAction,,connect"));
+        out.println("caught expected IAE: " + e);
+        e = expectThrows(IAE, () -> new SocketPermission("foo", ",connect"));
+        out.println("caught expected IAE: " + e);
+        e = expectThrows(IAE, () -> new SocketPermission("foo", ",,connect"));
+        out.println("caught expected IAE: " + e);
+        e = expectThrows(IAE, () -> new SocketPermission("foo", "connect,"));
+        out.println("caught expected IAE: " + e);
+        e = expectThrows(IAE, () -> new SocketPermission("foo", "connect,,"));
+        out.println("caught expected IAE: " + e);
     }
 }
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/jdk/java/net/httpclient/HttpSlowServerTest.java	Fri Oct 18 09:25:06 2019 -0700
@@ -0,0 +1,313 @@
+/*
+ * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+import com.sun.net.httpserver.HttpServer;
+import com.sun.net.httpserver.HttpsConfigurator;
+import com.sun.net.httpserver.HttpsServer;
+import jdk.test.lib.net.SimpleSSLContext;
+
+import javax.net.ssl.SSLContext;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.net.InetAddress;
+import java.net.InetSocketAddress;
+import java.net.Proxy;
+import java.net.ProxySelector;
+import java.net.SocketAddress;
+import java.net.URI;
+import java.net.http.HttpClient;
+import java.net.http.HttpRequest;
+import java.net.http.HttpResponse;
+import java.nio.charset.StandardCharsets;
+import java.time.Duration;
+import java.util.List;
+import java.util.Set;
+import java.util.concurrent.CompletableFuture;
+import java.util.concurrent.CopyOnWriteArrayList;
+import java.util.concurrent.CopyOnWriteArraySet;
+import java.util.concurrent.ExecutorService;
+import java.util.concurrent.LinkedBlockingQueue;
+import java.util.concurrent.ThreadPoolExecutor;
+import java.util.concurrent.TimeUnit;
+import java.util.concurrent.atomic.AtomicLong;
+
+/**
+ * @test
+ * @summary This test verifies that the HttpClient works correctly when connected to a
+ *          slow server.
+ * @library /test/lib http2/server
+ * @build jdk.test.lib.net.SimpleSSLContext HttpServerAdapters DigestEchoServer HttpSlowServerTest
+ * @modules java.net.http/jdk.internal.net.http.common
+ *          java.net.http/jdk.internal.net.http.frame
+ *          java.net.http/jdk.internal.net.http.hpack
+ *          java.logging
+ *          java.base/sun.net.www.http
+ *          java.base/sun.net.www
+ *          java.base/sun.net
+ * @run main/othervm -Dtest.requiresHost=true
+ *                   -Djdk.httpclient.HttpClient.log=headers
+ *                   -Djdk.internal.httpclient.debug=false
+ *                   HttpSlowServerTest
+ *
+ */
+public class HttpSlowServerTest implements HttpServerAdapters {
+    static final List<String> data = List.of(
+            "Lorem ipsum",
+            "dolor sit amet",
+            "consectetur adipiscing elit, sed do eiusmod tempor",
+            "quis nostrud exercitation ullamco",
+            "laboris nisi",
+            "ut",
+            "aliquip ex ea commodo consequat.",
+            "Duis aute irure dolor in reprehenderit in voluptate velit esse",
+            "cillum dolore eu fugiat nulla pariatur.",
+            "Excepteur sint occaecat cupidatat non proident."
+    );
+
+    static final SSLContext context;
+    static {
+        try {
+            context = new SimpleSSLContext().get();
+            SSLContext.setDefault(context);
+        } catch (Exception x) {
+            throw new ExceptionInInitializerError(x);
+        }
+    }
+
+    final AtomicLong requestCounter = new AtomicLong();
+    final AtomicLong responseCounter = new AtomicLong();
+    HttpTestServer http1Server;
+    HttpTestServer http2Server;
+    HttpTestServer https1Server;
+    HttpTestServer https2Server;
+    DigestEchoServer.TunnelingProxy proxy;
+
+    URI http1URI;
+    URI https1URI;
+    URI http2URI;
+    URI https2URI;
+    InetSocketAddress proxyAddress;
+    ProxySelector proxySelector;
+    HttpClient client;
+    List<CompletableFuture<?>>  futures = new CopyOnWriteArrayList<>();
+    Set<URI> pending = new CopyOnWriteArraySet<>();
+
+    final ExecutorService executor = new ThreadPoolExecutor(12, 60, 10,
+            TimeUnit.SECONDS, new LinkedBlockingQueue<>()); // Shared by HTTP/1.1 servers
+    final ExecutorService clientexec = new ThreadPoolExecutor(6, 12, 1,
+            TimeUnit.SECONDS, new LinkedBlockingQueue<>()); // Used by the client
+
+    public HttpClient newHttpClient(ProxySelector ps) {
+        HttpClient.Builder builder = HttpClient
+                .newBuilder()
+                .sslContext(context)
+                .executor(clientexec)
+                .proxy(ps);
+        return builder.build();
+    }
+
+    public void setUp() throws Exception {
+        try {
+            InetSocketAddress sa = new InetSocketAddress(InetAddress.getLoopbackAddress(), 0);
+
+            // HTTP/1.1
+            HttpServer server1 = HttpServer.create(sa, 0);
+            server1.setExecutor(executor);
+            http1Server = HttpTestServer.of(server1);
+            http1Server.addHandler(new HttpTestSlowHandler(), "/HttpSlowServerTest/http1/");
+            http1Server.start();
+            http1URI = new URI("http://" + http1Server.serverAuthority() + "/HttpSlowServerTest/http1/");
+
+
+            // HTTPS/1.1
+            HttpsServer sserver1 = HttpsServer.create(sa, 100);
+            sserver1.setExecutor(executor);
+            sserver1.setHttpsConfigurator(new HttpsConfigurator(context));
+            https1Server = HttpTestServer.of(sserver1);
+            https1Server.addHandler(new HttpTestSlowHandler(), "/HttpSlowServerTest/https1/");
+            https1Server.start();
+            https1URI = new URI("https://" + https1Server.serverAuthority() + "/HttpSlowServerTest/https1/");
+
+            // HTTP/2.0
+            http2Server = HttpTestServer.of(
+                    new Http2TestServer("localhost", false, 0));
+            http2Server.addHandler(new HttpTestSlowHandler(), "/HttpSlowServerTest/http2/");
+            http2Server.start();
+            http2URI = new URI("http://" + http2Server.serverAuthority() + "/HttpSlowServerTest/http2/");
+
+            // HTTPS/2.0
+            https2Server = HttpTestServer.of(
+                    new Http2TestServer("localhost", true, 0));
+            https2Server.addHandler(new HttpTestSlowHandler(), "/HttpSlowServerTest/https2/");
+            https2Server.start();
+            https2URI = new URI("https://" + https2Server.serverAuthority() + "/HttpSlowServerTest/https2/");
+
+            proxy = DigestEchoServer.createHttpsProxyTunnel(
+                    DigestEchoServer.HttpAuthSchemeType.NONE);
+            proxyAddress = proxy.getProxyAddress();
+            proxySelector = new HttpProxySelector(proxyAddress);
+            client = newHttpClient(proxySelector);
+            System.out.println("Setup: done");
+        } catch (Exception x) {
+            tearDown(); throw x;
+        } catch (Error e) {
+            tearDown(); throw e;
+        }
+    }
+
+    public static void main(String[] args) throws Exception {
+        HttpSlowServerTest test = new HttpSlowServerTest();
+        test.setUp();
+        long start = System.nanoTime();
+        try {
+            test.run(args);
+        } finally {
+            try {
+                long elapsed = System.nanoTime() - start;
+                System.out.println("*** Elapsed: " + Duration.ofNanos(elapsed));
+            } finally {
+                test.tearDown();
+            }
+        }
+    }
+
+    public void run(String... args) throws Exception {
+        List<URI> serverURIs = List.of(http1URI, http2URI, https1URI, https2URI);
+        for (int i=0; i<20; i++) {
+            for (URI base : serverURIs) {
+                if (base.getScheme().equalsIgnoreCase("https")) {
+                    URI proxy = i % 1 == 0 ? base.resolve(URI.create("proxy/foo?n="+requestCounter.incrementAndGet()))
+                    : base.resolve(URI.create("direct/foo?n="+requestCounter.incrementAndGet()));
+                    test(proxy);
+                }
+            }
+            for (URI base : serverURIs) {
+                URI direct = base.resolve(URI.create("direct/foo?n="+requestCounter.incrementAndGet()));
+                test(direct);
+            }
+        }
+        CompletableFuture.allOf(futures.toArray(new CompletableFuture[0])).join();
+    }
+
+    public void test(URI uri) throws Exception {
+        System.out.println("Testing with " + uri);
+        pending.add(uri);
+        HttpRequest request = HttpRequest.newBuilder(uri).build();
+        CompletableFuture<HttpResponse<String>> resp =
+                client.sendAsync(request, HttpResponse.BodyHandlers.ofString())
+                .whenComplete((r, t) -> this.requestCompleted(request, r, t));
+        futures.add(resp);
+    }
+
+    private void requestCompleted(HttpRequest request, HttpResponse<?> r, Throwable t) {
+        responseCounter.incrementAndGet();
+        pending.remove(request.uri());
+        System.out.println(request + " -> " + (t == null ? r : t)
+                + " [still pending: " + (requestCounter.get() - responseCounter.get()) +"]");
+        if (pending.size() < 5 && requestCounter.get() > 100) {
+            pending.forEach(u -> System.out.println("\tpending: " + u));
+        }
+    }
+
+    public void tearDown() {
+        proxy = stop(proxy, DigestEchoServer.TunnelingProxy::stop);
+        http1Server = stop(http1Server, HttpTestServer::stop);
+        https1Server = stop(https1Server, HttpTestServer::stop);
+        http2Server = stop(http2Server, HttpTestServer::stop);
+        https2Server = stop(https2Server, HttpTestServer::stop);
+        client = null;
+        try {
+            executor.awaitTermination(2000, TimeUnit.MILLISECONDS);
+        } catch (Throwable x) {
+        } finally {
+            executor.shutdownNow();
+        }
+        try {
+            clientexec.awaitTermination(2000, TimeUnit.MILLISECONDS);
+        } catch (Throwable x) {
+        } finally {
+            clientexec.shutdownNow();
+        }
+        System.out.println("Teardown: done");
+    }
+
+    private interface Stoppable<T> { public void stop(T service) throws Exception; }
+
+    static <T>  T stop(T service, Stoppable<T> stop) {
+        try { if (service != null) stop.stop(service); } catch (Throwable x) { };
+        return null;
+    }
+
+    static class HttpProxySelector extends ProxySelector {
+        private static final List<Proxy> NO_PROXY = List.of(Proxy.NO_PROXY);
+        private final List<Proxy> proxyList;
+        HttpProxySelector(InetSocketAddress proxyAddress) {
+            proxyList = List.of(new Proxy(Proxy.Type.HTTP, proxyAddress));
+        }
+
+        @Override
+        public List<Proxy> select(URI uri) {
+            // our proxy only supports tunneling
+            if (uri.getScheme().equalsIgnoreCase("https")) {
+                if (uri.getPath().contains("/proxy/")) {
+                    return proxyList;
+                }
+            }
+            return NO_PROXY;
+        }
+
+        @Override
+        public void connectFailed(URI uri, SocketAddress sa, IOException ioe) {
+            System.err.println("Connection to proxy failed: " + ioe);
+            System.err.println("Proxy: " + sa);
+            System.err.println("\tURI: " + uri);
+            ioe.printStackTrace();
+        }
+    }
+
+    public static class HttpTestSlowHandler implements HttpTestHandler {
+        static final AtomicLong respCounter = new AtomicLong();
+        @Override
+        public void handle(HttpTestExchange t) throws IOException {
+            try (InputStream is = t.getRequestBody();
+                 OutputStream os = t.getResponseBody()) {
+                byte[] bytes = is.readAllBytes();
+                assert bytes.length == 0;
+                URI u = t.getRequestURI();
+                long responseID = Long.parseLong(u.getQuery().substring(2));
+                System.out.println("Server " + t.getRequestURI() + " sending response " + responseID);
+                t.sendResponseHeaders(200, -1);
+                for (String part : data) {
+                    bytes = part.getBytes(StandardCharsets.UTF_8);
+                    os.write(bytes);
+                    os.flush();
+                    System.out.println("\tresp:" + responseID + ": wrote " + bytes.length + " bytes");
+                    // wait...
+                    try { Thread.sleep(300); } catch (InterruptedException x) {};
+                }
+                System.out.println("\tresp:" + responseID + ": done");
+            }
+        }
+    }
+
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/jdk/java/net/httpclient/LargeHandshakeTest.java	Fri Oct 18 09:25:06 2019 -0700
@@ -0,0 +1,1200 @@
+/*
+ * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+import com.sun.net.httpserver.HttpServer;
+import com.sun.net.httpserver.HttpsConfigurator;
+import com.sun.net.httpserver.HttpsServer;
+
+import javax.net.ssl.KeyManagerFactory;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.TrustManagerFactory;
+import java.io.ByteArrayInputStream;
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.io.UncheckedIOException;
+import java.net.InetAddress;
+import java.net.InetSocketAddress;
+import java.net.Proxy;
+import java.net.ProxySelector;
+import java.net.SocketAddress;
+import java.net.URI;
+import java.net.http.HttpClient;
+import java.net.http.HttpRequest;
+import java.net.http.HttpResponse;
+import java.security.KeyManagementException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.UnrecoverableKeyException;
+import java.security.cert.CertificateException;
+import java.time.Duration;
+import java.util.Base64;
+import java.util.List;
+import java.util.Set;
+import java.util.concurrent.CompletableFuture;
+import java.util.concurrent.CopyOnWriteArrayList;
+import java.util.concurrent.CopyOnWriteArraySet;
+import java.util.concurrent.ExecutorService;
+import java.util.concurrent.LinkedBlockingQueue;
+import java.util.concurrent.ThreadPoolExecutor;
+import java.util.concurrent.TimeUnit;
+import java.util.concurrent.atomic.AtomicLong;
+
+/**
+ * @test
+ * @bug 8231449
+ * @summary This test verifies that the HttpClient works correctly when the server
+ *          sends a large certificate. This test will not pass without
+ *          the fix for JDK-8231449. To regenerate the certificate, modify the
+ *          COMMAND constant as you need, possibly changing the start date
+ *          and validity of the certificate in the command, then run the test.
+ *          The test will run with the old certificate, but will print the new command.
+ *          Copy paste the new command printed by this test into a terminal.
+ *          Then modify the at run line to pass the file generated by that command
+ *          as first argument, and copy paste the new values of the COMMAND and
+ *          BASE64_CERT constant printed by the test into the test.
+ *          Then restore the original at run line and test again.
+ * @library /test/lib http2/server
+ * @build jdk.test.lib.net.SimpleSSLContext HttpServerAdapters DigestEchoServer LargeHandshakeTest
+ * @modules java.net.http/jdk.internal.net.http.common
+ *          java.net.http/jdk.internal.net.http.frame
+ *          java.net.http/jdk.internal.net.http.hpack
+ *          java.logging
+ *          java.base/sun.net.www.http
+ *          java.base/sun.net.www
+ *          java.base/sun.net
+ * @run main/othervm -Dtest.requiresHost=true
+ *                   -Djdk.httpclient.HttpClient.log=headers
+ *                   -Djdk.internal.httpclient.debug=true
+ *                   LargeHandshakeTest
+ *
+ */
+public class LargeHandshakeTest implements HttpServerAdapters {
+
+    // Use this command to regenerate the keystore file whose content is
+    // base 64 encoded into this file (close your eyes):
+    private static final String COMMAND =
+                    "keytool -genkeypair -keyalg RSA -startdate 2019/09/30 -valid" +
+                    "ity 13000 -keysize 1024 -dname \"C=Duke, ST=CA-State, L=CA-Ci" +
+                    "ty, O=CA-Org\" -deststoretype PKCS12 -alias server -keystore " +
+                    "temp0.jks -storepass passphrase -ext san:critical=dns:localh" +
+                    "ost,ip:127.0.0.1,ip:0:0:0:0:0:0:0:1,uri:http://www.example.c" +
+                    "om/1.2.3.6.1.4.1.11129.666.666.666.999/041287234567896776987" +
+                    "654327821000412872345678967769876543278210004128723456789677" +
+                    "698765432782100041287234567896776987654327821000412872345678" +
+                    "967769876543278210004128723456789677698765432782100041287234" +
+                    "567896776987654327821000412872345678967769876543278210004128" +
+                    "723456789677698765432782100041287234567896776987654327821000" +
+                    "412872345678967769876543278210004128723456789677698765432782" +
+                    "100041287234567896776987654327821000412872345678967769876543" +
+                    "278210004128723456789677698765432782100041287234567896776987" +
+                    "654327821000412872345678967769876543278210004128723456789677" +
+                    "698765432782100041287234567896776987654327821000412872345678" +
+                    "967769876543278210004128723456789677698765432782100041287234" +
+                    "567896776987654327821000412872345678967769876543278210004128" +
+                    "723456789677698765432782100041287234567896776987654327821000" +
+                    "412872345678967769876543278210004128723456789677698765432782" +
+                    "100041287234567896776987654327821000412872345678967769876543" +
+                    "278210004128723456789677698765432782100041287234567896776987" +
+                    "654327821000412872345678967769876543278210004128723456789677" +
+                    "698765432782100041287234567896776987654327821000412872345678" +
+                    "967769876543278210004128723456789677698765432782100041287234" +
+                    "567896776987654327821000412872345678967769876543278210004128" +
+                    "723456789677698765432782100041287234567896776987654327821000" +
+                    "412872345678967769876543278210004128723456789677698765432782" +
+                    "100041287234567896776987654327821000412872345678967769876543" +
+                    "278210004128723456789677698765432782100041287234567896776987" +
+                    "654327821000412872345678967769876543278210004128723456789677" +
+                    "698765432782100,uri:http://www.example.com/1.2.3.6.1.4.1.111" +
+                    "29.666.666.666.999.2/041287234567896776987654327821000412872" +
+                    "345678967769876543278210004128723456789677698765432782100041" +
+                    "287234567896776987654327821000412872345678967769876543278210" +
+                    "004128723456789677698765432782100041287234567896776987654327" +
+                    "821000412872345678967769876543278210004128723456789677698765" +
+                    "432782100041287234567896776987654327821000412872345678967769" +
+                    "876543278210004128723456789677698765432782100041287234567896" +
+                    "776987654327821000412872345678967769876543278210004128723456" +
+                    "789677698765432782100041287234567896776987654327821000412872" +
+                    "345678967769876543278210004128723456789677698765432782100041" +
+                    "287234567896776987654327821000412872345678967769876543278210" +
+                    "004128723456789677698765432782100041287234567896776987654327" +
+                    "821000412872345678967769876543278210004128723456789677698765" +
+                    "432782100041287234567896776987654327821000412872345678967769" +
+                    "876543278210004128723456789677698765432782100041287234567896" +
+                    "776987654327821000412872345678967769876543278210004128723456" +
+                    "789677698765432782100041287234567896776987654327821000412872" +
+                    "345678967769876543278210004128723456789677698765432782100041" +
+                    "287234567896776987654327821000412872345678967769876543278210" +
+                    "004128723456789677698765432782100041287234567896776987654327" +
+                    "821000412872345678967769876543278210004128723456789677698765" +
+                    "432782100041287234567896776987654327821000412872345678967769" +
+                    "876543278210004128723456789677698765432782100041287234567896" +
+                    "776987654327821000412872345678967769876543278210004128723456" +
+                    "789677698765432782100041287234567896776987654327821000412872" +
+                    "345678967769876543278210004128723456789677698765432782100,ur" +
+                    "i:http://www.example.com/1.2.3.6.1.4.1.11129.666.666.666.999" +
+                    ".2/041287234567896776987654327821000412872345678967769876543" +
+                    "278210004128723456789677698765432782100041287234567896776987" +
+                    "654327821000412872345678967769876543278210004128723456789677" +
+                    "698765432782100041287234567896776987654327821000412872345678" +
+                    "967769876543278210004128723456789677698765432782100041287234" +
+                    "567896776987654327821000412872345678967769876543278210004128" +
+                    "723456789677698765432782100041287234567896776987654327821000" +
+                    "412872345678967769876543278210004128723456789677698765432782" +
+                    "100041287234567896776987654327821000412872345678967769876543" +
+                    "278210004128723456789677698765432782100041287234567896776987" +
+                    "654327821000412872345678967769876543278210004128723456789677" +
+                    "698765432782100041287234567896776987654327821000412872345678" +
+                    "967769876543278210004128723456789677698765432782100041287234" +
+                    "567896776987654327821000412872345678967769876543278210004128" +
+                    "723456789677698765432782100041287234567896776987654327821000" +
+                    "412872345678967769876543278210004128723456789677698765432782" +
+                    "100041287234567896776987654327821000412872345678967769876543" +
+                    "278210004128723456789677698765432782100041287234567896776987" +
+                    "654327821000412872345678967769876543278210004128723456789677" +
+                    "698765432782100041287234567896776987654327821000412872345678" +
+                    "967769876543278210004128723456789677698765432782100041287234" +
+                    "567896776987654327821000412872345678967769876543278210004128" +
+                    "723456789677698765432782100041287234567896776987654327821000" +
+                    "412872345678967769876543278210004128723456789677698765432782" +
+                    "100041287234567896776987654327821000412872345678967769876543" +
+                    "27821000412872345678967769876543278210001,uri:http://www.exa" +
+                    "mple.com/1.2.3.6.1.4.1.11129.666.666.666.999.2/0412872345678" +
+                    "967769876543278210004128723456789677698765432782100041287234" +
+                    "567896776987654327821000412872345678967769876543278210004128" +
+                    "723456789677698765432782100041287234567896776987654327821000" +
+                    "412872345678967769876543278210004128723456789677698765432782" +
+                    "100041287234567896776987654327821000412872345678967769876543" +
+                    "278210004128723456789677698765432782100041287234567896776987" +
+                    "654327821000412872345678967769876543278210004128723456789677" +
+                    "698765432782100041287234567896776987654327821000412872345678" +
+                    "967769876543278210004128723456789677698765432782100041287234" +
+                    "567896776987654327821000412872345678967769876543278210004128" +
+                    "723456789677698765432782100041287234567896776987654327821000" +
+                    "412872345678967769876543278210004128723456789677698765432782" +
+                    "100041287234567896776987654327821000412872345678967769876543" +
+                    "278210004128723456789677698765432782100041287234567896776987" +
+                    "654327821000412872345678967769876543278210004128723456789677" +
+                    "698765432782100041287234567896776987654327821000412872345678" +
+                    "967769876543278210004128723456789677698765432782100041287234" +
+                    "567896776987654327821000412872345678967769876543278210004128" +
+                    "723456789677698765432782100041287234567896776987654327821000" +
+                    "412872345678967769876543278210004128723456789677698765432782" +
+                    "100041287234567896776987654327821000412872345678967769876543" +
+                    "278210004128723456789677698765432782100041287234567896776987" +
+                    "654327821000412872345678967769876543278210004128723456789677" +
+                    "698765432782100041287234567896776987654327821000412872345678" +
+                    "967769876543278210004128723456789677698765432782100041287234" +
+                    "5678967769876543278210002,uri:http://www.example.com/1.2.3.6" +
+                    ".1.4.1.11129.666.666.666.999.2/04128723456789677698765432782" +
+                    "100041287234567896776987654327821000412872345678967769876543" +
+                    "278210004128723456789677698765432782100041287234567896776987" +
+                    "654327821000412872345678967769876543278210004128723456789677" +
+                    "698765432782100041287234567896776987654327821000412872345678" +
+                    "967769876543278210004128723456789677698765432782100041287234" +
+                    "567896776987654327821000412872345678967769876543278210004128" +
+                    "723456789677698765432782100041287234567896776987654327821000" +
+                    "412872345678967769876543278210004128723456789677698765432782" +
+                    "100041287234567896776987654327821000412872345678967769876543" +
+                    "278210004128723456789677698765432782100041287234567896776987" +
+                    "654327821000412872345678967769876543278210004128723456789677" +
+                    "698765432782100041287234567896776987654327821000412872345678" +
+                    "967769876543278210004128723456789677698765432782100041287234" +
+                    "567896776987654327821000412872345678967769876543278210004128" +
+                    "723456789677698765432782100041287234567896776987654327821000" +
+                    "412872345678967769876543278210004128723456789677698765432782" +
+                    "100041287234567896776987654327821000412872345678967769876543" +
+                    "278210004128723456789677698765432782100041287234567896776987" +
+                    "654327821000412872345678967769876543278210004128723456789677" +
+                    "698765432782100041287234567896776987654327821000412872345678" +
+                    "967769876543278210004128723456789677698765432782100041287234" +
+                    "567896776987654327821000412872345678967769876543278210004128" +
+                    "723456789677698765432782100041287234567896776987654327821000" +
+                    "412872345678967769876543278210004128723456789677698765432782" +
+                    "100041287234567896776987654327821000412872345678967769876543" +
+                    "278210003,uri:http://www.example.com/1.2.3.6.1.4.1.11129.666" +
+                    ".666.666.999.2/041287234567896776987654327821000412872345678" +
+                    "967769876543278210004128723456789677698765432782100041287234" +
+                    "567896776987654327821000412872345678967769876543278210004128" +
+                    "723456789677698765432782100041287234567896776987654327821000" +
+                    "412872345678967769876543278210004128723456789677698765432782" +
+                    "100041287234567896776987654327821000412872345678967769876543" +
+                    "278210004128723456789677698765432782100041287234567896776987" +
+                    "654327821000412872345678967769876543278210004128723456789677" +
+                    "698765432782100041287234567896776987654327821000412872345678" +
+                    "967769876543278210004128723456789677698765432782100041287234" +
+                    "567896776987654327821000412872345678967769876543278210004128" +
+                    "723456789677698765432782100041287234567896776987654327821000" +
+                    "412872345678967769876543278210004128723456789677698765432782" +
+                    "100041287234567896776987654327821000412872345678967769876543" +
+                    "278210004128723456789677698765432782100041287234567896776987" +
+                    "654327821000412872345678967769876543278210004128723456789677" +
+                    "698765432782100041287234567896776987654327821000412872345678" +
+                    "967769876543278210004128723456789677698765432782100041287234" +
+                    "567896776987654327821000412872345678967769876543278210004128" +
+                    "723456789677698765432782100041287234567896776987654327821000" +
+                    "412872345678967769876543278210004128723456789677698765432782" +
+                    "100041287234567896776987654327821000412872345678967769876543" +
+                    "278210004128723456789677698765432782100041287234567896776987" +
+                    "654327821000412872345678967769876543278210004128723456789677" +
+                    "698765432782100041287234567896776987654327821000412872345678" +
+                    "96776987654327821000412872345678967769876543278210004,uri:ht" +
+                    "tp://www.example.com/1.2.3.6.1.4.1.11129.666.666.666.999.2/0" +
+                    "412872345678967769876543278210004128723456789677698765432782" +
+                    "100041287234567896776987654327821000412872345678967769876543" +
+                    "278210004128723456789677698765432782100041287234567896776987" +
+                    "654327821000412872345678967769876543278210004128723456789677" +
+                    "698765432782100041287234567896776987654327821000412872345678" +
+                    "967769876543278210004128723456789677698765432782100041287234" +
+                    "567896776987654327821000412872345678967769876543278210004128" +
+                    "723456789677698765432782100041287234567896776987654327821000" +
+                    "412872345678967769876543278210004128723456789677698765432782" +
+                    "100041287234567896776987654327821000412872345678967769876543" +
+                    "278210004128723456789677698765432782100041287234567896776987" +
+                    "654327821000412872345678967769876543278210004128723456789677" +
+                    "698765432782100041287234567896776987654327821000412872345678" +
+                    "967769876543278210004128723456789677698765432782100041287234" +
+                    "567896776987654327821000412872345678967769876543278210004128" +
+                    "723456789677698765432782100041287234567896776987654327821000" +
+                    "412872345678967769876543278210004128723456789677698765432782" +
+                    "100041287234567896776987654327821000412872345678967769876543" +
+                    "278210004128723456789677698765432782100041287234567896776987" +
+                    "654327821000412872345678967769876543278210004128723456789677" +
+                    "698765432782100041287234567896776987654327821000412872345678" +
+                    "967769876543278210004128723456789677698765432782100041287234" +
+                    "567896776987654327821000412872345678967769876543278210004128" +
+                    "723456789677698765432782100041287234567896776987654327821000" +
+                    "412872345678967769876543278210004128723456789677698765432782" +
+                    "1000412872345678967769876543278210005,uri:http://www.example" +
+                    ".com/1.2.3.6.1.4.1.11129.666.666.666.999.2/04128723456789677" +
+                    "698765432782100041287234567896776987654327821000412872345678" +
+                    "967769876543278210004128723456789677698765432782100041287234" +
+                    "567896776987654327821000412872345678967769876543278210004128" +
+                    "723456789677698765432782100041287234567896776987654327821000" +
+                    "412872345678967769876543278210004128723456789677698765432782" +
+                    "100041287234567896776987654327821000412872345678967769876543" +
+                    "278210004128723456789677698765432782100041287234567896776987" +
+                    "654327821000412872345678967769876543278210004128723456789677" +
+                    "698765432782100041287234567896776987654327821000412872345678" +
+                    "967769876543278210004128723456789677698765432782100041287234" +
+                    "567896776987654327821000412872345678967769876543278210004128" +
+                    "723456789677698765432782100041287234567896776987654327821000" +
+                    "412872345678967769876543278210004128723456789677698765432782" +
+                    "100041287234567896776987654327821000412872345678967769876543" +
+                    "278210004128723456789677698765432782100041287234567896776987" +
+                    "654327821000412872345678967769876543278210004128723456789677" +
+                    "698765432782100041287234567896776987654327821000412872345678" +
+                    "967769876543278210004128723456789677698765432782100041287234" +
+                    "567896776987654327821000412872345678967769876543278210004128" +
+                    "723456789677698765432782100041287234567896776987654327821000" +
+                    "412872345678967769876543278210004128723456789677698765432782" +
+                    "100041287234567896776987654327821000412872345678967769876543" +
+                    "278210004128723456789677698765432782100041287234567896776987" +
+                    "654327821000412872345678967769876543278210004128723456789677" +
+                    "698765432782100041287234567896776987654327821000412872345678" +
+                    "967769876543278210006,uri:http://www.example.com/1.2.3.6.1.4" +
+                    ".1.11129.666.666.666.999.2/041287234567896776987654327821000" +
+                    "412872345678967769876543278210004128723456789677698765432782" +
+                    "100041287234567896776987654327821000412872345678967769876543" +
+                    "278210004128723456789677698765432782100041287234567896776987" +
+                    "654327821000412872345678967769876543278210004128723456789677" +
+                    "698765432782100041287234567896776987654327821000412872345678" +
+                    "967769876543278210004128723456789677698765432782100041287234" +
+                    "567896776987654327821000412872345678967769876543278210004128" +
+                    "723456789677698765432782100041287234567896776987654327821000" +
+                    "412872345678967769876543278210004128723456789677698765432782" +
+                    "100041287234567896776987654327821000412872345678967769876543" +
+                    "278210004128723456789677698765432782100041287234567896776987" +
+                    "654327821000412872345678967769876543278210004128723456789677" +
+                    "698765432782100041287234567896776987654327821000412872345678" +
+                    "967769876543278210004128723456789677698765432782100041287234" +
+                    "567896776987654327821000412872345678967769876543278210004128" +
+                    "723456789677698765432782100041287234567896776987654327821000" +
+                    "412872345678967769876543278210004128723456789677698765432782" +
+                    "100041287234567896776987654327821000412872345678967769876543" +
+                    "278210004128723456789677698765432782100041287234567896776987" +
+                    "654327821000412872345678967769876543278210004128723456789677" +
+                    "698765432782100041287234567896776987654327821000412872345678" +
+                    "967769876543278210004128723456789677698765432782100041287234" +
+                    "567896776987654327821000412872345678967769876543278210004128" +
+                    "723456789677698765432782100041287234567896776987654327821000" +
+                    "412872345678967769876543278210004128723456789677698765432782" +
+                    "10007,uri:http://www.example.com/1.2.3.6.1.4.1.11129.666.666" +
+                    ".666.999.2/0412872345678967769876543278210004128723456789677" +
+                    "698765432782100041287234567896776987654327821000412872345678" +
+                    "967769876543278210004128723456789677698765432782100041287234" +
+                    "567896776987654327821000412872345678967769876543278210004128" +
+                    "723456789677698765432782100041287234567896776987654327821000" +
+                    "412872345678967769876543278210004128723456789677698765432782" +
+                    "100041287234567896776987654327821000412872345678967769876543" +
+                    "278210004128723456789677698765432782100041287234567896776987" +
+                    "654327821000412872345678967769876543278210004128723456789677" +
+                    "698765432782100041287234567896776987654327821000412872345678" +
+                    "967769876543278210004128723456789677698765432782100041287234" +
+                    "567896776987654327821000412872345678967769876543278210004128" +
+                    "723456789677698765432782100041287234567896776987654327821000" +
+                    "412872345678967769876543278210004128723456789677698765432782" +
+                    "100041287234567896776987654327821000412872345678967769876543" +
+                    "278210004128723456789677698765432782100041287234567896776987" +
+                    "654327821000412872345678967769876543278210004128723456789677" +
+                    "698765432782100041287234567896776987654327821000412872345678" +
+                    "967769876543278210004128723456789677698765432782100041287234" +
+                    "567896776987654327821000412872345678967769876543278210004128" +
+                    "723456789677698765432782100041287234567896776987654327821000" +
+                    "412872345678967769876543278210004128723456789677698765432782" +
+                    "100041287234567896776987654327821000412872345678967769876543" +
+                    "278210004128723456789677698765432782100041287234567896776987" +
+                    "654327821000412872345678967769876543278210004128723456789677" +
+                    "6987654327821000412872345678967769876543278210008,uri:http:/" +
+                    "/www.example.com/1.2.3.6.1.4.1.11129.666.666.666.999.2/04128" +
+                    "723456789677698765432782100041287234567896776987654327821000" +
+                    "412872345678967769876543278210004128723456789677698765432782" +
+                    "100041287234567896776987654327821000412872345678967769876543" +
+                    "278210004128723456789677698765432782100041287234567896776987" +
+                    "654327821000412872345678967769876543278210004128723456789677" +
+                    "698765432782100041287234567896776987654327821000412872345678" +
+                    "967769876543278210004128723456789677698765432782100041287234" +
+                    "567896776987654327821000412872345678967769876543278210004128" +
+                    "723456789677698765432782100041287234567896776987654327821000" +
+                    "412872345678967769876543278210004128723456789677698765432782" +
+                    "100041287234567896776987654327821000412872345678967769876543" +
+                    "278210004128723456789677698765432782100041287234567896776987" +
+                    "654327821000412872345678967769876543278210004128723456789677" +
+                    "698765432782100041287234567896776987654327821000412872345678" +
+                    "967769876543278210004128723456789677698765432782100041287234" +
+                    "567896776987654327821000412872345678967769876543278210004128" +
+                    "723456789677698765432782100041287234567896776987654327821000" +
+                    "412872345678967769876543278210004128723456789677698765432782" +
+                    "100041287234567896776987654327821000412872345678967769876543" +
+                    "278210004128723456789677698765432782100041287234567896776987" +
+                    "654327821000412872345678967769876543278210004128723456789677" +
+                    "698765432782100041287234567896776987654327821000412872345678" +
+                    "967769876543278210004128723456789677698765432782100041287234" +
+                    "567896776987654327821000412872345678967769876543278210004128" +
+                    "723456789677698765432782100041287234567896776987654327821000" +
+                    "412872345678967769876543278210009,uri:http://www.example.com" +
+                    "/1.2.3.6.1.4.1.11129.666.666.666.999.2/041287234567896776987" +
+                    "654327821000412872345678967769876543278210004128723456789677" +
+                    "698765432782100041287234567896776987654327821000412872345678" +
+                    "967769876543278210004128723456789677698765432782100041287234" +
+                    "567896776987654327821000412872345678967769876543278210004128" +
+                    "723456789677698765432782100041287234567896776987654327821000" +
+                    "412872345678967769876543278210004128723456789677698765432782" +
+                    "100041287234567896776987654327821000412872345678967769876543" +
+                    "278210004128723456789677698765432782100041287234567896776987" +
+                    "654327821000412872345678967769876543278210004128723456789677" +
+                    "698765432782100041287234567896776987654327821000412872345678" +
+                    "967769876543278210004128723456789677698765432782100041287234" +
+                    "567896776987654327821000412872345678967769876543278210004128" +
+                    "723456789677698765432782100041287234567896776987654327821000" +
+                    "412872345678967769876543278210004128723456789677698765432782" +
+                    "100041287234567896776987654327821000412872345678967769876543" +
+                    "278210004128723456789677698765432782100041287234567896776987" +
+                    "654327821000412872345678967769876543278210004128723456789677" +
+                    "698765432782100041287234567896776987654327821000412872345678" +
+                    "967769876543278210004128723456789677698765432782100041287234" +
+                    "567896776987654327821000412872345678967769876543278210004128" +
+                    "723456789677698765432782100041287234567896776987654327821000" +
+                    "412872345678967769876543278210004128723456789677698765432782" +
+                    "100041287234567896776987654327821000412872345678967769876543" +
+                    "278210004128723456789677698765432782100041287234567896776987" +
+                    "654327821000412872345678967769876543278210004128723456789677" +
+                    "6987654327821000A";
+
+    // This is a Base64 encoded keystore containing our certificate.
+    // The keystore itself was produced with the command above, then its content
+    // base 64 encoded into the string below. The helper function to produce
+    // and format the string below are included in this file.
+    private static final String BASE64_CERT =
+                    "MIJR0AIBAzCCUYoGCSqGSIb3DQEHAaCCUXsEglF3MIJRczCCAyAGCSqGSIb3" +
+                    "DQEHAaCCAxEEggMNMIIDCTCCAwUGCyqGSIb3DQEMCgECoIICsjCCAq4wKAYK" +
+                    "KoZIhvcNAQwBAzAaBBSx1wdTxGqb9z4exOHVZNswvFL+oQICBAAEggKA7JdM" +
+                    "91kkP9QkG/igw2p+prxeEOQSmyScKMLtln81eKvT9zpvNjtT+hjABcH2QY8u" +
+                    "1Z3Ji48Umoaxi38Fk58/VazFM6wpL47VVNJ2EeTdj8sFoo8ExCH8EHJNNaVK" +
+                    "VNTG0YWOMa/HOPttl5wtD6pReGNOrVYVOnI2aY6zTqwI0sZS4uPczfb21vyI" +
+                    "NyF4B0Z9WGl77PRoGwrSeoLspISBTq6/JE8UhMWtuz7xnXw04DGp4DeIOO9n" +
+                    "E8+VBRKOELPqNaQ+VEgnwPNtPzjohi4Cwaf84c6vokAl1S/V6GzS0Al1mSGH" +
+                    "syAaszDYWcXXp2JpSXVAztySWZErwHE49/P42taXdhJvOSfqYb6FHpdrCXST" +
+                    "TPo+ULCGxQ83EGfnb/qaqAYZrS//+lzzqw18OY0JcF1i+cGHY8ofJK+bYr7x" +
+                    "ZyC8pLut84pEWNTp1V7SQcMif2Gd2SO2Y+ua4isjfMLNeNE/4puCV1vYsyiz" +
+                    "C9Gnp0Jywv13ioaC24Qy68uVQ81TvwizN3j7FxPCQOEEjXpfJ+5x2q0pUfqp" +
+                    "Roy7ow3Z+d+/fpMIcgyMqWidzLBChRkx4Ugnh7rYBfY1ghchlu8WIIhiR/8p" +
+                    "EBX5WQHyEtwrXOFiWxT+QwXWjbs9dQSUoCU1i2zwCFW9R8FkY2yb98QxF74z" +
+                    "0TpyW+w6cGPUNUd2T143PL4eGt4rGUBUMewe2ENSgZCDstvtiNPfccW8f9tq" +
+                    "G49pHBZt1ZIadM/DbCk1cqDD3u2/e7c57mInFkBBJKjl2K7GK9EYsiey+3Fk" +
+                    "NvkxbaF+89OTqEDPP4E97EeHkk/MFe0bQ/a/aXZrTPSN7mNgusWBQyztnYex" +
+                    "BRr8sPRhNDFAMBsGCSqGSIb3DQEJFDEOHgwAcwBlAHIAdgBlAHIwIQYJKoZI" +
+                    "hvcNAQkVMRQEElRpbWUgMTU2OTk1MzczODEyNzCCTksGCSqGSIb3DQEHBqCC" +
+                    "Tjwwgk44AgEAMIJOMQYJKoZIhvcNAQcBMCgGCiqGSIb3DQEMAQYwGgQUBIoZ" +
+                    "0r5Kc2cs6fHseA1vKWpQi30CAgQAgIJN+Lch8gN0kyMcpdNDM2iAfBHd/kXZ" +
+                    "4ye8lmGvvV0Yy9dd4Q6zmOmkPjWcusyh/vJdya8OG8Fxc/nQmyhB441qtJR5" +
+                    "dwIQe/7lft2gDg2sBD0osPvEHesvFVr0+2cy22sdBXS4ihdtVTciPV+4v0EU" +
+                    "AK6Lcib57Ml7MI6VhBGpWLkaZXv/25CqXGaiY85dSXPHMugvfJn8JoNxe+tN" +
+                    "PDEAy5ar5bnSD9Xl8GyQwHFwQ1P+gEjwg0+hC6OQA6Eg0jBFhIL+dCf6FJwz" +
+                    "J2HekpKXcyCTNTx0HB8AW3u4gVjao0B7oNr0GZprpPgYp4dl04Tar6fmb9MN" +
+                    "w4MWkcySjX0wCNjpvE0bWlUx55jlN+25SWNEafmbzRNECW1hT6Xl3HLLNQQv" +
+                    "8fIgkd2200+Ppwk+cG2dYMrl0MpHPxOo2l+nLNDI+a84v6R2Mqf3qVNfcRxZ" +
+                    "Xmw0kJ1JNUKhd0Dy6FKB7tY1Gwc4rfQQgdUXTlnB96rUrSK2o91QZZ9rN3PD" +
+                    "SbbQRzSBSPMDen+W5878kwd1BkDH1ao7qOHoGYYiYxczkMVncOtOIdg8VScU" +
+                    "t/N1NS9Yrzlj0aAYwX5EYmYzFMiyXr+El/7VnrLHBiaYwJaYVw7a1HgkSXxb" +
+                    "er/vgM639AIhT5ab9NFF+ib+7qwbWPzggIBtfm1bXiRPE6Ue0+aQ9g4vYSR7" +
+                    "QNusu/2Kwyrd6cwqJnQnG53wiSXh3hs7dvNRYpM16iF1dTeud0FSpQx1tMFi" +
+                    "Wp9cGwtUSzvLw1+5Mvz7igLTNAPyTMFNAYFR7JZgRjg1035Y7Xo4aXNMVtGp" +
+                    "BCa+/eJzE33CHH2+kuSa13N6qHA2Ek33aR4Vi7P/QOI1aghsR6tL62ctoq4c" +
+                    "FmRwvReYGdFK08+B2auPHOEPdGaPefydmPNnFLDguH6d2NYIH8cgzpjz48Gf" +
+                    "i5UQfh/UJAxricLjuV2eor7gZCCaC9MfnLlHnDH5MYUQgDsGBTRxh6rpZxVo" +
+                    "PFUm1DQCFdDHgmvVz+GAuiVzUu0TrUAxBeycl9lrDshgZj2jd9FU7XcMFwzC" +
+                    "dMsWJaA8EC8u31vnpWWqK8C03pdXTbWOEJdIDMXKOzd2ZxjGPnBSNXNRsGzi" +
+                    "RdEspHElrfGwHA5Vpsj4Q6tMZ8tZ+gSSmBrKP6xNUDNwi1bPayJw/dAKaC+D" +
+                    "vp5sx/+nZcxSF/ig8ZM6aA3escS1GBNBWFrx2vEASHNpHZsTIOTuOM4e584/" +
+                    "NJpNlRfaTzJ3i9/XoufnHbT5pmpZgxlZckYto3h6lL8R0bXthICRrI37Oh6s" +
+                    "yfO7zhMiGoNdaFAnXTsMzA+Uwr1gesHWE9Rbd+jrkcGgL4Zst/A/c64F58qt" +
+                    "J2RzA3xJCGQ6AXB3SlDHLObuYZ48TH4v2nJ4S8RTs/ant/T9DTRJyhQMa9+P" +
+                    "QC8Ny1ejFOK71Oqjz7J2jGpoBm3gDRZDYeBa6ZiMeJf8Q+bkpbEgUQbdiXhn" +
+                    "dpN7acdJTSHnO5/3Y4G1T6kLNzKc1+NYiYwH9Y6KIMa9IaocOA4wCHEFog7Z" +
+                    "Ac6vFv6r9/cnXEIe9/t5gYLL7X/gU6HMqZFjM0QjRru/Sy9vYfpytqrnOf/q" +
+                    "eOTJ9gRdIn7jNVTrgrE3ZgNvxYapaDMyFG/ixZV0cblsVJ6JO4MArOQq6q9/" +
+                    "LWGtYYEDclyLNxUTYf0gHmVRhYV8rlyMKXtDu0aBOOn13dRxKKVN5pG+LrKe" +
+                    "V+FZ3tDhYiFBxI/gkAiegSQlvknJlbEuanCWFq7sHOZ3C76L5G4qtRv7tHAs" +
+                    "8rtqzhYnddxIkTcj4tkVYsFxkj1afSuLSSoYqc0jYZUXHkL+5U0ZRxhJbo6b" +
+                    "/QVtiGXbS9i1em3+Yr47jHRH7f5Crlc2EdEzZaIm8tCw5G3CddXhhCpQTT3r" +
+                    "Mjwep5/w2ai8qbGC1xo6AV7ZyQS535UbIhOYMPO7vd3oUBmQXyutSxx8Wedx" +
+                    "HbIlBdZ44JlRWELdL6Ejo7PwhG0F3Zd3+FtasM13teYlbDWdFeoTF+inrXCG" +
+                    "BCSqoUDYLAAxRK7oYKSDqfrcRioHO4AkeaF8x5YZpRSM73yawZaWeLVq1NKb" +
+                    "DdeSJEjqDs5Ve6cA/jSLDtlJqudspFamzkdUWa4L1Tc15JY2YD8urNz/qXUK" +
+                    "E74H2MtQWjrQ8Yjz7y+3yUTYd8Clp1dBKV2haIr+sCTnFtUXaQ9LZF5S+enU" +
+                    "mOf7OmdFObwvV1f43HDuDSiFZpE+w57YmAgSIfWelKnGvvn1lBBWBomyVBKo" +
+                    "69seibaSyUXyuq8q3525ZKpHIcic7doYOYgqU94HBQOwkwTtoiX3tKX4EgDa" +
+                    "9AjYD4LHITkwgKzsQAe+3ASKq3SPFXi/UbYuZNXdkXgh7kqL6PZPD6ayIxOW" +
+                    "f8E95fZRXPyNbKf5U9pp9hVKeuOPKbEYKsQNG0ZiephMmV3S6JjSqLo+qTU+" +
+                    "QyGH3vhwlhda9cmxrpKCy0KM8AHyWoS4L5TAiJXp6moCttP0v8P/RRFtBePl" +
+                    "53nyLwZ5SyXv4ifVayJyyeDXn08In9MINLRyjvNF2gHbHI7XbeQKqB3yIBC9" +
+                    "sKpyShX6UKb1Dnd3Z19rT4a7QUkqfcodX9cU7tV6ncRuP5ZJRLHQQi9w/2DI" +
+                    "Leu8Y43jJ/CWYo8Fb8IXHrWA/hwNT28Yr3OcZUIDFdbdxenTKyhMlDOQ87aU" +
+                    "VXBCnq96jEAzY0NY3PZj+CBvts2wlCJJDhBCVTXM9OusZjH2/B6phWO7ybMq" +
+                    "15QqYyypNM62oBlu82psklHRREO1D23MaOyoXSHYVFxvLMKxhstK3wd59cst" +
+                    "8V/uvzzrURJu85X1X0cQJaKB+OjvBT8n8e9jzjATOTiGH2ULLSro2wc7Ne1r" +
+                    "bEK4qHeuSwlvulvcqB7wK84PItmVOW+g9VuXA9QGGHxzybbs+/QaMqJzdN6C" +
+                    "oS1Az5UmvZbdnSAuXtW8xiKJ+ELAGCjOcdkzQaAbd8Tq5hUXAgYeNQnoDjJz" +
+                    "+a8CTk1IaGkeHlg7MrV98AuIQjUB16IU6gE4MH6ueOIZhF3PB2Fp0dGPXL6O" +
+                    "KzIiC3jM7rIuTmOstI/t+XB3+BYxKvLuQhbV5n8sUBsGFFGBKoxIZawKG1Pk" +
+                    "3Dny2rzcB2JkcOO8r6f0dA5V4PKIrhmVeQJyHgY+/fF+JMZxfjYmaSrwu/1R" +
+                    "JnlDfDCIwNon7smi8QwXbEvRehI5a883yI07COM1paHBKNddlw4sfkfbIrNx" +
+                    "LQJLb0mHgqvHAblivBmMuaiZaK0MVOgZTe4bYuYdRSN8/ueZDHOo7lyfXGzc" +
+                    "8FEThaiGp5m/uWYJgG2FIRxM6by9PhusaTZgJ8DmjRLF5yDuR14gau6zj7GZ" +
+                    "TMXGDIDTRWTKTP0/DYF+EEnuWJb2JrrxMnWH8X7xXhrRA6Ku3nqVEwy8eUnR" +
+                    "WtLAQkApLOEhsp3wQyLRbaydcD1Si9s5JICy/m5Sv2NXseKbmAHDphTYuSGr" +
+                    "Gjk5ryTEaaiULVvi7mv1HqDq3fli/PAzMIcsK0yaF9rQv7JjtsOtZtr77+zs" +
+                    "vM8CSY835WpqTtjGDC+HWHulEADgS4ShpIrn3zgyEd1jrRY6rR5ZDuioc7sE" +
+                    "2A/8w6I5KkmcXMu/jKoLjotdUvvGMMAIhqCZD8sD+F2jpNcCV3/7NpwaJSk+" +
+                    "61rfPxzQRKu1jn/9TV7e5PyWQMkPOMbTMlA9jJPi5WEXNanIFTJBYgI6vmYc" +
+                    "156uLrlXh4F5gpLN42JyhddSbV4dXXLt8an9X4dMAJmdgBmzFldFPU7I88Xm" +
+                    "nuy3Rkqs2p4eb44b4oe9xdIyUw3fkfdoYzRx96X2Tvlx67BvbprglcdoiBce" +
+                    "UitoMsN5tI9+o4/wp6SCU1nv97Yl/kGR6xyY/5irK3wVr2DsrRSF/WuycPFV" +
+                    "3EOZLCoh/Y+9yH2dLlslarL2ZVIe701NTp/fN1GCQoCI2elSwXZAiJ446Fyv" +
+                    "F5x8UTIbAZKiJfL8F09XVnNSRIp78rcNUUeFKehewGJ/I6WtD/SyGc7uTCKi" +
+                    "EqXAwoQN+4GcncLQ2eqFFqR1aZLEcJKU79EpKu08rFTl0X9NaA7Qd0nXAiNF" +
+                    "EUz1Xo33ReE9l67+QLXYK17UIqxkFQnawydZKt1T7HeRpTKEQzo9/wLk+IYD" +
+                    "m5y8DXHK/d/kPySyLW4+srw3HRIe2Cuz9nNhPTUKtVC9CPt9NT9guhOhDGRA" +
+                    "XBkF08Snjpn7wG6G1cE2gwU3W4oQIvCAwpdsJ8leg0fbosc1UD1QHR+3CxIU" +
+                    "0yoPm19LygYjIyTg55bGBID0GV+DAHKUVHIUkBpaPM0PcSxsJgFv1seuQSJy" +
+                    "dRUcKGzPg+xJhVvHuuAnnlBibjzrl/DBLCPgOl2kybpsv1sLJdTLEkwkv/yf" +
+                    "83PdSz+uPha5hv7AGfxEaaUwbnktHultVbjO+IKBNqgjz763XgUAKbtfxW4u" +
+                    "VLBESpZiVe/gzgNV7j+6+vHWsOC8GBMjJwHGAFfTyjYv9BmrxkQyabZ8wCb/" +
+                    "5NPvaHBH+qkWVVWBaLZuOkgG9dmQI/oEcO2H9IDtve3OEXGuP2zG3xkk7h8W" +
+                    "RwcHoz/anAbEHA1wmPYn/NFn2FZW3KxdyD0/URj4DaZqMYCJMCN8TkbLBxQk" +
+                    "ZS+8VCcXMALybXUD9OLX/jUHaPqO70e9+o4cD+O/JfxKkTj5A2WD2345b8nK" +
+                    "Lill7lJ5JlYekkGG4LQf92FbH0ytLSVB+A4oc7/nxI5ciWy5vDmaG+3HS5W2" +
+                    "mGxnpLApVJZhhiJRB5fjfgRiuVbcGNWFQtgH2imMorrE0FzONSQfepLtBSQM" +
+                    "Ec8NWgmEa5O0RIYLMblXisxt7jB0k8NqgiSm3dmNmR7GhbBt+mg95uCXWmB7" +
+                    "nbcUaTWUw4Lb1EwVB/MmUEBjer/JYDADWz+NS/0VcAgBbjk7vrjAdgXkgiRB" +
+                    "l9qBDioO73qjmjeTiCjoLsuEreXPu9WTaZDuyKO1uxHoesZE0AcWjcZgKVY+" +
+                    "1Eqz3awCUxQTH+/1HsVxONmbYzJgMZ3f9Kuk7dxwFc0jgIw0LfFNnBDW3wY6" +
+                    "nrdtm7vEuR0gfYU83oqXQqAMQGwMZXKXtibS7yPL+rinLwcoWYkZaIaI6LTb" +
+                    "3DthepCtsYfIpaErOHMVOqxDUb4n5e0EUJiy7gw9JQjDX+VzpxAnt2Kc6/fl" +
+                    "kon4xadP5oyNx3YU+jIywk8p/NMhDfia0fFvl2BHRcgFXHyOa8IPNmRb0CgO" +
+                    "78Zbt3NG2+cFUx1WwOuCohfoYt/STUnxDXpOCrxYk2CD09Vm+2xC+7+VLfex" +
+                    "UnKzKH0tWLNyzA5XKSHyLe6lJCO+mvgdp2vrO7i053YVfqfqWSL9rhR0tH5w" +
+                    "NO8uUd1/ozkIjb74PSft0txTP25/c4/MEWy2JIg+HMM+2fmanJi4xJsuxBfq" +
+                    "2p/7AYfmsp05TfoSLieWDBNx3lrADGUnuPf/o8Zo2tgn8ek4ig706kqzZy9W" +
+                    "p1PaYNK6p/MLI86Sv6OLHf6fR0u6IsGPqMcYx9J7U5SCemntLvucfWRAqRn4" +
+                    "5htDzdTFrtO2nXLNDxk20DQtol7yyBg3ngVX8XDhKReGdV/Z9kEeJhgzbxLT" +
+                    "fbjoGQD5twirxYyV+eRqQZM7fu71Srg6lz7najEyH9pbQjpEPForDy5Briry" +
+                    "nplWImdWd+KwG0N35+H48kpxAU09sOUGURzsUPdwTANQUnrWWMo5+UIjxXtR" +
+                    "cDMuQmj8vlYH8iH0bKgexZMb7cRciRUF3az3lo24FA6l7e4SkyFErGJITGFN" +
+                    "IHO7wDz9h4rLikjGkz4G1d04XQCxrpHSrW9fj808up1LSoaye5ijutJihEHu" +
+                    "hkiFLi1nwuhd4ZrAZD+0VkTde9GAi9xPa8Cx+lh4JMB5mghk8uTjv7G4KqzE" +
+                    "Wlpos30CMyCc5cBGqkCVLKt64+KgUyt0FnU6tbZve7i1/oYyUaWx7BCk6o9f" +
+                    "9PuQM2bOwqhjRtpBR7q9Zb9H+qytAM8psLV6Sh9K0cK5Ug4BBEAtCK+JHBHG" +
+                    "U3zkhu2FXlm0Mnp5xiaTvPwPWe0P/mrD4Fhgn2pbPvyJXTPgWV107zafKuLW" +
+                    "34/+ML8oog69/oUOSAw4vaJx8PWguMRoQIsS6ATT2RhUVn/t21fJK9j6eF/B" +
+                    "YG5IIEavyybQMILx86+SI5sLi9j+Xqd5bPLWnZTataP+voMTzyyYqAi6ybEl" +
+                    "4QkWM0c8t141t7FULXHMTrKhdZDocb9plz3sfYk6cEqlOphvmhbZbT88iWJe" +
+                    "ndBHJxY0SL0NQ7Yl6fg/DHt4goXSIWGL5IamBM8CZnVwyCHz7laP15Zsc92H" +
+                    "DqWgbojeMxiPSVnFqxFzL/6TBBTQYuNl6+CgCOPIe88FwhZvfwzXVnQHb91i" +
+                    "58t7pwXCURscYFK7iyxi7QTrofT0QM4upsI3zBqOO0X2SOW5H6Dx3uukNP2r" +
+                    "Ud0AbXWHglnooaMNl/XRfYyb6VYg28r7qcfsSKlWuRenNf/ejaLl6GeO/ef9" +
+                    "VI+ia0qv7S2Hi6xgdw3/NTqltehTyZylC7LtKr/TVRFdGLsFKtGvT/KGMYt4" +
+                    "eUYR1zz61CVxAjjGAg+NlpTG8P50xralMthUppA7P6X4j4cDrD3E74HYg9Zv" +
+                    "4PLAh6MOymj0YbW+/QjbO13DeSXxYX5/EGk78+sBOVSzvigI9NLvWHZMFylp" +
+                    "mi5m3Wh7cQojpkeKXSw0XRd8lSeMN6lrzkMknniWfZZhK3idGCH3kHd7IGzC" +
+                    "X67K3gf+8syXOIpoDfUJHVpfvKZCw5XN2huYNGKP8KqELMoDatmEoB4hoVq/" +
+                    "VIssuwanWj3vDOxp7bYRUXID9dfTrgq5A5+1RuzrJVpmK+maTGypBDvemJhw" +
+                    "OSP62Oa+1ryH3+e1yqWDbWJrDts1S1wqMRRG5LKP16e3ZUYo33Gir/qott4b" +
+                    "J3PSvZn50KLnkyt1apUGE3pIyytvencsCca26qm+EGLYJXu+njUHIU+s4z5Y" +
+                    "xxrR4xcqc4CKXKK5+z34YCkdGM8JME8fCinDgrsixnYCjyv367LrQ+/YRvtF" +
+                    "6gF2XrCyPNTtRisqHg8Ug3CSKMPYJBXO2uu8/9dxF+r8LGv0pbVoPUBJpPiL" +
+                    "+tnxY0ggyOiU2zsUfb3QcuHONXU/2qv9FxUzBZDUDVuhXeCgNDtfv5QN7R2S" +
+                    "VoWWQDcQP5Vop61TXUhLnNaU6LwaXsVIIi9hbv4k7LV3tOxgjtyddymxch0x" +
+                    "4mR6XCXVwPx3yVIEwju7ANKsDxR+yT7crRYpPstka9lY8Y73w5MIgz2LVk65" +
+                    "xJ13puMbAGnCuSEuQgRdPHyt9JDp8KfvQ0/FegDE1axheKVAfCKgCuAudIxZ" +
+                    "UGXjPXLh4hMp+o87hw0Mkr0tfmKBd3KzRkjZm854ksnURKPODIjEqhHcW4t3" +
+                    "gRQ3cYiMqcv0cDd7cDw/4dFsfJs11aXSF674f1lhOjYqB2Xa7EMDQxJC2zw9" +
+                    "6HPVKHmGGSNAv/UiJHjcQuJslGVq1SisnSWgpMND5+QnxHDBww1p7DqXpDQJ" +
+                    "boHjZKPM/gi9N4GD6iHGbF4l8Mx1YzuzoAbqqg/6v+fmYQRUgzGnNRHW781F" +
+                    "R6J6R6JwNOVTaSvlDFzQukHdwpyqcR4OM6XkaxNK3SMRWye4O1/U+12FhPYx" +
+                    "5pPHMId8d8voJIIMPYRjFIkZAWpYbavjtV5x4xUWu/Ch6SeZ6uQu5h3WbFVe" +
+                    "buXjnOQbVIixTh8qo1WXXKiG9DUYHowgz2XWC45izfOnt1xwWj1He0IQoYWg" +
+                    "WkePdJPKfS5igRdzjwEp29RlLoqXj9TsICzYhWY626A3UjnTSOAg8Av2iWxx" +
+                    "j+3I3zA5I34udiSf/4iyrWZHeaLP3S4wIDrTTNzOh18NvspyLJrjoRokXwoJ" +
+                    "g5BnQan1rHl4p2e7oNLPhc9ewKF0QWdi2rJZDY6qO7sa6jt2C57g8jAYhAFS" +
+                    "2cXjJNQAPCgoodeKTnJ/1R6Ykk+byXzeDc1NuHPHiNbtGu54Hz5Xd3P8hYJ3" +
+                    "VBYvhkF90Rq7LvBBXyVTy8tL0I0N9BdCQrnd94HPm+fMj/nwc0pqCi9b68ex" +
+                    "Gcr8YM3vSg9xRHEBXsWjL16oKchvwavauC2Uap/OEizdkQUKBZlzDazbXTN6" +
+                    "dZpCyFcB+Ox/zgltv3jxum19WdgjyIddqBIyiKxFtC3XunK5yvmr/fFZV8X3" +
+                    "vxbxV6y0QPqJDM2ctb/ndiYaGn60EJQjxETGIanp5szgKFBYs1p1mjyov5p6" +
+                    "p76yEvTm+Ba+LX4ngM1AddqyfbPYscxtIyhUsqDqQ7vSNHQezTBcz63OclbJ" +
+                    "G2SyQFZfZKIgUXiZt+ZC3BwKRBGQZUE+UIV9WjrIvhtZN7A1qdo42c0S/skz" +
+                    "lHMKR75/PxVVXRaArCRytERwdLOvlyBE1xl3rxnxErTQHViP0xEzOfOpQ2M2" +
+                    "Ds9TcXkm66ZRnJBuk+fp4m8iiz7IfRlrI8y4AUuI9LEaFOKkh0HH7sjSWzs5" +
+                    "7uGe0eBZsLpzWoDd2Uacht9+xLcnn8tQQ32H0KHkZjm1UGtbSyUSvvoC8SQk" +
+                    "U8QstWumKzrzf3/GYuW43N4TIBUvl7GWcpmpevuAicl6SVeDjyaSGp1n/OUM" +
+                    "FH6e6kSgyDvrs/V/pQran+Dymby9DPV7fUWNo51rFdqvLhktICGGWRuUXjvA" +
+                    "eOOk4JhsD4MSlKysuGfbcUhFnkhjFkctA63HEAPAKNLoQze2tRwG+tZhJuAp" +
+                    "Q+3YEHce9DEVo/13eYVKRu4yFqD0G+KAkwcXHcFwH4b8ByTJ6K4BboRIpGAI" +
+                    "sCWN2r4Yx6sH7hDgDH/ywTs3xTI+JBDGk4+15EXUSVA41bCKEsT3BiksVE7b" +
+                    "Uo2eXPFkG7ikOuyMr5xfWtIN5v3tg/lE8K45LtWgOT2mZeEZVEVmgozGwR55" +
+                    "OqZvFeqdZbV1l57N2vSf3YkJFU8CRwd6uDZ96C/Fax7aL4biwSragaXrYu04" +
+                    "XqqWIJVYOZQnHHHTGSH+C8+NEZJiAEH2ILRlqa8VCTGPTVd96+tVriytRGFE" +
+                    "wG2xl4jYviismG73MqzuCq6iwx+HaWTiGSlXzMfhKL0DE3rhPmWrKIjdR+Ub" +
+                    "Lp1C/L2mM/y+DEMoj59/l+SwMaijQY6oUpOtVGS+Pm2C03JFNSFZyYo+HHAC" +
+                    "OkBnWMUKCGWMWOejGaC4vtBxZsHn7Q5ij+9diNfxyLEWc08L/muJG46bzlHY" +
+                    "+t6W/j4UdYuizHNm1og+DD17Kbxk7fjRsQr1ARKeDkw0RgVZrnMzfsVeNfP/" +
+                    "tQVCeOlsgTa8x3j5eQsR7aJi1taen0BQATTprJmN0428+g3Sgh+4eLslkGfi" +
+                    "9c5Ftpq6vM9bxE5w8PxjPdQdGQZdcNkDHEreAmGf8Tb/r0ODx9wMdYNRqbq0" +
+                    "Uo2Y09Q9zm91bPC75IGGrLvzc1X0MXqQmQ0YsRFq7T8j9wZqS6+bveA/Svd8" +
+                    "pwfzfR7GWDCd1lwzuP9QezVrYYcozCquJNMFgCu5hcCJUb0RdC8EBsxArcP4" +
+                    "iEM5+R62j5eOOBMikMgLpRsTQCFxBgFLiqv1sLBe1xxPIjQhtx2FJvuxd6PS" +
+                    "zOVdplRe8WbbN1XZUW5UQJH3fnD8OLpAlWS6xas3Qk0ZCl0jNqUYANUmnuJx" +
+                    "SysQeI4HRF0pvthikuZBzpS6gkxDf+CyNbJa8DZrwc+cZje11KWkthn+DMdG" +
+                    "sODZI4Z/wUGBRB9S4QQSaHUajYbJ/wfiYopt884ophtyjW14oBs67hmX/nZy" +
+                    "cYxmJnEaqcoJvSDzVDnK7YVwV6dV5pmvFe20fWuk9nAdtWbUyk1dXwZrtx7y" +
+                    "Yw6N93sAtlA+a0xwKDWK30PUU0DXuVnaw5pejrHznj1gM+zCycZ0jAQkq5Nv" +
+                    "I3VkSo6+mDhD7VfR16p5+cPgjabFb1yJYjit44H+852Tr1bzekpO8qdDw0un" +
+                    "AOjou03PaJURRqI7E4oHPA9kRIPEHzqJyIxVJrly8hSMbbVaviZOLSzbxrvI" +
+                    "J8qWlIenjvtD2m86tDZ/0V7QEek5bjlpr9wY8sEGtBhuWdRukWhHLm2RlmPY" +
+                    "2pqodKPSiDxAy1mDQiOEMAhHOfrABDKroLsVOBa+zZyR+MzUcBZk4mhXZUmo" +
+                    "dTaMjxYykxeOqnnlapKaz7qwFswwRrXP7n/Pa9XTxKpJms2s2pJZdKhZlAvp" +
+                    "E7KNlmCV8ag2hhDF300Wu+J7syVrNffpqnn4jT8bdgL8orfAXT3dgTzwplni" +
+                    "Fa2C5FQlaeGSG/7yM7qUXChppyAOA0aa3Ujbet9tf2PiS4+dsLjV1ynanz72" +
+                    "zC0bbfzdhZBMY/mYEq6GBAH8lHpAWaoVda66iIoBjNk6+qtv/ShnEFmRawLy" +
+                    "3KWyNeVw4gJjvejp+4Ch2I0zNssPrqcF6ne3k/FxB67eng7kqkFZRfC5xbLq" +
+                    "NVG28rtlDCVVWkcbyPgo3cMaym5ZEj6Hf8E+Z84PuFhQBw7gJao781M0ddV2" +
+                    "RIypj36LsxzzhpSPfmM+GHBtLzvryNqxlzViaHcsPBoh75XL9tQSPVzT6436" +
+                    "5c6dzaW7lkak2TiPoWucxZvjh1PVqoijWvHv/YGav9ffjJef9TfREsBQG+ym" +
+                    "Sw7Z4l7RZaWjfr76sO/K5FKlUmw91k8LyFeRtZ8gBIrGdV1j1DsHktHuH8/K" +
+                    "v/lHolVp0QPI7vyrXRcZd7ccJv05dm5mj+CNw7JHvAHeIps1goDamOCROexB" +
+                    "ksW7YqAuzex8xajTKtaESP3D1kZYz9BZ16sM5LWNjPNdcLygVHMBV7oAVepj" +
+                    "tOd6BYY4xfFDSWT6UFcz0v1GgdsQaszcQdCoRL1XrCatRKjSvQDN6QGXUc22" +
+                    "Cy/JqD3HHc7cqL8y2WELIPZcLNyDFe3P5Psvkcs/hysQPs3XGhfbWrvSarmF" +
+                    "AlwFT5hJEy+pXeb7x+jNjOxaj0vq/k1gyXm1y/pWPZvB//MjLA8tU6mQCyUC" +
+                    "U9wjAtrieJRAdZc4pqqO7Ha1Iq50vtdLu0I2mNn6M9/b2IUfwqziE+rBdXH5" +
+                    "Wj2n3+TQed5xzpJIqG7iJQbOEY4byZgVmSQCJHjWBU1yaK+gkTGunPbv56+P" +
+                    "PNYZ5uUJPWCrWSkmRow4Z8B/Gi1IMKkAsEsv6i6HwomZZoj9tZGpXL27ZKxC" +
+                    "fZMnyIN3QMXrtCb+RHcRSTWlgraLfVMZvjtYh2Kxwb1wB/Lv6ClHT/A69uYZ" +
+                    "QNSDQCCxSOaAOQoACjh2bj38g08nA/rGXUYft9LTEKIkqUSf4fMTc3WzTaqN" +
+                    "MzZ+iXnNMPDYWSWnVOZ21HpkOoOID0zRbk2jBy1B0xW9kcS86ekhkBXhKYxw" +
+                    "x+J1k3WqsMVnsVqPWWTRU/G5OCfgsVXfYElFlrmM3f3jiMADkdBsfEqrpPt3" +
+                    "0QsVHp4T8Q6WzkOV8D5lIGdLKsF++8LSjwLjhERWXdwooq+6KoLPm3cm9Tiu" +
+                    "LMjtfIfVYfaw09zXmKqOkVONEsZDLHTztqmNWNJJB1Ay5iL7QPvSjKQS9WIQ" +
+                    "TJOARZD0k+qUW/9a3QHaeg3O9aqYFMxf7QO4FCHf1TIMNnr5LGoUIxC3n7Ki" +
+                    "cB9MlAunuFud8DiiB8/+3QgslIVknChjQiCeZPFsJIszUvPooQJsRDcGXADH" +
+                    "kXInEcaqT9EsHYnWwDtmZ7gQd+NgT3IqvlRJRZ6KXmyuphamZKieRkOIplHV" +
+                    "muUq1T60+6tBHld2033XYtS0qY81/fOY8WbvjCxUjF5xu/So1tmW0tqr0l3y" +
+                    "GGp8jyNE6vL8/gJgobfXTVgnZhPB86D17FNWwEWHG/dBis7gmo0mkZRh9+gk" +
+                    "PLAl8E3UFqWmTLknSqqcI6ajgkyI3nmphyLc5H2l2mUYRI+bCiOunlWGGzMq" +
+                    "Qj2oSuGdOYX/hNn7MfAYmb1WNwpopBJYHA3VKIKCH4YDLz8h5LF9v1iHpZT3" +
+                    "IiHf1WEwC7JpI3Q1S09sJMjSih5dctNkmoCG56gJ0ZjmJvYhWy+A9/Nyd9qp" +
+                    "oj0E6j0hf6p8dovu1eE2BqKRydCa0T2i+bPnNnB21KU2MLgV5NGw4tyIfUoR" +
+                    "Ui8QSHDynL1Ob1BUbKuqT5p0Ybqths/oWeBN032wA8DOblale/gyz0fXWWTh" +
+                    "VqD5ktw5SGRJTmA/tJfhK7kFfMdk+9Fsvw/yV735NAcTorVbOPJoEWSsq7k5" +
+                    "vY1qreQO6tRd6Gx8aeHW0st8w0Cyf3UpLi8x+NcX53WJaYBhXXJtYZlEnZ3W" +
+                    "do1Ekrs6TWrnRzSUk1uD3Ku47Gpd02hOTfN0T5lUUjaoqRLuvwyYmQiU47Ww" +
+                    "Wnb5ftTAoljtH2P4LXQZyqYWca+BgHdSjlaadtJ7hG88zgSHomwu/QVSVRSJ" +
+                    "zqW+0ekjRr45/9gKNmaDdFwZ41HBgly98x4Z1LzcimtylmgTpAmowJRCBSV5" +
+                    "uad7WgR5Pw2LKWx8YnPAD9aJ78DfSA4LqkULHOfVfqM1CIDO92Makz1gL6bM" +
+                    "6jEpuNkQHE1FifU31Dof4JeoGC+w6V6UjtmUrilKgq98UPAHHU8Bs3ADfXIH" +
+                    "w5Gz/LEjwmUL5pEeFft2PMzf9HkgKcuCFrg8by4PgIv4wMiE6gXZCMfE+Mzd" +
+                    "fulMuy1opZB6LdObgrv8uzhfsplRaVl4utuTGqg3ZE7PyZ+a2nVTBDj3Blx9" +
+                    "88gBN6wjC7MnTRR7C3PlVfX0ApBjmX84Eu9AF7R0zc+XlqsguJK7KKWq9BFL" +
+                    "xXETLlygW2oux+30km40WiZC70wZJuG/Y8NzPwZd3JiJ5/cVWySyppfBD5cY" +
+                    "k6as7/9oXDj5OfXilXXJNnzMSp9Q9h0P0do3qteAp3um6ixvnE/unKtCDua1" +
+                    "KuYbV9ThI+RedYYkYdyKSgBiFxfUtMmYw1E3tqjxm4vNlGJijmBM4HbEmR3S" +
+                    "okiE+52LKS4SiNRNfp6Hbnghld56n/Bpjv3jsMlwES7415uKmAfm7pRQrB6I" +
+                    "6MhGGYhpATf+q3iImH5nSkYt6OCyBjjII17Dkrs+Au/wOk9xhY81j2lua4hC" +
+                    "VAWiv8lXTznHxcHl0e9w7lr2rqdl74byKD0ey+GT15C/oRYGM2LNTwNK/K4I" +
+                    "hh629dJF+od59sUGg3fJ4qPM4cK0M81VxE86TvZP6Nmbah9L+uqVrnA4IT6O" +
+                    "BmiJub1LG0awl59Khw/Nvc1wxje0dr6cuHQuXM2CIYKfaIyjs1snuCpO0KgQ" +
+                    "Tkz7DpQSe9RUo6aC2870GuvKlTLWkI0WI/oRLU0sjgssUXraZQ/8XeC9pS2X" +
+                    "d5FlZX+gA1OM2x6v/DQLzDeN18R6i6UeQZSgDMv5PeCM+1amS+wVznR+2pzx" +
+                    "KNlyPta/4XYWhX/2GB5lwHtYlKDOnI8+0gWU4Lp+mrfKSYdpvnAg4SKRwL8V" +
+                    "h344eiwCCpdDDOuqN02dJs4H552sy1SFwMvBnsJCRtQUCq6SPiJ+lrVTPsQZ" +
+                    "snJcwOKQHNGHkWs2rTPU7nrhbXaRUCcTcPKknAg3wdORtT54ASE73dkufPUS" +
+                    "8hgbDJB8EwD+nKy0Y2y1KdsCCHjoHqtXOwaCoPHecBud71ontPj0XCZ54drN" +
+                    "U4coNXGJjUtKhRPMC45US6AJRYu37P4crc043eO8D+E9MgE9cm8zCF1aRJe5" +
+                    "lP2uQLvGXvg2qdbrQP/ebQNZ3QJ2LUT1km3ApZXRi0ht0a9SzWsRo5CSQY2k" +
+                    "g8K6YbslkxCT/AvYEGWjEHx2kBj96lSTYYz7nXkJHzLX5kbgXWAHavzWN04L" +
+                    "Hqf6pbzbbiNpJ7SpG1SUxZE9xU34BP2msOD4aOUPBJCfd3pE+5Nrnwudk3r1" +
+                    "Lwp9YBlbbI2md/A6z0H5qKrWYyViiFbfmUKZ/BrSt8+g8Z0MY26V+7wQCmZu" +
+                    "JbyOQkLbPG3YghMUK/T//1NbEsgVK43Bh5mvMZgLOWFOHf360y1RBNtJgcpF" +
+                    "/Ckig/TSA25XC4l3MQ0bSEdszSjUkRlKk6WARrZ62EpCV5mNP6XMJOPRpNRl" +
+                    "DHvumo89/PKxn9/0GqLSGqkC+yHxOhxqF/3pe9wduSuEamM2FFySftqO0BKU" +
+                    "uvYDGs2USoeZCO4xXELDn93caAYRCUIEzFYU6dT9JGEEgapq6UrmiS2Hi6/X" +
+                    "zYcs41tJtI143kOJ6NKq/YzvZTNnyOiTmXuKJwE5R4VdtkZ2PBD8MZvqMpk9" +
+                    "reFXpubJBL9z7ZqvvchZ2AHsnKWCOQ/rG+rRXTuWMDF5hHIhr8NOy6Sp8X1k" +
+                    "DC49CFKkSv23OxhLQLfRBQHcKQ5IH0sJTtbHviBq+vB9OV8dz3qpLvAbTB89" +
+                    "tPrKfy7jsfPaFEJUy9bjJsk8gg70WLR32OucUO5AStWk39b2C6PEGewzp+Pe" +
+                    "uy/SWBly28gN3Em4RsHUptWkyiOrw7sQhwalJV60rwqROCfSb01jLfAcBgDl" +
+                    "1yZ08YSKsMvRGUCRID22eDBxl8fFeNHyfPWZrsGegLiWpG4SEhdz9MuayNCW" +
+                    "+K/rq5wXnvgmVeDx9rgeCSuEc2+iGgyirvVcwINSPoJIejyfLP8A+dNQrS8b" +
+                    "6n6ZWKEpiK+4K6gQJArgbdU/2QdzHmDH+b4ITnrhqA2SVH5kjdglYMWBZ45/" +
+                    "/Q5LwMEdqv/P48eWWxN8XMoIkVf+FtqeHwfr48AZhINxbQROlqBS7hCNYj44" +
+                    "BLipDiGmeGI3pYeWsoZqu7hCRMPb42ziwSGFdvv4Q2HFWdgDYvirxqh2SbgF" +
+                    "aznvDQxq4Zzk+TiJbHgphDZJR+DEHYX5n9HbgLWOp2kYWKWT0BPwzS1w++vK" +
+                    "+pMEmbn3C5d7OEBIJ9TTD/jZXB3KP9tUICFFaFXUrk2752fBfO9kA5xxbxDk" +
+                    "ISUvhwBgiNGxet1T5SoRKPb61Zz3NY0SLr+GD5KfH4mJSF6tOUZ2iAP81uUs" +
+                    "fwPIxqHh83mMS5PW/DAEeJT2FFcBMVaXdj6Xc1hvIGGXYjc3NQLxII5vbQVR" +
+                    "3UGhRFSJEi0urSXTFUDMan2AO24mM+jnNRCOxOIAx98qj6DKTfkcBZidH9tG" +
+                    "nJAOlISyY49hJvSk57tjc0oiSq8ojE9bxQQ007mc+XnKP9/5dXrTa/zUhCZi" +
+                    "DIeqvdOZ1ugRt1garJv+BS0kRrMpahYxkqUJijkSE6U+4+5V3ssWhWu+3VM/" +
+                    "LpKK/sKXImOzcBbcdvzPd1/2yUp+ZCzDRB9qeOmdhZtEgKHp3b2Xw7211jfP" +
+                    "ZWG3ydrVCduI2m2Vo4Lb+4NddZj3yN6xeurZw/JZIuzBcmOg6viEu+Be38GP" +
+                    "VWz4DV3lAK/2eVPGUMVIVXthJCFLKaT10psSNqFYWi92OxhOIu0End71Gb1H" +
+                    "tupvmdPZWCQbhaW8l2RvYMZuJFKpH+reSP6FrgqmrxXGf+2EXzz6PdbeLmnB" +
+                    "UB9QcTdu8tsIuUvzh2Axvrxmqi5rigefuQqwvSgl4KPC2mFI3cKrVJ3kB4Nz" +
+                    "gMIpgW1FzVkiVQSHMTno/bm1LxzGv5Bcjx48NbL183kkAb3kYGNfZHEE7EIN" +
+                    "/3EgK1RUUF0YC9EAYt5U/hnNOofK5rNTjYPepexhY5/4Ve5msVrtn3C2Nlp7" +
+                    "gpnGtHvcm2yoPuWo5ASHh+wGZWwkUMz19x7176l2GczPSajuK6CT2i3xnZ8Q" +
+                    "VGQALJ3Tg83Lqg7LfUhQIFYr6yPttZAjuETlWXxIa2IDsxj6Jz9WBzQHr8TE" +
+                    "1NY9XmTY2eenwpmNOVHrwn3ADzW6OyDHfjv6IY+INC9CAnGSf1EMiwUPNOpr" +
+                    "oYhGfRzTgLLJQTPTWwkn4rmds8eLVdp1gF4uK9fEdY17nJFe39I2Tui4yhwD" +
+                    "Ue39/dGYG16nNTqYj/yt07oilo8PKAKczLLN20Le0aYmOBMGWx+5gWGiPQGk" +
+                    "Jmq0LCHO5rHf7L1j53+efwedTj1Z+qv20IQINJcUvgUX4XfJewiUoLU9Nf8P" +
+                    "jOTIzyR7lNWV75kK0JZJz1jww94GjuCq6F/qXwAM3P+X1VThbLKd+drT3YmP" +
+                    "WVOeOYWPOXUrU3OowSzMGIE5sq7rQY5WwZWpE8O5lUJ6fZwx+MjKVnAYdzAJ" +
+                    "rRxH7eBJOFwn/IGlgJDUdvOHy2bXX9kcVP/ShWuflU1e0y158UTGQNiIRjN2" +
+                    "E19RBBgTru0eB0DZ/yke4BhkeIo5u0Rg91asZHp2RHONDyTppR8wSO7aMKRZ" +
+                    "BQYEv87BIO+B06YsohMfWa7GwD4jFd3XAm12aXIukDo8sMJ6f/C70NwyNsNB" +
+                    "wvjMvl+8E4jK1s5qgagPwECIdl6RBtf0m/CDm3FS1jD8ghJnvbHG7aZnafm3" +
+                    "jTPJcAUDP0+GGtK4aFvqC6yvbUPotlWYyPDhMaOOFSwuFUqn9tzlY3NPlo4x" +
+                    "28rietj+sZjSd+fdUiPP5q7T/VR/SsnzIWTgWOUyEGVeJczUpSdqNO3MJoY+" +
+                    "5MV6+KRkRAbULuVC+N6whOfPW4aihfNVLEBkUfkpo9f0by7fpVU6eJTaqv4T" +
+                    "Z3qW1t80ZVUXN6qRnjG2t7UmTqP2rTXurYseWBYZceo59zfQQSMo5cirpLbh" +
+                    "SlCrVXP/CbUM+OMoiudWha/RZw4fdximFlo6R+TxMoWdWOAMc1kfyL5q7tZk" +
+                    "kJfAj7r3Y4XBcNeQ9bqKKdBzJxUNRvU2Be47fEfbVpKqDWFlxeOrj6tRqjKK" +
+                    "YUt7zjZpYGFqG3YzTfXZVSQ6Qwmxu/QM6vFVjbOpsScYal7Io1qLnDBSUmRb" +
+                    "v/gong0EpsUNvjQ40B8jmNUNsTnRF8memZC7k2cKLnah5RXyuLFvN4cZFSar" +
+                    "LPhBgDBWRgtEzeShPtQiYzJCelbelDoFBz/KfavE4MLRYgXf6/AE3U7CAwDq" +
+                    "splXWaEuCGw7Snwpchk4gCXSiFjVDj2ao2WMA6y/zot6a27ppekkvQRFCtkL" +
+                    "SXNkgJ/F0mvgp3mQBOvo7Yd4NPJV++tRFf4tHWbb8VIopwGynZlnlxXyil0c" +
+                    "P1tRMXjBWDHFY5GYv48XTon13fw/GORM7XMTbv30KXQvTGpLk24IEjIG5iD1" +
+                    "MrqQaAgkWkzBFPwnZpKIenpGmO0G06uW0+c3eJRbfkUaVlsDCnB+3+qZNYSw" +
+                    "ugJsWuMUo/brItbV3Yrt2012ocymZSqOGtUewz+VSOopAHG+uIZi2L9h3/kj" +
+                    "cJr4b5QSsmFoRCAR5j7TSkVpsfTK6YH43FbXxOHamseOOE18TY5BLb/tIlU+" +
+                    "i8p59WnYo5sDy20o/sDM9N8L0Ks4Vma6DIdwYm0YGRzLBR9N5i+HjcprWz4x" +
+                    "FxBHMVMalm7metqsOihfb7aj/iu36uZ9eAEJNZra2vUz3F2oFwlK0aJwznMT" +
+                    "+k06Rqd2xZOKZxWqbVeWMb8EPiAvjwtAbmoXzTf7AZPChwAtb/fkd8QhKAHt" +
+                    "Ge1akmgoY/puFLMJnFECvmy8dlzVfsAX7JhBlVRkeEDofUDCnkh7brT9qqrR" +
+                    "gj92kv+jO5PS2svsFJa+3bB6tuKLe+AHnuvaB1aAdf4aPxFGwHAS2a5ANqJ4" +
+                    "CskScf9J9kCm6KwO+CmhdcjlZFMs8S8CV7XVpNrlwWDV0CdwEmZMvIuIvUB8" +
+                    "Ic58/kCZ8A7OwUVzMEtmJPuLBDVNrS2jLTb3CKjWw5EO9H15J5FseeTz4jWj" +
+                    "7PfjV95NT/n0IqhN/1CsozW6Ko2LDrzH9AjD267p/cF62Hc0a7XI+FMF+d0v" +
+                    "myz/L8RjdZzwiq/Xg+gYWLT8uAv48yazhy+3h95Ttf8IP8E1pSAEvyiuKUcA" +
+                    "liw8aOjVpYaBJU3SZEy/T4QAyY1wmiyaReHXZ+ayWHB+HIiCNdNXj5koUOUc" +
+                    "LVKQBdvgjvMMLIUlUCJB+armPQ63GNp5bBfI1lhvjrs/He1HfgKYf8H6kWwf" +
+                    "BrBSYVno6HkRNKutUpc2nrXCHRqmJtuzB7uabtGFQEZbxP6OHY01k+tLPHUz" +
+                    "EJ/tUGZ7mUfZp1m+PwbXlSjRMYJhLJPsNbczNkuFdfIAfAN8YlUjaeHQWAuJ" +
+                    "KaA5iwxIqENVCZR48WUI4s/1uXO3VNa+UoSGI5N9FLgfsf/m/3Er8djDf/VH" +
+                    "kW6nG3u8maC6xuTmHh2w0QSsLhjqkjuIBoY7T2Ye+phZYhcjLTuRkoJxNGXv" +
+                    "foVPuNghwAHm2Jw1QN0LjWQp0aggReKLBIAb5sTLYLQltGHDNj6ime+gQmk2" +
+                    "2kb2QlCP2sOP2zs2/D7CuUWHVeeA5hcJc2eWEWv/I5s6cYysTM13dleBwIu0" +
+                    "+0Lyz34cvXrC+9agwHa+uAdO9KYfuk8PjRmVPY5rgL5ux7QbhgA5Ou/1GFm7" +
+                    "66fbdqYHNN48Dof8WeNQTZE1qlHl2ftAKyFk9vH+2T/1knJVHpEo2Dh5KywQ" +
+                    "M41C0Gla+cIj+Wpit9hVYyF+VMC4MYbJDDQ/f5VCuSMXJIFZ7wwV5EkCLZV4" +
+                    "qlDC37hMec645uyutF+SAFAyyiOufGnyR/spllpPXf8pF/HXvtwkPCyN/IKE" +
+                    "vp9YOKtXdGfQ0NksPRP6f/nfy8X49Nmr7N4oexlVB/2hfym9ApWw3zVMhWpr" +
+                    "sk9EWMkVzNccL084P0UBYDRwVmaU0OJHU1zDs5MS/joegbwjO1gA2FJcFdoE" +
+                    "vbbLWCDJGVkZWvfgPr28xxSZAhYuFO5zJ+Sn+36NXPsAwQlbyMWp7y5R/JBH" +
+                    "zHrQmpEp6uyyyYqOFA4QIWW4RhBW30gABmq+Dc9qqEUyVjRd+8RXf1Qvin7F" +
+                    "tD0cTAOl2UISjI7Z7JexkSFBcS1uEEgG2SkGYycFa3TapP2PXEdL77pN+FJ3" +
+                    "tuefmxbW4UaQq5xDr59BmhJ6bZ887I6vwi1t5Q2rqTNRxZjePkCqhtZSV0E7" +
+                    "JfWxMEPxxzJz5e4/PMMdMUeN2lG45WAbdJuWYsuC7gb3gVmtCkSyTJcF0Xos" +
+                    "Uh/jsWbVPsDWOle55iWepn7i0HBUQONI0iv/BLFTbU1+19frmpB6MEmV+t+P" +
+                    "cUeiVWy2uoRXXJiZgZ6uWAPtSedlFNO3DGCl6a/POkU0OBvW5UpVlpVAJ2qt" +
+                    "qXbBz3OYJ5eOS9xqRpdvqtkzIB7eXO+2Icxq281+M6Ug5PFRgyLpk20RXkyR" +
+                    "PEqmjBnTkR8Ku2B2F4SvQJsKK3dxjGdxwYr9+3ReS69grg4/4WtbD4iVf/lE" +
+                    "G/UrIyW4nCL3/k0y2LL/pdbCPsoT3kSLvtNxKF7sFnLxvxvPxGMvYpnGyE9s" +
+                    "UeOtPY5LsIjRX3eMuT+msI8fPrlOcZ2ejz5FRYvvChBxB6o9w9ybZlxx0SUh" +
+                    "1yqqW+hjCY0bfzaOxEVs8ZfGKgfS16AVN0sArOBdS+FhK3zKSAubqx4IfZ0y" +
+                    "luFVMPAGUUo558vyGZNhmW6U1FJczZWz+yFOZMcH9Y21GRkE+JKnBIEY+cuM" +
+                    "RolrU0Tzj3USUC8xazB6ipNZNKepCCzcRy+B8ulGVeaZHFzVLe+yt1zPvFOJ" +
+                    "BQOoGDe9ZDsqo1QJHxTh7eaEWr8hMfLs5bDanrN8mBjhom+1Ni7RQEg7qtbf" +
+                    "kWd6RdB5gDEZDeFNP/16n1dFf1M/lLYfKWUuYLXueOX4s3dFFAxyKqy9NXVk" +
+                    "X7/s+d9XTQfIax6Zh3SH5YF47yddlysYZu/HjhaO31yq1+hBLQgeBEl91vnT" +
+                    "Qg6DlMnh36Vpsfc36UqKo/97LMioJq+4vViL2CqMlTboeepvgOMjdm0VfPn1" +
+                    "cN0ithvdPi0pOPjArFjhcsdF2I9qQpQCPfC9n4xpaz1E1PQpek5x/LqueH8F" +
+                    "UgiOGoUZWSdRaFjXu9KPP77mayqTT8SnCx0flb0E92mEpI4P4zq58/nOnVWN" +
+                    "uGcOZ7AqZRwIfIHJSMlXgaHQGg8YDoDXJKgp28fZZzESjzEzKlE4zwQyyAFe" +
+                    "jQSXjRexLS9YqWpWaIFaVaNy6b3zIohOjLMWATB+OeuR48JfUKIsaBUz+HdA" +
+                    "Y33pgtJsb4tmC99SeS1sBfZAw3hUYWUE3y24+u6lRdw6AX3SvfhC5Vc8qVt7" +
+                    "+GFWGlOH9MdHYcoNxPpB3N0HqQYZk5uGgcTgHneJ3oq9QLRzURvzjEupTzI/" +
+                    "z36YZRA9vm+TgWoCrhUH2/52vJhKgjOY4usDvJFfEUWHv61fOAxzy8wLgu5v" +
+                    "NXBX8ABR1txwpN08BCs1I3aoODlTz/T/WwPNfGptkP1sQ4PgHxJdCQsvi5WM" +
+                    "L2sBq/ZmIf2SVNQaRI7MkeS0z3NdnqxzY+8wTVjQVZG0zbpNpg1G9fEk6Rkk" +
+                    "wV0vHEGXnZJ3DXTzMexg6NSyE3GXMJHa9J2fP4lMuKc89XtGaA+CU28RgbkE" +
+                    "Zs+Mlbu0YNvk7JABJ/UHxf8UNJY9YG5BdUvJbElrbajWnllEaRauDzjnvjkZ" +
+                    "U4Uw4fdHmzpu0PUuM9Wm5UusD5lZfj0Xng+XO4Kea9RheukO7CCf01jZuFlu" +
+                    "Xgbi1tbOkkVA0AvWbnp2Dv59O75kaaVq4kBJB1SxUFb2DTvHTA2b8NYEfeis" +
+                    "eVIiKNW9fDMJbbmwySQftx0SRcrKbCloN8q7RAzmewiyVBtCI8a5CNw3qtEO" +
+                    "RjZYDPmLXaFU+uc83/dIMh3jnJcbZyUvt/X1NMsrF+sSonKepfVhq4mtO5XM" +
+                    "lQGTY5Wyl6ytdlMbK/vwp4MsZXFsAzP85AOpEI9cHUnlYM/Q8YTMeLZt60hD" +
+                    "Mqq9SU0USmvqbhteriLTuTczrsaebhXHsPbdcq1zopsOtA03q2hyQPebYWP5" +
+                    "x79K6lUVxOar3JvnguVfyOrDBPRXDphI1Ew5g8dlGP5OoOhGWT4/S4OEIa0K" +
+                    "32dRruB7A/F31osJeK8J2pvoosZzLpxh7nyU3Jyc0c8uuQqj+1NiGvERfV9W" +
+                    "a2UkCOHaLwmNRb43ifkYIW9R66mL3Mu+hWo3aXfDriYxZHG61blhFYNDxkUf" +
+                    "qx3BlDmcjbWae8v6G/JI7mEK0XKRI5Z4NgheSSY7VBnj4nQRRht5efUq1TWt" +
+                    "OpK4Ws29BRhSfgd7DtpVS9zSW48JCfxGTuNHHbXzSWrLSAU0OX42ycv74gm0" +
+                    "Nv7XeLzs5Bp79Vkc/YZRxGa65h5AfQzKf001czPofnw58fHa6WUqD5m2pEBC" +
+                    "0fC/YSIpV7wJfUBuj/JlWGiwAkWpkQihq7mW8GcxUTk2nLLrBbWr4X8QBdXZ" +
+                    "s9dA11UTul6nVzGnFDrWRbHgcAmU4bxSEsMYL31tGg/jMKPx6blN/M3I+KKN" +
+                    "U+9y1Arn/36z471rKz6Xgo5bP4qbRxLArWnmV4BpB14hL0JeQJaqJtFuNIxw" +
+                    "+y04cXQjdHxmjluTC5F4hViPS5rY5+AM4C7IqR8fjmC/pLNhWQsnz3/rH2Ax" +
+                    "3zPs0E3vdeZl3JRMUeWqRYLQuF/Q38u08/8PthUhYyT978xWJ6+t9rrC2iS0" +
+                    "QbRNvmqE1TuROy3JcLz8ig4Ryo6thY7tKnKuRFmbBQHWk+43yU5hUqw2H3hX" +
+                    "roIYd9NqTeImqfesegSnRpSBnOnFQLRkI8KZOIQeyYzKOWVJQw16xwSX+PdU" +
+                    "4hc6pA6+pIm5k5KO/UzJGmWpzpH1HyHuSIjhLi/zRGBHOXPZHLtTHjQO0fZs" +
+                    "WH1QcmVrrrRvHhTXzKqKsQRfKtkgjQRCJtNIB5tQjWfwNgW4Lu0psB3x0sSL" +
+                    "GnKm+BKjgE7HMApctusBLXNwplxsp8PYyZOiQeL+6v+iUCDLDLI5Tv6XIONW" +
+                    "GzxU6SAAcVhJ14gy+95ptYSdc9YioUHvAgcletAy7oWdnpIliUfmlOELyvZF" +
+                    "kpixQDAyNSVUUWxGsad4dwYRv+Q57WMWkDQB/WfkBfqK6EO0DQg0FvJSQ2Ij" +
+                    "Fj7O4vOPDyXt/ir1QUxfELactILEpBTf0UUgIJAjcnAI0waPu9fN/619eo7V" +
+                    "VH8Wpk3HUU9LjOIIDC7BAPPTE2xDa3kAG9VGweIXpL6YyW4JnAVSkou1pZWt" +
+                    "CW05eMRe0HkDpEJb4iz/UHn2KII4ZjJaFUgSWgNDRiHRvMoW4tIImHuI4+Y7" +
+                    "rokPlAlmO8yEnsLyBVgiPr51Sq9RWPCL1y3bryOfUoGFc/cozQ1csN02Mncz" +
+                    "YeSbbwt0toufO1ex/gfsiteqRgZvSIn91yMsFl7lzEi3kyJIhW7hBrPDfAHm" +
+                    "TZ5Czrcs1z0+JKfU1PXcuaRm/Bw+OY/1v8Z+YYKIynupdgnLCY8LfruNzk5S" +
+                    "e/mT0UwgtoJE+TvceiYGTw+Rkf0a4jZiTEcs3lF/IRvIOnd/+5m1eeWtGJp+" +
+                    "z6rlPrlRWjrhl4Ufqxob6U5jjY1/7zAMV6Ge7RgkNJiRy0Brb5+phAHpkajC" +
+                    "I/q4m/qBBm+gqRrfmFvPfo1CeijfMelIXMh3+p628kWGpIAypU3ocEcVcXXG" +
+                    "B+K/n2zyfbBQtMQ+MEUurRbn4G90gyRaHKgf3SuQSM53c+OVfJGXhR4Gtki9" +
+                    "NF3kCMt3wiGXi+c25NEs07LZ+xWfLeK0/0IrAHCmG8IcoO6T8pujgZUEyIHv" +
+                    "9Za/9vrvP72UlQ4+z6yUg0RNwlHgWN2nF0xnTQZXySXaoAaqwGA8HetCbx7s" +
+                    "ePd+VFl1/gApyxeGhWFTf0d3YiBLRCqvdFCsKrC/ni7aIGgbpuvjxmHiTAKa" +
+                    "Jaick9xE7a13b2pY557OVq6ExqRiC3c28z4YuKXfJf6IIeBug1HY9yEnjU37" +
+                    "eqNJL/XbyImo55ARAH61MwL1RSqu7uWJDui4GKCOKC+piqOwLDjSx8AyRVN8" +
+                    "zbsTxKtN0N0AUBqstlxgrfbV3/BCqKSQHCaqlg0Nrzk0T53RZEHyNv16qtr2" +
+                    "iF45GMDj3k/lP/NLU4DQX3R0zx1dQirSfUr0PJGxZdwnfHFzSZ7o5YaAnqdW" +
+                    "j8t4DGsu5wdktDOfqRsXrX3eKmeps5ycRBKTUgPhoccH+PFtMXYjkTH49aW4" +
+                    "hKgnJd5I49A5o/Vdd5Z3zNFF7eSUsMFA6pYxXOy4/wQYpu8vqmYBs5p/WBM3" +
+                    "wJkp0iLaEsEvJGSRNjbyuhV+N16GamJVIQVk0X2HvzKVtL1cHHN2f9BkFbFC" +
+                    "R2iW/I0ZFz/OECDOnlS1Ea/jGXuEIOB2+4O/Fki7kQ1opkc5pB5ehMMCetXP" +
+                    "cPJrEyyQJXsG0ZiCmr9RtGoEKG6lfvNxFWBtXHjXrFXjZ/KRZi7BS6ZPIRb+" +
+                    "YER6V8tyLNkL86xTjkm1oq9+opihDSf2+dve/u3YFooowsleeNynMVEyEPo2" +
+                    "yOLB8FO/l60qpSOSrepG6kS37ifjrv1piMyqLxz9EWP33jG0ajCEj1hAoke2" +
+                    "5uLFL0xaYT5Hbb3SPD6E5Kwm3GrP53VMGpzxFb3WirP2iW1pSLH5ZwBSiiJa" +
+                    "awGW/1JAZ/AemOroG1jpFXYG30euz9cj1ha97GagqGgaklIQGbGejqj1lu7/" +
+                    "H8Uu47sdFxrQTbs0enJEr7iZdOWHb/Gk1u6X2+1d1+2ifn5k4dd2QrKi4lKZ" +
+                    "TnzU6InfbE6wl7kblSGnvxG5CdMs6vfcs1VQHbahPxyZ1ci7h3Yda6MV1xNv" +
+                    "8gru+cCbr/x6v0L0L0rjSg2ZwFq+UCexc8t7ONv6y6KhjbUgGmy15GthHqYQ" +
+                    "/wFMIeobeq7yd04vUMhsvSxfXL54RECwu0Wz9OXfPU8yGdLiUqGDlVM/lrCF" +
+                    "H7zdSU+XKqOoxA/Wb8zayXZehYRQqnDVlJzA39Sp4KtPQdIapZ42ViJ8SWXI" +
+                    "sgtztW588KRMxjtMxpIj5eKucFr9bqfYsaYU74t3JQUIeWrKMEGlftBrT5Tn" +
+                    "BIPhOlTSMWe3pWOkJP76uUm/mqrz/LirLgzKrMpsw32eUSQsizWwXnC2a9pf" +
+                    "VQcqDIQBgIRxI6bp4U4IQIhCezOhZe+02pt/R6el4fvDyhGh2sjcUyt50XHa" +
+                    "tobMMkNVoQTWm1UUJpRB5n0CbtXDRkB54kL7IYlhsZVBYQqDMihNbTvcGfUE" +
+                    "tz+Yw405OdLawX5VpV4azSeXxncq4LlHgE23JKIpZjnQ/ueb8c/6EUyfn1u7" +
+                    "4+lGsqIK87fwPrGP6tgozyo8e+uzYl2wIKjL3p1ypi9IJodtMtQJT4Aw/Nyk" +
+                    "d+fB2zS7h54vyh9XJBqXBlyBJTDoevGxACfCZMOagdR4kmysiWUEqcaPSslx" +
+                    "9is9VTALHRpN7LeKyTnPnMzFb1otJ+tYncqtvaP0I8hRgtWHsbiBqpjDUZxF" +
+                    "nOXaXzbuYdEV2rzcQ9msOCqejRctklNVGwrFdqEKUeOV4QwwGJv6wb6rRYaB" +
+                    "qXB0/8CEkoNYOC/VU668RDOkwTFd12w/9TOgr88DHX0dN0OHLKa7/xzNji1k" +
+                    "OVkQcT+Bcrqr2pUWkic30U+YU7mJSC49tssKTROJ6SM6m25jou/0YuuYTge0" +
+                    "S/bn+Th6Y7YJ79eqvmG2OneqcCwE+SzpehGo/LeROeBH5w3rGTcl2qcxvRf1" +
+                    "SyyJ5aGlh6fseWgcO1NW2oLr+ih6JCpDf4vRcYjdaZysmzB9y5kLOY3rPQbI" +
+                    "OxqaO1KshMb3fGJIcK53lZBqHQfqQ7CgeYotq2OGUmKzr2BVmkah+YIMUrRE" +
+                    "xVGSlMzJyDABEE5cTBvcmq8MJvTdFeQrOHkAHJ4Y10v0rb01hGkvJbSUq5a9" +
+                    "B7f7ulZPnYpWmJZ8iDPs2eETUH/fm/a+B1i2kb7QCs50zGfp6grwmwMb7fd2" +
+                    "DEOkjXS6VEOfnzS4jlNhBfGRD0GORIjRCI2arB1hjQvthLU14Q03ZetymTXE" +
+                    "dMml0i+t7wNhESkAMwvfqkPrG72sg32w8yCKh9zE7YATcElTAobdxR9aU8ei" +
+                    "ulXgMb/PnC15/SZTvGzK4E5FGjRbRYx0ZJsQYpdzx4D0L/Yx0BEODfIdbXDV" +
+                    "kSRMtltmWx+88xlqzN28I43ezoe/8rU7WzQvJLs/9N7Ud9JS6H2pHJxqGYQs" +
+                    "3Sk32tnWjIk57PXk/++6IwsGonmalUSP53cILKDerkkj8LkOtbCSdmQu5uTb" +
+                    "dXdxM6Yo6nHStyJyHZUz52qDbZruVnBLS2HXjG0LOBNSU80jbkNzJ9+uSr81" +
+                    "bsHaUlIsq7Wksrv1pfNIz8ieisEJnk3FE6nitwh6w5RYF7Kl21a1vEPQUipZ" +
+                    "hfPBLGel0lBmBb36va4ge0nketjV01j4lBStIg5c6c+V00gwsu3/Aj+EaMy8" +
+                    "jDW1nle5f1wG6KQxAqLo78BIOojlyQjR1rAbPS+rvxTjirQ60LEPeyEnljmG" +
+                    "xVnGGliSrnlRuI5KAkQxLCUEQTTFy3Dj+1NAUkx4Xoi7ARsfvj0L7T36wq0Y" +
+                    "+aFViAoYfBXqNqf5vLbXo8hcKIkfvUf5b90ivNPnQx/nUH6LsSaDAUEpR3CR" +
+                    "8c3iNn7BURwoIjtAz3NfEgsQRYbyQIb4hgCODp2tnhl+GK1bKvkgnbRoxyCJ" +
+                    "XsK6Ka9lLK6TGP2AG7zdJIBBvWF4yCsNdF06qYuN32L0t4OOP6cRMowDchoY" +
+                    "vwXr9KWAvAc4Kq3KnwwUDPTISLp33n9LFItdgZNZeMjZ3hi7mSisMB4lK0lX" +
+                    "L4T3G/GNH+sYKgS17BRU1Dw/Bmt9LGOmQIFLsKErqIV+cXsBLlNiuC5lzl5Q" +
+                    "W3DTNJhErd3vaecEAJJlTfSjSQ9PLy7nDLv/RjzVKNgXSerqfuiM05McEm40" +
+                    "g6jQDRalN1alU8Cz3GLRjsfNGdYTsh/jPD4+ZiEqnCJo7VMxs+kb38etoTlz" +
+                    "Zs3hoJKH3euds2uSSGn1yPYb7J4QkG0toLIydkwAvMMdIhwQ1VN6bU8cYGax" +
+                    "FtmaugxN+n+00lb2Rbpdp+yVchdeNx1Yal30XPugP7x1OrVAZw5InTNCU9zQ" +
+                    "Fx8ria6g4+t1GgwBqmPi1noSHHG3bThI74oBTsg3L4esRW27OMrTTzYVNemt" +
+                    "dvJXN8yedTY2rVqwbKJO7bGR2VcDDn8ZgoaPBIvQuLSRBIdbUSIeKuLiuHbK" +
+                    "IbkwtZTyz7LvrE1SZ0oDpMf19pb9fZPi3v7yQpFLx0oqqSYdhrJyOfhNVZXU" +
+                    "dc4vbE0qez8MX9PNmyMtt4yktA+FC+2FM4P9jjdvaIfdm2Q7NhxjffvuwBJW" +
+                    "SIoHBSEmxfxZgGCo29pOy2TZt/VpU8zpGpRBaqx0F9L2YzRJgwgOTYbkhF4w" +
+                    "w1w03jCk3UWEg1Eq6kr6ZOEY3Us8DLTnx1RGKeGEpJ/vqtKzX1+KJS1t4E5G" +
+                    "3eqa7WUqcyNqII/9ShMZqdfmXj1llgfuD+31HjDXXVO8RFY2zG/OneMkJJP2" +
+                    "WfCs+IyN0I1+u/UJVMVW1d9y09nbrjruXSjvI2NwALB8NgtTHYbu3aLi0c02" +
+                    "ijIB19xcNdSjwsmpR87lp9VFqIGEPVcYb+E11OODliUPNRPig6kPcbzGGq4b" +
+                    "2CmbVVjPURU0U5cXJv0jqxGl8C7AsDIaJkXwGvQlp0t2wL/Wl66mAqBCQmJO" +
+                    "Uw3A7/NbqGbhky8r4XMBBk0bOBn2jUIXyfJG696QPR27NrMshZRFG8fKmRfm" +
+                    "4inNQQtcu6uUOKcoppeghWHBkK134LCFJakVrgmo0QeUXvdlR79imF9iyFDc" +
+                    "Z6Fayr5Mh0RiDS0DtI4E4k17OVTjPYenflXCSk5VDCN8kM8d34wQEX2lahR2" +
+                    "oWTBvJAFrvMqBL3zjnzjnNavoVaMlJy/Ezjrr+vNraCbNSY69Icflfb0xUEa" +
+                    "RsdADuCKDVXoAavcUKw9aXBTolmHvquBBnUsyi630i2mONUg7ylqJCvCTCGk" +
+                    "EDq48TofcRnuafZt38iwv5PRmRkhnMSGLR3L5AxjCAnSAUvqKPytH4QQ7+PJ" +
+                    "NHc5qetzZdz+jRkCdCnC5YonOWyzi5I20U3Cdl7pL7Ev5INyk8knQLY2a88f" +
+                    "9cUiV5kwPTAhMAkGBSsOAwIaBQAEFM74e0Rbt2IGCAn48XjvdAcaIl6cBBSY" +
+                    "pFDCs7BGKfo6O4hW9fB0/2HXqwICBAA=";
+
+    // You can use this method to print the java code for the BASE64_CERT
+    // constant. It will open the keystore file provided as argument and
+    // it will Base64 encode its content - then print the code that you can
+    // cut and paste back in this test.
+    private static final String encodeKeyStoreToBase64(String keystorePath) throws IOException {
+        // e.g.: keystorePath="temp0.jks"
+        try (FileInputStream fis = new FileInputStream(keystorePath)) {
+            byte[] bytes = fis.readAllBytes();
+            String encoded = Base64.getEncoder().encodeToString(bytes);
+            format("BASE64_CERT", encoded);
+            return encoded;
+        }
+    }
+
+    private static void format(String name, String value) {
+        System.out.println("private static final String " + name + " =");
+        int start = 0, end = 60;
+        while (start < value.length() - 1 && end < value.length()) {
+            System.out.print("        \"");
+            System.out.print(value.substring(start, end)
+                    .replace("\"", "\\\""));
+            System.out.println("\" +");
+            start = end;
+            end += 60;
+        }
+        if (end > value.length()) end = value.length();
+        System.out.print("        \"");
+        System.out.print(value.substring(start, end));
+        System.out.println("\";");
+    }
+
+    private static SSLContext createSSLContext(InputStream i) {
+        try {
+            char[] passphrase = "passphrase".toCharArray();
+            KeyStore ks = KeyStore.getInstance("PKCS12");
+            ks.load(i, passphrase);
+
+            KeyManagerFactory kmf = KeyManagerFactory.getInstance("PKIX");
+            kmf.init(ks, passphrase);
+
+            TrustManagerFactory tmf = TrustManagerFactory.getInstance("PKIX");
+            tmf.init(ks);
+
+            SSLContext ssl = SSLContext.getInstance("TLS");
+            ssl.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
+            return ssl;
+        } catch (KeyManagementException | KeyStoreException |
+                UnrecoverableKeyException | CertificateException |
+                NoSuchAlgorithmException e) {
+            throw new RuntimeException(e.getMessage());
+        } catch (IOException io) {
+            throw new UncheckedIOException(io);
+        }
+    }
+
+    static final byte[] DATA;
+
+    static {
+        DATA = new byte[1024];
+        int len = 'z' - 'a';
+        for (int i = 0; i < DATA.length; i++) {
+            DATA[i] = (byte) ('a' + (i % len));
+        }
+    }
+
+    final SSLContext context;
+    final AtomicLong requestCounter = new AtomicLong();
+    final AtomicLong responseCounter = new AtomicLong();
+    HttpTestServer http1Server;
+    HttpTestServer http2Server;
+    HttpTestServer https1Server;
+    HttpTestServer https2Server;
+    DigestEchoServer.TunnelingProxy proxy;
+
+    URI http1URI;
+    URI https1URI;
+    URI http2URI;
+    URI https2URI;
+    InetSocketAddress proxyAddress;
+    ProxySelector proxySelector;
+    HttpClient client;
+    List<CompletableFuture<?>> futures = new CopyOnWriteArrayList<>();
+    Set<URI> pending = new CopyOnWriteArraySet<>();
+
+    final ExecutorService executor = new ThreadPoolExecutor(12, 60, 10,
+            TimeUnit.SECONDS, new LinkedBlockingQueue<>());
+    final ExecutorService clientexec = new ThreadPoolExecutor(6, 12, 1,
+            TimeUnit.SECONDS, new LinkedBlockingQueue<>());
+
+    LargeHandshakeTest(String cert) {
+        byte[] decoded = Base64.getDecoder().decode(BASE64_CERT);
+        context = createSSLContext(new ByteArrayInputStream(decoded));
+        SSLContext.setDefault(context);
+    }
+
+    public HttpClient newHttpClient(ProxySelector ps) {
+        HttpClient.Builder builder = HttpClient
+                .newBuilder()
+                .sslContext(context)
+                .executor(clientexec)
+                .proxy(ps);
+        return builder.build();
+    }
+
+    public void setUp() throws Exception {
+        try {
+            InetSocketAddress sa = new InetSocketAddress(InetAddress.getLoopbackAddress(), 0);
+
+            // HTTP/1.1
+            HttpServer server1 = HttpServer.create(sa, 0);
+            server1.setExecutor(executor);
+            http1Server = HttpTestServer.of(server1);
+            http1Server.addHandler(new HttpTestLargeHandler(), "/LargeHandshakeTest/http1/");
+            http1Server.start();
+            http1URI = new URI("http://" + http1Server.serverAuthority() + "/LargeHandshakeTest/http1/");
+
+
+            // HTTPS/1.1
+            HttpsServer sserver1 = HttpsServer.create(sa, 100);
+            sserver1.setExecutor(executor);
+            sserver1.setHttpsConfigurator(new HttpsConfigurator(context));
+            https1Server = HttpTestServer.of(sserver1);
+            https1Server.addHandler(new HttpTestLargeHandler(), "/LargeHandshakeTest/https1/");
+            https1Server.start();
+            https1URI = new URI("https://" + https1Server.serverAuthority() + "/LargeHandshakeTest/https1/");
+
+            // HTTP/2.0
+            http2Server = HttpTestServer.of(
+                    new Http2TestServer("localhost", false, 0));
+            http2Server.addHandler(new HttpTestLargeHandler(), "/LargeHandshakeTest/http2/");
+            http2Server.start();
+            http2URI = new URI("http://" + http2Server.serverAuthority() + "/LargeHandshakeTest/http2/");
+
+            // HTTPS/2.0
+            https2Server = HttpTestServer.of(
+                    new Http2TestServer("localhost", true, 0));
+            https2Server.addHandler(new HttpTestLargeHandler(), "/LargeHandshakeTest/https2/");
+            https2Server.start();
+            https2URI = new URI("https://" + https2Server.serverAuthority() + "/LargeHandshakeTest/https2/");
+
+            proxy = DigestEchoServer.createHttpsProxyTunnel(
+                    DigestEchoServer.HttpAuthSchemeType.NONE);
+            proxyAddress = proxy.getProxyAddress();
+            proxySelector = new HttpProxySelector(proxyAddress);
+            client = newHttpClient(proxySelector);
+            System.out.println("Setup: done");
+        } catch (Exception x) {
+            tearDown();
+            throw x;
+        } catch (Error e) {
+            tearDown();
+            throw e;
+        }
+    }
+
+    public static void main(String[] args) throws Exception {
+        System.out.print("The certificate used in this test was generated " +
+                "with the following command:\n\t");
+        System.out.println(COMMAND);
+        String cert;
+        if (args.length == 1) {
+            String storeFile = args[0];
+            System.out.println("Parsing jks file: " + storeFile);
+            format("COMMAND", COMMAND);
+            cert = encodeKeyStoreToBase64(storeFile);
+        } else {
+            cert = BASE64_CERT;
+        }
+        LargeHandshakeTest test = new LargeHandshakeTest(cert);
+
+        test.setUp();
+        long start = System.nanoTime();
+        try {
+            test.run(args);
+        } finally {
+            try {
+                long elapsed = System.nanoTime() - start;
+                System.out.println("*** Elapsed: " + Duration.ofNanos(elapsed));
+            } finally {
+                test.tearDown();
+            }
+        }
+    }
+
+    public void run(String... args) throws Exception {
+        List<URI> serverURIs = List.of(http1URI, http2URI, https1URI, https2URI);
+        for (int i = 0; i < 5; i++) {
+            for (URI base : serverURIs) {
+                if (base.getScheme().equalsIgnoreCase("https")) {
+                    URI proxy = i % 1 == 0 ? base.resolve(URI.create("proxy/foo?n=" + requestCounter.incrementAndGet()))
+                            : base.resolve(URI.create("direct/foo?n=" + requestCounter.incrementAndGet()));
+                    test(proxy);
+                }
+            }
+            for (URI base : serverURIs) {
+                URI direct = base.resolve(URI.create("direct/foo?n=" + requestCounter.incrementAndGet()));
+                test(direct);
+            }
+        }
+        CompletableFuture.allOf(futures.toArray(new CompletableFuture[0])).join();
+    }
+
+    public void test(URI uri) throws Exception {
+        System.out.println("Testing with " + uri);
+        pending.add(uri);
+        HttpRequest request = HttpRequest.newBuilder(uri).build();
+        CompletableFuture<HttpResponse<String>> resp =
+                client.sendAsync(request, HttpResponse.BodyHandlers.ofString())
+                        .whenComplete((r, t) -> this.requestCompleted(request, r, t));
+        futures.add(resp);
+    }
+
+    private void requestCompleted(HttpRequest request, HttpResponse<?> r, Throwable t) {
+        responseCounter.incrementAndGet();
+        pending.remove(request.uri());
+        System.out.println(request + " -> " + (t == null ? r : t)
+                + " [still pending: " + (requestCounter.get() - responseCounter.get()) + "]");
+        if (pending.size() < 10 && requestCounter.get() > 10) {
+            pending.forEach(u -> System.out.println("\tpending: " + u));
+        }
+    }
+
+    public void tearDown() {
+        proxy = stop(proxy, DigestEchoServer.TunnelingProxy::stop);
+        http1Server = stop(http1Server, HttpTestServer::stop);
+        https1Server = stop(https1Server, HttpTestServer::stop);
+        http2Server = stop(http2Server, HttpTestServer::stop);
+        https2Server = stop(https2Server, HttpTestServer::stop);
+        client = null;
+        try {
+            executor.awaitTermination(2000, TimeUnit.MILLISECONDS);
+        } catch (Throwable x) {
+        } finally {
+            executor.shutdownNow();
+        }
+        try {
+            clientexec.awaitTermination(2000, TimeUnit.MILLISECONDS);
+        } catch (Throwable x) {
+        } finally {
+            clientexec.shutdownNow();
+        }
+        System.out.println("Teardown: done");
+    }
+
+    private interface Stoppable<T> {
+        public void stop(T service) throws Exception;
+    }
+
+    static <T> T stop(T service, Stoppable<T> stop) {
+        try {
+            if (service != null) stop.stop(service);
+        } catch (Throwable x) {
+        }
+        ;
+        return null;
+    }
+
+    static class HttpProxySelector extends ProxySelector {
+        private static final List<Proxy> NO_PROXY = List.of(Proxy.NO_PROXY);
+        private final List<Proxy> proxyList;
+
+        HttpProxySelector(InetSocketAddress proxyAddress) {
+            proxyList = List.of(new Proxy(Proxy.Type.HTTP, proxyAddress));
+        }
+
+        @Override
+        public List<Proxy> select(URI uri) {
+            // our proxy only supports tunneling
+            if (uri.getScheme().equalsIgnoreCase("https")) {
+                if (uri.getPath().contains("/proxy/")) {
+                    return proxyList;
+                }
+            }
+            return NO_PROXY;
+        }
+
+        @Override
+        public void connectFailed(URI uri, SocketAddress sa, IOException ioe) {
+            System.err.println("Connection to proxy failed: " + ioe);
+            System.err.println("Proxy: " + sa);
+            System.err.println("\tURI: " + uri);
+            ioe.printStackTrace();
+        }
+    }
+
+    public static class HttpTestLargeHandler implements HttpTestHandler {
+        @Override
+        public void handle(HttpTestExchange t) throws IOException {
+            try (InputStream is = t.getRequestBody();
+                 OutputStream os = t.getResponseBody()) {
+                byte[] bytes = is.readAllBytes();
+                assert bytes.length == 0;
+                URI u = t.getRequestURI();
+                long responseID = Long.parseLong(u.getQuery().substring(2));
+                System.out.println("Server " + t.getRequestURI() + " sending response " + responseID);
+                t.sendResponseHeaders(200, DATA.length * 3);
+                for (int i = 0; i < 3; i++) {
+                    os.write(DATA);
+                }
+                System.out.println("\tresp:" + responseID + ": done");
+            }
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/jdk/java/net/httpclient/LargeResponseTest.java	Fri Oct 18 09:25:06 2019 -0700
@@ -0,0 +1,305 @@
+/*
+ * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+import com.sun.net.httpserver.HttpServer;
+import com.sun.net.httpserver.HttpsConfigurator;
+import com.sun.net.httpserver.HttpsServer;
+import jdk.test.lib.net.SimpleSSLContext;
+
+import javax.net.ssl.SSLContext;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.net.InetAddress;
+import java.net.InetSocketAddress;
+import java.net.Proxy;
+import java.net.ProxySelector;
+import java.net.SocketAddress;
+import java.net.URI;
+import java.net.http.HttpClient;
+import java.net.http.HttpRequest;
+import java.net.http.HttpResponse;
+import java.nio.charset.StandardCharsets;
+import java.time.Duration;
+import java.util.List;
+import java.util.Set;
+import java.util.concurrent.CompletableFuture;
+import java.util.concurrent.CopyOnWriteArrayList;
+import java.util.concurrent.CopyOnWriteArraySet;
+import java.util.concurrent.ExecutorService;
+import java.util.concurrent.LinkedBlockingQueue;
+import java.util.concurrent.ThreadPoolExecutor;
+import java.util.concurrent.TimeUnit;
+import java.util.concurrent.atomic.AtomicLong;
+
+/**
+ * @test
+ * @bug 8231449
+ * @summary This test verifies that the HttpClient works correctly when the server
+ *          sends large amount of data. Note that this test will pass even without
+ *          the fix for JDK-8231449, which is unfortunate.
+ * @library /test/lib http2/server
+ * @build jdk.test.lib.net.SimpleSSLContext HttpServerAdapters DigestEchoServer LargeResponseTest
+ * @modules java.net.http/jdk.internal.net.http.common
+ *          java.net.http/jdk.internal.net.http.frame
+ *          java.net.http/jdk.internal.net.http.hpack
+ *          java.logging
+ *          java.base/sun.net.www.http
+ *          java.base/sun.net.www
+ *          java.base/sun.net
+ * @run main/othervm -Dtest.requiresHost=true
+ *                   -Djdk.httpclient.HttpClient.log=headers
+ *                   -Djdk.internal.httpclient.debug=true
+ *                   LargeResponseTest
+ *
+ */
+public class LargeResponseTest implements HttpServerAdapters {
+    static final byte[] DATA;
+    static {
+        DATA = new byte[64 * 1024];
+        int len = 'z' - 'a';
+        for (int i=0; i < DATA.length; i++) {
+            DATA[i] = (byte) ('a' + (i % len));
+        }
+    }
+
+    static final SSLContext context;
+    static {
+        try {
+            context = new SimpleSSLContext().get();
+            SSLContext.setDefault(context);
+        } catch (Exception x) {
+            throw new ExceptionInInitializerError(x);
+        }
+    }
+
+    final AtomicLong requestCounter = new AtomicLong();
+    final AtomicLong responseCounter = new AtomicLong();
+    HttpTestServer http1Server;
+    HttpTestServer http2Server;
+    HttpTestServer https1Server;
+    HttpTestServer https2Server;
+    DigestEchoServer.TunnelingProxy proxy;
+
+    URI http1URI;
+    URI https1URI;
+    URI http2URI;
+    URI https2URI;
+    InetSocketAddress proxyAddress;
+    ProxySelector proxySelector;
+    HttpClient client;
+    List<CompletableFuture<?>>  futures = new CopyOnWriteArrayList<>();
+    Set<URI> pending = new CopyOnWriteArraySet<>();
+
+    final ExecutorService executor = new ThreadPoolExecutor(12, 60, 10,
+            TimeUnit.SECONDS, new LinkedBlockingQueue<>());
+    final ExecutorService clientexec = new ThreadPoolExecutor(6, 12, 1,
+            TimeUnit.SECONDS, new LinkedBlockingQueue<>());
+
+    public HttpClient newHttpClient(ProxySelector ps) {
+        HttpClient.Builder builder = HttpClient
+                .newBuilder()
+                .sslContext(context)
+                .executor(clientexec)
+                .proxy(ps);
+        return builder.build();
+    }
+
+    public void setUp() throws Exception {
+        try {
+            InetSocketAddress sa = new InetSocketAddress(InetAddress.getLoopbackAddress(), 0);
+
+            // HTTP/1.1
+            HttpServer server1 = HttpServer.create(sa, 0);
+            server1.setExecutor(executor);
+            http1Server = HttpTestServer.of(server1);
+            http1Server.addHandler(new HttpTestLargeHandler(), "/LargeResponseTest/http1/");
+            http1Server.start();
+            http1URI = new URI("http://" + http1Server.serverAuthority() + "/LargeResponseTest/http1/");
+
+
+            // HTTPS/1.1
+            HttpsServer sserver1 = HttpsServer.create(sa, 100);
+            sserver1.setExecutor(executor);
+            sserver1.setHttpsConfigurator(new HttpsConfigurator(context));
+            https1Server = HttpTestServer.of(sserver1);
+            https1Server.addHandler(new HttpTestLargeHandler(), "/LargeResponseTest/https1/");
+            https1Server.start();
+            https1URI = new URI("https://" + https1Server.serverAuthority() + "/LargeResponseTest/https1/");
+
+            // HTTP/2.0
+            http2Server = HttpTestServer.of(
+                    new Http2TestServer("localhost", false, 0));
+            http2Server.addHandler(new HttpTestLargeHandler(), "/LargeResponseTest/http2/");
+            http2Server.start();
+            http2URI = new URI("http://" + http2Server.serverAuthority() + "/LargeResponseTest/http2/");
+
+            // HTTPS/2.0
+            https2Server = HttpTestServer.of(
+                    new Http2TestServer("localhost", true, 0));
+            https2Server.addHandler(new HttpTestLargeHandler(), "/LargeResponseTest/https2/");
+            https2Server.start();
+            https2URI = new URI("https://" + https2Server.serverAuthority() + "/LargeResponseTest/https2/");
+
+            proxy = DigestEchoServer.createHttpsProxyTunnel(
+                    DigestEchoServer.HttpAuthSchemeType.NONE);
+            proxyAddress = proxy.getProxyAddress();
+            proxySelector = new HttpProxySelector(proxyAddress);
+            client = newHttpClient(proxySelector);
+            System.out.println("Setup: done");
+        } catch (Exception x) {
+            tearDown(); throw x;
+        } catch (Error e) {
+            tearDown(); throw e;
+        }
+    }
+
+    public static void main(String[] args) throws Exception {
+        LargeResponseTest test = new LargeResponseTest();
+        test.setUp();
+        long start = System.nanoTime();
+        try {
+            test.run(args);
+        } finally {
+            try {
+                long elapsed = System.nanoTime() - start;
+                System.out.println("*** Elapsed: " + Duration.ofNanos(elapsed));
+            } finally {
+                test.tearDown();
+            }
+        }
+    }
+
+    public void run(String... args) throws Exception {
+        List<URI> serverURIs = List.of(http1URI, http2URI, https1URI, https2URI);
+        for (int i=0; i<5; i++) {
+            for (URI base : serverURIs) {
+                if (base.getScheme().equalsIgnoreCase("https")) {
+                    URI proxy = i % 1 == 0 ? base.resolve(URI.create("proxy/foo?n="+requestCounter.incrementAndGet()))
+                    : base.resolve(URI.create("direct/foo?n="+requestCounter.incrementAndGet()));
+                    test(proxy);
+                }
+            }
+            for (URI base : serverURIs) {
+                URI direct = base.resolve(URI.create("direct/foo?n="+requestCounter.incrementAndGet()));
+                test(direct);
+            }
+        }
+        CompletableFuture.allOf(futures.toArray(new CompletableFuture[0])).join();
+    }
+
+    public void test(URI uri) throws Exception {
+        System.out.println("Testing with " + uri);
+        pending.add(uri);
+        HttpRequest request = HttpRequest.newBuilder(uri).build();
+        CompletableFuture<HttpResponse<String>> resp =
+                client.sendAsync(request, HttpResponse.BodyHandlers.ofString())
+                .whenComplete((r, t) -> this.requestCompleted(request, r, t));
+        futures.add(resp);
+    }
+
+    private void requestCompleted(HttpRequest request, HttpResponse<?> r, Throwable t) {
+        responseCounter.incrementAndGet();
+        pending.remove(request.uri());
+        System.out.println(request + " -> " + (t == null ? r : t)
+                + " [still pending: " + (requestCounter.get() - responseCounter.get()) +"]");
+        if (pending.size() < 10 && requestCounter.get() > 10) {
+            pending.forEach(u -> System.out.println("\tpending: " + u));
+        }
+    }
+
+    public void tearDown() {
+        proxy = stop(proxy, DigestEchoServer.TunnelingProxy::stop);
+        http1Server = stop(http1Server, HttpTestServer::stop);
+        https1Server = stop(https1Server, HttpTestServer::stop);
+        http2Server = stop(http2Server, HttpTestServer::stop);
+        https2Server = stop(https2Server, HttpTestServer::stop);
+        client = null;
+        try {
+            executor.awaitTermination(2000, TimeUnit.MILLISECONDS);
+        } catch (Throwable x) {
+        } finally {
+            executor.shutdownNow();
+        }
+        try {
+            clientexec.awaitTermination(2000, TimeUnit.MILLISECONDS);
+        } catch (Throwable x) {
+        } finally {
+            clientexec.shutdownNow();
+        }
+        System.out.println("Teardown: done");
+    }
+
+    private interface Stoppable<T> { public void stop(T service) throws Exception; }
+
+    static <T>  T stop(T service, Stoppable<T> stop) {
+        try { if (service != null) stop.stop(service); } catch (Throwable x) { };
+        return null;
+    }
+
+    static class HttpProxySelector extends ProxySelector {
+        private static final List<Proxy> NO_PROXY = List.of(Proxy.NO_PROXY);
+        private final List<Proxy> proxyList;
+        HttpProxySelector(InetSocketAddress proxyAddress) {
+            proxyList = List.of(new Proxy(Proxy.Type.HTTP, proxyAddress));
+        }
+
+        @Override
+        public List<Proxy> select(URI uri) {
+            // our proxy only supports tunneling
+            if (uri.getScheme().equalsIgnoreCase("https")) {
+                if (uri.getPath().contains("/proxy/")) {
+                    return proxyList;
+                }
+            }
+            return NO_PROXY;
+        }
+
+        @Override
+        public void connectFailed(URI uri, SocketAddress sa, IOException ioe) {
+            System.err.println("Connection to proxy failed: " + ioe);
+            System.err.println("Proxy: " + sa);
+            System.err.println("\tURI: " + uri);
+            ioe.printStackTrace();
+        }
+    }
+
+    public static class HttpTestLargeHandler implements HttpTestHandler {
+        @Override
+        public void handle(HttpTestExchange t) throws IOException {
+            try (InputStream is = t.getRequestBody();
+                 OutputStream os = t.getResponseBody()) {
+                byte[] bytes = is.readAllBytes();
+                assert bytes.length == 0;
+                URI u = t.getRequestURI();
+                long responseID = Long.parseLong(u.getQuery().substring(2));
+                System.out.println("Server " + t.getRequestURI() + " sending response " + responseID);
+                t.sendResponseHeaders(200, DATA.length * 3);
+                for (int i=0; i<3; i++) {
+                    os.write(DATA);
+                }
+                System.out.println("\tresp:" + responseID + ": done");
+            }
+        }
+    }
+
+}
--- a/test/jdk/java/rmi/testlibrary/TestSocketFactory.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/test/jdk/java/rmi/testlibrary/TestSocketFactory.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2017, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -92,7 +92,8 @@
 
     static final byte[] EMPTY_BYTE_ARRAY = new byte[0];
 
-    public static final boolean DEBUG = false;
+    // True to enable logging of matches and replacements.
+    private static volatile boolean debugLogging = false;
 
     /**
      * Debugging output can be synchronized with logging of RMI actions.
@@ -100,8 +101,8 @@
      * @param format a printf format
      * @param args   any args
      */
-    private static void DEBUG(String format, Object... args) {
-        if (DEBUG) {
+    public static void DEBUG(String format, Object... args) {
+        if (debugLogging) {
             System.err.printf(format, args);
         }
     }
@@ -117,6 +118,17 @@
     }
 
     /**
+     * Set debug to true to generate logging output of matches and substitutions.
+     * @param debug {@code true} to generate logging output
+     * @return the previous value
+     */
+    public static boolean setDebug(boolean debug) {
+        boolean oldDebug = debugLogging;
+        debugLogging = debug;
+        return oldDebug;
+    }
+
+    /**
      * Set the match and replacement bytes, with an empty trigger.
      * The match and replacements are propagated to all existing sockets.
      *
--- a/test/jdk/java/rmi/transport/closeServerSocket/CloseServerSocket.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/test/jdk/java/rmi/transport/closeServerSocket/CloseServerSocket.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2016, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -63,8 +63,19 @@
         verifyPortInUse(PORT);
         UnicastRemoteObject.unexportObject(registry, true);
         System.err.println("- unexported registry");
-        Thread.sleep(1000);        // work around BindException (bug?)
-        verifyPortFree(PORT);
+        int tries = (int)TestLibrary.getTimeoutFactor();
+        tries = Math.max(tries, 1);
+        while (tries-- > 0) {
+            Thread.sleep(1000);
+            try {
+                verifyPortFree(PORT);
+                break;
+            } catch (IOException ignore) { }
+        }
+        if (tries < 0) {
+            throw new RuntimeException("time out after tries: " + tries);
+        }
+
 
         /*
          * The follow portion of this test is disabled temporarily
@@ -101,6 +112,7 @@
     private static void verifyPortInUse(int port) throws IOException {
         try {
             verifyPortFree(port);
+            throw new RuntimeException("port is not in use: " + port);
         } catch (BindException e) {
             System.err.println("- port " + port + " is in use");
             return;
--- a/test/jdk/java/security/testlibrary/Proc.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/test/jdk/java/security/testlibrary/Proc.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2013, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2013, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -25,6 +25,9 @@
 import java.io.File;
 import java.io.IOException;
 import java.io.InputStreamReader;
+import java.io.OutputStream;
+import java.io.PrintStream;
+import java.io.UncheckedIOException;
 import java.nio.file.Files;
 import java.nio.file.Path;
 import java.nio.file.Paths;
@@ -110,6 +113,7 @@
     private List<String> args = new ArrayList<>();
     private Map<String,String> env = new HashMap<>();
     private Map<String,String> prop = new HashMap();
+    private Map<String,String> secprop = new HashMap();
     private boolean inheritIO = false;
     private boolean noDump = false;
 
@@ -176,6 +180,11 @@
         prop.put(a, b);
         return this;
     }
+    // Specifies a security property. Can be called multiple times.
+    public Proc secprop(String a, String b) {
+        secprop.put(a, b);
+        return this;
+    }
     // Inherit the value of a system property
     public Proc inheritProp(String k) {
         String v = System.getProperty(k);
@@ -282,6 +291,17 @@
             cmd.add(cp.stream().collect(Collectors.joining(File.pathSeparator)));
         }
 
+        if (!secprop.isEmpty()) {
+            Path p = Path.of(getId("security"));
+            try (OutputStream fos = Files.newOutputStream(p);
+                 PrintStream ps = new PrintStream(fos)) {
+                secprop.forEach((k,v) -> ps.println(k + "=" + v));
+            } catch (IOException e) {
+                throw new UncheckedIOException(e);
+            }
+            prop.put("java.security.properties", p.toString());
+        }
+
         for (Entry<String,String> e: prop.entrySet()) {
             cmd.add("-D" + e.getKey() + "=" + e.getValue());
         }
@@ -380,6 +400,12 @@
         }
         return p.waitFor();
     }
+    // Wait for process end with expected exit code
+    public void waitFor(int expected) throws Exception {
+        if (p.waitFor() != expected) {
+            throw new RuntimeException("Exit code not " + expected);
+        }
+    }
 
     // The following methods are used inside a proc
 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/jdk/java/text/Format/DecimalFormat/SetGroupingSizeTest.java	Fri Oct 18 09:25:06 2019 -0700
@@ -0,0 +1,74 @@
+/*
+ * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 8212749
+ * @summary test whether input value check for
+ *          DecimalFormat.setGroupingSize(int) works correctly.
+ * @run testng/othervm SetGroupingSizeTest
+ */
+
+import java.text.DecimalFormat;
+
+import static org.testng.Assert.assertEquals;
+import org.testng.annotations.DataProvider;
+import org.testng.annotations.Test;
+
+@Test
+public class SetGroupingSizeTest {
+
+    @DataProvider
+    public static Object[][] validGroupingSizes() {
+        return new Object[][] {
+            { 0 },
+            { Byte.MAX_VALUE },
+        };
+    }
+
+    @DataProvider
+    public static Object[][] invalidGroupingSizes() {
+        return new Object[][] {
+            { Byte.MIN_VALUE - 1 },
+            { Byte.MIN_VALUE },
+            { -1 },
+            { Byte.MAX_VALUE + 1 },
+            { Integer.MIN_VALUE },
+            { Integer.MAX_VALUE },
+        };
+    }
+
+    @Test(dataProvider = "validGroupingSizes")
+    public void test_validGroupingSize(int newVal) {
+        DecimalFormat df = new DecimalFormat();
+        df.setGroupingSize(newVal);
+        assertEquals(df.getGroupingSize(), newVal);
+    }
+
+    @Test(dataProvider = "invalidGroupingSizes",
+        expectedExceptions = IllegalArgumentException.class)
+    public void test_invalidGroupingSize(int newVal) {
+        DecimalFormat df = new DecimalFormat();
+        df.setGroupingSize(newVal);
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/jdk/javax/xml/crypto/dsig/Versions.java	Fri Oct 18 09:25:06 2019 -0700
@@ -0,0 +1,82 @@
+/*
+ * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 8232357
+ * @library /test/lib
+ * @summary Compare version info of Santuario to legal notice
+ */
+
+import jdk.test.lib.Asserts;
+
+import java.nio.file.Files;
+import java.nio.file.Path;
+
+public class Versions {
+
+    public static void main(String[] args) throws Exception {
+
+        Path src = Path.of(System.getProperty("test.root"),
+                "../../src/java.xml.crypto");
+        Path legal = Path.of(System.getProperty("test.jdk"), "legal");
+
+        Path provider = src.resolve(
+                "share/classes/org/jcp/xml/dsig/internal/dom/XMLDSigRI.java");
+
+        Path mdInSrc = src.resolve(
+                "share/legal/santuario.md");
+        Path mdInImage = legal.resolve(
+                "java.xml.crypto/santuario.md");
+
+        // Files in src should either both exist or not
+        if (!Files.exists(provider) && !Files.exists(mdInSrc)) {
+            System.out.println("Source not available. Cannot proceed.");
+            return;
+        }
+
+        // The line containing the version number looks like
+        // // Apache Santuario XML Security for Java, version n.n.n
+        String s1 = Files.lines(provider)
+                .filter(s -> s.contains(
+                        "// Apache Santuario XML Security for Java, version "))
+                .findFirst()
+                .get()
+                .replaceFirst(".* ", ""); // keep chars after the last space
+
+        // The first line of this file should look like
+        // ## Apache Santuario v2.1.3
+        String s2 = Files.lines(mdInSrc)
+                .findFirst()
+                .get()
+                .replace("## Apache Santuario v", "");
+
+        Asserts.assertEQ(s1, s2);
+
+        if (Files.exists(legal)) {
+            Asserts.assertTrue(Files.mismatch(mdInSrc, mdInImage) == -1);
+        } else {
+            System.out.println("Warning: skip image compare. Exploded build?");
+        }
+    }
+}
--- a/test/jdk/sun/security/util/FilePermCompat/Flag.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/test/jdk/sun/security/util/FilePermCompat/Flag.java	Fri Oct 18 09:25:06 2019 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2016, 2017, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2016, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,22 +23,84 @@
 
 /*
  * @test
- * @bug 8164705
+ * @bug 8164705 8209901
+ * @library /test/jdk/java/security/testlibrary
+ * @modules java.base/jdk.internal.misc
  * @summary check jdk.filepermission.canonicalize
- * @run main/othervm/policy=flag.policy
-  *     -Djdk.io.permissionsUseCanonicalPath=true Flag true true
- * @run main/othervm/policy=flag.policy
-  *     -Djdk.io.permissionsUseCanonicalPath=false Flag false true
- * @run main/othervm/policy=flag.policy Flag false true
  */
 
 import java.io.File;
 import java.io.FilePermission;
 import java.lang.*;
+import java.nio.file.Path;
 
 public class Flag {
     public static void main(String[] args) throws Exception {
 
+        if (args.length == 0) {
+            String policy = Path.of(
+                    System.getProperty("test.src"), "flag.policy").toString();
+
+            // effectively true
+            Proc.create("Flag")
+                    .prop("java.security.manager", "")
+                    .prop("java.security.policy", policy)
+                    .prop("jdk.io.permissionsUseCanonicalPath", "true")
+                    .args("run", "true", "true")
+                    .start()
+                    .waitFor(0);
+            Proc.create("Flag")
+                    .prop("java.security.manager", "")
+                    .prop("java.security.policy", policy)
+                    .secprop("jdk.io.permissionsUseCanonicalPath", "true")
+                    .args("run", "true", "true")
+                    .start()
+                    .waitFor(0);
+            Proc.create("Flag")
+                    .prop("java.security.manager", "")
+                    .prop("java.security.policy", policy)
+                    .secprop("jdk.io.permissionsUseCanonicalPath", "false")
+                    .prop("jdk.io.permissionsUseCanonicalPath", "true")
+                    .args("run", "true", "true")
+                    .start()
+                    .waitFor(0);
+
+            // effectively false
+            Proc.create("Flag")
+                    .prop("java.security.manager", "")
+                    .prop("java.security.policy", policy)
+                    .prop("jdk.io.permissionsUseCanonicalPath", "false")
+                    .args("run", "false", "true")
+                    .start()
+                    .waitFor(0);
+            Proc.create("Flag")
+                    .prop("java.security.manager", "")
+                    .prop("java.security.policy", policy)
+                    .secprop("jdk.io.permissionsUseCanonicalPath", "false")
+                    .args("run", "false", "true")
+                    .start()
+                    .waitFor(0);
+            Proc.create("Flag")
+                    .prop("java.security.manager", "")
+                    .prop("java.security.policy", policy)
+                    .secprop("jdk.io.permissionsUseCanonicalPath", "true")
+                    .prop("jdk.io.permissionsUseCanonicalPath", "false")
+                    .args("run", "false", "true")
+                    .start()
+                    .waitFor(0);
+            Proc.create("Flag")
+                    .prop("java.security.manager", "")
+                    .prop("java.security.policy", policy)
+                    .args("run", "false", "true")
+                    .start()
+                    .waitFor(0);
+        } else {
+            run(args);
+        }
+    }
+
+    static void run(String[] args) throws Exception {
+
         boolean test1;
         boolean test2;
 
@@ -55,8 +117,8 @@
             test2 = false;
         }
 
-        if (test1 != Boolean.parseBoolean(args[0]) ||
-                test2 != Boolean.parseBoolean(args[1])) {
+        if (test1 != Boolean.parseBoolean(args[1]) ||
+                test2 != Boolean.parseBoolean(args[2])) {
             throw new Exception("Test failed: " + test1 + " " + test2);
         }
     }
--- a/test/langtools/jdk/javadoc/tool/TestScriptInComment.java	Thu Oct 17 14:07:02 2019 -0700
+++ b/test/langtools/jdk/javadoc/tool/TestScriptInComment.java	Fri Oct 18 09:25:06 2019 -0700
@@ -23,7 +23,7 @@
 
 /**
  * @test
- * @bug 8138725
+ * @bug 8138725 8226765
  * @summary test --allow-script-in-comments
  * @modules jdk.javadoc/jdk.javadoc.internal.tool
  */
@@ -63,6 +63,10 @@
         WS("< script >#ALERT</script>", false, "-Xdoclint:none"), // script tag with invalid white space
         SP("<script src=\"file\"> #ALERT </script>", true), // script tag with an attribute
         ON("<a onclick='#ALERT'>x</a>", true), // event handler attribute
+        OME("<img alt='1' onmouseenter='#ALERT'>", true), // onmouseenter event handler attribute
+        OML("<img alt='1' onmouseleave='#ALERT'>", true), // onmouseleave event handler attribute
+        OFI("<a href='#' onfocusin='#ALERT'>x</a>", true), // onfocusin event handler attribute
+        OBE("<a onbogusevent='#ALERT'>x</a>", true), // bogus/future event handler attribute
         URI("<a href='javascript:#ALERT'>x</a>", true); // javascript URI
 
         /**