Merge
authorlana
Thu, 30 Apr 2015 17:20:49 -0700
changeset 30050 adea7866d41a
parent 30032 0ca2e64bad06 (current diff)
parent 30049 dde45bde92e2 (diff)
child 30051 bc6bc93609f3
Merge
jdk/test/java/math/RandomSeed.java
--- a/jdk/src/java.base/share/classes/com/sun/crypto/provider/JceKeyStore.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/com/sun/crypto/provider/JceKeyStore.java	Thu Apr 30 17:20:49 2015 -0700
@@ -711,7 +711,7 @@
                     cf = CertificateFactory.getInstance("X509");
                 } else {
                     // version 2
-                    cfs = new Hashtable<String, CertificateFactory>(3);
+                    cfs = new Hashtable<>(3);
                 }
 
                 entries.clear();
--- a/jdk/src/java.base/share/classes/com/sun/crypto/provider/PBEKeyFactory.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/com/sun/crypto/provider/PBEKeyFactory.java	Thu Apr 30 17:20:49 2015 -0700
@@ -56,7 +56,7 @@
     }
 
     static {
-        validTypes = new HashSet<String>(17);
+        validTypes = new HashSet<>(17);
         validTypes.add("PBEWithMD5AndDES".toUpperCase(Locale.ENGLISH));
         validTypes.add("PBEWithSHA1AndDESede".toUpperCase(Locale.ENGLISH));
         validTypes.add("PBEWithSHA1AndRC2_40".toUpperCase(Locale.ENGLISH));
--- a/jdk/src/java.base/share/classes/com/sun/crypto/provider/SunJCE.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/com/sun/crypto/provider/SunJCE.java	Thu Apr 30 17:20:49 2015 -0700
@@ -115,7 +115,7 @@
         final String BLOCK_PADS = "NOPADDING|PKCS5PADDING|ISO10126PADDING";
 
         AccessController.doPrivileged(
-            new java.security.PrivilegedAction<Object>() {
+            new java.security.PrivilegedAction<>() {
                 public Object run() {
 
                     /*
--- a/jdk/src/java.base/share/classes/com/sun/net/ssl/KeyManagerFactory.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/com/sun/net/ssl/KeyManagerFactory.java	Thu Apr 30 17:20:49 2015 -0700
@@ -63,7 +63,7 @@
      */
     public final static String getDefaultAlgorithm() {
         String type;
-        type = AccessController.doPrivileged(new PrivilegedAction<String>() {
+        type = AccessController.doPrivileged(new PrivilegedAction<>() {
             public String run() {
                 return Security.getProperty("sun.ssl.keymanager.type");
             }
--- a/jdk/src/java.base/share/classes/com/sun/net/ssl/TrustManagerFactory.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/com/sun/net/ssl/TrustManagerFactory.java	Thu Apr 30 17:20:49 2015 -0700
@@ -63,7 +63,7 @@
      */
     public final static String getDefaultAlgorithm() {
         String type;
-        type = AccessController.doPrivileged(new PrivilegedAction<String>() {
+        type = AccessController.doPrivileged(new PrivilegedAction<>() {
             public String run() {
                 return Security.getProperty("sun.ssl.trustmanager.type");
             }
--- a/jdk/src/java.base/share/classes/java/lang/Runtime.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/java/lang/Runtime.java	Thu Apr 30 17:20:49 2015 -0700
@@ -32,9 +32,9 @@
 
 /**
  * Every Java application has a single instance of class
- * <code>Runtime</code> that allows the application to interface with
+ * {@code Runtime} that allows the application to interface with
  * the environment in which the application is running. The current
- * runtime can be obtained from the <code>getRuntime</code> method.
+ * runtime can be obtained from the {@code getRuntime} method.
  * <p>
  * An application cannot create its own instance of this class.
  *
@@ -48,10 +48,10 @@
 
     /**
      * Returns the runtime object associated with the current Java application.
-     * Most of the methods of class <code>Runtime</code> are instance
+     * Most of the methods of class {@code Runtime} are instance
      * methods and must be invoked with respect to the current runtime object.
      *
-     * @return  the <code>Runtime</code> object associated with the current
+     * @return  the {@code Runtime} object associated with the current
      *          Java application.
      */
     public static Runtime getRuntime() {
@@ -72,8 +72,7 @@
      * if any, are started in some unspecified order and allowed to run
      * concurrently until they finish.  In the second phase all uninvoked
      * finalizers are run if {@link #runFinalizersOnExit finalization-on-exit}
-     * has been enabled.  Once this is done the virtual machine {@link #halt
-     * halts}.
+     * has been enabled.  Once this is done the virtual machine {@link #halt halts}.
      *
      * <p> If this method is invoked after the virtual machine has begun its
      * shutdown sequence then if shutdown hooks are being run this method will
@@ -82,7 +81,7 @@
      * with the given status code if the status is nonzero; otherwise, it
      * blocks indefinitely.
      *
-     * <p> The <tt>{@link System#exit(int) System.exit}</tt> method is the
+     * <p> The {@link System#exit(int) System.exit} method is the
      * conventional and convenient means of invoking this method.
      *
      * @param  status
@@ -90,8 +89,8 @@
      *         indicates abnormal termination.
      *
      * @throws SecurityException
-     *         If a security manager is present and its <tt>{@link
-     *         SecurityManager#checkExit checkExit}</tt> method does not permit
+     *         If a security manager is present and its
+     *         {@link SecurityManager#checkExit checkExit} method does not permit
      *         exiting with the specified status
      *
      * @see java.lang.SecurityException
@@ -118,11 +117,11 @@
      *   <ul>
      *
      *   <li> The program <i>exits</i> normally, when the last non-daemon
-     *   thread exits or when the <tt>{@link #exit exit}</tt> (equivalently,
+     *   thread exits or when the {@link #exit exit} (equivalently,
      *   {@link System#exit(int) System.exit}) method is invoked, or
      *
      *   <li> The virtual machine is <i>terminated</i> in response to a
-     *   user interrupt, such as typing <tt>^C</tt>, or a system-wide event,
+     *   user interrupt, such as typing {@code ^C}, or a system-wide event,
      *   such as user logoff or system shutdown.
      *
      *   </ul>
@@ -134,17 +133,16 @@
      * run all uninvoked finalizers if finalization-on-exit has been enabled.
      * Finally, the virtual machine will halt.  Note that daemon threads will
      * continue to run during the shutdown sequence, as will non-daemon threads
-     * if shutdown was initiated by invoking the <tt>{@link #exit exit}</tt>
-     * method.
+     * if shutdown was initiated by invoking the {@link #exit exit} method.
      *
      * <p> Once the shutdown sequence has begun it can be stopped only by
-     * invoking the <tt>{@link #halt halt}</tt> method, which forcibly
+     * invoking the {@link #halt halt} method, which forcibly
      * terminates the virtual machine.
      *
      * <p> Once the shutdown sequence has begun it is impossible to register a
      * new shutdown hook or de-register a previously-registered hook.
      * Attempting either of these operations will cause an
-     * <tt>{@link IllegalStateException}</tt> to be thrown.
+     * {@link IllegalStateException} to be thrown.
      *
      * <p> Shutdown hooks run at a delicate time in the life cycle of a virtual
      * machine and should therefore be coded defensively.  They should, in
@@ -156,7 +154,7 @@
      * deadlocks.
      *
      * <p> Shutdown hooks should also finish their work quickly.  When a
-     * program invokes <tt>{@link #exit exit}</tt> the expectation is
+     * program invokes {@link #exit exit} the expectation is
      * that the virtual machine will promptly shut down and exit.  When the
      * virtual machine is terminated due to user logoff or system shutdown the
      * underlying operating system may only allow a fixed amount of time in
@@ -165,17 +163,17 @@
      * hook.
      *
      * <p> Uncaught exceptions are handled in shutdown hooks just as in any
-     * other thread, by invoking the <tt>{@link ThreadGroup#uncaughtException
-     * uncaughtException}</tt> method of the thread's <tt>{@link
-     * ThreadGroup}</tt> object.  The default implementation of this method
-     * prints the exception's stack trace to <tt>{@link System#err}</tt> and
+     * other thread, by invoking the
+     * {@link ThreadGroup#uncaughtException uncaughtException} method of the
+     * thread's {@link ThreadGroup} object. The default implementation of this
+     * method prints the exception's stack trace to {@link System#err} and
      * terminates the thread; it does not cause the virtual machine to exit or
      * halt.
      *
      * <p> In rare circumstances the virtual machine may <i>abort</i>, that is,
      * stop running without shutting down cleanly.  This occurs when the
      * virtual machine is terminated externally, for example with the
-     * <tt>SIGKILL</tt> signal on Unix or the <tt>TerminateProcess</tt> call on
+     * {@code SIGKILL} signal on Unix or the {@code TerminateProcess} call on
      * Microsoft Windows.  The virtual machine may also abort if a native
      * method goes awry by, for example, corrupting internal data structures or
      * attempting to access nonexistent memory.  If the virtual machine aborts
@@ -183,7 +181,7 @@
      * will be run.
      *
      * @param   hook
-     *          An initialized but unstarted <tt>{@link Thread}</tt> object
+     *          An initialized but unstarted {@link Thread} object
      *
      * @throws  IllegalArgumentException
      *          If the specified hook has already been registered,
@@ -196,7 +194,7 @@
      *
      * @throws  SecurityException
      *          If a security manager is present and it denies
-     *          <tt>{@link RuntimePermission}("shutdownHooks")</tt>
+     *          {@link RuntimePermission}("shutdownHooks")
      *
      * @see #removeShutdownHook
      * @see #halt(int)
@@ -212,11 +210,11 @@
     }
 
     /**
-     * De-registers a previously-registered virtual-machine shutdown hook. <p>
+     * De-registers a previously-registered virtual-machine shutdown hook.
      *
      * @param hook the hook to remove
-     * @return <tt>true</tt> if the specified hook had previously been
-     * registered and was successfully de-registered, <tt>false</tt>
+     * @return {@code true} if the specified hook had previously been
+     * registered and was successfully de-registered, {@code false}
      * otherwise.
      *
      * @throws  IllegalStateException
@@ -225,7 +223,7 @@
      *
      * @throws  SecurityException
      *          If a security manager is present and it denies
-     *          <tt>{@link RuntimePermission}("shutdownHooks")</tt>
+     *          {@link RuntimePermission}("shutdownHooks")
      *
      * @see #addShutdownHook
      * @see #exit(int)
@@ -244,23 +242,23 @@
      * method never returns normally.
      *
      * <p> This method should be used with extreme caution.  Unlike the
-     * <tt>{@link #exit exit}</tt> method, this method does not cause shutdown
+     * {@link #exit exit} method, this method does not cause shutdown
      * hooks to be started and does not run uninvoked finalizers if
      * finalization-on-exit has been enabled.  If the shutdown sequence has
      * already been initiated then this method does not wait for any running
      * shutdown hooks or finalizers to finish their work.
      *
      * @param  status
-     *         Termination status.  By convention, a nonzero status code
-     *         indicates abnormal termination.  If the <tt>{@link Runtime#exit
-     *         exit}</tt> (equivalently, <tt>{@link System#exit(int)
-     *         System.exit}</tt>) method has already been invoked then this
-     *         status code will override the status code passed to that method.
+     *         Termination status. By convention, a nonzero status code
+     *         indicates abnormal termination. If the {@link Runtime#exit exit}
+     *         (equivalently, {@link System#exit(int) System.exit}) method
+     *         has already been invoked then this status code
+     *         will override the status code passed to that method.
      *
      * @throws SecurityException
-     *         If a security manager is present and its <tt>{@link
-     *         SecurityManager#checkExit checkExit}</tt> method does not permit
-     *         an exit with the specified status
+     *         If a security manager is present and its
+     *         {@link SecurityManager#checkExit checkExit} method
+     *         does not permit an exit with the specified status
      *
      * @see #exit
      * @see #addShutdownHook
@@ -282,7 +280,7 @@
      * By default, finalization on exit is disabled.
      *
      * <p>If there is a security manager,
-     * its <code>checkExit</code> method is first called
+     * its {@code checkExit} method is first called
      * with 0 as its argument to ensure the exit is allowed.
      * This could result in a SecurityException.
      *
@@ -293,7 +291,7 @@
      *      behavior or deadlock.
      *
      * @throws  SecurityException
-     *        if a security manager exists and its <code>checkExit</code>
+     *        if a security manager exists and its {@code checkExit}
      *        method doesn't allow the exit.
      *
      * @see     java.lang.Runtime#exit(int)
@@ -318,9 +316,9 @@
      * Executes the specified string command in a separate process.
      *
      * <p>This is a convenience method.  An invocation of the form
-     * <tt>exec(command)</tt>
+     * {@code exec(command)}
      * behaves in exactly the same way as the invocation
-     * <tt>{@link #exec(String, String[], File) exec}(command, null, null)</tt>.
+     * {@link #exec(String, String[], File) exec}{@code (command, null, null)}.
      *
      * @param   command   a specified system command.
      *
@@ -335,10 +333,10 @@
      *          If an I/O error occurs
      *
      * @throws  NullPointerException
-     *          If <code>command</code> is <code>null</code>
+     *          If {@code command} is {@code null}
      *
      * @throws  IllegalArgumentException
-     *          If <code>command</code> is empty
+     *          If {@code command} is empty
      *
      * @see     #exec(String[], String[], File)
      * @see     ProcessBuilder
@@ -352,16 +350,16 @@
      * specified environment.
      *
      * <p>This is a convenience method.  An invocation of the form
-     * <tt>exec(command, envp)</tt>
+     * {@code exec(command, envp)}
      * behaves in exactly the same way as the invocation
-     * <tt>{@link #exec(String, String[], File) exec}(command, envp, null)</tt>.
+     * {@link #exec(String, String[], File) exec}{@code (command, envp, null)}.
      *
      * @param   command   a specified system command.
      *
      * @param   envp      array of strings, each element of which
      *                    has environment variable settings in the format
      *                    <i>name</i>=<i>value</i>, or
-     *                    <tt>null</tt> if the subprocess should inherit
+     *                    {@code null} if the subprocess should inherit
      *                    the environment of the current process.
      *
      * @return  A new {@link Process} object for managing the subprocess
@@ -375,11 +373,11 @@
      *          If an I/O error occurs
      *
      * @throws  NullPointerException
-     *          If <code>command</code> is <code>null</code>,
-     *          or one of the elements of <code>envp</code> is <code>null</code>
+     *          If {@code command} is {@code null},
+     *          or one of the elements of {@code envp} is {@code null}
      *
      * @throws  IllegalArgumentException
-     *          If <code>command</code> is empty
+     *          If {@code command} is empty
      *
      * @see     #exec(String[], String[], File)
      * @see     ProcessBuilder
@@ -393,29 +391,29 @@
      * specified environment and working directory.
      *
      * <p>This is a convenience method.  An invocation of the form
-     * <tt>exec(command, envp, dir)</tt>
+     * {@code exec(command, envp, dir)}
      * behaves in exactly the same way as the invocation
-     * <tt>{@link #exec(String[], String[], File) exec}(cmdarray, envp, dir)</tt>,
-     * where <code>cmdarray</code> is an array of all the tokens in
-     * <code>command</code>.
+     * {@link #exec(String[], String[], File) exec}{@code (cmdarray, envp, dir)},
+     * where {@code cmdarray} is an array of all the tokens in
+     * {@code command}.
      *
-     * <p>More precisely, the <code>command</code> string is broken
+     * <p>More precisely, the {@code command} string is broken
      * into tokens using a {@link StringTokenizer} created by the call
-     * <code>new {@link StringTokenizer}(command)</code> with no
+     * {@code new {@link StringTokenizer}(command)} with no
      * further modification of the character categories.  The tokens
      * produced by the tokenizer are then placed in the new string
-     * array <code>cmdarray</code>, in the same order.
+     * array {@code cmdarray}, in the same order.
      *
      * @param   command   a specified system command.
      *
      * @param   envp      array of strings, each element of which
      *                    has environment variable settings in the format
      *                    <i>name</i>=<i>value</i>, or
-     *                    <tt>null</tt> if the subprocess should inherit
+     *                    {@code null} if the subprocess should inherit
      *                    the environment of the current process.
      *
      * @param   dir       the working directory of the subprocess, or
-     *                    <tt>null</tt> if the subprocess should inherit
+     *                    {@code null} if the subprocess should inherit
      *                    the working directory of the current process.
      *
      * @return  A new {@link Process} object for managing the subprocess
@@ -429,11 +427,11 @@
      *          If an I/O error occurs
      *
      * @throws  NullPointerException
-     *          If <code>command</code> is <code>null</code>,
-     *          or one of the elements of <code>envp</code> is <code>null</code>
+     *          If {@code command} is {@code null},
+     *          or one of the elements of {@code envp} is {@code null}
      *
      * @throws  IllegalArgumentException
-     *          If <code>command</code> is empty
+     *          If {@code command} is empty
      *
      * @see     ProcessBuilder
      * @since 1.3
@@ -454,9 +452,9 @@
      * Executes the specified command and arguments in a separate process.
      *
      * <p>This is a convenience method.  An invocation of the form
-     * <tt>exec(cmdarray)</tt>
+     * {@code exec(cmdarray)}
      * behaves in exactly the same way as the invocation
-     * <tt>{@link #exec(String[], String[], File) exec}(cmdarray, null, null)</tt>.
+     * {@link #exec(String[], String[], File) exec}{@code (cmdarray, null, null)}.
      *
      * @param   cmdarray  array containing the command to call and
      *                    its arguments.
@@ -472,12 +470,12 @@
      *          If an I/O error occurs
      *
      * @throws  NullPointerException
-     *          If <code>cmdarray</code> is <code>null</code>,
-     *          or one of the elements of <code>cmdarray</code> is <code>null</code>
+     *          If {@code cmdarray} is {@code null},
+     *          or one of the elements of {@code cmdarray} is {@code null}
      *
      * @throws  IndexOutOfBoundsException
-     *          If <code>cmdarray</code> is an empty array
-     *          (has length <code>0</code>)
+     *          If {@code cmdarray} is an empty array
+     *          (has length {@code 0})
      *
      * @see     ProcessBuilder
      */
@@ -490,9 +488,9 @@
      * with the specified environment.
      *
      * <p>This is a convenience method.  An invocation of the form
-     * <tt>exec(cmdarray, envp)</tt>
+     * {@code exec(cmdarray, envp)}
      * behaves in exactly the same way as the invocation
-     * <tt>{@link #exec(String[], String[], File) exec}(cmdarray, envp, null)</tt>.
+     * {@link #exec(String[], String[], File) exec}{@code (cmdarray, envp, null)}.
      *
      * @param   cmdarray  array containing the command to call and
      *                    its arguments.
@@ -500,7 +498,7 @@
      * @param   envp      array of strings, each element of which
      *                    has environment variable settings in the format
      *                    <i>name</i>=<i>value</i>, or
-     *                    <tt>null</tt> if the subprocess should inherit
+     *                    {@code null} if the subprocess should inherit
      *                    the environment of the current process.
      *
      * @return  A new {@link Process} object for managing the subprocess
@@ -514,13 +512,13 @@
      *          If an I/O error occurs
      *
      * @throws  NullPointerException
-     *          If <code>cmdarray</code> is <code>null</code>,
-     *          or one of the elements of <code>cmdarray</code> is <code>null</code>,
-     *          or one of the elements of <code>envp</code> is <code>null</code>
+     *          If {@code cmdarray} is {@code null},
+     *          or one of the elements of {@code cmdarray} is {@code null},
+     *          or one of the elements of {@code envp} is {@code null}
      *
      * @throws  IndexOutOfBoundsException
-     *          If <code>cmdarray</code> is an empty array
-     *          (has length <code>0</code>)
+     *          If {@code cmdarray} is an empty array
+     *          (has length {@code 0})
      *
      * @see     ProcessBuilder
      */
@@ -533,17 +531,17 @@
      * Executes the specified command and arguments in a separate process with
      * the specified environment and working directory.
      *
-     * <p>Given an array of strings <code>cmdarray</code>, representing the
-     * tokens of a command line, and an array of strings <code>envp</code>,
+     * <p>Given an array of strings {@code cmdarray}, representing the
+     * tokens of a command line, and an array of strings {@code envp},
      * representing "environment" variable settings, this method creates
      * a new process in which to execute the specified command.
      *
-     * <p>This method checks that <code>cmdarray</code> is a valid operating
+     * <p>This method checks that {@code cmdarray} is a valid operating
      * system command.  Which commands are valid is system-dependent,
      * but at the very least the command must be a non-empty list of
      * non-null strings.
      *
-     * <p>If <tt>envp</tt> is <tt>null</tt>, the subprocess inherits the
+     * <p>If {@code envp} is {@code null}, the subprocess inherits the
      * environment settings of the current process.
      *
      * <p>A minimal set of system dependent environment variables may
@@ -554,14 +552,14 @@
      * <p>{@link ProcessBuilder#start()} is now the preferred way to
      * start a process with a modified environment.
      *
-     * <p>The working directory of the new subprocess is specified by <tt>dir</tt>.
-     * If <tt>dir</tt> is <tt>null</tt>, the subprocess inherits the
+     * <p>The working directory of the new subprocess is specified by {@code dir}.
+     * If {@code dir} is {@code null}, the subprocess inherits the
      * current working directory of the current process.
      *
      * <p>If a security manager exists, its
      * {@link SecurityManager#checkExec checkExec}
      * method is invoked with the first component of the array
-     * <code>cmdarray</code> as its argument. This may result in a
+     * {@code cmdarray} as its argument. This may result in a
      * {@link SecurityException} being thrown.
      *
      * <p>Starting an operating system process is highly system-dependent.
@@ -586,11 +584,11 @@
      * @param   envp      array of strings, each element of which
      *                    has environment variable settings in the format
      *                    <i>name</i>=<i>value</i>, or
-     *                    <tt>null</tt> if the subprocess should inherit
+     *                    {@code null} if the subprocess should inherit
      *                    the environment of the current process.
      *
      * @param   dir       the working directory of the subprocess, or
-     *                    <tt>null</tt> if the subprocess should inherit
+     *                    {@code null} if the subprocess should inherit
      *                    the working directory of the current process.
      *
      * @return  A new {@link Process} object for managing the subprocess
@@ -607,13 +605,13 @@
      *          If an I/O error occurs
      *
      * @throws  NullPointerException
-     *          If <code>cmdarray</code> is <code>null</code>,
-     *          or one of the elements of <code>cmdarray</code> is <code>null</code>,
-     *          or one of the elements of <code>envp</code> is <code>null</code>
+     *          If {@code cmdarray} is {@code null},
+     *          or one of the elements of {@code cmdarray} is {@code null},
+     *          or one of the elements of {@code envp} is {@code null}
      *
      * @throws  IndexOutOfBoundsException
-     *          If <code>cmdarray</code> is an empty array
-     *          (has length <code>0</code>)
+     *          If {@code cmdarray} is an empty array
+     *          (has length {@code 0})
      *
      * @see     ProcessBuilder
      * @since 1.3
@@ -643,8 +641,8 @@
     /**
      * Returns the amount of free memory in the Java Virtual Machine.
      * Calling the
-     * <code>gc</code> method may result in increasing the value returned
-     * by <code>freeMemory.</code>
+     * {@code gc} method may result in increasing the value returned
+     * by {@code freeMemory.}
      *
      * @return  an approximation to the total amount of memory currently
      *          available for future allocated objects, measured in bytes.
@@ -665,9 +663,9 @@
     public native long totalMemory();
 
     /**
-     * Returns the maximum amount of memory that the Java virtual machine will
-     * attempt to use.  If there is no inherent limit then the value {@link
-     * java.lang.Long#MAX_VALUE} will be returned.
+     * Returns the maximum amount of memory that the Java virtual machine
+     * will attempt to use.  If there is no inherent limit then the value
+     * {@link java.lang.Long#MAX_VALUE} will be returned.
      *
      * @return  the maximum amount of memory that the virtual machine will
      *          attempt to use, measured in bytes
@@ -683,10 +681,10 @@
      * returns from the method call, the virtual machine has made
      * its best effort to recycle all discarded objects.
      * <p>
-     * The name <code>gc</code> stands for "garbage
+     * The name {@code gc} stands for "garbage
      * collector". The virtual machine performs this recycling
      * process automatically as needed, in a separate thread, even if the
-     * <code>gc</code> method is not invoked explicitly.
+     * {@code gc} method is not invoked explicitly.
      * <p>
      * The method {@link System#gc()} is the conventional and convenient
      * means of invoking this method.
@@ -699,15 +697,15 @@
     /**
      * Runs the finalization methods of any objects pending finalization.
      * Calling this method suggests that the Java virtual machine expend
-     * effort toward running the <code>finalize</code> methods of objects
-     * that have been found to be discarded but whose <code>finalize</code>
+     * effort toward running the {@code finalize} methods of objects
+     * that have been found to be discarded but whose {@code finalize}
      * methods have not yet been run. When control returns from the
      * method call, the virtual machine has made a best effort to
      * complete all outstanding finalizations.
      * <p>
      * The virtual machine performs the finalization process
      * automatically as needed, in a separate thread, if the
-     * <code>runFinalization</code> method is not invoked explicitly.
+     * {@code runFinalization} method is not invoked explicitly.
      * <p>
      * The method {@link System#runFinalization()} is the conventional
      * and convenient means of invoking this method.
@@ -720,7 +718,7 @@
 
     /**
      * Enables/Disables tracing of instructions.
-     * If the <code>boolean</code> argument is <code>true</code>, this
+     * If the {@code boolean} argument is {@code true}, this
      * method suggests that the Java virtual machine emit debugging
      * information for each instruction in the virtual machine as it
      * is executed. The format of this information, and the file or other
@@ -729,18 +727,18 @@
      * this feature. The destination of the trace output is system
      * dependent.
      * <p>
-     * If the <code>boolean</code> argument is <code>false</code>, this
+     * If the {@code boolean} argument is {@code false}, this
      * method causes the virtual machine to stop performing the
      * detailed instruction trace it is performing.
      *
-     * @param   on   <code>true</code> to enable instruction tracing;
-     *               <code>false</code> to disable this feature.
+     * @param   on   {@code true} to enable instruction tracing;
+     *               {@code false} to disable this feature.
      */
     public void traceInstructions(boolean on) { }
 
     /**
      * Enables/Disables tracing of method calls.
-     * If the <code>boolean</code> argument is <code>true</code>, this
+     * If the {@code boolean} argument is {@code true}, this
      * method suggests that the Java virtual machine emit debugging
      * information for each method in the virtual machine as it is
      * called. The format of this information, and the file or other output
@@ -751,8 +749,8 @@
      * Calling this method with argument false suggests that the
      * virtual machine cease emitting per-call debugging information.
      *
-     * @param   on   <code>true</code> to enable instruction tracing;
-     *               <code>false</code> to disable this feature.
+     * @param   on   {@code true} to enable instruction tracing;
+     *               {@code false} to disable this feature.
      */
     public void traceMethodCalls(boolean on) { }
 
@@ -760,7 +758,7 @@
      * Loads the native library specified by the filename argument.  The filename
      * argument must be an absolute path name.
      * (for example
-     * <code>Runtime.getRuntime().load("/home/avh/lib/libX11.so");</code>).
+     * {@code Runtime.getRuntime().load("/home/avh/lib/libX11.so");}).
      *
      * If the filename argument, when stripped of any platform-specific library
      * prefix, path, and file extension, indicates a library whose name is,
@@ -773,8 +771,8 @@
      * Otherwise, the filename argument is mapped to a native library image in
      * an implementation-dependent manner.
      * <p>
-     * First, if there is a security manager, its <code>checkLink</code>
-     * method is called with the <code>filename</code> as its argument.
+     * First, if there is a security manager, its {@code checkLink}
+     * method is called with the {@code filename} as its argument.
      * This may result in a security exception.
      * <p>
      * This is similar to the method {@link #loadLibrary(String)}, but it
@@ -786,14 +784,14 @@
      *
      * @param      filename   the file to load.
      * @exception  SecurityException  if a security manager exists and its
-     *             <code>checkLink</code> method doesn't allow
+     *             {@code checkLink} method doesn't allow
      *             loading of the specified dynamic library
      * @exception  UnsatisfiedLinkError  if either the filename is not an
      *             absolute path name, the native library is not statically
      *             linked with the VM, or the library cannot be mapped to
      *             a native library image by the host system.
-     * @exception  NullPointerException if <code>filename</code> is
-     *             <code>null</code>
+     * @exception  NullPointerException if {@code filename} is
+     *             {@code null}
      * @see        java.lang.Runtime#getRuntime()
      * @see        java.lang.SecurityException
      * @see        java.lang.SecurityManager#checkLink(java.lang.String)
@@ -816,26 +814,26 @@
     }
 
     /**
-     * Loads the native library specified by the <code>libname</code>
-     * argument.  The <code>libname</code> argument must not contain any platform
+     * Loads the native library specified by the {@code libname}
+     * argument.  The {@code libname} argument must not contain any platform
      * specific prefix, file extension or path. If a native library
-     * called <code>libname</code> is statically linked with the VM, then the
-     * JNI_OnLoad_<code>libname</code> function exported by the library is invoked.
+     * called {@code libname} is statically linked with the VM, then the
+     * JNI_OnLoad_{@code libname} function exported by the library is invoked.
      * See the JNI Specification for more details.
      *
      * Otherwise, the libname argument is loaded from a system library
      * location and mapped to a native library image in an implementation-
      * dependent manner.
      * <p>
-     * First, if there is a security manager, its <code>checkLink</code>
-     * method is called with the <code>libname</code> as its argument.
+     * First, if there is a security manager, its {@code checkLink}
+     * method is called with the {@code libname} as its argument.
      * This may result in a security exception.
      * <p>
      * The method {@link System#loadLibrary(String)} is the conventional
      * and convenient means of invoking this method. If native
      * methods are to be used in the implementation of a class, a standard
      * strategy is to put the native code in a library file (call it
-     * <code>LibFile</code>) and then to put a static initializer:
+     * {@code LibFile}) and then to put a static initializer:
      * <blockquote><pre>
      * static { System.loadLibrary("LibFile"); }
      * </pre></blockquote>
@@ -848,14 +846,14 @@
      *
      * @param      libname   the name of the library.
      * @exception  SecurityException  if a security manager exists and its
-     *             <code>checkLink</code> method doesn't allow
+     *             {@code checkLink} method doesn't allow
      *             loading of the specified dynamic library
      * @exception  UnsatisfiedLinkError if either the libname argument
      *             contains a file path, the native library is not statically
      *             linked with the VM,  or the library cannot be mapped to a
      *             native library image by the host system.
-     * @exception  NullPointerException if <code>libname</code> is
-     *             <code>null</code>
+     * @exception  NullPointerException if {@code libname} is
+     *             {@code null}
      * @see        java.lang.SecurityException
      * @see        java.lang.SecurityManager#checkLink(java.lang.String)
      */
@@ -878,7 +876,7 @@
 
     /**
      * Creates a localized version of an input stream. This method takes
-     * an <code>InputStream</code> and returns an <code>InputStream</code>
+     * an {@code InputStream} and returns an {@code InputStream}
      * equivalent to the argument in all respects except that it is
      * localized: as characters in the local character set are read from
      * the stream, they are automatically converted from the local
@@ -894,7 +892,7 @@
      * @see        java.io.InputStreamReader#InputStreamReader(java.io.InputStream)
      * @deprecated As of JDK&nbsp;1.1, the preferred way to translate a byte
      * stream in the local encoding into a character stream in Unicode is via
-     * the <code>InputStreamReader</code> and <code>BufferedReader</code>
+     * the {@code InputStreamReader} and {@code BufferedReader}
      * classes.
      */
     @Deprecated
@@ -904,8 +902,8 @@
 
     /**
      * Creates a localized version of an output stream. This method
-     * takes an <code>OutputStream</code> and returns an
-     * <code>OutputStream</code> equivalent to the argument in all respects
+     * takes an {@code OutputStream} and returns an
+     * {@code OutputStream} equivalent to the argument in all respects
      * except that it is localized: as Unicode characters are written to
      * the stream, they are automatically converted to the local
      * character set.
@@ -915,8 +913,8 @@
      *
      * @deprecated As of JDK&nbsp;1.1, the preferred way to translate a
      * Unicode character stream into a byte stream in the local encoding is via
-     * the <code>OutputStreamWriter</code>, <code>BufferedWriter</code>, and
-     * <code>PrintWriter</code> classes.
+     * the {@code OutputStreamWriter}, {@code BufferedWriter}, and
+     * {@code PrintWriter} classes.
      *
      * @param      out OutputStream to localize
      * @return     a localized output stream
--- a/jdk/src/java.base/share/classes/java/lang/invoke/LambdaForm.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/java/lang/invoke/LambdaForm.java	Thu Apr 30 17:20:49 2015 -0700
@@ -631,7 +631,7 @@
      * as a sort of pre-invocation linkage step.)
      */
     public void prepare() {
-        if (COMPILE_THRESHOLD == 0) {
+        if (COMPILE_THRESHOLD == 0 && !isCompiled) {
             compileToBytecode();
         }
         if (this.vmentry != null) {
@@ -645,11 +645,11 @@
 
     /** Generate optimizable bytecode for this form. */
     MemberName compileToBytecode() {
-        MethodType invokerType = methodType();
-        assert(vmentry == null || vmentry.getMethodType().basicType().equals(invokerType));
         if (vmentry != null && isCompiled) {
             return vmentry;  // already compiled somehow
         }
+        MethodType invokerType = methodType();
+        assert(vmentry == null || vmentry.getMethodType().basicType().equals(invokerType));
         try {
             vmentry = InvokerBytecodeGenerator.generateCustomizedCode(this, invokerType);
             if (TRACE_INTERPRETER)
--- a/jdk/src/java.base/share/classes/java/nio/file/AtomicMoveNotSupportedException.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/java/nio/file/AtomicMoveNotSupportedException.java	Thu Apr 30 17:20:49 2015 -0700
@@ -45,7 +45,7 @@
      * @param   target
      *          a string identifying the target file or {@code null} if not known
      * @param   reason
-     *          a reason message with additional information
+     *          a reason message with additional information or {@code null}
      */
     public AtomicMoveNotSupportedException(String source,
                                            String target,
--- a/jdk/src/java.base/share/classes/java/security/AccessControlContext.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/java/security/AccessControlContext.java	Thu Apr 30 17:20:49 2015 -0700
@@ -458,7 +458,7 @@
                     Thread.dumpStack();
                     final ProtectionDomain pd = context[i];
                     final Debug db = debug;
-                    AccessController.doPrivileged (new PrivilegedAction<Void>() {
+                    AccessController.doPrivileged (new PrivilegedAction<>() {
                         public Void run() {
                             db.println("domain that failed "+pd);
                             return null;
--- a/jdk/src/java.base/share/classes/java/security/AccessController.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/java/security/AccessController.java	Thu Apr 30 17:20:49 2015 -0700
@@ -612,7 +612,7 @@
 
     private static ProtectionDomain getCallerPD(final Class <?> caller) {
         ProtectionDomain callerPd = doPrivileged
-            (new PrivilegedAction<ProtectionDomain>() {
+            (new PrivilegedAction<>() {
             public ProtectionDomain run() {
                 return caller.getProtectionDomain();
             }
--- a/jdk/src/java.base/share/classes/java/security/AllPermission.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/java/security/AllPermission.java	Thu Apr 30 17:20:49 2015 -0700
@@ -212,7 +212,7 @@
      * @return an enumeration of all the AllPermission objects.
      */
     public Enumeration<Permission> elements() {
-        return new Enumeration<Permission>() {
+        return new Enumeration<>() {
             private boolean hasMore = all_allowed;
 
             public boolean hasMoreElements() {
--- a/jdk/src/java.base/share/classes/java/security/BasicPermission.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/java/security/BasicPermission.java	Thu Apr 30 17:20:49 2015 -0700
@@ -332,7 +332,7 @@
      */
 
     public BasicPermissionCollection(Class<?> clazz) {
-        perms = new HashMap<String, Permission>(11);
+        perms = new HashMap<>(11);
         all_allowed = false;
         permClass = clazz;
     }
@@ -533,7 +533,7 @@
         @SuppressWarnings("unchecked")
         Hashtable<String, Permission> permissions =
                 (Hashtable<String, Permission>)gfields.get("permissions", null);
-        perms = new HashMap<String, Permission>(permissions.size()*2);
+        perms = new HashMap<>(permissions.size()*2);
         perms.putAll(permissions);
 
         // Get all_allowed
--- a/jdk/src/java.base/share/classes/java/security/CodeSource.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/java/security/CodeSource.java	Thu Apr 30 17:20:49 2015 -0700
@@ -543,7 +543,7 @@
         if (size > 0) {
             // we know of 3 different cert types: X.509, PGP, SDSI, which
             // could all be present in the stream at the same time
-            cfs = new Hashtable<String, CertificateFactory>(3);
+            cfs = new Hashtable<>(3);
             this.certs = new java.security.cert.Certificate[size];
         }
 
--- a/jdk/src/java.base/share/classes/java/security/Identity.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/java/security/Identity.java	Thu Apr 30 17:20:49 2015 -0700
@@ -185,7 +185,7 @@
 
         check("setIdentityPublicKey");
         this.publicKey = key;
-        certificates = new Vector<Certificate>();
+        certificates = new Vector<>();
     }
 
     /**
@@ -248,7 +248,7 @@
         check("addIdentityCertificate");
 
         if (certificates == null) {
-            certificates = new Vector<Certificate>();
+            certificates = new Vector<>();
         }
         if (publicKey != null) {
             if (!keyEquals(publicKey, certificate.getPublicKey())) {
--- a/jdk/src/java.base/share/classes/java/security/IdentityScope.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/java/security/IdentityScope.java	Thu Apr 30 17:20:49 2015 -0700
@@ -74,7 +74,7 @@
     private static void initializeSystemScope() {
 
         String classname = AccessController.doPrivileged(
-                                new PrivilegedAction<String>() {
+                                new PrivilegedAction<>() {
             public String run() {
                 return Security.getProperty("system.scope");
             }
--- a/jdk/src/java.base/share/classes/java/security/KeyStore.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/java/security/KeyStore.java	Thu Apr 30 17:20:49 2015 -0700
@@ -976,7 +976,7 @@
      */
     public final static String getDefaultType() {
         String kstype;
-        kstype = AccessController.doPrivileged(new PrivilegedAction<String>() {
+        kstype = AccessController.doPrivileged(new PrivilegedAction<>() {
             public String run() {
                 return Security.getProperty(KEYSTORE_TYPE);
             }
--- a/jdk/src/java.base/share/classes/java/security/Permissions.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/java/security/Permissions.java	Thu Apr 30 17:20:49 2015 -0700
@@ -99,7 +99,7 @@
      * Creates a new Permissions object containing no PermissionCollections.
      */
     public Permissions() {
-        permsMap = new HashMap<Class<?>, PermissionCollection>(11);
+        permsMap = new HashMap<>(11);
         allPermission = null;
     }
 
@@ -394,7 +394,7 @@
         @SuppressWarnings("unchecked")
         Hashtable<Class<?>, PermissionCollection> perms =
             (Hashtable<Class<?>, PermissionCollection>)gfields.get("perms", null);
-        permsMap = new HashMap<Class<?>, PermissionCollection>(perms.size()*2);
+        permsMap = new HashMap<>(perms.size()*2);
         permsMap.putAll(perms);
 
         // Set hasUnresolved
@@ -488,7 +488,7 @@
      */
 
     PermissionsHash() {
-        permsMap = new HashMap<Permission, Permission>(11);
+        permsMap = new HashMap<>(11);
     }
 
     /**
@@ -597,7 +597,7 @@
         @SuppressWarnings("unchecked")
         Hashtable<Permission, Permission> perms =
                 (Hashtable<Permission, Permission>)gfields.get("perms", null);
-        permsMap = new HashMap<Permission, Permission>(perms.size()*2);
+        permsMap = new HashMap<>(perms.size()*2);
         permsMap.putAll(perms);
     }
 }
--- a/jdk/src/java.base/share/classes/java/security/Policy.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/java/security/Policy.java	Thu Apr 30 17:20:49 2015 -0700
@@ -170,7 +170,7 @@
                 PolicyInfo pinfo = policy.get();
                 if (pinfo.policy == null) {
                     String policy_class = AccessController.doPrivileged(
-                        new PrivilegedAction<String>() {
+                        new PrivilegedAction<>() {
                         public String run() {
                             return Security.getProperty("policy.provider");
                         }
@@ -199,7 +199,7 @@
 
                         final String pc = policy_class;
                         Policy pol = AccessController.doPrivileged(
-                            new PrivilegedAction<Policy>() {
+                            new PrivilegedAction<>() {
                             public Policy run() {
                                 try {
                                     ClassLoader cl =
@@ -303,7 +303,7 @@
          */
 
         ProtectionDomain policyDomain =
-        AccessController.doPrivileged(new PrivilegedAction<ProtectionDomain>() {
+        AccessController.doPrivileged(new PrivilegedAction<>() {
             public ProtectionDomain run() {
                 return p.getClass().getProtectionDomain();
             }
--- a/jdk/src/java.base/share/classes/java/security/ProtectionDomain.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/java/security/ProtectionDomain.java	Thu Apr 30 17:20:49 2015 -0700
@@ -367,7 +367,7 @@
 
         PermissionCollection perms =
             java.security.AccessController.doPrivileged
-            (new java.security.PrivilegedAction<PermissionCollection>() {
+            (new java.security.PrivilegedAction<>() {
                     public PermissionCollection run() {
                         Policy p = Policy.getPolicyNoCheck();
                         return p.getPermissions(ProtectionDomain.this);
--- a/jdk/src/java.base/share/classes/java/security/Provider.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/java/security/Provider.java	Thu Apr 30 17:20:49 2015 -0700
@@ -711,7 +711,7 @@
 
         legacyChanged = true;
         if (legacyStrings == null) {
-            legacyStrings = new LinkedHashMap<String,String>();
+            legacyStrings = new LinkedHashMap<>();
         }
         return true;
     }
@@ -773,7 +773,7 @@
     private void implReplaceAll(BiFunction<? super Object, ? super Object, ? extends Object> function) {
         legacyChanged = true;
         if (legacyStrings == null) {
-            legacyStrings = new LinkedHashMap<String,String>();
+            legacyStrings = new LinkedHashMap<>();
         } else {
             legacyStrings.replaceAll((BiFunction<? super String, ? super String, ? extends String>) function);
         }
@@ -905,7 +905,7 @@
         }
         serviceSet = null;
         if (legacyMap == null) {
-            legacyMap = new LinkedHashMap<ServiceKey,Service>();
+            legacyMap = new LinkedHashMap<>();
         } else {
             legacyMap.clear();
         }
@@ -1133,7 +1133,7 @@
                     ("service.getProvider() must match this Provider object");
         }
         if (serviceMap == null) {
-            serviceMap = new LinkedHashMap<ServiceKey,Service>();
+            serviceMap = new LinkedHashMap<>();
         }
         servicesChanged = true;
         String type = s.getType();
@@ -1305,7 +1305,7 @@
     }
 
     static {
-        knownEngines = new HashMap<String,EngineDescription>();
+        knownEngines = new HashMap<>();
         // JCA
         addEngine("AlgorithmParameterGenerator",        false, null);
         addEngine("AlgorithmParameters",                false, null);
@@ -1431,14 +1431,14 @@
 
         private void addAlias(String alias) {
             if (aliases.isEmpty()) {
-                aliases = new ArrayList<String>(2);
+                aliases = new ArrayList<>(2);
             }
             aliases.add(alias);
         }
 
         void addAttribute(String type, String value) {
             if (attributes.isEmpty()) {
-                attributes = new HashMap<UString,String>(8);
+                attributes = new HashMap<>(8);
             }
             attributes.put(new UString(type), value);
         }
@@ -1471,12 +1471,12 @@
             if (aliases == null) {
                 this.aliases = Collections.<String>emptyList();
             } else {
-                this.aliases = new ArrayList<String>(aliases);
+                this.aliases = new ArrayList<>(aliases);
             }
             if (attributes == null) {
                 this.attributes = Collections.<UString,String>emptyMap();
             } else {
-                this.attributes = new HashMap<UString,String>();
+                this.attributes = new HashMap<>();
                 for (Map.Entry<String,String> entry : attributes.entrySet()) {
                     this.attributes.put(new UString(entry.getKey()), entry.getValue());
                 }
@@ -1644,7 +1644,7 @@
                             ("class configured for " + type + " (provider: " +
                             provider.getName() + ") is not public.");
                     }
-                    classRef = new WeakReference<Class<?>>(clazz);
+                    classRef = new WeakReference<>(clazz);
                 }
                 return clazz;
             } catch (ClassNotFoundException e) {
--- a/jdk/src/java.base/share/classes/java/security/SecureRandom.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/java/security/SecureRandom.java	Thu Apr 30 17:20:49 2015 -0700
@@ -616,7 +616,7 @@
             throws NoSuchAlgorithmException {
 
         String property = AccessController.doPrivileged(
-            new PrivilegedAction<String>() {
+            new PrivilegedAction<>() {
                 @Override
                 public String run() {
                     return Security.getProperty(
--- a/jdk/src/java.base/share/classes/java/security/Security.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/java/security/Security.java	Thu Apr 30 17:20:49 2015 -0700
@@ -66,7 +66,7 @@
         // things in initialize that might require privs.
         // (the FileInputStream call and the File.exists call,
         // the securityPropFile call, etc)
-        AccessController.doPrivileged(new PrivilegedAction<Void>() {
+        AccessController.doPrivileged(new PrivilegedAction<>() {
             public Void run() {
                 initialize();
                 return null;
@@ -810,7 +810,7 @@
         final boolean pd = key.equals("package.definition");
 
         if (pa || pd) {
-            AccessController.doPrivileged(new PrivilegedAction<Void>() {
+            AccessController.doPrivileged(new PrivilegedAction<>() {
                 public Void run() {
                     try {
                         /* Get the class via the bootstrap class loader. */
--- a/jdk/src/java.base/share/classes/java/security/Signature.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/java/security/Signature.java	Thu Apr 30 17:20:49 2015 -0700
@@ -265,7 +265,7 @@
     private final static Map<String,Boolean> signatureInfo;
 
     static {
-        signatureInfo = new ConcurrentHashMap<String,Boolean>();
+        signatureInfo = new ConcurrentHashMap<>();
         Boolean TRUE = Boolean.TRUE;
         // pre-initialize with values for our SignatureSpi implementations
         signatureInfo.put("sun.security.provider.DSA$RawDSA", TRUE);
--- a/jdk/src/java.base/share/classes/java/security/Signer.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/java/security/Signer.java	Thu Apr 30 17:20:49 2015 -0700
@@ -140,7 +140,7 @@
         }
         try {
             AccessController.doPrivileged(
-                new PrivilegedExceptionAction<Void>() {
+                new PrivilegedExceptionAction<>() {
                 public Void run() throws KeyManagementException {
                     setPublicKey(pub);
                     return null;
--- a/jdk/src/java.base/share/classes/java/security/UnresolvedPermission.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/java/security/UnresolvedPermission.java	Thu Apr 30 17:20:49 2015 -0700
@@ -560,7 +560,7 @@
         if (size > 0) {
             // we know of 3 different cert types: X.509, PGP, SDSI, which
             // could all be present in the stream at the same time
-            cfs = new Hashtable<String, CertificateFactory>(3);
+            cfs = new Hashtable<>(3);
             this.certs = new java.security.cert.Certificate[size];
         }
 
--- a/jdk/src/java.base/share/classes/java/security/UnresolvedPermissionCollection.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/java/security/UnresolvedPermissionCollection.java	Thu Apr 30 17:20:49 2015 -0700
@@ -61,7 +61,7 @@
      *
      */
     public UnresolvedPermissionCollection() {
-        perms = new HashMap<String, List<UnresolvedPermission>>(11);
+        perms = new HashMap<>(11);
     }
 
     /**
@@ -82,7 +82,7 @@
         synchronized (this) {
             v = perms.get(up.getName());
             if (v == null) {
-                v = new ArrayList<UnresolvedPermission>();
+                v = new ArrayList<>();
                 perms.put(up.getName(), v);
             }
         }
@@ -203,7 +203,7 @@
         Hashtable<String, Vector<UnresolvedPermission>> permissions =
                 (Hashtable<String, Vector<UnresolvedPermission>>)
                 gfields.get("permissions", null);
-        perms = new HashMap<String, List<UnresolvedPermission>>(permissions.size()*2);
+        perms = new HashMap<>(permissions.size()*2);
 
         // Convert each entry (Vector) into a List
         Set<Map.Entry<String, Vector<UnresolvedPermission>>> set = permissions.entrySet();
--- a/jdk/src/java.base/share/classes/java/security/cert/CertPathBuilder.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/java/security/cert/CertPathBuilder.java	Thu Apr 30 17:20:49 2015 -0700
@@ -301,7 +301,7 @@
      */
     public final static String getDefaultType() {
         String cpbtype =
-            AccessController.doPrivileged(new PrivilegedAction<String>() {
+            AccessController.doPrivileged(new PrivilegedAction<>() {
                 public String run() {
                     return Security.getProperty(CPB_TYPE);
                 }
--- a/jdk/src/java.base/share/classes/java/security/cert/CertPathValidator.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/java/security/cert/CertPathValidator.java	Thu Apr 30 17:20:49 2015 -0700
@@ -313,7 +313,7 @@
      */
     public final static String getDefaultType() {
         String cpvtype =
-            AccessController.doPrivileged(new PrivilegedAction<String>() {
+            AccessController.doPrivileged(new PrivilegedAction<>() {
                 public String run() {
                     return Security.getProperty(CPV_TYPE);
                 }
--- a/jdk/src/java.base/share/classes/java/security/cert/CertStore.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/java/security/cert/CertStore.java	Thu Apr 30 17:20:49 2015 -0700
@@ -409,7 +409,7 @@
      */
     public final static String getDefaultType() {
         String cstype;
-        cstype = AccessController.doPrivileged(new PrivilegedAction<String>() {
+        cstype = AccessController.doPrivileged(new PrivilegedAction<>() {
             public String run() {
                 return Security.getProperty(CERTSTORE_TYPE);
             }
--- a/jdk/src/java.base/share/classes/java/security/cert/CertificateRevokedException.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/java/security/cert/CertificateRevokedException.java	Thu Apr 30 17:20:49 2015 -0700
@@ -231,7 +231,7 @@
         if (size == 0) {
             extensions = Collections.emptyMap();
         } else {
-            extensions = new HashMap<String, Extension>(size);
+            extensions = new HashMap<>(size);
         }
 
         // Read in the extensions and put the mappings in the extensions map
--- a/jdk/src/java.base/share/classes/java/security/cert/PKIXParameters.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/java/security/cert/PKIXParameters.java	Thu Apr 30 17:20:49 2015 -0700
@@ -120,8 +120,8 @@
         setTrustAnchors(trustAnchors);
 
         this.unmodInitialPolicies = Collections.<String>emptySet();
-        this.certPathCheckers = new ArrayList<PKIXCertPathChecker>();
-        this.certStores = new ArrayList<CertStore>();
+        this.certPathCheckers = new ArrayList<>();
+        this.certStores = new ArrayList<>();
     }
 
     /**
@@ -144,7 +144,7 @@
         if (keystore == null)
             throw new NullPointerException("the keystore parameter must be " +
                 "non-null");
-        Set<TrustAnchor> hashSet = new HashSet<TrustAnchor>();
+        Set<TrustAnchor> hashSet = new HashSet<>();
         Enumeration<String> aliases = keystore.aliases();
         while (aliases.hasMoreElements()) {
             String alias = aliases.nextElement();
@@ -156,8 +156,8 @@
         }
         setTrustAnchors(hashSet);
         this.unmodInitialPolicies = Collections.<String>emptySet();
-        this.certPathCheckers = new ArrayList<PKIXCertPathChecker>();
-        this.certStores = new ArrayList<CertStore>();
+        this.certPathCheckers = new ArrayList<>();
+        this.certStores = new ArrayList<>();
     }
 
     /**
@@ -207,7 +207,7 @@
             }
         }
         this.unmodTrustAnchors = Collections.unmodifiableSet
-                (new HashSet<TrustAnchor>(trustAnchors));
+                (new HashSet<>(trustAnchors));
     }
 
     /**
@@ -256,7 +256,7 @@
                         + "of type java.lang.String");
             }
             this.unmodInitialPolicies =
-                Collections.unmodifiableSet(new HashSet<String>(initialPolicies));
+                Collections.unmodifiableSet(new HashSet<>(initialPolicies));
         } else
             this.unmodInitialPolicies = Collections.<String>emptySet();
     }
@@ -280,7 +280,7 @@
      */
     public void setCertStores(List<CertStore> stores) {
         if (stores == null) {
-            this.certStores = new ArrayList<CertStore>();
+            this.certStores = new ArrayList<>();
         } else {
             for (Iterator<CertStore> i = stores.iterator(); i.hasNext();) {
                 if (!(i.next() instanceof CertStore)) {
@@ -288,7 +288,7 @@
                         + "of type java.security.cert.CertStore");
                 }
             }
-            this.certStores = new ArrayList<CertStore>(stores);
+            this.certStores = new ArrayList<>(stores);
         }
     }
 
@@ -316,7 +316,7 @@
      */
     public List<CertStore> getCertStores() {
         return Collections.unmodifiableList
-                (new ArrayList<CertStore>(this.certStores));
+                (new ArrayList<>(this.certStores));
     }
 
     /**
@@ -544,14 +544,13 @@
      */
     public void setCertPathCheckers(List<PKIXCertPathChecker> checkers) {
         if (checkers != null) {
-            List<PKIXCertPathChecker> tmpList =
-                        new ArrayList<PKIXCertPathChecker>();
+            List<PKIXCertPathChecker> tmpList = new ArrayList<>();
             for (PKIXCertPathChecker checker : checkers) {
                 tmpList.add((PKIXCertPathChecker)checker.clone());
             }
             this.certPathCheckers = tmpList;
         } else {
-            this.certPathCheckers = new ArrayList<PKIXCertPathChecker>();
+            this.certPathCheckers = new ArrayList<>();
         }
     }
 
@@ -567,7 +566,7 @@
      * @see #setCertPathCheckers
      */
     public List<PKIXCertPathChecker> getCertPathCheckers() {
-        List<PKIXCertPathChecker> tmpList = new ArrayList<PKIXCertPathChecker>();
+        List<PKIXCertPathChecker> tmpList = new ArrayList<>();
         for (PKIXCertPathChecker ck : certPathCheckers) {
             tmpList.add((PKIXCertPathChecker)ck.clone());
         }
@@ -667,11 +666,11 @@
 
             // must clone these because addCertStore, et al. modify them
             if (certStores != null) {
-                copy.certStores = new ArrayList<CertStore>(certStores);
+                copy.certStores = new ArrayList<>(certStores);
             }
             if (certPathCheckers != null) {
                 copy.certPathCheckers =
-                    new ArrayList<PKIXCertPathChecker>(certPathCheckers.size());
+                    new ArrayList<>(certPathCheckers.size());
                 for (PKIXCertPathChecker checker : certPathCheckers) {
                     copy.certPathCheckers.add(
                                     (PKIXCertPathChecker)checker.clone());
--- a/jdk/src/java.base/share/classes/java/security/cert/PKIXRevocationChecker.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/java/security/cert/PKIXRevocationChecker.java	Thu Apr 30 17:20:49 2015 -0700
@@ -170,7 +170,7 @@
     {
         this.ocspExtensions = (extensions == null)
                               ? Collections.<Extension>emptyList()
-                              : new ArrayList<Extension>(extensions);
+                              : new ArrayList<>(extensions);
     }
 
     /**
@@ -232,7 +232,7 @@
     public void setOptions(Set<Option> options) {
         this.options = (options == null)
                        ? Collections.<Option>emptySet()
-                       : new HashSet<Option>(options);
+                       : new HashSet<>(options);
     }
 
     /**
--- a/jdk/src/java.base/share/classes/java/security/cert/X509CRLSelector.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/java/security/cert/X509CRLSelector.java	Thu Apr 30 17:20:49 2015 -0700
@@ -124,8 +124,8 @@
             issuerX500Principals = null;
         } else {
             // clone
-            issuerX500Principals = new HashSet<X500Principal>(issuers);
-            issuerNames = new HashSet<Object>();
+            issuerX500Principals = new HashSet<>(issuers);
+            issuerNames = new HashSet<>();
             for (X500Principal p : issuerX500Principals) {
                 issuerNames.add(p.getEncoded());
             }
@@ -288,10 +288,10 @@
      */
     private void addIssuerNameInternal(Object name, X500Principal principal) {
         if (issuerNames == null) {
-            issuerNames = new HashSet<Object>();
+            issuerNames = new HashSet<>();
         }
         if (issuerX500Principals == null) {
-            issuerX500Principals = new HashSet<X500Principal>();
+            issuerX500Principals = new HashSet<>();
         }
         issuerNames.add(name);
         issuerX500Principals.add(principal);
@@ -311,7 +311,7 @@
     private static HashSet<Object> cloneAndCheckIssuerNames(Collection<?> names)
         throws IOException
     {
-        HashSet<Object> namesCopy = new HashSet<Object>();
+        HashSet<Object> namesCopy = new HashSet<>();
         Iterator<?> i = names.iterator();
         while (i.hasNext()) {
             Object nameObject = i.next();
@@ -363,7 +363,7 @@
      */
     private static HashSet<X500Principal> parseIssuerNames(Collection<Object> names)
     throws IOException {
-        HashSet<X500Principal> x500Principals = new HashSet<X500Principal>();
+        HashSet<X500Principal> x500Principals = new HashSet<>();
         for (Iterator<Object> t = names.iterator(); t.hasNext(); ) {
             Object nameObject = t.next();
             if (nameObject instanceof String) {
@@ -701,9 +701,9 @@
             X509CRLSelector copy = (X509CRLSelector)super.clone();
             if (issuerNames != null) {
                 copy.issuerNames =
-                        new HashSet<Object>(issuerNames);
+                        new HashSet<>(issuerNames);
                 copy.issuerX500Principals =
-                        new HashSet<X500Principal>(issuerX500Principals);
+                        new HashSet<>(issuerX500Principals);
             }
             return copy;
         } catch (CloneNotSupportedException e) {
--- a/jdk/src/java.base/share/classes/java/security/cert/X509CertSelector.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/java/security/cert/X509CertSelector.java	Thu Apr 30 17:20:49 2015 -0700
@@ -619,8 +619,8 @@
             keyPurposeOIDSet = null;
         } else {
             this.keyPurposeSet =
-                Collections.unmodifiableSet(new HashSet<String>(keyPurposeSet));
-            keyPurposeOIDSet = new HashSet<ObjectIdentifier>();
+                Collections.unmodifiableSet(new HashSet<>(keyPurposeSet));
+            keyPurposeOIDSet = new HashSet<>();
             for (String s : this.keyPurposeSet) {
                 keyPurposeOIDSet.add(new ObjectIdentifier(s));
             }
@@ -815,12 +815,12 @@
         // First, ensure that the name parses
         GeneralNameInterface tempName = makeGeneralNameInterface(type, name);
         if (subjectAlternativeNames == null) {
-            subjectAlternativeNames = new HashSet<List<?>>();
+            subjectAlternativeNames = new HashSet<>();
         }
         if (subjectAlternativeGeneralNames == null) {
-            subjectAlternativeGeneralNames = new HashSet<GeneralNameInterface>();
+            subjectAlternativeGeneralNames = new HashSet<>();
         }
-        List<Object> list = new ArrayList<Object>(2);
+        List<Object> list = new ArrayList<>(2);
         list.add(Integer.valueOf(type));
         list.add(name);
         subjectAlternativeNames.add(list);
@@ -845,7 +845,7 @@
      * @throws IOException if a parsing error occurs
      */
     private static Set<GeneralNameInterface> parseNames(Collection<List<?>> names) throws IOException {
-        Set<GeneralNameInterface> genNames = new HashSet<GeneralNameInterface>();
+        Set<GeneralNameInterface> genNames = new HashSet<>();
         for (List<?> nameList : names) {
             if (nameList.size() != 2) {
                 throw new IOException("name list size not 2");
@@ -1096,10 +1096,10 @@
         } else {
             // Snapshot set and parse it
             Set<String> tempSet = Collections.unmodifiableSet
-                                        (new HashSet<String>(certPolicySet));
+                                        (new HashSet<>(certPolicySet));
             /* Convert to Vector of ObjectIdentifiers */
             Iterator<String> i = tempSet.iterator();
-            Vector<CertificatePolicyId> polIdVector = new Vector<CertificatePolicyId>();
+            Vector<CertificatePolicyId> polIdVector = new Vector<>();
             while (i.hasNext()) {
                 Object o = i.next();
                 if (!(o instanceof String)) {
@@ -1267,10 +1267,10 @@
         // First, ensure that the name parses
         GeneralNameInterface tempName = makeGeneralNameInterface(type, name);
         if (pathToGeneralNames == null) {
-            pathToNames = new HashSet<List<?>>();
-            pathToGeneralNames = new HashSet<GeneralNameInterface>();
+            pathToNames = new HashSet<>();
+            pathToGeneralNames = new HashSet<>();
         }
-        List<Object> list = new ArrayList<Object>(2);
+        List<Object> list = new ArrayList<>(2);
         list.add(Integer.valueOf(type));
         list.add(name);
         pathToNames.add(list);
@@ -1671,10 +1671,10 @@
      */
     private static Set<List<?>> cloneAndCheckNames(Collection<List<?>> names) throws IOException {
         // Copy the Lists and Collection
-        Set<List<?>> namesCopy = new HashSet<List<?>>();
+        Set<List<?>> namesCopy = new HashSet<>();
         for (List<?> o : names)
         {
-            namesCopy.add(new ArrayList<Object>(o));
+            namesCopy.add(new ArrayList<>(o));
         }
 
         // Check the contents of the Lists and clone any byte arrays
@@ -2397,7 +2397,7 @@
              * Convert the Vector of PolicyInformation to a Vector
              * of CertificatePolicyIds for easier comparison.
              */
-            List<CertificatePolicyId> policyIDs = new ArrayList<CertificatePolicyId>(policies.size());
+            List<CertificatePolicyId> policyIDs = new ArrayList<>(policies.size());
             for (PolicyInformation info : policies) {
                 policyIDs.add(info.getPolicyIdentifier());
             }
--- a/jdk/src/java.base/share/classes/java/util/JapaneseImperialCalendar.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/java/util/JapaneseImperialCalendar.java	Thu Apr 30 17:20:49 2015 -0700
@@ -53,9 +53,9 @@
  * ------------------------------------------------------
  * }</pre>
  *
- * <p><code>ERA</code> value 0 specifies the years before Meiji and
- * the Gregorian year values are used. Unlike {@link
- * GregorianCalendar}, the Julian to Gregorian transition is not
+ * <p>{@code ERA} value 0 specifies the years before Meiji and
+ * the Gregorian year values are used. Unlike
+ * {@link GregorianCalendar}, the Julian to Gregorian transition is not
  * supported because it doesn't make any sense to the Japanese
  * calendar systems used before Meiji. To represent the years before
  * Gregorian year 1, 0 and negative values are used. The Japanese
@@ -66,7 +66,7 @@
  * <p>A new era can be specified using property
  * jdk.calendar.japanese.supplemental.era. The new era is added to the
  * predefined eras. The syntax of the property is as follows.
- * <p><pre>
+ * <pre>
  *   {@code name=<name>,abbr=<abbr>,since=<time['u']>}
  * </pre>
  * where
@@ -83,7 +83,7 @@
  * ignored.
  *
  * <p>The following is an example of the property usage.
- * <p><pre>
+ * <pre>
  *   java -Djdk.calendar.japanese.supplemental.era="name=NewEra,abbr=N,since=253374307200000"
  * </pre>
  * The property specifies an era change to NewEra at 9999-02-11T00:00:00 local time.
@@ -315,7 +315,7 @@
     private transient int[] originalFields;
 
     /**
-     * Constructs a <code>JapaneseImperialCalendar</code> based on the current time
+     * Constructs a {@code JapaneseImperialCalendar} based on the current time
      * in the given time zone with the given locale.
      *
      * @param zone the given time zone.
@@ -351,16 +351,16 @@
     }
 
     /**
-     * Compares this <code>JapaneseImperialCalendar</code> to the specified
-     * <code>Object</code>. The result is <code>true</code> if and
-     * only if the argument is a <code>JapaneseImperialCalendar</code> object
+     * Compares this {@code JapaneseImperialCalendar} to the specified
+     * {@code Object}. The result is {@code true} if and
+     * only if the argument is a {@code JapaneseImperialCalendar} object
      * that represents the same time value (millisecond offset from
      * the <a href="Calendar.html#Epoch">Epoch</a>) under the same
-     * <code>Calendar</code> parameters.
+     * {@code Calendar} parameters.
      *
      * @param obj the object to compare with.
-     * @return <code>true</code> if this object is equal to <code>obj</code>;
-     * <code>false</code> otherwise.
+     * @return {@code true} if this object is equal to {@code obj};
+     * {@code false} otherwise.
      * @see Calendar#compareTo(Calendar)
      */
     @Override
@@ -371,7 +371,7 @@
 
     /**
      * Generates the hash code for this
-     * <code>JapaneseImperialCalendar</code> object.
+     * {@code JapaneseImperialCalendar} object.
      */
     @Override
     public int hashCode() {
@@ -382,27 +382,27 @@
      * Adds the specified (signed) amount of time to the given calendar field,
      * based on the calendar's rules.
      *
-     * <p><em>Add rule 1</em>. The value of <code>field</code>
-     * after the call minus the value of <code>field</code> before the
-     * call is <code>amount</code>, modulo any overflow that has occurred in
-     * <code>field</code>. Overflow occurs when a field value exceeds its
+     * <p><em>Add rule 1</em>. The value of {@code field}
+     * after the call minus the value of {@code field} before the
+     * call is {@code amount}, modulo any overflow that has occurred in
+     * {@code field}. Overflow occurs when a field value exceeds its
      * range and, as a result, the next larger field is incremented or
      * decremented and the field value is adjusted back into its range.</p>
      *
      * <p><em>Add rule 2</em>. If a smaller field is expected to be
      * invariant, but it is impossible for it to be equal to its
      * prior value because of changes in its minimum or maximum after
-     * <code>field</code> is changed, then its value is adjusted to be as close
+     * {@code field} is changed, then its value is adjusted to be as close
      * as possible to its expected value. A smaller field represents a
-     * smaller unit of time. <code>HOUR</code> is a smaller field than
-     * <code>DAY_OF_MONTH</code>. No adjustment is made to smaller fields
+     * smaller unit of time. {@code HOUR} is a smaller field than
+     * {@code DAY_OF_MONTH}. No adjustment is made to smaller fields
      * that are not expected to be invariant. The calendar system
      * determines what fields are expected to be invariant.</p>
      *
      * @param field the calendar field.
      * @param amount the amount of date or time to be added to the field.
-     * @exception IllegalArgumentException if <code>field</code> is
-     * <code>ZONE_OFFSET</code>, <code>DST_OFFSET</code>, or unknown,
+     * @exception IllegalArgumentException if {@code field} is
+     * {@code ZONE_OFFSET}, {@code DST_OFFSET}, or unknown,
      * or if any calendar fields have out-of-range values in
      * non-lenient mode.
      */
@@ -548,12 +548,12 @@
      * <p>This method calls {@link #complete()} before adding the
      * amount so that all the calendar fields are normalized. If there
      * is any calendar field having an out-of-range value in non-lenient mode, then an
-     * <code>IllegalArgumentException</code> is thrown.
+     * {@code IllegalArgumentException} is thrown.
      *
      * @param field the calendar field.
-     * @param amount the signed amount to add to <code>field</code>.
-     * @exception IllegalArgumentException if <code>field</code> is
-     * <code>ZONE_OFFSET</code>, <code>DST_OFFSET</code>, or unknown,
+     * @param amount the signed amount to add to {@code field}.
+     * @exception IllegalArgumentException if {@code field} is
+     * {@code ZONE_OFFSET}, {@code DST_OFFSET}, or unknown,
      * or if any calendar fields have out-of-range values in
      * non-lenient mode.
      * @see #roll(int,boolean)
@@ -1055,9 +1055,9 @@
 
     /**
      * Returns the minimum value for the given calendar field of this
-     * <code>Calendar</code> instance. The minimum value is
-     * defined as the smallest value returned by the {@link
-     * Calendar#get(int) get} method for any possible time value,
+     * {@code Calendar} instance. The minimum value is
+     * defined as the smallest value returned by the
+     * {@link Calendar#get(int) get} method for any possible time value,
      * taking into consideration the current values of the
      * {@link Calendar#getFirstDayOfWeek() getFirstDayOfWeek},
      * {@link Calendar#getMinimalDaysInFirstWeek() getMinimalDaysInFirstWeek},
@@ -1077,9 +1077,9 @@
 
     /**
      * Returns the maximum value for the given calendar field of this
-     * <code>GregorianCalendar</code> instance. The maximum value is
-     * defined as the largest value returned by the {@link
-     * Calendar#get(int) get} method for any possible time value,
+     * {@code GregorianCalendar} instance. The maximum value is
+     * defined as the largest value returned by the
+     * {@link Calendar#get(int) get} method for any possible time value,
      * taking into consideration the current values of the
      * {@link Calendar#getFirstDayOfWeek() getFirstDayOfWeek},
      * {@link Calendar#getMinimalDaysInFirstWeek() getMinimalDaysInFirstWeek},
@@ -1108,7 +1108,7 @@
 
     /**
      * Returns the highest minimum value for the given calendar field
-     * of this <code>GregorianCalendar</code> instance. The highest
+     * of this {@code GregorianCalendar} instance. The highest
      * minimum value is defined as the largest value returned by
      * {@link #getActualMinimum(int)} for any possible time value,
      * taking into consideration the current values of the
@@ -1130,7 +1130,7 @@
 
     /**
      * Returns the lowest maximum value for the given calendar field
-     * of this <code>GregorianCalendar</code> instance. The lowest
+     * of this {@code GregorianCalendar} instance. The lowest
      * maximum value is defined as the smallest value returned by
      * {@link #getActualMaximum(int)} for any possible time value,
      * taking into consideration the current values of the
@@ -1166,7 +1166,7 @@
      *
      * @param field the calendar field
      * @return the minimum of the given field for the time value of
-     * this <code>JapaneseImperialCalendar</code>
+     * this {@code JapaneseImperialCalendar}
      * @see #getMinimum(int)
      * @see #getMaximum(int)
      * @see #getGreatestMinimum(int)
@@ -1269,13 +1269,13 @@
      * and
      * {@link Calendar#getTimeZone() getTimeZone} methods.
      * For example, if the date of this instance is Heisei 16February 1,
-     * the actual maximum value of the <code>DAY_OF_MONTH</code> field
+     * the actual maximum value of the {@code DAY_OF_MONTH} field
      * is 29 because Heisei 16 is a leap year, and if the date of this
      * instance is Heisei 17 February 1, it's 28.
      *
      * @param field the calendar field
      * @return the maximum of the given field for the time value of
-     * this <code>JapaneseImperialCalendar</code>
+     * this {@code JapaneseImperialCalendar}
      * @see #getMinimum(int)
      * @see #getMaximum(int)
      * @see #getGreatestMinimum(int)
@@ -1558,7 +1558,7 @@
      * href="Calendar.html#Epoch">Epoch</a>) to calendar field values.
      * The time is <em>not</em>
      * recomputed first; to recompute the time, then the fields, call the
-     * <code>complete</code> method.
+     * {@code complete} method.
      *
      * @see Calendar#complete
      */
--- a/jdk/src/java.base/share/classes/java/util/concurrent/ForkJoinPool.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/java/util/concurrent/ForkJoinPool.java	Thu Apr 30 17:20:49 2015 -0700
@@ -2411,7 +2411,7 @@
                 int j = ((am & s) << ASHIFT) + ABASE;
                 U.putOrderedObject(a, j, task);
                 U.putOrderedInt(q, QTOP, s + 1);
-                U.putOrderedInt(q, QLOCK, 0);
+                U.putIntVolatile(q, QLOCK, 0);
                 if (n <= 1)
                     signalWork(ws, q);
                 return;
--- a/jdk/src/java.base/share/classes/java/util/spi/LocaleServiceProvider.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/java/util/spi/LocaleServiceProvider.java	Thu Apr 30 17:20:49 2015 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2015, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -140,11 +140,24 @@
  */
 public abstract class LocaleServiceProvider {
 
+    private static Void checkPermission() {
+        SecurityManager sm = System.getSecurityManager();
+        if (sm != null) {
+            sm.checkPermission(new RuntimePermission("localeServiceProvider"));
+        }
+        return null;
+    }
+    private LocaleServiceProvider(Void ignore) { }
+
     /**
-     * Sole constructor.  (For invocation by subclass constructors, typically
-     * implicit.)
+     * Initializes a new locale service provider.
+     *
+     * @throws  SecurityException
+     *          If a security manager has been installed and it denies
+     *          {@link RuntimePermission RuntimePermission("localeServiceProvider")}
      */
     protected LocaleServiceProvider() {
+        this(checkPermission());
     }
 
     /**
--- a/jdk/src/java.base/share/classes/javax/crypto/JceSecurity.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/javax/crypto/JceSecurity.java	Thu Apr 30 17:20:49 2015 -0700
@@ -76,7 +76,7 @@
     static {
         try {
             AccessController.doPrivileged(
-                new PrivilegedExceptionAction<Void> () {
+                new PrivilegedExceptionAction<> () {
                     @Override
                     public Void run() throws Exception {
                         setupJurisdictionPolicies();
@@ -225,7 +225,7 @@
             URL url = codeBaseCacheRef.get(clazz);
             if (url == null) {
                 url = AccessController.doPrivileged(
-                    new PrivilegedAction<URL>() {
+                    new PrivilegedAction<>() {
                         @Override
                         public URL run() {
                             ProtectionDomain pd = clazz.getProtectionDomain();
--- a/jdk/src/java.base/share/classes/javax/crypto/JceSecurityManager.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/javax/crypto/JceSecurityManager.java	Thu Apr 30 17:20:49 2015 -0700
@@ -66,7 +66,7 @@
         exemptPolicy = JceSecurity.getExemptPolicy();
         allPerm = CryptoAllPermission.INSTANCE;
         INSTANCE = AccessController.doPrivileged(
-                new PrivilegedAction<JceSecurityManager>() {
+                new PrivilegedAction<>() {
                     public JceSecurityManager run() {
                         return new JceSecurityManager();
                     }
--- a/jdk/src/java.base/share/classes/javax/net/ssl/KeyManagerFactory.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/javax/net/ssl/KeyManagerFactory.java	Thu Apr 30 17:20:49 2015 -0700
@@ -63,7 +63,7 @@
      */
     public final static String getDefaultAlgorithm() {
         String type;
-        type = AccessController.doPrivileged(new PrivilegedAction<String>() {
+        type = AccessController.doPrivileged(new PrivilegedAction<>() {
             @Override
             public String run() {
                 return Security.getProperty(
--- a/jdk/src/java.base/share/classes/javax/net/ssl/SSLSocketFactory.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/javax/net/ssl/SSLSocketFactory.java	Thu Apr 30 17:20:49 2015 -0700
@@ -126,7 +126,7 @@
     }
 
     static String getSecurityProperty(final String name) {
-        return AccessController.doPrivileged(new PrivilegedAction<String>() {
+        return AccessController.doPrivileged(new PrivilegedAction<>() {
             @Override
             public String run() {
                 String s = java.security.Security.getProperty(name);
--- a/jdk/src/java.base/share/classes/javax/net/ssl/TrustManagerFactory.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/javax/net/ssl/TrustManagerFactory.java	Thu Apr 30 17:20:49 2015 -0700
@@ -63,7 +63,7 @@
      */
     public final static String getDefaultAlgorithm() {
         String type;
-        type = AccessController.doPrivileged(new PrivilegedAction<String>() {
+        type = AccessController.doPrivileged(new PrivilegedAction<>() {
             @Override
             public String run() {
                 return Security.getProperty(
--- a/jdk/src/java.base/share/classes/javax/security/auth/Subject.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/javax/security/auth/Subject.java	Thu Apr 30 17:20:49 2015 -0700
@@ -154,11 +154,11 @@
     public Subject() {
 
         this.principals = Collections.synchronizedSet
-                        (new SecureSet<Principal>(this, PRINCIPAL_SET));
+                        (new SecureSet<>(this, PRINCIPAL_SET));
         this.pubCredentials = Collections.synchronizedSet
-                        (new SecureSet<Object>(this, PUB_CREDENTIAL_SET));
+                        (new SecureSet<>(this, PUB_CREDENTIAL_SET));
         this.privCredentials = Collections.synchronizedSet
-                        (new SecureSet<Object>(this, PRIV_CREDENTIAL_SET));
+                        (new SecureSet<>(this, PRIV_CREDENTIAL_SET));
     }
 
     /**
@@ -206,11 +206,11 @@
         collectionNullClean(pubCredentials);
         collectionNullClean(privCredentials);
 
-        this.principals = Collections.synchronizedSet(new SecureSet<Principal>
+        this.principals = Collections.synchronizedSet(new SecureSet<>
                                 (this, PRINCIPAL_SET, principals));
-        this.pubCredentials = Collections.synchronizedSet(new SecureSet<Object>
+        this.pubCredentials = Collections.synchronizedSet(new SecureSet<>
                                 (this, PUB_CREDENTIAL_SET, pubCredentials));
-        this.privCredentials = Collections.synchronizedSet(new SecureSet<Object>
+        this.privCredentials = Collections.synchronizedSet(new SecureSet<>
                                 (this, PRIV_CREDENTIAL_SET, privCredentials));
         this.readOnly = readOnly;
     }
@@ -292,7 +292,7 @@
 
         // return the Subject from the DomainCombiner of the provided context
         return AccessController.doPrivileged
-            (new java.security.PrivilegedAction<Subject>() {
+            (new java.security.PrivilegedAction<>() {
             public Subject run() {
                 DomainCombiner dc = acc.getDomainCombiner();
                 if (!(dc instanceof SubjectDomainCombiner)) {
@@ -555,7 +555,7 @@
 
 
         return java.security.AccessController.doPrivileged
-            (new java.security.PrivilegedAction<AccessControlContext>() {
+            (new java.security.PrivilegedAction<>() {
             public AccessControlContext run() {
                 if (subject == null) {
                     return new AccessControlContext(acc, null);
@@ -801,7 +801,7 @@
             Set<Principal> thatPrincipals;
             synchronized(that.principals) {
                 // avoid deadlock from dual locks
-                thatPrincipals = new HashSet<Principal>(that.principals);
+                thatPrincipals = new HashSet<>(that.principals);
             }
             if (!principals.equals(thatPrincipals)) {
                 return false;
@@ -810,7 +810,7 @@
             Set<Object> thatPubCredentials;
             synchronized(that.pubCredentials) {
                 // avoid deadlock from dual locks
-                thatPubCredentials = new HashSet<Object>(that.pubCredentials);
+                thatPubCredentials = new HashSet<>(that.pubCredentials);
             }
             if (!pubCredentials.equals(thatPubCredentials)) {
                 return false;
@@ -819,7 +819,7 @@
             Set<Object> thatPrivCredentials;
             synchronized(that.privCredentials) {
                 // avoid deadlock from dual locks
-                thatPrivCredentials = new HashSet<Object>(that.privCredentials);
+                thatPrivCredentials = new HashSet<>(that.privCredentials);
             }
             if (!privCredentials.equals(thatPrivCredentials)) {
                 return false;
@@ -970,21 +970,21 @@
 
         // Rewrap the principals into a SecureSet
         try {
-            principals = Collections.synchronizedSet(new SecureSet<Principal>
+            principals = Collections.synchronizedSet(new SecureSet<>
                                 (this, PRINCIPAL_SET, inputPrincs));
         } catch (NullPointerException npe) {
             // Sometimes people deserialize the principals set only.
             // Subject is not accessible, so just don't fail.
             principals = Collections.synchronizedSet
-                        (new SecureSet<Principal>(this, PRINCIPAL_SET));
+                        (new SecureSet<>(this, PRINCIPAL_SET));
         }
 
         // The Credential {@code Set} is not serialized, but we do not
         // want the default deserialization routine to set it to null.
         this.pubCredentials = Collections.synchronizedSet
-                        (new SecureSet<Object>(this, PUB_CREDENTIAL_SET));
+                        (new SecureSet<>(this, PUB_CREDENTIAL_SET));
         this.privCredentials = Collections.synchronizedSet
-                        (new SecureSet<Object>(this, PRIV_CREDENTIAL_SET));
+                        (new SecureSet<>(this, PRIV_CREDENTIAL_SET));
     }
 
     /**
@@ -1497,7 +1497,7 @@
                 Object next;
                 if (which == Subject.PRIV_CREDENTIAL_SET) {
                     next = java.security.AccessController.doPrivileged
-                        (new java.security.PrivilegedAction<Object>() {
+                        (new java.security.PrivilegedAction<>() {
                         public Object run() {
                             return iterator.next();
                         }
--- a/jdk/src/java.base/share/classes/javax/security/auth/login/Configuration.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/javax/security/auth/login/Configuration.java	Thu Apr 30 17:20:49 2015 -0700
@@ -229,7 +229,7 @@
             if (configuration == null) {
                 String config_class = null;
                 config_class = AccessController.doPrivileged
-                    (new PrivilegedAction<String>() {
+                    (new PrivilegedAction<>() {
                     public String run() {
                         return java.security.Security.getProperty
                                     ("login.configuration.provider");
@@ -242,7 +242,7 @@
                 try {
                     final String finalClass = config_class;
                     Configuration untrustedImpl = AccessController.doPrivileged(
-                            new PrivilegedExceptionAction<Configuration>() {
+                            new PrivilegedExceptionAction<>() {
                                 public Configuration run() throws ClassNotFoundException,
                                         InstantiationException,
                                         IllegalAccessException {
@@ -254,7 +254,7 @@
                                 }
                             });
                     AccessController.doPrivileged(
-                            new PrivilegedExceptionAction<Void>() {
+                            new PrivilegedExceptionAction<>() {
                                 public Void run() {
                                     setConfiguration(untrustedImpl);
                                     return null;
--- a/jdk/src/java.base/share/classes/javax/security/cert/X509Certificate.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/javax/security/cert/X509Certificate.java	Thu Apr 30 17:20:49 2015 -0700
@@ -142,7 +142,7 @@
 
     static {
         X509Provider = AccessController.doPrivileged(
-            new PrivilegedAction<String>() {
+            new PrivilegedAction<>() {
                 public String run() {
                     return Security.getProperty(X509_PROVIDER);
                 }
--- a/jdk/src/java.base/share/classes/jdk/net/NetworkPermission.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/jdk/net/NetworkPermission.java	Thu Apr 30 17:20:49 2015 -0700
@@ -33,7 +33,7 @@
  * name, but no actions list. Callers either possess the permission or not.
  * <p>
  * The following targets are defined:
- * <p>
+ *
  * <table border=1 cellpadding=5 summary="permission target name,
  *  what the target allows,and associated risks">
  * <tr>
--- a/jdk/src/java.base/share/classes/sun/security/pkcs/PKCS7.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/sun/security/pkcs/PKCS7.java	Thu Apr 30 17:20:49 2015 -0700
@@ -530,7 +530,7 @@
         // CRLs (optional)
         if (crls != null && crls.length != 0) {
             // cast to X509CRLImpl[] since X509CRLImpl implements DerEncoder
-            Set<X509CRLImpl> implCRLs = new HashSet<X509CRLImpl>(crls.length);
+            Set<X509CRLImpl> implCRLs = new HashSet<>(crls.length);
             for (X509CRL crl: crls) {
                 if (crl instanceof X509CRLImpl)
                     implCRLs.add((X509CRLImpl) crl);
@@ -590,7 +590,7 @@
     public SignerInfo[] verify(byte[] bytes)
     throws NoSuchAlgorithmException, SignatureException {
 
-        Vector<SignerInfo> intResult = new Vector<SignerInfo>();
+        Vector<SignerInfo> intResult = new Vector<>();
         for (int i = 0; i < signerInfos.length; i++) {
 
             SignerInfo signerInfo = verify(signerInfos[i], bytes);
--- a/jdk/src/java.base/share/classes/sun/security/pkcs/PKCS9Attributes.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/sun/security/pkcs/PKCS9Attributes.java	Thu Apr 30 17:20:49 2015 -0700
@@ -85,8 +85,7 @@
                            DerInputStream in) throws IOException {
         if (permittedAttributes != null) {
             this.permittedAttributes =
-                new Hashtable<ObjectIdentifier, ObjectIdentifier>(
-                                                permittedAttributes.length);
+                new Hashtable<>(permittedAttributes.length);
 
             for (int i = 0; i < permittedAttributes.length; i++)
                 this.permittedAttributes.put(permittedAttributes[i],
--- a/jdk/src/java.base/share/classes/sun/security/pkcs/SignerInfo.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/sun/security/pkcs/SignerInfo.java	Thu Apr 30 17:20:49 2015 -0700
@@ -237,7 +237,7 @@
         if (userCert == null)
             return null;
 
-        ArrayList<X509Certificate> certList = new ArrayList<X509Certificate>();
+        ArrayList<X509Certificate> certList = new ArrayList<>();
         certList.add(userCert);
 
         X509Certificate[] pkcsCerts = block.getCertificates();
--- a/jdk/src/java.base/share/classes/sun/security/provider/SeedGenerator.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/sun/security/provider/SeedGenerator.java	Thu Apr 30 17:20:49 2015 -0700
@@ -165,7 +165,7 @@
         md.update(b);
 
         java.security.AccessController.doPrivileged
-            (new java.security.PrivilegedAction<Void>() {
+            (new java.security.PrivilegedAction<>() {
                 @Override
                 public Void run() {
                     try {
@@ -295,7 +295,7 @@
 
             final ThreadGroup[] finalsg = new ThreadGroup[1];
             Thread t = java.security.AccessController.doPrivileged
-                (new java.security.PrivilegedAction<Thread>() {
+                (new java.security.PrivilegedAction<>() {
                         @Override
                         public Thread run() {
                             ThreadGroup parent, group =
@@ -501,7 +501,7 @@
             final URL device = new URL(deviceName);
             try {
                 seedStream = java.security.AccessController.doPrivileged
-                    (new java.security.PrivilegedExceptionAction<InputStream>() {
+                    (new java.security.PrivilegedExceptionAction<>() {
                         @Override
                         public InputStream run() throws IOException {
                             /*
--- a/jdk/src/java.base/share/classes/sun/security/ssl/SunJSSE.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/sun/security/ssl/SunJSSE.java	Thu Apr 30 17:20:49 2015 -0700
@@ -148,7 +148,7 @@
     }
 
     private void registerAlgorithms(final boolean isfips) {
-        AccessController.doPrivileged(new PrivilegedAction<Object>() {
+        AccessController.doPrivileged(new PrivilegedAction<>() {
             @Override
             public Object run() {
                 doRegister(isfips);
--- a/jdk/src/java.base/share/classes/sun/security/util/DerInputStream.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/sun/security/util/DerInputStream.java	Thu Apr 30 17:20:49 2015 -0700
@@ -394,7 +394,7 @@
         /*
          * Pull values out of the stream.
          */
-        Vector<DerValue> vec = new Vector<DerValue>(startLen);
+        Vector<DerValue> vec = new Vector<>(startLen);
         DerValue value;
 
         do {
--- a/jdk/src/java.base/share/classes/sun/security/util/ManifestDigester.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/sun/security/util/ManifestDigester.java	Thu Apr 30 17:20:49 2015 -0700
@@ -110,7 +110,7 @@
     public ManifestDigester(byte bytes[])
     {
         rawBytes = bytes;
-        entries = new HashMap<String, Entry>();
+        entries = new HashMap<>();
 
         ByteArrayOutputStream baos = new ByteArrayOutputStream();
 
--- a/jdk/src/java.base/share/classes/sun/security/util/ManifestEntryVerifier.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/sun/security/util/ManifestEntryVerifier.java	Thu Apr 30 17:20:49 2015 -0700
@@ -77,9 +77,9 @@
      */
     public ManifestEntryVerifier(Manifest man)
     {
-        createdDigests = new HashMap<String, MessageDigest>(11);
-        digests = new ArrayList<MessageDigest>();
-        manifestHashes = new ArrayList<byte[]>();
+        createdDigests = new HashMap<>(11);
+        digests = new ArrayList<>();
+        manifestHashes = new ArrayList<>();
         this.man = man;
     }
 
--- a/jdk/src/java.base/share/classes/sun/security/util/SignatureFileVerifier.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/sun/security/util/SignatureFileVerifier.java	Thu Apr 30 17:20:49 2015 -0700
@@ -203,7 +203,7 @@
     private MessageDigest getDigest(String algorithm)
     {
         if (createdDigests == null)
-            createdDigests = new HashMap<String, MessageDigest>();
+            createdDigests = new HashMap<>();
 
         MessageDigest digest = createdDigests.get(algorithm);
 
@@ -523,7 +523,7 @@
             ArrayList<X509Certificate> chain = info.getCertificateChain(block);
             CertPath certChain = certificateFactory.generateCertPath(chain);
             if (signers == null) {
-                signers = new ArrayList<CodeSigner>();
+                signers = new ArrayList<>();
             }
             // Append the new code signer
             signers.add(new CodeSigner(certChain, info.getTimestamp()));
--- a/jdk/src/java.base/share/classes/sun/security/x509/AVA.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/sun/security/x509/AVA.java	Thu Apr 30 17:20:49 2015 -0700
@@ -307,7 +307,7 @@
         // doublequote.
         int c = readChar(in, "Quoted string did not end in quote");
 
-        List<Byte> embeddedHex = new ArrayList<Byte>();
+        List<Byte> embeddedHex = new ArrayList<>();
         boolean isPrintableString = true;
         while (c != '"') {
             if (c == '\\') {
--- a/jdk/src/java.base/share/classes/sun/security/x509/AlgorithmId.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/sun/security/x509/AlgorithmId.java	Thu Apr 30 17:20:49 2015 -0700
@@ -571,7 +571,7 @@
                             break;
                         }
                         if (oidTable == null) {
-                            oidTable = new HashMap<String,ObjectIdentifier>();
+                            oidTable = new HashMap<>();
                         }
                         oidString = alias.substring(index);
                         String stdAlgName = provs[i].getProperty(alias);
@@ -588,7 +588,7 @@
             }
 
             if (oidTable == null) {
-                oidTable = new HashMap<String,ObjectIdentifier>(1);
+                oidTable = new HashMap<>(1);
             }
             initOidTable = true;
         }
@@ -887,7 +887,7 @@
      */
         sha1WithDSA_oid = ObjectIdentifier.newInternal(dsaWithSHA1_PKIX_data);
 
-        nameTable = new HashMap<ObjectIdentifier,String>();
+        nameTable = new HashMap<>();
         nameTable.put(MD5_oid, "MD5");
         nameTable.put(MD2_oid, "MD2");
         nameTable.put(SHA_oid, "SHA-1");
--- a/jdk/src/java.base/share/classes/sun/security/x509/CertificatePolicySet.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/sun/security/x509/CertificatePolicySet.java	Thu Apr 30 17:20:49 2015 -0700
@@ -58,7 +58,7 @@
      * @exception IOException on decoding errors.
      */
     public CertificatePolicySet(DerInputStream in) throws IOException {
-        ids = new Vector<CertificatePolicyId>();
+        ids = new Vector<>();
         DerValue[] seq = in.getSequence(5);
 
         for (int i = 0; i < seq.length; i++) {
--- a/jdk/src/java.base/share/classes/sun/security/x509/GeneralSubtrees.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/sun/security/x509/GeneralSubtrees.java	Thu Apr 30 17:20:49 2015 -0700
@@ -59,11 +59,11 @@
      * The default constructor for the class.
      */
     public GeneralSubtrees() {
-        trees = new ArrayList<GeneralSubtree>();
+        trees = new ArrayList<>();
     }
 
     private GeneralSubtrees(GeneralSubtrees source) {
-        trees = new ArrayList<GeneralSubtree>(source.trees);
+        trees = new ArrayList<>(source.trees);
     }
 
     /**
--- a/jdk/src/java.base/share/classes/sun/security/x509/RDN.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/sun/security/x509/RDN.java	Thu Apr 30 17:20:49 2015 -0700
@@ -102,7 +102,7 @@
         int quoteCount = 0;
         int searchOffset = 0;
         int avaOffset = 0;
-        List<AVA> avaVec = new ArrayList<AVA>(3);
+        List<AVA> avaVec = new ArrayList<>(3);
         int nextPlus = name.indexOf('+');
         while (nextPlus >= 0) {
             quoteCount += X500Name.countQuotes(name, searchOffset, nextPlus);
@@ -182,7 +182,7 @@
         }
         int searchOffset = 0;
         int avaOffset = 0;
-        List<AVA> avaVec = new ArrayList<AVA>(3);
+        List<AVA> avaVec = new ArrayList<>(3);
         int nextPlus = name.indexOf('+');
         while (nextPlus >= 0) {
             /*
@@ -453,7 +453,7 @@
         } else {
             // order the string type AVA's alphabetically,
             // followed by the oid type AVA's numerically
-            List<AVA> avaList = new ArrayList<AVA>(assertion.length);
+            List<AVA> avaList = new ArrayList<>(assertion.length);
             for (int i = 0; i < assertion.length; i++) {
                 avaList.add(assertion[i]);
             }
--- a/jdk/src/java.base/share/classes/sun/security/x509/X500Name.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/sun/security/x509/X500Name.java	Thu Apr 30 17:20:49 2015 -0700
@@ -342,7 +342,7 @@
     public List<AVA> allAvas() {
         List<AVA> list = allAvaList;
         if (list == null) {
-            list = new ArrayList<AVA>();
+            list = new ArrayList<>();
             for (int i = 0; i < names.length; i++) {
                 list.addAll(names[i].avas());
             }
@@ -1382,7 +1382,7 @@
      */
     static {
         PrivilegedExceptionAction<Object[]> pa =
-                new PrivilegedExceptionAction<Object[]>() {
+                new PrivilegedExceptionAction<>() {
             public Object[] run() throws Exception {
                 Class<X500Principal> pClass = X500Principal.class;
                 Class<?>[] args = new Class<?>[] { X500Name.class };
--- a/jdk/src/java.base/share/classes/sun/util/locale/provider/AuxLocaleProviderAdapter.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/sun/util/locale/provider/AuxLocaleProviderAdapter.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,8 @@
 
 package sun.util.locale.provider;
 
+import java.security.AccessController;
+import java.security.PrivilegedAction;
 import java.text.spi.BreakIteratorProvider;
 import java.text.spi.CollatorProvider;
 import java.text.spi.DateFormatProvider;
@@ -177,7 +179,9 @@
      * A dummy locale service provider that indicates there is no
      * provider available
      */
-    private static final NullProvider NULL_PROVIDER = new NullProvider();
+    private static final NullProvider NULL_PROVIDER = AccessController.doPrivileged(
+        (PrivilegedAction<NullProvider>) () -> new NullProvider());
+
     private static class NullProvider extends LocaleServiceProvider {
         @Override
         public Locale[] getAvailableLocales() {
--- a/jdk/src/java.base/share/classes/sun/util/locale/provider/JRELocaleProviderAdapter.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/share/classes/sun/util/locale/provider/JRELocaleProviderAdapter.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,7 +26,7 @@
 package sun.util.locale.provider;
 
 import java.security.AccessController;
-import java.security.PrivilegedActionException;
+import java.security.PrivilegedAction;
 import java.security.PrivilegedExceptionAction;
 import java.text.spi.BreakIteratorProvider;
 import java.text.spi.CollatorProvider;
@@ -133,8 +133,12 @@
     @Override
     public BreakIteratorProvider getBreakIteratorProvider() {
         if (breakIteratorProvider == null) {
-            BreakIteratorProvider provider = new BreakIteratorProviderImpl(getAdapterType(),
-                                                            getLanguageTagSet("FormatData"));
+            BreakIteratorProvider provider = AccessController.doPrivileged(
+                (PrivilegedAction<BreakIteratorProvider>) () ->
+                    new BreakIteratorProviderImpl(
+                        getAdapterType(),
+                        getLanguageTagSet("FormatData")));
+
             synchronized (this) {
                 if (breakIteratorProvider == null) {
                     breakIteratorProvider = provider;
@@ -147,8 +151,12 @@
     @Override
     public CollatorProvider getCollatorProvider() {
         if (collatorProvider == null) {
-            CollatorProvider provider = new CollatorProviderImpl(getAdapterType(),
-                                                getLanguageTagSet("CollationData"));
+            CollatorProvider provider = AccessController.doPrivileged(
+                (PrivilegedAction<CollatorProvider>) () ->
+                    new CollatorProviderImpl(
+                        getAdapterType(),
+                        getLanguageTagSet("CollationData")));
+
             synchronized (this) {
                 if (collatorProvider == null) {
                     collatorProvider = provider;
@@ -161,8 +169,12 @@
     @Override
     public DateFormatProvider getDateFormatProvider() {
         if (dateFormatProvider == null) {
-            DateFormatProvider provider = new DateFormatProviderImpl(getAdapterType(),
-                                                    getLanguageTagSet("FormatData"));
+            DateFormatProvider provider = AccessController.doPrivileged(
+                (PrivilegedAction<DateFormatProvider>) () ->
+                    new DateFormatProviderImpl(
+                        getAdapterType(),
+                        getLanguageTagSet("FormatData")));
+
             synchronized (this) {
                 if (dateFormatProvider == null) {
                     dateFormatProvider = provider;
@@ -175,8 +187,12 @@
     @Override
     public DateFormatSymbolsProvider getDateFormatSymbolsProvider() {
         if (dateFormatSymbolsProvider == null) {
-            DateFormatSymbolsProvider provider = new DateFormatSymbolsProviderImpl(getAdapterType(),
-                                                                getLanguageTagSet("FormatData"));
+            DateFormatSymbolsProvider provider = AccessController.doPrivileged(
+                (PrivilegedAction<DateFormatSymbolsProvider>) () ->
+                    new DateFormatSymbolsProviderImpl(
+                        getAdapterType(),
+                        getLanguageTagSet("FormatData")));
+
             synchronized (this) {
                 if (dateFormatSymbolsProvider == null) {
                     dateFormatSymbolsProvider = provider;
@@ -189,7 +205,12 @@
     @Override
     public DecimalFormatSymbolsProvider getDecimalFormatSymbolsProvider() {
         if (decimalFormatSymbolsProvider == null) {
-            DecimalFormatSymbolsProvider provider = new DecimalFormatSymbolsProviderImpl(getAdapterType(), getLanguageTagSet("FormatData"));
+            DecimalFormatSymbolsProvider provider = AccessController.doPrivileged(
+                (PrivilegedAction<DecimalFormatSymbolsProvider>) () ->
+                    new DecimalFormatSymbolsProviderImpl(
+                        getAdapterType(),
+                        getLanguageTagSet("FormatData")));
+
             synchronized (this) {
                 if (decimalFormatSymbolsProvider == null) {
                     decimalFormatSymbolsProvider = provider;
@@ -202,8 +223,12 @@
     @Override
     public NumberFormatProvider getNumberFormatProvider() {
         if (numberFormatProvider == null) {
-            NumberFormatProvider provider = new NumberFormatProviderImpl(getAdapterType(),
-                                                        getLanguageTagSet("FormatData"));
+            NumberFormatProvider provider = AccessController.doPrivileged(
+                (PrivilegedAction<NumberFormatProvider>) () ->
+                    new NumberFormatProviderImpl(
+                        getAdapterType(),
+                        getLanguageTagSet("FormatData")));
+
             synchronized (this) {
                 if (numberFormatProvider == null) {
                     numberFormatProvider = provider;
@@ -219,8 +244,12 @@
     @Override
     public CurrencyNameProvider getCurrencyNameProvider() {
         if (currencyNameProvider == null) {
-            CurrencyNameProvider provider = new CurrencyNameProviderImpl(getAdapterType(),
-                                            getLanguageTagSet("CurrencyNames"));
+            CurrencyNameProvider provider = AccessController.doPrivileged(
+                (PrivilegedAction<CurrencyNameProvider>) () ->
+                    new CurrencyNameProviderImpl(
+                        getAdapterType(),
+                        getLanguageTagSet("CurrencyNames")));
+
             synchronized (this) {
                 if (currencyNameProvider == null) {
                     currencyNameProvider = provider;
@@ -233,8 +262,12 @@
     @Override
     public LocaleNameProvider getLocaleNameProvider() {
         if (localeNameProvider == null) {
-            LocaleNameProvider provider = new LocaleNameProviderImpl(getAdapterType(),
-                                                    getLanguageTagSet("LocaleNames"));
+            LocaleNameProvider provider = AccessController.doPrivileged(
+                (PrivilegedAction<LocaleNameProvider>) () ->
+                    new LocaleNameProviderImpl(
+                        getAdapterType(),
+                        getLanguageTagSet("LocaleNames")));
+
             synchronized (this) {
                 if (localeNameProvider == null) {
                     localeNameProvider = provider;
@@ -247,8 +280,12 @@
     @Override
     public TimeZoneNameProvider getTimeZoneNameProvider() {
         if (timeZoneNameProvider == null) {
-            TimeZoneNameProvider provider = new TimeZoneNameProviderImpl(getAdapterType(),
-                                                    getLanguageTagSet("TimeZoneNames"));
+            TimeZoneNameProvider provider = AccessController.doPrivileged(
+                (PrivilegedAction<TimeZoneNameProvider>) () ->
+                    new TimeZoneNameProviderImpl(
+                        getAdapterType(),
+                        getLanguageTagSet("TimeZoneNames")));
+
             synchronized (this) {
                 if (timeZoneNameProvider == null) {
                     timeZoneNameProvider = provider;
@@ -261,9 +298,12 @@
     @Override
     public CalendarDataProvider getCalendarDataProvider() {
         if (calendarDataProvider == null) {
-            CalendarDataProvider provider;
-            provider = new CalendarDataProviderImpl(getAdapterType(),
-                                                    getLanguageTagSet("CalendarData"));
+            CalendarDataProvider provider = AccessController.doPrivileged(
+                (PrivilegedAction<CalendarDataProvider>) () ->
+                    new CalendarDataProviderImpl(
+                        getAdapterType(),
+                        getLanguageTagSet("CalendarData")));
+
             synchronized (this) {
                 if (calendarDataProvider == null) {
                     calendarDataProvider = provider;
@@ -276,9 +316,12 @@
     @Override
     public CalendarNameProvider getCalendarNameProvider() {
         if (calendarNameProvider == null) {
-            CalendarNameProvider provider;
-            provider = new CalendarNameProviderImpl(getAdapterType(),
-                                                    getLanguageTagSet("FormatData"));
+            CalendarNameProvider provider = AccessController.doPrivileged(
+                (PrivilegedAction<CalendarNameProvider>) () ->
+                    new CalendarNameProviderImpl(
+                        getAdapterType(),
+                        getLanguageTagSet("FormatData")));
+
             synchronized (this) {
                 if (calendarNameProvider == null) {
                     calendarNameProvider = provider;
@@ -294,8 +337,12 @@
     @Override
     public CalendarProvider getCalendarProvider() {
         if (calendarProvider == null) {
-            CalendarProvider provider = new CalendarProviderImpl(getAdapterType(),
-                                                    getLanguageTagSet("CalendarData"));
+            CalendarProvider provider = AccessController.doPrivileged(
+                (PrivilegedAction<CalendarProvider>) () ->
+                    new CalendarProviderImpl(
+                        getAdapterType(),
+                        getLanguageTagSet("CalendarData")));
+
             synchronized (this) {
                 if (calendarProvider == null) {
                     calendarProvider = provider;
@@ -319,6 +366,7 @@
     }
 
     // ResourceBundleBasedAdapter method implementation
+
     @Override
     public LocaleData getLocaleData() {
         if (localeData == null) {
@@ -449,4 +497,4 @@
         }
         return locales;
     }
-                            }
+}
--- a/jdk/src/java.base/unix/classes/sun/security/provider/NativePRNG.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.base/unix/classes/sun/security/provider/NativePRNG.java	Thu Apr 30 17:20:49 2015 -0700
@@ -125,7 +125,7 @@
      */
     private static RandomIO initIO(final Variant v) {
         return AccessController.doPrivileged(
-            new PrivilegedAction<RandomIO>() {
+            new PrivilegedAction<>() {
                 @Override
                 public RandomIO run() {
 
@@ -440,7 +440,7 @@
                 if (seedOutInitialized == false) {
                     seedOutInitialized = true;
                     seedOut = AccessController.doPrivileged(
-                            new PrivilegedAction<OutputStream>() {
+                            new PrivilegedAction<>() {
                         @Override
                         public OutputStream run() {
                             try {
--- a/jdk/src/java.management/share/classes/com/sun/management/DiagnosticCommandMBean.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.management/share/classes/com/sun/management/DiagnosticCommandMBean.java	Thu Apr 30 17:20:49 2015 -0700
@@ -93,7 +93,7 @@
  *      returns the diagnostic command description
  *      (the same as the one return in the 'help' command)</li>
  *  <li>{@link javax.management.MBeanOperationInfo#getImpact() getImpact()}
- *      returns <code>ACTION_INFO</code></li>
+ *      returns {@code ACTION_INFO}</li>
  *  <li>{@link javax.management.MBeanOperationInfo#getReturnType() getReturnType()}
  *      returns {@code java.lang.String}</li>
  *  <li>{@link javax.management.MBeanOperationInfo#getDescriptor() getDescriptor()}
@@ -105,7 +105,6 @@
  * meta-data for a JMX element. A field is a name and an associated value.
  * The additional meta-data provided for an operation associated with a
  * diagnostic command are described in the table below:
- * <p>
  *
  * <table border="1" cellpadding="5">
  *   <tr>
@@ -161,7 +160,6 @@
  *          arguments supported by the diagnostic command (see below)</td>
  *   </tr>
  * </table>
- * <p>
  *
  * <p>The description of parameters (options or arguments) of a diagnostic
  * command is provided within a Descriptor instance. In this Descriptor,
--- a/jdk/src/java.management/share/classes/com/sun/management/GarbageCollectionNotificationInfo.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.management/share/classes/com/sun/management/GarbageCollectionNotificationInfo.java	Thu Apr 30 17:20:49 2015 -0700
@@ -41,14 +41,14 @@
  * when the Java virtual machine completes a garbage collection action
  * The notification emitted will contain the garbage collection notification
  * information about the status of the memory:
- * <u1>
+ * <ul>
  *   <li>The name of the garbage collector used to perform the collection.</li>
  *   <li>The action performed by the garbage collector.</li>
  *   <li>The cause of the garbage collection action.</li>
  *   <li>A {@link GcInfo} object containing some statistics about the GC cycle
           (start time, end time) and the memory usage before and after
           the GC cycle.</li>
- * </u1>
+ * </ul>
  *
  * <p>
  * A {@link CompositeData CompositeData} representing
@@ -81,7 +81,7 @@
  *   <li>A {@linkplain #GARBAGE_COLLECTION_NOTIFICATION garbage collection notification}.
  *       <br>Used by every notification emitted by the garbage collector, the details about
  *             the notification are provided in the {@linkplain #getGcAction action} String
- *       <p></li>
+ *       </li>
  * </ul>
  **/
 
--- a/jdk/src/java.management/share/classes/com/sun/management/GcInfo.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.management/share/classes/com/sun/management/GcInfo.java	Thu Apr 30 17:20:49 2015 -0700
@@ -52,13 +52,13 @@
  * </blockquote>
  *
  * <p>
- * <tt>GcInfo</tt> is a {@link CompositeData CompositeData}
+ * {@code GcInfo} is a {@link CompositeData CompositeData}
  * The GC-specific attributes can be obtained via the CompositeData
  * interface.  This is a historical relic, and other classes should
  * not copy this pattern.  Use {@link CompositeDataView} instead.
  *
  * <h4>MXBean Mapping</h4>
- * <tt>GcInfo</tt> is mapped to a {@link CompositeData CompositeData}
+ * {@code GcInfo} is mapped to a {@link CompositeData CompositeData}
  * with attributes as specified in the {@link #from from} method.
  *
  * @author  Mandy Chung
@@ -152,11 +152,11 @@
      * Returns the memory usage of all memory pools
      * at the beginning of this GC.
      * This method returns
-     * a <tt>Map</tt> of the name of a memory pool
+     * a {@code Map} of the name of a memory pool
      * to the memory usage of the corresponding
      * memory pool before GC starts.
      *
-     * @return a <tt>Map</tt> of memory pool names to the memory
+     * @return a {@code Map} of memory pool names to the memory
      * usage of a memory pool before GC starts.
      */
     public Map<String, MemoryUsage> getMemoryUsageBeforeGc() {
@@ -167,11 +167,11 @@
      * Returns the memory usage of all memory pools
      * at the end of this GC.
      * This method returns
-     * a <tt>Map</tt> of the name of a memory pool
+     * a {@code Map} of the name of a memory pool
      * to the memory usage of the corresponding
      * memory pool when GC finishes.
      *
-     * @return a <tt>Map</tt> of memory pool names to the memory
+     * @return a {@code Map} of memory pool names to the memory
      * usage of a memory pool when GC finishes.
      */
     public Map<String, MemoryUsage> getMemoryUsageAfterGc() {
@@ -179,12 +179,11 @@
     }
 
    /**
-     * Returns a <tt>GcInfo</tt> object represented by the
-     * given <tt>CompositeData</tt>. The given
-     * <tt>CompositeData</tt> must contain
+     * Returns a {@code GcInfo} object represented by the
+     * given {@code CompositeData}. The given
+     * {@code CompositeData} must contain
      * all the following attributes:
      *
-     * <p>
      * <blockquote>
      * <table border>
      * <tr>
@@ -193,33 +192,33 @@
      * </tr>
      * <tr>
      *   <td>index</td>
-     *   <td><tt>java.lang.Long</tt></td>
+     *   <td>{@code java.lang.Long}</td>
      * </tr>
      * <tr>
      *   <td>startTime</td>
-     *   <td><tt>java.lang.Long</tt></td>
+     *   <td>{@code java.lang.Long}</td>
      * </tr>
      * <tr>
      *   <td>endTime</td>
-     *   <td><tt>java.lang.Long</tt></td>
+     *   <td>{@code java.lang.Long}</td>
      * </tr>
      * <tr>
      *   <td>memoryUsageBeforeGc</td>
-     *   <td><tt>javax.management.openmbean.TabularData</tt></td>
+     *   <td>{@code javax.management.openmbean.TabularData}</td>
      * </tr>
      * <tr>
      *   <td>memoryUsageAfterGc</td>
-     *   <td><tt>javax.management.openmbean.TabularData</tt></td>
+     *   <td>{@code javax.management.openmbean.TabularData}</td>
      * </tr>
      * </table>
      * </blockquote>
      *
-     * @throws IllegalArgumentException if <tt>cd</tt> does not
-     *   represent a <tt>GcInfo</tt> object with the attributes
+     * @throws IllegalArgumentException if {@code cd} does not
+     *   represent a {@code GcInfo} object with the attributes
      *   described above.
      *
-     * @return a <tt>GcInfo</tt> object represented by <tt>cd</tt>
-     * if <tt>cd</tt> is not <tt>null</tt>; <tt>null</tt> otherwise.
+     * @return a {@code GcInfo} object represented by {@code cd}
+     * if {@code cd} is not {@code null}; {@code null} otherwise.
      */
     public static GcInfo from(CompositeData cd) {
         if (cd == null) {
@@ -272,7 +271,7 @@
     }
 
     /**
-     * <p>Return the {@code CompositeData} representation of this
+     * Return the {@code CompositeData} representation of this
      * {@code GcInfo}, including any GC-specific attributes.  The
      * returned value will have at least all the attributes described
      * in the {@link #from(CompositeData) from} method, plus optionally
--- a/jdk/src/java.management/share/classes/com/sun/management/VMOption.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.management/share/classes/com/sun/management/VMOption.java	Thu Apr 30 17:20:49 2015 -0700
@@ -42,10 +42,10 @@
  * be set dynamically via a management interface after
  * the VM was started.
  *
- * A <tt>VMOption</tt> contains the value of a VM option
- * and the origin of that value at the time this <tt>VMOption</tt>
+ * A {@code VMOption} contains the value of a VM option
+ * and the origin of that value at the time this {@code VMOption}
  * object was constructed.  The value of the VM option
- * may be changed after the <tt>VMOption</tt> object was constructed,
+ * may be changed after the {@code VMOption} object was constructed,
  *
  * @see <a href="{@docRoot}/../../../../technotes/guides/vm/index.html">
  *         Java Virtual Machine</a>
@@ -108,15 +108,15 @@
     }
 
     /**
-     * Constructs a <tt>VMOption</tt>.
+     * Constructs a {@code VMOption}.
      *
      * @param name Name of a VM option.
      * @param value Value of a VM option.
-     * @param writeable <tt>true</tt> if a VM option can be set dynamically,
-     *                  or <tt>false</tt> otherwise.
+     * @param writeable {@code true} if a VM option can be set dynamically,
+     *                  or {@code false} otherwise.
      * @param origin where the value of a VM option came from.
      *
-     * @throws NullPointerException if the name or value is <tt>null</tt>
+     * @throws NullPointerException if the name or value is {@code null}
      */
     public VMOption(String name, String value, boolean writeable, Origin origin) {
         this.name = name;
@@ -126,7 +126,7 @@
     }
 
     /**
-     * Constructs a <tt>VMOption</tt> object from a
+     * Constructs a {@code VMOption} object from a
      * {@link CompositeData CompositeData}.
      */
     private VMOption(CompositeData cd) {
@@ -150,10 +150,10 @@
 
     /**
      * Returns the value of this VM option at the time when
-     * this <tt>VMOption</tt> was created. The value could have been changed.
+     * this {@code VMOption} was created. The value could have been changed.
      *
      * @return the value of the VM option at the time when
-     *         this <tt>VMOption</tt> was created.
+     *         this {@code VMOption} was created.
      */
     public String getValue() {
         return value;
@@ -174,7 +174,7 @@
      * it can be set by the {@link HotSpotDiagnosticMXBean#setVMOption
      * HotSpotDiagnosticMXBean.setVMOption} method.
      *
-     * @return <tt>true</tt> if this VM option is writeable; <tt>false</tt>
+     * @return {@code true} if this VM option is writeable; {@code false}
      * otherwise.
      */
     public boolean isWriteable() {
@@ -189,10 +189,10 @@
     }
 
     /**
-     * Returns a <tt>VMOption</tt> object represented by the
-     * given <tt>CompositeData</tt>. The given <tt>CompositeData</tt>
+     * Returns a {@code VMOption} object represented by the
+     * given {@code CompositeData}. The given {@code CompositeData}
      * must contain the following attributes:
-     * <p>
+     *
      * <blockquote>
      * <table border>
      * <tr>
@@ -201,32 +201,32 @@
      * </tr>
      * <tr>
      *   <td>name</td>
-     *   <td><tt>java.lang.String</tt></td>
+     *   <td>{@code java.lang.String}</td>
      * </tr>
      * <tr>
      *   <td>value</td>
-     *   <td><tt>java.lang.String</tt></td>
+     *   <td>{@code java.lang.String}</td>
      * </tr>
      * <tr>
      *   <td>origin</td>
-     *   <td><tt>java.lang.String</tt></td>
+     *   <td>{@code java.lang.String}</td>
      * </tr>
      * <tr>
      *   <td>writeable</td>
-     *   <td><tt>java.lang.Boolean</tt></td>
+     *   <td>{@code java.lang.Boolean}</td>
      * </tr>
      * </table>
      * </blockquote>
      *
-     * @param cd <tt>CompositeData</tt> representing a <tt>VMOption</tt>
+     * @param cd {@code CompositeData} representing a {@code VMOption}
      *
-     * @throws IllegalArgumentException if <tt>cd</tt> does not
-     *   represent a <tt>VMOption</tt> with the attributes described
+     * @throws IllegalArgumentException if {@code cd} does not
+     *   represent a {@code VMOption} with the attributes described
      *   above.
      *
-     * @return a <tt>VMOption</tt> object represented by <tt>cd</tt>
-     *         if <tt>cd</tt> is not <tt>null</tt>;
-     *         <tt>null</tt> otherwise.
+     * @return a {@code VMOption} object represented by {@code cd}
+     *         if {@code cd} is not {@code null};
+     *         {@code null} otherwise.
      */
     public static VMOption from(CompositeData cd) {
         if (cd == null) {
--- a/jdk/src/java.prefs/share/classes/java/util/prefs/AbstractPreferences.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.prefs/share/classes/java/util/prefs/AbstractPreferences.java	Thu Apr 30 17:20:49 2015 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -78,10 +78,9 @@
  * under which these calls cannot even enqueue the requested operation for
  * later processing.  Even under these circumstances it is generally better to
  * simply ignore the invocation and return, rather than throwing an
- * exception.  Under these circumstances, however, all subsequent invocations
- * of <tt>flush()</tt> and <tt>sync</tt> should return <tt>false</tt>, as
- * returning <tt>true</tt> would imply that all previous operations had
- * successfully been made permanent.
+ * exception.  Under these circumstances, however, subsequently invoking
+ * <tt>flush()</tt> or <tt>sync</tt> would not imply that all previous
+ * operations had successfully been made permanent.
  *
  * <p>There is one circumstance under which <tt>putSpi, removeSpi and
  * childSpi</tt> <i>should</i> throw an exception: if the caller lacks
@@ -123,6 +122,13 @@
  */
 public abstract class AbstractPreferences extends Preferences {
     /**
+     * The code point U+0000, assigned to the null control character, is the
+     * only character encoded in Unicode and ISO/IEC 10646 that is always
+     * invalid in any XML 1.0 and 1.1 document.
+     */
+    static final int CODE_POINT_U0000 = '\u0000';
+
+    /**
      * Our name relative to parent.
      */
     private final String name;
@@ -234,6 +240,8 @@
      * @throws IllegalArgumentException if <tt>key.length()</tt> exceeds
      *       <tt>MAX_KEY_LENGTH</tt> or if <tt>value.length</tt> exceeds
      *       <tt>MAX_VALUE_LENGTH</tt>.
+     * @throws IllegalArgumentException if either key or value contain
+     *         the null control character, code point U+0000.
      * @throws IllegalStateException if this node (or an ancestor) has been
      *         removed with the {@link #removeNode()} method.
      */
@@ -244,6 +252,10 @@
             throw new IllegalArgumentException("Key too long: "+key);
         if (value.length() > MAX_VALUE_LENGTH)
             throw new IllegalArgumentException("Value too long: "+value);
+        if (key.indexOf(CODE_POINT_U0000) != -1)
+            throw new IllegalArgumentException("Key contains code point U+0000");
+        if (value.indexOf(CODE_POINT_U0000) != -1)
+            throw new IllegalArgumentException("Value contains code point U+0000");
 
         synchronized(lock) {
             if (removed)
@@ -275,10 +287,14 @@
      *         removed with the {@link #removeNode()} method.
      * @throws NullPointerException if key is <tt>null</tt>.  (A
      *         <tt>null</tt> default <i>is</i> permitted.)
+     * @throws IllegalArgumentException if key contains the null control
+     *         character, code point U+0000.
      */
     public String get(String key, String def) {
         if (key==null)
             throw new NullPointerException("Null key");
+        if (key.indexOf(CODE_POINT_U0000) != -1)
+            throw new IllegalArgumentException("Key contains code point U+0000");
         synchronized(lock) {
             if (removed)
                 throw new IllegalStateException("Node has been removed.");
@@ -306,10 +322,14 @@
      * @param key key whose mapping is to be removed from the preference node.
      * @throws IllegalStateException if this node (or an ancestor) has been
      *         removed with the {@link #removeNode()} method.
+     * @throws IllegalArgumentException if key contains the null control
+     *         character, code point U+0000.
      * @throws NullPointerException {@inheritDoc}.
      */
     public void remove(String key) {
         Objects.requireNonNull(key, "Specified key cannot be null");
+        if (key.indexOf(CODE_POINT_U0000) != -1)
+            throw new IllegalArgumentException("Key contains code point U+0000");
         synchronized(lock) {
             if (removed)
                 throw new IllegalStateException("Node has been removed.");
@@ -353,6 +373,8 @@
      * @throws NullPointerException if key is <tt>null</tt>.
      * @throws IllegalArgumentException if <tt>key.length()</tt> exceeds
      *         <tt>MAX_KEY_LENGTH</tt>.
+     * @throws IllegalArgumentException if key contains
+     *         the null control character, code point U+0000.
      * @throws IllegalStateException if this node (or an ancestor) has been
      *         removed with the {@link #removeNode()} method.
      */
@@ -381,6 +403,8 @@
      * @throws IllegalStateException if this node (or an ancestor) has been
      *         removed with the {@link #removeNode()} method.
      * @throws NullPointerException if <tt>key</tt> is <tt>null</tt>.
+     * @throws IllegalArgumentException if key contains the null control
+     *         character, code point U+0000.
      */
     public int getInt(String key, int def) {
         int result = def;
@@ -408,6 +432,8 @@
      * @throws NullPointerException if key is <tt>null</tt>.
      * @throws IllegalArgumentException if <tt>key.length()</tt> exceeds
      *         <tt>MAX_KEY_LENGTH</tt>.
+     * @throws IllegalArgumentException if key contains
+     *         the null control character, code point U+0000.
      * @throws IllegalStateException if this node (or an ancestor) has been
      *         removed with the {@link #removeNode()} method.
      */
@@ -436,6 +462,8 @@
      * @throws IllegalStateException if this node (or an ancestor) has been
      *         removed with the {@link #removeNode()} method.
      * @throws NullPointerException if <tt>key</tt> is <tt>null</tt>.
+     * @throws IllegalArgumentException if key contains the null control
+     *         character, code point U+0000.
      */
     public long getLong(String key, long def) {
         long result = def;
@@ -463,6 +491,8 @@
      * @throws NullPointerException if key is <tt>null</tt>.
      * @throws IllegalArgumentException if <tt>key.length()</tt> exceeds
      *         <tt>MAX_KEY_LENGTH</tt>.
+     * @throws IllegalArgumentException if key contains
+     *         the null control character, code point U+0000.
      * @throws IllegalStateException if this node (or an ancestor) has been
      *         removed with the {@link #removeNode()} method.
      */
@@ -494,6 +524,8 @@
      * @throws IllegalStateException if this node (or an ancestor) has been
      *         removed with the {@link #removeNode()} method.
      * @throws NullPointerException if <tt>key</tt> is <tt>null</tt>.
+     * @throws IllegalArgumentException if key contains the null control
+     *         character, code point U+0000.
      */
     public boolean getBoolean(String key, boolean def) {
         boolean result = def;
@@ -521,6 +553,8 @@
      * @throws NullPointerException if key is <tt>null</tt>.
      * @throws IllegalArgumentException if <tt>key.length()</tt> exceeds
      *         <tt>MAX_KEY_LENGTH</tt>.
+     * @throws IllegalArgumentException if key contains
+     *         the null control character, code point U+0000.
      * @throws IllegalStateException if this node (or an ancestor) has been
      *         removed with the {@link #removeNode()} method.
      */
@@ -549,6 +583,8 @@
      * @throws IllegalStateException if this node (or an ancestor) has been
      *         removed with the {@link #removeNode()} method.
      * @throws NullPointerException if <tt>key</tt> is <tt>null</tt>.
+     * @throws IllegalArgumentException if key contains the null control
+     *         character, code point U+0000.
      */
     public float getFloat(String key, float def) {
         float result = def;
@@ -576,6 +612,8 @@
      * @throws NullPointerException if key is <tt>null</tt>.
      * @throws IllegalArgumentException if <tt>key.length()</tt> exceeds
      *         <tt>MAX_KEY_LENGTH</tt>.
+     * @throws IllegalArgumentException if key contains
+     *         the null control character, code point U+0000.
      * @throws IllegalStateException if this node (or an ancestor) has been
      *         removed with the {@link #removeNode()} method.
      */
@@ -604,6 +642,8 @@
      * @throws IllegalStateException if this node (or an ancestor) has been
      *         removed with the {@link #removeNode()} method.
      * @throws NullPointerException if <tt>key</tt> is <tt>null</tt>.
+     * @throws IllegalArgumentException if key contains the null control
+     *         character, code point U+0000.
      */
     public double getDouble(String key, double def) {
         double result = def;
@@ -627,6 +667,8 @@
      * @throws NullPointerException if key or value is <tt>null</tt>.
      * @throws IllegalArgumentException if key.length() exceeds MAX_KEY_LENGTH
      *         or if value.length exceeds MAX_VALUE_LENGTH*3/4.
+     * @throws IllegalArgumentException if key contains
+     *         the null control character, code point U+0000.
      * @throws IllegalStateException if this node (or an ancestor) has been
      *         removed with the {@link #removeNode()} method.
      */
@@ -650,6 +692,8 @@
      *         removed with the {@link #removeNode()} method.
      * @throws NullPointerException if <tt>key</tt> is <tt>null</tt>.  (A
      *         <tt>null</tt> value for <tt>def</tt> <i>is</i> permitted.)
+     * @throws IllegalArgumentException if key contains the null control
+     *         character, code point U+0000.
      */
     public byte[] getByteArray(String key, byte[] def) {
         byte[] result = def;
--- a/jdk/src/java.prefs/share/classes/java/util/prefs/Preferences.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.prefs/share/classes/java/util/prefs/Preferences.java	Thu Apr 30 17:20:49 2015 -0700
@@ -489,7 +489,7 @@
      *       <tt>MAX_VALUE_LENGTH</tt>.
      * @throws IllegalStateException if this node (or an ancestor) has been
      *         removed with the {@link #removeNode()} method.
-     * @throws IllegalArgumentException if either the key or the value contain
+     * @throws IllegalArgumentException if either key or value contain
      *         the null control character, code point U+0000.
      */
     public abstract void put(String key, String value);
@@ -514,6 +514,8 @@
      *         removed with the {@link #removeNode()} method.
      * @throws NullPointerException if <tt>key</tt> is <tt>null</tt>.  (A
      *         <tt>null</tt> value for <tt>def</tt> <i>is</i> permitted.)
+     * @throws IllegalArgumentException if key contains the null control
+     *         character, code point U+0000.
      */
     public abstract String get(String key, String def);
 
@@ -530,6 +532,8 @@
      * @throws NullPointerException if <tt>key</tt> is <tt>null</tt>.
      * @throws IllegalStateException if this node (or an ancestor) has been
      *         removed with the {@link #removeNode()} method.
+     * @throws IllegalArgumentException if key contains the null control
+     *         character, code point U+0000.
      */
     public abstract void remove(String key);
 
@@ -566,6 +570,8 @@
      *         <tt>MAX_KEY_LENGTH</tt>.
      * @throws IllegalStateException if this node (or an ancestor) has been
      *         removed with the {@link #removeNode()} method.
+     * @throws IllegalArgumentException if key contains
+     *         the null control character, code point U+0000.
      * @see #getInt(String,int)
      */
     public abstract void putInt(String key, int value);
@@ -597,6 +603,8 @@
      * @throws IllegalStateException if this node (or an ancestor) has been
      *         removed with the {@link #removeNode()} method.
      * @throws NullPointerException if <tt>key</tt> is <tt>null</tt>.
+     * @throws IllegalArgumentException if key contains the null control
+     *         character, code point U+0000.
      * @see #putInt(String,int)
      * @see #get(String,String)
      */
@@ -616,6 +624,8 @@
      *         <tt>MAX_KEY_LENGTH</tt>.
      * @throws IllegalStateException if this node (or an ancestor) has been
      *         removed with the {@link #removeNode()} method.
+     * @throws IllegalArgumentException if key contains
+     *         the null control character, code point U+0000.
      * @see #getLong(String,long)
      */
     public abstract void putLong(String key, long value);
@@ -647,6 +657,8 @@
      * @throws IllegalStateException if this node (or an ancestor) has been
      *         removed with the {@link #removeNode()} method.
      * @throws NullPointerException if <tt>key</tt> is <tt>null</tt>.
+     * @throws IllegalArgumentException if key contains the null control
+     *         character, code point U+0000.
      * @see #putLong(String,long)
      * @see #get(String,String)
      */
@@ -666,6 +678,8 @@
      *         <tt>MAX_KEY_LENGTH</tt>.
      * @throws IllegalStateException if this node (or an ancestor) has been
      *         removed with the {@link #removeNode()} method.
+     * @throws IllegalArgumentException if key contains
+     *         the null control character, code point U+0000.
      * @see #getBoolean(String,boolean)
      * @see #get(String,String)
      */
@@ -702,6 +716,8 @@
      * @throws IllegalStateException if this node (or an ancestor) has been
      *         removed with the {@link #removeNode()} method.
      * @throws NullPointerException if <tt>key</tt> is <tt>null</tt>.
+     * @throws IllegalArgumentException if key contains the null control
+     *         character, code point U+0000.
      * @see #get(String,String)
      * @see #putBoolean(String,boolean)
      */
@@ -721,6 +737,8 @@
      *         <tt>MAX_KEY_LENGTH</tt>.
      * @throws IllegalStateException if this node (or an ancestor) has been
      *         removed with the {@link #removeNode()} method.
+     * @throws IllegalArgumentException if key contains
+     *         the null control character, code point U+0000.
      * @see #getFloat(String,float)
      */
     public abstract void putFloat(String key, float value);
@@ -751,6 +769,8 @@
      * @throws IllegalStateException if this node (or an ancestor) has been
      *         removed with the {@link #removeNode()} method.
      * @throws NullPointerException if <tt>key</tt> is <tt>null</tt>.
+     * @throws IllegalArgumentException if key contains the null control
+     *         character, code point U+0000.
      * @see #putFloat(String,float)
      * @see #get(String,String)
      */
@@ -770,6 +790,8 @@
      *         <tt>MAX_KEY_LENGTH</tt>.
      * @throws IllegalStateException if this node (or an ancestor) has been
      *         removed with the {@link #removeNode()} method.
+     * @throws IllegalArgumentException if key contains
+     *         the null control character, code point U+0000.
      * @see #getDouble(String,double)
      */
     public abstract void putDouble(String key, double value);
@@ -800,6 +822,8 @@
      * @throws IllegalStateException if this node (or an ancestor) has been
      *         removed with the {@link #removeNode()} method.
      * @throws NullPointerException if <tt>key</tt> is <tt>null</tt>.
+     * @throws IllegalArgumentException if key contains the null control
+     *         character, code point U+0000.
      * @see #putDouble(String,double)
      * @see #get(String,String)
      */
@@ -825,6 +849,8 @@
      *         or if value.length exceeds MAX_VALUE_LENGTH*3/4.
      * @throws IllegalStateException if this node (or an ancestor) has been
      *         removed with the {@link #removeNode()} method.
+     * @throws IllegalArgumentException if key contains
+     *         the null control character, code point U+0000.
      * @see #getByteArray(String,byte[])
      * @see #get(String,String)
      */
@@ -864,6 +890,8 @@
      *         removed with the {@link #removeNode()} method.
      * @throws NullPointerException if <tt>key</tt> is <tt>null</tt>.  (A
      *         <tt>null</tt> value for <tt>def</tt> <i>is</i> permitted.)
+     * @throws IllegalArgumentException if key contains the null control
+     *         character, code point U+0000.
      * @see #get(String,String)
      * @see #putByteArray(String,byte[])
      */
--- a/jdk/src/java.prefs/unix/classes/java/util/prefs/FileSystemPreferences.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.prefs/unix/classes/java/util/prefs/FileSystemPreferences.java	Thu Apr 30 17:20:49 2015 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -49,13 +49,6 @@
  */
 class FileSystemPreferences extends AbstractPreferences {
 
-    /**
-     * The code point U+0000, assigned to the null control character, is the
-     * only character encoded in Unicode and ISO/IEC 10646 that is always
-     * invalid in any XML 1.0 and 1.1 document.
-     */
-    private static final String CODE_POINT_U0000 = String.valueOf('\u0000');
-
     static {
         PrivilegedAction<Void> load = () -> {
             System.loadLibrary("prefs");
@@ -532,11 +525,6 @@
     }
 
     protected void putSpi(String key, String value) {
-        if (key.indexOf(CODE_POINT_U0000) != -1) {
-            throw new IllegalArgumentException("Key contains code point U+0000");
-        } else if (value.indexOf(CODE_POINT_U0000) != -1) {
-            throw new IllegalArgumentException("Value contains code point U+0000");
-        }
         initCacheIfNecessary();
         changeLog.add(new Put(key, value));
         prefsCache.put(key, value);
--- a/jdk/src/java.prefs/windows/classes/java/util/prefs/WindowsPreferences.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.prefs/windows/classes/java/util/prefs/WindowsPreferences.java	Thu Apr 30 17:20:49 2015 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2002, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -25,8 +25,6 @@
 
 package java.util.prefs;
 
-import java.util.Map;
-import java.util.TreeMap;
 import java.util.StringTokenizer;
 import java.io.ByteArrayOutputStream;
 import java.security.AccessController;
@@ -46,7 +44,7 @@
  * @since 1.4
  */
 
-class WindowsPreferences extends AbstractPreferences{
+class WindowsPreferences extends AbstractPreferences {
 
     static {
         PrivilegedAction<Void> load = () -> {
@@ -620,22 +618,22 @@
      * @see #getSpi(String)
      */
     protected void putSpi(String javaName, String value) {
-    int nativeHandle = openKey(KEY_SET_VALUE);
-    if (nativeHandle == NULL_NATIVE_HANDLE) {
-        isBackingStoreAvailable = false;
-        return;
-    }
-    int result =  WindowsRegSetValueEx1(nativeHandle,
-                          toWindowsName(javaName), toWindowsValueString(value));
-    if (result != ERROR_SUCCESS) {
-        logger().warning("Could not assign value to key " +
-        byteArrayToString(toWindowsName(javaName))+ " at Windows registry node "
-       + byteArrayToString(windowsAbsolutePath()) + " at root 0x"
-       + Integer.toHexString(rootNativeHandle()) +
-       ". Windows RegSetValueEx(...) returned error code " + result + ".");
-        isBackingStoreAvailable = false;
+        int nativeHandle = openKey(KEY_SET_VALUE);
+        if (nativeHandle == NULL_NATIVE_HANDLE) {
+            isBackingStoreAvailable = false;
+            return;
         }
-    closeKey(nativeHandle);
+        int result = WindowsRegSetValueEx1(nativeHandle,
+                toWindowsName(javaName), toWindowsValueString(value));
+        if (result != ERROR_SUCCESS) {
+            logger().warning("Could not assign value to key " +
+            byteArrayToString(toWindowsName(javaName))+ " at Windows registry node "
+           + byteArrayToString(windowsAbsolutePath()) + " at root 0x"
+           + Integer.toHexString(rootNativeHandle()) +
+           ". Windows RegSetValueEx(...) returned error code " + result + ".");
+            isBackingStoreAvailable = false;
+        }
+        closeKey(nativeHandle);
     }
 
     /**
@@ -645,18 +643,18 @@
      * @see #putSpi(String, String)
      */
     protected String getSpi(String javaName) {
-    int nativeHandle = openKey(KEY_QUERY_VALUE);
-    if (nativeHandle == NULL_NATIVE_HANDLE) {
-        return null;
-    }
-    Object resultObject =  WindowsRegQueryValueEx(nativeHandle,
-                                                  toWindowsName(javaName));
-    if (resultObject == null) {
+        int nativeHandle = openKey(KEY_QUERY_VALUE);
+        if (nativeHandle == NULL_NATIVE_HANDLE) {
+            return null;
+        }
+        Object resultObject = WindowsRegQueryValueEx(nativeHandle,
+                toWindowsName(javaName));
+        if (resultObject == null) {
+            closeKey(nativeHandle);
+            return null;
+        }
         closeKey(nativeHandle);
-        return null;
-    }
-    closeKey(nativeHandle);
-    return toJavaValueString((byte[]) resultObject);
+        return toJavaValueString((byte[]) resultObject);
     }
 
     /**
--- a/jdk/src/java.smartcardio/share/classes/javax/smartcardio/package.html	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/java.smartcardio/share/classes/javax/smartcardio/package.html	Thu Apr 30 17:20:49 2015 -0700
@@ -46,27 +46,23 @@
 <a href="CommandAPDU.html">CommandAPDU</a>, 
 <a href="ResponseAPDU.html">ResponseAPDU</a>
 
-<p>
 <dt>Factory to obtain implementations
 <dd>
 <a href="TerminalFactory.html">TerminalFactory</a>
 
-<p>
 <dt>Main classes for card and terminal functions
 <dd>
-<a href="CardTerminals.html">CardTerminals</a>, 
-<a href="CardTerminal.html">CardTerminal</a>, 
+<a href="CardTerminals.html">CardTerminals</a>,
+<a href="CardTerminal.html">CardTerminal</a>,
 <a href="Card.html">Card</a>, 
 <a href="CardChannel.html">CardChannel</a>
 
-<p>
 <dt>Supporting permission and exception classes
 <dd>
-<a href="CardPermission.html">CardPermission</a>, 
-<a href="CardException.html">CardException</a>, 
+<a href="CardPermission.html">CardPermission</a>,
+<a href="CardException.html">CardException</a>,
 <a href="CardNotPresentException.html">CardNotPresentException</a>
 
-<p>
 <dt>Service provider interface, not accessed directly by applications 
 <dd>
 <a href="TerminalFactorySpi.html">TerminalFactorySpi</a>
@@ -94,7 +90,6 @@
 	card.disconnect(false);
 </pre>
 
-<P>
 @since   1.6
 @author  Andreas Sterbenz
 @author  JSR 268 Expert Group
--- a/jdk/src/jdk.attach/share/classes/com/sun/tools/attach/AgentInitializationException.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.attach/share/classes/com/sun/tools/attach/AgentInitializationException.java	Thu Apr 30 17:20:49 2015 -0700
@@ -29,15 +29,15 @@
  * The exception thrown when an agent fails to initialize in the target
  * Java virtual machine.
  *
- * <p> This exception is thrown by {@link
- * com.sun.tools.attach.VirtualMachine#loadAgent VirtualMachine.loadAgent},
+ * <p> This exception is thrown by
+ * {@link com.sun.tools.attach.VirtualMachine#loadAgent VirtualMachine.loadAgent},
  * {@link com.sun.tools.attach.VirtualMachine#loadAgentLibrary
- * VirtualMachine.loadAgentLibrary}, {@link
- * com.sun.tools.attach.VirtualMachine#loadAgentPath VirtualMachine.loadAgentPath}
+ * VirtualMachine.loadAgentLibrary},
+ * {@link com.sun.tools.attach.VirtualMachine#loadAgentPath VirtualMachine.loadAgentPath}
  * methods if an agent, or agent library, cannot be initialized.
- * When thrown by <tt>VirtualMachine.loadAgentLibrary</tt>, or
- * <tt>VirtualMachine.loadAgentPath</tt> then the exception encapsulates
- * the error returned by the agent's <code>Agent_OnAttach</code> function.
+ * When thrown by {@code VirtualMachine.loadAgentLibrary}, or
+ * {@code VirtualMachine.loadAgentPath} then the exception encapsulates
+ * the error returned by the agent's {@code Agent_OnAttach} function.
  * This error code can be obtained by invoking the {@link #returnValue() returnValue} method.
  */
 @jdk.Exported
@@ -49,7 +49,7 @@
     private int returnValue;
 
     /**
-     * Constructs an <code>AgentInitializationException</code> with
+     * Constructs an {@code AgentInitializationException} with
      * no detail message.
      */
     public AgentInitializationException() {
@@ -58,7 +58,7 @@
     }
 
     /**
-     * Constructs an <code>AgentInitializationException</code> with
+     * Constructs an {@code AgentInitializationException} with
      * the specified detail message.
      *
      * @param   s   the detail message.
@@ -69,9 +69,9 @@
     }
 
     /**
-     * Constructs an <code>AgentInitializationException</code> with
+     * Constructs an {@code AgentInitializationException} with
      * the specified detail message and the return value from the
-     * execution of the agent's <code>Agent_OnAttach</code> function.
+     * execution of the agent's {@code Agent_OnAttach} function.
      *
      * @param   s               the detail message.
      * @param   returnValue     the return value
@@ -83,8 +83,8 @@
 
     /**
      * If the exception was created with the return value from the agent
-     * <code>Agent_OnAttach</code> function then this returns that value,
-     * otherwise returns <code>0</code>. </p>
+     * {@code Agent_OnAttach} function then this returns that value,
+     * otherwise returns {@code 0}.
      *
      * @return  the return value
      */
--- a/jdk/src/jdk.attach/share/classes/com/sun/tools/attach/spi/AttachProvider.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.attach/share/classes/com/sun/tools/attach/spi/AttachProvider.java	Thu Apr 30 17:20:49 2015 -0700
@@ -41,7 +41,7 @@
  *
  * <p> An attach provider is a concrete subclass of this class that has a
  * zero-argument constructor and implements the abstract methods specified
- * below. </p>
+ * below.
  *
  * <p> An attach provider implementation is typically tied to a Java virtual
  * machine implementation, version, or even mode of operation. That is, a specific
@@ -51,7 +51,7 @@
  * Sun's <i>HotSpot</i> virtual machine. In general, if an environment
  * consists of Java virtual machines of different versions and from different
  * vendors then there will be an attach provider implementation for each
- * <i>family</i> of implementations or versions. </p>
+ * <i>family</i> of implementations or versions.
  *
  * <p> An attach provider is identified by its {@link #name <i>name</i>} and
  * {@link #type <i>type</i>}. The <i>name</i> is typically, but not required to
@@ -61,15 +61,15 @@
  * implementation that uses the Doors inter-process communication mechanism
  * might use the type <i>"doors"</i>. The purpose of the name and type is to
  * identify providers in environments where there are multiple providers
- * installed. </p>
+ * installed.
  *
  * <p> AttachProvider implementations are loaded and instantiated at the first
  * invocation of the {@link #providers() providers} method. This method
  * attempts to load all provider implementations that are installed on the
- * platform. </p>
+ * platform.
  *
  * <p> All of the methods in this class are safe for use by multiple
- * concurrent threads. </p>
+ * concurrent threads.
  *
  * @since 1.6
  */
@@ -81,12 +81,12 @@
     private static List<AttachProvider> providers = null;
 
     /**
-     * Initializes a new instance of this class.  </p>
+     * Initializes a new instance of this class.
      *
      * @throws  SecurityException
      *          If a security manager has been installed and it denies
      *          {@link com.sun.tools.attach.AttachPermission AttachPermission}
-     *          <tt>("createAttachProvider")</tt>
+     *          ("{@code createAttachProvider}")
      */
     protected AttachProvider() {
         SecurityManager sm = System.getSecurityManager();
@@ -95,14 +95,14 @@
     }
 
     /**
-     * Return this provider's name. </p>
+     * Return this provider's name.
      *
      * @return  The name of this provider
      */
     public abstract String name();
 
     /**
-     * Return this provider's type. </p>
+     * Return this provider's type.
      *
      * @return  The type of this provider
      */
@@ -113,18 +113,18 @@
      *
      * <p> A Java virtual machine is identified by an abstract identifier. The
      * nature of this identifier is platform dependent but in many cases it will be the
-     * string representation of the process identifier (or pid). </p>
+     * string representation of the process identifier (or pid).
      *
      * <p> This method parses the identifier and maps the identifier to a Java
      * virtual machine (in an implementation dependent manner). If the identifier
-     * cannot be parsed by the provider then an {@link
-     * com.sun.tools.attach.AttachNotSupportedException AttachNotSupportedException}
+     * cannot be parsed by the provider then an
+     * {@link com.sun.tools.attach.AttachNotSupportedException AttachNotSupportedException}
      * is thrown. Once parsed this method attempts to attach to the Java virtual machine.
      * If the provider detects that the identifier corresponds to a Java virtual machine
      * that does not exist, or it corresponds to a Java virtual machine that does not support
      * the attach mechanism implemented by this provider, or it detects that the
      * Java virtual machine is a version to which this provider cannot attach, then
-     * an <code>AttachNotSupportedException</code> is thrown. </p>
+     * an {@code AttachNotSupportedException} is thrown.
      *
      * @param  id
      *         The abstract identifier that identifies the Java virtual machine.
@@ -134,7 +134,7 @@
      * @throws  SecurityException
      *          If a security manager has been installed and it denies
      *          {@link com.sun.tools.attach.AttachPermission AttachPermission}
-     *          <tt>("attachVirtualMachine")</tt>, or other permission
+     *          ("{@code attachVirtualMachine}"), or other permission
      *          required by the implementation.
      *
      * @throws  AttachNotSupportedException
@@ -147,7 +147,7 @@
      *          If some other I/O error occurs
      *
      * @throws  NullPointerException
-     *          If <code>id</code> is <code>null</code>
+     *          If {@code id} is {@code null}
      */
     public abstract VirtualMachine attachVirtualMachine(String id)
         throws AttachNotSupportedException, IOException;
@@ -155,10 +155,10 @@
     /**
      * Attaches to a Java virtual machine.
      *
-     * <p> A Java virtual machine can be described using a {@link
-     * com.sun.tools.attach.VirtualMachineDescriptor VirtualMachineDescriptor}.
-     * This method invokes the descriptor's {@link
-     * com.sun.tools.attach.VirtualMachineDescriptor#provider() provider()} method
+     * <p> A Java virtual machine can be described using a
+     * {@link com.sun.tools.attach.VirtualMachineDescriptor VirtualMachineDescriptor}.
+     * This method invokes the descriptor's
+     * {@link com.sun.tools.attach.VirtualMachineDescriptor#provider() provider()} method
      * to check that it is equal to this provider. It then attempts to attach to the
      * Java virtual machine.
      *
@@ -170,20 +170,20 @@
      * @throws  SecurityException
      *          If a security manager has been installed and it denies
      *          {@link com.sun.tools.attach.AttachPermission AttachPermission}
-     *          <tt>("attachVirtualMachine")</tt>, or other permission
+     *          ("{@code attachVirtualMachine}"), or other permission
      *          required by the implementation.
      *
      * @throws  AttachNotSupportedException
-     *          If the descriptor's {@link
-     *          com.sun.tools.attach.VirtualMachineDescriptor#provider() provider()} method
-     *          returns a provider that is not this provider, or it does not correspond
-     *          to a Java virtual machine to which this provider can attach.
+     *          If the descriptor's
+     *          {@link com.sun.tools.attach.VirtualMachineDescriptor#provider() provider()}
+     *          method returns a provider that is not this provider, or it does not
+     *          correspond to a Java virtual machine to which this provider can attach.
      *
      * @throws  IOException
      *          If some other I/O error occurs
      *
      * @throws  NullPointerException
-     *          If <code>vmd</code> is <code>null</code>
+     *          If {@code vmd} is {@code null}
      */
     public VirtualMachine attachVirtualMachine(VirtualMachineDescriptor vmd)
         throws AttachNotSupportedException, IOException
@@ -197,12 +197,13 @@
     /**
      * Lists the Java virtual machines known to this provider.
      *
-     * <p> This method returns a list of {@link
-     * com.sun.tools.attach.VirtualMachineDescriptor} elements. Each
-     * <code>VirtualMachineDescriptor</code> describes a Java virtual machine
+     * <p> This method returns a list of
+     * {@link com.sun.tools.attach.VirtualMachineDescriptor} elements. Each
+     * {@code VirtualMachineDescriptor} describes a Java virtual machine
      * to which this provider can <i>potentially</i> attach.  There isn't any
-     * guarantee that invoking {@link #attachVirtualMachine(VirtualMachineDescriptor)
-     * attachVirtualMachine} on each descriptor in the list will succeed.
+     * guarantee that invoking
+     * {@link #attachVirtualMachine(VirtualMachineDescriptor) attachVirtualMachine}
+     * on each descriptor in the list will succeed.
      *
      * @return  The list of virtual machine descriptors which describe the
      *          Java virtual machines known to this provider (may be empty).
@@ -216,31 +217,31 @@
      * <p> An AttachProvider is installed on the platform if:
      *
      * <ul>
-     *   <li><p>It is installed in a JAR file that is visible to the defining
+     *   <li>It is installed in a JAR file that is visible to the defining
      *   class loader of the AttachProvider type (usually, but not required
      *   to be, the {@link java.lang.ClassLoader#getSystemClassLoader system
-     *   class loader}).</p></li>
+     *   class loader}).</li>
      *
-     *   <li><p>The JAR file contains a provider configuration named
-     *   <tt>com.sun.tools.attach.spi.AttachProvider</tt> in the resource directory
-     *   <tt>META-INF/services</tt>. </p></li>
+     *   <li>The JAR file contains a provider configuration named
+     *   {@code com.sun.tools.attach.spi.AttachProvider} in the resource directory
+     *   {@code META-INF/services}.</li>
      *
-     *   <li><p>The provider configuration file lists the full-qualified class
-     *   name of the AttachProvider implementation. </p></li>
+     *   <li>The provider configuration file lists the full-qualified class
+     *   name of the AttachProvider implementation.</li>
      * </ul>
      *
      * <p> The format of the provider configuration file is one fully-qualified
      * class name per line. Space and tab characters surrounding each class name,
      * as well as blank lines are ignored. The comment character is
-     *  <tt>'#'</tt> (<tt>0x23</tt>), and on each line all characters following
+     *  {@code '#'} ({@code 0x23}), and on each line all characters following
      * the first comment character are ignored. The file must be encoded in
-     * UTF-8. </p>
+     * UTF-8.
      *
      * <p> AttachProvider implementations are loaded and instantiated
      * (using the zero-arg constructor) at the first invocation of this method.
      * The list returned by the first invocation of this method is the list
      * of providers. Subsequent invocations of this method return a list of the same
-     * providers. The list is unmodifable.</p>
+     * providers. The list is unmodifable.
      *
      * @return  A list of the installed attach providers.
      */
--- a/jdk/src/jdk.httpserver/share/classes/com/sun/net/httpserver/Filter.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.httpserver/share/classes/com/sun/net/httpserver/Filter.java	Thu Apr 30 17:20:49 2015 -0700
@@ -72,7 +72,7 @@
          * exchange handler will not be invoked.
          * @param exchange the HttpExchange
          * @throws IOException let exceptions pass up the stack
-         * @throws NullPointerException if exchange is <code>null</code>
+         * @throws NullPointerException if exchange is {@code null}
          */
         public void doFilter (HttpExchange exchange) throws IOException {
             if (!iter.hasNext()) {
@@ -86,14 +86,14 @@
 
     /**
      * Asks this filter to pre/post-process the given exchange. The filter
-     * can :-
+     * can:
      * <ul><li>examine or modify the request headers</li>
      * <li>filter the request body or the response body, by creating suitable
      * filter streams and calling
      * {@link HttpExchange#setStreams(InputStream,OutputStream)}</li>
      * <li>set attribute Objects in the exchange, which other filters or the
      * exchange handler can access.</li>
-     * <li>decide to either :-<ol>
+     * <li>decide to either<ol>
      * <li>invoke the next filter in the chain, by calling
      * {@link Filter.Chain#doFilter(HttpExchange)}</li>
      * <li>terminate the chain of invocation, by <b>not</b> calling
@@ -102,12 +102,13 @@
      * filters in the Chain have been called, and the response headers can be
      * examined or modified.</li>
      * <li>if option 2. above taken, then this Filter must use the HttpExchange
-     * to send back an appropriate response</li></ul><p>
-     * @param exchange the <code>HttpExchange</code> to be filtered.
+     * to send back an appropriate response</li></ul>
+     *
+     * @param exchange the {@code HttpExchange} to be filtered.
      * @param chain the Chain which allows the next filter to be invoked.
      * @throws IOException may be thrown by any filter module, and if
      *          caught, must be rethrown again.
-     * @throws NullPointerException if either exchange or chain are <code>null</code>
+     * @throws NullPointerException if either exchange or chain are {@code null}
      */
     public abstract void doFilter (HttpExchange exchange, Chain chain)
         throws IOException;
--- a/jdk/src/jdk.httpserver/share/classes/com/sun/net/httpserver/Headers.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.httpserver/share/classes/com/sun/net/httpserver/Headers.java	Thu Apr 30 17:20:49 2015 -0700
@@ -29,18 +29,21 @@
 
 /**
  * HTTP request and response headers are represented by this class which implements
- * the interface {@link java.util.Map}&lt;
- * {@link java.lang.String},{@link java.util.List}&lt;{@link java.lang.String}&gt;&gt;.
+ * the interface
+ * {@link java.util.Map}{@literal <}{@link java.lang.String}, {@link java.util.List}
+ * {@literal <}{@link java.lang.String}{@literal >>}.
  * The keys are case-insensitive Strings representing the header names and
- * the value associated with each key is a {@link List}&lt;{@link String}&gt; with one
+ * the value associated with each key is
+ * a {@link List}{@literal <}{@link String}{@literal >} with one
  * element for each occurrence of the header name in the request or response.
  * <p>
- * For example, if a response header instance contains one key "HeaderName" with two values "value1 and value2"
+ * For example, if a response header instance contains
+ * one key "HeaderName" with two values "value1 and value2"
  * then this object is output as two header lines:
  * <blockquote><pre>
  * HeaderName: value1
  * HeaderName: value2
- * </blockquote></pre>
+ * </pre></blockquote>
  * <p>
  * All the normal {@link java.util.Map} methods are provided, but the following
  * additional convenience methods are most likely to be used:
--- a/jdk/src/jdk.httpserver/share/classes/com/sun/net/httpserver/HttpExchange.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.httpserver/share/classes/com/sun/net/httpserver/HttpExchange.java	Thu Apr 30 17:20:49 2015 -0700
@@ -116,9 +116,9 @@
     public abstract HttpContext getHttpContext ();
 
     /**
-     * Ends this exchange by doing the following in sequence:<p><ol>
-     * <li>close the request InputStream, if not already closed<p></li>
-     * <li>close the response OutputStream, if not already closed. </li>
+     * Ends this exchange by doing the following in sequence:<ol>
+     * <li>close the request InputStream, if not already closed;</li>
+     * <li>close the response OutputStream, if not already closed.</li>
      * </ol>
      */
     public abstract void close () ;
@@ -163,9 +163,9 @@
      * and the numeric response code as specified in this method. The response body length is also specified
      * as follows. If the response length parameter is greater than zero, this specifies an exact
      * number of bytes to send and the application must send that exact amount of data.
-     * If the response length parameter is <code>zero</code>, then chunked transfer encoding is
+     * If the response length parameter is {@code zero}, then chunked transfer encoding is
      * used and an arbitrary amount of data may be sent. The application terminates the
-     * response body by closing the OutputStream. If response length has the value <code>-1</code>
+     * response body by closing the OutputStream. If response length has the value {@code -1}
      * then no response body is being sent.
      * <p>
      * If the content-length response header has not already been set then
@@ -192,7 +192,7 @@
 
     /**
      * Returns the response code, if it has already been set
-     * @return the response code, if available. <code>-1</code> if not available yet.
+     * @return the response code, if available. {@code -1} if not available yet.
      */
     public abstract int getResponseCode ();
 
@@ -219,7 +219,7 @@
      * available.
      * @param name the name of the attribute to retrieve
      * @return the attribute object, or null if it does not exist
-     * @throws NullPointerException if name is <code>null</code>
+     * @throws NullPointerException if name is {@code null}
      */
     public abstract Object getAttribute (String name) ;
 
@@ -231,9 +231,9 @@
      * Each Filter class will document the attributes which they make
      * available.
      * @param name the name to associate with the attribute value
-     * @param value the object to store as the attribute value. <code>null</code>
+     * @param value the object to store as the attribute value. {@code null}
      * value is permitted.
-     * @throws NullPointerException if name is <code>null</code>
+     * @throws NullPointerException if name is {@code null}
      */
     public abstract void setAttribute (String name, Object value) ;
 
@@ -248,9 +248,9 @@
      * required to be) sub-classes of {@link java.io.FilterInputStream}
      * and {@link java.io.FilterOutputStream}.
      * @param i the filtered input stream to set as this object's inputstream,
-     *          or <code>null</code> if no change.
+     *          or {@code null} if no change.
      * @param o the filtered output stream to set as this object's outputstream,
-     *          or <code>null</code> if no change.
+     *          or {@code null} if no change.
      */
     public abstract void setStreams (InputStream i, OutputStream o);
 
@@ -259,7 +259,7 @@
      * If an authenticator is set on the HttpContext that owns this exchange,
      * then this method will return the {@link HttpPrincipal} that represents
      * the authenticated user for this HttpExchange.
-     * @return the HttpPrincipal, or <code>null</code> if no authenticator is set.
+     * @return the HttpPrincipal, or {@code null} if no authenticator is set.
      */
     public abstract HttpPrincipal getPrincipal ();
 }
--- a/jdk/src/jdk.httpserver/share/classes/com/sun/net/httpserver/HttpServer.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.httpserver/share/classes/com/sun/net/httpserver/HttpServer.java	Thu Apr 30 17:20:49 2015 -0700
@@ -58,8 +58,8 @@
  * whose path is the longest matching prefix of the request URI's path.
  * Paths are matched literally, which means that the strings are compared
  * case sensitively, and with no conversion to or from any encoded forms.
- * For example. Given a HttpServer with the following HttpContexts configured.<p>
- * <table >
+ * For example. Given a HttpServer with the following HttpContexts configured.
+ * <table>
  * <tr><td><i>Context</i></td><td><i>Context path</i></td></tr>
  * <tr><td>ctx1</td><td>"/"</td></tr>
  * <tr><td>ctx2</td><td>"/apps/"</td></tr>
@@ -67,7 +67,7 @@
  * </table>
  * <p>
  * the following table shows some request URIs and which, if any context they would
- * match with.<p>
+ * match with.
  * <table>
  * <tr><td><i>Request URI</i></td><td><i>Matches context</i></td></tr>
  * <tr><td>"http://foo.com/apps/foo/bar"</td><td>ctx3</td></tr>
@@ -181,7 +181,7 @@
      * approximately <i>delay</i> seconds have elapsed (whichever happens
      * sooner). Then, all open TCP connections are closed, the background
      * thread created by start() exits, and the method returns.
-     * Once stopped, a HttpServer cannot be re-used. <p>
+     * Once stopped, a HttpServer cannot be re-used.
      *
      * @param delay the maximum time in seconds to wait until exchanges have finished.
      * @throws IllegalArgumentException if delay is less than zero.
--- a/jdk/src/jdk.httpserver/share/classes/com/sun/net/httpserver/HttpsConfigurator.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.httpserver/share/classes/com/sun/net/httpserver/HttpsConfigurator.java	Thu Apr 30 17:20:49 2015 -0700
@@ -42,8 +42,8 @@
  * the default configuration.
  * <p>
  * The following <a name="example">example</a> shows how this may be done:
- * <p>
- * <pre><blockquote>
+ *
+ * <blockquote><pre>
  * SSLContext sslContext = SSLContext.getInstance (....);
  * HttpsServer server = HttpsServer.create();
  *
@@ -64,7 +64,7 @@
  *         params.setSSLParameters(sslparams);
  *     }
  * });
- * </blockquote></pre>
+ * </pre></blockquote>
  * @since 1.6
  */
 @jdk.Exported
@@ -102,7 +102,7 @@
     * <p>
     * The default implementation of this method uses the
     * SSLParameters returned from <p>
-    * <code>getSSLContext().getDefaultSSLParameters()</code>
+    * {@code getSSLContext().getDefaultSSLParameters()}
     * <p>
     * configure() may be overridden in order to modify this behavior.
     * See, the example <a href="#example">above</a>.
--- a/jdk/src/jdk.httpserver/share/classes/com/sun/net/httpserver/package-info.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.httpserver/share/classes/com/sun/net/httpserver/package-info.java	Thu Apr 30 17:20:49 2015 -0700
@@ -58,7 +58,7 @@
    server.createContext("/applications/myapp", new MyHandler());
    server.setExecutor(null); // creates a default executor
    server.start();
-   </blockquote></pre>
+   </pre></blockquote>
    <p>The example above creates a simple HttpServer which uses the calling
    application thread to invoke the handle() method for incoming http
    requests directed to port 8000, and to the path /applications/myapp/.
@@ -92,7 +92,7 @@
 
    SSLContext ssl = SSLContext.getInstance("TLS");
    ssl.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
-   </blockquote></pre>
+   </pre></blockquote>
    <p>
    In the example above, a keystore file called "testkeys", created with the keytool utility
    is used as a certificate store for client and server certificates.
@@ -119,8 +119,8 @@
 
         }
     });
-   </blockquote></pre>
-   <p>
+   </pre></blockquote>
+
    @since 1.6
  */
 @jdk.Exported
--- a/jdk/src/jdk.jdi/share/classes/com/sun/jdi/Bootstrap.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.jdi/share/classes/com/sun/jdi/Bootstrap.java	Thu Apr 30 17:20:49 2015 -0700
@@ -43,13 +43,12 @@
      * <p> May throw an unspecified error if initialization of the
      * {@link com.sun.jdi.VirtualMachineManager} fails or if
      * the virtual machine manager is unable to locate or create
-     * any {@link com.sun.jdi.connect.Connector Connectors}. </p>
-     * <p>
+     * any {@link com.sun.jdi.connect.Connector Connectors}.
+     *
      * @throws java.lang.SecurityException if a security manager has been
      * installed and it denies {@link JDIPermission}
-     * <tt>("virtualMachineManager")</tt> or other unspecified
+     * ("{@code virtualMachineManager}") or other unspecified
      * permissions required by the implementation.
-     * </p>
      */
     static public synchronized VirtualMachineManager virtualMachineManager() {
         return com.sun.tools.jdi.VirtualMachineManagerImpl.virtualMachineManager();
--- a/jdk/src/jdk.jdi/share/classes/com/sun/jdi/Field.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.jdi/share/classes/com/sun/jdi/Field.java	Thu Apr 30 17:20:49 2015 -0700
@@ -65,22 +65,22 @@
      *    short s;
      *    Date d;
      *    byte[] ba;</PRE>
-     * And the JDI client defines these <CODE>Field</CODE> objects:
+     * And the JDI client defines these {@code Field} objects:
      * <PRE>
      *    Field sField = targetClass.fieldByName("s");
      *    Field dField = targetClass.fieldByName("d");
      *    Field baField = targetClass.fieldByName("ba");</PRE>
-     * to mirror the corresponding fields, then <CODE>sField.type()</CODE>
-     * is a {@link ShortType}, <CODE>dField.type()</CODE> is the
-     * {@link ReferenceType} for <CODE>java.util.Date</CODE> and
-     * <CODE>((ArrayType)(baField.type())).componentType()</CODE> is a
+     * to mirror the corresponding fields, then {@code sField.type()}
+     * is a {@link ShortType}, {@code dField.type()} is the
+     * {@link ReferenceType} for {@code java.util.Date} and
+     * {@code ((ArrayType)(baField.type())).componentType()} is a
      * {@link ByteType}.
      * <P>
      * Note: if the type of this field is a reference type (class,
      * interface, or array) and it has not been created or loaded
      * by the declaring type's class loader - that is,
-     * {@link TypeComponent#declaringType <CODE>declaringType()</CODE>}
-     * <CODE>.classLoader()</CODE>,
+     * {@link TypeComponent#declaringType declaringType()}
+     * {@code .classLoader()},
      * then ClassNotLoadedException will be thrown.
      * Also, a reference type may have been loaded but not yet prepared,
      * in which case the type will be returned
@@ -100,28 +100,28 @@
     /**
      * Determine if this is a transient field.
      *
-     * @return <code>true</code> if this field is transient; false otherwise.
+     * @return {@code true} if this field is transient; {@code false} otherwise.
      */
     boolean isTransient();
 
     /**
      * Determine if this is a volatile field.
      *
-     * @return <code>true</code> if this field is volatile; false otherwise.
+     * @return {@code true} if this field is volatile; {@code false} otherwise.
      */
     boolean isVolatile();
 
     /**
      * Determine if this is a field that represents an enum constant.
-     * @return <code>true</code> if this field represents an enum constant;
-     * false otherwise.
+     * @return {@code true} if this field represents an enum constant;
+     * {@code false} otherwise.
      */
     boolean isEnumConstant();
 
     /**
      * Compares the specified Object with this field for equality.
      *
-     * @return true if the Object is a Field and if both
+     * @return {@code true} if the Object is a Field and if both
      * mirror the same field (declared in the same class or interface, in
      * the same VM).
      */
@@ -130,7 +130,7 @@
     /**
      * Returns the hash code value for this Field.
      *
-     * @return the integer hash code
+     * @return the integer hash code.
      */
     int hashCode();
 }
--- a/jdk/src/jdk.jdi/share/classes/com/sun/jdi/JDIPermission.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.jdi/share/classes/com/sun/jdi/JDIPermission.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,20 +26,20 @@
 package com.sun.jdi;
 
 /**
- * The <code>JDIPermission</code> class represents access rights to
- * the <code>VirtualMachineManager</code>.  This is the permission
+ * The {@code JDIPermission} class represents access rights to
+ * the {@code VirtualMachineManager}.  This is the permission
  * which the SecurityManager will check when code that is running with
  * a SecurityManager requests access to the VirtualMachineManager, as
  * defined in the Java Debug Interface (JDI) for the Java platform.
  * <P>
- * A <code>JDIPermission</code> object contains a name (also referred
+ * A {@code JDIPermission} object contains a name (also referred
  * to as a "target name") but no actions list; you either have the
  * named permission or you don't.
  * <P>
  * The following table provides a summary description of what the
  * permission allows, and discusses the risks of granting code the
  * permission.
- * <P>
+ *
  * <table border=1 cellpadding=5 summary="Table shows permission
  * target name, what the permission allows, and associated risks">
  * <tr>
@@ -51,10 +51,10 @@
  * <tr>
  *   <td>virtualMachineManager</td>
  *   <td>Ability to inspect and modify the JDI objects in the
- *   <code>VirtualMachineManager</code>
+ *   {@code VirtualMachineManager}
  *   </td>
  *   <td>This allows an attacker to control the
- *   <code>VirtualMachineManager</code> and cause the system to
+ *   {@code VirtualMachineManager} and cause the system to
  *   misbehave.
  *   </td>
  * </tr>
@@ -82,8 +82,8 @@
 public final class JDIPermission extends java.security.BasicPermission {
     private static final long serialVersionUID = -6988461416938786271L;
     /**
-     * The <code>JDIPermission</code> class represents access rights to the
-     * <code>VirtualMachineManager</code>
+     * The {@code JDIPermission} class represents access rights to the
+     * {@code VirtualMachineManager}
      * @param name Permission name. Must be "virtualMachineManager".
      * @throws IllegalArgumentException if the name argument is invalid.
      */
--- a/jdk/src/jdk.jdi/share/classes/com/sun/jdi/Method.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.jdi/share/classes/com/sun/jdi/Method.java	Thu Apr 30 17:20:49 2015 -0700
@@ -49,7 +49,7 @@
      * This type name is always available even if
      * the type has not yet been created or loaded.
      *
-     * @return a String containing the return type name.
+     * @return a {@code String} containing the return type name.
      */
     String returnTypeName();
 
@@ -60,8 +60,8 @@
      * Note: if the return type of this method is a reference type (class,
      * interface, or array) and it has not been created or loaded
      * by the declaring type's class loader - that is,
-     * {@link TypeComponent#declaringType <CODE>declaringType()</CODE>}
-     * <CODE>.classLoader()</CODE>,
+     * {@link TypeComponent#declaringType declaringType()}
+     * {@code .classLoader()},
      * then ClassNotLoadedException will be thrown.
      * Also, a reference type may have been loaded but not yet prepared,
      * in which case the type will be returned
@@ -93,7 +93,6 @@
      * as specified at compile-time.
      * If the formal parameter was declared with an ellipsis, then
      * it is represented as an array of the type before the ellipsis.
-     *
      */
     List<String> argumentTypeNames();
 
@@ -105,8 +104,8 @@
      * is a reference type (class, interface, or array)
      * and it has not been created or loaded
      * by the declaring type's class loader - that is,
-     * {@link TypeComponent#declaringType <CODE>declaringType()</CODE>}
-     * <CODE>.classLoader()</CODE>,
+     * {@link TypeComponent#declaringType declaringType()}
+     * {@code .classLoader()},
      * then ClassNotLoadedException will be thrown.
      * Also, a reference type may have been loaded but not yet prepared,
      * in which case the list will be returned
@@ -132,16 +131,16 @@
     /**
      * Determine if this method is abstract.
      *
-     * @return <code>true</code> if the method is declared abstract;
-     * false otherwise.
+     * @return {@code true} if the method is declared abstract;
+     * {@code false} otherwise.
      */
     boolean isAbstract();
 
     /**
      * Determine if this method is a default method
      *
-     * @return <code>true</code> if the method is declared default;
-     * false otherwise
+     * @return {@code true} if the method is declared default;
+     * {@code false} otherwise.
      *
      * @since 1.8
      */
@@ -152,24 +151,24 @@
     /**
      * Determine if this method is synchronized.
      *
-     * @return <code>true</code> if the method is declared synchronized;
-     * false otherwise.
+     * @return {@code true} if the method is declared synchronized;
+     * {@code false} otherwise.
      */
     boolean isSynchronized();
 
     /**
      * Determine if this method is native.
      *
-     * @return <code>true</code> if the method is declared native;
-     * false otherwise.
+     * @return {@code true} if the method is declared native;
+     * {@code false} otherwise.
      */
     boolean isNative();
 
     /**
      * Determine if this method accepts a variable number of arguments.
      *
-     * @return <code>true</code> if the method accepts a variable number
-     * of arguments, false otherwise.
+     * @return {@code true} if the method accepts a variable number
+     * of arguments, {@code false} otherwise.
      *
      * @since 1.5
      */
@@ -180,8 +179,8 @@
      * methods are defined in
      * <cite>The Java&trade; Language Specification</cite>.
      *
-     * @return <code>true</code> if the method is a bridge method,
-     * false otherwise.
+     * @return {@code true} if the method is a bridge method,
+     * {@code false} otherwise.
      *
      * @since 1.5
      */
@@ -190,23 +189,23 @@
     /**
      * Determine if this method is a constructor.
      *
-     * @return <code>true</code> if the method is a constructor;
-     * false otherwise.
+     * @return {@code true} if the method is a constructor;
+     * {@code false} otherwise.
      */
     boolean isConstructor();
 
     /**
      * Determine if this method is a static initializer.
      *
-     * @return <code>true</code> if the method is a static initializer;
-     * false otherwise.
+     * @return {@code true} if the method is a static initializer;
+     * {@code false} otherwise.
      */
     boolean isStaticInitializer();
 
     /**
      * Determine if this method is obsolete.
      *
-     * @return <code>true</code> if this method has been made obsolete by a
+     * @return {@code true} if this method has been made obsolete by a
      * {@link VirtualMachine#redefineClasses} operation.
      *
      * @since 1.4
@@ -218,7 +217,7 @@
      * each executable source line in this method.
      * <P>
      * This method is equivalent to
-     * <code>allLineLocations(vm.getDefaultStratum(),null)</code> -
+     * {@code allLineLocations(vm.getDefaultStratum(),null)} -
      * see {@link #allLineLocations(String,String)}
      * for more information.
      *
@@ -252,16 +251,16 @@
      * (see {@link Location} for a description of strata).
      *
      * @param stratum The stratum to retrieve information from
-     * or <code>null</code> for the {@link ReferenceType#defaultStratum()}
+     * or {@code null} for the {@link ReferenceType#defaultStratum()}
      *
      * @param sourceName Return locations only within this
-     * source file or <code>null</code> to return locations.
+     * source file or {@code null} to return locations.
      *
      * @return a List of all source line {@link Location} objects.
      *
      * @throws AbsentInformationException if there is no line
      * number information for this (non-native, non-abstract)
-     * method.  Or if <i>sourceName</i> is non-<code>null</code>
+     * method.  Or if <i>sourceName</i> is non-{@code null}
      * and source name information is not present.
      *
      * @since 1.4
@@ -274,8 +273,8 @@
      * that map to the given line number.
      * <P>
      * This method is equivalent to
-     * <code>locationsOfLine(vm.getDefaultStratum(), null,
-     * lineNumber)</code> -
+     * {@code locationsOfLine(vm.getDefaultStratum(), null,
+     * lineNumber)} -
      * see {@link
      * #locationsOfLine(java.lang.String,java.lang.String,int)}
      * for more information.
@@ -320,7 +319,7 @@
      *
      * @throws AbsentInformationException if there is no line
      * number information for this method.
-     * Or if <i>sourceName</i> is non-<code>null</code>
+     * Or if <i>sourceName</i> is non-{@code null}
      * and source name information is not present.
      *
      * @since 1.4
@@ -436,7 +435,7 @@
     /**
      * Returns the hash code value for this Method.
      *
-     * @return the integer hash code
+     * @return the integer hash code.
      */
     int hashCode();
 }
--- a/jdk/src/jdk.jdi/share/classes/com/sun/jdi/Value.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.jdi/share/classes/com/sun/jdi/Value.java	Thu Apr 30 17:20:49 2015 -0700
@@ -63,47 +63,47 @@
  *   <TH id="type"     align="left">{@link Type} of value<br>{@link #type() Value.type()}</TH>
  * <TR>
  *   <TD headers="primval kind">     a boolean</TD>
- *   <TD headers="primval example">  <CODE>true</CODE></TD>
+ *   <TD headers="primval example">  {@code true}</TD>
  *   <TD headers="primval mirrored"> {@link BooleanValue}</TD>
  *   <TD headers="primval type">     {@link BooleanType}</TD>
  * <TR>
  *   <TD headers="primval kind">     a byte</TD>
- *   <TD headers="primval example">  <CODE>(byte)4</CODE></TD>
+ *   <TD headers="primval example">  {@code (byte)4}</TD>
  *   <TD headers="primval mirrored"> {@link ByteValue}</TD>
  *   <TD headers="primval type">     {@link ByteType}</TD>
  * <TR>
  *   <TD headers="primval kind">     a char</TD>
- *   <TD headers="primval example">  <CODE>'a'</CODE></TD>
+ *   <TD headers="primval example">  {@code 'a'}</TD>
  *   <TD headers="primval mirrored"> {@link CharValue}</TD>
  *   <TD headers="primval type">     {@link CharType}</TD>
  * <TR>
  *   <TD headers="primval kind">     a double</TD>
- *   <TD headers="primval example">  <CODE>3.1415926</CODE></TD>
+ *   <TD headers="primval example">  {@code 3.1415926}</TD>
  *   <TD headers="primval mirrored"> {@link DoubleValue}</TD>
  *   <TD headers="primval type">     {@link DoubleType}</TD>
  * <TR>
  *   <TD headers="primval kind">     a float</TD>
- *   <TD headers="primval example">  <CODE>2.5f</CODE></TD>
+ *   <TD headers="primval example">  {@code 2.5f}</TD>
  *   <TD headers="primval mirrored"> {@link FloatValue}</TD>
  *   <TD headers="primval type">     {@link FloatType}</TD>
  * <TR>
  *   <TD headers="primval kind">     an int</TD>
- *   <TD headers="primval example">  <CODE>22</CODE></TD>
+ *   <TD headers="primval example">  {@code 22}</TD>
  *   <TD headers="primval mirrored"> {@link IntegerValue}</TD>
  *   <TD headers="primval type">     {@link IntegerType}</TD>
  * <TR>
  *   <TD headers="primval kind">     a long</TD>
- *   <TD headers="primval example">  <CODE>1024L</CODE></TD>
+ *   <TD headers="primval example">  {@code 1024L}</TD>
  *   <TD headers="primval mirrored"> {@link LongValue}</TD>
  *   <TD headers="primval type">     {@link LongType}</TD>
  * <TR>
  *   <TD headers="primval kind">     a short</TD>
- *   <TD headers="primval example">  <CODE>(short)12</CODE></TD>
+ *   <TD headers="primval example">  {@code (short)12}</TD>
  *   <TD headers="primval mirrored"> {@link ShortValue}</TD>
  *   <TD headers="primval type">     {@link ShortType}</TD>
  * <TR>
  *   <TD headers="primval kind">     a void</TD>
- *   <TD headers="primval example">  <CODE>&nbsp;</CODE></TD>
+ *   <TD headers="primval example">  </TD>
  *   <TD headers="primval mirrored"> {@link VoidValue}</TD>
  *   <TD headers="primval type">     {@link VoidType}</TD>
  * <TR BGCOLOR="#EEEEFF">
@@ -115,50 +115,50 @@
  *   <TH id="type2"     align="left">{@link Type} of value<br>{@link #type() Value.type()}</TH>
  * <TR>
  *   <TD headers="objref kind2">     a class instance</TD>
- *   <TD headers="objref example2">  <CODE>this</CODE></TD>
+ *   <TD headers="objref example2">  {@code this}</TD>
  *   <TD headers="objref mirrored2"> {@link ObjectReference}</TD>
  *   <TD headers="objref type2">     {@link ClassType}</TD>
  * <TR>
  *   <TD headers="objref kind2">     an array</TD>
- *   <TD headers="objref example2">  <CODE>new int[5]</CODE></TD>
+ *   <TD headers="objref example2">  {@code new int[5]}</TD>
  *   <TD headers="objref mirrored2"> {@link ArrayReference}</TD>
  *   <TD headers="objref type2">     {@link ArrayType}</TD>
  * <TR>
  *   <TD headers="objref kind2">     a string</TD>
- *   <TD headers="objref example2">  <CODE>"hello"</CODE></TD>
+ *   <TD headers="objref example2">  {@code "hello"}</TD>
  *   <TD headers="objref mirrored2"> {@link StringReference}</TD>
  *   <TD headers="objref type2">     {@link ClassType}</TD>
  * <TR>
  *   <TD headers="objref kind2">     a thread</TD>
- *   <TD headers="objref example2">  <CODE>Thread.currentThread()</CODE></TD>
+ *   <TD headers="objref example2">  {@code Thread.currentThread()}</TD>
  *   <TD headers="objref mirrored2"> {@link ThreadReference}</TD>
  *   <TD headers="objref type2">     {@link ClassType}</TD>
  * <TR>
  *   <TD headers="objref kind2">     a thread group</TD>
- *   <TD headers="objref example2">  <CODE>Thread.currentThread()<br>&nbsp;&nbsp;.getThreadGroup()</CODE></TD>
+ *   <TD headers="objref example2">  {@code Thread.currentThread()}<br>&nbsp;&nbsp;{@code .getThreadGroup()}</TD>
  *   <TD headers="objref mirrored2"> {@link ThreadGroupReference}</TD>
  *   <TD headers="objref type2">     {@link ClassType}</TD>
  * <TR>
- *   <TD headers="objref kind2">     a <CODE>java.lang.Class</CODE><br>instance</TD>
- *   <TD headers="objref example2">  <CODE>this.getClass()</CODE></TD>
+ *   <TD headers="objref kind2">     a {@code java.lang.Class}<br>instance</TD>
+ *   <TD headers="objref example2">  {@code this.getClass()}</TD>
  *   <TD headers="objref mirrored2"> {@link ClassObjectReference}</TD>
  *   <TD headers="objref type2">     {@link ClassType}</TD>
  * <TR>
  *   <TD headers="objref kind2">     a class loader</TD>
- *   <TD headers="objref example2">  <CODE>this.getClass()<br>&nbsp;&nbsp;.getClassLoader() </CODE></TD>
+ *   <TD headers="objref example2">  {@code this.getClass()}<br>&nbsp;&nbsp;{@code .getClassLoader()}</TD>
  *   <TD headers="objref mirrored2"> {@link ClassLoaderReference}</TD>
  *   <TD headers="objref type2">     {@link ClassType}</TD>
  * <TR BGCOLOR="#EEEEFF">
  *   <TH id="other" colspan=4>Other</TH>
  * <TR BGCOLOR="#EEEEFF">
- *   <TH id="kind3"     align="left">Kind of value</TD>
- *   <TH id="example3"  align="left">For example -<br>expression in target</TD>
- *   <TH id="mirrored3" align="left">Is mirrored as</TD>
- *   <TH id="type3"     align="left">{@link Type} of value</TD>
+ *   <TD id="kind3"     align="left">Kind of value</TD>
+ *   <TD id="example3"  align="left">For example -<br>expression in target</TD>
+ *   <TD id="mirrored3" align="left">Is mirrored as</TD>
+ *   <TD id="type3"     align="left">{@link Type} of value</TD>
  * <TR>
  *   <TD headers="other kind3">     null</TD>
- *   <TD headers="other example3">  <CODE>null</CODE></TD>
- *   <TD headers="other mirrored3"> <CODE>null</CODE></TD>
+ *   <TD headers="other example3">  {@code null}</TD>
+ *   <TD headers="other mirrored3"> {@code null}</TD>
  *   <TD headers="other type3">     n/a</TD>
  * </TABLE>
  *
--- a/jdk/src/jdk.jdi/share/classes/com/sun/jdi/VirtualMachineManager.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.jdi/share/classes/com/sun/jdi/VirtualMachineManager.java	Thu Apr 30 17:20:49 2015 -0700
@@ -50,7 +50,7 @@
  * examples use the command line syntax in Sun's implementation.
  * Some {@link com.sun.jdi.connect.Connector} implementations may require slightly
  * different handling than presented below.
- * <p>
+ *
  * <TABLE BORDER WIDTH="75%" SUMMARY="Four scenarios for connecting a debugger
  *  to a virtual machine">
  * <TR>
@@ -85,7 +85,7 @@
  * <UL>
  * <LI>
  * Target VM is launched using the options
- * <code>-agentlib:jdwp=transport=xxx,server=y</code>
+ * {@code -agentlib:jdwp=transport=xxx,server=y}
  * </LI>
  * <LI>
  * Target VM generates and outputs the tranport-specific address at which it will
@@ -110,6 +110,7 @@
  * <TR>
  * <TD>Target VM attaches to previously-running debugger</TD>
  * <TD>
+ * <UL>
  * <LI>
  * At startup, debugger selects one or more connectors from
  * the list returned by {@link #listeningConnectors} for one or more
@@ -126,7 +127,7 @@
  * a target VM to connect.</LI>
  * <LI>
  * Later, target VM is launched by end user with the options
- * <code>-agentlib:jdwp=transport=xxx,address=yyy</code>
+ * {@code -agentlib:jdwp=transport=xxx,address=yyy}
  * where "xxx" the transport for one of the connectors selected by the
  * the debugger and "yyy"
  * is the address generated by
@@ -135,15 +136,17 @@
  * <LI>
  * Debugger's call to {@link com.sun.jdi.connect.ListeningConnector#accept(java.util.Map)} returns
  * a {@link VirtualMachine} mirror.</LI>
+ * </UL>
  * </TD>
  * </TR>
  *
  * <TR>
  * <TD>Target VM launches debugger (sometimes called "Just-In-Time" debugging)</TD>
  * <TD>
+ * <UL>
  * <LI>
  * Target VM is launched with the options
- * <code>-agentlib:jdwp=launch=cmdline,onuncaught=y,transport=xxx,server=y</code>
+ * {@code -agentlib:jdwp=launch=cmdline,onuncaught=y,transport=xxx,server=y}
  * </LI>
  * <LI>
  * Later, an uncaught exception is thrown in the target VM. The target
@@ -171,6 +174,7 @@
  * {@link com.sun.jdi.connect.AttachingConnector#attach(java.util.Map)} method
  * of the selected to attach to the target VM. A {@link VirtualMachine}
  * mirror is returned.
+ * </UL>
  * </TD>
  * </TR>
  * </TABLE>
@@ -380,7 +384,7 @@
       * a virtual machine mirror when a connection is established
       * to a target VM. Only developers creating new Connector
       * implementations should need to make direct use of this
-      * method. </p>
+      * method.
       *
       * @param  connection
       *         The open connection to the target VM.
@@ -415,7 +419,7 @@
       * a virtual machine mirror when a connection is established
       * to a target VM. Only developers creating new Connector
       * implementations should need to make direct use of this
-      * method. </p>
+      * method.
       *
       * @return the new virtual machine
       *
--- a/jdk/src/jdk.jdi/share/classes/com/sun/jdi/connect/spi/Connection.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.jdi/share/classes/com/sun/jdi/connect/spi/Connection.java	Thu Apr 30 17:20:49 2015 -0700
@@ -51,7 +51,7 @@
  *
  * <p> A Connection is safe for access by multiple concurrent threads,
  * although at most one thread may be reading and at most one thread may
- * be writing at any given time. </p>
+ * be writing at any given time.
  *
  * @since 1.5
  */
@@ -70,18 +70,18 @@
      *
      * <p> Reading a packet does not do any integrity checking on
      * the packet aside from a check that the length of the packet
-     * (as indicated by the value of the <tt>length</tt> field, the
+     * (as indicated by the value of the {@code length} field, the
      * first four bytes of the packet) is 11 or more bytes.
-     * If the value of the <tt>length</tt> value is less then 11
-     * then an <tt>IOException</tt> is thrown.
+     * If the value of the {@code length} value is less then 11
+     * then an {@code IOException} is thrown.
      *
      * <p> Returns a byte array of a length equal to the length
      * of the received packet, or a byte array of length 0 when an
      * end of stream is encountered. If end of stream is encountered
      * after some, but not all bytes of a packet, are read then it
-     * is considered an I/O error and an <tt>IOException</tt> is
+     * is considered an I/O error and an {@code IOException} is
      * thrown. The first byte of the packet is stored in element
-     * <tt>0</tt> of the byte array, the second in element <tt>1</tt>,
+     * {@code 0} of the byte array, the second in element {@code 1},
      * and so on. The bytes in the byte array are laid out as per the
      * <a href="../../../../../../../../../technotes/guides/jpda/jdwp-spec.html">
      * JDWP specification</a>. That is, all fields in the packet
@@ -90,7 +90,7 @@
      * <p> This method may be invoked at any time.  If another thread has
      * already initiated a {@link #readPacket readPacket} on this
      * connection then the invocation of this method will block until the
-     * first operation is complete. </p>
+     * first operation is complete.
      *
      * @return  the packet read from the target VM
      *
@@ -123,21 +123,21 @@
      * href="../../../../../../../../../technotes/guides/jpda/jdwp-spec.html">
      * JDWP specification</a>. That is, all fields in the packet
      * are in big endian order. The first byte, that is element
-     * <tt>pkt[0]</tt>, is the first byte of the <tt>length</tt> field.
-     * <tt>pkt[1]</tt> is the second byte of the <tt>length</tt> field,
+     * {@code pkt[0]}, is the first byte of the {@code length} field.
+     * {@code pkt[1]} is the second byte of the {@code length} field,
      * and so on.
      *
      * <p> Writing a packet does not do any integrity checking on
      * the packet aside from checking the packet length. Checking
      * the packet length requires checking that the value of the
-     * <tt>length</tt> field (as indicated by the first four bytes
+     * {@code length} field (as indicated by the first four bytes
      * of the packet) is 11 or greater. Consequently the length of
      * the byte array provided to this method, that is
-     * <tt>pkt.length</tt>, must be 11 or more, and must be equal
-     * or greater than the value of the <tt>length</tt> field. If the
+     * {@code pkt.length}, must be 11 or more, and must be equal
+     * or greater than the value of the {@code length} field. If the
      * length of the byte array is greater than the value of
-     * the <tt>length</tt> field then all bytes from element
-     * <tt>pkt[length]</tt> onwards are ignored. In other words,
+     * the {@code length} field then all bytes from element
+     * {@code pkt[length]} onwards are ignored. In other words,
      * any additional bytes that follow the packet in the byte
      * array are ignored and will not be transmitted to the target
      * VM.
@@ -152,7 +152,7 @@
      * <p> This method may be invoked at any time.  If another thread has
      * already initiated a write operation upon this Connection then
      * a subsequent invocation of this method will block until the first
-     * operation is complete. </p>
+     * operation is complete.
      *
      * @param   pkt
      *          The packet to write to the target VM.
@@ -165,7 +165,7 @@
      *          If an I/O error occurs.
      *
      * @throws  IllegalArgumentException
-     *          If the value of the <tt>length</tt> field is invalid,
+     *          If the value of the {@code length} field is invalid,
      *          or the byte array is of insufficient length.
      */
     public abstract void writePacket(byte pkt[]) throws IOException;
@@ -185,7 +185,7 @@
      * <p> This method may be invoked at any time.  If some other thread has
      * already invoked it, however, then another invocation will block until
      * the first invocation is complete, after which it will return without
-     * effect. </p>
+     * effect.
      *
      * @throws  java.io.IOException
      *          If an I/O error occurs
@@ -193,9 +193,9 @@
     public abstract void close() throws IOException;
 
     /**
-     * Tells whether or not this connection is open.  </p>
+     * Tells whether or not this connection is open.
      *
-     * @return <tt>true</tt> if, and only if, this connection is open
+     * @return {@code true} if and only if this connection is open
      */
     public abstract boolean isOpen();
 }
--- a/jdk/src/jdk.jdi/share/classes/com/sun/jdi/doc-files/signature.html	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.jdi/share/classes/com/sun/jdi/doc-files/signature.html	Thu Apr 30 17:20:49 2015 -0700
@@ -7,7 +7,7 @@
 <BODY BGCOLOR="white">
 <dl><dd>
 <Table Border="0">
-<caption><h2>JDI Type Signatures</h2></caption>
+<caption><font size=5><b>JDI Type Signatures</b></font></caption>
 <tr><th>Type Signature
 <th>Java Type
 <tr><td>Z<td>boolean
@@ -31,9 +31,9 @@
 </Table>
 </dd></dl>
 <p>For example, the Java method:
-<p><pre>    long f (int n, String s, int[] arr);
+<pre>    long f (int n, String s, int[] arr);
 </pre>has the following type signature:
-<p><pre>    (ILjava/lang/String;[I)J
+<pre>    (ILjava/lang/String;[I)J
 </pre>
 </BODY>
 </HTML>
--- a/jdk/src/jdk.jdi/share/classes/com/sun/jdi/event/EventSet.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.jdi/share/classes/com/sun/jdi/event/EventSet.java	Thu Apr 30 17:20:49 2015 -0700
@@ -51,7 +51,6 @@
  * <P>
  * The events that are grouped in an EventSet are restricted in the
  * following ways:
- * <P>
  * <UL>
  * <LI>Always singleton sets:
  *     <UL>
--- a/jdk/src/jdk.jdi/share/classes/com/sun/jdi/event/MonitorContendedEnterEvent.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.jdi/share/classes/com/sun/jdi/event/MonitorContendedEnterEvent.java	Thu Apr 30 17:20:49 2015 -0700
@@ -29,9 +29,8 @@
 
 /**
  *
- *  Notification that a thread in the target VM is attempting
- *  to enter a monitor that is already acquired by another thread.
- * <P>
+ * Notification that a thread in the target VM is attempting
+ * to enter a monitor that is already acquired by another thread.
  *
  * @see EventQueue
  * @see MonitorContendedEnteredEvent
@@ -45,7 +44,6 @@
 
     /**
      * Returns the thread in which this event has occurred.
-     * <p>
      *
      * @return a {@link ThreadReference} which mirrors the event's thread in
      * the target VM.
--- a/jdk/src/jdk.jdi/share/classes/com/sun/jdi/event/MonitorContendedEnteredEvent.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.jdi/share/classes/com/sun/jdi/event/MonitorContendedEnteredEvent.java	Thu Apr 30 17:20:49 2015 -0700
@@ -31,7 +31,6 @@
  *
  *  Notification that a thread in the target VM is entering a monitor
  *  after waiting for it to be released by another thread.
- * <P>
  *
  * @see EventQueue
  * @see MonitorContendedEnterEvent
@@ -44,7 +43,6 @@
 
     /**
      * Returns the thread in which this event has occurred.
-     * <p>
      *
      * @return a {@link ThreadReference} which mirrors the event's thread in
      * the target VM.
--- a/jdk/src/jdk.jdi/share/classes/com/sun/jdi/event/MonitorWaitEvent.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.jdi/share/classes/com/sun/jdi/event/MonitorWaitEvent.java	Thu Apr 30 17:20:49 2015 -0700
@@ -30,7 +30,6 @@
 /**
  * Notification that a thread in the target VM is about to
  * wait on a monitor object.
- * <P>
  *
  * @see EventQueue
  * @see MonitorWaitedEvent
@@ -43,7 +42,6 @@
 
     /**
      * Returns the thread in which monitor wait event has occurred.
-     * <p>
      *
      * @return a {@link ThreadReference} which mirrors the event's thread in
      * the target VM.
@@ -60,7 +58,7 @@
     /**
      * Returns the number of millisecond the thread will wait.
      *
-     * @return a <code>jlong</code> containing monitor wait time in milliseconds.
+     * @return a {@code jlong} containing monitor wait time in milliseconds.
      */
     public long  timeout();
 }
--- a/jdk/src/jdk.jdi/share/classes/com/sun/jdi/event/MonitorWaitedEvent.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.jdi/share/classes/com/sun/jdi/event/MonitorWaitedEvent.java	Thu Apr 30 17:20:49 2015 -0700
@@ -30,7 +30,6 @@
 /**
  * Notification that a thread in the target VM has finished
  * waiting on an monitor object.
- * <P>
  *
  * @see EventQueue
  * @see MonitorWaitEvent
@@ -43,7 +42,6 @@
 
     /**
      * Returns the thread in which this event has occurred.
-     * <p>
      *
      * @return a {@link ThreadReference} which mirrors the event's thread in
      * the target VM.
@@ -60,7 +58,7 @@
     /**
      * Returns whether the wait has timed out or been interrupted.
      *
-     * @return <code>true</code> if the wait is timed out.
+     * @return {@code true} if the wait is timed out.
      */
     public boolean  timedout();
 
--- a/jdk/src/jdk.jdi/share/classes/com/sun/jdi/request/EventRequest.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.jdi/share/classes/com/sun/jdi/request/EventRequest.java	Thu Apr 30 17:20:49 2015 -0700
@@ -61,14 +61,14 @@
  * Filters can dramatically improve debugger performance by reducing the
  * amount of event traffic sent from the target VM to the debugger VM.
  * <p>
- * Any method on <code>EventRequest</code> which
- * takes <code>EventRequest</code> as an parameter may throw
+ * Any method on {@code EventRequest} which
+ * takes {@code EventRequest} as an parameter may throw
  * {@link com.sun.jdi.VMDisconnectedException} if the target VM is
  * disconnected and the {@link com.sun.jdi.event.VMDisconnectEvent} has been or is
  * available to be read from the {@link com.sun.jdi.event.EventQueue}.
  * <p>
- * Any method on <code>EventRequest</code> which
- * takes <code>EventRequest</code> as an parameter may throw
+ * Any method on {@code EventRequest} which
+ * takes {@code EventRequest} as an parameter may throw
  * {@link com.sun.jdi.VMOutOfMemoryException} if the target VM has run out of memory.
  *
  * @see com.sun.jdi.event.BreakpointEvent
@@ -84,8 +84,8 @@
     /**
      * Determines if this event request is currently enabled.
      *
-     * @return <code>true</code> if enabled;
-     * <code>false</code> otherwise.
+     * @return {@code true} if enabled;
+     * {@code false} otherwise.
      */
     boolean isEnabled();
 
@@ -97,18 +97,18 @@
      * and are included in event request lists such as
      * {@link EventRequestManager#breakpointRequests()}.
      *
-     * @param val <code>true</code> if the event request is to be enabled;
-     * <code>false</code> otherwise.
+     * @param val {@code true} if the event request is to be enabled;
+     * {@code false} otherwise.
      * @throws InvalidRequestStateException if this request
      * has been deleted.
      * @throws IllegalThreadStateException if this is a StepRequest,
-     * <code>val</code> is <code>true</code>, and the
+     * {@code val} is {@code true}, and the
      * thread named in the request has died or is not yet started.
      */
     void setEnabled(boolean val);
 
     /**
-     * Same as {@link #setEnabled <CODE>setEnabled(true)</CODE>}.
+     * Same as {@link #setEnabled setEnabled(true)}.
      * @throws InvalidRequestStateException if this request
      * has been deleted.
      * @throws IllegalThreadStateException if this is a StepRequest
@@ -117,7 +117,7 @@
     void enable();
 
     /**
-     * Same as {@link #setEnabled <CODE>setEnabled(false)</CODE>}.
+     * Same as {@link #setEnabled setEnabled(false)}.
      * @throws InvalidRequestStateException if this request
      * has been deleted.
      */
@@ -126,7 +126,7 @@
     /**
      * Limit the requested event to be reported at most once after a
      * given number of occurrences.  The event is not reported
-     * the first <code>count - 1</code> times this filter is reached.
+     * the first {@code count - 1} times this filter is reached.
      * To request a one-off event, call this method with a count of 1.
      * <p>
      * Once the count reaches 0, any subsequent filters in this request
@@ -139,7 +139,7 @@
      * @throws InvalidRequestStateException if this request is currently
      * enabled or has been deleted.
      * Filters may be added only to disabled requests.
-     * @throws IllegalArgumentException if <CODE>count</CODE>
+     * @throws IllegalArgumentException if {@code count}
      * is less than one.
      */
     void addCountFilter(int count);
@@ -189,7 +189,7 @@
      * These client-set properties are not used internally
      * by the JDI.
      * <p>
-     * The <code>get/putProperty</code> methods provide access to
+     * The {@code get/putProperty} methods provide access to
      * a small per-instance map. This is <b>not</b> to be confused
      * with {@link java.util.Properties}.
      * <p>
--- a/jdk/src/jdk.jdi/share/classes/com/sun/jdi/request/EventRequestManager.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.jdi/share/classes/com/sun/jdi/request/EventRequestManager.java	Thu Apr 30 17:20:49 2015 -0700
@@ -217,20 +217,20 @@
      * activate this event request.
      * <p>
      * The returned request will control stepping only in the specified
-     * <code>thread</code>; all other threads will be unaffected.
-     * A <code>size</code>value of {@link com.sun.jdi.request.StepRequest#STEP_MIN} will generate a
+     * {@code thread}; all other threads will be unaffected.
+     * A {@code size} value of {@link com.sun.jdi.request.StepRequest#STEP_MIN} will generate a
      * step event each time the code index changes. It represents the
      * smallest step size available and often maps to the instruction
      * level.
-     * A <code>size</code> value of {@link com.sun.jdi.request.StepRequest#STEP_LINE} will generate a
+     * A {@code size} value of {@link com.sun.jdi.request.StepRequest#STEP_LINE} will generate a
      * step event each time the source line changes unless line number information is not available,
      * in which case a STEP_MIN will be done instead.  For example, no line number information is
      * available during the execution of a method that has been rendered obsolete by
      * by a {@link com.sun.jdi.VirtualMachine#redefineClasses} operation.
-     * A <code>depth</code> value of {@link com.sun.jdi.request.StepRequest#STEP_INTO} will generate
-     * step events in any called methods.  A <code>depth</code> value
+     * A {@code depth} value of {@link com.sun.jdi.request.StepRequest#STEP_INTO} will generate
+     * step events in any called methods.  A {@code depth} value
      * of {@link com.sun.jdi.request.StepRequest#STEP_OVER} restricts step events to the current frame
-     * or caller frames. A <code>depth</code> value of {@link com.sun.jdi.request.StepRequest#STEP_OUT}
+     * or caller frames. A {@code depth} value of {@link com.sun.jdi.request.StepRequest#STEP_OUT}
      * restricts step events to caller frames only. All depth
      * restrictions are relative to the call stack immediately before the
      * step takes place.
@@ -240,8 +240,7 @@
      * Note that a typical debugger will want to cancel stepping
      * after the first step is detected.  Thus a next line method
      * would do the following:
-     * <code>
-     * <pre>
+     * <pre>{@code
      *     EventRequestManager mgr = myVM.{@link VirtualMachine#eventRequestManager eventRequestManager}();
      *     StepRequest request = mgr.createStepRequest(myThread,
      *                                                 StepRequest.{@link StepRequest#STEP_LINE STEP_LINE},
@@ -249,8 +248,7 @@
      *     request.{@link EventRequest#addCountFilter addCountFilter}(1);  // next step only
      *     request.enable();
      *     myVM.{@link VirtualMachine#resume resume}();
-     * </pre>
-     * </code>
+     * }</pre>
      *
      * @param thread the thread in which to step
      * @param depth the step depth
--- a/jdk/src/jdk.jdi/share/classes/jdi-overview.html	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.jdi/share/classes/jdi-overview.html	Thu Apr 30 17:20:49 2015 -0700
@@ -49,7 +49,6 @@
             Any method which takes a {@link java.lang.Object} as an parameter will throw
             {@link java.lang.NullPointerException} if null is passed directly or indirectly
             -- unless null is explicitly mentioned as a valid parameter.
-        <p>
     </blockquote>
      NOTE: The exceptions below may be thrown whenever the specified
      conditions are met but a guarantee that they are thrown only
--- a/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/NTDomainPrincipal.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/NTDomainPrincipal.java	Thu Apr 30 17:20:49 2015 -0700
@@ -28,19 +28,19 @@
 import java.security.Principal;
 
 /**
- * <p> This class implements the <code>Principal</code> interface
+ * This class implements the {@code Principal} interface
  * and represents the name of the Windows NT domain into which the
  * user authenticated.  This will be a domain name if the user logged
  * into a Windows NT domain, a workgroup name if the user logged into
  * a workgroup, or a machine name if the user logged into a standalone
  * configuration.
  *
- * <p> Principals such as this <code>NTDomainPrincipal</code>
- * may be associated with a particular <code>Subject</code>
- * to augment that <code>Subject</code> with an additional
- * identity.  Refer to the <code>Subject</code> class for more information
+ * <p> Principals such as this {@code NTDomainPrincipal}
+ * may be associated with a particular {@code Subject}
+ * to augment that {@code Subject} with an additional
+ * identity.  Refer to the {@code Subject} class for more information
  * on how to achieve this.  Authorization decisions can then be based upon
- * the Principals associated with a <code>Subject</code>.
+ * the Principals associated with a {@code Subject}.
  *
  * @see java.security.Principal
  * @see javax.security.auth.Subject
@@ -56,14 +56,12 @@
     private String name;
 
     /**
-     * Create an <code>NTDomainPrincipal</code> with a Windows NT domain name.
-     *
-     * <p>
+     * Create an {@code NTDomainPrincipal} with a Windows NT domain name.
      *
-     * @param name the Windows NT domain name for this user. <p>
+     * @param name the Windows NT domain name for this user.
      *
-     * @exception NullPointerException if the <code>name</code>
-     *                  is <code>null</code>.
+     * @exception NullPointerException if the {@code name}
+     *                  is {@code null}.
      */
     public NTDomainPrincipal(String name) {
         if (name == null) {
@@ -79,23 +77,19 @@
 
     /**
      * Return the Windows NT domain name for this
-     * <code>NTDomainPrincipal</code>.
-     *
-     * <p>
+     * {@code NTDomainPrincipal}.
      *
      * @return the Windows NT domain name for this
-     *                  <code>NTDomainPrincipal</code>
+     *                  {@code NTDomainPrincipal}
      */
     public String getName() {
         return name;
     }
 
     /**
-     * Return a string representation of this <code>NTDomainPrincipal</code>.
+     * Return a string representation of this {@code NTDomainPrincipal}.
      *
-     * <p>
-     *
-     * @return a string representation of this <code>NTDomainPrincipal</code>.
+     * @return a string representation of this {@code NTDomainPrincipal}.
      */
     public String toString() {
         java.text.MessageFormat form = new java.text.MessageFormat
@@ -107,18 +101,16 @@
     }
 
     /**
-     * Compares the specified Object with this <code>NTDomainPrincipal</code>
+     * Compares the specified Object with this {@code NTDomainPrincipal}
      * for equality.  Returns true if the given object is also a
-     * <code>NTDomainPrincipal</code> and the two NTDomainPrincipals
+     * {@code NTDomainPrincipal} and the two NTDomainPrincipals
      * have the same name.
      *
-     * <p>
-     *
      * @param o Object to be compared for equality with this
-     *          <code>NTDomainPrincipal</code>.
+     *          {@code NTDomainPrincipal}.
      *
      * @return true if the specified Object is equal to this
-     *          <code>NTDomainPrincipal</code>.
+     *          {@code NTDomainPrincipal}.
      */
     public boolean equals(Object o) {
         if (o == null)
@@ -137,11 +129,9 @@
     }
 
     /**
-     * Return a hash code for this <code>NTDomainPrincipal</code>.
+     * Return a hash code for this {@code NTDomainPrincipal}.
      *
-     * <p>
-     *
-     * @return a hash code for this <code>NTDomainPrincipal</code>.
+     * @return a hash code for this {@code NTDomainPrincipal}.
      */
     public int hashCode() {
         return this.getName().hashCode();
--- a/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/NTNumericCredential.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/NTNumericCredential.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,9 +26,8 @@
 package com.sun.security.auth;
 
 /**
- * <p> This class abstracts an NT security token
+ * This class abstracts an NT security token
  * and provides a mechanism to do same-process security impersonation.
- *
  */
 
 @jdk.Exported
@@ -37,12 +36,9 @@
     private long impersonationToken;
 
     /**
-     * Create an <code>NTNumericCredential</code> with an integer value.
+     * Create an {@code NTNumericCredential} with an integer value.
      *
-     * <p>
-     *
-     * @param token the Windows NT security token for this user. <p>
-     *
+     * @param token the Windows NT security token for this user.
      */
     public NTNumericCredential(long token) {
         this.impersonationToken = token;
@@ -50,23 +46,19 @@
 
     /**
      * Return an integer representation of this
-     * <code>NTNumericCredential</code>.
-     *
-     * <p>
+     * {@code NTNumericCredential}.
      *
      * @return an integer representation of this
-     *          <code>NTNumericCredential</code>.
+     *          {@code NTNumericCredential}.
      */
     public long getToken() {
         return impersonationToken;
     }
 
     /**
-     * Return a string representation of this <code>NTNumericCredential</code>.
+     * Return a string representation of this {@code NTNumericCredential}.
      *
-     * <p>
-     *
-     * @return a string representation of this <code>NTNumericCredential</code>.
+     * @return a string representation of this {@code NTNumericCredential}.
      */
     public String toString() {
         java.text.MessageFormat form = new java.text.MessageFormat
@@ -78,18 +70,16 @@
     }
 
     /**
-     * Compares the specified Object with this <code>NTNumericCredential</code>
+     * Compares the specified Object with this {@code NTNumericCredential}
      * for equality.  Returns true if the given object is also a
-     * <code>NTNumericCredential</code> and the two NTNumericCredentials
+     * {@code NTNumericCredential} and the two NTNumericCredentials
      * represent the same NT security token.
      *
-     * <p>
-     *
      * @param o Object to be compared for equality with this
-     *          <code>NTNumericCredential</code>.
+     *          {@code NTNumericCredential}.
      *
      * @return true if the specified Object is equal to this
-     *          <code>NTNumericCredential</code>.
+     *          {@code NTNumericCredential}.
      */
     public boolean equals(Object o) {
         if (o == null)
@@ -108,11 +98,9 @@
     }
 
     /**
-     * Return a hash code for this <code>NTNumericCredential</code>.
+     * Return a hash code for this {@code NTNumericCredential}.
      *
-     * <p>
-     *
-     * @return a hash code for this <code>NTNumericCredential</code>.
+     * @return a hash code for this {@code NTNumericCredential}.
      */
     public int hashCode() {
         return (int)this.impersonationToken;
--- a/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/NTSid.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/NTSid.java	Thu Apr 30 17:20:49 2015 -0700
@@ -28,7 +28,7 @@
 import java.security.Principal;
 
 /**
- * <p> This class implements the <code>Principal</code> interface
+ * This class implements the {@code Principal} interface
  * and represents information about a Windows NT user, group or realm.
  *
  * <p> Windows NT chooses to represent users, groups and realms (or domains)
@@ -37,12 +37,12 @@
  * also provides services that render these SIDs into string forms.
  * This class represents these string forms.
  *
- * <p> Principals such as this <code>NTSid</code>
- * may be associated with a particular <code>Subject</code>
- * to augment that <code>Subject</code> with an additional
- * identity.  Refer to the <code>Subject</code> class for more information
+ * <p> Principals such as this {@code NTSid}
+ * may be associated with a particular {@code Subject}
+ * to augment that {@code Subject} with an additional
+ * identity.  Refer to the {@code Subject} class for more information
  * on how to achieve this.  Authorization decisions can then be based upon
- * the Principals associated with a <code>Subject</code>.
+ * the Principals associated with a {@code Subject}.
  *
  * @see java.security.Principal
  * @see javax.security.auth.Subject
@@ -58,16 +58,14 @@
     private String sid;
 
     /**
-     * Create an <code>NTSid</code> with a Windows NT SID.
+     * Create an {@code NTSid} with a Windows NT SID.
      *
-     * <p>
+     * @param stringSid the Windows NT SID.
      *
-     * @param stringSid the Windows NT SID. <p>
+     * @exception NullPointerException if the {@code String}
+     *                  is {@code null}.
      *
-     * @exception NullPointerException if the <code>String</code>
-     *                  is <code>null</code>.
-     *
-     * @exception IllegalArgumentException if the <code>String</code>
+     * @exception IllegalArgumentException if the {@code String}
      *                  has zero length.
      */
     public NTSid (String stringSid) {
@@ -89,22 +87,18 @@
     }
 
     /**
-     * Return a string version of this <code>NTSid</code>.
+     * Return a string version of this {@code NTSid}.
      *
-     * <p>
-     *
-     * @return a string version of this <code>NTSid</code>
+     * @return a string version of this {@code NTSid}
      */
     public String getName() {
         return sid;
     }
 
     /**
-     * Return a string representation of this <code>NTSid</code>.
+     * Return a string representation of this {@code NTSid}.
      *
-     * <p>
-     *
-     * @return a string representation of this <code>NTSid</code>.
+     * @return a string representation of this {@code NTSid}.
      */
     public String toString() {
         java.text.MessageFormat form = new java.text.MessageFormat
@@ -116,18 +110,16 @@
     }
 
     /**
-     * Compares the specified Object with this <code>NTSid</code>
+     * Compares the specified Object with this {@code NTSid}
      * for equality.  Returns true if the given object is also a
-     * <code>NTSid</code> and the two NTSids have the same String
+     * {@code NTSid} and the two NTSids have the same String
      * representation.
      *
-     * <p>
-     *
      * @param o Object to be compared for equality with this
-     *          <code>NTSid</code>.
+     *          {@code NTSid}.
      *
      * @return true if the specified Object is equal to this
-     *          <code>NTSid</code>.
+     *          {@code NTSid}.
      */
     public boolean equals(Object o) {
         if (o == null)
@@ -147,11 +139,9 @@
     }
 
     /**
-     * Return a hash code for this <code>NTSid</code>.
+     * Return a hash code for this {@code NTSid}.
      *
-     * <p>
-     *
-     * @return a hash code for this <code>NTSid</code>.
+     * @return a hash code for this {@code NTSid}.
      */
     public int hashCode() {
         return sid.hashCode();
--- a/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/NTSidDomainPrincipal.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/NTSidDomainPrincipal.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,19 +26,19 @@
 package com.sun.security.auth;
 
 /**
- * <p> This class extends <code>NTSid</code>
+ * This class extends {@code NTSid}
  * and represents a Windows NT user's domain SID.
  *
  * <p> An NT user only has a domain SID if in fact they are logged
  * into an NT domain.  If the user is logged into a workgroup or
  * just a standalone configuration, they will NOT have a domain SID.
  *
- * <p> Principals such as this <code>NTSidDomainPrincipal</code>
- * may be associated with a particular <code>Subject</code>
- * to augment that <code>Subject</code> with an additional
- * identity.  Refer to the <code>Subject</code> class for more information
+ * <p> Principals such as this {@code NTSidDomainPrincipal}
+ * may be associated with a particular {@code Subject}
+ * to augment that {@code Subject} with an additional
+ * identity.  Refer to the {@code Subject} class for more information
  * on how to achieve this.  Authorization decisions can then be based upon
- * the Principals associated with a <code>Subject</code>.
+ * the Principals associated with a {@code Subject}.
  *
  * @see java.security.Principal
  * @see javax.security.auth.Subject
@@ -49,27 +49,23 @@
     private static final long serialVersionUID = 5247810785821650912L;
 
     /**
-     * Create an <code>NTSidDomainPrincipal</code> with a Windows NT SID.
-     *
-     * <p>
+     * Create an {@code NTSidDomainPrincipal} with a Windows NT SID.
      *
      * @param name a string version of the Windows NT SID for this
-     *                  user's domain.<p>
+     *                  user's domain.
      *
-     * @exception NullPointerException if the <code>name</code>
-     *                  is <code>null</code>.
+     * @exception NullPointerException if the {@code name}
+     *                  is {@code null}.
      */
     public NTSidDomainPrincipal(String name) {
         super(name);
     }
 
     /**
-     * Return a string representation of this <code>NTSidDomainPrincipal</code>.
-     *
-     * <p>
+     * Return a string representation of this {@code NTSidDomainPrincipal}.
      *
      * @return a string representation of this
-     *          <code>NTSidDomainPrincipal</code>.
+     *          {@code NTSidDomainPrincipal}.
      */
     public String toString() {
         java.text.MessageFormat form = new java.text.MessageFormat
@@ -81,18 +77,16 @@
     }
 
     /**
-     * Compares the specified Object with this <code>NTSidDomainPrincipal</code>
+     * Compares the specified Object with this {@code NTSidDomainPrincipal}
      * for equality.  Returns true if the given object is also a
-     * <code>NTSidDomainPrincipal</code> and the two NTSidDomainPrincipals
+     * {@code NTSidDomainPrincipal} and the two NTSidDomainPrincipals
      * have the same SID.
      *
-     * <p>
-     *
      * @param o Object to be compared for equality with this
-     *          <code>NTSidDomainPrincipal</code>.
+     *          {@code NTSidDomainPrincipal}.
      *
      * @return true if the specified Object is equal to this
-     *          <code>NTSidDomainPrincipal</code>.
+     *          {@code NTSidDomainPrincipal}.
      */
     public boolean equals(Object o) {
             if (o == null)
--- a/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/NTSidGroupPrincipal.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/NTSidGroupPrincipal.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,15 +26,15 @@
 package com.sun.security.auth;
 
 /**
- * <p> This class extends <code>NTSid</code>
+ * This class extends {@code NTSid}
  * and represents one of the groups to which a Windows NT user belongs.
  *
- * <p> Principals such as this <code>NTSidGroupPrincipal</code>
- * may be associated with a particular <code>Subject</code>
- * to augment that <code>Subject</code> with an additional
- * identity.  Refer to the <code>Subject</code> class for more information
+ * <p> Principals such as this {@code NTSidGroupPrincipal}
+ * may be associated with a particular {@code Subject}
+ * to augment that {@code Subject} with an additional
+ * identity.  Refer to the {@code Subject} class for more information
  * on how to achieve this.  Authorization decisions can then be based upon
- * the Principals associated with a <code>Subject</code>.
+ * the Principals associated with a {@code Subject}.
  *
  * @see java.security.Principal
  * @see javax.security.auth.Subject
@@ -46,25 +46,21 @@
     private static final long serialVersionUID = -1373347438636198229L;
 
     /**
-     * Create an <code>NTSidGroupPrincipal</code> with a Windows NT group name.
-     *
-     * <p>
+     * Create an {@code NTSidGroupPrincipal} with a Windows NT group name.
      *
-     * @param name the Windows NT group SID for this user. <p>
+     * @param name the Windows NT group SID for this user.
      *
-     * @exception NullPointerException if the <code>name</code>
-     *                  is <code>null</code>.
+     * @exception NullPointerException if the {@code name}
+     *                  is {@code null}.
      */
     public NTSidGroupPrincipal(String name) {
         super(name);
     }
 
     /**
-     * Return a string representation of this <code>NTSidGroupPrincipal</code>.
+     * Return a string representation of this {@code NTSidGroupPrincipal}.
      *
-     * <p>
-     *
-     * @return a string representation of this <code>NTSidGroupPrincipal</code>.
+     * @return a string representation of this {@code NTSidGroupPrincipal}.
      */
     public String toString() {
         java.text.MessageFormat form = new java.text.MessageFormat
@@ -76,18 +72,16 @@
     }
 
     /**
-     * Compares the specified Object with this <code>NTSidGroupPrincipal</code>
+     * Compares the specified Object with this {@code NTSidGroupPrincipal}
      * for equality.  Returns true if the given object is also a
-     * <code>NTSidGroupPrincipal</code> and the two NTSidGroupPrincipals
+     * {@code NTSidGroupPrincipal} and the two NTSidGroupPrincipals
      * have the same SID.
      *
-     * <p>
-     *
      * @param o Object to be compared for equality with this
-     *          <code>NTSidGroupPrincipal</code>.
+     *          {@code NTSidGroupPrincipal}.
      *
      * @return true if the specified Object is equal to this
-     *          <code>NTSidGroupPrincipal</code>.
+     *          {@code NTSidGroupPrincipal}.
      */
     public boolean equals(Object o) {
             if (o == null)
--- a/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/NTSidPrimaryGroupPrincipal.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/NTSidPrimaryGroupPrincipal.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,15 +26,15 @@
 package com.sun.security.auth;
 
 /**
- * <p> This class extends <code>NTSid</code>
+ * This class extends {@code NTSid}
  * and represents a Windows NT user's primary group SID.
  *
- * <p> Principals such as this <code>NTSidPrimaryGroupPrincipal</code>
- * may be associated with a particular <code>Subject</code>
- * to augment that <code>Subject</code> with an additional
- * identity.  Refer to the <code>Subject</code> class for more information
+ * <p> Principals such as this {@code NTSidPrimaryGroupPrincipal}
+ * may be associated with a particular {@code Subject}
+ * to augment that {@code Subject} with an additional
+ * identity.  Refer to the {@code Subject} class for more information
  * on how to achieve this.  Authorization decisions can then be based upon
- * the Principals associated with a <code>Subject</code>.
+ * the Principals associated with a {@code Subject}.
  *
  * @see java.security.Principal
  * @see javax.security.auth.Subject
@@ -45,15 +45,13 @@
     private static final long serialVersionUID = 8011978367305190527L;
 
     /**
-     * Create an <code>NTSidPrimaryGroupPrincipal</code> with a Windows NT
+     * Create an {@code NTSidPrimaryGroupPrincipal} with a Windows NT
      * group SID.
      *
-     * <p>
+     * @param name the primary Windows NT group SID for this user.
      *
-     * @param name the primary Windows NT group SID for this user. <p>
-     *
-     * @exception NullPointerException if the <code>name</code>
-     *            is <code>null</code>.
+     * @exception NullPointerException if the {@code name}
+     *            is {@code null}.
      */
     public NTSidPrimaryGroupPrincipal(String name) {
         super(name);
@@ -61,12 +59,10 @@
 
     /**
      * Return a string representation of this
-     * <code>NTSidPrimaryGroupPrincipal</code>.
-     *
-     * <p>
+     * {@code NTSidPrimaryGroupPrincipal}.
      *
      * @return a string representation of this
-     *          <code>NTSidPrimaryGroupPrincipal</code>.
+     *          {@code NTSidPrimaryGroupPrincipal}.
      */
     public String toString() {
         java.text.MessageFormat form = new java.text.MessageFormat
@@ -79,18 +75,16 @@
 
     /**
      * Compares the specified Object with this
-     * <code>NTSidPrimaryGroupPrincipal</code>
+     * {@code NTSidPrimaryGroupPrincipal}
      * for equality.  Returns true if the given object is also a
-     * <code>NTSidPrimaryGroupPrincipal</code> and the two
+     * {@code NTSidPrimaryGroupPrincipal} and the two
      * NTSidPrimaryGroupPrincipals have the same SID.
      *
-     * <p>
-     *
      * @param o Object to be compared for equality with this
-     *          <code>NTSidPrimaryGroupPrincipal</code>.
+     *          {@code NTSidPrimaryGroupPrincipal}.
      *
      * @return true if the specified Object is equal to this
-     *          <code>NTSidPrimaryGroupPrincipal</code>.
+     *          {@code NTSidPrimaryGroupPrincipal}.
      */
     public boolean equals(Object o) {
             if (o == null)
--- a/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/NTSidUserPrincipal.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/NTSidUserPrincipal.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,15 +26,15 @@
 package com.sun.security.auth;
 
 /**
- * <p> This class extends <code>NTSid</code>
+ * This class extends {@code NTSid}
  * and represents a Windows NT user's SID.
  *
- * <p> Principals such as this <code>NTSidUserPrincipal</code>
- * may be associated with a particular <code>Subject</code>
- * to augment that <code>Subject</code> with an additional
- * identity.  Refer to the <code>Subject</code> class for more information
+ * <p> Principals such as this {@code NTSidUserPrincipal}
+ * may be associated with a particular {@code Subject}
+ * to augment that {@code Subject} with an additional
+ * identity.  Refer to the {@code Subject} class for more information
  * on how to achieve this.  Authorization decisions can then be based upon
- * the Principals associated with a <code>Subject</code>.
+ * the Principals associated with a {@code Subject}.
  *
  * @see java.security.Principal
  * @see javax.security.auth.Subject
@@ -45,25 +45,21 @@
     private static final long serialVersionUID = -5573239889517749525L;
 
     /**
-     * Create an <code>NTSidUserPrincipal</code> with a Windows NT SID.
-     *
-     * <p>
+     * Create an {@code NTSidUserPrincipal} with a Windows NT SID.
      *
-     * @param name a string version of the Windows NT SID for this user.<p>
+     * @param name a string version of the Windows NT SID for this user.
      *
-     * @exception NullPointerException if the <code>name</code>
-     *                  is <code>null</code>.
+     * @exception NullPointerException if the {@code name}
+     *                  is {@code null}.
      */
     public NTSidUserPrincipal(String name) {
         super(name);
     }
 
     /**
-     * Return a string representation of this <code>NTSidUserPrincipal</code>.
+     * Return a string representation of this {@code NTSidUserPrincipal}.
      *
-     * <p>
-     *
-     * @return a string representation of this <code>NTSidUserPrincipal</code>.
+     * @return a string representation of this {@code NTSidUserPrincipal}.
      */
     public String toString() {
         java.text.MessageFormat form = new java.text.MessageFormat
@@ -75,18 +71,16 @@
     }
 
     /**
-     * Compares the specified Object with this <code>NTSidUserPrincipal</code>
+     * Compares the specified Object with this {@code NTSidUserPrincipal}
      * for equality.  Returns true if the given object is also a
-     * <code>NTSidUserPrincipal</code> and the two NTSidUserPrincipals
+     * {@code NTSidUserPrincipal} and the two NTSidUserPrincipals
      * have the same SID.
      *
-     * <p>
-     *
      * @param o Object to be compared for equality with this
-     *          <code>NTSidUserPrincipal</code>.
+     *          {@code NTSidUserPrincipal}.
      *
      * @return true if the specified Object is equal to this
-     *          <code>NTSidUserPrincipal</code>.
+     *          {@code NTSidUserPrincipal}.
      */
     public boolean equals(Object o) {
             if (o == null)
--- a/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/NTUserPrincipal.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/NTUserPrincipal.java	Thu Apr 30 17:20:49 2015 -0700
@@ -28,15 +28,15 @@
 import java.security.Principal;
 
 /**
- * <p> This class implements the <code>Principal</code> interface
+ * This class implements the {@code Principal} interface
  * and represents a Windows NT user.
  *
- * <p> Principals such as this <code>NTUserPrincipal</code>
- * may be associated with a particular <code>Subject</code>
- * to augment that <code>Subject</code> with an additional
- * identity.  Refer to the <code>Subject</code> class for more information
+ * <p> Principals such as this {@code NTUserPrincipal}
+ * may be associated with a particular {@code Subject}
+ * to augment that {@code Subject} with an additional
+ * identity.  Refer to the {@code Subject} class for more information
  * on how to achieve this.  Authorization decisions can then be based upon
- * the Principals associated with a <code>Subject</code>.
+ * the Principals associated with a {@code Subject}.
  *
  * @see java.security.Principal
  * @see javax.security.auth.Subject
@@ -52,14 +52,12 @@
     private String name;
 
     /**
-     * Create an <code>NTUserPrincipal</code> with a Windows NT username.
-     *
-     * <p>
+     * Create an {@code NTUserPrincipal} with a Windows NT username.
      *
-     * @param name the Windows NT username for this user. <p>
+     * @param name the Windows NT username for this user.
      *
-     * @exception NullPointerException if the <code>name</code>
-     *            is <code>null</code>.
+     * @exception NullPointerException if the {@code name}
+     *            is {@code null}.
      */
     public NTUserPrincipal(String name) {
         if (name == null) {
@@ -74,22 +72,18 @@
     }
 
     /**
-     * Return the Windows NT username for this <code>NTPrincipal</code>.
+     * Return the Windows NT username for this {@code NTPrincipal}.
      *
-     * <p>
-     *
-     * @return the Windows NT username for this <code>NTPrincipal</code>
+     * @return the Windows NT username for this {@code NTPrincipal}
      */
     public String getName() {
         return name;
     }
 
     /**
-     * Return a string representation of this <code>NTPrincipal</code>.
+     * Return a string representation of this {@code NTPrincipal}.
      *
-     * <p>
-     *
-     * @return a string representation of this <code>NTPrincipal</code>.
+     * @return a string representation of this {@code NTPrincipal}.
      */
     public String toString() {
         java.text.MessageFormat form = new java.text.MessageFormat
@@ -101,18 +95,16 @@
     }
 
     /**
-     * Compares the specified Object with this <code>NTUserPrincipal</code>
+     * Compares the specified Object with this {@code NTUserPrincipal}
      * for equality.  Returns true if the given object is also a
-     * <code>NTUserPrincipal</code> and the two NTUserPrincipals
+     * {@code NTUserPrincipal} and the two NTUserPrincipals
      * have the same name.
      *
-     * <p>
-     *
      * @param o Object to be compared for equality with this
-     *          <code>NTPrincipal</code>.
+     *          {@code NTPrincipal}.
      *
      * @return true if the specified Object is equal to this
-     *          <code>NTPrincipal</code>.
+     *          {@code NTPrincipal}.
      */
     public boolean equals(Object o) {
             if (o == null)
@@ -131,11 +123,9 @@
     }
 
     /**
-     * Return a hash code for this <code>NTUserPrincipal</code>.
+     * Return a hash code for this {@code NTUserPrincipal}.
      *
-     * <p>
-     *
-     * @return a hash code for this <code>NTUserPrincipal</code>.
+     * @return a hash code for this {@code NTUserPrincipal}.
      */
     public int hashCode() {
             return this.getName().hashCode();
--- a/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/PolicyFile.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/PolicyFile.java	Thu Apr 30 17:20:49 2015 -0700
@@ -31,25 +31,25 @@
 
 /**
  * This class represents a default implementation for
- * <code>javax.security.auth.Policy</code>.
+ * {@code javax.security.auth.Policy}.
  *
  * <p> This object stores the policy for entire Java runtime,
  * and is the amalgamation of multiple static policy
  * configurations that resides in files.
  * The algorithm for locating the policy file(s) and reading their
- * information into this <code>Policy</code> object is:
+ * information into this {@code Policy} object is:
  *
  * <ol>
  * <li>
  *   Loop through the security properties,
  *   <i>auth.policy.url.1</i>, <i>auth.policy.url.2</i>, ...,
  *   <i>auth.policy.url.X</i>".
- *   Each property value specifies a <code>URL</code> pointing to a
+ *   Each property value specifies a {@code URL} pointing to a
  *   policy file to be loaded.  Read in and load each policy.
  *
  * <li>
- *   The <code>java.lang.System</code> property <i>java.security.auth.policy</i>
- *   may also be set to a <code>URL</code> pointing to another policy file
+ *   The {@code java.lang.System} property <i>java.security.auth.policy</i>
+ *   may also be set to a {@code URL} pointing to another policy file
  *   (which is the case when a user uses the -D switch at runtime).
  *   If this property is defined, and its use is allowed by the
  *   security property file (the Security property,
@@ -83,35 +83,35 @@
  * doesn't matter and some are optional, as noted below).
  * Italicized items represent variable values.
  *
- * <p> A grant entry must begin with the word <code>grant</code>.
- * The <code>signedBy</code> and <code>codeBase</code>
+ * <p> A grant entry must begin with the word {@code grant}.
+ * The {@code signedBy} and {@code codeBase}
  * name/value pairs are optional.
  * If they are not present, then any signer (including unsigned code)
  * will match, and any codeBase will match.  Note that the
- * <code>principal</code> name/value pair is not optional.
- * This <code>Policy</code> implementation only permits
+ * {@code principal} name/value pair is not optional.
+ * This {@code Policy} implementation only permits
  * Principal-based grant entries.  Note that the <i>principalClass</i>
  * may be set to the wildcard value, *, which allows it to match
- * any <code>Principal</code> class.  In addition, the <i>principalName</i>
+ * any {@code Principal} class.  In addition, the <i>principalName</i>
  * may also be set to the wildcard value, *, allowing it to match
- * any <code>Principal</code> name.  When setting the <i>principalName</i>
+ * any {@code Principal} name.  When setting the <i>principalName</i>
  * to the *, do not surround the * with quotes.
  *
- * <p> A permission entry must begin with the word <code>permission</code>.
- * The word <code><i>Type</i></code> in the template above is
- * a specific permission type, such as <code>java.io.FilePermission</code>
- * or <code>java.lang.RuntimePermission</code>.
+ * <p> A permission entry must begin with the word {@code permission}.
+ * The word <i>{@code Type}</i> in the template above is
+ * a specific permission type, such as {@code java.io.FilePermission}
+ * or {@code java.lang.RuntimePermission}.
  *
  * <p> The "<i>action</i>" is required for
- * many permission types, such as <code>java.io.FilePermission</code>
+ * many permission types, such as {@code java.io.FilePermission}
  * (where it specifies what type of file access that is permitted).
  * It is not required for categories such as
- * <code>java.lang.RuntimePermission</code>
+ * {@code java.lang.RuntimePermission}
  * where it is not necessary - you either have the
- * permission specified by the <code>"<i>name</i>"</code>
+ * permission specified by the "<i>{@code name}</i>"
  * value following the type name or you don't.
  *
- * <p> The <code>signedBy</code> name/value pair for a permission entry
+ * <p> The {@code signedBy} name/value pair for a permission entry
  * is optional. If present, it indicates a signed permission. That is,
  * the permission class itself must be signed by the given alias in
  * order for it to be granted. For example,
@@ -124,18 +124,18 @@
  * </pre>
  *
  * <p> Then this permission of type <i>Foo</i> is granted if the
- * <code>Foo.class</code> permission has been signed by the
- * "FooSoft" alias, or if <code>Foo.class</code> is a
+ * {@code Foo.class} permission has been signed by the
+ * "FooSoft" alias, or if {@code Foo.class} is a
  * system class (i.e., is found on the CLASSPATH).
  *
  * <p> Items that appear in an entry must appear in the specified order
- * (<code>permission</code>, <i>Type</i>, "<i>name</i>", and
+ * ({@code permission}, <i>Type</i>, "<i>name</i>", and
  * "<i>action</i>"). An entry is terminated with a semicolon.
  *
- * <p> Case is unimportant for the identifiers (<code>permission</code>,
- * <code>signedBy</code>, <code>codeBase</code>, etc.) but is
+ * <p> Case is unimportant for the identifiers ({@code permission},
+ * {@code signedBy}, {@code codeBase}, etc.) but is
  * significant for the <i>Type</i>
- * or for any string that is passed in as a value. <p>
+ * or for any string that is passed in as a value.
  *
  * <p> An example of two entries in a policy configuration file is
  * <pre>
@@ -153,15 +153,15 @@
  *         permission java.util.PropertyPermission "java.vendor";
  * </pre>
  *
- * <p> This <code>Policy</code> implementation supports
+ * <p> This {@code Policy} implementation supports
  * special handling for PrivateCredentialPermissions.
  * If a grant entry is configured with a
- * <code>PrivateCredentialPermission</code>,
+ * {@code PrivateCredentialPermission},
  * and the "Principal Class/Principal Name" for that
- * <code>PrivateCredentialPermission</code> is "self",
- * then the entry grants the specified <code>Subject</code> permission to
+ * {@code PrivateCredentialPermission} is "self",
+ * then the entry grants the specified {@code Subject} permission to
  * access its own private Credential.  For example,
- * the following grants the <code>Subject</code> "Duke"
+ * the following grants the {@code Subject} "Duke"
  * access to its own a.b.Credential.
  *
  * <pre>
@@ -172,7 +172,7 @@
  *    };
  * </pre>
  *
- * The following grants the <code>Subject</code> "Duke"
+ * The following grants the {@code Subject} "Duke"
  * access to all of its own private Credentials:
  *
  * <pre>
@@ -184,7 +184,7 @@
  * </pre>
  *
  * The following grants all Subjects authenticated as a
- * <code>SolarisPrincipal</code> (regardless of their respective names)
+ * {@code SolarisPrincipal} (regardless of their respective names)
  * permission to access their own private Credentials:
  *
  * <pre>
@@ -207,7 +207,7 @@
  * </pre>
 
  * @deprecated As of JDK&nbsp;1.4, replaced by
- *             <code>sun.security.provider.PolicyFile</code>.
+ *             {@code sun.security.provider.PolicyFile}.
  *             This class is entirely deprecated.
  *
  * @see java.security.CodeSource
@@ -232,10 +232,8 @@
     /**
      * Refreshes the policy object by re-reading all the policy files.
      *
-     * <p>
-     *
      * @exception SecurityException if the caller doesn't have permission
-     *          to refresh the <code>Policy</code>.
+     *          to refresh the {@code Policy}.
      */
     @Override
     public void refresh() {
@@ -243,59 +241,56 @@
     }
 
     /**
-     * Examines this <code>Policy</code> and returns the Permissions granted
-     * to the specified <code>Subject</code> and <code>CodeSource</code>.
+     * Examines this {@code Policy} and returns the Permissions granted
+     * to the specified {@code Subject} and {@code CodeSource}.
      *
      * <p> Permissions for a particular <i>grant</i> entry are returned
-     * if the <code>CodeSource</code> constructed using the codebase and
-     * signedby values specified in the entry <code>implies</code>
-     * the <code>CodeSource</code> provided to this method, and if the
-     * <code>Subject</code> provided to this method contains all of the
+     * if the {@code CodeSource} constructed using the codebase and
+     * signedby values specified in the entry {@code implies}
+     * the {@code CodeSource} provided to this method, and if the
+     * {@code Subject} provided to this method contains all of the
      * Principals specified in the entry.
      *
-     * <p> The <code>Subject</code> provided to this method contains all
+     * <p> The {@code Subject} provided to this method contains all
      * of the Principals specified in the entry if, for each
-     * <code>Principal</code>, "P1", specified in the <i>grant</i> entry
+     * {@code Principal}, "P1", specified in the <i>grant</i> entry
      * one of the following two conditions is met:
      *
-     * <p>
      * <ol>
-     * <li> the <code>Subject</code> has a
-     *      <code>Principal</code>, "P2", where
-     *      <code>P2.getClass().getName()</code> equals the
+     * <li> the {@code Subject} has a
+     *      {@code Principal}, "P2", where
+     *      {@code P2.getClass().getName()} equals the
      *      P1's class name, and where
-     *      <code>P2.getName()</code> equals the P1's name.
+     *      {@code P2.getName()} equals the P1's name.
      *
      * <li> P1 implements
-     *      <code>com.sun.security.auth.PrincipalComparator</code>,
-     *      and <code>P1.implies</code> the provided <code>Subject</code>.
+     *      {@code com.sun.security.auth.PrincipalComparator},
+     *      and {@code P1.implies} the provided {@code Subject}.
      * </ol>
      *
-     * <p> Note that this <code>Policy</code> implementation has
+     * <p> Note that this {@code Policy} implementation has
      * special handling for PrivateCredentialPermissions.
-     * When this method encounters a <code>PrivateCredentialPermission</code>
-     * which specifies "self" as the <code>Principal</code> class and name,
-     * it does not add that <code>Permission</code> to the returned
-     * <code>PermissionCollection</code>.  Instead, it builds
-     * a new <code>PrivateCredentialPermission</code>
-     * for each <code>Principal</code> associated with the provided
-     * <code>Subject</code>.  Each new <code>PrivateCredentialPermission</code>
+     * When this method encounters a {@code PrivateCredentialPermission}
+     * which specifies "self" as the {@code Principal} class and name,
+     * it does not add that {@code Permission} to the returned
+     * {@code PermissionCollection}.  Instead, it builds
+     * a new {@code PrivateCredentialPermission}
+     * for each {@code Principal} associated with the provided
+     * {@code Subject}.  Each new {@code PrivateCredentialPermission}
      * contains the same Credential class as specified in the
      * originally granted permission, as well as the Class and name
-     * for the respective <code>Principal</code>.
-     *
-     * <p>
+     * for the respective {@code Principal}.
      *
-     * @param subject the Permissions granted to this <code>Subject</code>
-     *          and the additionally provided <code>CodeSource</code>
-     *          are returned. <p>
-     *
-     * @param codesource the Permissions granted to this <code>CodeSource</code>
-     *          and the additionally provided <code>Subject</code>
+     * @param subject the Permissions granted to this {@code Subject}
+     *          and the additionally provided {@code CodeSource}
      *          are returned.
      *
-     * @return the Permissions granted to the provided <code>Subject</code>
-     *          <code>CodeSource</code>.
+     * @param codesource the Permissions granted to this {@code CodeSource}
+     *          and the additionally provided {@code Subject}
+     *          are returned.
+     *
+     * @return the Permissions granted to the provided {@code Subject}
+     *          {@code CodeSource}.
      */
     @Override
     public PermissionCollection getPermissions(final Subject subject,
--- a/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/PrincipalComparator.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/PrincipalComparator.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,25 +26,25 @@
 package com.sun.security.auth;
 
 /**
- * An object that implements the <code>java.security.Principal</code>
+ * An object that implements the {@code java.security.Principal}
  * interface typically also implements this interface to provide
- * a means for comparing that object to a specified <code>Subject</code>.
+ * a means for comparing that object to a specified {@code Subject}.
  *
- * <p> The comparison is achieved via the <code>implies</code> method.
- * The implementation of the <code>implies</code> method determines
- * whether this object "implies" the specified <code>Subject</code>.
+ * <p> The comparison is achieved via the {@code implies} method.
+ * The implementation of the {@code implies} method determines
+ * whether this object "implies" the specified {@code Subject}.
  * One example application of this method may be for
- * a "group" object to imply a particular <code>Subject</code>
- * if that <code>Subject</code> belongs to the group.
+ * a "group" object to imply a particular {@code Subject}
+ * if that {@code Subject} belongs to the group.
  * Another example application of this method would be for
- * "role" object to imply a particular <code>Subject</code>
- * if that <code>Subject</code> is currently acting in that role.
+ * "role" object to imply a particular {@code Subject}
+ * if that {@code Subject} is currently acting in that role.
  *
  * <p> Although classes that implement this interface typically
- * also implement the <code>java.security.Principal</code> interface,
+ * also implement the {@code java.security.Principal} interface,
  * it is not required.  In other words, classes may implement the
- * <code>java.security.Principal</code> interface by itself,
- * the <code>PrincipalComparator</code> interface by itself,
+ * {@code java.security.Principal} interface by itself,
+ * the {@code PrincipalComparator} interface by itself,
  * or both at the same time.
  *
  * @see java.security.Principal
@@ -53,12 +53,10 @@
 @jdk.Exported
 public interface PrincipalComparator {
     /**
-     * Check if the specified <code>Subject</code> is implied by
+     * Check if the specified {@code Subject} is implied by
      * this object.
      *
-     * <p>
-     *
-     * @return true if the specified <code>Subject</code> is implied by
+     * @return true if the specified {@code Subject} is implied by
      *          this object, or false otherwise.
      */
     boolean implies(javax.security.auth.Subject subject);
--- a/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/SolarisNumericGroupPrincipal.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/SolarisNumericGroupPrincipal.java	Thu Apr 30 17:20:49 2015 -0700
@@ -28,15 +28,15 @@
 import java.security.Principal;
 
 /**
- * <p> This class implements the <code>Principal</code> interface
+ * This class implements the {@code Principal} interface
  * and represents a user's Solaris group identification number (GID).
  *
- * <p> Principals such as this <code>SolarisNumericGroupPrincipal</code>
- * may be associated with a particular <code>Subject</code>
- * to augment that <code>Subject</code> with an additional
- * identity.  Refer to the <code>Subject</code> class for more information
+ * <p> Principals such as this {@code SolarisNumericGroupPrincipal}
+ * may be associated with a particular {@code Subject}
+ * to augment that {@code Subject} with an additional
+ * identity.  Refer to the {@code Subject} class for more information
  * on how to achieve this.  Authorization decisions can then be based upon
- * the Principals associated with a <code>Subject</code>.
+ * the Principals associated with a {@code Subject}.
 
  * @deprecated As of JDK&nbsp;1.4, replaced by
  *             {@link UnixNumericGroupPrincipal}.
@@ -73,20 +73,18 @@
     private boolean primaryGroup;
 
     /**
-     * Create a <code>SolarisNumericGroupPrincipal</code> using a
-     * <code>String</code> representation of the user's
+     * Create a {@code SolarisNumericGroupPrincipal} using a
+     * {@code String} representation of the user's
      * group identification number (GID).
      *
-     * <p>
-     *
      * @param name the user's group identification number (GID)
-     *                  for this user. <p>
+     *                  for this user.
      *
      * @param primaryGroup true if the specified GID represents the
      *                  primary group to which this user belongs.
      *
-     * @exception NullPointerException if the <code>name</code>
-     *                  is <code>null</code>.
+     * @exception NullPointerException if the {@code name}
+     *                  is {@code null}.
      */
     public SolarisNumericGroupPrincipal(String name, boolean primaryGroup) {
         if (name == null)
@@ -97,13 +95,11 @@
     }
 
     /**
-     * Create a <code>SolarisNumericGroupPrincipal</code> using a
+     * Create a {@code SolarisNumericGroupPrincipal} using a
      * long representation of the user's group identification number (GID).
      *
-     * <p>
-     *
      * @param name the user's group identification number (GID) for this user
-     *                  represented as a long. <p>
+     *                  represented as a long.
      *
      * @param primaryGroup true if the specified GID represents the
      *                  primary group to which this user belongs.
@@ -116,12 +112,10 @@
 
     /**
      * Return the user's group identification number (GID) for this
-     * <code>SolarisNumericGroupPrincipal</code>.
-     *
-     * <p>
+     * {@code SolarisNumericGroupPrincipal}.
      *
      * @return the user's group identification number (GID) for this
-     *          <code>SolarisNumericGroupPrincipal</code>
+     *          {@code SolarisNumericGroupPrincipal}
      */
     public String getName() {
         return name;
@@ -129,12 +123,10 @@
 
     /**
      * Return the user's group identification number (GID) for this
-     * <code>SolarisNumericGroupPrincipal</code> as a long.
-     *
-     * <p>
+     * {@code SolarisNumericGroupPrincipal} as a long.
      *
      * @return the user's group identification number (GID) for this
-     *          <code>SolarisNumericGroupPrincipal</code> as a long.
+     *          {@code SolarisNumericGroupPrincipal} as a long.
      */
     public long longValue() {
         return Long.parseLong(name);
@@ -144,8 +136,6 @@
      * Return whether this group identification number (GID) represents
      * the primary group to which this user belongs.
      *
-     * <p>
-     *
      * @return true if this group identification number (GID) represents
      *          the primary group to which this user belongs,
      *          or false otherwise.
@@ -156,12 +146,10 @@
 
     /**
      * Return a string representation of this
-     * <code>SolarisNumericGroupPrincipal</code>.
-     *
-     * <p>
+     * {@code SolarisNumericGroupPrincipal}.
      *
      * @return a string representation of this
-     *          <code>SolarisNumericGroupPrincipal</code>.
+     *          {@code SolarisNumericGroupPrincipal}.
      */
     public String toString() {
         return((primaryGroup ?
@@ -173,19 +161,17 @@
 
     /**
      * Compares the specified Object with this
-     * <code>SolarisNumericGroupPrincipal</code>
+     * {@code SolarisNumericGroupPrincipal}
      * for equality.  Returns true if the given object is also a
-     * <code>SolarisNumericGroupPrincipal</code> and the two
+     * {@code SolarisNumericGroupPrincipal} and the two
      * SolarisNumericGroupPrincipals
      * have the same group identification number (GID).
      *
-     * <p>
-     *
      * @param o Object to be compared for equality with this
-     *          <code>SolarisNumericGroupPrincipal</code>.
+     *          {@code SolarisNumericGroupPrincipal}.
      *
      * @return true if the specified Object is equal to this
-     *          <code>SolarisNumericGroupPrincipal</code>.
+     *          {@code SolarisNumericGroupPrincipal}.
      */
     public boolean equals(Object o) {
         if (o == null)
@@ -205,11 +191,9 @@
     }
 
     /**
-     * Return a hash code for this <code>SolarisNumericGroupPrincipal</code>.
+     * Return a hash code for this {@code SolarisNumericGroupPrincipal}.
      *
-     * <p>
-     *
-     * @return a hash code for this <code>SolarisNumericGroupPrincipal</code>.
+     * @return a hash code for this {@code SolarisNumericGroupPrincipal}.
      */
     public int hashCode() {
         return toString().hashCode();
--- a/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/SolarisNumericUserPrincipal.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/SolarisNumericUserPrincipal.java	Thu Apr 30 17:20:49 2015 -0700
@@ -28,15 +28,15 @@
 import java.security.Principal;
 
 /**
- * <p> This class implements the <code>Principal</code> interface
+ * This class implements the {@code Principal} interface
  * and represents a user's Solaris identification number (UID).
  *
- * <p> Principals such as this <code>SolarisNumericUserPrincipal</code>
- * may be associated with a particular <code>Subject</code>
- * to augment that <code>Subject</code> with an additional
- * identity.  Refer to the <code>Subject</code> class for more information
+ * <p> Principals such as this {@code SolarisNumericUserPrincipal}
+ * may be associated with a particular {@code Subject}
+ * to augment that {@code Subject} with an additional
+ * identity.  Refer to the {@code Subject} class for more information
  * on how to achieve this.  Authorization decisions can then be based upon
- * the Principals associated with a <code>Subject</code>.
+ * the Principals associated with a {@code Subject}.
  * @deprecated As of JDK&nbsp;1.4, replaced by
  *             {@link UnixNumericUserPrincipal}.
  *             This class is entirely deprecated.
@@ -68,16 +68,14 @@
     private String name;
 
     /**
-     * Create a <code>SolarisNumericUserPrincipal</code> using a
-     * <code>String</code> representation of the
+     * Create a {@code SolarisNumericUserPrincipal} using a
+     * {@code String} representation of the
      * user's identification number (UID).
      *
-     * <p>
-     *
      * @param name the user identification number (UID) for this user.
      *
-     * @exception NullPointerException if the <code>name</code>
-     *                  is <code>null</code>.
+     * @exception NullPointerException if the {@code name}
+     *                  is {@code null}.
      */
     public SolarisNumericUserPrincipal(String name) {
         if (name == null)
@@ -87,11 +85,9 @@
     }
 
     /**
-     * Create a <code>SolarisNumericUserPrincipal</code> using a
+     * Create a {@code SolarisNumericUserPrincipal} using a
      * long representation of the user's identification number (UID).
      *
-     * <p>
-     *
      * @param name the user identification number (UID) for this user
      *                  represented as a long.
      */
@@ -101,12 +97,10 @@
 
     /**
      * Return the user identification number (UID) for this
-     * <code>SolarisNumericUserPrincipal</code>.
-     *
-     * <p>
+     * {@code SolarisNumericUserPrincipal}.
      *
      * @return the user identification number (UID) for this
-     *          <code>SolarisNumericUserPrincipal</code>
+     *          {@code SolarisNumericUserPrincipal}
      */
     public String getName() {
         return name;
@@ -114,12 +108,10 @@
 
     /**
      * Return the user identification number (UID) for this
-     * <code>SolarisNumericUserPrincipal</code> as a long.
-     *
-     * <p>
+     * {@code SolarisNumericUserPrincipal} as a long.
      *
      * @return the user identification number (UID) for this
-     *          <code>SolarisNumericUserPrincipal</code> as a long.
+     *          {@code SolarisNumericUserPrincipal} as a long.
      */
     public long longValue() {
         return Long.parseLong(name);
@@ -127,12 +119,10 @@
 
     /**
      * Return a string representation of this
-     * <code>SolarisNumericUserPrincipal</code>.
-     *
-     * <p>
+     * {@code SolarisNumericUserPrincipal}.
      *
      * @return a string representation of this
-     *          <code>SolarisNumericUserPrincipal</code>.
+     *          {@code SolarisNumericUserPrincipal}.
      */
     public String toString() {
         return(rb.getString("SolarisNumericUserPrincipal.") + name);
@@ -140,19 +130,17 @@
 
     /**
      * Compares the specified Object with this
-     * <code>SolarisNumericUserPrincipal</code>
+     * {@code SolarisNumericUserPrincipal}
      * for equality.  Returns true if the given object is also a
-     * <code>SolarisNumericUserPrincipal</code> and the two
+     * {@code SolarisNumericUserPrincipal} and the two
      * SolarisNumericUserPrincipals
      * have the same user identification number (UID).
      *
-     * <p>
-     *
      * @param o Object to be compared for equality with this
-     *          <code>SolarisNumericUserPrincipal</code>.
+     *          {@code SolarisNumericUserPrincipal}.
      *
      * @return true if the specified Object is equal to this
-     *          <code>SolarisNumericUserPrincipal</code>.
+     *          {@code SolarisNumericUserPrincipal}.
      */
     public boolean equals(Object o) {
         if (o == null)
@@ -167,15 +155,14 @@
 
         if (this.getName().equals(that.getName()))
             return true;
-        return false;
+
+       return false;
     }
 
     /**
-     * Return a hash code for this <code>SolarisNumericUserPrincipal</code>.
+     * Return a hash code for this {@code SolarisNumericUserPrincipal}.
      *
-     * <p>
-     *
-     * @return a hash code for this <code>SolarisNumericUserPrincipal</code>.
+     * @return a hash code for this {@code SolarisNumericUserPrincipal}.
      */
     public int hashCode() {
         return name.hashCode();
--- a/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/SolarisPrincipal.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/SolarisPrincipal.java	Thu Apr 30 17:20:49 2015 -0700
@@ -28,15 +28,15 @@
 import java.security.Principal;
 
 /**
- * <p> This class implements the <code>Principal</code> interface
+ * This class implements the {@code Principal} interface
  * and represents a Solaris user.
  *
- * <p> Principals such as this <code>SolarisPrincipal</code>
- * may be associated with a particular <code>Subject</code>
- * to augment that <code>Subject</code> with an additional
- * identity.  Refer to the <code>Subject</code> class for more information
+ * <p> Principals such as this {@code SolarisPrincipal}
+ * may be associated with a particular {@code Subject}
+ * to augment that {@code Subject} with an additional
+ * identity.  Refer to the {@code Subject} class for more information
  * on how to achieve this.  Authorization decisions can then be based upon
- * the Principals associated with a <code>Subject</code>.
+ * the Principals associated with a {@code Subject}.
  *
  * @deprecated As of JDK&nbsp;1.4, replaced by
  *             {@link UnixPrincipal}.
@@ -68,12 +68,10 @@
     /**
      * Create a SolarisPrincipal with a Solaris username.
      *
-     * <p>
-     *
      * @param name the Unix username for this user.
      *
-     * @exception NullPointerException if the <code>name</code>
-     *                  is <code>null</code>.
+     * @exception NullPointerException if the {@code name}
+     *                  is {@code null}.
      */
     public SolarisPrincipal(String name) {
         if (name == null)
@@ -83,40 +81,34 @@
     }
 
     /**
-     * Return the Unix username for this <code>SolarisPrincipal</code>.
+     * Return the Unix username for this {@code SolarisPrincipal}.
      *
-     * <p>
-     *
-     * @return the Unix username for this <code>SolarisPrincipal</code>
+     * @return the Unix username for this {@code SolarisPrincipal}
      */
     public String getName() {
         return name;
     }
 
     /**
-     * Return a string representation of this <code>SolarisPrincipal</code>.
+     * Return a string representation of this {@code SolarisPrincipal}.
      *
-     * <p>
-     *
-     * @return a string representation of this <code>SolarisPrincipal</code>.
+     * @return a string representation of this {@code SolarisPrincipal}.
      */
     public String toString() {
         return(rb.getString("SolarisPrincipal.") + name);
     }
 
     /**
-     * Compares the specified Object with this <code>SolarisPrincipal</code>
+     * Compares the specified Object with this {@code SolarisPrincipal}
      * for equality.  Returns true if the given object is also a
-     * <code>SolarisPrincipal</code> and the two SolarisPrincipals
+     * {@code SolarisPrincipal} and the two SolarisPrincipals
      * have the same username.
      *
-     * <p>
-     *
      * @param o Object to be compared for equality with this
-     *          <code>SolarisPrincipal</code>.
+     *          {@code SolarisPrincipal}.
      *
      * @return true if the specified Object is equal to this
-     *          <code>SolarisPrincipal</code>.
+     *          {@code SolarisPrincipal}.
      */
     public boolean equals(Object o) {
         if (o == null)
@@ -135,11 +127,9 @@
     }
 
     /**
-     * Return a hash code for this <code>SolarisPrincipal</code>.
+     * Return a hash code for this {@code SolarisPrincipal}.
      *
-     * <p>
-     *
-     * @return a hash code for this <code>SolarisPrincipal</code>.
+     * @return a hash code for this {@code SolarisPrincipal}.
      */
     public int hashCode() {
         return name.hashCode();
--- a/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/UnixNumericGroupPrincipal.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/UnixNumericGroupPrincipal.java	Thu Apr 30 17:20:49 2015 -0700
@@ -28,15 +28,15 @@
 import java.security.Principal;
 
 /**
- * <p> This class implements the <code>Principal</code> interface
+ * This class implements the {@code Principal} interface
  * and represents a user's Unix group identification number (GID).
  *
- * <p> Principals such as this <code>UnixNumericGroupPrincipal</code>
- * may be associated with a particular <code>Subject</code>
- * to augment that <code>Subject</code> with an additional
- * identity.  Refer to the <code>Subject</code> class for more information
+ * <p> Principals such as this {@code UnixNumericGroupPrincipal}
+ * may be associated with a particular {@code Subject}
+ * to augment that {@code Subject} with an additional
+ * identity.  Refer to the {@code Subject} class for more information
  * on how to achieve this.  Authorization decisions can then be based upon
- * the Principals associated with a <code>Subject</code>.
+ * the Principals associated with a {@code Subject}.
  *
  * @see java.security.Principal
  * @see javax.security.auth.Subject
@@ -59,20 +59,18 @@
     private boolean primaryGroup;
 
     /**
-     * Create a <code>UnixNumericGroupPrincipal</code> using a
-     * <code>String</code> representation of the user's
+     * Create a {@code UnixNumericGroupPrincipal} using a
+     * {@code String} representation of the user's
      * group identification number (GID).
      *
-     * <p>
-     *
      * @param name the user's group identification number (GID)
-     *                  for this user. <p>
+     *                  for this user.
      *
      * @param primaryGroup true if the specified GID represents the
      *                  primary group to which this user belongs.
      *
-     * @exception NullPointerException if the <code>name</code>
-     *                  is <code>null</code>.
+     * @exception NullPointerException if the {@code name}
+     *                  is {@code null}.
      */
     public UnixNumericGroupPrincipal(String name, boolean primaryGroup) {
         if (name == null) {
@@ -89,13 +87,11 @@
     }
 
     /**
-     * Create a <code>UnixNumericGroupPrincipal</code> using a
+     * Create a {@code UnixNumericGroupPrincipal} using a
      * long representation of the user's group identification number (GID).
      *
-     * <p>
-     *
      * @param name the user's group identification number (GID) for this user
-     *                  represented as a long. <p>
+     *                  represented as a long.
      *
      * @param primaryGroup true if the specified GID represents the
      *                  primary group to which this user belongs.
@@ -108,12 +104,10 @@
 
     /**
      * Return the user's group identification number (GID) for this
-     * <code>UnixNumericGroupPrincipal</code>.
-     *
-     * <p>
+     * {@code UnixNumericGroupPrincipal}.
      *
      * @return the user's group identification number (GID) for this
-     *          <code>UnixNumericGroupPrincipal</code>
+     *          {@code UnixNumericGroupPrincipal}
      */
     public String getName() {
         return name;
@@ -121,12 +115,10 @@
 
     /**
      * Return the user's group identification number (GID) for this
-     * <code>UnixNumericGroupPrincipal</code> as a long.
-     *
-     * <p>
+     * {@code UnixNumericGroupPrincipal} as a long.
      *
      * @return the user's group identification number (GID) for this
-     *          <code>UnixNumericGroupPrincipal</code> as a long.
+     *          {@code UnixNumericGroupPrincipal} as a long.
      */
     public long longValue() {
         return Long.parseLong(name);
@@ -136,8 +128,6 @@
      * Return whether this group identification number (GID) represents
      * the primary group to which this user belongs.
      *
-     * <p>
-     *
      * @return true if this group identification number (GID) represents
      *          the primary group to which this user belongs,
      *          or false otherwise.
@@ -148,12 +138,10 @@
 
     /**
      * Return a string representation of this
-     * <code>UnixNumericGroupPrincipal</code>.
-     *
-     * <p>
+     * {@code UnixNumericGroupPrincipal}.
      *
      * @return a string representation of this
-     *          <code>UnixNumericGroupPrincipal</code>.
+     *          {@code UnixNumericGroupPrincipal}.
      */
     public String toString() {
 
@@ -176,19 +164,17 @@
 
     /**
      * Compares the specified Object with this
-     * <code>UnixNumericGroupPrincipal</code>
+     * {@code UnixNumericGroupPrincipal}
      * for equality.  Returns true if the given object is also a
-     * <code>UnixNumericGroupPrincipal</code> and the two
+     * {@code UnixNumericGroupPrincipal} and the two
      * UnixNumericGroupPrincipals
      * have the same group identification number (GID).
      *
-     * <p>
-     *
      * @param o Object to be compared for equality with this
-     *          <code>UnixNumericGroupPrincipal</code>.
+     *          {@code UnixNumericGroupPrincipal}.
      *
      * @return true if the specified Object is equal to this
-     *          <code>UnixNumericGroupPrincipal</code>.
+     *          {@code UnixNumericGroupPrincipal}.
      */
     public boolean equals(Object o) {
         if (o == null)
@@ -208,11 +194,9 @@
     }
 
     /**
-     * Return a hash code for this <code>UnixNumericGroupPrincipal</code>.
+     * Return a hash code for this {@code UnixNumericGroupPrincipal}.
      *
-     * <p>
-     *
-     * @return a hash code for this <code>UnixNumericGroupPrincipal</code>.
+     * @return a hash code for this {@code UnixNumericGroupPrincipal}.
      */
     public int hashCode() {
         return toString().hashCode();
--- a/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/UnixNumericUserPrincipal.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/UnixNumericUserPrincipal.java	Thu Apr 30 17:20:49 2015 -0700
@@ -28,15 +28,15 @@
 import java.security.Principal;
 
 /**
- * <p> This class implements the <code>Principal</code> interface
+ * This class implements the {@code Principal} interface
  * and represents a user's Unix identification number (UID).
  *
- * <p> Principals such as this <code>UnixNumericUserPrincipal</code>
- * may be associated with a particular <code>Subject</code>
- * to augment that <code>Subject</code> with an additional
- * identity.  Refer to the <code>Subject</code> class for more information
+ * <p> Principals such as this {@code UnixNumericUserPrincipal}
+ * may be associated with a particular {@code Subject}
+ * to augment that {@code Subject} with an additional
+ * identity.  Refer to the {@code Subject} class for more information
  * on how to achieve this.  Authorization decisions can then be based upon
- * the Principals associated with a <code>Subject</code>.
+ * the Principals associated with a {@code Subject}.
  *
  * @see java.security.Principal
  * @see javax.security.auth.Subject
@@ -53,16 +53,14 @@
     private String name;
 
     /**
-     * Create a <code>UnixNumericUserPrincipal</code> using a
-     * <code>String</code> representation of the
+     * Create a {@code UnixNumericUserPrincipal} using a
+     * {@code String} representation of the
      * user's identification number (UID).
      *
-     * <p>
-     *
      * @param name the user identification number (UID) for this user.
      *
-     * @exception NullPointerException if the <code>name</code>
-     *                  is <code>null</code>.
+     * @exception NullPointerException if the {@code name}
+     *                  is {@code null}.
      */
     public UnixNumericUserPrincipal(String name) {
         if (name == null) {
@@ -78,11 +76,9 @@
     }
 
     /**
-     * Create a <code>UnixNumericUserPrincipal</code> using a
+     * Create a {@code UnixNumericUserPrincipal} using a
      * long representation of the user's identification number (UID).
      *
-     * <p>
-     *
      * @param name the user identification number (UID) for this user
      *                  represented as a long.
      */
@@ -92,12 +88,10 @@
 
     /**
      * Return the user identification number (UID) for this
-     * <code>UnixNumericUserPrincipal</code>.
-     *
-     * <p>
+     * {@code UnixNumericUserPrincipal}.
      *
      * @return the user identification number (UID) for this
-     *          <code>UnixNumericUserPrincipal</code>
+     *          {@code UnixNumericUserPrincipal}
      */
     public String getName() {
         return name;
@@ -105,12 +99,10 @@
 
     /**
      * Return the user identification number (UID) for this
-     * <code>UnixNumericUserPrincipal</code> as a long.
-     *
-     * <p>
+     * {@code UnixNumericUserPrincipal} as a long.
      *
      * @return the user identification number (UID) for this
-     *          <code>UnixNumericUserPrincipal</code> as a long.
+     *          {@code UnixNumericUserPrincipal} as a long.
      */
     public long longValue() {
         return Long.parseLong(name);
@@ -118,12 +110,10 @@
 
     /**
      * Return a string representation of this
-     * <code>UnixNumericUserPrincipal</code>.
-     *
-     * <p>
+     * {@code UnixNumericUserPrincipal}.
      *
      * @return a string representation of this
-     *          <code>UnixNumericUserPrincipal</code>.
+     *          {@code UnixNumericUserPrincipal}.
      */
     public String toString() {
         java.text.MessageFormat form = new java.text.MessageFormat
@@ -136,19 +126,17 @@
 
     /**
      * Compares the specified Object with this
-     * <code>UnixNumericUserPrincipal</code>
+     * {@code UnixNumericUserPrincipal}
      * for equality.  Returns true if the given object is also a
-     * <code>UnixNumericUserPrincipal</code> and the two
+     * {@code UnixNumericUserPrincipal} and the two
      * UnixNumericUserPrincipals
      * have the same user identification number (UID).
      *
-     * <p>
-     *
      * @param o Object to be compared for equality with this
-     *          <code>UnixNumericUserPrincipal</code>.
+     *          {@code UnixNumericUserPrincipal}.
      *
      * @return true if the specified Object is equal to this
-     *          <code>UnixNumericUserPrincipal</code>.
+     *          {@code UnixNumericUserPrincipal}.
      */
     public boolean equals(Object o) {
         if (o == null)
@@ -167,11 +155,9 @@
     }
 
     /**
-     * Return a hash code for this <code>UnixNumericUserPrincipal</code>.
+     * Return a hash code for this {@code UnixNumericUserPrincipal}.
      *
-     * <p>
-     *
-     * @return a hash code for this <code>UnixNumericUserPrincipal</code>.
+     * @return a hash code for this {@code UnixNumericUserPrincipal}.
      */
     public int hashCode() {
         return name.hashCode();
--- a/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/UnixPrincipal.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/UnixPrincipal.java	Thu Apr 30 17:20:49 2015 -0700
@@ -28,15 +28,15 @@
 import java.security.Principal;
 
 /**
- * <p> This class implements the <code>Principal</code> interface
+ * This class implements the {@code Principal} interface
  * and represents a Unix user.
  *
- * <p> Principals such as this <code>UnixPrincipal</code>
- * may be associated with a particular <code>Subject</code>
- * to augment that <code>Subject</code> with an additional
- * identity.  Refer to the <code>Subject</code> class for more information
+ * <p> Principals such as this {@code UnixPrincipal}
+ * may be associated with a particular {@code Subject}
+ * to augment that {@code Subject} with an additional
+ * identity.  Refer to the {@code Subject} class for more information
  * on how to achieve this.  Authorization decisions can then be based upon
- * the Principals associated with a <code>Subject</code>.
+ * the Principals associated with a {@code Subject}.
  *
  * @see java.security.Principal
  * @see javax.security.auth.Subject
@@ -54,12 +54,10 @@
     /**
      * Create a UnixPrincipal with a Unix username.
      *
-     * <p>
-     *
      * @param name the Unix username for this user.
      *
-     * @exception NullPointerException if the <code>name</code>
-     *                  is <code>null</code>.
+     * @exception NullPointerException if the {@code name}
+     *                  is {@code null}.
      */
     public UnixPrincipal(String name) {
         if (name == null) {
@@ -75,22 +73,18 @@
     }
 
     /**
-     * Return the Unix username for this <code>UnixPrincipal</code>.
+     * Return the Unix username for this {@code UnixPrincipal}.
      *
-     * <p>
-     *
-     * @return the Unix username for this <code>UnixPrincipal</code>
+     * @return the Unix username for this {@code UnixPrincipal}
      */
     public String getName() {
         return name;
     }
 
     /**
-     * Return a string representation of this <code>UnixPrincipal</code>.
+     * Return a string representation of this {@code UnixPrincipal}.
      *
-     * <p>
-     *
-     * @return a string representation of this <code>UnixPrincipal</code>.
+     * @return a string representation of this {@code UnixPrincipal}.
      */
     public String toString() {
         java.text.MessageFormat form = new java.text.MessageFormat
@@ -102,18 +96,16 @@
     }
 
     /**
-     * Compares the specified Object with this <code>UnixPrincipal</code>
+     * Compares the specified Object with this {@code UnixPrincipal}
      * for equality.  Returns true if the given object is also a
-     * <code>UnixPrincipal</code> and the two UnixPrincipals
+     * {@code UnixPrincipal} and the two UnixPrincipals
      * have the same username.
      *
-     * <p>
-     *
      * @param o Object to be compared for equality with this
-     *          <code>UnixPrincipal</code>.
+     *          {@code UnixPrincipal}.
      *
      * @return true if the specified Object is equal to this
-     *          <code>UnixPrincipal</code>.
+     *          {@code UnixPrincipal}.
      */
     public boolean equals(Object o) {
         if (o == null)
@@ -132,11 +124,9 @@
     }
 
     /**
-     * Return a hash code for this <code>UnixPrincipal</code>.
+     * Return a hash code for this {@code UnixPrincipal}.
      *
-     * <p>
-     *
-     * @return a hash code for this <code>UnixPrincipal</code>.
+     * @return a hash code for this {@code UnixPrincipal}.
      */
     public int hashCode() {
         return name.hashCode();
--- a/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/X500Principal.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/X500Principal.java	Thu Apr 30 17:20:49 2015 -0700
@@ -29,17 +29,17 @@
 import sun.security.x509.X500Name;
 
 /**
- * <p> This class represents an X.500 <code>Principal</code>.
+ * This class represents an X.500 {@code Principal}.
  * X500Principals have names such as,
  * "CN=Duke, OU=JavaSoft, O=Sun Microsystems, C=US"
  * (RFC 1779 style).
  *
- * <p> Principals such as this <code>X500Principal</code>
- * may be associated with a particular <code>Subject</code>
- * to augment that <code>Subject</code> with an additional
- * identity.  Refer to the <code>Subject</code> class for more information
+ * <p> Principals such as this {@code X500Principal}
+ * may be associated with a particular {@code Subject}
+ * to augment that {@code Subject} with an additional
+ * identity.  Refer to the {@code Subject} class for more information
  * on how to achieve this.  Authorization decisions can then be based upon
- * the Principals associated with a <code>Subject</code>.
+ * the Principals associated with a {@code Subject}.
  *
  * @see java.security.Principal
  * @see javax.security.auth.Subject
@@ -76,14 +76,12 @@
      * such as "CN=Duke, OU=JavaSoft, O=Sun Microsystems, C=US"
      * (RFC 1779 style).
      *
-     * <p>
-     *
      * @param name the X.500 name
      *
-     * @exception NullPointerException if the <code>name</code>
-     *                  is <code>null</code>. <p>
+     * @exception NullPointerException if the {@code name}
+     *                  is {@code null}.
      *
-     * @exception IllegalArgumentException if the <code>name</code>
+     * @exception IllegalArgumentException if the {@code name}
      *                  is improperly specified.
      */
     public X500Principal(String name) {
@@ -100,38 +98,32 @@
     }
 
     /**
-     * Return the Unix username for this <code>X500Principal</code>.
+     * Return the Unix username for this {@code X500Principal}.
      *
-     * <p>
-     *
-     * @return the Unix username for this <code>X500Principal</code>
+     * @return the Unix username for this {@code X500Principal}
      */
     public String getName() {
         return thisX500Name.getName();
     }
 
     /**
-     * Return a string representation of this <code>X500Principal</code>.
+     * Return a string representation of this {@code X500Principal}.
      *
-     * <p>
-     *
-     * @return a string representation of this <code>X500Principal</code>.
+     * @return a string representation of this {@code X500Principal}.
      */
     public String toString() {
         return thisX500Name.toString();
     }
 
     /**
-     * Compares the specified Object with this <code>X500Principal</code>
+     * Compares the specified Object with this {@code X500Principal}
      * for equality.
      *
-     * <p>
-     *
      * @param o Object to be compared for equality with this
-     *          <code>X500Principal</code>.
+     *          {@code X500Principal}.
      *
      * @return true if the specified Object is equal to this
-     *          <code>X500Principal</code>.
+     *          {@code X500Principal}.
      */
     public boolean equals(Object o) {
         if (o == null)
@@ -159,11 +151,9 @@
     }
 
     /**
-     * Return a hash code for this <code>X500Principal</code>.
+     * Return a hash code for this {@code X500Principal}.
      *
-     * <p>
-     *
-     * @return a hash code for this <code>X500Principal</code>.
+     * @return a hash code for this {@code X500Principal}.
      */
     public int hashCode() {
         return thisX500Name.hashCode();
--- a/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/module/JndiLoginModule.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/module/JndiLoginModule.java	Thu Apr 30 17:20:49 2015 -0700
@@ -44,28 +44,28 @@
 
 
 /**
- * <p> The module prompts for a username and password
+ * The module prompts for a username and password
  * and then verifies the password against the password stored in
  * a directory service configured under JNDI.
  *
- * <p> This <code>LoginModule</code> interoperates with
+ * <p> This {@code LoginModule} interoperates with
  * any conformant JNDI service provider.  To direct this
- * <code>LoginModule</code> to use a specific JNDI service provider,
- * two options must be specified in the login <code>Configuration</code>
- * for this <code>LoginModule</code>.
+ * {@code LoginModule} to use a specific JNDI service provider,
+ * two options must be specified in the login {@code Configuration}
+ * for this {@code LoginModule}.
  * <pre>
  *      user.provider.url=<b>name_service_url</b>
  *      group.provider.url=<b>name_service_url</b>
  * </pre>
  *
  * <b>name_service_url</b> specifies
- * the directory service and path where this <code>LoginModule</code>
+ * the directory service and path where this {@code LoginModule}
  * can access the relevant user and group information.  Because this
- * <code>LoginModule</code> only performs one-level searches to
- * find the relevant user information, the <code>URL</code>
+ * {@code LoginModule} only performs one-level searches to
+ * find the relevant user information, the {@code URL}
  * must point to a directory one level above where the user and group
  * information is stored in the directory service.
- * For example, to instruct this <code>LoginModule</code>
+ * For example, to instruct this {@code LoginModule}
  * to contact a NIS server, the following URLs must be specified:
  * <pre>
  *    user.provider.url="nis://<b>NISServerHostName</b>/<b>NISDomain</b>/user"
@@ -90,14 +90,14 @@
  *
  * <p> The format in which the user's information must be stored in
  * the directory service is specified in RFC 2307.  Specifically,
- * this <code>LoginModule</code> will search for the user's entry in the
+ * this {@code LoginModule} will search for the user's entry in the
  * directory service using the user's <i>uid</i> attribute,
  * where <i>uid=<b>username</b></i>.  If the search succeeds,
- * this <code>LoginModule</code> will then
+ * this {@code LoginModule} will then
  * obtain the user's encrypted password from the retrieved entry
  * using the <i>userPassword</i> attribute.
- * This <code>LoginModule</code> assumes that the password is stored
- * as a byte array, which when converted to a <code>String</code>,
+ * This {@code LoginModule} assumes that the password is stored
+ * as a byte array, which when converted to a {@code String},
  * has the following format:
  * <pre>
  *      "{crypt}<b>encrypted_password</b>"
@@ -106,12 +106,12 @@
  * The LDAP directory server must be configured
  * to permit read access to the userPassword attribute.
  * If the user entered a valid username and password,
- * this <code>LoginModule</code> associates a
- * <code>UnixPrincipal</code>, <code>UnixNumericUserPrincipal</code>,
+ * this {@code LoginModule} associates a
+ * {@code UnixPrincipal}, {@code UnixNumericUserPrincipal},
  * and the relevant UnixNumericGroupPrincipals with the
- * <code>Subject</code>.
+ * {@code Subject}.
  *
- * <p> This LoginModule also recognizes the following <code>Configuration</code>
+ * <p> This LoginModule also recognizes the following {@code Configuration}
  * options:
  * <pre>
  *    debug          if, true, debug messages are output to System.out.
@@ -144,7 +144,7 @@
  *                   exist for the username and password in the shared state,
  *                   or if authentication fails.
  *
- *    clearPass     if, true, this <code>LoginModule</code> clears the
+ *    clearPass     if, true, this {@code LoginModule} clears the
  *                  username and password stored in the module's shared state
  *                  after both phases of authentication (login and commit)
  *                  have completed.
@@ -208,21 +208,19 @@
     private static final String PWD = "javax.security.auth.login.password";
 
     /**
-     * Initialize this <code>LoginModule</code>.
+     * Initialize this {@code LoginModule}.
      *
-     * <p>
-     *
-     * @param subject the <code>Subject</code> to be authenticated. <p>
+     * @param subject the {@code Subject} to be authenticated.
      *
-     * @param callbackHandler a <code>CallbackHandler</code> for communicating
+     * @param callbackHandler a {@code CallbackHandler} for communicating
      *                  with the end user (prompting for usernames and
-     *                  passwords, for example). <p>
+     *                  passwords, for example).
      *
-     * @param sharedState shared <code>LoginModule</code> state. <p>
+     * @param sharedState shared {@code LoginModule} state.
      *
      * @param options options specified in the login
-     *                  <code>Configuration</code> for this particular
-     *                  <code>LoginModule</code>.
+     *                  {@code Configuration} for this particular
+     *                  {@code LoginModule}.
      */
     // Unchecked warning from (Map<String, Object>)sharedState is safe
     // since javax.security.auth.login.LoginContext passes a raw HashMap.
@@ -255,17 +253,15 @@
     }
 
     /**
-     * <p> Prompt for username and password.
+     * Prompt for username and password.
      * Verify the password against the relevant name service.
      *
-     * <p>
-     *
-     * @return true always, since this <code>LoginModule</code>
+     * @return true always, since this {@code LoginModule}
      *          should not be ignored.
      *
-     * @exception FailedLoginException if the authentication fails. <p>
+     * @exception FailedLoginException if the authentication fails.
      *
-     * @exception LoginException if this <code>LoginModule</code>
+     * @exception LoginException if this {@code LoginModule}
      *          is unable to perform the authentication.
      */
     public boolean login() throws LoginException {
@@ -367,15 +363,13 @@
      *
      * <p> If this LoginModule's own authentication attempt
      * succeeded (checked by retrieving the private state saved by the
-     * <code>login</code> method), then this method associates a
-     * <code>UnixPrincipal</code>
-     * with the <code>Subject</code> located in the
-     * <code>LoginModule</code>.  If this LoginModule's own
+     * {@code login} method), then this method associates a
+     * {@code UnixPrincipal}
+     * with the {@code Subject} located in the
+     * {@code LoginModule}.  If this LoginModule's own
      * authentication attempted failed, then this method removes
      * any state that was originally saved.
      *
-     * <p>
-     *
      * @exception LoginException if the commit fails
      *
      * @return true if this LoginModule's own login and commit
@@ -418,18 +412,16 @@
     }
 
     /**
-     * <p> This method is called if the LoginContext's
+     * This method is called if the LoginContext's
      * overall authentication failed.
      * (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules
      * did not succeed).
      *
      * <p> If this LoginModule's own authentication attempt
      * succeeded (checked by retrieving the private state saved by the
-     * <code>login</code> and <code>commit</code> methods),
+     * {@code login} and {@code commit} methods),
      * then this method cleans up any state that was originally saved.
      *
-     * <p>
-     *
      * @exception LoginException if the abort fails.
      *
      * @return false if this LoginModule's own login and/or commit attempts
@@ -464,13 +456,11 @@
      * Logout a user.
      *
      * <p> This method removes the Principals
-     * that were added by the <code>commit</code> method.
-     *
-     * <p>
+     * that were added by the {@code commit} method.
      *
      * @exception LoginException if the logout fails.
      *
-     * @return true in all cases since this <code>LoginModule</code>
+     * @return true in all cases since this {@code LoginModule}
      *          should not be ignored.
      */
     public boolean logout() throws LoginException {
@@ -506,8 +496,6 @@
     /**
      * Attempt authentication
      *
-     * <p>
-     *
      * @param getPasswdFromSharedState boolean that tells this method whether
      *          to retrieve the password from the sharedState.
      */
@@ -674,8 +662,6 @@
      * values in the shared state in case subsequent LoginModules
      * want to use them via use/tryFirstPass.
      *
-     * <p>
-     *
      * @param getPasswdFromSharedState boolean that tells this method whether
      *          to retrieve the password from the sharedState.
      */
--- a/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/module/KeyStoreLoginModule.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/module/KeyStoreLoginModule.java	Thu Apr 30 17:20:49 2015 -0700
@@ -55,53 +55,53 @@
 /**
  * Provides a JAAS login module that prompts for a key store alias and
  * populates the subject with the alias's principal and credentials. Stores
- * an <code>X500Principal</code> for the subject distinguished name of the
+ * an {@code X500Principal} for the subject distinguished name of the
  * first certificate in the alias's credentials in the subject's principals,
  * the alias's certificate path in the subject's public credentials, and a
- * <code>X500PrivateCredential</code> whose certificate is the first
+ * {@code X500PrivateCredential} whose certificate is the first
  * certificate in the alias's certificate path and whose private key is the
  * alias's private key in the subject's private credentials. <p>
  *
  * Recognizes the following options in the configuration file:
  * <dl>
  *
- * <dt> <code>keyStoreURL</code> </dt>
+ * <dt> {@code keyStoreURL} </dt>
  * <dd> A URL that specifies the location of the key store.  Defaults to
  *      a URL pointing to the .keystore file in the directory specified by the
- *      <code>user.home</code> system property.  The input stream from this
- *      URL is passed to the <code>KeyStore.load</code> method.
- *      "NONE" may be specified if a <code>null</code> stream must be
- *      passed to the <code>KeyStore.load</code> method.
+ *      {@code user.home} system property.  The input stream from this
+ *      URL is passed to the {@code KeyStore.load} method.
+ *      "NONE" may be specified if a {@code null} stream must be
+ *      passed to the {@code KeyStore.load} method.
  *      "NONE" should be specified if the KeyStore resides
  *      on a hardware token device, for example.</dd>
  *
- * <dt> <code>keyStoreType</code> </dt>
+ * <dt> {@code keyStoreType} </dt>
  * <dd> The key store type.  If not specified, defaults to the result of
- *      calling <code>KeyStore.getDefaultType()</code>.
+ *      calling {@code KeyStore.getDefaultType()}.
  *      If the type is "PKCS11", then keyStoreURL must be "NONE"
  *      and privateKeyPasswordURL must not be specified.</dd>
  *
- * <dt> <code>keyStoreProvider</code> </dt>
+ * <dt> {@code keyStoreProvider} </dt>
  * <dd> The key store provider.  If not specified, uses the standard search
  *      order to find the provider. </dd>
  *
- * <dt> <code>keyStoreAlias</code> </dt>
+ * <dt> {@code keyStoreAlias} </dt>
  * <dd> The alias in the key store to login as.  Required when no callback
  *      handler is provided.  No default value. </dd>
  *
- * <dt> <code>keyStorePasswordURL</code> </dt>
+ * <dt> {@code keyStorePasswordURL} </dt>
  * <dd> A URL that specifies the location of the key store password.  Required
  *      when no callback handler is provided and
- *      <code>protected</code> is false.
+ *      {@code protected} is false.
  *      No default value. </dd>
  *
- * <dt> <code>privateKeyPasswordURL</code> </dt>
+ * <dt> {@code privateKeyPasswordURL} </dt>
  * <dd> A URL that specifies the location of the specific private key password
  *      needed to access the private key for this alias.
  *      The keystore password
  *      is used if this value is needed and not specified. </dd>
  *
- * <dt> <code>protected</code> </dt>
+ * <dt> {@code protected} </dt>
  * <dd> This value should be set to "true" if the KeyStore
  *      has a separate, protected authentication path
  *      (for example, a dedicated PIN-pad attached to a smart card).
@@ -174,22 +174,20 @@
     /* -- Methods -- */
 
     /**
-     * Initialize this <code>LoginModule</code>.
-     *
-     * <p>
+     * Initialize this {@code LoginModule}.
      *
-     * @param subject the <code>Subject</code> to be authenticated. <p>
+     * @param subject the {@code Subject} to be authenticated.
      *
-     * @param callbackHandler a <code>CallbackHandler</code> for communicating
+     * @param callbackHandler a {@code CallbackHandler} for communicating
      *                  with the end user (prompting for usernames and
      *                  passwords, for example),
-     *                  which may be <code>null</code>. <p>
+     *                  which may be {@code null}.
      *
-     * @param sharedState shared <code>LoginModule</code> state. <p>
+     * @param sharedState shared {@code LoginModule} state.
      *
      * @param options options specified in the login
-     *                  <code>Configuration</code> for this particular
-     *                  <code>LoginModule</code>.
+     *                  {@code Configuration} for this particular
+     *                  {@code LoginModule}.
      */
     // Unchecked warning from (Map<String, Object>)sharedState is safe
     // since javax.security.auth.login.LoginContext passes a raw HashMap.
@@ -258,11 +256,9 @@
      * <p> Get the Keystore alias and relevant passwords.
      * Retrieve the alias's principal and credentials from the Keystore.
      *
-     * <p>
+     * @exception FailedLoginException if the authentication fails.
      *
-     * @exception FailedLoginException if the authentication fails. <p>
-     *
-     * @return true in all cases (this <code>LoginModule</code>
+     * @return true in all cases (this {@code LoginModule}
      *          should not be ignored).
      */
 
@@ -719,19 +715,17 @@
      *
      * <p> If this LoginModule's own authentication attempt
      * succeeded (checked by retrieving the private state saved by the
-     * <code>login</code> method), then this method associates a
-     * <code>X500Principal</code> for the subject distinguished name of the
+     * {@code login} method), then this method associates a
+     * {@code X500Principal} for the subject distinguished name of the
      * first certificate in the alias's credentials in the subject's
      * principals,the alias's certificate path in the subject's public
-     * credentials, and a<code>X500PrivateCredential</code> whose certificate
+     * credentials, and a {@code X500PrivateCredential} whose certificate
      * is the first  certificate in the alias's certificate path and whose
      * private key is the alias's private key in the subject's private
      * credentials.  If this LoginModule's own
      * authentication attempted failed, then this method removes
      * any state that was originally saved.
      *
-     * <p>
-     *
      * @exception LoginException if the commit fails
      *
      * @return true if this LoginModule's own login and commit
@@ -774,21 +768,19 @@
     }
 
     /**
-     * <p> This method is called if the LoginContext's
+     * This method is called if the LoginContext's
      * overall authentication failed.
      * (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules
      * did not succeed).
      *
      * <p> If this LoginModule's own authentication attempt
      * succeeded (checked by retrieving the private state saved by the
-     * <code>login</code> and <code>commit</code> methods),
+     * {@code login} and {@code commit} methods),
      * then this method cleans up any state that was originally saved.
      *
      * <p> If the loaded KeyStore's provider extends
-     * <code>java.security.AuthProvider</code>,
-     * then the provider's <code>logout</code> method is invoked.
-     *
-     * <p>
+     * {@code java.security.AuthProvider},
+     * then the provider's {@code logout} method is invoked.
      *
      * @exception LoginException if the abort fails.
      *
@@ -815,17 +807,15 @@
      * Logout a user.
      *
      * <p> This method removes the Principals, public credentials and the
-     * private credentials that were added by the <code>commit</code> method.
+     * private credentials that were added by the {@code commit} method.
      *
      * <p> If the loaded KeyStore's provider extends
-     * <code>java.security.AuthProvider</code>,
-     * then the provider's <code>logout</code> method is invoked.
-     *
-     * <p>
+     * {@code java.security.AuthProvider},
+     * then the provider's {@code logout} method is invoked.
      *
      * @exception LoginException if the logout fails.
      *
-     * @return true in all cases since this <code>LoginModule</code>
+     * @return true in all cases since this {@code LoginModule}
      *          should not be ignored.
      */
 
--- a/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/module/Krb5LoginModule.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/module/Krb5LoginModule.java	Thu Apr 30 17:20:49 2015 -0700
@@ -47,147 +47,142 @@
 import sun.misc.HexDumpEncoder;
 
 /**
- * <p> This <code>LoginModule</code> authenticates users using
+ * This {@code LoginModule} authenticates users using
  * Kerberos protocols.
  *
- * <p> The configuration entry for <code>Krb5LoginModule</code> has
+ * <p> The configuration entry for {@code Krb5LoginModule} has
  * several options that control the authentication process and
- * additions to the <code>Subject</code>'s private credential
- * set. Irrespective of these options, the <code>Subject</code>'s
+ * additions to the {@code Subject}'s private credential
+ * set. Irrespective of these options, the {@code Subject}'s
  * principal set and private credentials set are updated only when
- * <code>commit</code> is called.
- * When <code>commit</code> is called, the <code>KerberosPrincipal</code>
- * is added to the <code>Subject</code>'s principal set (unless the
- * <code>principal</code> is specified as "*"). If <code>isInitiator</code>
- * is true, the <code>KerberosTicket</code> is
- * added to the <code>Subject</code>'s private credentials.
+ * {@code commit} is called.
+ * When {@code commit} is called, the {@code KerberosPrincipal}
+ * is added to the {@code Subject}'s principal set (unless the
+ * {@code principal} is specified as "*"). If {@code isInitiator}
+ * is true, the {@code KerberosTicket} is
+ * added to the {@code Subject}'s private credentials.
  *
- * <p> If the configuration entry for <code>KerberosLoginModule</code>
- * has the option <code>storeKey</code> set to true, then
- * <code>KerberosKey</code> or <code>KeyTab</code> will also be added to the
- * subject's private credentials. <code>KerberosKey</code>, the principal's
- * key(s) will be derived from user's password, and <code>KeyTab</code> is
- * the keytab used when <code>useKeyTab</code> is set to true. The
- * <code>KeyTab</code> object is restricted to be used by the specified
+ * <p> If the configuration entry for {@code KerberosLoginModule}
+ * has the option {@code storeKey} set to true, then
+ * {@code KerberosKey} or {@code KeyTab} will also be added to the
+ * subject's private credentials. {@code KerberosKey}, the principal's
+ * key(s) will be derived from user's password, and {@code KeyTab} is
+ * the keytab used when {@code useKeyTab} is set to true. The
+ * {@code KeyTab} object is restricted to be used by the specified
  * principal unless the principal value is "*".
  *
- * <p> This <code>LoginModule</code> recognizes the <code>doNotPrompt</code>
+ * <p> This {@code LoginModule} recognizes the {@code doNotPrompt}
  * option. If set to true the user will not be prompted for the password.
  *
  * <p> The user can  specify the location of the ticket cache by using
- * the option <code>ticketCache</code> in the configuration entry.
+ * the option {@code ticketCache} in the configuration entry.
  *
  * <p>The user can specify the keytab location by using
- * the option <code>keyTab</code>
+ * the option {@code keyTab}
  * in the configuration entry.
  *
  * <p> The principal name can be specified in the configuration entry
- * by using the option <code>principal</code>. The principal name
+ * by using the option {@code principal}. The principal name
  * can either be a simple user name, a service name such as
- * <code>host/mission.eng.sun.com</code>, or "*". The principal can also
- * be set using the system property <code>sun.security.krb5.principal</code>.
+ * {@code host/mission.eng.sun.com}, or "*". The principal can also
+ * be set using the system property {@code sun.security.krb5.principal}.
  * This property is checked during login. If this property is not set, then
  * the principal name from the configuration is used. In the
  * case where the principal property is not set and the principal
  * entry also does not exist, the user is prompted for the name.
- * When this property of entry is set, and <code>useTicketCache</code>
+ * When this property of entry is set, and {@code useTicketCache}
  * is set to true, only TGT belonging to this principal is used.
  *
  * <p> The following is a list of configuration options supported
- * for <code>Krb5LoginModule</code>:
+ * for {@code Krb5LoginModule}:
  * <blockquote><dl>
- * <dt><b><code>refreshKrb5Config</code></b>:</dt>
+ * <dt>{@code refreshKrb5Config}:</dt>
  * <dd> Set this to true, if you want the configuration
- * to be refreshed before the <code>login</code> method is called.</dd>
- * <dt><b><code>useTicketCache</code></b>:</dt>
+ * to be refreshed before the {@code login} method is called.</dd>
+ * <dt>{@code useTicketCache}:</dt>
  * <dd>Set this to true, if you want the
- * TGT to be obtained
- * from the ticket cache. Set this option
+ * TGT to be obtained from the ticket cache. Set this option
  * to false if you do not want this module to use the ticket cache.
  * (Default is False).
- * This module will
- * search for the ticket
- * cache in the following locations:
- * On Solaris and Linux
- * it will look for the ticket cache in /tmp/krb5cc_<code>uid</code>
- * where the uid is numeric user
- * identifier. If the ticket cache is
+ * This module will search for the ticket
+ * cache in the following locations: On Solaris and Linux
+ * it will look for the ticket cache in /tmp/krb5cc_{@code uid}
+ * where the uid is numeric user identifier. If the ticket cache is
  * not available in the above location, or if we are on a
  * Windows platform, it will look for the cache as
  * {user.home}{file.separator}krb5cc_{user.name}.
  * You can override the ticket cache location by using
- * <code>ticketCache</code>.
+ * {@code ticketCache}.
  * For Windows, if a ticket cannot be retrieved from the file ticket cache,
  * it will use Local Security Authority (LSA) API to get the TGT.
- * <dt><b><code>ticketCache</code></b>:</dt>
+ * <dt>{@code ticketCache}:</dt>
  * <dd>Set this to the name of the ticket
  * cache that  contains user's TGT.
- * If this is set,  <code>useTicketCache</code>
+ * If this is set,  {@code useTicketCache}
  * must also be set to true; Otherwise a configuration error will
  * be returned.</dd>
- * <dt><b><code>renewTGT</code></b>:</dt>
+ * <dt>{@code renewTGT}:</dt>
  * <dd>Set this to true, if you want to renew
- * the TGT. If this is set, <code>useTicketCache</code> must also be
+ * the TGT. If this is set, {@code useTicketCache} must also be
  * set to true; otherwise a configuration error will be returned.</dd>
- * <dt><b><code>doNotPrompt</code></b>:</dt>
+ * <dt>{@code doNotPrompt}:</dt>
  * <dd>Set this to true if you do not want to be
  * prompted for the password
  * if credentials can not be obtained from the cache, the keytab,
  * or through shared state.(Default is false)
  * If set to true, credential must be obtained through cache, keytab,
  * or shared state. Otherwise, authentication will fail.</dd>
- * <dt><b><code>useKeyTab</code></b>:</dt>
+ * <dt>{@code useKeyTab}:</dt>
  * <dd>Set this to true if you
  * want the module to get the principal's key from the
  * the keytab.(default value is False)
- * If <code>keytab</code>
- * is not set then
+ * If {@code keytab} is not set then
  * the module will locate the keytab from the
  * Kerberos configuration file.
  * If it is not specified in the Kerberos configuration file
  * then it will look for the file
- * <code>{user.home}{file.separator}</code>krb5.keytab.</dd>
- * <dt><b><code>keyTab</code></b>:</dt>
+ * {@code {user.home}{file.separator}}krb5.keytab.</dd>
+ * <dt>{@code keyTab}:</dt>
  * <dd>Set this to the file name of the
  * keytab to get principal's secret key.</dd>
- * <dt><b><code>storeKey</code></b>:</dt>
+ * <dt>{@code storeKey}:</dt>
  * <dd>Set this to true to if you want the keytab or the
  * principal's key to be stored in the Subject's private credentials.
- * For <code>isInitiator</code> being false, if <code>principal</code>
+ * For {@code isInitiator} being false, if {@code principal}
  * is "*", the {@link KeyTab} stored can be used by anyone, otherwise,
  * it's restricted to be used by the specified principal only.</dd>
- * <dt><b><code>principal</code></b>:</dt>
+ * <dt>{@code principal}:</dt>
  * <dd>The name of the principal that should
  * be used. The principal can be a simple username such as
- * "<code>testuser</code>" or a service name such as
- * "<code>host/testhost.eng.sun.com</code>". You can use the
- * <code>principal</code>  option to set the principal when there are
+ * "{@code testuser}" or a service name such as
+ * "{@code host/testhost.eng.sun.com}". You can use the
+ * {@code principal}  option to set the principal when there are
  * credentials for multiple principals in the
- * <code>keyTab</code> or when you want a specific ticket cache only.
+ * {@code keyTab} or when you want a specific ticket cache only.
  * The principal can also be set using the system property
- * <code>sun.security.krb5.principal</code>. In addition, if this
+ * {@code sun.security.krb5.principal}. In addition, if this
  * system property is defined, then it will be used. If this property
  * is not set, then the principal name from the configuration will be
  * used.
- * The principal name can be set to "*" when <code>isInitiator</code> is false.
+ * The principal name can be set to "*" when {@code isInitiator} is false.
  * In this case, the acceptor is not bound to a single principal. It can
  * act as any principal an initiator requests if keys for that principal
- * can be found. When <code>isInitiator</code> is true, the principal name
+ * can be found. When {@code isInitiator} is true, the principal name
  * cannot be set to "*".
  * </dd>
- * <dt><b><code>isInitiator</code></b>:</dt>
+ * <dt>{@code isInitiator}:</dt>
  * <dd>Set this to true, if initiator. Set this to false, if acceptor only.
  * (Default is true).
  * Note: Do not set this value to false for initiators.</dd>
  * </dl></blockquote>
  *
- * <p> This <code>LoginModule</code> also recognizes the following additional
- * <code>Configuration</code>
+ * <p> This {@code LoginModule} also recognizes the following additional
+ * {@code Configuration}
  * options that enable you to share username and passwords across different
  * authentication modules:
  * <blockquote><dl>
  *
- *    <dt><b><code>useFirstPass</code></b>:</dt>
+ *    <dt>{@code useFirstPass}:</dt>
  *                   <dd>if, true, this LoginModule retrieves the
  *                   username and password from the module's shared state,
  *                   using "javax.security.auth.login.name" and
@@ -197,7 +192,7 @@
  *                   is made, and the failure is reported back to the
  *                   calling application.</dd>
  *
- *    <dt><b><code>tryFirstPass</code></b>:</dt>
+ *    <dt>{@code tryFirstPass}:</dt>
  *                   <dd>if, true, this LoginModule retrieves the
  *                   the username and password from the module's shared
  *                   state using "javax.security.auth.login.name" and
@@ -210,7 +205,7 @@
  *                   is made. If the authentication fails,
  *                   the failure is reported back to the calling application</dd>
  *
- *    <dt><b><code>storePass</code></b>:</dt>
+ *    <dt>{@code storePass}:</dt>
  *                   <dd>if, true, this LoginModule stores the username and
  *                   password obtained from the CallbackHandler in the
  *                   modules shared state, using
@@ -220,7 +215,7 @@
  *                   exist for the username and password in the shared
  *                   state, or if authentication fails.</dd>
  *
- *    <dt><b><code>clearPass</code></b>:</dt>
+ *    <dt>{@code clearPass}:</dt>
  *                   <dd>if, true, this LoginModule clears the
  *                   username and password stored in the module's shared
  *                   state  after both phases of authentication
@@ -236,148 +231,137 @@
  * <li>shared state
  * <li>user prompt
  * </ol>
+ *
  * <p>Note that if any step fails, it will fallback to the next step.
  * There's only one exception, if the shared state step fails and
- * <code>useFirstPass</code>=true, no user prompt is made.
+ * {@code useFirstPass = true}, no user prompt is made.
  * <p>Examples of some configuration values for Krb5LoginModule in
  * JAAS config file and the results are:
- * <ul>
- * <p> <code>doNotPrompt</code>=true;
- * </ul>
- * <p> This is an illegal combination since none of <code>useTicketCache</code>,
- * <code>useKeyTab</code>, <code>useFirstPass</code> and <code>tryFirstPass</code>
- * is set and the user can not be prompted for the password.
- *<ul>
- * <p> <code>ticketCache</code> = &lt;filename&gt;;
- *</ul>
- * <p> This is an illegal combination since <code>useTicketCache</code>
+ * <blockquote><dl>
+ * <dd><pre>{@code
+ * doNotPrompt = true}</pre>
+ * This is an illegal combination since none of {@code useTicketCache,
+ * useKeyTab, useFirstPass} and {@code tryFirstPass}
+ * is set and the user can not be prompted for the password.</dd>
+ *
+ * <dd><pre>{@code
+ * ticketCache = <filename>}</pre>
+ * This is an illegal combination since {@code useTicketCache}
  * is not set to true and the ticketCache is set. A configuration error
- * will occur.
- * <ul>
- * <p> <code>renewTGT</code>=true;
- *</ul>
- * <p> This is an illegal combination since <code>useTicketCache</code> is
- * not set to true and renewTGT is set. A configuration error will occur.
- * <ul>
- * <p> <code>storeKey</code>=true
- * <code>useTicketCache</code> = true
- * <code>doNotPrompt</code>=true;;
- *</ul>
- * <p> This is an illegal combination since  <code>storeKey</code> is set to
+ * will occur.</dd>
+ *
+ * <dd><pre>{@code
+ * renewTGT = true}</pre>
+ * This is an illegal combination since {@code useTicketCache} is
+ * not set to true and renewTGT is set. A configuration error will occur.</dd>
+ *
+ * <dd><pre>{@code
+ * storeKey = true  useTicketCache = true  doNotPrompt = true}</pre>
+ * This is an illegal combination since  {@code storeKey} is set to
  * true but the key can not be obtained either by prompting the user or from
- * the keytab, or from the shared state. A configuration error will occur.
- * <ul>
- * <p>  <code>keyTab</code> = &lt;filename&gt; <code>doNotPrompt</code>=true ;
- * </ul>
- * <p>This is an illegal combination since useKeyTab is not set to true and
- * the keyTab is set. A configuration error will occur.
- * <ul>
- * <p> <code>debug=true </code>
- *</ul>
- * <p> Prompt the user for the principal name and the password.
+ * the keytab, or from the shared state. A configuration error will occur.</dd>
+ *
+ * <dd><pre>{@code
+ * keyTab = <filename>  doNotPrompt = true}</pre>
+ * This is an illegal combination since useKeyTab is not set to true and
+ * the keyTab is set. A configuration error will occur.</dd>
+ *
+ * <dd><pre>{@code
+ * debug = true}</pre>
+ * Prompt the user for the principal name and the password.
  * Use the authentication exchange to get TGT from the KDC and
- * populate the <code>Subject</code> with the principal and TGT.
- * Output debug messages.
- * <ul>
- * <p> <code>useTicketCache</code> = true <code>doNotPrompt</code>=true;
- *</ul>
- * <p>Check the default cache for TGT and populate the <code>Subject</code>
+ * populate the {@code Subject} with the principal and TGT.
+ * Output debug messages.</dd>
+ *
+ * <dd><pre>{@code
+ * useTicketCache = true  doNotPrompt = true}</pre>
+ * Check the default cache for TGT and populate the {@code Subject}
  * with the principal and TGT. If the TGT is not available,
- * do not prompt the user, instead fail the authentication.
- * <ul>
- * <p><code>principal</code>=&lt;name&gt;<code>useTicketCache</code> = true
- * <code>doNotPrompt</code>=true;
- *</ul>
- * <p> Get the TGT from the default cache for the principal and populate the
+ * do not prompt the user, instead fail the authentication.</dd>
+ *
+ * <dd><pre>{@code
+ * principal = <name>  useTicketCache = true  doNotPrompt = true}</pre>
+ * Get the TGT from the default cache for the principal and populate the
  * Subject's principal and private creds set. If ticket cache is
  * not available or does not contain the principal's TGT
- * authentication will fail.
- * <ul>
- * <p> <code>useTicketCache</code> = true
- * <code>ticketCache</code>=&lt;file name&gt;<code>useKeyTab</code> = true
- * <code> keyTab</code>=&lt;keytab filename&gt;
- * <code>principal</code> = &lt;principal name&gt;
- * <code>doNotPrompt</code>=true;
- *</ul>
- * <p>  Search the cache for the principal's TGT. If it is not available
+ * authentication will fail.</dd>
+ *
+ * <dd><pre>{@code
+ * useTicketCache = true
+ * ticketCache = <file name>
+ * useKeyTab = true
+ * keyTab = <keytab filename>
+ * principal = <principal name>
+ * doNotPrompt = true}</pre>
+ * Search the cache for the principal's TGT. If it is not available
  * use the key in the keytab to perform authentication exchange with the
  * KDC and acquire the TGT.
  * The Subject will be populated with the principal and the TGT.
- * If the key is not available or valid then authentication will fail.
- * <ul>
- * <p><code>useTicketCache</code> = true
- * <code>ticketCache</code>=&lt;file name&gt;
- *</ul>
- * <p> The TGT will be obtained from the cache specified.
+ * If the key is not available or valid then authentication will fail.</dd>
+ *
+ * <dd><pre>{@code
+ * useTicketCache = true  ticketCache = <filename>}</pre>
+ * The TGT will be obtained from the cache specified.
  * The Kerberos principal name used will be the principal name in
  * the Ticket cache. If the TGT is not available in the
  * ticket cache the user will be prompted for the principal name
  * and the password. The TGT will be obtained using the authentication
  * exchange with the KDC.
- * The Subject will be populated with the TGT.
- *<ul>
- * <p> <code>useKeyTab</code> = true
- * <code>keyTab</code>=&lt;keytab filename&gt;
- * <code>principal</code>= &lt;principal name&gt;
- * <code>storeKey</code>=true;
- *</ul>
- * <p>  The key for the principal will be retrieved from the keytab.
+ * The Subject will be populated with the TGT.</dd>
+ *
+ * <dd><pre>{@code
+ * useKeyTab = true  keyTab=<keytab filename>  principal = <principal name>  storeKey = true}</pre>
+ * The key for the principal will be retrieved from the keytab.
  * If the key is not available in the keytab the user will be prompted
  * for the principal's password. The Subject will be populated
  * with the principal's key either from the keytab or derived from the
- * password entered.
- * <ul>
- * <p> <code>useKeyTab</code> = true
- * <code>keyTab</code>=&lt;keytabname&gt;
- * <code>storeKey</code>=true
- * <code>doNotPrompt</code>=false;
- *</ul>
- * <p>The user will be prompted for the service principal name.
+ * password entered.</dd>
+ *
+ * <dd><pre>{@code
+ * useKeyTab = true  keyTab = <keytabname>  storeKey = true  doNotPrompt = false}</pre>
+ * The user will be prompted for the service principal name.
  * If the principal's
  * longterm key is available in the keytab , it will be added to the
  * Subject's private credentials. An authentication exchange will be
  * attempted with the principal name and the key from the Keytab.
  * If successful the TGT will be added to the
- * Subject's private credentials set. Otherwise the authentication will
- * fail.
- * <ul>
- * <p> <code>isInitiator</code> = false <code>useKeyTab</code> = true
- * <code>keyTab</code>=&lt;keytabname&gt;
- * <code>storeKey</code>=true
- * <code>principal</code>=*;
- *</ul>
- * <p>The acceptor will be an unbound acceptor and it can act as any principal
- * as long that principal has keys in the keytab.
- *<ul>
- * <p>
- * <code>useTicketCache</code>=true
- * <code>ticketCache</code>=&lt;file name&gt;;
- * <code>useKeyTab</code> = true
- * <code>keyTab</code>=&lt;file name&gt; <code>storeKey</code>=true
- * <code>principal</code>= &lt;principal name&gt;
- *</ul>
- * <p>
+ * Subject's private credentials set. Otherwise the authentication will fail.</dd>
+ *
+ * <dd><pre>{@code
+ * isInitiator = false  useKeyTab = true  keyTab = <keytabname>  storeKey = true  principal = *}</pre>
+ * The acceptor will be an unbound acceptor and it can act as any principal
+ * as long that principal has keys in the keytab.</dd>
+ *
+ * <dd><pre>{@code
+ * useTicketCache = true
+ * ticketCache = <file name>
+ * useKeyTab = true
+ * keyTab = <file name>
+ * storeKey = true
+ * principal = <principal name>}</pre>
  * The client's TGT will be retrieved from the ticket cache and added to the
- * <code>Subject</code>'s private credentials. If the TGT is not available
+ * {@code Subject}'s private credentials. If the TGT is not available
  * in the ticket cache, or the TGT's client name does not match the principal
  * name, Java will use a secret key to obtain the TGT using the authentication
  * exchange and added to the Subject's private credentials.
  * This secret key will be first retrieved from the keytab. If the key
  * is not available, the user will be prompted for the password. In either
  * case, the key derived from the password will be added to the
- * Subject's private credentials set.
- * <ul>
- * <p><code>isInitiator</code> = false
- *</ul>
- * <p>Configured to act as acceptor only, credentials are not acquired
+ * Subject's private credentials set.</dd>
+ *
+ * <dd><pre>{@code
+ * isInitiator = false}</pre>
+ * Configured to act as acceptor only, credentials are not acquired
  * via AS exchange. For acceptors only, set this value to false.
- * For initiators, do not set this value to false.
- * <ul>
- * <p><code>isInitiator</code> = true
- *</ul>
- * <p>Configured to act as initiator, credentials are acquired
+ * For initiators, do not set this value to false.</dd>
+ *
+ * <dd><pre>{@code
+ * isInitiator = true}</pre>
+ * Configured to act as initiator, credentials are acquired
  * via AS exchange. For initiators, set this value to true, or leave this
- * option unset, in which case default value (true) will be used.
+ * option unset, in which case default value (true) will be used.</dd>
+ *
+ * </dl></blockquote>
  *
  * @author Ram Marti
  */
@@ -445,20 +429,19 @@
     );
 
     /**
-     * Initialize this <code>LoginModule</code>.
+     * Initialize this {@code LoginModule}.
      *
-     * <p>
-     * @param subject the <code>Subject</code> to be authenticated. <p>
+     * @param subject the {@code Subject} to be authenticated.
      *
-     * @param callbackHandler a <code>CallbackHandler</code> for
+     * @param callbackHandler a {@code CallbackHandler} for
      *                  communication with the end user (prompting for
-     *                  usernames and passwords, for example). <p>
+     *                  usernames and passwords, for example).
      *
-     * @param sharedState shared <code>LoginModule</code> state. <p>
+     * @param sharedState shared {@code LoginModule} state.
      *
      * @param options options specified in the login
-     *                  <code>Configuration</code> for this particular
-     *                  <code>LoginModule</code>.
+     *                  {@code Configuration} for this particular
+     *                  {@code LoginModule}.
      */
     // Unchecked warning from (Map<String, Object>)sharedState is safe
     // since javax.security.auth.login.LoginContext passes a raw HashMap.
@@ -536,14 +519,12 @@
     /**
      * Authenticate the user
      *
-     * <p>
-     *
-     * @return true in all cases since this <code>LoginModule</code>
+     * @return true in all cases since this {@code LoginModule}
      *          should not be ignored.
      *
-     * @exception FailedLoginException if the authentication fails. <p>
+     * @exception FailedLoginException if the authentication fails.
      *
-     * @exception LoginException if this <code>LoginModule</code>
+     * @exception LoginException if this {@code LoginModule}
      *          is unable to perform the authentication.
      */
     public boolean login() throws LoginException {
@@ -1019,23 +1000,21 @@
     }
 
     /**
-     * <p> This method is called if the LoginContext's
+     * This method is called if the LoginContext's
      * overall authentication succeeded
      * (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL
      * LoginModules succeeded).
      *
      * <p> If this LoginModule's own authentication attempt
      * succeeded (checked by retrieving the private state saved by the
-     * <code>login</code> method), then this method associates a
-     * <code>Krb5Principal</code>
-     * with the <code>Subject</code> located in the
-     * <code>LoginModule</code>. It adds Kerberos Credentials to the
+     * {@code login} method), then this method associates a
+     * {@code Krb5Principal}
+     * with the {@code Subject} located in the
+     * {@code LoginModule}. It adds Kerberos Credentials to the
      *  the Subject's private credentials set. If this LoginModule's own
      * authentication attempted failed, then this method removes
      * any state that was originally saved.
      *
-     * <p>
-     *
      * @exception LoginException if the commit fails.
      *
      * @return true if this LoginModule's own login and commit
@@ -1147,18 +1126,16 @@
     }
 
     /**
-     * <p> This method is called if the LoginContext's
+     * This method is called if the LoginContext's
      * overall authentication failed.
      * (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL
      * LoginModules did not succeed).
      *
      * <p> If this LoginModule's own authentication attempt
      * succeeded (checked by retrieving the private state saved by the
-     * <code>login</code> and <code>commit</code> methods),
+     * {@code login} and {@code commit} methods),
      * then this method cleans up any state that was originally saved.
      *
-     * <p>
-     *
      * @exception LoginException if the abort fails.
      *
      * @return false if this LoginModule's own login and/or commit attempts
@@ -1183,14 +1160,12 @@
     /**
      * Logout the user.
      *
-     * <p> This method removes the <code>Krb5Principal</code>
-     * that was added by the <code>commit</code> method.
-     *
-     * <p>
+     * <p> This method removes the {@code Krb5Principal}
+     * that was added by the {@code commit} method.
      *
      * @exception LoginException if the logout fails.
      *
-     * @return true in all cases since this <code>LoginModule</code>
+     * @return true in all cases since this {@code LoginModule}
      *          should not be ignored.
      */
     public boolean logout() throws LoginException {
--- a/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/module/LdapLoginModule.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/module/LdapLoginModule.java	Thu Apr 30 17:20:49 2015 -0700
@@ -70,8 +70,8 @@
  * conjunction with a specified search filter.
  * If successful then authentication is attempted using the user's
  * distinguished name and the supplied password.
- * To enable this mode, set the <code>userFilter</code> option and omit the
- * <code>authIdentity</code> option.
+ * To enable this mode, set the {@code userFilter} option and omit the
+ * {@code authIdentity} option.
  * Use search-first mode when the user's distinguished name is not
  * known in advance.
  *
@@ -79,22 +79,22 @@
  * supplied username and password and then the LDAP directory is searched.
  * If authentication is successful then a search is performed using the
  * supplied username in conjunction with a specified search filter.
- * To enable this mode, set the <code>authIdentity</code> and the
- * <code>userFilter</code> options.
+ * To enable this mode, set the {@code authIdentity} and the
+ * {@code userFilter} options.
  * Use authentication-first mode when accessing an LDAP directory
  * that has been configured to disallow anonymous searches.
  *
  * <p> In authentication-only mode, authentication is attempted using the
  * supplied username and password. The LDAP directory is not searched because
  * the user's distinguished name is already known.
- * To enable this mode, set the <code>authIdentity</code> option to a valid
- * distinguished name and omit the <code>userFilter</code> option.
+ * To enable this mode, set the {@code authIdentity} option to a valid
+ * distinguished name and omit the {@code userFilter} option.
  * Use authentication-only mode when the user's distinguished name is
  * known in advance.
  *
  * <p> The following option is mandatory and must be specified in this
  * module's login {@link Configuration}:
- * <dl><dt></dt><dd>
+ * <dl><dd>
  * <dl>
  * <dt> <code>userProvider=<b>ldap_urls</b></code>
  * </dt>
@@ -106,7 +106,7 @@
  *      When several LDAP URLs are specified then each is attempted,
  *      in turn, until the first successful connection is established.
  *      Spaces in the distinguished name component of the URL must be escaped
- *      using the standard mechanism of percent character ('<code>%</code>')
+ *      using the standard mechanism of percent character ('{@code %}')
  *      followed by two hexadecimal digits (see {@link java.net.URI}).
  *      Query components must also be omitted from the URL.
  *
@@ -120,33 +120,33 @@
  *
  * <p> This module also recognizes the following optional {@link Configuration}
  *     options:
- * <dl><dt></dt><dd>
+ * <dl><dd>
  * <dl>
  * <dt> <code>userFilter=<b>ldap_filter</b></code> </dt>
  * <dd> This option specifies the search filter to use to locate a user's
  *      entry in the LDAP directory. It is used to determine a user's
  *      distinguished name.
- *      <code><b>ldap_filter</b></code> is an LDAP filter string
+ *      <b>{@code ldap_filter}</b> is an LDAP filter string
  *      (<a href="http://www.ietf.org/rfc/rfc2254.txt">RFC 2254</a>).
- *      If it contains the special token "<code><b>{USERNAME}</b></code>"
+ *      If it contains the special token "<b>{@code {USERNAME}}</b>"
  *      then that token will be replaced with the supplied username value
  *      before the filter is used to search the directory. </dd>
  *
  * <dt> <code>authIdentity=<b>auth_id</b></code> </dt>
  * <dd> This option specifies the identity to use when authenticating a user
  *      to the LDAP directory.
- *      <code><b>auth_id</b></code> may be an LDAP distinguished name string
+ *      <b>{@code auth_id}</b> may be an LDAP distinguished name string
  *      (<a href="http://www.ietf.org/rfc/rfc2253.txt">RFC 2253</a>) or some
  *      other string name.
- *      It must contain the special token "<code><b>{USERNAME}</b></code>"
+ *      It must contain the special token "<b>{@code {USERNAME}}</b>"
  *      which will be replaced with the supplied username value before the
  *      name is used for authentication.
  *      Note that if this option does not contain a distinguished name then
- *      the <code>userFilter</code> option must also be specified. </dd>
+ *      the {@code userFilter} option must also be specified. </dd>
  *
  * <dt> <code>authzIdentity=<b>authz_id</b></code> </dt>
  * <dd> This option specifies an authorization identity for the user.
- *      <code><b>authz_id</b></code> is any string name.
+ *      <b>{@code authz_id}</b> is any string name.
  *      If it comprises a single special token with curly braces then
  *      that token is treated as a attribute name and will be replaced with a
  *      single value of that attribute from the user's LDAP entry.
@@ -156,23 +156,23 @@
  *      is created using the authorization identity and it is associated with
  *      the current {@link Subject}. </dd>
  *
- * <dt> <code>useSSL</code> </dt>
- * <dd> if <code>false</code>, this module does not establish an SSL connection
+ * <dt> {@code useSSL} </dt>
+ * <dd> if {@code false}, this module does not establish an SSL connection
  *      to the LDAP server before attempting authentication. SSL is used to
  *      protect the privacy of the user's password because it is transmitted
  *      in the clear over LDAP.
  *      By default, this module uses SSL. </dd>
  *
- * <dt> <code>useFirstPass</code> </dt>
- * <dd> if <code>true</code>, this module retrieves the username and password
+ * <dt> {@code useFirstPass} </dt>
+ * <dd> if {@code true}, this module retrieves the username and password
  *      from the module's shared state, using "javax.security.auth.login.name"
  *      and "javax.security.auth.login.password" as the respective keys. The
  *      retrieved values are used for authentication. If authentication fails,
  *      no attempt for a retry is made, and the failure is reported back to
  *      the calling application.</dd>
  *
- * <dt> <code>tryFirstPass</code> </dt>
- * <dd> if <code>true</code>, this module retrieves the username and password
+ * <dt> {@code tryFirstPass} </dt>
+ * <dd> if {@code true}, this module retrieves the username and password
  *      from the module's shared state, using "javax.security.auth.login.name"
  *       and "javax.security.auth.login.password" as the respective keys.  The
  *      retrieved values are used for authentication. If authentication fails,
@@ -181,8 +181,8 @@
  *      authentication fails, the failure is reported back to the calling
  *      application.</dd>
  *
- * <dt> <code>storePass</code> </dt>
- * <dd> if <code>true</code>, this module stores the username and password
+ * <dt> {@code storePass} </dt>
+ * <dd> if {@code true}, this module stores the username and password
  *      obtained from the {@link CallbackHandler} in the module's shared state,
  *      using
  *      "javax.security.auth.login.name" and
@@ -190,13 +190,13 @@
  *      not performed if existing values already exist for the username and
  *      password in the shared state, or if authentication fails.</dd>
  *
- * <dt> <code>clearPass</code> </dt>
- * <dd> if <code>true</code>, this module clears the username and password
+ * <dt> {@code clearPass} </dt>
+ * <dd> if {@code true}, this module clears the username and password
  *      stored in the module's shared state after both phases of authentication
  *      (login and commit) have completed.</dd>
  *
- * <dt> <code>debug</code> </dt>
- * <dd> if <code>true</code>, debug messages are displayed on the standard
+ * <dt> {@code debug} </dt>
+ * <dd> if {@code true}, debug messages are displayed on the standard
  *      output stream.
  * </dl>
  * </dl>
@@ -209,36 +209,36 @@
  * Note that the following four JNDI properties are set by this module directly
  * and are ignored if also present in the configuration:
  * <ul>
- * <li> <code>java.naming.provider.url</code>
- * <li> <code>java.naming.security.principal</code>
- * <li> <code>java.naming.security.credentials</code>
- * <li> <code>java.naming.security.protocol</code>
+ * <li> {@code java.naming.provider.url}
+ * <li> {@code java.naming.security.principal}
+ * <li> {@code java.naming.security.credentials}
+ * <li> {@code java.naming.security.protocol}
  * </ul>
  *
  * <p>
  * Three sample {@link Configuration}s are shown below.
  * The first one activates search-first mode. It identifies the LDAP server
- * and specifies that users' entries be located by their <code>uid</code> and
- * <code>objectClass</code> attributes. It also specifies that an identity
- * based on the user's <code>employeeNumber</code> attribute should be created.
+ * and specifies that users' entries be located by their {@code uid} and
+ * {@code objectClass} attributes. It also specifies that an identity
+ * based on the user's {@code employeeNumber} attribute should be created.
  * The second one activates authentication-first mode. It requests that the
  * LDAP server be located dynamically, that authentication be performed using
  * the supplied username directly but without the protection of SSL and that
  * users' entries be located by one of three naming attributes and their
- * <code>objectClass</code> attribute.
+ * {@code objectClass} attribute.
  * The third one activates authentication-only mode. It identifies alternative
  * LDAP servers, it specifies the distinguished name to use for
  * authentication and a fixed identity to use for authorization. No directory
  * search is performed.
  *
- * <pre>
+ * <pre>{@literal
  *
  *     ExampleApplication {
  *         com.sun.security.auth.module.LdapLoginModule REQUIRED
- *             userProvider="ldap://ldap-svr/ou=people,dc=example,dc=com"
- *             userFilter="(&(uid={USERNAME})(objectClass=inetOrgPerson))"
- *             authzIdentity="{EMPLOYEENUMBER}"
- *             debug=true;
+ *              userProvider="ldap://ldap-svr/ou=people,dc=example,dc=com"
+ *              userFilter="(&(uid={USERNAME})(objectClass=inetOrgPerson))"
+ *              authzIdentity="{EMPLOYEENUMBER}"
+ *              debug=true;
  *     };
  *
  *     ExampleApplication {
@@ -258,7 +258,7 @@
  *             debug=true;
  *     };
  *
- * </pre>
+ * }</pre>
  *
  * <dl>
  * <dt><b>Note:</b> </dt>
@@ -282,7 +282,6 @@
  *     <em>caller-specified</em> {@link Configuration} then the application
  *     must be granted the permissions required by the {@link LoginModule}.
  *     <em>This</em> module requires the following two permissions:
- *     <p>
  *     <ul>
  *     <li> The {@link SocketPermission} to connect to an LDAP server.
  *     <li> The {@link AuthPermission} to modify the set of {@link Principal}s
@@ -373,15 +372,15 @@
     private SearchControls constraints = null;
 
     /**
-     * Initialize this <code>LoginModule</code>.
+     * Initialize this {@code LoginModule}.
      *
-     * @param subject the <code>Subject</code> to be authenticated.
-     * @param callbackHandler a <code>CallbackHandler</code> to acquire the
+     * @param subject the {@code Subject} to be authenticated.
+     * @param callbackHandler a {@code CallbackHandler} to acquire the
      *                  username and password.
-     * @param sharedState shared <code>LoginModule</code> state.
+     * @param sharedState shared {@code LoginModule} state.
      * @param options options specified in the login
-     *                  <code>Configuration</code> for this particular
-     *                  <code>LoginModule</code>.
+     *                  {@code Configuration} for this particular
+     *                  {@code LoginModule}.
      */
     // Unchecked warning from (Map<String, Object>)sharedState is safe
     // since javax.security.auth.login.LoginContext passes a raw HashMap.
@@ -492,10 +491,10 @@
      * <p> Acquire the user's credentials and verify them against the
      * specified LDAP directory.
      *
-     * @return true always, since this <code>LoginModule</code>
+     * @return true always, since this {@code LoginModule}
      *          should not be ignored.
      * @exception FailedLoginException if the authentication fails.
-     * @exception LoginException if this <code>LoginModule</code>
+     * @exception LoginException if this {@code LoginModule}
      *          is unable to perform the authentication.
      */
     public boolean login() throws LoginException {
@@ -593,10 +592,10 @@
      *
      * <p> If this LoginModule's own authentication attempt
      * succeeded (checked by retrieving the private state saved by the
-     * <code>login</code> method), then this method associates an
-     * <code>LdapPrincipal</code> and one or more <code>UserPrincipal</code>s
-     * with the <code>Subject</code> located in the
-     * <code>LoginModule</code>.  If this LoginModule's own
+     * {@code login} method), then this method associates an
+     * {@code LdapPrincipal} and one or more {@code UserPrincipal}s
+     * with the {@code Subject} located in the
+     * {@code LoginModule}.  If this LoginModule's own
      * authentication attempted failed, then this method removes
      * any state that was originally saved.
      *
@@ -662,7 +661,7 @@
      *
      * <p> If this LoginModule's own authentication attempt
      * succeeded (checked by retrieving the private state saved by the
-     * <code>login</code> and <code>commit</code> methods),
+     * {@code login} and {@code commit} methods),
      * then this method cleans up any state that was originally saved.
      *
      * @exception LoginException if the abort fails.
@@ -697,10 +696,10 @@
      * Logout a user.
      *
      * <p> This method removes the Principals
-     * that were added by the <code>commit</code> method.
+     * that were added by the {@code commit} method.
      *
      * @exception LoginException if the logout fails.
-     * @return true in all cases since this <code>LoginModule</code>
+     * @return true in all cases since this {@code LoginModule}
      *          should not be ignored.
      */
     public boolean logout() throws LoginException {
--- a/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/module/NTLoginModule.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/module/NTLoginModule.java	Thu Apr 30 17:20:49 2015 -0700
@@ -41,10 +41,10 @@
 import com.sun.security.auth.NTNumericCredential;
 
 /**
- * <p> This <code>LoginModule</code>
+ * This {@code LoginModule}
  * renders a user's NT security information as some number of
- * <code>Principal</code>s
- * and associates them with a <code>Subject</code>.
+ * {@code Principal}s
+ * and associates them with a {@code Subject}.
  *
  * <p> This LoginModule recognizes the debug option.
  * If set to true in the login Configuration,
@@ -85,23 +85,21 @@
     private NTNumericCredential iToken;                 // impersonation token
 
     /**
-     * Initialize this <code>LoginModule</code>.
-     *
-     * <p>
+     * Initialize this {@code LoginModule}.
      *
-     * @param subject the <code>Subject</code> to be authenticated. <p>
+     * @param subject the {@code Subject} to be authenticated.
      *
-     * @param callbackHandler a <code>CallbackHandler</code> for communicating
+     * @param callbackHandler a {@code CallbackHandler} for communicating
      *          with the end user (prompting for usernames and
      *          passwords, for example). This particular LoginModule only
      *          extracts the underlying NT system information, so this
-     *          parameter is ignored.<p>
+     *          parameter is ignored.
      *
-     * @param sharedState shared <code>LoginModule</code> state. <p>
+     * @param sharedState shared {@code LoginModule} state.
      *
      * @param options options specified in the login
-     *                  <code>Configuration</code> for this particular
-     *                  <code>LoginModule</code>.
+     *                  {@code Configuration} for this particular
+     *                  {@code LoginModule}.
      */
     public void initialize(Subject subject, CallbackHandler callbackHandler,
                            Map<String,?> sharedState,
@@ -125,14 +123,12 @@
     /**
      * Import underlying NT system identity information.
      *
-     * <p>
-     *
-     * @return true in all cases since this <code>LoginModule</code>
+     * @return true in all cases since this {@code LoginModule}
      *          should not be ignored.
      *
-     * @exception FailedLoginException if the authentication fails. <p>
+     * @exception FailedLoginException if the authentication fails.
      *
-     * @exception LoginException if this <code>LoginModule</code>
+     * @exception LoginException if this {@code LoginModule}
      *          is unable to perform the authentication.
      */
     public boolean login() throws LoginException {
@@ -221,22 +217,20 @@
     }
 
     /**
-     * <p> This method is called if the LoginContext's
+     * This method is called if the LoginContext's
      * overall authentication succeeded
      * (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules
      * succeeded).
      *
      * <p> If this LoginModule's own authentication attempt
      * succeeded (checked by retrieving the private state saved by the
-     * <code>login</code> method), then this method associates some
-     * number of various <code>Principal</code>s
-     * with the <code>Subject</code> located in the
-     * <code>LoginModuleContext</code>.  If this LoginModule's own
+     * {@code login} method), then this method associates some
+     * number of various {@code Principal}s
+     * with the {@code Subject} located in the
+     * {@code LoginModuleContext}.  If this LoginModule's own
      * authentication attempted failed, then this method removes
      * any state that was originally saved.
      *
-     * <p>
-     *
      * @exception LoginException if the commit fails.
      *
      * @return true if this LoginModule's own login and commit
@@ -290,18 +284,16 @@
 
 
     /**
-     * <p> This method is called if the LoginContext's
+     * This method is called if the LoginContext's
      * overall authentication failed.
      * (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules
      * did not succeed).
      *
      * <p> If this LoginModule's own authentication attempt
      * succeeded (checked by retrieving the private state saved by the
-     * <code>login</code> and <code>commit</code> methods),
+     * {@code login} and {@code commit} methods),
      * then this method cleans up any state that was originally saved.
      *
-     * <p>
-     *
      * @exception LoginException if the abort fails.
      *
      * @return false if this LoginModule's own login and/or commit attempts
@@ -336,17 +328,15 @@
     /**
      * Logout the user.
      *
-     * <p> This method removes the <code>NTUserPrincipal</code>,
-     * <code>NTDomainPrincipal</code>, <code>NTSidUserPrincipal</code>,
-     * <code>NTSidDomainPrincipal</code>, <code>NTSidGroupPrincipal</code>s,
-     * and <code>NTSidPrimaryGroupPrincipal</code>
-     * that may have been added by the <code>commit</code> method.
-     *
-     * <p>
+     * <p> This method removes the {@code NTUserPrincipal},
+     * {@code NTDomainPrincipal}, {@code NTSidUserPrincipal},
+     * {@code NTSidDomainPrincipal}, {@code NTSidGroupPrincipal}s,
+     * and {@code NTSidPrimaryGroupPrincipal}
+     * that may have been added by the {@code commit} method.
      *
      * @exception LoginException if the logout fails.
      *
-     * @return true in all cases since this <code>LoginModule</code>
+     * @return true in all cases since this {@code LoginModule}
      *          should not be ignored.
      */
     public boolean logout() throws LoginException {
--- a/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/module/NTSystem.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/module/NTSystem.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,7 +26,7 @@
 package com.sun.security.auth.module;
 
 /**
- * <p> This class implementation retrieves and makes available NT
+ * This class implementation retrieves and makes available NT
  * security information for the current user.
  *
  */
@@ -45,7 +45,7 @@
     private long   impersonationToken;
 
     /**
-     * Instantiate an <code>NTSystem</code> and load
+     * Instantiate an {@code NTSystem} and load
      * the native library to access the underlying system information.
      */
     public NTSystem() {
@@ -53,7 +53,7 @@
     }
 
     /**
-     * Instantiate an <code>NTSystem</code> and load
+     * Instantiate an {@code NTSystem} and load
      * the native library to access the underlying system information.
      */
     NTSystem(boolean debug) {
@@ -64,8 +64,6 @@
     /**
      * Get the username for the current NT user.
      *
-     * <p>
-     *
      * @return the username for the current NT user.
      */
     public String getName() {
@@ -75,8 +73,6 @@
     /**
      * Get the domain for the current NT user.
      *
-     * <p>
-     *
      * @return the domain for the current NT user.
      */
     public String getDomain() {
@@ -86,8 +82,6 @@
     /**
      * Get a printable SID for the current NT user's domain.
      *
-     * <p>
-     *
      * @return a printable SID for the current NT user's domain.
      */
     public String getDomainSID() {
@@ -97,8 +91,6 @@
     /**
      * Get a printable SID for the current NT user.
      *
-     * <p>
-     *
      * @return a printable SID for the current NT user.
      */
     public String getUserSID() {
@@ -108,8 +100,6 @@
     /**
      * Get a printable primary group SID for the current NT user.
      *
-     * <p>
-     *
      * @return the primary group SID for the current NT user.
      */
     public String getPrimaryGroupID() {
@@ -119,8 +109,6 @@
     /**
      * Get the printable group SIDs for the current NT user.
      *
-     * <p>
-     *
      * @return the group SIDs for the current NT user.
      */
     public String[] getGroupIDs() {
@@ -130,8 +118,6 @@
     /**
      * Get an impersonation token for the current NT user.
      *
-     * <p>
-     *
      * @return an impersonation token for the current NT user.
      */
     public synchronized long getImpersonationToken() {
--- a/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/module/SolarisLoginModule.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/module/SolarisLoginModule.java	Thu Apr 30 17:20:49 2015 -0700
@@ -36,17 +36,17 @@
 import com.sun.security.auth.SolarisNumericGroupPrincipal;
 
 /**
- * <p> This <code>LoginModule</code> imports a user's Solaris
- * <code>Principal</code> information (<code>SolarisPrincipal</code>,
- * <code>SolarisNumericUserPrincipal</code>,
- * and <code>SolarisNumericGroupPrincipal</code>)
- * and associates them with the current <code>Subject</code>.
+ * This {@code LoginModule} imports a user's Solaris
+ * {@code Principal} information ({@code SolarisPrincipal},
+ * {@code SolarisNumericUserPrincipal},
+ * and {@code SolarisNumericGroupPrincipal})
+ * and associates them with the current {@code Subject}.
  *
  * <p> This LoginModule recognizes the debug option.
  * If set to true in the login Configuration,
  * debug messages will be output to the output stream, System.out.
  * @deprecated  As of JDK1.4, replaced by
- * <code>com.sun.security.auth.module.UnixLoginModule</code>.
+ * {@code com.sun.security.auth.module.UnixLoginModule}.
  *             This LoginModule is entirely deprecated and
  *             is here to allow for a smooth transition to the new
  *             UnixLoginModule.
@@ -80,21 +80,19 @@
                 new LinkedList<>();
 
     /**
-     * Initialize this <code>LoginModule</code>.
+     * Initialize this {@code LoginModule}.
      *
-     * <p>
-     *
-     * @param subject the <code>Subject</code> to be authenticated. <p>
+     * @param subject the {@code Subject} to be authenticated.
      *
-     * @param callbackHandler a <code>CallbackHandler</code> for communicating
+     * @param callbackHandler a {@code CallbackHandler} for communicating
      *                  with the end user (prompting for usernames and
-     *                  passwords, for example). <p>
+     *                  passwords, for example).
      *
-     * @param sharedState shared <code>LoginModule</code> state. <p>
+     * @param sharedState shared {@code LoginModule} state.
      *
      * @param options options specified in the login
-     *                  <code>Configuration</code> for this particular
-     *                  <code>LoginModule</code>.
+     *                  {@code Configuration} for this particular
+     *                  {@code LoginModule}.
      */
     public void initialize(Subject subject, CallbackHandler callbackHandler,
                            Map<String,?> sharedState,
@@ -114,15 +112,13 @@
      * Authenticate the user (first phase).
      *
      * <p> The implementation of this method attempts to retrieve the user's
-     * Solaris <code>Subject</code> information by making a native Solaris
+     * Solaris {@code Subject} information by making a native Solaris
      * system call.
      *
-     * <p>
-     *
      * @exception FailedLoginException if attempts to retrieve the underlying
      *          system information fail.
      *
-     * @return true in all cases (this <code>LoginModule</code>
+     * @return true in all cases (this {@code LoginModule}
      *          should not be ignored).
      */
     public boolean login() throws LoginException {
@@ -175,13 +171,11 @@
      * <p> If this LoginModule's own authentication attempt
      * succeeded (the importing of the Solaris authentication information
      * succeeded), then this method associates the Solaris Principals
-     * with the <code>Subject</code> currently tied to the
-     * <code>LoginModule</code>.  If this LoginModule's
+     * with the {@code Subject} currently tied to the
+     * {@code LoginModule}.  If this LoginModule's
      * authentication attempted failed, then this method removes
      * any state that was originally saved.
      *
-     * <p>
-     *
      * @exception LoginException if the commit fails
      *
      * @return true if this LoginModule's own login and commit attempts
@@ -232,10 +226,8 @@
      * did not succeed).
      *
      * <p> This method cleans up any state that was originally saved
-     * as part of the authentication attempt from the <code>login</code>
-     * and <code>commit</code> methods.
-     *
-     * <p>
+     * as part of the authentication attempt from the {@code login}
+     * and {@code commit} methods.
      *
      * @exception LoginException if the abort fails
      *
@@ -272,13 +264,11 @@
      * Logout the user
      *
      * <p> This method removes the Principals associated
-     * with the <code>Subject</code>.
-     *
-     * <p>
+     * with the {@code Subject}.
      *
      * @exception LoginException if the logout fails
      *
-     * @return true in all cases (this <code>LoginModule</code>
+     * @return true in all cases (this {@code LoginModule}
      *          should not be ignored).
      */
     public boolean logout() throws LoginException {
--- a/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/module/SolarisSystem.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/module/SolarisSystem.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,7 +26,7 @@
 package com.sun.security.auth.module;
 
 /**
- * <p> This class implementation retrieves and makes available Solaris
+ * This class implementation retrieves and makes available Solaris
  * UID/GID/groups information for the current user.
  *
  * @deprecated replaced by {@link UnixSystem}.
@@ -43,7 +43,7 @@
     protected long[] groups;
 
     /**
-     * Instantiate a <code>SolarisSystem</code> and load
+     * Instantiate a {@code SolarisSystem} and load
      * the native library to access the underlying system information.
      */
     public SolarisSystem() {
@@ -54,8 +54,6 @@
     /**
      * Get the username for the current Solaris user.
      *
-     * <p>
-     *
      * @return the username for the current Solaris user.
      */
     public String getUsername() {
@@ -65,8 +63,6 @@
     /**
      * Get the UID for the current Solaris user.
      *
-     * <p>
-     *
      * @return the UID for the current Solaris user.
      */
     public long getUid() {
@@ -76,8 +72,6 @@
     /**
      * Get the GID for the current Solaris user.
      *
-     * <p>
-     *
      * @return the GID for the current Solaris user.
      */
     public long getGid() {
@@ -87,8 +81,6 @@
     /**
      * Get the supplementary groups for the current Solaris user.
      *
-     * <p>
-     *
      * @return the supplementary groups for the current Solaris user.
      */
     public long[] getGroups() {
--- a/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/module/UnixLoginModule.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/module/UnixLoginModule.java	Thu Apr 30 17:20:49 2015 -0700
@@ -36,11 +36,11 @@
 import com.sun.security.auth.UnixNumericGroupPrincipal;
 
 /**
- * <p> This <code>LoginModule</code> imports a user's Unix
- * <code>Principal</code> information (<code>UnixPrincipal</code>,
- * <code>UnixNumericUserPrincipal</code>,
- * and <code>UnixNumericGroupPrincipal</code>)
- * and associates them with the current <code>Subject</code>.
+ * This {@code LoginModule} imports a user's Unix
+ * {@code Principal} information ({@code UnixPrincipal},
+ * {@code UnixNumericUserPrincipal},
+ * and {@code UnixNumericGroupPrincipal})
+ * and associates them with the current {@code Subject}.
  *
  * <p> This LoginModule recognizes the debug option.
  * If set to true in the login Configuration,
@@ -74,21 +74,19 @@
                 new LinkedList<>();
 
     /**
-     * Initialize this <code>LoginModule</code>.
+     * Initialize this {@code LoginModule}.
      *
-     * <p>
-     *
-     * @param subject the <code>Subject</code> to be authenticated. <p>
+     * @param subject the {@code Subject} to be authenticated.
      *
-     * @param callbackHandler a <code>CallbackHandler</code> for communicating
+     * @param callbackHandler a {@code CallbackHandler} for communicating
      *                  with the end user (prompting for usernames and
-     *                  passwords, for example). <p>
+     *                  passwords, for example).
      *
-     * @param sharedState shared <code>LoginModule</code> state. <p>
+     * @param sharedState shared {@code LoginModule} state.
      *
      * @param options options specified in the login
-     *                  <code>Configuration</code> for this particular
-     *                  <code>LoginModule</code>.
+     *                  {@code Configuration} for this particular
+     *                  {@code LoginModule}.
      */
     public void initialize(Subject subject, CallbackHandler callbackHandler,
                            Map<String,?> sharedState,
@@ -107,15 +105,13 @@
      * Authenticate the user (first phase).
      *
      * <p> The implementation of this method attempts to retrieve the user's
-     * Unix <code>Subject</code> information by making a native Unix
+     * Unix {@code Subject} information by making a native Unix
      * system call.
      *
-     * <p>
-     *
      * @exception FailedLoginException if attempts to retrieve the underlying
      *          system information fail.
      *
-     * @return true in all cases (this <code>LoginModule</code>
+     * @return true in all cases (this {@code LoginModule}
      *          should not be ignored).
      */
     public boolean login() throws LoginException {
@@ -169,13 +165,11 @@
      * <p> If this LoginModule's own authentication attempt
      * succeeded (the importing of the Unix authentication information
      * succeeded), then this method associates the Unix Principals
-     * with the <code>Subject</code> currently tied to the
-     * <code>LoginModule</code>.  If this LoginModule's
+     * with the {@code Subject} currently tied to the
+     * {@code LoginModule}.  If this LoginModule's
      * authentication attempted failed, then this method removes
      * any state that was originally saved.
      *
-     * <p>
-     *
      * @exception LoginException if the commit fails
      *
      * @return true if this LoginModule's own login and commit attempts
@@ -228,10 +222,8 @@
      * did not succeed).
      *
      * <p> This method cleans up any state that was originally saved
-     * as part of the authentication attempt from the <code>login</code>
-     * and <code>commit</code> methods.
-     *
-     * <p>
+     * as part of the authentication attempt from the {@code login}
+     * and {@code commit} methods.
      *
      * @exception LoginException if the abort fails
      *
@@ -267,13 +259,11 @@
      * Logout the user
      *
      * <p> This method removes the Principals associated
-     * with the <code>Subject</code>.
-     *
-     * <p>
+     * with the {@code Subject}.
      *
      * @exception LoginException if the logout fails
      *
-     * @return true in all cases (this <code>LoginModule</code>
+     * @return true in all cases (this {@code LoginModule}
      *          should not be ignored).
      */
     public boolean logout() throws LoginException {
--- a/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/module/UnixSystem.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/src/jdk.security.auth/share/classes/com/sun/security/auth/module/UnixSystem.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,9 +26,8 @@
 package com.sun.security.auth.module;
 
 /**
- * <p> This class implementation retrieves and makes available Unix
+ * This class implementation retrieves and makes available Unix
  * UID/GID/groups information for the current user.
- *
  */
 @jdk.Exported
 public class UnixSystem {
@@ -41,7 +40,7 @@
     protected long[] groups;
 
     /**
-     * Instantiate a <code>UnixSystem</code> and load
+     * Instantiate a {@code UnixSystem} and load
      * the native library to access the underlying system information.
      */
     public UnixSystem() {
@@ -52,8 +51,6 @@
     /**
      * Get the username for the current Unix user.
      *
-     * <p>
-     *
      * @return the username for the current Unix user.
      */
     public String getUsername() {
@@ -63,8 +60,6 @@
     /**
      * Get the UID for the current Unix user.
      *
-     * <p>
-     *
      * @return the UID for the current Unix user.
      */
     public long getUid() {
@@ -74,8 +69,6 @@
     /**
      * Get the GID for the current Unix user.
      *
-     * <p>
-     *
      * @return the GID for the current Unix user.
      */
     public long getGid() {
@@ -85,8 +78,6 @@
     /**
      * Get the supplementary groups for the current Unix user.
      *
-     * <p>
-     *
      * @return the supplementary groups for the current Unix user.
      */
     public long[] getGroups() {
--- a/jdk/test/TEST.ROOT	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/TEST.ROOT	Thu Apr 30 17:20:49 2015 -0700
@@ -1,8 +1,15 @@
 # This file identifies the root of the test-suite hierarchy.
 # It also contains test-suite configuration information.
 
-# The list of keywords supported in the entire test suite
-keys=2d dnd i18n intermittent
+# The list of keywords supported in the entire test suite.  The
+# "intermittent" keyword marks tests known to fail intermittently.
+# The "randomness" keyword marks tests using randomness with test
+# cases differing from run to run. (A test using a fixed random seed
+# would not count as "randomness" by this definition.) Extra care
+# should be taken to handle test failures of intermittent or
+# randomness tests.
+
+keys=2d dnd i18n intermittent randomness
 
 # Tests that must run in othervm mode
 othervm.dirs=java/awt java/beans javax/accessibility javax/imageio javax/sound javax/print javax/management com/sun/awt sun/awt sun/java2d sun/pisces javax/xml/jaxp/testng/validation
--- a/jdk/test/com/oracle/security/ucrypto/CipherSignNotSupported.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/com/oracle/security/ucrypto/CipherSignNotSupported.java	Thu Apr 30 17:20:49 2015 -0700
@@ -27,6 +27,7 @@
  * @summary Make sure signing via encrypt and verifying via decrypt are not
  * supported by OracleUcrypto provider.
  * @author Anthony Scarpino
+ * @key randomness
  */
 
 import java.util.Random;
--- a/jdk/test/com/oracle/security/ucrypto/TestAES.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/com/oracle/security/ucrypto/TestAES.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  * @test
  * @bug 7088989 8014374
  * @summary Ensure the AES ciphers of OracleUcrypto provider works correctly
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/com/oracle/security/ucrypto/TestCICOWithGCM.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/com/oracle/security/ucrypto/TestCICOWithGCM.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,6 +26,7 @@
  * @bug 8014374
  * @summary Test basic CipherInputStream/OutputStream func w/ GCM mode.
  * @author Valerie Peng
+ * @key randomness
  */
 
 import java.security.*;
--- a/jdk/test/com/oracle/security/ucrypto/TestCICOWithGCMAndAAD.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/com/oracle/security/ucrypto/TestCICOWithGCMAndAAD.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,6 +26,7 @@
  * @bug 8014374
  * @summary Test CipherInputStream/OutputStream func w/ GCM mode and AAD.
  * @author Valerie Peng
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/com/oracle/security/ucrypto/TestDigest.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/com/oracle/security/ucrypto/TestDigest.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  * @test
  * @bug     7088989
  * @summary Ensure the various message digests works correctly
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/com/oracle/security/ucrypto/TestGCMKeyWrap.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/com/oracle/security/ucrypto/TestGCMKeyWrap.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  * @test
  * @bug 8014374
  * @summary Ensure key wrap/unwrap works using AES/GCM/NoPadding
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/com/sun/crypto/provider/Cipher/AES/CICO.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/com/sun/crypto/provider/Cipher/AES/CICO.java	Thu Apr 30 17:20:49 2015 -0700
@@ -44,6 +44,7 @@
  * @summary Test AES ciphers with different modes and padding schemes (ECB mode
  *          doesn't use IV). The test tries 3 different read methods of
  *          CipherInputStream.
+ * @key randomness
  */
 public class CICO {
     private static final String ALGORITHM = "aEs";
--- a/jdk/test/com/sun/crypto/provider/Cipher/AES/CTR.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/com/sun/crypto/provider/Cipher/AES/CTR.java	Thu Apr 30 17:20:49 2015 -0700
@@ -43,6 +43,7 @@
  * @bug 8043836
  * @summary Test AES ciphers with 4 different modes with NoPadding. Check if
  *          data before encryption and after decryption is the same.
+ * @key randomness
  */
 
 public class CTR {
--- a/jdk/test/com/sun/crypto/provider/Cipher/AES/Padding.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/com/sun/crypto/provider/Cipher/AES/Padding.java	Thu Apr 30 17:20:49 2015 -0700
@@ -42,6 +42,7 @@
  * @summary Test AES ciphers with different modes and padding schemes (ECB mode
  *          doesn't use IV). The test tries 3 different read methods of
  *          CipherInputStream.
+ * @key randomness
  */
 public class Padding {
 
--- a/jdk/test/com/sun/crypto/provider/Cipher/AES/Test4513830.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/com/sun/crypto/provider/Cipher/AES/Test4513830.java	Thu Apr 30 17:20:49 2015 -0700
@@ -27,6 +27,7 @@
  * @summary Verify the output size returned by AES cipher.getOutputSize
  *      method in DECRYPT mode does not add extra bytes for padding
  * @author Valerie Peng
+ * @key randomness
  */
 import java.io.PrintStream;
 import java.security.*;
--- a/jdk/test/com/sun/crypto/provider/Cipher/AES/Test4517355.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/com/sun/crypto/provider/Cipher/AES/Test4517355.java	Thu Apr 30 17:20:49 2015 -0700
@@ -27,6 +27,7 @@
  * @summary Verify that AES cipher.doFinal method does NOT need more
  *      than necessary bytes in decrypt mode
  * @author Valerie Peng
+ * @key randomness
  */
 import java.io.PrintStream;
 import java.security.*;
--- a/jdk/test/com/sun/crypto/provider/Cipher/AES/TestAESCipher.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/com/sun/crypto/provider/Cipher/AES/TestAESCipher.java	Thu Apr 30 17:20:49 2015 -0700
@@ -43,6 +43,7 @@
  *          doesn't use IV).
  * @author Liwen Wang
  * @author Parag Salvi
+ * @key randomness
  */
 public class TestAESCipher {
 
--- a/jdk/test/com/sun/crypto/provider/Cipher/AES/TestCICOWithGCM.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/com/sun/crypto/provider/Cipher/AES/TestCICOWithGCM.java	Thu Apr 30 17:20:49 2015 -0700
@@ -29,6 +29,7 @@
  * @run main TestCICOWithGCM
  * @summary Test CipherInputStream/OutputStream with AES GCM mode.
  * @author Valerie Peng
+ * @key randomness
  */
 
 import java.security.*;
--- a/jdk/test/com/sun/crypto/provider/Cipher/AES/TestCICOWithGCMAndAAD.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/com/sun/crypto/provider/Cipher/AES/TestCICOWithGCMAndAAD.java	Thu Apr 30 17:20:49 2015 -0700
@@ -29,6 +29,7 @@
  * @run main TestCICOWithGCMAndAAD
  * @summary Test CipherInputStream/OutputStream with AES GCM mode with AAD.
  * @author Valerie Peng
+ * @key randomness
  */
 import java.io.*;
 import java.security.*;
--- a/jdk/test/com/sun/crypto/provider/Cipher/AES/TestISO10126Padding.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/com/sun/crypto/provider/Cipher/AES/TestISO10126Padding.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,6 +26,7 @@
  * @bug 4921443
  * @summary Ensure ISO10126Padding works correctly.
  * @author Valerie Peng
+ * @key randomness
  */
 import java.util.Arrays;
 import java.security.*;
--- a/jdk/test/com/sun/crypto/provider/Cipher/AES/TestNonexpanding.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/com/sun/crypto/provider/Cipher/AES/TestNonexpanding.java	Thu Apr 30 17:20:49 2015 -0700
@@ -40,6 +40,7 @@
  * @bug 8043836
  * @summary Test AES encryption with no padding. Expect the original data length
  *          is the same as the encrypted data.
+ * @key randomness
  */
 public class TestNonexpanding {
 
--- a/jdk/test/com/sun/crypto/provider/Cipher/AES/TestSameBuffer.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/com/sun/crypto/provider/Cipher/AES/TestSameBuffer.java	Thu Apr 30 17:20:49 2015 -0700
@@ -42,6 +42,7 @@
  * @summary Test AES ciphers with different modes and padding schemes (ECB mode
  *          doesn't use IV). The test tries 3 different read methods of
  *          CipherInputStream.
+ * @key randomness
  */
 public class TestSameBuffer {
 
--- a/jdk/test/com/sun/crypto/provider/Cipher/DES/FlushBug.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/com/sun/crypto/provider/Cipher/DES/FlushBug.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,6 +26,7 @@
  * @bug 0000000
  * @summary FlushBug
  * @author Jan Luehe
+ * @key randomness
  */
 import java.io.*;
 import java.security.*;
--- a/jdk/test/com/sun/crypto/provider/Cipher/PBE/PBESealedObject.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/com/sun/crypto/provider/Cipher/PBE/PBESealedObject.java	Thu Apr 30 17:20:49 2015 -0700
@@ -45,6 +45,7 @@
  * @author Bill Situ
  * @author Alexander Fomin
  * @run main PBESealedObject
+ * @key randomness
  */
 public class PBESealedObject {
 
--- a/jdk/test/com/sun/crypto/provider/Cipher/PBE/PBKDF2Translate.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/com/sun/crypto/provider/Cipher/PBE/PBKDF2Translate.java	Thu Apr 30 17:20:49 2015 -0700
@@ -37,6 +37,7 @@
  * @summary Verify if the SecretKeyFactory.translateKey() method works
  * @author Alexander Fomin
  * @run main PBKDF2Translate
+ * @key randomness
  */
 public class PBKDF2Translate {
 
--- a/jdk/test/com/sun/crypto/provider/Cipher/PBE/PKCS12Cipher.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/com/sun/crypto/provider/Cipher/PBE/PKCS12Cipher.java	Thu Apr 30 17:20:49 2015 -0700
@@ -27,6 +27,7 @@
  * @summary basic test for PBEWithSHA1AndDESede, PBEWithSHA1AndRC2_40/128
  *          and PBEWithSHA1AndRC4_40/128
  * @author Valerie Peng
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/com/sun/crypto/provider/Cipher/PBE/TestCipherKeyWrapperPBEKey.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/com/sun/crypto/provider/Cipher/PBE/TestCipherKeyWrapperPBEKey.java	Thu Apr 30 17:20:49 2015 -0700
@@ -45,6 +45,7 @@
  * @author Bill Situ
  * @author Yun Ke
  * @run main TestCipherKeyWrapperPBEKey
+ * @key randomness
  */
 public class TestCipherKeyWrapperPBEKey {
 
--- a/jdk/test/com/sun/crypto/provider/Cipher/RSA/TestOAEP.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/com/sun/crypto/provider/Cipher/RSA/TestOAEP.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,6 +26,7 @@
  * @bug 4894151
  * @summary encryption/decryption test for OAEP
  * @author Andreas Sterbenz
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/com/sun/crypto/provider/Cipher/RSA/TestRSA.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/com/sun/crypto/provider/Cipher/RSA/TestRSA.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,6 +26,7 @@
  * @bug 4853306
  * @summary Test RSA Cipher implementation
  * @author Andreas Sterbenz
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/com/sun/crypto/provider/Mac/HmacSaltLengths.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/com/sun/crypto/provider/Mac/HmacSaltLengths.java	Thu Apr 30 17:20:49 2015 -0700
@@ -27,6 +27,7 @@
  * @summary ensures various salt lengths can be used for
  * HmacPBESHA1.
  * @author Valerie Peng
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/com/sun/crypto/provider/Mac/MacSameTest.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/com/sun/crypto/provider/Mac/MacSameTest.java	Thu Apr 30 17:20:49 2015 -0700
@@ -35,6 +35,7 @@
  * @author Yu-Ching Valerie Peng, Bill Situ, Alexander Fomin
  * @build Utils
  * @run main MacSameTest
+ * @key randomness
  */
 public class MacSameTest implements MacTest {
 
--- a/jdk/test/com/sun/management/ThreadMXBean/ThreadCpuTimeArray.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/com/sun/management/ThreadMXBean/ThreadCpuTimeArray.java	Thu Apr 30 17:20:49 2015 -0700
@@ -27,6 +27,7 @@
  * @summary Basic test of ThreadMXBean.getThreadCpuTime(long[]) and
  *          getThreadUserTime(long[]).
  * @author  Paul Hohensee
+ * @key randomness
  */
 
 import java.lang.management.*;
--- a/jdk/test/java/io/DataInputStream/ReadUTF.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/io/DataInputStream/ReadUTF.java	Thu Apr 30 17:20:49 2015 -0700
@@ -24,6 +24,7 @@
 /* @test
  * @bug 4806007
  * @summary Checks for vague exceptions from writeUTF/readUTF
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/java/io/File/GetXSpace.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/io/File/GetXSpace.java	Thu Apr 30 17:20:49 2015 -0700
@@ -28,6 +28,7 @@
  * @run build GetXSpace
  * @run shell GetXSpace.sh
  * @summary Basic functionality of File.get-X-Space methods.
+ * @key randomness
  */
 
 import java.io.BufferedReader;
--- a/jdk/test/java/io/InputStream/TransferTo.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/io/InputStream/TransferTo.java	Thu Apr 30 17:20:49 2015 -0700
@@ -37,6 +37,7 @@
  * @bug 8066867
  * @summary tests whether java.io.InputStream.transferTo conforms to its
  *          contract defined in the javadoc
+ * @key randomness
  */
 public class TransferTo {
 
--- a/jdk/test/java/io/PrintStream/OversynchronizedTest.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/io/PrintStream/OversynchronizedTest.java	Thu Apr 30 17:20:49 2015 -0700
@@ -24,6 +24,7 @@
 /* @test
    @bug 4905777
    @summary PrintStream.println(Object) oversynchronized, can deadlock
+   @key randomness
 */
 
 import java.io.PrintStream;
--- a/jdk/test/java/io/Serializable/corruptedUTFConsumption/CorruptedUTFConsumption.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/io/Serializable/corruptedUTFConsumption/CorruptedUTFConsumption.java	Thu Apr 30 17:20:49 2015 -0700
@@ -28,6 +28,7 @@
  *          ObjectInputStream consumes at most the expected number of utf
  *          bytes, even if the last byte(s) of the utf string indicate that the
  *          string overflows its expected length.
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/java/io/Serializable/longString/LongString.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/io/Serializable/longString/LongString.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  * @bug 4217676
  * @summary Ensure that object streams support serialization of long strings
  *          (strings whose UTF representation > 64k in length)
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/java/io/Serializable/proxy/Basic.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/io/Serializable/proxy/Basic.java	Thu Apr 30 17:20:49 2015 -0700
@@ -23,6 +23,7 @@
 
 /* @test
  * @summary Verifies basic correct functioning of proxy serialization.
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/java/io/Serializable/sanityCheck/SanityCheck.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/io/Serializable/sanityCheck/SanityCheck.java	Thu Apr 30 17:20:49 2015 -0700
@@ -24,6 +24,7 @@
 /* @test
  * @summary Basic sanity check to test if default (de)serialization is
  *          transmitting values properly.
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/java/lang/Boolean/MakeBooleanComparable.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/lang/Boolean/MakeBooleanComparable.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,6 +26,7 @@
  * @bug     4329937
  * @summary Basic test for making Boolean implement Comparable
  * @author  Josh Bloch
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/java/lang/ClassLoader/Assert.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/lang/ClassLoader/Assert.java	Thu Apr 30 17:20:49 2015 -0700
@@ -28,6 +28,7 @@
  * @run main/othervm Assert
  * @summary Test the assertion facility
  * @author Mike McCloskey
+ * @key randomness
  */
 
 import package1.*;
--- a/jdk/test/java/lang/Compare.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/lang/Compare.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  * @test
  * @bug 6582946
  * @summary Test the primitive wrappers compare and compareTo methods
+ * @key randomness
  */
 
 import java.util.Random;
--- a/jdk/test/java/lang/Double/ParseHexFloatingPoint.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/lang/Double/ParseHexFloatingPoint.java	Thu Apr 30 17:20:49 2015 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2015, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,14 +23,15 @@
 
 /*
  * @test
- * @bug 4826774
- * @summary Numerical tests for hexadecimal inputs to parseDouble, parseFloat
+ * @library /lib/testlibrary/
+ * @build jdk.testlibrary.*
+ * @run main ParseHexFloatingPoint
+ * @bug 4826774 8078672
+ * @summary Numerical tests for hexadecimal inputs to parse{Double, Float} (use -Dseed=X to set PRNG seed)
  * @author Joseph D. Darcy
+ * @key randomness
  */
 
-
-import java.util.regex.*;
-
 public class ParseHexFloatingPoint {
     private ParseHexFloatingPoint(){}
 
@@ -255,7 +256,7 @@
         failures += significandAlignmentTests();
 
         {
-            java.util.Random rand = new java.util.Random();
+            java.util.Random rand = RandomFactory.getRandom();
             // Consistency check; double => hexadecimal => double
             // preserves the original value.
             for(int i = 0; i < 1000; i++) {
--- a/jdk/test/java/lang/Enum/ValueOf.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/lang/Enum/ValueOf.java	Thu Apr 30 17:20:49 2015 -0700
@@ -29,6 +29,7 @@
  *
  * @compile ValueOf.java
  * @run main ValueOf
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/java/lang/HashCode.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/lang/HashCode.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  * @test
  * @bug 4245470 7088913
  * @summary Test the primitive wrappers hashCode()
+ * @key randomness
  */
 
 import java.util.Objects;
--- a/jdk/test/java/lang/Integer/BitTwiddle.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/lang/Integer/BitTwiddle.java	Thu Apr 30 17:20:49 2015 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2015, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,9 +23,13 @@
 
 /*
  * @test
- * @bug     4495754
- * @summary Basic test for int bit twiddling
+ * @library /lib/testlibrary/
+ * @build jdk.testlibrary.*
+ * @run main BitTwiddle
+ * @bug     4495754 8078672
+ * @summary Basic test for int bit twiddling (use -Dseed=X to set PRNG seed)
  * @author  Josh Bloch
+ * @key randomness
  */
 
 import java.util.Random;
@@ -35,7 +39,7 @@
     private static final int N = 1000; // # of repetitions per test
 
     public static void main(String args[]) {
-        Random rnd = new Random();
+        Random rnd = RandomFactory.getRandom();
 
         if (highestOneBit(0) != 0)
             throw new RuntimeException("a");
--- a/jdk/test/java/lang/Long/BitTwiddle.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/lang/Long/BitTwiddle.java	Thu Apr 30 17:20:49 2015 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2015, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,9 +23,13 @@
 
 /*
  * @test
- * @bug     4495754
- * @summary Basic test for long bit twiddling
+ * @library /lib/testlibrary/
+ * @build jdk.testlibrary.*
+ * @run main BitTwiddle
+ * @bug     4495754 8078672
+ * @summary Basic test for long bit twiddling (use -Dseed=X to set PRNG seed)
  * @author  Josh Bloch
+ * @key randomness
  */
 
 import java.util.Random;
@@ -35,7 +39,7 @@
     private static final int N = 1000; // # of repetitions per test
 
     public static void main(String args[]) {
-        Random rnd = new Random();
+        Random rnd = RandomFactory.getRandom();
 
         if (highestOneBit(0) != 0)
             throw new RuntimeException("a");
--- a/jdk/test/java/lang/Math/CubeRootTests.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/lang/Math/CubeRootTests.java	Thu Apr 30 17:20:49 2015 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2015, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,9 +23,13 @@
 
 /*
  * @test
- * @bug 4347132 4939441
- * @summary Tests for {Math, StrictMath}.cbrt
+ * @library /lib/testlibrary/
+ * @build jdk.testlibrary.*
+ * @run main CubeRootTests
+ * @bug 4347132 4939441 8078672
+ * @summary Tests for {Math, StrictMath}.cbrt (use -Dseed=X to set PRNG seed)
  * @author Joseph D. Darcy
+ * @key randomness
  */
 
 public class CubeRootTests {
@@ -35,7 +39,7 @@
     static final double NaNd = Double.NaN;
 
     // Initialize shared random number generator
-    static java.util.Random rand = new java.util.Random();
+    static java.util.Random rand = RandomFactory.getRandom();
 
     static int testCubeRootCase(double input, double expected) {
         int failures=0;
--- a/jdk/test/java/lang/Math/HypotTests.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/lang/Math/HypotTests.java	Thu Apr 30 17:20:49 2015 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2015, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,9 +23,13 @@
 
 /*
  * @test
- * @bug 4851638 4939441
- * @summary Tests for {Math, StrictMath}.hypot
+ * @library /lib/testlibrary/
+ * @build jdk.testlibrary.*
+ * @run main HypotTests
+ * @bug 4851638 4939441 8078672
+ * @summary Tests for {Math, StrictMath}.hypot (use -Dseed=X to set PRNG seed)
  * @author Joseph D. Darcy
+ * @key randomness
  */
 
 public class HypotTests {
@@ -119,7 +123,7 @@
          * exponent).  While the exponent of r is less than or equal
          * to (MAX_EXPONENT - 3), the computation should not overflow.
          */
-        java.util.Random rand = new java.util.Random();
+        java.util.Random rand = RandomFactory.getRandom();
         for(int i = 0; i < 1000; i++) {
             double d = rand.nextDouble();
             // Scale d to have an exponent equal to MAX_EXPONENT -15
--- a/jdk/test/java/lang/Math/IeeeRecommendedTests.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/lang/Math/IeeeRecommendedTests.java	Thu Apr 30 17:20:49 2015 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2015, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,9 +23,13 @@
 
 /*
  * @test
- * @bug 4860891 4826732 4780454 4939441 4826652
- * @summary Tests for IEEE 754[R] recommended functions and similar methods
+ * @library /lib/testlibrary/
+ * @build jdk.testlibrary.*
+ * @run main IeeeRecommendedTests
+ * @bug 4860891 4826732 4780454 4939441 4826652 8078672
+ * @summary Tests for IEEE 754[R] recommended functions and similar methods (use -Dseed=X to set PRNG seed)
  * @author Joseph D. Darcy
+ * @key randomness
  */
 
 public class IeeeRecommendedTests {
@@ -45,7 +49,7 @@
     static final double Double_MAX_SUBNORMALmm  = 0x0.ffffffffffffeP-1022;
 
     // Initialize shared random number generator
-    static java.util.Random rand = new java.util.Random();
+    static java.util.Random rand = RandomFactory.getRandom();
 
     /**
      * Returns a floating-point power of two in the normal range.
--- a/jdk/test/java/lang/Math/Log1pTests.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/lang/Math/Log1pTests.java	Thu Apr 30 17:20:49 2015 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2015, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,9 +23,13 @@
 
 /*
  * @test
- * @bug 4851638 4939441
- * @summary Tests for {Math, StrictMath}.log1p
+ * @library /lib/testlibrary/
+ * @build jdk.testlibrary.*
+ * @run main Log1pTests
+ * @bug 4851638 4939441 8078672
+ * @summary Tests for {Math, StrictMath}.log1p (use -Dseed=X to set PRNG seed)
  * @author Joseph D. Darcy
+ * @key randomness
  */
 
 public class Log1pTests {
@@ -98,7 +102,7 @@
 
         // Construct random values with exponents ranging from -53 to
         // 52 and compare against HP-15C formula.
-        java.util.Random rand = new java.util.Random();
+        java.util.Random rand = RandomFactory.getRandom();
         for(int i = 0; i < 1000; i++) {
             double d = rand.nextDouble();
 
--- a/jdk/test/java/lang/Runtime/exec/LotsOfOutput.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/lang/Runtime/exec/LotsOfOutput.java	Thu Apr 30 17:20:49 2015 -0700
@@ -41,7 +41,12 @@
         long initMemory = Runtime.getRuntime().totalMemory();
         for (int i=1; i< 10; i++) {
             Thread.sleep(100);
-            if (Runtime.getRuntime().totalMemory() > initMemory + 1000000)
+            long totalMemory = Runtime.getRuntime().totalMemory();
+            if (totalMemory != initMemory) {
+                System.out.printf("consuming memory: i: %d, initial: %d, total: %d, delta: %d%n",
+                        i, initMemory, totalMemory, totalMemory - initMemory);
+            }
+            if (totalMemory > initMemory + 1000000)
                 throw new Exception("Process consumes memory.");
         }
 
--- a/jdk/test/java/lang/Runtime/exec/WinCommand.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/lang/Runtime/exec/WinCommand.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  * @bug 5006520
  * @summary Check many different ways to run Windows programs
  * @author Martin Buchholz
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/java/lang/String/ContentEquals.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/lang/String/ContentEquals.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  * @test
  * @bug 4242309 4982981
  * @summary Test equals and contentEquals in String
+ * @key randomness
  */
 import java.util.Random;
 import java.nio.CharBuffer;
--- a/jdk/test/java/lang/String/ICCBasher.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/lang/String/ICCBasher.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  * @test
  * @bug 4152868
  * @summary test Case Insensitive Comparator in String
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/java/lang/String/SBConstructor.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/lang/String/SBConstructor.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,7 +25,7 @@
  * @test
  * @bug 4915187
  * @summary Test java.lang.String constructor that takes StringBuilder
- *
+ * @key randomness
  */
 import java.util.*;
 
--- a/jdk/test/java/lang/String/Split.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/lang/String/Split.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  * @test
  * @bug 6840246 6559590
  * @summary test String.split()
+ * @key randomness
  */
 import java.util.Arrays;
 import java.util.Random;
--- a/jdk/test/java/lang/StringBuffer/AppendCharSequence.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/lang/StringBuffer/AppendCharSequence.java	Thu Apr 30 17:20:49 2015 -0700
@@ -24,6 +24,7 @@
 /* @test
  * @bug 4812591 4705328 5019111
  * @summary Test append and insert methods with CharSequence params
+ * @key randomness
  */
 
 import java.util.Random;
--- a/jdk/test/java/lang/StringBuffer/AppendSB.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/lang/StringBuffer/AppendSB.java	Thu Apr 30 17:20:49 2015 -0700
@@ -24,6 +24,7 @@
 /* @test
  * @bug 4144267
  * @summary Test StringBuffer.append(StringBuffer);
+ * @key randomness
  */
 
 import java.util.Random;
--- a/jdk/test/java/lang/StringBuffer/AppendStringBuilder.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/lang/StringBuffer/AppendStringBuilder.java	Thu Apr 30 17:20:49 2015 -0700
@@ -23,6 +23,7 @@
 /* @test
  * @bug 6206780
  * @summary Test StringBuffer.append(StringBuilder);
+ * @key randomness
  */
 
 import java.util.Random;
--- a/jdk/test/java/lang/StringBuffer/Capacity.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/lang/StringBuffer/Capacity.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  * @test
  * @bug 6952330
  * @summary Test StringBuffer/StringBuilder capacity handling.
+ * @key randomness
  */
 
 import java.util.Random;
--- a/jdk/test/java/lang/StringBuffer/IndexOf.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/lang/StringBuffer/IndexOf.java	Thu Apr 30 17:20:49 2015 -0700
@@ -24,6 +24,7 @@
 /* @test
  * @bug 4162796 4162796
  * @summary Test indexOf and lastIndexOf
+ * @key randomness
  */
 
 import java.util.Random;
--- a/jdk/test/java/lang/StringBuffer/SBBasher.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/lang/StringBuffer/SBBasher.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,7 +25,7 @@
  * @test
  * @bug 4120694
  * @summary Test new methods in StringBuffer
- *
+ * @key randomness
  */
 
 import java.lang.*;
--- a/jdk/test/java/lang/StringBuffer/Trim.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/lang/StringBuffer/Trim.java	Thu Apr 30 17:20:49 2015 -0700
@@ -24,6 +24,7 @@
 /* @test
  * @bug 4546734 5007612
  * @summary Test StringBuffer.trimToSize
+ * @key randomness
  */
 
 import java.util.Random;
--- a/jdk/test/java/lang/StringBuilder/AppendStringBuffer.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/lang/StringBuilder/AppendStringBuffer.java	Thu Apr 30 17:20:49 2015 -0700
@@ -24,6 +24,7 @@
 /* @test
  * @bug 6206780
  * @summary Test StringBuilder.append(StringBuffer);
+ * @key randomness
  */
 
 import java.util.Random;
--- a/jdk/test/java/lang/ToString.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/lang/ToString.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  * @test
  * @bug 4031762
  * @summary Test the primitive wrappers static toString()
+ * @key randomness
  */
 
 import java.util.Random;
--- a/jdk/test/java/lang/instrument/SingleTransformerTest.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/lang/instrument/SingleTransformerTest.java	Thu Apr 30 17:20:49 2015 -0700
@@ -30,6 +30,7 @@
  * @run build SingleTransformerTest
  * @run shell MakeJAR.sh redefineAgent
  * @run main/othervm -javaagent:redefineAgent.jar SingleTransformerTest SingleTransformerTest
+ * @key randomness
  */
 public class
 SingleTransformerTest
--- a/jdk/test/java/lang/instrument/TransformMethodTest.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/lang/instrument/TransformMethodTest.java	Thu Apr 30 17:20:49 2015 -0700
@@ -30,6 +30,7 @@
  * @run build TransformMethodTest
  * @run shell MakeJAR.sh redefineAgent
  * @run main/othervm -javaagent:redefineAgent.jar TransformMethodTest TransformMethodTest
+ * @key randomness
  */
 import java.lang.instrument.*;
 
--- a/jdk/test/java/lang/invoke/MethodHandles/CatchExceptionTest.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/lang/invoke/MethodHandles/CatchExceptionTest.java	Thu Apr 30 17:20:49 2015 -0700
@@ -41,7 +41,7 @@
  * @library /lib/testlibrary/jsr292 /lib/testlibrary/
  * @compile CatchExceptionTest.java
  * @run main/othervm -esa test.java.lang.invoke.MethodHandles.CatchExceptionTest
- * @key intermittent
+ * @key intermittent randomness
  */
 public class CatchExceptionTest {
     private static final List<Class<?>> ARGS_CLASSES;
--- a/jdk/test/java/lang/management/BufferPoolMXBean/Basic.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/lang/management/BufferPoolMXBean/Basic.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  * @bug 6606598 7024172
  * @summary Unit test for java.lang.management.BufferPoolMXBean
  * @run main/othervm Basic
+ * @key randomness
  */
 
 import java.nio.ByteBuffer;
--- a/jdk/test/java/math/BigDecimal/StringConstructor.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/math/BigDecimal/StringConstructor.java	Thu Apr 30 17:20:49 2015 -0700
@@ -23,20 +23,20 @@
 
 /*
  * @test
- * @library ..
- * @bug 4103117 4331084 4488017 4490929 6255285 6268365 8074460
+ * @library /lib/testlibrary/
+ * @build jdk.testlibrary.*
+ * @run main StringConstructor
+ * @bug 4103117 4331084 4488017 4490929 6255285 6268365 8074460 8078672
  * @summary Tests the BigDecimal string constructor (use -Dseed=X to set PRNG seed).
+ * @key randomness
  */
 
 import java.math.*;
+import java.util.Random;
 
 public class StringConstructor {
 
-    private static RandomSeed rndSeed = new RandomSeed(false);
-
     public static void main(String[] args) throws Exception {
-        System.out.println("Random number generator seed = " + rndSeed.getSeed());
-
         constructWithError("");
         constructWithError("+");
         constructWithError("-");
@@ -71,13 +71,14 @@
         nonAsciiZeroTest();
 
         // Roundtrip tests
+        Random random = RandomFactory.getRandom();
         for (int i=0; i<100; i++) {
-            int size = rndSeed.getRandom().nextInt(100) + 1;
-            BigInteger bi = new BigInteger(size, rndSeed.getRandom());
-            if (rndSeed.getRandom().nextBoolean())
+            int size = random.nextInt(100) + 1;
+            BigInteger bi = new BigInteger(size, random);
+            if (random.nextBoolean())
                 bi = bi.negate();
             int decimalLength = bi.toString().length();
-            int scale = rndSeed.getRandom().nextInt(decimalLength);
+            int scale = random.nextInt(decimalLength);
             BigDecimal bd = new BigDecimal(bi, scale);
             String bdString = bd.toString();
             // System.err.println("bi" + bi.toString() + "\tscale " + scale);
--- a/jdk/test/java/math/BigInteger/BigIntegerTest.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/math/BigInteger/BigIntegerTest.java	Thu Apr 30 17:20:49 2015 -0700
@@ -23,11 +23,14 @@
 
 /*
  * @test
- * @library ..
- * @bug 4181191 4161971 4227146 4194389 4823171 4624738 4812225 4837946 4026465 8074460
+ * @library /lib/testlibrary/
+ * @build jdk.testlibrary.*
+ * @run main BigIntegerTest
+ * @bug 4181191 4161971 4227146 4194389 4823171 4624738 4812225 4837946 4026465 8074460 8078672
  * @summary tests methods in BigInteger (use -Dseed=X to set PRNG seed)
  * @run main/timeout=400 BigIntegerTest
  * @author madbot
+ * @key randomness
  */
 
 import java.io.File;
@@ -36,6 +39,7 @@
 import java.io.ObjectInputStream;
 import java.io.ObjectOutputStream;
 import java.math.BigInteger;
+import java.util.Random;
 
 /**
  * This is a simple test class created to ensure that the results
@@ -86,7 +90,7 @@
 
     static final int SIZE = 1000; // numbers per batch
 
-    private static RandomSeed rndSeed = new RandomSeed(false);
+    private static Random random = RandomFactory.getRandom();
 
     static boolean failure = false;
 
@@ -98,7 +102,7 @@
         int arrayLength = 23;
         int halfLength = arrayLength/2;
         byte[] array = new byte[arrayLength];
-        rndSeed.getRandom().nextBytes(array);
+        random.nextBytes(array);
 
         int[][] offLen = new int[][] { // offset, length, num exceptions
             {-1, arrayLength, 1},                         // negative offset
@@ -162,7 +166,7 @@
         }
 
         byte[] magNonZeroLength = new byte[42];
-        rndSeed.getRandom().nextBytes(magNonZeroLength);
+        random.nextBytes(magNonZeroLength);
         for (int signum = -1; signum <= 1; signum++) {
             BigInteger bi = new BigInteger(signum, magNonZeroLength, 0, 0);
             if (bi.compareTo(BigInteger.ZERO) != 0) {
@@ -175,13 +179,13 @@
 
         for (int i = 0; i < SIZE; i++) {
             // create reference value via a different code path from those tested
-            BigInteger reference = new BigInteger(2 + rndSeed.getRandom().nextInt(336), 4, rndSeed.getRandom());
+            BigInteger reference = new BigInteger(2 + random.nextInt(336), 4, random);
 
             byte[] refArray = reference.toByteArray();
             int refLen = refArray.length;
-            int factor = rndSeed.getRandom().nextInt(5);
-            int objLen = refArray.length + factor*rndSeed.getRandom().nextInt(refArray.length) + 1;
-            int offset = rndSeed.getRandom().nextInt(objLen - refLen);
+            int factor = random.nextInt(5);
+            int objLen = refArray.length + factor*random.nextInt(refArray.length) + 1;
+            int offset = random.nextInt(objLen - refLen);
             byte[] objArray = new byte[objLen];
             System.arraycopy(refArray, 0, objArray, offset, refLen);
 
@@ -192,7 +196,7 @@
                 failCount++;
             }
 
-            boolean isNegative = rndSeed.getRandom().nextBoolean();
+            boolean isNegative = random.nextBoolean();
             BigInteger signMag = new BigInteger(isNegative ? -1 : 1, objArray, offset, refLen);
             if (signMag.compareTo(isNegative ? reference.negate() : reference) != 0) {
                 System.err.println("Sign-magnitude BigInteger not equal for offset " +
@@ -209,7 +213,7 @@
 
         for (int i=0; i<SIZE; i++) {
             // Test identity x^power == x*x*x ... *x
-            int power = rndSeed.getRandom().nextInt(6) + 2;
+            int power = random.nextInt(6) + 2;
             BigInteger x = fetchNumber(order);
             BigInteger y = x.pow(power);
             BigInteger z = x;
@@ -310,12 +314,12 @@
         for (int i=0; i<SIZE; i++) {
             BigInteger x = fetchNumber(BITS_KARATSUBA - 32 - 1);
             BigInteger u = base.add(x);
-            int a = 1 + rndSeed.getRandom().nextInt(31);
+            int a = 1 + random.nextInt(31);
             BigInteger w = u.shiftLeft(a);
 
             BigInteger y = fetchNumber(BITS_KARATSUBA - 32 - 1);
             BigInteger v = base.add(y);
-            int b = 1 + rndSeed.getRandom().nextInt(32);
+            int b = 1 + random.nextInt(32);
             BigInteger z = v.shiftLeft(b);
 
             BigInteger multiplyResult = u.multiply(v).shiftLeft(a + b);
@@ -364,7 +368,7 @@
         for (int i=0; i<SIZE; i++) {
             BigInteger x = fetchNumber(BITS_KARATSUBA_SQUARE - 32 - 1);
             BigInteger u = base.add(x);
-            int a = 1 + rndSeed.getRandom().nextInt(31);
+            int a = 1 + random.nextInt(31);
             BigInteger w = u.shiftLeft(a);
 
             BigInteger squareResult = u.multiply(u).shiftLeft(2*a);
@@ -382,7 +386,7 @@
         for (int i=0; i<SIZE; i++) {
             BigInteger x = fetchNumber(BITS_TOOM_COOK_SQUARE - 32 - 1);
             BigInteger u = base.add(x);
-            int a = 1 + rndSeed.getRandom().nextInt(31);
+            int a = 1 + random.nextInt(31);
             BigInteger w = u.shiftLeft(a);
 
             BigInteger squareResult = u.multiply(u).shiftLeft(2*a);
@@ -416,20 +420,20 @@
 
         BigInteger base = BigInteger.ONE.shiftLeft(BITS_BURNIKEL_ZIEGLER + BITS_BURNIKEL_ZIEGLER_OFFSET - 33);
         for (int i=0; i<SIZE; i++) {
-            BigInteger addend = new BigInteger(BITS_BURNIKEL_ZIEGLER + BITS_BURNIKEL_ZIEGLER_OFFSET - 34, rndSeed.getRandom());
+            BigInteger addend = new BigInteger(BITS_BURNIKEL_ZIEGLER + BITS_BURNIKEL_ZIEGLER_OFFSET - 34, random);
             BigInteger v = base.add(addend);
 
-            BigInteger u = v.multiply(BigInteger.valueOf(2 + rndSeed.getRandom().nextInt(Short.MAX_VALUE - 1)));
+            BigInteger u = v.multiply(BigInteger.valueOf(2 + random.nextInt(Short.MAX_VALUE - 1)));
 
-            if(rndSeed.getRandom().nextBoolean()) {
+            if(random.nextBoolean()) {
                 u = u.negate();
             }
-            if(rndSeed.getRandom().nextBoolean()) {
+            if(random.nextBoolean()) {
                 v = v.negate();
             }
 
-            int a = BITS_BURNIKEL_ZIEGLER_OFFSET + rndSeed.getRandom().nextInt(16);
-            int b = 1 + rndSeed.getRandom().nextInt(16);
+            int a = BITS_BURNIKEL_ZIEGLER_OFFSET + random.nextInt(16);
+            int b = 1 + random.nextInt(16);
             BigInteger w = u.multiply(BigInteger.ONE.shiftLeft(a));
             BigInteger z = v.multiply(BigInteger.ONE.shiftLeft(b));
 
@@ -451,7 +455,7 @@
         int failCount = 0;
 
         for (int i=0; i<SIZE*10; i++) {
-            int x = rndSeed.getRandom().nextInt();
+            int x = random.nextInt();
             BigInteger bigX = BigInteger.valueOf((long)x);
             int bit = (x < 0 ? 0 : 1);
             int tmp = x, bitCount = 0;
@@ -472,7 +476,7 @@
         int failCount = 0;
 
         for (int i=0; i<SIZE*10; i++) {
-            int x = rndSeed.getRandom().nextInt();
+            int x = random.nextInt();
             BigInteger bigX = BigInteger.valueOf((long)x);
             int signBit = (x < 0 ? 0x80000000 : 0);
             int tmp = x, bitLength, j;
@@ -576,7 +580,7 @@
 
         for (int i=0; i<100; i++) {
             BigInteger x = fetchNumber(order);
-            int n = Math.abs(rndSeed.getRandom().nextInt()%200);
+            int n = Math.abs(random.nextInt()%200);
 
             if (!x.shiftLeft(n).equals
                 (x.multiply(BigInteger.valueOf(2L).pow(n))))
@@ -643,8 +647,8 @@
 
         // Generic string conversion.
         for (int i=0; i<100; i++) {
-            byte xBytes[] = new byte[Math.abs(rndSeed.getRandom().nextInt())%100+1];
-            rndSeed.getRandom().nextBytes(xBytes);
+            byte xBytes[] = new byte[Math.abs(random.nextInt())%100+1];
+            random.nextBytes(xBytes);
             BigInteger x = new BigInteger(xBytes);
 
             for (int radix=Character.MIN_RADIX; radix < Character.MAX_RADIX; radix++) {
@@ -668,7 +672,7 @@
 
             for (int bits = upper; bits >= lower; bits--) {
                 for (int i = 0; i < 50; i++) {
-                    BigInteger x = BigInteger.ONE.shiftLeft(bits - 1).or(new BigInteger(bits - 2, rndSeed.getRandom()));
+                    BigInteger x = BigInteger.ONE.shiftLeft(bits - 1).or(new BigInteger(bits - 2, random));
 
                     for (int radix = Character.MIN_RADIX; radix < Character.MAX_RADIX; radix++) {
                         String result = x.toString(radix);
@@ -765,9 +769,9 @@
         int failCount = 0;
 
         for (int i=0; i<10; i++) {
-            BigInteger m = new BigInteger(100, 5, rndSeed.getRandom());
+            BigInteger m = new BigInteger(100, 5, random);
             while(m.compareTo(BigInteger.ONE) != 1)
-                m = new BigInteger(100, 5, rndSeed.getRandom());
+                m = new BigInteger(100, 5, random);
             BigInteger exp = m.subtract(BigInteger.ONE);
             BigInteger base = fetchNumber(order).abs();
             while(base.compareTo(m) != -1)
@@ -827,7 +831,7 @@
 
         // Test consistency
         for(int i=0; i<10; i++) {
-            p1 = BigInteger.probablePrime(100, rndSeed.getRandom());
+            p1 = BigInteger.probablePrime(100, random);
             if (!p1.isProbablePrime(100)) {
                 System.err.println("Consistency "+p1.toString(16));
                 failCount++;
@@ -868,7 +872,7 @@
         // Numbers of the form (6k+1)(12k+1)(18k+1) are Carmichael numbers if
         // each of the factors is prime
         int found = 0;
-        BigInteger f1 = new BigInteger(40, 100, rndSeed.getRandom());
+        BigInteger f1 = new BigInteger(40, 100, random);
         while (found < NUM_CARMICHAELS_TO_TEST) {
             BigInteger k = null;
             BigInteger f2, f3;
@@ -895,8 +899,8 @@
 
         // Test some composites that are products of 2 primes
         for (int i=0; i<50; i++) {
-            p1 = BigInteger.probablePrime(100, rndSeed.getRandom());
-            p2 = BigInteger.probablePrime(100, rndSeed.getRandom());
+            p1 = BigInteger.probablePrime(100, random);
+            p2 = BigInteger.probablePrime(100, random);
             c1 = p1.multiply(p2);
             if (c1.isProbablePrime(100)) {
                 System.err.println("Composite failed "+c1.toString(16));
@@ -905,8 +909,8 @@
         }
 
         for (int i=0; i<4; i++) {
-            p1 = BigInteger.probablePrime(600, rndSeed.getRandom());
-            p2 = BigInteger.probablePrime(600, rndSeed.getRandom());
+            p1 = BigInteger.probablePrime(600, random);
+            p2 = BigInteger.probablePrime(600, random);
             c1 = p1.multiply(p2);
             if (c1.isProbablePrime(100)) {
                 System.err.println("Composite failed "+c1.toString(16));
@@ -961,7 +965,7 @@
         // Next, pick some large primes, use nextProbablePrime to find the
         // next one, and make sure there are no primes in between
         for (int i=0; i<100; i+=10) {
-            p1 = BigInteger.probablePrime(50 + i, rndSeed.getRandom());
+            p1 = BigInteger.probablePrime(50 + i, random);
             p2 = p1.add(ONE);
             p3 = p1.nextProbablePrime();
             while(p2.compareTo(p3) < 0) {
@@ -1026,7 +1030,7 @@
         }
 
         for(int i=0; i<10; i++) {
-            BigInteger b1 = fetchNumber(rndSeed.getRandom().nextInt(100));
+            BigInteger b1 = fetchNumber(random.nextInt(100));
             BigInteger b2 = null;
             File f = new File("serialtest");
             try (FileOutputStream fos = new FileOutputStream(f)) {
@@ -1060,8 +1064,6 @@
      *
      */
     public static void main(String[] args) throws Exception {
-        System.out.println("Random number generator seed = " + rndSeed.getSeed());
-
         // Some variables for sizing test numbers in bits
         int order1 = ORDER_MEDIUM;
         int order2 = ORDER_SMALL;
@@ -1133,8 +1135,8 @@
      * If order is less than 2, order is changed to 2.
      */
     private static BigInteger fetchNumber(int order) {
-        boolean negative = rndSeed.getRandom().nextBoolean();
-        int numType = rndSeed.getRandom().nextInt(7);
+        boolean negative = random.nextBoolean();
+        int numType = random.nextInt(7);
         BigInteger result = null;
         if (order < 2) order = 2;
 
@@ -1158,14 +1160,14 @@
                 break;
 
             case 3: // One bit in number
-                result = BigInteger.ONE.shiftLeft(rndSeed.getRandom().nextInt(order));
+                result = BigInteger.ONE.shiftLeft(random.nextInt(order));
                 break;
 
             case 4: // Random bit density
                 byte[] val = new byte[(order+7)/8];
-                int iterations = rndSeed.getRandom().nextInt(order);
+                int iterations = random.nextInt(order);
                 for (int i=0; i<iterations; i++) {
-                    int bitIdx = rndSeed.getRandom().nextInt(order);
+                    int bitIdx = random.nextInt(order);
                     val[bitIdx/8] |= 1 << (bitIdx%8);
                 }
                 result = new BigInteger(1, val);
@@ -1173,9 +1175,9 @@
             case 5: // Runs of consecutive ones and zeros
                 result = ZERO;
                 int remaining = order;
-                int bit = rndSeed.getRandom().nextInt(2);
+                int bit = random.nextInt(2);
                 while (remaining > 0) {
-                    int runLength = Math.min(remaining, rndSeed.getRandom().nextInt(order));
+                    int runLength = Math.min(remaining, random.nextInt(order));
                     result = result.shiftLeft(runLength);
                     if (bit > 0)
                         result = result.add(ONE.shiftLeft(runLength).subtract(ONE));
@@ -1185,7 +1187,7 @@
                 break;
 
             default: // random bits
-                result = new BigInteger(order, rndSeed.getRandom());
+                result = new BigInteger(order, random);
         }
 
         if (negative)
--- a/jdk/test/java/math/BigInteger/ModPow65537.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/math/BigInteger/ModPow65537.java	Thu Apr 30 17:20:49 2015 -0700
@@ -23,16 +23,20 @@
 
 /*
  * @test
- * @library ..
- * @bug 4891312 8074460
+ * @library /lib/testlibrary/
+ * @build jdk.testlibrary.*
+ * @run main ModPow65537
+ * @bug 4891312 8074460 8078672
  * @summary verify that modPow() not broken by the special case for 65537 (use -Dseed=X to set PRNG seed)
  * @author Andreas Sterbenz
+ * @key randomness
  */
 
 import java.math.BigInteger;
 
 import java.security.*;
 import java.security.spec.*;
+import java.util.Random;
 
 public class ModPow65537 {
 
@@ -78,9 +82,8 @@
     private static void testSigning(KeyPair kp) throws Exception {
         System.out.println(kp.getPublic());
         byte[] data = new byte[1024];
-        RandomSeed rndSeed = new RandomSeed(false);
-        System.out.println("Random number generator seed = " + rndSeed.getSeed());
-        rndSeed.getRandom().nextBytes(data);
+        Random random = RandomFactory.getRandom();
+        random.nextBytes(data);
 
         Signature sig = Signature.getInstance("SHA1withRSA", "SunRsaSign");
         sig.initSign(kp.getPrivate());
--- a/jdk/test/java/math/BigInteger/PrimeTest.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/math/BigInteger/PrimeTest.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,10 +25,13 @@
 
 /*
  * @test
- * @library ..
- * @bug 8026236 8074460
+ * @library /lib/testlibrary/
+ * @build jdk.testlibrary.*
+ * @run main PrimeTest
+ * @bug 8026236 8074460 8078672
  * @summary test primality verification methods in BigInteger (use -Dseed=X to set PRNG seed)
  * @author bpb
+ * @key randomness
  */
 import java.math.BigInteger;
 import java.util.BitSet;
@@ -178,9 +181,8 @@
         }
 
         // Create a list of non-prime BigIntegers.
-        RandomSeed rndSeed = new RandomSeed(true);
-        System.out.println("Random number generator seed = " + rndSeed.getSeed());
-        List<BigInteger> nonPrimeBigInts = (rndSeed.getSplittableRandom())
+        SplittableRandom splitRandom = RandomFactory.getSplittableRandom();
+        List<BigInteger> nonPrimeBigInts = (splitRandom)
                 .ints(NUM_NON_PRIMES, 2, maxPrime).mapToObj(BigInteger::valueOf)
                 .filter(b -> !b.isProbablePrime(certainty)).collect(toList());
 
--- a/jdk/test/java/math/BigInteger/SymmetricRangeTests.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/math/BigInteger/SymmetricRangeTests.java	Thu Apr 30 17:20:49 2015 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2013, 1025, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2013, 2015, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -24,11 +24,13 @@
 /*
  * @test
  * @ignore This test has huge memory requirements
- * @library ..
+ * @library /lib/testlibrary/
+ * @build jdk.testlibrary.*
  * @run main/timeout=180/othervm -Xmx8g SymmetricRangeTests
- * @bug 6910473 8021204 8021203 9005933 8074460
+ * @bug 6910473 8021204 8021203 9005933 8074460 8078672
  * @summary Test range of BigInteger values (use -Dseed=X to set PRNG seed)
  * @author Dmitry Nadezhin
+ * @key randomness
  */
 import java.io.ByteArrayInputStream;
 import java.io.ByteArrayOutputStream;
@@ -37,6 +39,7 @@
 import java.io.ObjectOutputStream;
 import java.util.Arrays;
 import java.math.BigInteger;
+import java.util.Random;
 
 public class SymmetricRangeTests {
 
@@ -114,9 +117,8 @@
         System.out.println("Testing overflow in BitSieve.sieveSingle");
         int bitLength = (5 << 27) - 1;
         try {
-            RandomSeed rndSeed = new RandomSeed(false);
-            System.out.println("Random number generator seed = " + rndSeed.getSeed());
-            BigInteger actual = new BigInteger(bitLength, 0, rndSeed.getRandom());
+            Random random = RandomFactory.getRandom();
+            BigInteger actual = new BigInteger(bitLength, 0, random);
             throw new RuntimeException("new BigInteger(bitLength, 0, null).bitLength()=" + actual.bitLength());
         } catch (ArithmeticException e) {
             // expected
--- a/jdk/test/java/math/RandomSeed.java	Thu Apr 30 13:02:06 2015 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,81 +0,0 @@
-/*
- * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-import java.util.Random;
-import java.util.SplittableRandom;
-
-public class RandomSeed {
-    private long seed = 0L;
-    private Random rnd = null;
-    private SplittableRandom srnd = null;
-
-    public RandomSeed(boolean isSplittableRandom) {
-        init(isSplittableRandom);
-    }
-
-    private void init(boolean isSplittableRandom) {
-        // obtain seed from environment if supplied
-        boolean isSeedProvided = false;
-        try {
-            // note that Long.valueOf(null) also throws a NumberFormatException
-            // so if the property is undefined this will still work correctly
-            seed = Long.valueOf(System.getProperty("seed"));
-            isSeedProvided = true;
-        } catch (NumberFormatException e) {
-            // do nothing: isSeedProvided is already false
-        }
-
-        // if no seed from environment, create a fresh one
-        Random tmpRnd = null;
-        if (!isSeedProvided) {
-            tmpRnd = new Random();
-            seed = tmpRnd.nextLong();
-        }
-
-        // create the PRNG
-        if (isSplittableRandom) {
-            srnd = new SplittableRandom(seed);
-        } else {
-            rnd = tmpRnd != null ? tmpRnd : new Random();
-            rnd.setSeed(seed);
-        }
-    }
-
-    public Random getRandom() {
-        if (rnd == null) {
-            throw new IllegalStateException("Variable of type Random not initialized");
-        }
-        return rnd;
-    }
-
-    public SplittableRandom getSplittableRandom() {
-        if (srnd == null) {
-            throw new IllegalStateException("Variable of type SplittableRandom not initialized");
-        }
-        return srnd;
-    }
-
-    public long getSeed() {
-        return seed;
-    }
-}
--- a/jdk/test/java/net/InetAddress/HashSpread.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/net/InetAddress/HashSpread.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,6 +26,7 @@
  * @bug 4687909
  * @summary Check Inet6Address.hashCode returns a reasonable spread of hash
  *          codes.
+ * @key randomness
  */
 import java.net.InetAddress;
 import java.net.UnknownHostException;
--- a/jdk/test/java/nio/Buffer/Chars.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/Buffer/Chars.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,6 +26,7 @@
  * @bug 8014854
  * @summary Exercises CharBuffer#chars on each of the CharBuffer types
  * @run testng Chars
+ * @key randomness
  */
 
 import java.nio.ByteBuffer;
--- a/jdk/test/java/nio/MappedByteBuffer/Force.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/MappedByteBuffer/Force.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  * @bug 4625907
  * @summary Testing force()
  * @run main/othervm Force
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/java/nio/MappedByteBuffer/ZeroMap.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/MappedByteBuffer/ZeroMap.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  * @bug 4802340
  * @summary Testing force(), load() isLoaded() of zero len MBB
  * @run main/othervm ZeroMap
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/java/nio/channels/AsynchronousChannelGroup/Basic.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/channels/AsynchronousChannelGroup/Basic.java	Thu Apr 30 17:20:49 2015 -0700
@@ -24,6 +24,7 @@
 /* @test
  * @bug 4607272
  * @summary Unit test for AsynchronousChannelGroup
+ * @key randomness
  */
 
 import java.nio.ByteBuffer;
--- a/jdk/test/java/nio/channels/AsynchronousChannelGroup/Identity.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/channels/AsynchronousChannelGroup/Identity.java	Thu Apr 30 17:20:49 2015 -0700
@@ -24,6 +24,7 @@
 /* @test
  * @bug 4607272 6842687
  * @summary Unit test for AsynchronousChannelGroup
+ * @key randomness
  */
 
 import java.nio.ByteBuffer;
--- a/jdk/test/java/nio/channels/AsynchronousChannelGroup/Restart.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/channels/AsynchronousChannelGroup/Restart.java	Thu Apr 30 17:20:49 2015 -0700
@@ -24,6 +24,7 @@
 /* @test
  * @bug 4607272 6842687
  * @summary Unit test for AsynchronousChannelGroup
+ * @key randomness
  */
 
 import java.nio.channels.*;
--- a/jdk/test/java/nio/channels/AsynchronousFileChannel/Basic.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/channels/AsynchronousFileChannel/Basic.java	Thu Apr 30 17:20:49 2015 -0700
@@ -24,6 +24,7 @@
 /* @test
  * @bug 4607272 6822643 6830721 6842687
  * @summary Unit test for AsynchronousFileChannel
+ * @key randomness
  */
 
 import java.nio.file.*;
--- a/jdk/test/java/nio/channels/AsynchronousFileChannel/Lock.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/channels/AsynchronousFileChannel/Lock.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
 /* @test
  * @bug 4607272 6814948 6842687
  * @summary Unit test for AsynchronousFileChannel#lock method
+ * @key randomness
  */
 
 import java.net.*;
--- a/jdk/test/java/nio/channels/AsynchronousFileChannel/LotsOfWrites.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/channels/AsynchronousFileChannel/LotsOfWrites.java	Thu Apr 30 17:20:49 2015 -0700
@@ -24,6 +24,7 @@
 /* @test
  * @bug 6913877
  * @summary Stress AsynchronousFileChannel.write
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/java/nio/channels/AsynchronousSocketChannel/Basic.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/channels/AsynchronousSocketChannel/Basic.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  * @bug 4607272 6842687 6878369 6944810 7023403
  * @summary Unit test for AsynchronousSocketChannel
  * @run main Basic -skipSlowConnectTest
+ * @key randomness
  */
 
 import java.nio.ByteBuffer;
--- a/jdk/test/java/nio/channels/AsynchronousSocketChannel/StressLoopback.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/channels/AsynchronousSocketChannel/StressLoopback.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,6 +26,7 @@
  * @summary Stress test connections through the loopback interface
  * @run main StressLoopback
  * @run main/othervm -Djdk.net.useFastTcpLoopback StressLoopback
+ * @key randomness
  */
 
 import java.nio.ByteBuffer;
--- a/jdk/test/java/nio/channels/Channels/Basic2.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/channels/Channels/Basic2.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  * @bug 4607272
  * @summary Test Channels methods for interoperability between streams and
  *     asynchronous byte channels
+ * @key randomness
  */
 
 import java.net.*;
--- a/jdk/test/java/nio/channels/Channels/ShortWrite.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/channels/Channels/ShortWrite.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  * @bug 6448457
  * @summary Test Channels.newOutputStream returns OutputStream that handles
  *     short writes from the underlying channel
+ * @key randomness
  */
 
 import java.io.OutputStream;
--- a/jdk/test/java/nio/channels/DatagramChannel/AdaptDatagramSocket.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/channels/DatagramChannel/AdaptDatagramSocket.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  * @bug 4313882 4981129
  * @summary Unit test for datagram-socket-channel adaptors
  * @library ..
+ * @key randomness
  */
 
 import java.net.*;
--- a/jdk/test/java/nio/channels/DatagramChannel/MulticastSendReceiveTests.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/channels/DatagramChannel/MulticastSendReceiveTests.java	Thu Apr 30 17:20:49 2015 -0700
@@ -27,6 +27,7 @@
  * @build MulticastSendReceiveTests NetworkConfiguration
  * @run main MulticastSendReceiveTests
  * @run main/othervm -Djava.net.preferIPv4Stack=true MulticastSendReceiveTests
+ * @key randomness
  */
 
 import java.nio.ByteBuffer;
--- a/jdk/test/java/nio/channels/DatagramChannel/Promiscuous.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/channels/DatagramChannel/Promiscuous.java	Thu Apr 30 17:20:49 2015 -0700
@@ -28,6 +28,7 @@
  * @build Promiscuous  NetworkConfiguration
  * @run main Promiscuous
  * @run main/othervm -Djava.net.preferIPv4Stack=true Promiscuous
+ * @key randomness
  */
 
 import java.nio.ByteBuffer;
--- a/jdk/test/java/nio/channels/FileChannel/AtomicAppend.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/channels/FileChannel/AtomicAppend.java	Thu Apr 30 17:20:49 2015 -0700
@@ -24,6 +24,7 @@
 /*
  * @test
  * @summary Check that appends are atomic
+ * @key randomness
  */
 
 import java.io.File;
--- a/jdk/test/java/nio/channels/FileChannel/ClosedByInterrupt.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/channels/FileChannel/ClosedByInterrupt.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  * @bug 6979009
  * @summary Ensure ClosedByInterruptException is thrown when I/O operation
  *     interrupted by Thread.interrupt
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/java/nio/channels/FileChannel/MapTest.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/channels/FileChannel/MapTest.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  * @bug 4429043 8002180
  * @summary Test file mapping with FileChannel
  * @run main/othervm MapTest
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/java/nio/channels/FileChannel/Position.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/channels/FileChannel/Position.java	Thu Apr 30 17:20:49 2015 -0700
@@ -24,6 +24,7 @@
 /* @test
  * @bug 4429043 6526860
  * @summary Test position method of FileChannel
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/java/nio/channels/FileChannel/Pread.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/channels/FileChannel/Pread.java	Thu Apr 30 17:20:49 2015 -0700
@@ -24,6 +24,7 @@
 /* @test
  * @bug 4862382 4862408
  * @summary Test positional read method of FileChannel
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/java/nio/channels/FileChannel/Pwrite.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/channels/FileChannel/Pwrite.java	Thu Apr 30 17:20:49 2015 -0700
@@ -24,6 +24,7 @@
 /* @test
  * @bug 4862411
  * @summary Test positional write method of FileChannel
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/java/nio/channels/FileChannel/Size.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/channels/FileChannel/Size.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  * @bug 4563125
  * @summary Test size method of FileChannel
  * @run main/othervm Size
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/java/nio/channels/FileChannel/Transfer.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/channels/FileChannel/Transfer.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,6 +26,7 @@
  *   6984545
  * @summary Test FileChannel.transferFrom and transferTo
  * @library ..
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/java/nio/channels/FileChannel/Truncate.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/channels/FileChannel/Truncate.java	Thu Apr 30 17:20:49 2015 -0700
@@ -24,6 +24,7 @@
 /* @test
  * @bug 6191269 6709457 8000330
  * @summary Test truncate method of FileChannel
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/java/nio/channels/Pipe/PipeChannel.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/channels/Pipe/PipeChannel.java	Thu Apr 30 17:20:49 2015 -0700
@@ -23,6 +23,7 @@
 
 /* @test
  * @summary Test reading and writing from Pipes
+ * @key randomness
  */
 
 import java.io.*;
@@ -37,7 +38,7 @@
  */
 public class PipeChannel {
 
-    private static Random generator = new Random();
+   private static Random generator = new Random();
 
     public static void main(String[] args) throws Exception {
         for (int x=0; x<100; x++) {
--- a/jdk/test/java/nio/channels/Pipe/ScatteringRead.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/channels/Pipe/ScatteringRead.java	Thu Apr 30 17:20:49 2015 -0700
@@ -22,8 +22,9 @@
  */
 
 /* @test
-   @bug 4526754
+ * @bug 4526754
  * @summary Test Pipe scattering reads
+ * @key randomness
  */
 
 import java.nio.channels.*;
--- a/jdk/test/java/nio/channels/Pipe/SelectPipe.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/channels/Pipe/SelectPipe.java	Thu Apr 30 17:20:49 2015 -0700
@@ -23,6 +23,7 @@
 
 /* @test
  * @summary Test selection of ready pipe
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/java/nio/channels/Selector/SelectorTest.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/channels/Selector/SelectorTest.java	Thu Apr 30 17:20:49 2015 -0700
@@ -24,6 +24,7 @@
 /* @test
  * @summary Test selectors and socketchannels
  * @library ..
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/java/nio/channels/ServerSocketChannel/NonBlockingAccept.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/channels/ServerSocketChannel/NonBlockingAccept.java	Thu Apr 30 17:20:49 2015 -0700
@@ -27,6 +27,7 @@
  * @library ..
  * @build TestUtil
  * @run main NonBlockingAccept
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/java/nio/channels/SocketChannel/CloseDuringWrite.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/channels/SocketChannel/CloseDuringWrite.java	Thu Apr 30 17:20:49 2015 -0700
@@ -23,6 +23,7 @@
 
 /* @test
  * @summary Test asynchronous close during a blocking write
+ * @key randomness
  */
 
 import java.io.Closeable;
--- a/jdk/test/java/nio/channels/SocketChannel/OutOfBand.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/channels/SocketChannel/OutOfBand.java	Thu Apr 30 17:20:49 2015 -0700
@@ -24,6 +24,7 @@
 /* @test
  * @summary Test socket adapter sendUrgentData method
  * @bug 6963907
+ * @key randomness
  */
 
 import java.net.*;
--- a/jdk/test/java/nio/channels/SocketChannel/ShortWrite.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/channels/SocketChannel/ShortWrite.java	Thu Apr 30 17:20:49 2015 -0700
@@ -24,6 +24,7 @@
 /* @test
  * @bug 7176630 7074436
  * @summary Check for short writes on SocketChannels configured in blocking mode
+ * @key randomness
  */
 
 import java.net.*;
--- a/jdk/test/java/nio/channels/SocketChannel/VectorIO.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/channels/SocketChannel/VectorIO.java	Thu Apr 30 17:20:49 2015 -0700
@@ -24,6 +24,7 @@
 /* @test
  * @summary Test socketchannel vector IO
  * @library ..
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/java/nio/channels/etc/AdaptorCloseAndInterrupt.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/channels/etc/AdaptorCloseAndInterrupt.java	Thu Apr 30 17:20:49 2015 -0700
@@ -24,6 +24,7 @@
 /* @test
  * @bug 7184932
  * @summary Test asynchronous close and interrupt of timed socket adapter methods
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/java/nio/charset/coders/BashCache.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/charset/coders/BashCache.java	Thu Apr 30 17:20:49 2015 -0700
@@ -24,6 +24,7 @@
 /* @test
  * @bug 4517279
  * @summary Stochastic test of thread-local coder caches
+ * @key randomness
  */
 
 import java.nio.*;
--- a/jdk/test/java/nio/charset/coders/BashStreams.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/charset/coders/BashStreams.java	Thu Apr 30 17:20:49 2015 -0700
@@ -23,6 +23,7 @@
 
 /* @test
  * @summary Stochastic test of charset-based streams
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/java/nio/file/Files/BytesAndLines.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/file/Files/BytesAndLines.java	Thu Apr 30 17:20:49 2015 -0700
@@ -27,6 +27,7 @@
  * @run testng BytesAndLines
  * @summary Unit test for methods for Files readAllBytes, readAllLines and
  *     and write methods.
+ * @key randomness
  */
 
 import java.nio.ByteBuffer;
--- a/jdk/test/java/nio/file/Files/CopyAndMove.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/file/Files/CopyAndMove.java	Thu Apr 30 17:20:49 2015 -0700
@@ -27,6 +27,7 @@
  * @library ..
  * @build CopyAndMove PassThroughFileSystem
  * @run main/othervm CopyAndMove
+ * @key randomness
  */
 
 import java.nio.ByteBuffer;
--- a/jdk/test/java/nio/file/Files/walkFileTree/SkipSiblings.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/file/Files/walkFileTree/SkipSiblings.java	Thu Apr 30 17:20:49 2015 -0700
@@ -27,6 +27,7 @@
  * @library ../..
  * @compile SkipSiblings.java CreateFileTree.java
  * @run main SkipSiblings
+ * @key randomness
  */
 
 import java.nio.file.*;
--- a/jdk/test/java/nio/file/Files/walkFileTree/SkipSubtree.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/file/Files/walkFileTree/SkipSubtree.java	Thu Apr 30 17:20:49 2015 -0700
@@ -27,6 +27,7 @@
  * @library ../..
  * @compile SkipSubtree.java CreateFileTree.java
  * @run main SkipSubtree
+ * @key randomness
  */
 import java.nio.file.*;
 import java.nio.file.attribute.BasicFileAttributes;
--- a/jdk/test/java/nio/file/Files/walkFileTree/TerminateWalk.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/file/Files/walkFileTree/TerminateWalk.java	Thu Apr 30 17:20:49 2015 -0700
@@ -27,6 +27,7 @@
  * @library ../..
  * @compile TerminateWalk.java CreateFileTree.java
  * @run main TerminateWalk
+ * @key randomness
  */
 
 import java.nio.file.*;
--- a/jdk/test/java/nio/file/WatchService/LotsOfEvents.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/file/WatchService/LotsOfEvents.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,6 +26,7 @@
  * @summary Tests WatchService behavior when lots of events are pending
  * @library ..
  * @run main/timeout=180 LotsOfEvents
+ * @key randomness
  */
 
 import java.nio.file.*;
--- a/jdk/test/java/nio/file/WatchService/MayFlies.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/file/WatchService/MayFlies.java	Thu Apr 30 17:20:49 2015 -0700
@@ -27,6 +27,7 @@
  *     short lived files
  * @library ..
  * @run main MayFlies
+ * @key randomness
  */
 
 import java.nio.file.*;
--- a/jdk/test/java/nio/file/WatchService/SensitivityModifier.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/file/WatchService/SensitivityModifier.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,6 +26,7 @@
  * @summary Sanity test for Sun-specific sensitivity level watch event modifier
  * @library ..
  * @run main/timeout=240 SensitivityModifier
+ * @key randomness
  */
 
 import java.nio.file.*;
--- a/jdk/test/java/nio/file/attribute/AclFileAttributeView/Basic.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/file/attribute/AclFileAttributeView/Basic.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  * @bug 4313887 6838333 6891404
  * @summary Unit test for java.nio.file.attribute.AclFileAttribueView
  * @library ../..
+ * @key randomness
  */
 
 import java.nio.file.*;
--- a/jdk/test/java/nio/file/attribute/FileTime/Basic.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/file/attribute/FileTime/Basic.java	Thu Apr 30 17:20:49 2015 -0700
@@ -24,6 +24,7 @@
 /* @test
  * @bug 6844313 8011647
  * @summary Unit test for java.nio.file.FileTime
+ * @key randomness
  */
 
 
--- a/jdk/test/java/nio/file/attribute/UserDefinedFileAttributeView/Basic.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/nio/file/attribute/UserDefinedFileAttributeView/Basic.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  * @bug 4313887 6838333
  * @summary Unit test for java.nio.file.attribute.UserDefinedFileAttributeView
  * @library ../..
+ * @key randomness
  */
 
 import java.nio.ByteBuffer;
--- a/jdk/test/java/security/MessageDigest/ByteBuffers.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/security/MessageDigest/ByteBuffers.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,6 +26,7 @@
  * @bug 4844847
  * @summary Test the MessageDigest.update(ByteBuffer) method
  * @author Andreas Sterbenz
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/java/security/MessageDigest/TestDigestIOStream.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/security/MessageDigest/TestDigestIOStream.java	Thu Apr 30 17:20:49 2015 -0700
@@ -36,6 +36,7 @@
  * @bug 8050370
  * @summary MessageDigest tests with DigestIOStream
  * @author Kevin Liu
+ * @key randomness
  */
 
 enum ReadModel {
--- a/jdk/test/java/security/MessageDigest/TestSameLength.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/security/MessageDigest/TestSameLength.java	Thu Apr 30 17:20:49 2015 -0700
@@ -33,6 +33,7 @@
  * @summary Check md.getDigestLength() equal digest output length with various
  *          algorithm/dataLen/(update,digest methods).
  * @author Kevin Liu
+ * @key randomness
  */
 
 public class TestSameLength {
--- a/jdk/test/java/security/MessageDigest/TestSameValue.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/security/MessageDigest/TestSameValue.java	Thu Apr 30 17:20:49 2015 -0700
@@ -34,6 +34,7 @@
  * @summary Check md.digest(data) value whether same with digest output value
  *          with various update/digest methods.
  * @author Kevin Liu
+ * @key randomness
  */
 
 public class TestSameValue {
--- a/jdk/test/java/security/Signature/ByteBuffers.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/security/Signature/ByteBuffers.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,6 +26,7 @@
  * @bug 4844847
  * @summary Test the Signature.update(ByteBuffer) method
  * @author Andreas Sterbenz
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/java/security/Signature/NONEwithRSA.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/security/Signature/NONEwithRSA.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,6 +26,7 @@
  * @bug 4955844
  * @summary ensure that the NONEwithRSA adapter works correctly
  * @author Andreas Sterbenz
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/java/security/spec/EllipticCurveMatch.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/security/spec/EllipticCurveMatch.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,6 +26,7 @@
  * @bug 6738532
  * @summary Check EllipticCurve.equals() does not compare seed value of curve.
  * @author Mike StJohns
+ * @key randomness
  */
 
 import java.security.spec.*;
--- a/jdk/test/java/sql/JavatimeTest.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/sql/JavatimeTest.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  *@test
  *@bug 8007520
  *@summary Test those bridge methods to/from java.time date/time classes
+ * @key randomness
  */
 
 import java.util.Random;
--- a/jdk/test/java/text/Format/MessageFormat/Bug7003643.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/text/Format/MessageFormat/Bug7003643.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  * @test
  * @bug 7003643
  * @summary Make sure MessageFormat.toPattern produces correct quoting. (SPI part is tested in PluggableLocale tests.)
+ * @key randomness
  */
 
 import java.text.*;
--- a/jdk/test/java/time/tck/java/time/TCKLocalDateTime.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/time/tck/java/time/TCKLocalDateTime.java	Thu Apr 30 17:20:49 2015 -0700
@@ -107,8 +107,6 @@
 import static org.testng.Assert.assertTrue;
 import static org.testng.Assert.fail;
 
-import java.io.ByteArrayOutputStream;
-import java.io.DataOutputStream;
 import java.time.Clock;
 import java.time.DateTimeException;
 import java.time.DayOfWeek;
@@ -260,16 +258,17 @@
     //-----------------------------------------------------------------------
     @Test(timeOut=30000)  // TODO: remove when time zone loading is faster
     public void now() {
+        final long DELTA = 20_000_000_000L;    // 20 seconds of nanos leeway
         LocalDateTime expected = LocalDateTime.now(Clock.systemDefaultZone());
         LocalDateTime test = LocalDateTime.now();
         long diff = Math.abs(test.toLocalTime().toNanoOfDay() - expected.toLocalTime().toNanoOfDay());
-        if (diff >= 100000000) {
+        if (diff >= DELTA) {
             // may be date change
             expected = LocalDateTime.now(Clock.systemDefaultZone());
             test = LocalDateTime.now();
             diff = Math.abs(test.toLocalTime().toNanoOfDay() - expected.toLocalTime().toNanoOfDay());
         }
-        assertTrue(diff < 100000000);  // less than 0.1 secs
+        assertTrue(diff < DELTA);
     }
 
     //-----------------------------------------------------------------------
--- a/jdk/test/java/time/tck/java/time/TCKOffsetDateTime.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/time/tck/java/time/TCKOffsetDateTime.java	Thu Apr 30 17:20:49 2015 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2012, 2015, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -104,8 +104,6 @@
 import static org.testng.Assert.assertTrue;
 import static org.testng.Assert.fail;
 
-import java.io.ByteArrayOutputStream;
-import java.io.DataOutputStream;
 import java.lang.reflect.Constructor;
 import java.lang.reflect.InvocationTargetException;
 import java.time.Clock;
@@ -235,16 +233,17 @@
     //-----------------------------------------------------------------------
     @Test
     public void now() {
+        final long DELTA = 20_000_000_000L;    // 20 seconds of nanos leeway
         OffsetDateTime expected = OffsetDateTime.now(Clock.systemDefaultZone());
         OffsetDateTime test = OffsetDateTime.now();
         long diff = Math.abs(test.toLocalTime().toNanoOfDay() - expected.toLocalTime().toNanoOfDay());
-        if (diff >= 100000000) {
+        if (diff >= DELTA) {
             // may be date change
             expected = OffsetDateTime.now(Clock.systemDefaultZone());
             test = OffsetDateTime.now();
             diff = Math.abs(test.toLocalTime().toNanoOfDay() - expected.toLocalTime().toNanoOfDay());
         }
-        assertTrue(diff < 100000000);  // less than 0.1 secs
+        assertTrue(diff < DELTA);
     }
 
     //-----------------------------------------------------------------------
--- a/jdk/test/java/time/tck/java/time/TCKOffsetTime.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/time/tck/java/time/TCKOffsetTime.java	Thu Apr 30 17:20:49 2015 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2012, 2015, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -89,8 +89,6 @@
 import static org.testng.Assert.assertTrue;
 import static org.testng.Assert.fail;
 
-import java.io.ByteArrayOutputStream;
-import java.io.DataOutputStream;
 import java.lang.reflect.Constructor;
 import java.lang.reflect.InvocationTargetException;
 import java.time.Clock;
@@ -202,12 +200,19 @@
     //-----------------------------------------------------------------------
     @Test
     public void now() {
+        final long DELTA = 20_000_000_000L;    // 20 seconds of nanos leeway
         ZonedDateTime nowDT = ZonedDateTime.now();
 
         OffsetTime expected = OffsetTime.now(Clock.systemDefaultZone());
         OffsetTime test = OffsetTime.now();
         long diff = Math.abs(test.toLocalTime().toNanoOfDay() - expected.toLocalTime().toNanoOfDay());
-        assertTrue(diff < 100000000);  // less than 0.1 secs
+        if (diff >= DELTA) {
+            // may be date change
+            expected = OffsetTime.now(Clock.systemDefaultZone());
+            test = OffsetTime.now();
+            diff = Math.abs(test.toLocalTime().toNanoOfDay() - expected.toLocalTime().toNanoOfDay());
+        }
+        assertTrue(diff < DELTA);
         assertEquals(test.getOffset(), nowDT.getOffset());
     }
 
--- a/jdk/test/java/util/Arrays/ArrayObjectMethods.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/Arrays/ArrayObjectMethods.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,6 +26,7 @@
  * @bug     4906359 6239296
  * @summary Basic test for content-based array object methods
  * @author  Josh Bloch, Martin Buchholz
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/java/util/Arrays/CopyMethods.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/Arrays/CopyMethods.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,6 +26,7 @@
  * @bug     4655503
  * @summary Test for array cloning and slicing methods.
  * @author  John Rose
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/java/util/Arrays/Correct.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/Arrays/Correct.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,6 +26,7 @@
  * @bug 4726380 8037097
  * @summary Check that different sorts give equivalent results.
  * @run testng Correct
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/java/util/Base64/TestBase64.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/Base64/TestBase64.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  * @test 4235519 8004212 8005394 8007298 8006295 8006315 8006530 8007379 8008925
  *       8014217 8025003 8026330 8028397
  * @summary tests java.util.Base64
+ * @key randomness
  */
 
 import java.io.ByteArrayInputStream;
--- a/jdk/test/java/util/BitSet/BSMethods.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/BitSet/BSMethods.java	Thu Apr 30 17:20:49 2015 -0700
@@ -27,6 +27,7 @@
  * @summary Test the operation of the methods of BitSet class
  * @author Mike McCloskey, Martin Buchholz
  * @run main/othervm BSMethods
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/java/util/BitSet/ImportExport.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/BitSet/ImportExport.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,6 +26,7 @@
  * @bug 5037068
  * @summary Test import/export constructors and methods
  * @author Martin Buchholz
+ * @key randomness
  */
 
 import java.nio.*;
--- a/jdk/test/java/util/BitSet/PreviousBits.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/BitSet/PreviousBits.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  * @test
  * @bug 6410729 6586631
  * @summary Test previousClearBit, previousSetBit
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/java/util/Calendar/JavatimeTest.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/Calendar/JavatimeTest.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  *@test
  *@bug 8007520 8008254
  *@summary Test those bridge methods to/from java.time date/time classes
+ * @key randomness
  */
 
 import java.util.Calendar;
--- a/jdk/test/java/util/Collection/MOAT.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/Collection/MOAT.java	Thu Apr 30 17:20:49 2015 -0700
@@ -30,6 +30,7 @@
  * @summary Run many tests on many Collection and Map implementations
  * @author  Martin Buchholz
  * @run main MOAT
+ * @key randomness
  */
 
 /* Mother Of All (Collection) Tests
--- a/jdk/test/java/util/Collections/AddAll.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/Collections/AddAll.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,6 +26,7 @@
  * @bug     4822887
  * @summary Basic test for Collections.addAll
  * @author  Josh Bloch
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/java/util/Collections/CheckedListBash.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/Collections/CheckedListBash.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,6 +26,7 @@
  * @bug     4904067
  * @summary Unit test for Collections.checkedList
  * @author  Josh Bloch
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/java/util/Collections/CheckedMapBash.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/Collections/CheckedMapBash.java	Thu Apr 30 17:20:49 2015 -0700
@@ -27,6 +27,7 @@
  * @summary Unit test for Collections.checkedMap
  * @author  Josh Bloch
  * @run testng CheckedMapBash
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/java/util/Collections/CheckedSetBash.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/Collections/CheckedSetBash.java	Thu Apr 30 17:20:49 2015 -0700
@@ -27,6 +27,7 @@
  * @summary Unit test for Collections.checkedSet
  * @author  Josh Bloch
  * @run testng CheckedSetBash
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/java/util/Collections/Disjoint.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/Collections/Disjoint.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,6 +26,7 @@
  * @bug     4339792
  * @summary Basic test for Collections.disjoint
  * @author  Josh Bloch
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/java/util/Collections/Rotate.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/Collections/Rotate.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  * @test
  * @bug 4323074
  * @summary Basic test for new rotate algorithm
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/java/util/EnumSet/EnumSetBash.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/EnumSet/EnumSetBash.java	Thu Apr 30 17:20:49 2015 -0700
@@ -28,6 +28,7 @@
  * @author  Josh Bloch
  * @author  Neal Gafter
  * @author  Yo Ma Ma
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/java/util/HashSet/Serialization.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/HashSet/Serialization.java	Thu Apr 30 17:20:49 2015 -0700
@@ -34,6 +34,7 @@
  * @test
  * @bug 8016252
  * @summary Verify that a serialized HashSet may successfully be deserialized.
+ * @key randomness
  */
 public class Serialization {
 
--- a/jdk/test/java/util/IdentityHashMap/Capacity.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/IdentityHashMap/Capacity.java	Thu Apr 30 17:20:49 2015 -0700
@@ -39,6 +39,7 @@
  * @summary IdentityHashMap reallocates storage when inserting expected
  *          number of elements
  * @run testng Capacity
+ * @key randomness
  */
 
 @Test
--- a/jdk/test/java/util/List/LockStep.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/List/LockStep.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,6 +26,7 @@
  * @bug     6359979
  * @summary Compare List implementations for identical behavior
  * @author  Martin Buchholz
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/java/util/Map/LockStep.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/Map/LockStep.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  * @test
  * @bug 6612102
  * @summary Test Map implementations for mutual compatibility
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/java/util/NavigableMap/LockStep.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/NavigableMap/LockStep.java	Thu Apr 30 17:20:49 2015 -0700
@@ -29,6 +29,7 @@
  * @run main/othervm -XX:+AggressiveOpts LockStep
  * @run main/othervm -XX:+AggressiveOpts -Dthorough=true LockStep
  * @author  Martin Buchholz
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/java/util/PluggableLocale/ExecTest.sh	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/PluggableLocale/ExecTest.sh	Thu Apr 30 17:20:49 2015 -0700
@@ -1,6 +1,6 @@
 #!/bin/sh
 #
-# Copyright (c) 2007, 2012, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2007, 2015, Oracle and/or its affiliates. All rights reserved.
 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 #
 # This code is free software; you can redistribute it and/or modify it
@@ -33,7 +33,7 @@
 # Parameters:
 #    providersToTest: [foo|bar|foobar]
 #    java class name: <class name>
-#    providersInExtDir: [true|false]
+#    java security policy file: (Optional. Installs security manager if exists)
 
 if [ "${TESTSRC}" = "" ]
 then
@@ -113,8 +113,14 @@
   exit $result
 fi
 
+# security options
+if [ "$3" != "" ]
+then
+  SECURITYOPTS="-Djava.security.manager -Djava.security.policy=${TESTSRC}${FS}$3"
+fi
+
 # run
-RUNCMD="${TESTJAVA}${FS}bin${FS}java ${TESTVMOPTS} -classpath ${CLASSPATHARG} $2 "
+RUNCMD="${TESTJAVA}${FS}bin${FS}java ${TESTVMOPTS} ${SECURITYOPTS} -classpath ${CLASSPATHARG} $2 "
 
 echo ${RUNCMD}
 ${RUNCMD}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/java/util/PluggableLocale/PermissionTest.java	Thu Apr 30 17:20:49 2015 -0700
@@ -0,0 +1,46 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+/*
+ *
+ */
+public class PermissionTest{
+
+    //  Make sure provider impls can be instantiated under a security manager.ZZ
+    com.foo.BreakIteratorProviderImpl breakIP = new com.foo.BreakIteratorProviderImpl();
+    com.foo.CollatorProviderImpl collatorP = new com.foo.CollatorProviderImpl();
+    com.foo.DateFormatProviderImpl dateFP = new com.foo.DateFormatProviderImpl();
+    com.foo.DateFormatSymbolsProviderImpl dateFSP = new com.foo.DateFormatSymbolsProviderImpl();
+    com.foo.DecimalFormatSymbolsProviderImpl decimalFSP = new com.foo.DecimalFormatSymbolsProviderImpl();
+    com.foo.NumberFormatProviderImpl numberFP = new com.foo.NumberFormatProviderImpl();
+    com.bar.CurrencyNameProviderImpl currencyNP = new com.bar.CurrencyNameProviderImpl();
+    com.bar.CurrencyNameProviderImpl2 currencyNP2 = new com.bar.CurrencyNameProviderImpl2();
+    com.bar.LocaleNameProviderImpl localeNP = new com.bar.LocaleNameProviderImpl();
+    com.bar.TimeZoneNameProviderImpl tzNP = new com.bar.TimeZoneNameProviderImpl();
+    com.bar.GenericTimeZoneNameProviderImpl tzGenNP = new com.bar.GenericTimeZoneNameProviderImpl();
+    com.bar.CalendarDataProviderImpl calDataP = new com.bar.CalendarDataProviderImpl();
+    com.bar.CalendarNameProviderImpl calNameP = new com.bar.CalendarNameProviderImpl();
+
+    public static void main(String[] s) {
+        new PermissionTest();
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/java/util/PluggableLocale/PermissionTest.sh	Thu Apr 30 17:20:49 2015 -0700
@@ -0,0 +1,31 @@
+#!/bin/sh
+# 
+# Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+# 
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation.
+# 
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+# 
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+# 
+# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+# or visit www.oracle.com if you need additional information or have any
+# questions.
+#
+#
+# @test
+# @bug 8075545
+# @summary Check whether RuntimePermission("localeServiceProvider") is
+#    handled correctly
+# @run shell ExecTest.sh foobar PermissionTest
+# @run shell/fail ExecTest.sh foobar PermissionTest dummy
+# @run shell ExecTest.sh foobar PermissionTest localeServiceProvider.policy
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/java/util/PluggableLocale/localeServiceProvider.policy	Thu Apr 30 17:20:49 2015 -0700
@@ -0,0 +1,3 @@
+grant {
+    permission java.lang.RuntimePermission "localeServiceProvider";
+};
--- a/jdk/test/java/util/Properties/ConcurrentLoadAndStoreXML.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/Properties/ConcurrentLoadAndStoreXML.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  * @bug 8005281
  * @summary Test that the Properties storeToXML and loadFromXML methods are
  *   thread safe
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/java/util/Random/DistinctSeeds.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/Random/DistinctSeeds.java	Thu Apr 30 17:20:49 2015 -0700
@@ -35,6 +35,7 @@
  * @test
  * @bug 4949279 6937857
  * @summary Independent instantiations of Random() have distinct seeds.
+ * @key randomness
  */
 
 import java.util.ArrayList;
--- a/jdk/test/java/util/Random/RandomStreamTest.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/Random/RandomStreamTest.java	Thu Apr 30 17:20:49 2015 -0700
@@ -47,6 +47,7 @@
  * @run testng RandomStreamTest
  * @summary test stream methods on Random
  * @author Brian Goetz
+ * @key randomness
  */
 public class RandomStreamTest {
 
--- a/jdk/test/java/util/Random/RandomTest.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/Random/RandomTest.java	Thu Apr 30 17:20:49 2015 -0700
@@ -35,6 +35,7 @@
  * @test
  * @run testng RandomTest
  * @summary test methods on Random
+ * @key randomness
  */
 @Test
 public class RandomTest {
--- a/jdk/test/java/util/ResourceBundle/Control/StressTest.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/ResourceBundle/Control/StressTest.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  * @bug 5102289
  * @summary Stress test for ResourceBundle.getBundle with ResourceBundle.Control.
  * @run main/othervm -esa StressTest 2 15
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/java/util/SplittableRandom/SplittableRandomTest.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/SplittableRandom/SplittableRandomTest.java	Thu Apr 30 17:20:49 2015 -0700
@@ -39,6 +39,7 @@
  * @run testng SplittableRandomTest
  * @run testng/othervm -Djava.util.secureRandomSeed=true SplittableRandomTest
  * @summary test methods on SplittableRandom
+ * @key randomness
  */
 @Test
 public class SplittableRandomTest {
--- a/jdk/test/java/util/Timer/DelayOverflow.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/Timer/DelayOverflow.java	Thu Apr 30 17:20:49 2015 -0700
@@ -27,6 +27,7 @@
  * @summary java.util.Timer schedule delay Long.MAX_VALUE causes task to execute multiple times
  * @author Chris Hegarty
  * @author Martin Buchholz
+ * @key randomness
  */
 
 import java.util.Date;
--- a/jdk/test/java/util/Timer/Purge.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/Timer/Purge.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  * @test
  * @bug 4481072
  * @summary Basic test for purge method
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/java/util/UUID/Serial.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/UUID/Serial.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  * @test
  * @bug 5014447
  * @summary Test deserialization of UUID
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/java/util/UUID/UUIDTest.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/UUID/UUIDTest.java	Thu Apr 30 17:20:49 2015 -0700
@@ -24,6 +24,7 @@
 /* @test
  * @bug 4173528 5068772
  * @summary Unit tests for java.util.UUID
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/java/util/WeakHashMap/GCDuringIteration.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/WeakHashMap/GCDuringIteration.java	Thu Apr 30 17:20:49 2015 -0700
@@ -27,6 +27,7 @@
  * @ignore until 6842353 is resolved
  * @summary Check that iterators work properly in the presence of
  *          concurrent finalization and removal of elements.
+ * @key randomness
  */
 
 import java.util.*;
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/java/util/concurrent/forkjoin/SubmissionTest.java	Thu Apr 30 17:20:49 2015 -0700
@@ -0,0 +1,49 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.util.concurrent.ForkJoinPool;
+import java.util.concurrent.TimeUnit;
+import java.util.concurrent.atomic.AtomicBoolean;
+
+/*
+ * @test
+ * @bug 8078490
+ * @summary Test submission and execution of task without joining
+ */
+public class SubmissionTest {
+    public static void main(String[] args) throws Throwable {
+        final ForkJoinPool e = new ForkJoinPool(1);
+        final AtomicBoolean b = new AtomicBoolean();
+        final Runnable setFalse = () -> b.set(false);
+        for (int i = 0; i < 100000; i++) {
+            b.set(true);
+            e.execute(setFalse);
+            long st = System.nanoTime();
+            while (b.get()) {
+                if (System.nanoTime() - st >= TimeUnit.SECONDS.toNanos(10)) {
+                    throw new RuntimeException("Submitted task failed to execute");
+                }
+            }
+        }
+    }
+}
--- a/jdk/test/java/util/logging/CheckZombieLockTest.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/logging/CheckZombieLockTest.java	Thu Apr 30 17:20:49 2015 -0700
@@ -37,6 +37,7 @@
  * @run  main/othervm CheckZombieLockTest CLEANUP
  * @run  main/othervm CheckZombieLockTest REUSE
  * @run  main/othervm CheckZombieLockTest CLEANUP
+ * @key randomness
  */
 import java.io.File;
 import java.io.IOException;
--- a/jdk/test/java/util/logging/DrainFindDeadlockTest.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/logging/DrainFindDeadlockTest.java	Thu Apr 30 17:20:49 2015 -0700
@@ -36,6 +36,7 @@
  * @author jim.gish@oracle.com
  * @build DrainFindDeadlockTest
  * @run main/othervm/timeout=10 DrainFindDeadlockTest
+ * @key randomness
  */
 
 /**
--- a/jdk/test/java/util/logging/FileHandlerLongLimit.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/logging/FileHandlerLongLimit.java	Thu Apr 30 17:20:49 2015 -0700
@@ -55,6 +55,7 @@
  * @run main/othervm FileHandlerLongLimit UNSECURE
  * @run main/othervm FileHandlerLongLimit SECURE
  * @author danielfuchs
+ * @key randomness
  */
 public class FileHandlerLongLimit {
 
--- a/jdk/test/java/util/logging/FileHandlerPath.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/logging/FileHandlerPath.java	Thu Apr 30 17:20:49 2015 -0700
@@ -56,6 +56,7 @@
  * @run main/othervm FileHandlerPath UNSECURE
  * @run main/othervm FileHandlerPath SECURE
  * @author danielfuchs
+ * @key randomness
  */
 public class FileHandlerPath {
 
--- a/jdk/test/java/util/logging/FileHandlerPatternExceptions.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/logging/FileHandlerPatternExceptions.java	Thu Apr 30 17:20:49 2015 -0700
@@ -49,6 +49,7 @@
  * @run main/othervm FileHandlerPatternExceptions UNSECURE
  * @run main/othervm FileHandlerPatternExceptions SECURE
  * @author danielfuchs
+ * @key randomness
  */
 public class FileHandlerPatternExceptions {
 
--- a/jdk/test/java/util/logging/LogManager/Configuration/ParentLoggerWithHandlerGC.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/logging/LogManager/Configuration/ParentLoggerWithHandlerGC.java	Thu Apr 30 17:20:49 2015 -0700
@@ -59,6 +59,7 @@
  * @run main/othervm ParentLoggerWithHandlerGC UNSECURE
  * @run main/othervm ParentLoggerWithHandlerGC SECURE
  * @author danielfuchs
+ * @key randomness
  */
 public class ParentLoggerWithHandlerGC {
 
--- a/jdk/test/java/util/logging/LoggingDeadlock.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/logging/LoggingDeadlock.java	Thu Apr 30 17:20:49 2015 -0700
@@ -30,6 +30,10 @@
  *
  * @build    LoggingDeadlock
  * @run  main/timeout=15 LoggingDeadlock
+ * @key randomness
+ */
+
+/*
  *
  * There can be a deadlock between two class initializations.
  * It happens if the LogManager.<clinit> and the Logger.<clinit>
--- a/jdk/test/java/util/logging/LoggingDeadlock2.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/logging/LoggingDeadlock2.java	Thu Apr 30 17:20:49 2015 -0700
@@ -29,6 +29,10 @@
  *
  * @build    LoggingDeadlock2
  * @run  main LoggingDeadlock2
+ * @key randomness
+ */
+
+/*
  *
  * There is a clear deadlock between LogManager.<clinit> and
  * Cleaner.run() methods.
--- a/jdk/test/java/util/logging/TestLogConfigurationDeadLockWithConf.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/logging/TestLogConfigurationDeadLockWithConf.java	Thu Apr 30 17:20:49 2015 -0700
@@ -46,6 +46,7 @@
  *          caused by synchronization issues in Logger and LogManager.
  * @run main/othervm TestLogConfigurationDeadLockWithConf
  * @author danielfuchs
+ * @key randomness
  */
 // This test is a best effort to try & detect issues. The test itself will run
 // for 8secs. This is usually sufficient to detect issues.
--- a/jdk/test/java/util/prefs/CodePointZeroPrefsTest.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/prefs/CodePointZeroPrefsTest.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,9 +26,8 @@
 
 /*
  * @test
- * @bug 8068373
- * @requires os.family == "linux" | os.family == "solaris"
- * @summary Ensure writing a code point U+0000 null control character is detected.
+ * @bug 8068373 8075110 8075156
+ * @summary Ensure a code point U+0000 null control character is detected.
  */
 public class CodePointZeroPrefsTest
 {
@@ -36,52 +35,70 @@
     {
         int failures = 0;
 
-        // Deliberately reflect so you can reproduce it on any platform.
-        Constructor<? extends PreferencesFactory> constructor =
-            Class.forName("java.util.prefs.FileSystemPreferencesFactory").asSubclass(PreferencesFactory.class).getDeclaredConstructor();
-        constructor.setAccessible(true);
-        PreferencesFactory factory = constructor.newInstance();
+        Preferences node = Preferences.userRoot().node("com/acme/testing");
 
-        Preferences node = factory.userRoot().node("com/acme/testing");
+        // --- put() ---
 
         // legal key and value
         try {
             node.put("a", "1");
         } catch (IllegalArgumentException iae) {
-            System.err.println("Unexpected IllegalArgumentException for legal key");
+            System.err.println("Unexpected IllegalArgumentException for legal put() key");
             failures++;
         }
 
         // illegal key only
-        int numIAEs = 0;
         try {
             node.put("a\u0000b", "1");
-            System.err.println("IllegalArgumentException not thrown for illegal key");
+            System.err.println("IllegalArgumentException not thrown for illegal put() key");
             failures++;
         } catch (IllegalArgumentException iae) {
             // do nothing
         }
 
         // illegal value only
-        numIAEs = 0;
         try {
             node.put("ab", "2\u00003");
-            System.err.println("IllegalArgumentException not thrown for illegal value");
+            System.err.println("IllegalArgumentException not thrown for illegal put() value");
             failures++;
         } catch (IllegalArgumentException iae) {
             // do nothing
         }
 
         // illegal key and value
-        numIAEs = 0;
         try {
             node.put("a\u0000b", "2\u00003");
-            System.err.println("IllegalArgumentException not thrown for illegal entry");
+            System.err.println("IllegalArgumentException not thrown for illegal put() entry");
             failures++;
         } catch (IllegalArgumentException iae) {
             // do nothing
         }
 
+        // --- get ---
+
+        // illegal key only
+        try {
+            String theDefault = "default";
+            String value = node.get("a\u0000b", theDefault);
+            System.err.println("IllegalArgumentException not thrown for illegal get() key");
+            failures++;
+        } catch (IllegalArgumentException iae) {
+            // do nothing
+        }
+
+        // --- remove ---
+
+        // illegal key only
+        try {
+            node.remove("a\u0000b");
+            System.err.println("IllegalArgumentException not thrown for illegal remove() key");
+            failures++;
+        } catch (IllegalArgumentException iae) {
+            // do nothing
+        }
+
+        node.removeNode();
+
         if (failures != 0) {
             throw new RuntimeException("CodePointZeroPrefsTest failed with "
                 + failures + " errors!");
--- a/jdk/test/java/util/regex/RegExTest.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/regex/RegExTest.java	Thu Apr 30 17:20:49 2015 -0700
@@ -33,6 +33,7 @@
  * 6350801 6676425 6878475 6919132 6931676 6948903 6990617 7014645 7039066
  * 7067045 7014640 7189363 8007395 8013252 8013254 8012646 8023647 6559590
  * 8027645 8035076 8039124 8035975 8074678
+ * @key randomness
  */
 
 import java.util.function.Function;
--- a/jdk/test/java/util/zip/3GBZipFiles.sh	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/zip/3GBZipFiles.sh	Thu Apr 30 17:20:49 2015 -0700
@@ -29,6 +29,7 @@
 # @run shell 3GBZipFiles.sh 9986
 # @ignore runs for hours and eats up 7 Gigabytes of disk space
 # @run shell/timeout=604800 3GBZipFiles.sh 3141592653
+# @key randomness
 
 # Command-line usage:
 # javac FileBuilder.java && sh 3GBZipFiles.sh /path/to/jdk filesize
--- a/jdk/test/java/util/zip/DeInflate.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/zip/DeInflate.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  * @test
  * @bug 7110149
  * @summary Test basic deflater & inflater functionality
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/java/util/zip/DeflateIn_InflateOut.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/zip/DeflateIn_InflateOut.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  * @test
  * @bug 4679743
  * @summary Test basic functionality of DeflaterInputStream and InflaterOutputStream
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/java/util/zip/FlaterTest.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/zip/FlaterTest.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,6 +26,7 @@
  * @bug 6348045
  * @summary GZipOutputStream/InputStream goes critical(calls JNI_Get*Critical)
  * and causes slowness.  This test uses Deflater and Inflater directly.
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/java/util/zip/GZIP/Accordion.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/zip/GZIP/Accordion.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  * @bug 5092263
  * @summary GZIPInputStream o GZIPOutputStream === the identity stream
  * @author Martin Buchholz
+ * @key randomness
 */
 
 // To manually test for uncompressed streams larger than 2GB, do
--- a/jdk/test/java/util/zip/GZIP/GZIPInputStreamRead.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/zip/GZIP/GZIPInputStreamRead.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  * @bug 4691425
  * @summary Test the read and write of GZIPInput/OutputStream, including
  *          concatenated .gz inputstream
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/java/util/zip/InflateIn_DeflateOut.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/zip/InflateIn_DeflateOut.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  * @test
  * @bug 4206909 4813885
  * @summary Test basic functionality of DeflaterOutputStream/InflaterInputStream and GZIPOutputStream/GZIPInputStream, including flush
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/java/util/zip/InflaterBufferSize.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/zip/InflaterBufferSize.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,6 +26,7 @@
  * @bug 6571338
  * @summary Inflater should not require a buffer to the inflate() methods
  * larger than 1 byte.
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/java/util/zip/TimeChecksum.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/zip/TimeChecksum.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
 /* @test
  * @bug 7109837
  * @summary Test Adler32/CRC32.update(ByteBuffer)
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/java/util/zip/TotalInOut.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/zip/TotalInOut.java	Thu Apr 30 17:20:49 2015 -0700
@@ -24,6 +24,7 @@
 /* @test
  * @bug 7188852
  * @summary Test De/Inflater.getBytesRead/Written()
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/java/util/zip/ZipFile/Assortment.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/zip/ZipFile/Assortment.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  * @bug 4770745 6234507 6303183 8048990
  * @summary test a variety of zip file entries
  * @author Martin Buchholz
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/java/util/zip/ZipFile/ClearStaleZipFileInputStreams.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/zip/ZipFile/ClearStaleZipFileInputStreams.java	Thu Apr 30 17:20:49 2015 -0700
@@ -30,6 +30,7 @@
  * @bug 7031076
  * @summary Allow stale InputStreams from ZipFiles to be GC'd
  * @author Neil Richards <neil.richards@ngmr.net>, <neil_richards@uk.ibm.com>
+ * @key randomness
  */
 import java.lang.ref.ReferenceQueue;
 import java.lang.ref.WeakReference;
--- a/jdk/test/java/util/zip/ZipFile/FinalizeZipFile.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/zip/ZipFile/FinalizeZipFile.java	Thu Apr 30 17:20:49 2015 -0700
@@ -24,6 +24,7 @@
 /* @test
  * @bug 7007609 7009618
  * @summary Check that ZipFile objects are always collected
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/java/util/zip/ZipFile/MultiThreadedReadTest.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/zip/ZipFile/MultiThreadedReadTest.java	Thu Apr 30 17:20:49 2015 -0700
@@ -27,6 +27,7 @@
  * @library /lib/testlibrary
  * @build jdk.testlibrary.FileUtils
  * @run main MultiThreadedReadTest
+ * @key randomness
  */
 
 import java.io.File;
--- a/jdk/test/java/util/zip/ZipFile/ReadZip.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/java/util/zip/ZipFile/ReadZip.java	Thu Apr 30 17:20:49 2015 -0700
@@ -24,6 +24,7 @@
 /* @test
    @bug 4241361 4842702 4985614 6646605 5032358 6923692
    @summary Make sure we can read a zip file.
+   @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/javax/crypto/Cipher/ByteBuffers.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/javax/crypto/Cipher/ByteBuffers.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,6 +26,7 @@
  * @bug 4844847
  * @summary Test the Cipher.update/doFinal(ByteBuffer, ByteBuffer) methods
  * @author Andreas Sterbenz
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/javax/crypto/CipherSpi/DirectBBRemaining.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/javax/crypto/CipherSpi/DirectBBRemaining.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,6 +26,7 @@
  * @bug 7142509
  * @summary Cipher.doFinal(ByteBuffer,ByteBuffer) fails to
  *     process when in.remaining() == 0
+ * @key randomness
  */
 
 import java.nio.ByteBuffer;
--- a/jdk/test/javax/crypto/CryptoPermission/AllPermCheck.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/javax/crypto/CryptoPermission/AllPermCheck.java	Thu Apr 30 17:20:49 2015 -0700
@@ -28,6 +28,7 @@
  * InvalidKeyException is thrown instead of SecurityException when
  * crypto permssion checks failed.
  * @author Valerie Peng
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/javax/crypto/CryptoPermission/RC2PermCheck.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/javax/crypto/CryptoPermission/RC2PermCheck.java	Thu Apr 30 17:20:49 2015 -0700
@@ -27,6 +27,7 @@
  * @summary Ensure the crypto permission check on cipher algorithms
  * with restricted parameter values are correctly enforced.
  * @author Valerie Peng
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/javax/crypto/JceSecurity/SunJCE_BC_LoadOrdering.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/javax/crypto/JceSecurity/SunJCE_BC_LoadOrdering.java	Thu Apr 30 17:20:49 2015 -0700
@@ -28,6 +28,7 @@
  * @summary SunJCE depends on sun.security.provider.SignatureImpl
  * behaviour, BC can't load into 1st slot.
  * @author Brad R. Wetmore
+ * @key randomness
  */
 
 import java.security.*;
--- a/jdk/test/javax/crypto/KeyGenerator/TestKGParity.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/javax/crypto/KeyGenerator/TestKGParity.java	Thu Apr 30 17:20:49 2015 -0700
@@ -35,6 +35,7 @@
  * @bug 8048607
  * @compile ../../../com/sun/crypto/provider/Cipher/DES/TestUtility.java
  * @summary Test key generation of DES and DESEDE
+ * @key randomness
  */
 public class TestKGParity {
 
--- a/jdk/test/javax/crypto/Mac/ByteBuffers.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/javax/crypto/Mac/ByteBuffers.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,6 +26,7 @@
  * @bug 4844847
  * @summary Test the Mac.update(ByteBuffer) method
  * @author Andreas Sterbenz
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/javax/crypto/NullCipher/TestNPE.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/javax/crypto/NullCipher/TestNPE.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,6 +26,7 @@
  * @bug 4937853
  * @summary Make sure normal calls of NullCipher does not throw NPE.
  * @author Valerie Peng
+ * @key randomness
  */
 import java.util.Arrays;
 import java.security.AlgorithmParameters;
--- a/jdk/test/javax/management/monitor/MultiMonitorTest.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/javax/management/monitor/MultiMonitorTest.java	Thu Apr 30 17:20:49 2015 -0700
@@ -29,6 +29,7 @@
  * @run clean MultiMonitorTest
  * @run build MultiMonitorTest
  * @run main MultiMonitorTest
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/javax/management/mxbean/ThreadMXBeanTest.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/javax/management/mxbean/ThreadMXBeanTest.java	Thu Apr 30 17:20:49 2015 -0700
@@ -29,6 +29,7 @@
  * @run clean ThreadMXBeanTest
  * @run build ThreadMXBeanTest
  * @run main ThreadMXBeanTest
+ * @key randomness
  */
 
 import java.lang.management.*;
--- a/jdk/test/javax/management/remote/mandatory/loading/MissingClassTest.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/javax/management/remote/mandatory/loading/MissingClassTest.java	Thu Apr 30 17:20:49 2015 -0700
@@ -29,6 +29,7 @@
  * @run clean MissingClassTest SingleClassLoader
  * @run build MissingClassTest SingleClassLoader
  * @run main MissingClassTest
+ * @key randomness
  */
 
 /*
--- a/jdk/test/javax/management/timer/MissingNotificationTest.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/javax/management/timer/MissingNotificationTest.java	Thu Apr 30 17:20:49 2015 -0700
@@ -29,6 +29,7 @@
  * @run clean MissingNotificationTest
  * @run build MissingNotificationTest
  * @run main MissingNotificationTest
+ * @key randomness
  */
 
 import java.util.Date;
--- a/jdk/test/javax/net/ssl/SSLEngine/LargeBufs.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/javax/net/ssl/SSLEngine/LargeBufs.java	Thu Apr 30 17:20:49 2015 -0700
@@ -33,6 +33,7 @@
  * @run main/othervm -Djsse.enableCBCProtection=false LargeBufs
  *
  * @author Brad R. Wetmore
+ * @key randomness
  */
 
 import javax.net.ssl.*;
--- a/jdk/test/javax/smartcardio/TestCommandAPDU.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/javax/smartcardio/TestCommandAPDU.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,6 +26,7 @@
  * @bug 6293767
  * @summary Test for the CommandAPDU class
  * @author Andreas Sterbenz
+ * @key randomness
  */
 
 import java.util.*;
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/lib/testlibrary/jdk/testlibrary/RandomFactory.java	Thu Apr 30 17:20:49 2015 -0700
@@ -0,0 +1,101 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.util.Random;
+import java.util.SplittableRandom;
+
+/**
+ * Factory class which generates and prints to STDOUT a long-valued seed
+ * for use in initializing a PRNG.  An instance of {@code Random} or
+ * {@code SplittableRandom} may likewise be obtained.
+ */
+public class RandomFactory {
+    /**
+     * Attempt to obtain the seed from the value of the "seed" property.
+     * @return The seed or {@code null} if the "seed" property was not set or
+     *         could not be parsed.
+     */
+    private static Long getSystemSeed() {
+        Long seed = null;
+        try {
+            // note that Long.valueOf(null) also throws a
+            // NumberFormatException so if the property is undefined this
+            // will still work correctly
+            seed = Long.valueOf(System.getProperty("seed"));
+        } catch (NumberFormatException e) {
+            // do nothing: seed is still null
+        }
+
+        return seed;
+    }
+
+    /**
+     * Obtain a seed from an independent PRNG.
+     *
+     * @return A random seed.
+     */
+    private static long getRandomSeed() {
+        return new Random().nextLong();
+    }
+
+    /**
+     * Obtain and print to STDOUT a seed appropriate for initializing a PRNG.
+     * If the system property "seed" is set and has value which may be correctly
+     * parsed it is used, otherwise a seed is generated using an independent
+     * PRNG.
+     *
+     * @return The seed.
+     */
+    public static long getSeed() {
+        Long seed = getSystemSeed();
+        if (seed == null) {
+            seed = getRandomSeed();
+        }
+        System.out.println("Seed from RandomFactory = "+seed+"L");
+        return seed;
+    }
+
+    /**
+     * Obtain and print to STDOUT a seed and use it to initialize a new
+     * {@code Random} instance which is returned. If the system
+     * property "seed" is set and has value which may be correctly parsed it
+     * is used, otherwise a seed is generated using an independent PRNG.
+     *
+     * @return The {@code Random} instance.
+     */
+    public static Random getRandom() {
+        return new Random(getSeed());
+    }
+
+    /**
+     * Obtain and print to STDOUT a seed and use it to initialize a new
+     * {@code SplittableRandom} instance which is returned. If the system
+     * property "seed" is set and has value which may be correctly parsed it
+     * is used, otherwise a seed is generated using an independent PRNG.
+     *
+     * @return The {@code SplittableRandom} instance.
+     */
+    public static SplittableRandom getSplittableRandom() {
+        return new SplittableRandom(getSeed());
+    }
+}
--- a/jdk/test/sun/management/jmxremote/startstop/JMXStartStopTest.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/management/jmxremote/startstop/JMXStartStopTest.java	Thu Apr 30 17:20:49 2015 -0700
@@ -60,6 +60,7 @@
  * @run main/othervm/timeout=600 -XX:+UsePerfData JMXStartStopTest
  * @summary Makes sure that enabling/disabling the management agent through JCMD
  *          achieves the desired results
+ * @key randomness
  */
 public class JMXStartStopTest {
 
--- a/jdk/test/sun/misc/CopyMemory.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/misc/CopyMemory.java	Thu Apr 30 17:20:49 2015 -0700
@@ -24,6 +24,7 @@
 /* @test
  * @bug 6565543
  * @summary Minimal test for unsafe.copyMemory() and unsafe.setMemory()
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/sun/misc/FloatingDecimal/TestFloatingDecimal.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/misc/FloatingDecimal/TestFloatingDecimal.java	Thu Apr 30 17:20:49 2015 -0700
@@ -62,6 +62,7 @@
  * @build DoubleConsts FloatConsts
  * @run main TestFloatingDecimal
  * @author Brian Burkhalter
+ * @key randomness
  */
 public class TestFloatingDecimal {
     private static enum ResultType {
--- a/jdk/test/sun/net/www/ParseUtil_4922813.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/net/www/ParseUtil_4922813.java	Thu Apr 30 17:20:49 2015 -0700
@@ -24,6 +24,7 @@
 /* @test
    @bug 4922813
    @summary Check the new impl of encodePath will not cause regression
+   @key randomness
  */
 
 import java.util.BitSet;
--- a/jdk/test/sun/nio/cs/FindDecoderBugs.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/nio/cs/FindDecoderBugs.java	Thu Apr 30 17:20:49 2015 -0700
@@ -27,6 +27,7 @@
  * @summary Decode many byte sequences in many ways
  * @run main/timeout=1800 FindDecoderBugs
  * @author Martin Buchholz
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/sun/nio/cs/FindEncoderBugs.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/nio/cs/FindEncoderBugs.java	Thu Apr 30 17:20:49 2015 -0700
@@ -27,6 +27,7 @@
  * @summary Encode many char sequences in many ways
  * @run main/timeout=1200 FindEncoderBugs
  * @author Martin Buchholz
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/sun/nio/cs/TestStringCoding.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/nio/cs/TestStringCoding.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
    @bug 6636323 6636319 7040220 7096080 7183053
    @summary Test if StringCoding and NIO result have the same de/encoding result
  * @run main/othervm/timeout=2000 TestStringCoding
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/sun/nio/cs/TestStringCodingUTF8.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/nio/cs/TestStringCodingUTF8.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
    @bug 7040220
    @summary Test if StringCoding and NIO result have the same de/encoding result for UTF-8
  * @run main/othervm/timeout=2000 TestStringCodingUTF8
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/sun/security/krb5/auto/KDC.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/security/krb5/auto/KDC.java	Thu Apr 30 17:20:49 2015 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2008, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2008, 2015, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -149,6 +149,9 @@
     private List<String> conf = new ArrayList<>();
 
     private Thread thread1, thread2, thread3;
+    private volatile boolean udpConsumerReady = false;
+    private volatile boolean tcpConsumerReady = false;
+    private volatile boolean dispatcherReady = false;
     DatagramSocket u1 = null;
     ServerSocket t1 = null;
 
@@ -1228,6 +1231,7 @@
         // The UDP consumer
         thread1 = new Thread() {
             public void run() {
+                udpConsumerReady = true;
                 while (true) {
                     try {
                         byte[] inbuf = new byte[8192];
@@ -1248,6 +1252,7 @@
         // The TCP consumer
         thread2 = new Thread() {
             public void run() {
+                tcpConsumerReady = true;
                 while (true) {
                     try {
                         Socket socket = tcp.accept();
@@ -1270,6 +1275,7 @@
         // The dispatcher
         thread3 = new Thread() {
             public void run() {
+                dispatcherReady = true;
                 while (true) {
                     try {
                         q.take().send();
@@ -1280,6 +1286,19 @@
         };
         thread3.setDaemon(true);
         thread3.start();
+
+        // wait for the KDC is ready
+        try {
+            while (!isReady()) {
+                Thread.sleep(100);
+            }
+        } catch(InterruptedException e) {
+            throw new IOException(e);
+        }
+    }
+
+    boolean isReady() {
+        return udpConsumerReady && tcpConsumerReady && dispatcherReady;
     }
 
     public void terminate() {
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/sun/security/krb5/auto/UnboundSSL.java	Thu Apr 30 17:20:49 2015 -0700
@@ -0,0 +1,134 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.io.IOException;
+import java.security.NoSuchAlgorithmException;
+import java.security.PrivilegedActionException;
+import java.util.HashMap;
+import java.util.Map;
+import javax.security.auth.login.LoginException;
+
+/*
+ * @test
+ * @bug 8025123
+ * @summary Checks if an unbound server can handle connections
+ *          only for allowed service principals
+ * @run main/othervm/policy=unbound.ssl.policy UnboundSSL
+ *                              unbound.ssl.jaas.conf server_star
+ * @run main/othervm/policy=unbound.ssl.policy UnboundSSL
+ *                              unbound.ssl.jaas.conf server_multiple_principals
+ */
+public class UnboundSSL {
+
+    public static void main(String[] args) throws IOException,
+            NoSuchAlgorithmException,LoginException, PrivilegedActionException,
+            InterruptedException {
+        UnboundSSL test = new UnboundSSL();
+        test.start(args[0], args[1]);
+    }
+
+    private void start(String jaacConfigFile, String serverJaasConfig)
+            throws IOException, NoSuchAlgorithmException,LoginException,
+            PrivilegedActionException, InterruptedException {
+
+        // define principals
+        String service1host = "service1." + UnboundSSLUtils.HOST;
+        String service2host = "service2." + UnboundSSLUtils.HOST;
+        String service3host = "service3." + UnboundSSLUtils.HOST;
+        String service1Principal = "host/" + service1host + "@"
+                + UnboundSSLUtils.REALM;
+        String service2Principal = "host/" + service2host + "@"
+                + UnboundSSLUtils.REALM;
+        String service3Principal = "host/" + service3host + "@"
+                + UnboundSSLUtils.REALM;
+
+        Map<String, String> principals = new HashMap<>();
+        principals.put(UnboundSSLUtils.USER_PRINCIPAL,
+                UnboundSSLUtils.USER_PASSWORD);
+        principals.put(UnboundSSLUtils.KRBTGT_PRINCIPAL, null);
+        principals.put(service1Principal, null);
+        principals.put(service2Principal, null);
+        principals.put(service3Principal, null);
+
+        System.setProperty("java.security.krb5.conf",
+               UnboundSSLUtils.KRB5_CONF_FILENAME);
+
+        // start a local KDC instance
+        UnboundSSLUtils.startKDC(UnboundSSLUtils.REALM, principals,
+                UnboundSSLUtils.KTAB_FILENAME, UnboundSSLUtils.KtabMode.APPEND);
+
+        System.setProperty("java.security.auth.login.config",
+                UnboundSSLUtils.TEST_SRC + UnboundSSLUtils.FS + jaacConfigFile);
+        System.setProperty("javax.security.auth.useSubjectCredsOnly", "false");
+
+        try (final SSLEchoServer server = SSLEchoServer.init(
+                UnboundSSLUtils.TLS_KRB5_FILTER, UnboundSSLUtils.SNI_PATTERN)) {
+
+            // start a server instance
+            UnboundSSLUtils.startServerWithJaas(server, serverJaasConfig);
+
+            // wait for the server is ready
+            while (!server.isReady()) {
+                Thread.sleep(UnboundSSLUtils.DELAY);
+            }
+
+            int port = server.getPort();
+
+            // run clients
+
+            // the server should have a permission to handle a request
+            // with this service principal (there should be an appropriate
+            // javax.security.auth.kerberos.ServicePermission in policy file)
+            System.out.println("Connect: SNI hostname = " + service1host
+                    + ", successful connection is expected");
+            SSLClient.init(UnboundSSLUtils.HOST, port,
+                    UnboundSSLUtils.TLS_KRB5_FILTER, service1host).connect();
+
+            // the server should NOT have a permission to handle a request
+            // with this service principal (there should be an appropriate
+            // javax.security.auth.kerberos.ServicePermission in policy file)
+            // handshake failures is expected
+            System.out.println("Connect: SNI hostname = " + service2host
+                    + ", connection failure is expected");
+            try {
+                SSLClient.init(UnboundSSLUtils.HOST, port,
+                        UnboundSSLUtils.TLS_KRB5_FILTER, service2host)
+                            .connect();
+                throw new RuntimeException("Test failed: "
+                        + "expected IOException not thrown");
+            } catch (IOException e) {
+                System.out.println("Expected exception: " + e);
+            }
+
+            // the server should have a permission to handle a request
+            // with this service principal (there should be an appropriate
+            // javax.security.auth.kerberos.ServicePermission in policy file)
+            System.out.println("Connect: SNI hostname = " + service3host
+                    + ", successful connection is expected");
+            SSLClient.init(UnboundSSLUtils.HOST, port,
+                    UnboundSSLUtils.TLS_KRB5_FILTER, service3host).connect();
+        }
+
+        System.out.println("Test passed");
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/sun/security/krb5/auto/UnboundSSLMultipleKeys.java	Thu Apr 30 17:20:49 2015 -0700
@@ -0,0 +1,111 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.io.IOException;
+import java.security.NoSuchAlgorithmException;
+import java.security.PrivilegedActionException;
+import java.util.HashMap;
+import java.util.Map;
+import javax.security.auth.login.LoginException;
+
+/*
+ * @test
+ * @bug 8025123
+ * @summary Checks if an unbound server pick up a correct key from keytab
+ * @run main/othervm UnboundSSLMultipleKeys
+ *                              unbound.ssl.jaas.conf server_star
+ * @run main/othervm UnboundSSLMultipleKeys
+ *                              unbound.ssl.jaas.conf server_multiple_principals
+ */
+public class UnboundSSLMultipleKeys {
+
+    public static void main(String[] args)
+            throws IOException, NoSuchAlgorithmException, LoginException,
+            PrivilegedActionException, InterruptedException {
+        UnboundSSLMultipleKeys test = new UnboundSSLMultipleKeys();
+        test.start(args[0], args[1]);
+    }
+
+    private void start(String jaacConfigFile, String serverJaasConfig)
+            throws IOException, NoSuchAlgorithmException, LoginException,
+            PrivilegedActionException, InterruptedException {
+
+        // define service principals
+        String service1host = "service1." + UnboundSSLUtils.HOST;
+        String service2host = "service2." + UnboundSSLUtils.HOST;
+        String service3host = "service3." + UnboundSSLUtils.HOST;
+        String service1Principal = "host/" + service1host + "@"
+                + UnboundSSLUtils.REALM;
+        String service2Principal = "host/" + service2host + "@"
+                + UnboundSSLUtils.REALM;
+        String service3Principal = "host/" + service3host + "@"
+                + UnboundSSLUtils.REALM;
+
+        Map<String, String> principals = new HashMap<>();
+        principals.put(UnboundSSLUtils.USER_PRINCIPAL,
+                UnboundSSLUtils.USER_PASSWORD);
+        principals.put(UnboundSSLUtils.KRBTGT_PRINCIPAL, "pass");
+        principals.put(service1Principal, "pass0");
+        principals.put(service1Principal, "pass1");
+        principals.put(service1Principal, "pass2");
+        principals.put(service2Principal, "pass");
+        principals.put(service3Principal, "pass");
+
+        System.setProperty("java.security.krb5.conf",
+                UnboundSSLUtils.KRB5_CONF_FILENAME);
+
+        /*
+         * Start a local KDC instance
+         *
+         * Keytab file contains 3 keys (with different KVNO) for service1
+         * principal, but password for only one key is the same with the record
+         * for service1 principal in KDC.
+         */
+        UnboundSSLUtils.startKDC(UnboundSSLUtils.REALM, principals,
+                UnboundSSLUtils.KTAB_FILENAME, UnboundSSLUtils.KtabMode.APPEND);
+
+        System.setProperty("java.security.auth.login.config",
+                UnboundSSLUtils.TEST_SRC + UnboundSSLUtils.FS + jaacConfigFile);
+        System.setProperty("javax.security.auth.useSubjectCredsOnly", "false");
+
+        // start an SSL server instance
+        try (SSLEchoServer server = SSLEchoServer.init(
+                UnboundSSLUtils.TLS_KRB5_FILTER, UnboundSSLUtils.SNI_PATTERN)) {
+
+            UnboundSSLUtils.startServerWithJaas(server, serverJaasConfig);
+
+            //  wait for the server is ready
+            while (!server.isReady()) {
+                Thread.sleep(UnboundSSLUtils.DELAY);
+            }
+
+            // run a client
+            System.out.println("Successful connection is expected");
+            SSLClient.init(UnboundSSLUtils.HOST, server.getPort(),
+                    UnboundSSLUtils.TLS_KRB5_FILTER, service1host).connect();
+        }
+
+        System.out.println("Test passed");
+    }
+
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/sun/security/krb5/auto/UnboundSSLPrincipalProperty.java	Thu Apr 30 17:20:49 2015 -0700
@@ -0,0 +1,119 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.io.IOException;
+import java.security.NoSuchAlgorithmException;
+import java.security.PrivilegedActionException;
+import java.util.HashMap;
+import java.util.Map;
+import javax.security.auth.login.LoginException;
+
+/*
+ * @test
+ * @bug 8025123
+ * @summary Checks if an unbound server uses a service principal
+ *          from sun.security.krb5.principal system property if specified
+ * @run main/othervm UnboundSSLPrincipalProperty
+ *                              unbound.ssl.jaas.conf server_star
+ * @run main/othervm UnboundSSLPrincipalProperty
+ *                              unbound.ssl.jaas.conf server_multiple_principals
+ */
+public class UnboundSSLPrincipalProperty {
+
+    public static void main(String[] args) throws IOException,
+            NoSuchAlgorithmException,LoginException, PrivilegedActionException,
+            InterruptedException {
+        UnboundSSLPrincipalProperty test = new UnboundSSLPrincipalProperty();
+        test.start(args[0], args[1]);
+    }
+
+    public void start(String jaacConfigFile, String serverJaasConfig)
+            throws IOException, NoSuchAlgorithmException,LoginException,
+            PrivilegedActionException, InterruptedException {
+
+        // define principals
+        String service1host = "service1." + UnboundSSLUtils.HOST;
+        String service3host = "service3." + UnboundSSLUtils.HOST;
+        String service1Principal = "host/" + service1host + "@"
+                + UnboundSSLUtils.REALM;
+        String service3Principal = "host/" + service3host
+                + "@" + UnboundSSLUtils.REALM;
+
+        Map<String, String> principals = new HashMap<>();
+        principals.put(UnboundSSLUtils.USER_PRINCIPAL,
+                UnboundSSLUtils.USER_PASSWORD);
+        principals.put(UnboundSSLUtils.KRBTGT_PRINCIPAL, null);
+        principals.put(service1Principal, null);
+        principals.put(service3Principal, null);
+
+        System.setProperty("java.security.krb5.conf",
+                UnboundSSLUtils.KRB5_CONF_FILENAME);
+
+        // start a local KDC instance
+        UnboundSSLUtils.startKDC(UnboundSSLUtils.REALM, principals,
+                UnboundSSLUtils.KTAB_FILENAME, UnboundSSLUtils.KtabMode.APPEND);
+
+        System.setProperty("java.security.auth.login.config",
+                UnboundSSLUtils.TEST_SRC + UnboundSSLUtils.FS + jaacConfigFile);
+        System.setProperty("javax.security.auth.useSubjectCredsOnly", "false");
+
+        // start an SSL server instance
+        try (final SSLEchoServer server = SSLEchoServer.init(
+                UnboundSSLUtils.TLS_KRB5_FILTER, UnboundSSLUtils.SNI_PATTERN)) {
+
+            // specify a service principal for the server
+            System.setProperty("sun.security.krb5.principal",
+                    service3Principal);
+
+            UnboundSSLUtils.startServerWithJaas(server, serverJaasConfig);
+
+            // wait for the server is ready
+            while (!server.isReady()) {
+                Thread.sleep(UnboundSSLUtils.DELAY);
+            }
+
+            int port = server.getPort();
+
+            // connetion failure is expected
+            // since service3 principal was specified to use by the server
+            System.out.println("Connect: SNI hostname = " + service1host
+                    + ", connection failure is expected");
+            try {
+                SSLClient.init(UnboundSSLUtils.HOST, port,
+                        UnboundSSLUtils.TLS_KRB5_FILTER, service1host)
+                            .connect();
+                throw new RuntimeException("Test failed: "
+                        + "expected IOException not thrown");
+            } catch (IOException e) {
+                System.out.println("Expected exception: " + e);
+            }
+
+            System.out.println("Connect: SNI hostname = " + service3host
+                    + ", successful connection is expected");
+            SSLClient.init(UnboundSSLUtils.HOST, port,
+                    UnboundSSLUtils.TLS_KRB5_FILTER, service3host).connect();
+        }
+
+        System.out.println("Test passed");
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/sun/security/krb5/auto/UnboundSSLUtils.java	Thu Apr 30 17:20:49 2015 -0700
@@ -0,0 +1,353 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.io.BufferedInputStream;
+import java.io.BufferedOutputStream;
+import java.io.File;
+import java.io.IOException;
+import java.security.NoSuchAlgorithmException;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
+import java.util.Map;
+import javax.net.ssl.SNIHostName;
+import javax.net.ssl.SNIMatcher;
+import javax.net.ssl.SNIServerName;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLParameters;
+import javax.net.ssl.SSLServerSocket;
+import javax.net.ssl.SSLServerSocketFactory;
+import javax.net.ssl.SSLSocket;
+import javax.net.ssl.SSLSocketFactory;
+import javax.security.auth.Subject;
+import javax.security.auth.login.LoginContext;
+import javax.security.auth.login.LoginException;
+
+/*
+ * Helper class for unbound krb5 tests.
+ */
+class UnboundSSLUtils {
+
+    static enum KtabMode { APPEND, EXISTING };
+
+    static final String KTAB_FILENAME = "krb5.keytab.data";
+    static final String HOST = "localhost";
+    static final String REALM = "TEST.REALM";
+    static final String KRBTGT_PRINCIPAL = "krbtgt/" + REALM;
+    static final String TEST_SRC = System.getProperty("test.src", ".");
+    static final String TLS_KRB5_FILTER = "TLS_KRB5";
+    static final String USER = "USER";
+    static final String USER_PASSWORD = "password";
+    static final String FS = System.getProperty("file.separator");
+    static final String SNI_PATTERN = ".*";
+    static final String USER_PRINCIPAL = USER + "@" + REALM;
+    static final String KRB5_CONF_FILENAME = "krb5.conf";
+    static final int DELAY = 1000;
+
+   static String[] filterStringArray(String[] src, String filter) {
+        return Arrays.stream(src).filter((item) -> item.startsWith(filter))
+                .toArray(size -> new String[size]);
+    }
+
+    /*
+     * The method does JAAS login,
+     * and runs an SSL server in the JAAS context.
+     */
+    static void startServerWithJaas(final SSLEchoServer server,
+            String config) throws LoginException, PrivilegedActionException {
+        LoginContext context = new LoginContext(config);
+        context.login();
+        System.out.println("Server: successful authentication");
+        Subject.doAs(context.getSubject(),
+                (PrivilegedExceptionAction<Object>) () -> {
+            SSLEchoServer.startServer(server);
+            return null;
+        });
+    }
+
+    /*
+     * Start a KDC server:
+     *   - create a KDC instance
+     *   - create Kerberos principals
+     *   - save Kerberos configuration
+     *   - save keys to keytab file
+     *   - no pre-auth required
+     */
+    static void startKDC(String realm, Map<String, String> principals,
+            String ktab, KtabMode mode) {
+        try {
+            KDC kdc = KDC.create(realm, HOST, 0, true);
+            kdc.setOption(KDC.Option.PREAUTH_REQUIRED, Boolean.FALSE);
+            if (principals != null) {
+                for (Map.Entry<String, String> entry : principals.entrySet()) {
+                    String name = entry.getKey();
+                    String password = entry.getValue();
+                    if (password == null || password.isEmpty()) {
+                        System.out.println("KDC: add a principal '" + name +
+                                "' with a random password");
+                        kdc.addPrincipalRandKey(name);
+                    } else {
+                        System.out.println("KDC: add a principal '" + name +
+                                "' with '" + password + "' password");
+                        kdc.addPrincipal(name, password.toCharArray());
+                    }
+                }
+            }
+
+            KDC.saveConfig(KRB5_CONF_FILENAME, kdc);
+
+            if (ktab != null) {
+                File ktabFile = new File(ktab);
+                if (mode == KtabMode.APPEND) {
+                    if (ktabFile.exists()) {
+                        System.out.println("KDC: append keys to an exising " +
+                                "keytab file " + ktab);
+                        kdc.appendKtab(ktab);
+                    } else {
+                        System.out.println("KDC: create a new keytab file " +
+                                ktab);
+                        kdc.writeKtab(ktab);
+                    }
+                } else if (mode == KtabMode.EXISTING) {
+                    System.out.println("KDC: use an existing keytab file "
+                            + ktab);
+                } else {
+                    throw new RuntimeException("KDC: unsupported keytab mode: "
+                            + mode);
+                }
+            }
+
+            System.out.println("KDC: started on " + HOST + ":" + kdc.getPort()
+                    + " with '" + realm + "' realm");
+        } catch (Exception e) {
+            throw new RuntimeException("KDC: unexpected exception", e);
+        }
+    }
+
+}
+
+class SSLClient {
+
+    private final static byte[][] arrays = {
+        new byte[] {-1, 0, 2},
+        new byte[] {}
+    };
+
+    private final SSLSocket socket;
+
+    private SSLClient(SSLSocket socket) {
+        this.socket = socket;
+    }
+
+    void connect() throws IOException {
+        System.out.println("Client: connect to server");
+        try (BufferedInputStream bis = new BufferedInputStream(
+                        socket.getInputStream());
+                BufferedOutputStream bos = new BufferedOutputStream(
+                        socket.getOutputStream())) {
+
+            for (byte[] bytes : arrays) {
+                System.out.println("Client: send byte array: "
+                        + Arrays.toString(bytes));
+
+                bos.write(bytes);
+                bos.flush();
+
+                byte[] recieved = new byte[bytes.length];
+                int read = bis.read(recieved, 0, bytes.length);
+                if (read < 0) {
+                    throw new IOException("Client: couldn't read a response");
+                }
+
+                System.out.println("Client: recieved byte array: "
+                        + Arrays.toString(recieved));
+
+                if (!Arrays.equals(bytes, recieved)) {
+                    throw new IOException("Client: sent byte array "
+                                + "is not equal with recieved byte array");
+                }
+            }
+            socket.getSession().invalidate();
+        } finally {
+            if (!socket.isClosed()) {
+                socket.close();
+            }
+        }
+    }
+
+    static SSLClient init(String host, int port, String cipherSuiteFilter,
+            String sniHostName) throws NoSuchAlgorithmException, IOException {
+        SSLContext sslContext = SSLContext.getDefault();
+        SSLSocketFactory ssf = (SSLSocketFactory) sslContext.getSocketFactory();
+        SSLSocket socket = (SSLSocket) ssf.createSocket(host, port);
+        SSLParameters params = new SSLParameters();
+
+        if (cipherSuiteFilter != null) {
+            String[] cipherSuites = UnboundSSLUtils.filterStringArray(
+                    ssf.getSupportedCipherSuites(), cipherSuiteFilter);
+            System.out.println("Client: enabled cipher suites: "
+                    + Arrays.toString(cipherSuites));
+            params.setCipherSuites(cipherSuites);
+        }
+
+        if (sniHostName != null) {
+            System.out.println("Client: set SNI hostname: " + sniHostName);
+            SNIHostName serverName = new SNIHostName(sniHostName);
+            List<SNIServerName> serverNames = new ArrayList<>();
+            serverNames.add(serverName);
+            params.setServerNames(serverNames);
+        }
+
+        socket.setSSLParameters(params);
+
+        return new SSLClient(socket);
+    }
+
+}
+
+class SSLEchoServer implements Runnable, AutoCloseable {
+
+    private final SSLServerSocket ssocket;
+    private volatile boolean stopped = false;
+    private volatile boolean ready = false;
+
+    /*
+     * Starts the server in a separate thread.
+     */
+    static void startServer(SSLEchoServer server) {
+        Thread serverThread = new Thread(server, "SSL echo server thread");
+        serverThread.setDaemon(true);
+        serverThread.start();
+    }
+
+    private SSLEchoServer(SSLServerSocket ssocket) {
+        this.ssocket = ssocket;
+    }
+
+    /*
+     * Main server loop.
+     */
+    @Override
+    public void run() {
+        System.out.println("Server: started");
+        while (!stopped) {
+            ready = true;
+            try (SSLSocket socket = (SSLSocket) ssocket.accept()) {
+                System.out.println("Server: client connection accepted");
+                try (
+                    BufferedInputStream bis = new BufferedInputStream(
+                            socket.getInputStream());
+                    BufferedOutputStream bos = new BufferedOutputStream(
+                            socket.getOutputStream())
+                ) {
+                    byte[] buffer = new byte[1024];
+                    int read;
+                    while ((read = bis.read(buffer)) > 0) {
+                        bos.write(buffer, 0, read);
+                        System.out.println("Server: recieved " + read
+                                + " bytes: "
+                                + Arrays.toString(Arrays.copyOf(buffer, read)));
+                        bos.flush();
+                    }
+                }
+            } catch (IOException e) {
+                if (stopped) {
+                    // stopped == true means that stop() method was called,
+                    // so just ignore the exception, and finish the loop
+                    break;
+                }
+                System.out.println("Server: couldn't accept client connection: "
+                        + e);
+            }
+        }
+        System.out.println("Server: finished");
+    }
+
+    boolean isReady() {
+        return ready;
+    }
+
+    void stop() {
+        stopped = true;
+        ready = false;
+
+        // close the server socket to interupt accept() method
+        try {
+            if (!ssocket.isClosed()) {
+                ssocket.close();
+            }
+        } catch (IOException e) {
+            throw new RuntimeException("Unexpected exception: " + e);
+        }
+    }
+
+    @Override
+    public void close() {
+        stop();
+    }
+
+    int getPort() {
+        return ssocket.getLocalPort();
+    }
+
+    /*
+     * Creates server instance.
+     *
+     * @param cipherSuiteFilter Filter for enabled cipher suites
+     * @param sniMatcherPattern Pattern for SNI server hame
+     */
+    static SSLEchoServer init(String cipherSuiteFilter,
+            String sniPattern) throws NoSuchAlgorithmException, IOException {
+        SSLContext context = SSLContext.getDefault();
+        SSLServerSocketFactory ssf =
+                (SSLServerSocketFactory) context.getServerSocketFactory();
+        SSLServerSocket ssocket =
+                (SSLServerSocket) ssf.createServerSocket(0);
+
+        // specify enabled cipher suites
+        if (cipherSuiteFilter != null) {
+            String[] ciphersuites = UnboundSSLUtils.filterStringArray(
+                    ssf.getSupportedCipherSuites(), cipherSuiteFilter);
+            System.out.println("Server: enabled cipher suites: "
+                    + Arrays.toString(ciphersuites));
+            ssocket.setEnabledCipherSuites(ciphersuites);
+        }
+
+        // specify SNI matcher pattern
+        if (sniPattern != null) {
+            System.out.println("Server: set SNI matcher: " + sniPattern);
+            SNIMatcher matcher = SNIHostName.createSNIMatcher(sniPattern);
+            List<SNIMatcher> matchers = new ArrayList<>();
+            matchers.add(matcher);
+            SSLParameters params = ssocket.getSSLParameters();
+            params.setSNIMatchers(matchers);
+            ssocket.setSSLParameters(params);
+        }
+
+        return new SSLEchoServer(ssocket);
+    }
+
+}
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/sun/security/krb5/auto/unbound.ssl.jaas.conf	Thu Apr 30 17:20:49 2015 -0700
@@ -0,0 +1,40 @@
+com.sun.net.ssl.client {
+    com.sun.security.auth.module.Krb5LoginModule required
+    principal="USER@TEST.REALM"
+    doNotPrompt=true
+    useKeyTab=true
+    keyTab="krb5.keytab.data";
+};
+
+server_star {
+    com.sun.security.auth.module.Krb5LoginModule required
+    principal="*"
+    isInitiator=false
+    useKeyTab=true
+    keyTab="krb5.keytab.data"
+    storeKey=true;
+};
+
+server_multiple_principals {
+    com.sun.security.auth.module.Krb5LoginModule required
+    principal="host/service1.localhost@TEST.REALM"
+    isInitiator=false
+    useKeyTab=true
+    keyTab="krb5.keytab.data"
+    storeKey=true;
+
+    com.sun.security.auth.module.Krb5LoginModule required
+    principal="host/service2.localhost@TEST.REALM"
+    isInitiator=false
+    useKeyTab=true
+    keyTab="krb5.keytab.data"
+    storeKey=true;
+
+    com.sun.security.auth.module.Krb5LoginModule required
+    principal="host/service3.localhost@TEST.REALM"
+    isInitiator=false
+    useKeyTab=true
+    keyTab="krb5.keytab.data"
+    storeKey=true;
+};
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/sun/security/krb5/auto/unbound.ssl.policy	Thu Apr 30 17:20:49 2015 -0700
@@ -0,0 +1,26 @@
+grant {
+    permission java.util.PropertyPermission "*", "read,write";
+    permission java.net.SocketPermission "*:*", "listen,resolve,accept,connect";
+    permission java.io.FilePermission "*", "read,write,delete";
+    permission java.lang.RuntimePermission "accessDeclaredMembers";
+    permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
+    permission java.lang.RuntimePermission "accessClassInPackage.*";
+    permission javax.security.auth.AuthPermission "doAs";
+    permission javax.security.auth.AuthPermission "getSubject";
+    permission javax.security.auth.AuthPermission
+                    "createLoginContext.server_star";
+    permission javax.security.auth.AuthPermission
+                    "createLoginContext.server_multiple_principals";
+    permission javax.security.auth.AuthPermission "modifyPrincipals";
+    permission javax.security.auth.PrivateCredentialPermission "javax.security.auth.kerberos.KeyTab java.security.Principal \"krb5.keytab.data\"", "read";
+
+    // clients have a permission to use all service principals
+    permission javax.security.auth.kerberos.ServicePermission "*", "initiate";
+
+    // server has a service permission
+    // to accept only service1 and service3 principals
+    permission javax.security.auth.kerberos.ServicePermission
+                    "host/service1.localhost@TEST.REALM", "accept";
+    permission javax.security.auth.kerberos.ServicePermission
+                    "host/service3.localhost@TEST.REALM", "accept";
+};
--- a/jdk/test/sun/security/mscapi/PrngSlow.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/security/mscapi/PrngSlow.java	Thu Apr 30 17:20:49 2015 -0700
@@ -25,6 +25,7 @@
  * @test
  * @bug 6449335
  * @summary MSCAPI's PRNG is too slow
+ * @key randomness
  */
 
 import java.security.SecureRandom;
--- a/jdk/test/sun/security/mscapi/SignUsingSHA2withRSA.sh	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/security/mscapi/SignUsingSHA2withRSA.sh	Thu Apr 30 17:20:49 2015 -0700
@@ -28,6 +28,7 @@
 # @bug 6753664
 # @run shell SignUsingSHA2withRSA.sh
 # @summary Support SHA256 (and higher) in SunMSCAPI
+# @key intermittent
 
 # set a few environment variables so that the shell-script can run stand-alone
 # in the source directory
--- a/jdk/test/sun/security/pkcs11/Cipher/ReinitCipher.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/security/pkcs11/Cipher/ReinitCipher.java	Thu Apr 30 17:20:49 2015 -0700
@@ -27,6 +27,7 @@
  * @summary
  * @author Andreas Sterbenz
  * @library ..
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/sun/security/pkcs11/Cipher/TestRSACipher.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/security/pkcs11/Cipher/TestRSACipher.java	Thu Apr 30 17:20:49 2015 -0700
@@ -27,6 +27,7 @@
  * @summary basic test for RSA cipher
  * @author Andreas Sterbenz
  * @library ..
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/sun/security/pkcs11/Cipher/TestRawRSACipher.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/security/pkcs11/Cipher/TestRawRSACipher.java	Thu Apr 30 17:20:49 2015 -0700
@@ -27,6 +27,7 @@
  * @summary basic test for RSA/ECB/NoPadding cipher
  * @author Valerie Peng
  * @library ..
+ * @key randomness
  */
 
 import javax.crypto.*;
--- a/jdk/test/sun/security/pkcs11/Cipher/TestSymmCiphers.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/security/pkcs11/Cipher/TestSymmCiphers.java	Thu Apr 30 17:20:49 2015 -0700
@@ -22,11 +22,12 @@
  */
 
 /**
- * @test %I% %E%
+ * @test
  * @bug 4898461 6604496
  * @summary basic test for symmetric ciphers with padding
  * @author Valerie Peng
  * @library ..
+ * @key randomness
  */
 import java.io.*;
 import java.nio.*;
--- a/jdk/test/sun/security/pkcs11/Cipher/TestSymmCiphersNoPad.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/security/pkcs11/Cipher/TestSymmCiphersNoPad.java	Thu Apr 30 17:20:49 2015 -0700
@@ -27,6 +27,7 @@
  * @summary basic test for symmetric ciphers with no padding
  * @author Valerie Peng
  * @library ..
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/sun/security/pkcs11/KeyGenerator/DESParity.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/security/pkcs11/KeyGenerator/DESParity.java	Thu Apr 30 17:20:49 2015 -0700
@@ -27,6 +27,7 @@
  * @summary Verify that the parity bits are set correctly
  * @author Andreas Sterbenz
  * @library ..
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/sun/security/pkcs11/Mac/MacSameTest.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/security/pkcs11/Mac/MacSameTest.java	Thu Apr 30 17:20:49 2015 -0700
@@ -37,6 +37,7 @@
  * @author Yu-Ching Valerie Peng, Bill Situ, Alexander Fomin
  * @library ..
  * @run main MacSameTest
+ * @key randomness
  */
 public class MacSameTest extends PKCS11Test {
 
--- a/jdk/test/sun/security/pkcs11/Mac/ReinitMac.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/security/pkcs11/Mac/ReinitMac.java	Thu Apr 30 17:20:49 2015 -0700
@@ -27,6 +27,7 @@
  * @summary
  * @author Andreas Sterbenz
  * @library ..
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/sun/security/pkcs11/MessageDigest/ByteBuffers.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/security/pkcs11/MessageDigest/ByteBuffers.java	Thu Apr 30 17:20:49 2015 -0700
@@ -27,6 +27,7 @@
  * @summary Test the MessageDigest.update(ByteBuffer) method
  * @author Andreas Sterbenz
  * @library ..
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/sun/security/pkcs11/MessageDigest/ReinitDigest.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/security/pkcs11/MessageDigest/ReinitDigest.java	Thu Apr 30 17:20:49 2015 -0700
@@ -27,6 +27,7 @@
  * @summary
  * @author Andreas Sterbenz
  * @library ..
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/sun/security/pkcs11/MessageDigest/TestCloning.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/security/pkcs11/MessageDigest/TestCloning.java	Thu Apr 30 17:20:49 2015 -0700
@@ -27,6 +27,7 @@
  * @summary Ensure the cloning functionality works.
  * @author Valerie Peng
  * @library ..
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/sun/security/pkcs11/Secmod/AddPrivateKey.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/security/pkcs11/Secmod/AddPrivateKey.java	Thu Apr 30 17:20:49 2015 -0700
@@ -28,6 +28,7 @@
  * @author Andreas Sterbenz
  * @library ..
  * @run main/othervm AddPrivateKey
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/sun/security/pkcs11/Secmod/Crypto.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/security/pkcs11/Secmod/Crypto.java	Thu Apr 30 17:20:49 2015 -0700
@@ -28,6 +28,7 @@
  * @author Andreas Sterbenz
  * @library ..
  * @run main/othervm Crypto
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/sun/security/pkcs11/Secmod/GetPrivateKey.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/security/pkcs11/Secmod/GetPrivateKey.java	Thu Apr 30 17:20:49 2015 -0700
@@ -28,6 +28,7 @@
  * @author Andreas Sterbenz
  * @library ..
  * @run main/othervm GetPrivateKey
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/sun/security/pkcs11/SecureRandom/Basic.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/security/pkcs11/SecureRandom/Basic.java	Thu Apr 30 17:20:49 2015 -0700
@@ -27,6 +27,7 @@
  * @summary basic test for PKCS#11 SecureRandom
  * @author Andreas Sterbenz
  * @library ..
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/sun/security/pkcs11/Signature/ByteBuffers.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/security/pkcs11/Signature/ByteBuffers.java	Thu Apr 30 17:20:49 2015 -0700
@@ -27,6 +27,7 @@
  * @summary Test the Signature.update(ByteBuffer) method
  * @author Andreas Sterbenz
  * @library ..
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/sun/security/pkcs11/Signature/ReinitSignature.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/security/pkcs11/Signature/ReinitSignature.java	Thu Apr 30 17:20:49 2015 -0700
@@ -27,6 +27,7 @@
  * @summary test that reinitializing Signatures works correctly
  * @author Andreas Sterbenz
  * @library ..
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/sun/security/pkcs11/Signature/TestDSA.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/security/pkcs11/Signature/TestDSA.java	Thu Apr 30 17:20:49 2015 -0700
@@ -27,6 +27,7 @@
  * @summary basic test of SHA1withDSA and RawDSA signing/verifying
  * @author Andreas Sterbenz
  * @library ..
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/sun/security/pkcs11/Signature/TestDSAKeyLength.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/security/pkcs11/Signature/TestDSAKeyLength.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,6 +26,7 @@
  * @summary verify that P11Signature impl will error out when initialized
  * with unsupported key sizes
  * @library ..
+ * @key randomness
  */
 
 
--- a/jdk/test/sun/security/pkcs11/ec/ReadPKCS12.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/security/pkcs11/ec/ReadPKCS12.java	Thu Apr 30 17:20:49 2015 -0700
@@ -28,6 +28,7 @@
  * @author Andreas Sterbenz
  * @library ..
  * @library ../../../../java/security/testlibrary
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/sun/security/pkcs11/ec/TestCurves.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/security/pkcs11/ec/TestCurves.java	Thu Apr 30 17:20:49 2015 -0700
@@ -29,6 +29,7 @@
  * @library ..
  * @compile -XDignore.symbol.file TestCurves.java
  * @run main TestCurves
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/sun/security/pkcs11/ec/TestECDSA.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/security/pkcs11/ec/TestECDSA.java	Thu Apr 30 17:20:49 2015 -0700
@@ -28,6 +28,7 @@
  * @author Andreas Sterbenz
  * @library ..
  * @library ../../../../java/security/testlibrary
+ * @key randomness
  */
 
 import java.util.*;
--- a/jdk/test/sun/security/pkcs11/rsa/KeyWrap.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/security/pkcs11/rsa/KeyWrap.java	Thu Apr 30 17:20:49 2015 -0700
@@ -27,6 +27,7 @@
  * @summary Verify key wrapping (of extractable keys) works for RSA/PKCS1
  * @author Andreas Sterbenz
  * @library ..
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/sun/security/pkcs11/rsa/TestKeyPairGenerator.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/security/pkcs11/rsa/TestKeyPairGenerator.java	Thu Apr 30 17:20:49 2015 -0700
@@ -24,10 +24,13 @@
 /**
  * @test
  * @bug 4856966
- * @summary Verify that the RSA KeyPairGenerator works
+ * @summary Verify that the RSA KeyPairGenerator works (use -Dseed=X to set PRNG seed)
  * @author Andreas Sterbenz
  * @library ..
+ * @library /lib/testlibrary
+ * @build jdk.testlibrary.*
  * @run main/othervm TestKeyPairGenerator
+ * @key intermittent randomness
  */
 
 import java.io.*;
@@ -105,7 +108,7 @@
         int[] keyLengths = {512, 512, 1024};
         BigInteger[] pubExps = {null, BigInteger.valueOf(3), null};
         KeyPair[] keyPairs = new KeyPair[3];
-        new Random().nextBytes(data);
+        RandomFactory.getRandom().nextBytes(data);
         KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA", provider);
         for (int i = 0; i < keyLengths.length; i++) {
             int len = keyLengths[i];
--- a/jdk/test/sun/security/pkcs11/rsa/TestSignatures.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/security/pkcs11/rsa/TestSignatures.java	Thu Apr 30 17:20:49 2015 -0700
@@ -27,6 +27,7 @@
  * @summary Test signing/verifying using all the signature algorithms
  * @author Andreas Sterbenz
  * @library ..
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/sun/security/provider/DSA/TestDSA.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/security/provider/DSA/TestDSA.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,6 +26,7 @@
  * @bug 4815057 4839277
  * @summary basic test of SHA1withDSA and RawDSA signing/verifying
  * @author Andreas Sterbenz
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/sun/security/provider/DSA/TestDSA2.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/security/provider/DSA/TestDSA2.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,6 +26,7 @@
  * @run main/othervm/timeout=250 TestDSA2
  * @summary verify that DSA signature works using SHA and SHA-224 and
  *          SHA-256 digests.
+ * @key randomness
  */
 
 
--- a/jdk/test/sun/security/provider/SeedGenerator/Priority_Inversion.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/security/provider/SeedGenerator/Priority_Inversion.java	Thu Apr 30 17:20:49 2015 -0700
@@ -29,6 +29,7 @@
  *
  * if the test returns, then it passed.
  * if the test never returns (hangs forever), then it failed.
+ * @key randomness
  */
 
 import java.security.SecureRandom;
--- a/jdk/test/sun/security/rsa/TestKeyPairGenerator.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/security/rsa/TestKeyPairGenerator.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,6 +26,7 @@
  * @bug 4853305 4865198 4888410 4963723
  * @summary Verify that the RSA KeyPairGenerator works
  * @author Andreas Sterbenz
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/sun/security/rsa/TestSignatures.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/security/rsa/TestSignatures.java	Thu Apr 30 17:20:49 2015 -0700
@@ -26,6 +26,7 @@
  * @bug 4853305 4963723
  * @summary Test signing/verifying using all the signature algorithms
  * @author Andreas Sterbenz
+ * @key randomness
  */
 
 import java.io.*;
--- a/jdk/test/sun/security/ssl/ClientHandshaker/LengthCheckTest.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/security/ssl/ClientHandshaker/LengthCheckTest.java	Thu Apr 30 17:20:49 2015 -0700
@@ -27,6 +27,7 @@
  * @summary Vectors and fixed length fields should be verified
  *          for allowed sizes.
  * @run main/othervm LengthCheckTest
+ * @key randomness
  */
 
 /**
--- a/jdk/test/sun/security/ssl/GenSSLConfigs/main.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/sun/security/ssl/GenSSLConfigs/main.java	Thu Apr 30 17:20:49 2015 -0700
@@ -3,6 +3,7 @@
  * @build TestThread Traffic Handler ServerHandler ServerThread ClientThread
  * @run main/othervm/timeout=140 -Djsse.enableCBCProtection=false main
  * @summary Make sure that different configurations of SSL sockets work
+ * @key randomness
  */
 
 /*
--- a/jdk/test/tools/launcher/ExecutionEnvironment.java	Thu Apr 30 13:02:06 2015 -0700
+++ b/jdk/test/tools/launcher/ExecutionEnvironment.java	Thu Apr 30 17:20:49 2015 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2009, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, 2015, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -184,15 +184,7 @@
 
         Map<String, String> env = new HashMap<>();
 
-        if (TestHelper.isLinux || TestHelper.isMacOSX || TestHelper.isAIX) {
-            for (String x : LD_PATH_STRINGS) {
-                String pairs[] = x.split("=");
-                env.put(pairs[0], pairs[1]);
-            }
-
-            tr = doExec(env, javaCmd, "-jar", testJarFile.getAbsolutePath());
-            verifyJavaLibraryPathGeneric(tr);
-        } else { // Solaris
+        if (TestHelper.isSolaris) {
             // no override
             env.clear();
             env.put(LD_LIBRARY_PATH, LD_LIBRARY_PATH_VALUE);
@@ -208,6 +200,14 @@
             // verify the override occurs for 64-bit system
             tr = doExec(env, javaCmd, "-jar", testJarFile.getAbsolutePath());
             verifyJavaLibraryPathOverride(tr, false);
+        } else {
+            for (String x : LD_PATH_STRINGS) {
+                String pairs[] = x.split("=");
+                env.put(pairs[0], pairs[1]);
+            }
+
+            tr = doExec(env, javaCmd, "-jar", testJarFile.getAbsolutePath());
+            verifyJavaLibraryPathGeneric(tr);
         }
     }