diff --git a/8057743-process-Synchronize-exiting-of-threads-and-p.patch b/8057743-process-Synchronize-exiting-of-threads-and-p.patch new file mode 100644 index 0000000000000000000000000000000000000000..25c783e438eaeeb562ae3d7c591cde28fee7c8ff --- /dev/null +++ b/8057743-process-Synchronize-exiting-of-threads-and-p.patch @@ -0,0 +1,303 @@ +From 120367d947c297709134167d3e4d8e1b91fe97f3 Mon Sep 17 00:00:00 2001 +From: z30010524 +Date: Tue, 14 Mar 2023 19:17:50 +0800 +Subject: [PATCH 10/15] 8057743: (process) Synchronize exiting of threads and + process [win] + +DTS/AR: DTS2023031516597 +Summary: :8057744: (process) Synchronize exiting of threads and process [win] +LLT: NA +Patch Type: backport +Bug url: https://bugs.openjdk.org/browse/JDK-8057744 +--- + hotspot/src/os/aix/vm/os_aix.inline.hpp | 5 ++ + hotspot/src/os/bsd/vm/os_bsd.inline.hpp | 4 + + hotspot/src/os/linux/vm/os_linux.inline.hpp | 4 + + .../src/os/solaris/vm/os_solaris.inline.hpp | 5 ++ + hotspot/src/os/windows/vm/os_windows.cpp | 87 +++++++++++++++++-- + hotspot/src/os/windows/vm/os_windows.hpp | 10 +++ + .../src/os/windows/vm/os_windows.inline.hpp | 4 + + hotspot/src/share/vm/runtime/java.cpp | 2 +- + hotspot/src/share/vm/runtime/os.hpp | 4 +- + 9 files changed, 115 insertions(+), 10 deletions(-) + +diff --git a/hotspot/src/os/aix/vm/os_aix.inline.hpp b/hotspot/src/os/aix/vm/os_aix.inline.hpp +index 421ea342e..afa034411 100644 +--- a/hotspot/src/os/aix/vm/os_aix.inline.hpp ++++ b/hotspot/src/os/aix/vm/os_aix.inline.hpp +@@ -245,4 +245,9 @@ inline int os::set_sock_opt(int fd, int level, int optname, + const char* optval, socklen_t optlen) { + return ::setsockopt(fd, level, optname, optval, optlen); + } ++ ++inline void os::exit(int num) { ++ ::exit(num); ++} ++ + #endif // OS_AIX_VM_OS_AIX_INLINE_HPP +diff --git a/hotspot/src/os/bsd/vm/os_bsd.inline.hpp b/hotspot/src/os/bsd/vm/os_bsd.inline.hpp +index c35abf486..1eff6b724 100644 +--- a/hotspot/src/os/bsd/vm/os_bsd.inline.hpp ++++ b/hotspot/src/os/bsd/vm/os_bsd.inline.hpp +@@ -247,4 +247,8 @@ inline int os::set_sock_opt(int fd, int level, int optname, + return ::setsockopt(fd, level, optname, optval, optlen); + } + ++inline void os::exit(int num) { ++ ::exit(num); ++} ++ + #endif // OS_BSD_VM_OS_BSD_INLINE_HPP +diff --git a/hotspot/src/os/linux/vm/os_linux.inline.hpp b/hotspot/src/os/linux/vm/os_linux.inline.hpp +index a23bd5631..eb8c8ca1b 100644 +--- a/hotspot/src/os/linux/vm/os_linux.inline.hpp ++++ b/hotspot/src/os/linux/vm/os_linux.inline.hpp +@@ -240,4 +240,8 @@ inline int os::set_sock_opt(int fd, int level, int optname, + return ::setsockopt(fd, level, optname, optval, optlen); + } + ++inline void os::exit(int num) { ++ ::exit(num); ++} ++ + #endif // OS_LINUX_VM_OS_LINUX_INLINE_HPP +diff --git a/hotspot/src/os/solaris/vm/os_solaris.inline.hpp b/hotspot/src/os/solaris/vm/os_solaris.inline.hpp +index 8e095ab69..aad6debf9 100644 +--- a/hotspot/src/os/solaris/vm/os_solaris.inline.hpp ++++ b/hotspot/src/os/solaris/vm/os_solaris.inline.hpp +@@ -223,4 +223,9 @@ inline int os::set_sock_opt(int fd, int level, int optname, + const char *optval, socklen_t optlen) { + return ::setsockopt(fd, level, optname, optval, optlen); + } ++ ++inline void os::exit(int num) { ++ ::exit(num); ++} ++ + #endif // OS_SOLARIS_VM_OS_SOLARIS_INLINE_HPP +diff --git a/hotspot/src/os/windows/vm/os_windows.cpp b/hotspot/src/os/windows/vm/os_windows.cpp +index 11bd14f6f..f0bc733c2 100644 +--- a/hotspot/src/os/windows/vm/os_windows.cpp ++++ b/hotspot/src/os/windows/vm/os_windows.cpp +@@ -22,8 +22,8 @@ + * + */ + +-// Must be at least Windows 2000 or XP to use IsDebuggerPresent +-#define _WIN32_WINNT 0x500 ++// Must be at least Windows Vista or Server 2008 to use InitOnceExecuteOnce ++#define _WIN32_WINNT 0x0600 + + // no precompiled headers + #include "classfile/classLoader.hpp" +@@ -432,6 +432,11 @@ static unsigned __stdcall java_start(Thread* thread) { + } + } + ++ // Diagnostic code to investigate JDK-6573254 ++ int res = 90115; // non-java thread ++ if (thread->is_Java_thread()) { ++ res = 60115; // java thread ++ } + + // Install a win32 structured exception handler around every thread created + // by VM, so VM can genrate error dump when an exception occurred in non- +@@ -450,7 +455,9 @@ static unsigned __stdcall java_start(Thread* thread) { + Atomic::dec_ptr((intptr_t*)&os::win32::_os_thread_count); + } + +- return 0; ++ // Thread must not return from exit_process_or_thread(), but if it does, ++ // let it proceed to exit normally ++ return (unsigned)os::win32::exit_process_or_thread(os::win32::EPT_THREAD, res); + } + + static OSThread* create_os_thread(Thread* thread, HANDLE thread_handle, int thread_id) { +@@ -1082,15 +1089,13 @@ void os::abort(bool dump_core, void* siginfo, void* context) { + win32::exit_process_or_thread(win32::EPT_PROCESS, 1); + } + +- +-void os::abort(bool dump_core) +-{ ++void os::abort(bool dump_core) { + abort(dump_core, NULL, NULL); + } + + // Die immediately, no exit hook, no abort hook, no cleanup. + void os::die() { +- _exit(-1); ++ win32::exit_process_or_thread(win32::EPT_PROCESS_DIE, -1); + } + + // Directory routines copied from src/win32/native/java/io/dirent_md.c +@@ -3857,6 +3862,11 @@ bool os::win32::_is_nt = false; + bool os::win32::_is_windows_2003 = false; + bool os::win32::_is_windows_server = false; + ++// 6573254 ++// Currently, the bug is observed across all the supported Windows releases, ++// including the latest one (as of this writing - Windows Server 2012 R2) ++bool os::win32::_has_exit_bug = true; ++ + void os::win32::initialize_system_info() { + SYSTEM_INFO si; + GetSystemInfo(&si); +@@ -3951,6 +3961,69 @@ HINSTANCE os::win32::load_Windows_dll(const char* name, char *ebuf, int ebuflen) + return NULL; + } + ++#define MIN_EXIT_MUTEXES 1 ++#define MAX_EXIT_MUTEXES 16 ++ ++struct ExitMutexes { ++ DWORD count; ++ HANDLE handles[MAX_EXIT_MUTEXES]; ++}; ++ ++static BOOL CALLBACK init_muts_call(PINIT_ONCE, PVOID ppmuts, PVOID*) { ++ static ExitMutexes muts; ++ ++ muts.count = os::processor_count(); ++ if (muts.count < MIN_EXIT_MUTEXES) { ++ muts.count = MIN_EXIT_MUTEXES; ++ } else if (muts.count > MAX_EXIT_MUTEXES) { ++ muts.count = MAX_EXIT_MUTEXES; ++ } ++ ++ for (DWORD i = 0; i < muts.count; ++i) { ++ muts.handles[i] = CreateMutex(NULL, FALSE, NULL); ++ if (muts.handles[i] == NULL) { ++ return FALSE; ++ } ++ } ++ *((ExitMutexes**)ppmuts) = &muts; ++ return TRUE; ++} ++ ++int os::win32::exit_process_or_thread(Ept what, int exit_code) { ++ if (os::win32::has_exit_bug()) { ++ static INIT_ONCE init_once_muts = INIT_ONCE_STATIC_INIT; ++ static ExitMutexes* pmuts; ++ ++ if (!InitOnceExecuteOnce(&init_once_muts, init_muts_call, &pmuts, NULL)) { ++ warning("ExitMutex initialization failed in %s: %d\n", __FILE__, __LINE__); ++ } else if (WaitForMultipleObjects(pmuts->count, pmuts->handles, ++ (what != EPT_THREAD), // exiting process waits for all mutexes ++ INFINITE) == WAIT_FAILED) { ++ warning("ExitMutex acquisition failed in %s: %d\n", __FILE__, __LINE__); ++ } ++ } ++ ++ switch (what) { ++ case EPT_THREAD: ++ _endthreadex((unsigned)exit_code); ++ break; ++ ++ case EPT_PROCESS: ++ ::exit(exit_code); ++ break; ++ ++ case EPT_PROCESS_DIE: ++ _exit(exit_code); ++ break; ++ } ++ ++ // should not reach here ++ return exit_code; ++} ++ ++#undef MIN_EXIT_MUTEXES ++#undef MAX_EXIT_MUTEXES ++ + void os::win32::setmode_streams() { + _setmode(_fileno(stdin), _O_BINARY); + _setmode(_fileno(stdout), _O_BINARY); +diff --git a/hotspot/src/os/windows/vm/os_windows.hpp b/hotspot/src/os/windows/vm/os_windows.hpp +index 20e2ca2f5..3fdc9bcd6 100644 +--- a/hotspot/src/os/windows/vm/os_windows.hpp ++++ b/hotspot/src/os/windows/vm/os_windows.hpp +@@ -31,6 +31,7 @@ static bool zero_page_read_protected() { return true; } + + class win32 { + friend class os; ++ friend unsigned __stdcall java_start(class Thread*); + + protected: + static int _vm_page_size; +@@ -42,6 +43,7 @@ class win32 { + static bool _is_nt; + static bool _is_windows_2003; + static bool _is_windows_server; ++ static bool _has_exit_bug; + + static void print_windows_version(outputStream* st); + +@@ -63,6 +65,11 @@ class win32 { + // load dll from Windows system directory or Windows directory + static HINSTANCE load_Windows_dll(const char* name, char *ebuf, int ebuflen); + ++ private: ++ enum Ept { EPT_THREAD, EPT_PROCESS, EPT_PROCESS_DIE }; ++ // Wrapper around _endthreadex(), exit() and _exit() ++ static int exit_process_or_thread(Ept what, int exit_code); ++ + public: + // Generic interface: + +@@ -79,6 +86,9 @@ class win32 { + // Tells whether the platform is Windows 2003 + static bool is_windows_2003() { return _is_windows_2003; } + ++ // Tells whether there can be the race bug during process exit on this platform ++ static bool has_exit_bug() { return _has_exit_bug; } ++ + // Returns the byte size of a virtual memory page + static int vm_page_size() { return _vm_page_size; } + +diff --git a/hotspot/src/os/windows/vm/os_windows.inline.hpp b/hotspot/src/os/windows/vm/os_windows.inline.hpp +index 5dac11c90..83c51935d 100644 +--- a/hotspot/src/os/windows/vm/os_windows.inline.hpp ++++ b/hotspot/src/os/windows/vm/os_windows.inline.hpp +@@ -96,6 +96,10 @@ inline int os::close(int fd) { + return ::close(fd); + } + ++inline void os::exit(int num) { ++ win32::exit_process_or_thread(win32::EPT_PROCESS, num); ++} ++ + #define CALL_TEST_FUNC_WITH_WRAPPER_IF_NEEDED(f) \ + os::win32::call_test_func_with_wrapper(f) + +diff --git a/hotspot/src/share/vm/runtime/java.cpp b/hotspot/src/share/vm/runtime/java.cpp +index 5b82a7a36..c72a5a766 100644 +--- a/hotspot/src/share/vm/runtime/java.cpp ++++ b/hotspot/src/share/vm/runtime/java.cpp +@@ -625,7 +625,7 @@ void notify_vm_shutdown() { + void vm_direct_exit(int code) { + notify_vm_shutdown(); + os::wait_for_keypress_at_exit(); +- ::exit(code); ++ os::exit(code); + } + + void vm_perform_shutdown_actions() { +diff --git a/hotspot/src/share/vm/runtime/os.hpp b/hotspot/src/share/vm/runtime/os.hpp +index e696321ab..6ca220021 100644 +--- a/hotspot/src/share/vm/runtime/os.hpp ++++ b/hotspot/src/share/vm/runtime/os.hpp +@@ -545,8 +545,8 @@ class os: AllStatic { + // run cmd in a separate process and return its exit code; or -1 on failures + static int fork_and_exec(char *cmd, bool use_vfork_if_available = false); + +- // os::exit() is merged with vm_exit() +- // static void exit(int num); ++ // Call ::exit() on all platforms but Windows ++ static void exit(int num); + + // Terminate the VM, but don't exit the process + static void shutdown(); +-- +2.19.0 + diff --git a/8074354-Make-CreateMinidumpOnCrash-a-new-name-and-av.patch b/8074354-Make-CreateMinidumpOnCrash-a-new-name-and-av.patch new file mode 100644 index 0000000000000000000000000000000000000000..d2843ca669659591b59cafcd223dee139ac26ff3 --- /dev/null +++ b/8074354-Make-CreateMinidumpOnCrash-a-new-name-and-av.patch @@ -0,0 +1,468 @@ +From b48d4df404756872fb7b1ef7be5f9880ba6a0abc Mon Sep 17 00:00:00 2001 +From: zhangyunbo +Date: Sun, 29 Jan 2023 10:44:01 +0800 +Subject: [PATCH 07/15] 8074354: Make CreateMinidumpOnCrash a new name and + available on all platforms + +DTS/AR: AR.SR.ccd816c9.001 +Summary: :8074354: Make CreateMinidumpOnCrash a new name and available on all platforms +LLT: NA +Patch Type: backport +Bug url: https://bugs.openjdk.org/browse/JDK-8074354 +--- + hotspot/src/os/aix/vm/os_aix.cpp | 4 + + hotspot/src/os/bsd/vm/os_bsd.cpp | 4 + + hotspot/src/os/linux/vm/os_linux.cpp | 4 + + hotspot/src/os/posix/vm/os_posix.cpp | 4 +- + hotspot/src/os/solaris/vm/os_solaris.cpp | 4 + + hotspot/src/os/windows/vm/os_windows.cpp | 117 +++++++++--------- + hotspot/src/share/vm/runtime/arguments.cpp | 9 ++ + hotspot/src/share/vm/runtime/globals.hpp | 4 +- + hotspot/src/share/vm/runtime/os.hpp | 10 +- + hotspot/src/share/vm/utilities/vmError.cpp | 19 +-- + hotspot/src/share/vm/utilities/vmError.hpp | 6 +- + hotspot/test/runtime/Unsafe/RangeCheck.java | 1 + + .../runtime/memory/ReadFromNoaccessArea.java | 1 + + .../test/runtime/memory/ReserveMemory.java | 1 + + 14 files changed, 111 insertions(+), 77 deletions(-) + +diff --git a/hotspot/src/os/aix/vm/os_aix.cpp b/hotspot/src/os/aix/vm/os_aix.cpp +index 519b08550..6838f33bc 100644 +--- a/hotspot/src/os/aix/vm/os_aix.cpp ++++ b/hotspot/src/os/aix/vm/os_aix.cpp +@@ -1214,6 +1214,10 @@ void os::shutdown() { + // called from signal handler. Before adding something to os::abort(), make + // sure it is async-safe and can handle partially initialized VM. + void os::abort(bool dump_core) { ++ abort(dump_core, NULL, NULL); ++} ++ ++void os::abort(bool dump_core, void* siginfo, void* context) { + os::shutdown(); + if (dump_core) { + #ifndef PRODUCT +diff --git a/hotspot/src/os/bsd/vm/os_bsd.cpp b/hotspot/src/os/bsd/vm/os_bsd.cpp +index 85e28619c..765b60c0d 100644 +--- a/hotspot/src/os/bsd/vm/os_bsd.cpp ++++ b/hotspot/src/os/bsd/vm/os_bsd.cpp +@@ -1147,6 +1147,10 @@ void os::shutdown() { + // called from signal handler. Before adding something to os::abort(), make + // sure it is async-safe and can handle partially initialized VM. + void os::abort(bool dump_core) { ++ abort(dump_core, NULL, NULL); ++} ++ ++void os::abort(bool dump_core, void* siginfo, void* context) { + os::shutdown(); + if (dump_core) { + #ifndef PRODUCT +diff --git a/hotspot/src/os/linux/vm/os_linux.cpp b/hotspot/src/os/linux/vm/os_linux.cpp +index b82352c9f..05c8b254c 100644 +--- a/hotspot/src/os/linux/vm/os_linux.cpp ++++ b/hotspot/src/os/linux/vm/os_linux.cpp +@@ -1588,6 +1588,10 @@ void os::shutdown() { + // called from signal handler. Before adding something to os::abort(), make + // sure it is async-safe and can handle partially initialized VM. + void os::abort(bool dump_core) { ++ abort(dump_core, NULL, NULL); ++} ++ ++void os::abort(bool dump_core, void* siginfo, void* context) { + os::shutdown(); + if (dump_core) { + #ifndef PRODUCT +diff --git a/hotspot/src/os/posix/vm/os_posix.cpp b/hotspot/src/os/posix/vm/os_posix.cpp +index d2663bd86..678a1059f 100644 +--- a/hotspot/src/os/posix/vm/os_posix.cpp ++++ b/hotspot/src/os/posix/vm/os_posix.cpp +@@ -48,7 +48,7 @@ PRAGMA_FORMAT_MUTE_WARNINGS_FOR_GCC + #define ROOT_UID 0 + + // Check core dump limit and report possible place where core can be found +-void os::check_or_create_dump(void* exceptionRecord, void* contextRecord, char* buffer, size_t bufferSize) { ++void os::check_dump_limit(char* buffer, size_t bufferSize) { + int n; + struct rlimit rlim; + bool success; +@@ -74,7 +74,7 @@ void os::check_or_create_dump(void* exceptionRecord, void* contextRecord, char* + break; + } + } +- VMError::report_coredump_status(buffer, success); ++ VMError::record_coredump_status(buffer, success); + } + + int os::get_native_stack(address* stack, int frames, int toSkip) { +diff --git a/hotspot/src/os/solaris/vm/os_solaris.cpp b/hotspot/src/os/solaris/vm/os_solaris.cpp +index d995f51e3..9f8c6a9bf 100644 +--- a/hotspot/src/os/solaris/vm/os_solaris.cpp ++++ b/hotspot/src/os/solaris/vm/os_solaris.cpp +@@ -1581,6 +1581,10 @@ void os::shutdown() { + // called from signal handler. Before adding something to os::abort(), make + // sure it is async-safe and can handle partially initialized VM. + void os::abort(bool dump_core) { ++ abort(dump_core, NULL, NULL); ++} ++ ++void os::abort(bool dump_core, void* siginfo, void* context) { + os::shutdown(); + if (dump_core) { + #ifndef PRODUCT +diff --git a/hotspot/src/os/windows/vm/os_windows.cpp b/hotspot/src/os/windows/vm/os_windows.cpp +index 23dec5b67..11bd14f6f 100644 +--- a/hotspot/src/os/windows/vm/os_windows.cpp ++++ b/hotspot/src/os/windows/vm/os_windows.cpp +@@ -980,7 +980,43 @@ void os::shutdown() { + static BOOL (WINAPI *_MiniDumpWriteDump) ( HANDLE, DWORD, HANDLE, MINIDUMP_TYPE, PMINIDUMP_EXCEPTION_INFORMATION, + PMINIDUMP_USER_STREAM_INFORMATION, PMINIDUMP_CALLBACK_INFORMATION); + +-void os::check_or_create_dump(void* exceptionRecord, void* contextRecord, char* buffer, size_t bufferSize) { ++static HANDLE dumpFile = NULL; ++ ++// Check if dump file can be created. ++void os::check_dump_limit(char* buffer, size_t buffsz) { ++ bool status = true; ++ if (!FLAG_IS_DEFAULT(CreateCoredumpOnCrash) && !CreateCoredumpOnCrash) { ++ jio_snprintf(buffer, buffsz, "CreateCoredumpOnCrash is disabled from command line"); ++ status = false; ++ } ++ ++#ifndef ASSERT ++ if (!os::win32::is_windows_server() && FLAG_IS_DEFAULT(CreateCoredumpOnCrash)) { ++ jio_snprintf(buffer, buffsz, "Minidumps are not enabled by default on client versions of Windows"); ++ status = false; ++ } ++#endif ++ ++ if (status) { ++ const char* cwd = get_current_directory(NULL, 0); ++ int pid = current_process_id(); ++ if (cwd != NULL) { ++ jio_snprintf(buffer, buffsz, "%s\\hs_err_pid%u.mdmp", cwd, pid); ++ } else { ++ jio_snprintf(buffer, buffsz, ".\\hs_err_pid%u.mdmp", pid); ++ } ++ ++ if (dumpFile == NULL && ++ (dumpFile = CreateFile(buffer, GENERIC_WRITE, 0, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL)) ++ == INVALID_HANDLE_VALUE) { ++ jio_snprintf(buffer, buffsz, "Failed to create minidump file (0x%x).", GetLastError()); ++ status = false; ++ } ++ } ++ VMError::record_coredump_status(buffer, status); ++} ++ ++void os::abort(bool dump_core, void* siginfo, void* context) { + HINSTANCE dbghelp; + EXCEPTION_POINTERS ep; + MINIDUMP_EXCEPTION_INFORMATION mei; +@@ -988,33 +1024,22 @@ void os::check_or_create_dump(void* exceptionRecord, void* contextRecord, char* + + HANDLE hProcess = GetCurrentProcess(); + DWORD processId = GetCurrentProcessId(); +- HANDLE dumpFile; + MINIDUMP_TYPE dumpType; +- static const char* cwd; + +-// Default is to always create dump for debug builds, on product builds only dump on server versions of Windows. +-#ifndef ASSERT +- // If running on a client version of Windows and user has not explicitly enabled dumping +- if (!os::win32::is_windows_server() && !CreateMinidumpOnCrash) { +- VMError::report_coredump_status("Minidumps are not enabled by default on client versions of Windows", false); +- return; +- // If running on a server version of Windows and user has explictly disabled dumping +- } else if (os::win32::is_windows_server() && !FLAG_IS_DEFAULT(CreateMinidumpOnCrash) && !CreateMinidumpOnCrash) { +- VMError::report_coredump_status("Minidump has been disabled from the command line", false); +- return; +- } +-#else +- if (!FLAG_IS_DEFAULT(CreateMinidumpOnCrash) && !CreateMinidumpOnCrash) { +- VMError::report_coredump_status("Minidump has been disabled from the command line", false); +- return; ++ shutdown(); ++ if (!dump_core || dumpFile == NULL) { ++ if (dumpFile != NULL) { ++ CloseHandle(dumpFile); ++ } ++ win32::exit_process_or_thread(win32::EPT_PROCESS, 1); + } +-#endif + + dbghelp = os::win32::load_Windows_dll("DBGHELP.DLL", NULL, 0); + + if (dbghelp == NULL) { +- VMError::report_coredump_status("Failed to load dbghelp.dll", false); +- return; ++ jio_fprintf(stderr, "Failed to load dbghelp.dll\n"); ++ CloseHandle(dumpFile); ++ win32::exit_process_or_thread(win32::EPT_PROCESS, 1); + } + + _MiniDumpWriteDump = CAST_TO_FN_PTR( +@@ -1023,30 +1048,22 @@ void os::check_or_create_dump(void* exceptionRecord, void* contextRecord, char* + GetProcAddress(dbghelp, "MiniDumpWriteDump")); + + if (_MiniDumpWriteDump == NULL) { +- VMError::report_coredump_status("Failed to find MiniDumpWriteDump() in module dbghelp.dll", false); +- return; ++ jio_fprintf(stderr, "Failed to find MiniDumpWriteDump() in module dbghelp.dll.\n"); ++ CloseHandle(dumpFile); ++ win32::exit_process_or_thread(win32::EPT_PROCESS, 1); + } + + dumpType = (MINIDUMP_TYPE)(MiniDumpWithFullMemory | MiniDumpWithHandleData); + +-// Older versions of dbghelp.h doesn't contain all the dumptypes we want, dbghelp.h with +-// API_VERSION_NUMBER 11 or higher contains the ones we want though ++ // Older versions of dbghelp.h do not contain all the dumptypes we want, dbghelp.h with ++ // API_VERSION_NUMBER 11 or higher contains the ones we want though + #if API_VERSION_NUMBER >= 11 + dumpType = (MINIDUMP_TYPE)(dumpType | MiniDumpWithFullMemoryInfo | MiniDumpWithThreadInfo | + MiniDumpWithUnloadedModules); + #endif +- +- cwd = get_current_directory(NULL, 0); +- jio_snprintf(buffer, bufferSize, "%s\\hs_err_pid%u.mdmp",cwd, current_process_id()); +- dumpFile = CreateFile(buffer, GENERIC_WRITE, 0, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL); +- +- if (dumpFile == INVALID_HANDLE_VALUE) { +- VMError::report_coredump_status("Failed to create file for dumping", false); +- return; +- } +- if (exceptionRecord != NULL && contextRecord != NULL) { +- ep.ContextRecord = (PCONTEXT) contextRecord; +- ep.ExceptionRecord = (PEXCEPTION_RECORD) exceptionRecord; ++ if (siginfo != NULL && context != NULL) { ++ ep.ContextRecord = (PCONTEXT) context; ++ ep.ExceptionRecord = (PEXCEPTION_RECORD) siginfo; + + mei.ThreadId = GetCurrentThreadId(); + mei.ExceptionPointers = &ep; +@@ -1055,40 +1072,20 @@ void os::check_or_create_dump(void* exceptionRecord, void* contextRecord, char* + pmei = NULL; + } + +- + // Older versions of dbghelp.dll (the one shipped with Win2003 for example) may not support all + // the dump types we really want. If first call fails, lets fall back to just use MiniDumpWithFullMemory then. + if (_MiniDumpWriteDump(hProcess, processId, dumpFile, dumpType, pmei, NULL, NULL) == false && + _MiniDumpWriteDump(hProcess, processId, dumpFile, (MINIDUMP_TYPE)MiniDumpWithFullMemory, pmei, NULL, NULL) == false) { +- DWORD error = GetLastError(); +- LPTSTR msgbuf = NULL; +- +- if (FormatMessage(FORMAT_MESSAGE_ALLOCATE_BUFFER | +- FORMAT_MESSAGE_FROM_SYSTEM | +- FORMAT_MESSAGE_IGNORE_INSERTS, +- NULL, error, 0, (LPTSTR)&msgbuf, 0, NULL) != 0) { +- +- jio_snprintf(buffer, bufferSize, "Call to MiniDumpWriteDump() failed (Error 0x%x: %s)", error, msgbuf); +- LocalFree(msgbuf); +- } else { +- // Call to FormatMessage failed, just include the result from GetLastError +- jio_snprintf(buffer, bufferSize, "Call to MiniDumpWriteDump() failed (Error 0x%x)", error); +- } +- VMError::report_coredump_status(buffer, false); +- } else { +- VMError::report_coredump_status(buffer, true); ++ jio_fprintf(stderr, "Call to MiniDumpWriteDump() failed (Error 0x%x)\n", GetLastError()); + } +- + CloseHandle(dumpFile); ++ win32::exit_process_or_thread(win32::EPT_PROCESS, 1); + } + + +- + void os::abort(bool dump_core) + { +- os::shutdown(); +- // no core dump on Windows +- ::exit(1); ++ abort(dump_core, NULL, NULL); + } + + // Die immediately, no exit hook, no abort hook, no cleanup. +diff --git a/hotspot/src/share/vm/runtime/arguments.cpp b/hotspot/src/share/vm/runtime/arguments.cpp +index b0b541482..43fdd0b49 100644 +--- a/hotspot/src/share/vm/runtime/arguments.cpp ++++ b/hotspot/src/share/vm/runtime/arguments.cpp +@@ -3599,6 +3599,15 @@ jint Arguments::parse_each_vm_init_arg(const JavaVMInitArgs* args, + } else if (match_jfr_option(&option)) { + return JNI_EINVAL; + #endif ++ // CreateMinidumpOnCrash is removed, and replaced by CreateCoredumpOnCrash ++ } else if (match_option(option, "-XX:+CreateMinidumpOnCrash", &tail)) { ++ FLAG_SET_CMDLINE(bool, CreateCoredumpOnCrash, true); ++ jio_fprintf(defaultStream::output_stream(), ++ "CreateMinidumpOnCrash is replaced by CreateCoredumpOnCrash: CreateCoredumpOnCrash is on\n"); ++ } else if (match_option(option, "-XX:-CreateMinidumpOnCrash", &tail)) { ++ FLAG_SET_CMDLINE(bool, CreateCoredumpOnCrash, false); ++ jio_fprintf(defaultStream::output_stream(), ++ "CreateMinidumpOnCrash is replaced by CreateCoredumpOnCrash: CreateCoredumpOnCrash is off\n"); + } else if (match_option(option, "-XX:", &tail)) { // -XX:xxxx + // Skip -XX:Flags= since that case has already been handled + if (strncmp(tail, "Flags=", strlen("Flags=")) != 0) { +diff --git a/hotspot/src/share/vm/runtime/globals.hpp b/hotspot/src/share/vm/runtime/globals.hpp +index 3dd4c51a9..3b2776ce5 100644 +--- a/hotspot/src/share/vm/runtime/globals.hpp ++++ b/hotspot/src/share/vm/runtime/globals.hpp +@@ -948,8 +948,8 @@ class CommandLineFlags { + product(bool, ShowMessageBoxOnError, false, \ + "Keep process alive on VM fatal error") \ + \ +- product(bool, CreateMinidumpOnCrash, false, \ +- "Create minidump on VM fatal error") \ ++ product(bool, CreateCoredumpOnCrash, true, \ ++ "Create core/mini dump on VM fatal error") \ + \ + product_pd(bool, UseOSErrorReporting, \ + "Let VM fatal error propagate to the OS (ie. WER on Windows)") \ +diff --git a/hotspot/src/share/vm/runtime/os.hpp b/hotspot/src/share/vm/runtime/os.hpp +index 092459c99..e696321ab 100644 +--- a/hotspot/src/share/vm/runtime/os.hpp ++++ b/hotspot/src/share/vm/runtime/os.hpp +@@ -553,6 +553,7 @@ class os: AllStatic { + + // Terminate with an error. Default is to generate a core file on platforms + // that support such things. This calls shutdown() and then aborts. ++ static void abort(bool dump_core, void *siginfo, void *context); + static void abort(bool dump_core = true); + + // Die immediately, no exit hook, no abort hook, no cleanup. +@@ -803,8 +804,13 @@ class os: AllStatic { + // Structured OS Exception support + static void os_exception_wrapper(java_call_t f, JavaValue* value, methodHandle* method, JavaCallArguments* args, Thread* thread); + +- // On Windows this will create an actual minidump, on Linux/Solaris it will simply check core dump limits +- static void check_or_create_dump(void* exceptionRecord, void* contextRecord, char* buffer, size_t bufferSize); ++ // On Posix compatible OS it will simply check core dump limits while on Windows ++ // it will check if dump file can be created. Check or prepare a core dump to be ++ // taken at a later point in the same thread in os::abort(). Use the caller ++ // provided buffer as a scratch buffer. The status message which will be written ++ // into the error log either is file location or a short error message, depending ++ // on the checking result. ++ static void check_dump_limit(char* buffer, size_t bufferSize); + + // Get the default path to the core file + // Returns the length of the string +diff --git a/hotspot/src/share/vm/utilities/vmError.cpp b/hotspot/src/share/vm/utilities/vmError.cpp +index 26408fa5e..56ae50fe5 100644 +--- a/hotspot/src/share/vm/utilities/vmError.cpp ++++ b/hotspot/src/share/vm/utilities/vmError.cpp +@@ -220,7 +220,7 @@ static void print_bug_submit_message(outputStream *out, Thread *thread) { + bool VMError::coredump_status; + char VMError::coredump_message[O_BUFLEN]; + +-void VMError::report_coredump_status(const char* message, bool status) { ++void VMError::record_coredump_status(const char* message, bool status) { + coredump_status = status; + strncpy(coredump_message, message, sizeof(coredump_message)); + coredump_message[sizeof(coredump_message)-1] = 0; +@@ -533,10 +533,14 @@ void VMError::report(outputStream* st) { + } + STEP(63, "(printing core file information)") + st->print("# "); +- if (coredump_status) { +- st->print("Core dump written. Default location: %s", coredump_message); ++ if (CreateCoredumpOnCrash) { ++ if (coredump_status) { ++ st->print("Core dump will be written. %s", coredump_message); ++ } else { ++ st->print("No core dump will be written. %s", coredump_message); ++ } + } else { +- st->print("Failed to write core dump. %s", coredump_message); ++ st->print("CreateCoredumpOnCrash turned off, no core file dumped"); + } + st->cr(); + st->print_cr("#"); +@@ -944,7 +948,7 @@ void VMError::report_and_die() { + static bool transmit_report_done = false; // done error reporting + + if (SuppressFatalErrorMessage) { +- os::abort(); ++ os::abort(CreateCoredumpOnCrash); + } + jlong mytid = os::current_thread_id(); + if (first_error == NULL && +@@ -962,8 +966,7 @@ void VMError::report_and_die() { + ShowMessageBoxOnError = false; + } + +- // Write a minidump on Windows, check core dump limits on Linux/Solaris +- os::check_or_create_dump(_siginfo, _context, buffer, sizeof(buffer)); ++ os::check_dump_limit(buffer, sizeof(buffer)); + + // reset signal handlers or exception filter; make sure recursive crashes + // are handled properly. +@@ -1153,7 +1156,7 @@ void VMError::report_and_die() { + if (!skip_os_abort) { + skip_os_abort = true; + bool dump_core = should_report_bug(first_error->_id); +- os::abort(dump_core); ++ os::abort(dump_core && CreateCoredumpOnCrash, _siginfo, _context); + } + + // if os::abort() doesn't abort, try os::die(); +diff --git a/hotspot/src/share/vm/utilities/vmError.hpp b/hotspot/src/share/vm/utilities/vmError.hpp +index 21db84d0c..dc455c6fa 100644 +--- a/hotspot/src/share/vm/utilities/vmError.hpp ++++ b/hotspot/src/share/vm/utilities/vmError.hpp +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 2003, 2015, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -117,8 +117,8 @@ public: + // return a string to describe the error + char *error_string(char* buf, int buflen); + +- // Report status of core/minidump +- static void report_coredump_status(const char* message, bool status); ++ // Record status of core/minidump ++ static void record_coredump_status(const char* message, bool status); + + // main error reporting function + void report_and_die(); +diff --git a/hotspot/test/runtime/Unsafe/RangeCheck.java b/hotspot/test/runtime/Unsafe/RangeCheck.java +index 9ded944cb..602f22500 100644 +--- a/hotspot/test/runtime/Unsafe/RangeCheck.java ++++ b/hotspot/test/runtime/Unsafe/RangeCheck.java +@@ -43,6 +43,7 @@ public class RangeCheck { + true, + "-Xmx32m", + "-XX:-TransmitErrorReport", ++ "-XX:-CreateCoredumpOnCrash", + DummyClassWithMainRangeCheck.class.getName()); + + OutputAnalyzer output = new OutputAnalyzer(pb.start()); +diff --git a/hotspot/test/runtime/memory/ReadFromNoaccessArea.java b/hotspot/test/runtime/memory/ReadFromNoaccessArea.java +index 1078dd2e4..b2a58ae0a 100644 +--- a/hotspot/test/runtime/memory/ReadFromNoaccessArea.java ++++ b/hotspot/test/runtime/memory/ReadFromNoaccessArea.java +@@ -45,6 +45,7 @@ public class ReadFromNoaccessArea { + "-Xbootclasspath/a:.", + "-XX:+UnlockDiagnosticVMOptions", + "-XX:+WhiteBoxAPI", ++ "-XX:-CreateCoredumpOnCrash", + "-XX:+UseCompressedOops", + "-XX:HeapBaseMinAddress=33G", + DummyClassWithMainTryingToReadFromNoaccessArea.class.getName()); +diff --git a/hotspot/test/runtime/memory/ReserveMemory.java b/hotspot/test/runtime/memory/ReserveMemory.java +index 9e37d52cc..ef4dde1a7 100644 +--- a/hotspot/test/runtime/memory/ReserveMemory.java ++++ b/hotspot/test/runtime/memory/ReserveMemory.java +@@ -57,6 +57,7 @@ public class ReserveMemory { + "-XX:+UnlockDiagnosticVMOptions", + "-XX:+WhiteBoxAPI", + "-XX:-TransmitErrorReport", ++ "-XX:-CreateCoredumpOnCrash", + "ReserveMemory", + "test"); + +-- +2.19.0 + diff --git a/8202951-Support-default-jsa.patch b/8202951-Support-default-jsa.patch index 0724ff1c97e131598afaf47223b5bafdff75b8fe..331b62593491332585165037170c83a9ee14111f 100644 --- a/8202951-Support-default-jsa.patch +++ b/8202951-Support-default-jsa.patch @@ -171,8 +171,8 @@ diff --git a/common/autoconf/spec.gmk.in b/common/autoconf/spec.gmk.in index 4c3a9f61..79248cbf 100644 --- a/common/autoconf/spec.gmk.in +++ b/common/autoconf/spec.gmk.in -@@ -611,6 +611,10 @@ LIBZIP_CAN_USE_MMAP:=@LIBZIP_CAN_USE_MMAP@ - MSVCR_DLL:=@MSVCR_DLL@ +@@ -612,6 +612,10 @@ LIBZIP_CAN_USE_MMAP:=@LIBZIP_CAN_USE_MMAP@ + VCRUNTIME_1_DLL:=@VCRUNTIME_1_DLL@ MSVCP_DLL:=@MSVCP_DLL@ UCRT_DLL_DIR:=@UCRT_DLL_DIR@ +# CDS_ARCHIVE diff --git a/8204595-add-more-thread-related-system-settings-info.patch b/8204595-add-more-thread-related-system-settings-info.patch index 47dc73d4692ad032002e9d96d7bcbed6a4e558df..24edd30878e00c5422c3924f639c94cf2af07f70 100644 --- a/8204595-add-more-thread-related-system-settings-info.patch +++ b/8204595-add-more-thread-related-system-settings-info.patch @@ -1,5 +1,4 @@ From 16caa051cb7299312cdaf9d79eaef01d294474f6 Mon Sep 17 00:00:00 2001 -From: eapen Date: Thu, 15 Dec 2022 17:06:41 +0800 Subject: [PATCH 21/33] I68TO2: 8204595: add more thread-related system settings info to hs_error file on Linux @@ -44,7 +43,7 @@ index abf2031..1ec68ab 100644 +} + void os::Linux::print_container_info(outputStream* st) { - if (!OSContainer::is_containerized()) { + if (!OSContainer::is_containerized()) { return; @@ -6928,4 +6948,4 @@ bool os::trim_native_heap(os::size_change_t* rss_change) { #else diff --git a/8257695-linux-Add-process-memory-information-to-hs-e.patch b/8257695-linux-Add-process-memory-information-to-hs-e.patch index 7cd83f422d0fa48247ce6de1b4365ed5c91e1a75..f94afff3f1e160f2abddc9863f7da8ad3c312c7e 100644 --- a/8257695-linux-Add-process-memory-information-to-hs-e.patch +++ b/8257695-linux-Add-process-memory-information-to-hs-e.patch @@ -1,5 +1,4 @@ From d68c637a36b65d0bce893991e9c910efbc06239a Mon Sep 17 00:00:00 2001 -From: eapen Date: Mon, 12 Dec 2022 16:10:41 +0800 Subject: [PATCH 10/33] I68TO2: 8257695: [linux] Add process-memory information to hs-err and VM.info @@ -22,7 +21,7 @@ index 6dbedf5..4c265d5 100644 PRAGMA_FORMAT_MUTE_WARNINGS_FOR_GCC -@@ -2216,7 +2219,10 @@ void os::print_os_info(outputStream* st) { +@@ -2215,7 +2218,10 @@ void os::print_os_info(outputStream* st) { os::Posix::print_load_average(st); @@ -34,7 +33,7 @@ index 6dbedf5..4c265d5 100644 os::Linux::print_container_info(st); } -@@ -2278,12 +2284,69 @@ void os::Linux::print_libversion_info(outputStream* st) { +@@ -2280,12 +2286,69 @@ void os::Linux::print_libversion_info(outputStream* st) { st->cr(); } @@ -103,7 +102,7 @@ index 6dbedf5..4c265d5 100644 +} + void os::Linux::print_container_info(outputStream* st) { - if (!OSContainer::is_containerized()) { + if (!OSContainer::is_containerized()) { return; diff --git a/hotspot/src/os/linux/vm/os_linux.hpp b/hotspot/src/os/linux/vm/os_linux.hpp index c674882..066b03a 100644 diff --git a/8287109-Distrust-failed-with-CertificateExpired.patch b/8287109-Distrust-failed-with-CertificateExpired.patch deleted file mode 100644 index 11a8755508584eac643789f7ab155d4fba5a59b2..0000000000000000000000000000000000000000 --- a/8287109-Distrust-failed-with-CertificateExpired.patch +++ /dev/null @@ -1,237 +0,0 @@ -From d2d3408154beb52370ee8784767375a7cc8d325d Mon Sep 17 00:00:00 2001 -Date: Wed, 21 Sep 2022 10:31:17 +0800 -Subject: 8287109: Distrust.java failed with CertificateExpiredException - ---- - .../Symantec/Distrust.java | 26 +++++- - .../Symantec/appleistca2g1-chain.pem | 80 ------------------- - .../Symantec/geotrustglobalca-chain.pem | 66 --------------- - 3 files changed, 23 insertions(+), 149 deletions(-) - delete mode 100644 jdk/test/sun/security/ssl/X509TrustManagerImpl/Symantec/appleistca2g1-chain.pem - delete mode 100644 jdk/test/sun/security/ssl/X509TrustManagerImpl/Symantec/geotrustglobalca-chain.pem - -diff --git a/jdk/test/sun/security/ssl/X509TrustManagerImpl/Symantec/Distrust.java b/jdk/test/sun/security/ssl/X509TrustManagerImpl/Symantec/Distrust.java -index d394f417..22266255 100644 ---- a/jdk/test/sun/security/ssl/X509TrustManagerImpl/Symantec/Distrust.java -+++ b/jdk/test/sun/security/ssl/X509TrustManagerImpl/Symantec/Distrust.java -@@ -51,15 +51,14 @@ public class Distrust { - // Each of the roots have a test certificate chain stored in a file - // named "-chain.pem". - private static String[] rootsToTest = new String[] { -- "geotrustglobalca", "geotrustprimarycag2", "geotrustprimarycag3", -+ "geotrustprimarycag2", "geotrustprimarycag3", - "geotrustuniversalca", "thawteprimaryrootca", "thawteprimaryrootcag2", - "thawteprimaryrootcag3", "verisignclass3g3ca", "verisignclass3g4ca", - "verisignclass3g5ca", "verisignuniversalrootca" }; - - // Each of the subCAs with a delayed distrust date have a test certificate - // chain stored in a file named "-chain.pem". -- private static String[] subCAsToTest = new String[] { -- "appleistca2g1", "appleistca8g1" }; -+ private static String[] subCAsToTest = new String[] {"appleistca8g1"}; - - // A date that is after the restrictions take affect - private static final Date APRIL_17_2019 = -@@ -177,6 +176,11 @@ public class Distrust { - throw new Exception("chain should be invalid"); - } - } catch (CertificateException ce) { -+ // expired TLS certificates should not be treated as failure -+ if (expired(ce)) { -+ System.err.println("Test is N/A, chain is expired"); -+ return; -+ } - if (valid) { - throw new Exception("Unexpected exception, chain " + - "should be valid", ce); -@@ -184,6 +188,7 @@ public class Distrust { - if (ce instanceof ValidatorException) { - ValidatorException ve = (ValidatorException)ce; - if (ve.getErrorType() != ValidatorException.T_UNTRUSTED_CERT) { -+ ce.printStackTrace(System.err); - throw new Exception("Unexpected exception: " + ce); - } - } else { -@@ -192,6 +197,21 @@ public class Distrust { - } - } - -+ // check if a cause of exception is an expired cert -+ private static boolean expired(CertificateException ce) { -+ if (ce instanceof CertificateExpiredException) { -+ return true; -+ } -+ Throwable t = ce.getCause(); -+ while (t != null) { -+ if (t instanceof CertificateExpiredException) { -+ return true; -+ } -+ t = t.getCause(); -+ } -+ return false; -+ } -+ - private static X509Certificate[] loadCertificateChain(String name) - throws Exception { - try (InputStream in = new FileInputStream(TEST_SRC + File.separator + -diff --git a/jdk/test/sun/security/ssl/X509TrustManagerImpl/Symantec/appleistca2g1-chain.pem b/jdk/test/sun/security/ssl/X509TrustManagerImpl/Symantec/appleistca2g1-chain.pem -deleted file mode 100644 -index 0235631d..00000000 ---- a/jdk/test/sun/security/ssl/X509TrustManagerImpl/Symantec/appleistca2g1-chain.pem -+++ /dev/null -@@ -1,80 +0,0 @@ -------BEGIN CERTIFICATE----- --MIIGGzCCBQOgAwIBAgIITJltLCqcD0gwDQYJKoZIhvcNAQELBQAwYjEcMBoGA1UE --AxMTQXBwbGUgSVNUIENBIDIgLSBHMTEgMB4GA1UECxMXQ2VydGlmaWNhdGlvbiBB --dXRob3JpdHkxEzARBgNVBAoTCkFwcGxlIEluYy4xCzAJBgNVBAYTAlVTMB4XDTE5 --MDEwODIxMTcxNFoXDTIwMDgwODIxMjcwMFowgaoxSjBIBgNVBAMMQWFjdGl2ZS5n --ZW90cnVzdC1nbG9iYWwtY2EudGVzdC1wYWdlcy5jZXJ0aWZpY2F0ZW1hbmFnZXIu --YXBwbGUuY29tMSUwIwYDVQQLDBxtYW5hZ2VtZW50OmlkbXMuZ3JvdXAuODY0ODU5 --MRMwEQYDVQQKDApBcHBsZSBJbmMuMRMwEQYDVQQIDApDYWxpZm9ybmlhMQswCQYD --VQQGEwJVUzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMCjFUrVHTEX --0aVU6x9LiGa6oVr9blaCsMFrLicPQguc43Vs/pN+g4jzRXsTSMe9XefezBQb6tzZ --SMRXVB4kWMr4K1BVgQDkXeyoh4KrXRkdEF9ZIJPNxwTmmYUOc5M6NOYwkLelYz+t --7n1iNIGylbjwU4qwauElk2alFVqYTEPDLzwvqVDb9jMAJ8MPSDjfUlXW0XD9oXZM --hC+8LU9JBgJ3YBdzRHa4WnrudUbWjspqaNfAYpVIX0cfCJKnMsKqaSKjS4pIRtWm --L6NlCTCoIMyOh+wmbWPPX24H2D3+ump5FA35fRYbVznmosl5n1AK34S9tD4XZ7lO --WZKfaFi1liMCAwEAAaOCAoowggKGMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAU --2HqURHyQcJAWnt0XnAFEA4bWKikwfgYIKwYBBQUHAQEEcjBwMDQGCCsGAQUFBzAC --hihodHRwOi8vY2VydHMuYXBwbGUuY29tL2FwcGxlaXN0Y2EyZzEuZGVyMDgGCCsG --AQUFBzABhixodHRwOi8vb2NzcC5hcHBsZS5jb20vb2NzcDAzLWFwcGxlaXN0Y2Ey --ZzEwMTBMBgNVHREERTBDgkFhY3RpdmUuZ2VvdHJ1c3QtZ2xvYmFsLWNhLnRlc3Qt --cGFnZXMuY2VydGlmaWNhdGVtYW5hZ2VyLmFwcGxlLmNvbTCB/wYDVR0gBIH3MIH0 --MIHxBgoqhkiG92NkBQsEMIHiMIGkBggrBgEFBQcCAjCBlwyBlFJlbGlhbmNlIG9u --IHRoaXMgY2VydGlmaWNhdGUgYnkgYW55IHBhcnR5IGFzc3VtZXMgYWNjZXB0YW5j --ZSBvZiBhbnkgYXBwbGljYWJsZSB0ZXJtcyBhbmQgY29uZGl0aW9ucyBvZiB1c2Ug --YW5kL29yIGNlcnRpZmljYXRpb24gcHJhY3RpY2Ugc3RhdGVtZW50cy4wOQYIKwYB --BQUHAgEWLWh0dHA6Ly93d3cuYXBwbGUuY29tL2NlcnRpZmljYXRlYXV0aG9yaXR5 --L3JwYTAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwNwYDVR0fBDAwLjAs --oCqgKIYmaHR0cDovL2NybC5hcHBsZS5jb20vYXBwbGVpc3RjYTJnMS5jcmwwHQYD --VR0OBBYEFP0qkmFJhArI0MsfW0V+/wY9x4GSMA4GA1UdDwEB/wQEAwIFoDANBgkq --hkiG9w0BAQsFAAOCAQEATjT8M0bIq+mFc8k5cd4KDjCMBjYl/l3/8zKlWYGP+nl1 --KRogXcGRa3LcfpdJcqgMrx8e9Xohduvl8MBzwv671rYkppzZdsmZdLVorAdbL5GL --suhTjAS5yL3NBWNMRpeOgFsVr7YtPDEvo3CFsnzjg7THe0S6Y35oYukJtUzGUvSY --kC3ApBTdjj0vAeow+dbt+AHKnQiEnon4ToSFmtnkru08Uxe7uyHCQ2sLUg0EPYc9 --t9I8lviaHfK/mQoCzlme2O/H5Rher8dXCv8hVT1NKbsi28EpgpqcTLS+hn/Edc/q --4dPDoO1Ozs+ixRzFeMpA+JrnAyARb6qbSrAPBgtIbQ== -------END CERTIFICATE----- -------BEGIN CERTIFICATE----- --MIIEQDCCAyigAwIBAgIDAjp0MA0GCSqGSIb3DQEBCwUAMEIxCzAJBgNVBAYTAlVT --MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i --YWwgQ0EwHhcNMTQwNjE2MTU0MjAyWhcNMjIwNTIwMTU0MjAyWjBiMRwwGgYDVQQD --ExNBcHBsZSBJU1QgQ0EgMiAtIEcxMSAwHgYDVQQLExdDZXJ0aWZpY2F0aW9uIEF1 --dGhvcml0eTETMBEGA1UEChMKQXBwbGUgSW5jLjELMAkGA1UEBhMCVVMwggEiMA0G --CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQk6EdR0MgFrILa+vD1bTox5jN896/ --6E3p4zaAB/xFG2p8RYauVtOkCX9hDWtdflJrfbTIOcT0Zzr3g84Zb4YvfkV+Rxxn --UsqVBV3iNlGFwNRngDVvFd0+/R3S/Y80UNjsdiq+49Pa5P3I6ygClhGXF2Ec6cRZ --O0LcMtEJHdqm0UOG/16yvIzPZtsBiwKulEjzOI/96jKoCOyGl1GUJD5JSZZT6Hmh --QIHpBbuTlVH84/18EUv3ngizFUkVB/nRN6CbSzL2tcTcatH8Cu324MUpoKiLcf4N --krz+VHAYCm3H7Qz7yS0Gw4yF/MuGXNY2jhKLCX/7GRo41fCUMHoPpozzAgMBAAGj --ggEdMIIBGTAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1luMrMTjAdBgNVHQ4E --FgQU2HqURHyQcJAWnt0XnAFEA4bWKikwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNV --HQ8BAf8EBAMCAQYwNQYDVR0fBC4wLDAqoCigJoYkaHR0cDovL2cuc3ltY2IuY29t --L2NybHMvZ3RnbG9iYWwuY3JsMC4GCCsGAQUFBwEBBCIwIDAeBggrBgEFBQcwAYYS --aHR0cDovL2cuc3ltY2QuY29tMEwGA1UdIARFMEMwQQYKYIZIAYb4RQEHNjAzMDEG --CCsGAQUFBwIBFiVodHRwOi8vd3d3Lmdlb3RydXN0LmNvbS9yZXNvdXJjZXMvY3Bz --MA0GCSqGSIb3DQEBCwUAA4IBAQAWR3NvhaJi4ecqdruJlUIml7xKrKxwUzo/MYM9 --PByrmuKxXRx2GqA8DHJXvtOeUODImdZY1wLqzg0pVHzN9cLGkClVo28UqAtCDTqY --bQZ4nvBqox0CCqIopI3CgUY+bWfa3j/+hQ5CKhLetbf7uBunlux3n+zUU5V6/wf0 --8goUwFFSsdaOUAsamVy8C8m97e34XsFW201+I6QRoSzUGwWa5BtS9nw4mQVLunKN --QolgBGYq9P1o12v3mUEo1mwkq+YlUy7Igpnioo8jvjCDsSeL+mh/AUnoxphrEC6Y --XorXykuxx8lYmtA225aV7LaB5PLNbxt5h0wQPInkTfpU3Kqm -------END CERTIFICATE----- -------BEGIN CERTIFICATE----- --MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT --MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i --YWwgQ0EwHhcNMDIwNTIxMDQwMDAwWhcNMjIwNTIxMDQwMDAwWjBCMQswCQYDVQQG --EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMSR2VvVHJ1c3Qg --R2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2swYYzD9 --9BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9mOSm9BXiLnTjoBbdq --fnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIuT8rxh0PBFpVXLVDv --iS2Aelet8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6cJmTM386DGXHKTubU --1XupGc1V3sjs0l44U+VcT4wt/lAjNvxm5suOpDkZALeVAjmRCw7+OC7RHQWa9k0+ --bw8HHa8sHo9gOeL6NlMTOdReJivbPagUvTLrGAMoUgRx5aszPeE4uwc2hGKceeoW --MPRfwCvocWvk+QIDAQABo1MwUTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTA --ephojYn7qwVkDBF9qn1luMrMTjAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1l --uMrMTjANBgkqhkiG9w0BAQUFAAOCAQEANeMpauUvXVSOKVCUn5kaFOSPeCpilKIn --Z57QzxpeR+nBsqTP3UEaBU6bS+5Kb1VSsyShNwrrZHYqLizz/Tt1kL/6cdjHPTfS --tQWVYrmm3ok9Nns4d0iXrKYgjy6myQzCsplFAMfOEVEiIuCl6rYVSAlk6l5PdPcF --PseKUgzbFbS9bZvlxrFUaKnjaZC2mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Un --hw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6pXE0zX5IJL4hmXXeXxx12E6nV --5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvmMw== -------END CERTIFICATE----- -diff --git a/jdk/test/sun/security/ssl/X509TrustManagerImpl/Symantec/geotrustglobalca-chain.pem b/jdk/test/sun/security/ssl/X509TrustManagerImpl/Symantec/geotrustglobalca-chain.pem -deleted file mode 100644 -index 3249716b..00000000 ---- a/jdk/test/sun/security/ssl/X509TrustManagerImpl/Symantec/geotrustglobalca-chain.pem -+++ /dev/null -@@ -1,66 +0,0 @@ -------BEGIN CERTIFICATE----- --MIIHBjCCBe6gAwIBAgIQanINWwJAuap0V7lFjnfUwTANBgkqhkiG9w0BAQsFADBE --MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMU --R2VvVHJ1c3QgU1NMIENBIC0gRzMwHhcNMTcwNTAzMDAwMDAwWhcNMjAwNTAyMjM1 --OTU5WjCBkTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNV --BAcMDU1vdW50YWluIFZpZXcxFzAVBgNVBAoMDkdlb1RydXN0LCBJbmMuMRgwFgYD --VQQLDA9Sb290IDEwIC0gVkFMSUQxIjAgBgNVBAMMGXZhbGlkLXJvb3QxMC5nZW90 --cnVzdC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTegUYhAh0 --P7aF6jzk8dit4Vzddo3hM+J7Eak/+N1sqVUS2HpNd7VO50FrbEWKIRusv7QNtlpY --1Cgrla8M4RAhCB0wkkHXZ1Evz6E1AEFQqNSjyuRQxeEXl+xCL+MF+yAMhDRnHh+E --eSJ3ie0T66saOyaLM9fPpr3xomAQ/IRlP1atJ/Z8XbPo25HuxwzxiWFW+RjwVIfI --gxHz4Okwc1uImDUIDlEu9Uaqqb4jHhxU1EkKMmgEncpqwCROcZMujUkogfB49Z7+ --K17r6ARIrUuxqfNPrPwe+O88WgIeDSWffPM67UlvtomZOwuTNdv9OoCX1wUCLS7m --/gZ3rqqqeJvfAgMBAAGjggOkMIIDoDAkBgNVHREEHTAbghl2YWxpZC1yb290MTAu --Z2VvdHJ1c3QuY29tMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMCsGA1UdHwQk --MCIwIKAeoByGGmh0dHA6Ly9nbi5zeW1jYi5jb20vZ24uY3JsMIGdBgNVHSAEgZUw --gZIwgY8GBmeBDAECAjCBhDA/BggrBgEFBQcCARYzaHR0cHM6Ly93d3cuZ2VvdHJ1 --c3QuY29tL3Jlc291cmNlcy9yZXBvc2l0b3J5L2xlZ2FsMEEGCCsGAQUFBwICMDUM --M2h0dHBzOi8vd3d3Lmdlb3RydXN0LmNvbS9yZXNvdXJjZXMvcmVwb3NpdG9yeS9s --ZWdhbDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHwYDVR0jBBgwFoAU --0m/3lvSFP3I8MH0j2oV4m6N8WnwwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzAB --hhNodHRwOi8vZ24uc3ltY2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vZ24uc3lt --Y2IuY29tL2duLmNydDCCAfUGCisGAQQB1nkCBAIEggHlBIIB4QHfAHUA3esdK3oN --T6Ygi4GtgWhwfi6OnQHVXIiNPRHEzbbsvswAAAFbz9h5vQAABAMARjBEAiAx/C0U --5NdHxK4v2oHnstYksb1Vny8PcQkSvgpx9PsZEwIgNTOU70Zc5szG23xdbvtoH5lN --SAoVswiF5gFQS5MGu1sAdgCkuQmQtBhYFIe7E6LMZ3AKPDWYBPkb37jjd80OyA3c --EAAAAVvP2HnZAAAEAwBHMEUCIFGjB8r2H0VDwTUE/aY/Mv+M97sqAvEP1doOcHpg --0qyfAiEArw/S2F7OEcmKGUY1WRBuApfAx5d7hzrTSV/jZv95qJwAdgDuS723dc5g --uuFCaR+r4Z5mow9+X7By2IMAxHuJeqj9ywAAAVvP2HoDAAAEAwBHMEUCIQCH6MFZ --tZF3Cqukt3/69fkU0Y5ePXXx8+xkOXRsIG3EGgIgSmCBWrnmPiiGA3x5QP8I8m4r --Uee0y7s4NQNwjMgHrjwAdgC8eOHfxfY8aEZJM02hD6FfCXlpIAnAgbTz9pF/Ptm4 --pQAAAVvP2HqcAAAEAwBHMEUCIA8e2kAVYYuQCtn4PqK98BuHnLm9rC40DboFLCle --SmQsAiEApbCJR05hr9VkNWmjaaUUGGZdVyUu9XX504LHVWyXZDUwDQYJKoZIhvcN --AQELBQADggEBAEtfBfZ2y5uTohvW3h00Kcuop6Nq7Y59GU3MeizPKtx48DB8qHyd --y5bLFwXzsGA1WkwpKzPbROsTGcAAXJHh03bj24AemUr/J/eQcjkfSoNBdHDpiSsk --VZkQK2fGJDiYJ/r9mxKZcgd2pyN3l2OtVtNMv2dnFGF35UkkeqO3jqImwbypAmRX --HdQV9dvW2YDRjzkebNNey6UwY9+YTSzr4da2hcaMHrj588Eqa4DDgNcY9QnE2RzN --giArA+4RlM4AZ3jC2A756I67hrlvH+lhumHLp06hGfMiQJF1aaauFVSa36HKc3C/ --ty+sLdJbemEJLAr8uNXggFD+U8TKw1S4LSw= -------END CERTIFICATE----- -------BEGIN CERTIFICATE----- --MIIETzCCAzegAwIBAgIDAjpvMA0GCSqGSIb3DQEBCwUAMEIxCzAJBgNVBAYTAlVT --MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i --YWwgQ0EwHhcNMTMxMTA1MjEzNjUwWhcNMjIwNTIwMjEzNjUwWjBEMQswCQYDVQQG --EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMUR2VvVHJ1c3Qg --U1NMIENBIC0gRzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjvn4K --hqPPa209K6GXrUkkTdd3uTR5CKWeop7eRxKSPX7qGYax6E89X/fQp3eaWx8KA7UZ --U9ulIZRpY51qTJEMEEe+EfpshiW3qwRoQjgJZfAU2hme+msLq2LvjafvY3AjqK+B --89FuiGdT7BKkKXWKp/JXPaKDmJfyCn3U50NuMHhiIllZuHEnRaoPZsZVP/oyFysx --j0ag+mkUfJ2fWuLrM04QprPtd2PYw5703d95mnrU7t7dmszDt6ldzBE6B7tvl6QB --I0eVH6N3+liSxsfQvc+TGEK3fveeZerVO8rtrMVwof7UEJrwEgRErBpbeFBFV0xv --vYDLgVwts7x2oR5lAgMBAAGjggFKMIIBRjAfBgNVHSMEGDAWgBTAephojYn7qwVk --DBF9qn1luMrMTjAdBgNVHQ4EFgQU0m/3lvSFP3I8MH0j2oV4m6N8WnwwEgYDVR0T --AQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwNgYDVR0fBC8wLTAroCmgJ4Yl --aHR0cDovL2cxLnN5bWNiLmNvbS9jcmxzL2d0Z2xvYmFsLmNybDAvBggrBgEFBQcB --AQQjMCEwHwYIKwYBBQUHMAGGE2h0dHA6Ly9nMi5zeW1jYi5jb20wTAYDVR0gBEUw --QzBBBgpghkgBhvhFAQc2MDMwMQYIKwYBBQUHAgEWJWh0dHA6Ly93d3cuZ2VvdHJ1 --c3QuY29tL3Jlc291cmNlcy9jcHMwKQYDVR0RBCIwIKQeMBwxGjAYBgNVBAMTEVN5 --bWFudGVjUEtJLTEtNTM5MA0GCSqGSIb3DQEBCwUAA4IBAQCg1Pcs+3QLf2TxzUNq --n2JTHAJ8mJCi7k9o1CAacxI+d7NQ63K87oi+fxfqd4+DYZVPhKHLMk9sIb7SaZZ9 --Y73cK6gf0BOEcP72NZWJ+aZ3sEbIu7cT9clgadZM/tKO79NgwYCA4ef7i28heUrg --3Kkbwbf7w0lZXLV3B0TUl/xJAIlvBk4BcBmsLxHA4uYPL4ZLjXvDuacu9PGsFj45 --SVGeF0tPEDpbpaiSb/361gsDTUdWVxnzy2v189bPsPX1oxHSIFMTNDcFLENaY9+N --QNaFHlHpURceA1bJ8TCt55sRornQMYGbaLHZ6PPmlH7HrhMvh+3QJbBo+d4IWvMp --zNSS -------END CERTIFICATE----- --- -2.22.0 - diff --git a/8296480-Fix-the-problem-that-the-TestPolicy.java-cas.patch b/8296480-Fix-the-problem-that-the-TestPolicy.java-cas.patch deleted file mode 100644 index 7d1be495df61f9860a6e4f748ee03abac84c2486..0000000000000000000000000000000000000000 --- a/8296480-Fix-the-problem-that-the-TestPolicy.java-cas.patch +++ /dev/null @@ -1,42 +0,0 @@ -From 6d1c5b1ee82b2b2481a16f3510078fdc7ddc08f9 Mon Sep 17 00:00:00 2001 -From: eapen -Date: Tue, 15 Nov 2022 11:26:33 +0800 -Subject: [PATCH 04/33] 8296480: Fix the problem that the TestPolicy.java case - fails because the certificate expires. ---- - jdk/test/java/security/cert/pkix/policyChanges/TestPolicy.java | 6 +++++- - 1 file changed, 5 insertions(+), 1 deletion(-) - -diff --git a/jdk/test/java/security/cert/pkix/policyChanges/TestPolicy.java b/jdk/test/java/security/cert/pkix/policyChanges/TestPolicy.java -index a92eee2..b37debf 100644 ---- a/jdk/test/java/security/cert/pkix/policyChanges/TestPolicy.java -+++ b/jdk/test/java/security/cert/pkix/policyChanges/TestPolicy.java -@@ -1,5 +1,5 @@ - /* -- * Copyright (c) 2002, 2012, Oracle and/or its affiliates. All rights reserved. -+ * Copyright (c) 2002, 2022, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it -@@ -34,6 +34,7 @@ - */ - - import java.io.*; -+import java.text.DateFormat; - import java.util.*; - - import java.security.Security; -@@ -97,6 +98,10 @@ public class TestPolicy { - params.setRevocationEnabled(false); - params.setInitialPolicies(testCase.initialPolicies); - -+ // Certs expired on 7th Nov 2022 -+ params.setDate(DateFormat.getDateInstance(DateFormat.MEDIUM, -+ Locale.US).parse("June 01, 2022")); -+ - CertPath path = factory.generateCertPath(Arrays.asList(new X509Certificate[] {ee, ca})); - - PKIXCertPathValidatorResult result = (PKIXCertPathValidatorResult)validator.validate(path, params); --- -1.8.3.1 - diff --git a/8296485-BuildEEBasicConstraints.java-test-fails-with.patch b/8296485-BuildEEBasicConstraints.java-test-fails-with.patch deleted file mode 100644 index b641e884852cc93e1908b810bbd5ace2e76e60d6..0000000000000000000000000000000000000000 --- a/8296485-BuildEEBasicConstraints.java-test-fails-with.patch +++ /dev/null @@ -1,39 +0,0 @@ -From b8aedd236ca707cfc15eb5daf91aab697a8014ed Mon Sep 17 00:00:00 2001 -From: eapen -Date: Wed, 23 Nov 2022 08:31:14 +0800 -Subject: [PATCH 06/33] I68TO2: 8296485: BuildEEBasicConstraints.java test fails with - SunCertPathBuilderException ---- - .../CertPathBuilder/targetConstraints/BuildEEBasicConstraints.java | 7 +++++++ - 1 file changed, 7 insertions(+) - -diff --git a/jdk/test/java/security/cert/CertPathBuilder/targetConstraints/BuildEEBasicConstraints.java b/jdk/test/java/security/cert/CertPathBuilder/targetConstraints/BuildEEBasicConstraints.java -index 6be5562..44926d2 100644 ---- a/jdk/test/java/security/cert/CertPathBuilder/targetConstraints/BuildEEBasicConstraints.java -+++ b/jdk/test/java/security/cert/CertPathBuilder/targetConstraints/BuildEEBasicConstraints.java -@@ -46,9 +46,11 @@ import java.security.cert.PKIXCertPathBuilderResult; - import java.security.cert.TrustAnchor; - import java.security.cert.X509Certificate; - import java.security.cert.X509CertSelector; -+import java.text.DateFormat; - import java.util.ArrayList; - import java.util.Collections; - import java.util.List; -+import java.util.Locale; - - public final class BuildEEBasicConstraints { - -@@ -65,6 +67,11 @@ public final class BuildEEBasicConstraints { - PKIXBuilderParameters params = new PKIXBuilderParameters - (Collections.singleton(anchor), sel); - params.setRevocationEnabled(false); -+ -+ // Certs expired on 7th Nov 2022 -+ params.setDate(DateFormat.getDateInstance(DateFormat.MEDIUM, -+ Locale.US).parse("June 01, 2022")); -+ - X509Certificate eeCert = CertUtils.getCertFromFile("ee.cer"); - X509Certificate caCert = CertUtils.getCertFromFile("ca.cer"); - ArrayList certs = new ArrayList(); --- -1.8.3.1 diff --git a/8305541-C2-Div-Mod-nodes-without-zero-check-could-be.patch b/8305541-C2-Div-Mod-nodes-without-zero-check-could-be.patch new file mode 100644 index 0000000000000000000000000000000000000000..a14347a1e297648d9664408d5c00c408b73f7ae9 --- /dev/null +++ b/8305541-C2-Div-Mod-nodes-without-zero-check-could-be.patch @@ -0,0 +1,255 @@ +From 5a21d735ffa345f956d2c637b4e13f55c907a219 Mon Sep 17 00:00:00 2001 +From: wangjiawei +Date: Fri, 28 Apr 2023 10:41:14 +0800 +Subject: [PATCH 15/15] 8305541: C2 Div/Mod nodes without zero check could be + split through iv phi of loop resulting in SIGFPE + +DTS/AR: DTS2023041008055 +Summary: : 8305541: C2 Div/Mod nodes without zero check could be split through iv phi of loop resulting in SIGFPE +LLT: NA +Patch Type: backport +Bug url: https://bugs.openjdk.org/browse/JDK-8305541 +--- + hotspot/src/share/vm/opto/loopnode.hpp | 4 +- + hotspot/src/share/vm/opto/loopopts.cpp | 40 +++++ + .../c2/TestSplitDivisionThroughPhi.java | 155 ++++++++++++++++++ + 3 files changed, 198 insertions(+), 1 deletion(-) + create mode 100644 hotspot/test/compiler/c2/TestSplitDivisionThroughPhi.java + +diff --git a/hotspot/src/share/vm/opto/loopnode.hpp b/hotspot/src/share/vm/opto/loopnode.hpp +index 6f70b5065..f8750e54a 100644 +--- a/hotspot/src/share/vm/opto/loopnode.hpp ++++ b/hotspot/src/share/vm/opto/loopnode.hpp +@@ -1071,7 +1071,9 @@ private: + Node *place_near_use( Node *useblock ) const; + Node* try_move_store_before_loop(Node* n, Node *n_ctrl); + void try_move_store_after_loop(Node* n); +- ++ bool cannot_split_division(const Node* n, const Node* region) const; ++ static bool is_divisor_counted_loop_phi(const Node* divisor, const Node* loop); ++ bool loop_phi_backedge_type_contains_zero(const Node* phi_divisor, const Type* zero) const; + bool _created_loop_node; + public: + void set_created_loop_node() { _created_loop_node = true; } +diff --git a/hotspot/src/share/vm/opto/loopopts.cpp b/hotspot/src/share/vm/opto/loopopts.cpp +index 20bdb1493..28bfcb75b 100644 +--- a/hotspot/src/share/vm/opto/loopopts.cpp ++++ b/hotspot/src/share/vm/opto/loopopts.cpp +@@ -51,6 +51,10 @@ Node *PhaseIdealLoop::split_thru_phi( Node *n, Node *region, int policy ) { + return NULL; + } + ++ if (cannot_split_division(n, region)) { ++ return NULL; ++ } ++ + int wins = 0; + assert(!n->is_CFG(), ""); + assert(region->is_Region(), ""); +@@ -200,6 +204,42 @@ Node *PhaseIdealLoop::split_thru_phi( Node *n, Node *region, int policy ) { + return phi; + } + ++// Return true if 'n' is a Div or Mod node (without zero check If node which was removed earlier) with a loop phi divisor ++// of a trip-counted (integer or long) loop with a backedge input that could be zero (include zero in its type range). In ++// this case, we cannot split the division to the backedge as it could freely float above the loop exit check resulting in ++// a division by zero. This situation is possible because the type of an increment node of an iv phi (trip-counter) could ++// include zero while the iv phi does not (see PhiNode::Value() for trip-counted loops where we improve types of iv phis). ++// We also need to check other loop phis as they could have been created in the same split-if pass when applying ++// PhaseIdealLoop::split_thru_phi() to split nodes through an iv phi. ++bool PhaseIdealLoop::cannot_split_division(const Node* n, const Node* region) const { ++ const Type* zero; ++ switch (n->Opcode()) { ++ case Op_DivI: ++ case Op_ModI: ++ zero = TypeInt::ZERO; ++ break; ++ case Op_DivL: ++ case Op_ModL: ++ zero = TypeLong::ZERO; ++ break; ++ default: ++ return false; ++ } ++ ++ assert(n->in(0) == NULL, "divisions with zero check should already have bailed out earlier in split-if"); ++ Node* divisor = n->in(2); ++ return is_divisor_counted_loop_phi(divisor, region) && ++ loop_phi_backedge_type_contains_zero(divisor, zero); ++} ++ ++bool PhaseIdealLoop::is_divisor_counted_loop_phi(const Node* divisor, const Node* loop) { ++ return loop->is_CountedLoop() && divisor->is_Phi() && divisor->in(0) == loop; ++} ++ ++bool PhaseIdealLoop::loop_phi_backedge_type_contains_zero(const Node* phi_divisor, const Type* zero) const { ++ return _igvn.type(phi_divisor->in(LoopNode::LoopBackControl))->filter_speculative(zero) != Type::TOP; ++} ++ + //------------------------------dominated_by------------------------------------ + // Replace the dominated test with an obvious true or false. Place it on the + // IGVN worklist for later cleanup. Move control-dependent data Nodes on the +diff --git a/hotspot/test/compiler/c2/TestSplitDivisionThroughPhi.java b/hotspot/test/compiler/c2/TestSplitDivisionThroughPhi.java +new file mode 100644 +index 000000000..0a59783fa +--- /dev/null ++++ b/hotspot/test/compiler/c2/TestSplitDivisionThroughPhi.java +@@ -0,0 +1,155 @@ ++/* ++ * Copyright (c) 2023, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 2023, Huawei Technologies Co., Ltd. All rights reserved. ++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. ++ * ++ * This code is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License version 2 only, as ++ * published by the Free Software Foundation. ++ * ++ * This code is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * version 2 for more details (a copy is included in the LICENSE file that ++ * accompanied this code). ++ * ++ * You should have received a copy of the GNU General Public License version ++ * 2 along with this work; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ++ * ++ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA ++ * or visit www.oracle.com if you need additional information or have any ++ * questions. ++ */ ++ ++/** ++ * @test ++ * @bug 8299259 ++ * @summary Test various cases of divisions/modulo which should not be split through iv phis. ++ * @run main/othervm -Xbatch -XX:+UnlockDiagnosticVMOptions -XX:LoopUnrollLimit=0 -XX:+StressGCM ++ * -XX:CompileCommand=compileonly,TestSplitDivisionThroughPhi::* TestSplitDivisionThroughPhi ++ */ ++ ++/** ++ * @test ++ * @bug 8299259 ++ * @summary Test various cases of divisions/modulo which should not be split through iv phis. ++ * @run main/othervm -Xbatch -XX:+UnlockDiagnosticVMOptions -XX:LoopUnrollLimit=0 -XX:+StressGCM ++ * -XX:CompileCommand=compileonly,TestSplitDivisionThroughPhi::* TestSplitDivisionThroughPhi ++ */ ++ ++ ++public class TestSplitDivisionThroughPhi { ++ static int iFld; ++ static long lFld; ++ static boolean flag; ++ ++ ++ public static void main(String[] strArr) { ++ for (int i = 0; i < 5000; i++) { ++ testPushDivIThruPhi(); ++ testPushDivIThruPhiInChain(); ++ testPushModIThruPhi(); ++ testPushModIThruPhiInChain(); ++ testPushDivLThruPhi(); ++ testPushDivLThruPhiInChain(); ++ testPushModLThruPhi(); ++ testPushModLThruPhiInChain(); ++ } ++ } ++ ++ // Already fixed by JDK-8248552. ++ static void testPushDivIThruPhi() { ++ for (int i = 10; i > 1; i -= 2) { ++ // The Div node is only split in later loop opts phase because the zero divisor check is only removed ++ // in IGVN after the first loop opts phase. ++ // ++ // iv phi i type: [2..10] ++ // When splitting the DivI through the iv phi, it ends up on the back edge with the trip count decrement ++ // as input which has type [0..8]. We end up executing a division by zero on the last iteration because ++ // the DivI it is not pinned to the loop exit test and can freely float above the loop exit check. ++ iFld = 10 / i; ++ } ++ } ++ ++ // Same as above but with an additional Mul node between the iv phi and the Div node. Both nodes are split through ++ // the iv phi in one pass of Split If. ++ static void testPushDivIThruPhiInChain() { ++ for (int i = 10; i > 1; i -= 2) { ++ // Empty one iteration loop which is only removed after split if in first loop opts phase. This prevents ++ // that the Mul node is already split through the iv phi while the Div node cannot be split yet due to ++ // the zero divisor check which can only be removed in the IGVN after the first loop opts pass. ++ for (int j = 0; j < 1; j++) { ++ } ++ iFld = 10 / (i * 100); ++ } ++ } ++ ++ // Already fixed by JDK-8248552. ++ static void testPushModIThruPhi() { ++ for (int i = 10; i > 1; i -= 2) { ++ iFld = 10 / i; ++ } ++ } ++ ++ // Same as above but with ModI. ++ static void testPushModIThruPhiInChain() { ++ for (int i = 10; i > 1; i -= 2) { ++ for (int j = 0; j < 1; j++) { ++ } ++ iFld = 10 / (i * 100); ++ } ++ } ++ ++ // Long cases only trigger since JDK-8256655. ++ ++ // Same as above but with DivL. ++ static void testPushDivLThruPhi() { ++ for (long i = 10; i > 1; i -= 2) { ++ lFld = 10L / i; ++ ++ // Loop that is not removed such that we do not transform the outer LongCountedLoop (only done if innermost) ++ for (int j = 0; j < 10; j++) { ++ flag = !flag; ++ } ++ } ++ } ++ ++ // Same as above but with DivL. ++ static void testPushDivLThruPhiInChain() { ++ for (long i = 10; i > 1; i -= 2) { ++ for (int j = 0; j < 1; j++) { ++ } ++ lFld = 10L / (i * 100L); ++ ++ for (int j = 0; j < 10; j++) { ++ flag = !flag; ++ } ++ } ++ } ++ ++ // Same as above but with ModL ++ static void testPushModLThruPhi() { ++ for (long i = 10; i > 1; i -= 2) { ++ lFld = 10L % i; ++ ++ for (int j = 0; j < 10; j++) { ++ flag = !flag; ++ } ++ } ++ } ++ ++ // Same as above but with ModL ++ static void testPushModLThruPhiInChain() { ++ for (long i = 10; i > 1; i -= 2) { ++ for (int j = 0; j < 1; j++) { ++ } ++ lFld = 10L % (i * 100L); ++ ++ for (int j = 0; j < 10; j++) { ++ flag = !flag; ++ } ++ } ++ } ++} ++ +-- +2.19.0 + diff --git a/Add-ability-to-configure-third-port-for-remote-JMX.patch b/Add-ability-to-configure-third-port-for-remote-JMX.patch deleted file mode 100644 index 190f09447d2079bc947e60f799c2d91e4e2ea471..0000000000000000000000000000000000000000 --- a/Add-ability-to-configure-third-port-for-remote-JMX.patch +++ /dev/null @@ -1,67 +0,0 @@ -From e389786d6785852bf8fedb9ff24294a1518d9bed Mon Sep 17 00:00:00 2001 -Date: Fri, 22 Jan 2021 15:27:51 +0800 -Subject: Add ability to configure third port for remote JMX - -Summary: : -LLT: NA -Bug url: NA ---- - .../management/AgentConfigurationError.java | 2 ++ - .../jmxremote/ConnectorBootstrap.java | 19 ++++++++++++++++++- - 2 files changed, 20 insertions(+), 1 deletion(-) - -diff --git a/jdk/src/share/classes/sun/management/AgentConfigurationError.java b/jdk/src/share/classes/sun/management/AgentConfigurationError.java -index 56c430161..d3d67ff31 100644 ---- a/jdk/src/share/classes/sun/management/AgentConfigurationError.java -+++ b/jdk/src/share/classes/sun/management/AgentConfigurationError.java -@@ -55,6 +55,8 @@ public class AgentConfigurationError extends Error { - "agent.err.invalid.jmxremote.port"; - public static final String INVALID_JMXREMOTE_RMI_PORT = - "agent.err.invalid.jmxremote.rmi.port"; -+ public static final String INVALID_JMXLOCAL_PORT = -+ "agent.err.invalid.jmxlocal.port"; - public static final String PASSWORD_FILE_NOT_SET = - "agent.err.password.file.notset"; - public static final String PASSWORD_FILE_NOT_READABLE = -diff --git a/jdk/src/share/classes/sun/management/jmxremote/ConnectorBootstrap.java b/jdk/src/share/classes/sun/management/jmxremote/ConnectorBootstrap.java -index 56287edbd..0a82c65d1 100644 ---- a/jdk/src/share/classes/sun/management/jmxremote/ConnectorBootstrap.java -+++ b/jdk/src/share/classes/sun/management/jmxremote/ConnectorBootstrap.java -@@ -117,6 +117,8 @@ public final class ConnectorBootstrap { - "com.sun.management.jmxremote.host"; - public static final String RMI_PORT = - "com.sun.management.jmxremote.rmi.port"; -+ public static final String LOCAL_PORT = -+ "com.sun.management.jmxlocal.port"; - public static final String CONFIG_FILE_NAME = - "com.sun.management.config.file"; - public static final String USE_LOCAL_ONLY = -@@ -530,9 +532,24 @@ public final class ConnectorBootstrap { - localhost = "127.0.0.1"; - } - -+ // User can specify a port to be used to start Local Connector Server, -+ // if port is not specified random one will be allocated. -+ int localPort = 0; -+ String localPortStr = System.getProperty(PropertyNames.LOCAL_PORT); -+ try { -+ if (localPortStr != null) { -+ localPort = Integer.parseInt(localPortStr); -+ } -+ } catch (NumberFormatException x) { -+ throw new AgentConfigurationError(INVALID_JMXLOCAL_PORT, x, localPortStr); -+ } -+ if (localPort < 0) { -+ throw new AgentConfigurationError(INVALID_JMXLOCAL_PORT, localPortStr); -+ } -+ - MBeanServer mbs = ManagementFactory.getPlatformMBeanServer(); - try { -- JMXServiceURL url = new JMXServiceURL("rmi", localhost, 0); -+ JMXServiceURL url = new JMXServiceURL("rmi", localhost, localPort); - // Do we accept connections from local interfaces only? - Properties props = Agent.getManagementProperties(); - if (props == null) { --- -2.19.0 - diff --git a/Fix-localtime_r-not-defined-on-windows.patch b/Fix-localtime_r-not-defined-on-windows.patch new file mode 100644 index 0000000000000000000000000000000000000000..04fc76de12d07c6d209b83f1727e2ca0123fec24 --- /dev/null +++ b/Fix-localtime_r-not-defined-on-windows.patch @@ -0,0 +1,44 @@ +From 2b0e2ff142de992d943a0df1aca605283f3449ab Mon Sep 17 00:00:00 2001 +From: z30010524 +Date: Thu, 16 Mar 2023 11:06:12 +0800 +Subject: [PATCH 09/15] Fix localtime_r() not defined on windows + +DTS/AR: DTS2023031516597 +Summary: :Fix localtime_r() not defined on windows, get system time by os::localtime_pd() +LLT: NA +Patch Type: huawei +Bug url: NA +--- + hotspot/src/share/vm/services/memReporter.cpp | 2 +- + hotspot/src/share/vm/services/nmtDCmd.cpp | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/hotspot/src/share/vm/services/memReporter.cpp b/hotspot/src/share/vm/services/memReporter.cpp +index 8ea363805..9fc309c74 100644 +--- a/hotspot/src/share/vm/services/memReporter.cpp ++++ b/hotspot/src/share/vm/services/memReporter.cpp +@@ -298,7 +298,7 @@ void MemSummaryDiffReporter::report_diff() { + time_t startTime = NMTDCmd::get_start_time(); + time_t endTime = time(0); + struct tm endTimeTm = {0}; +- if (localtime_r(&endTime, &endTimeTm) == NULL) { ++ if (os::localtime_pd(&endTime, &endTimeTm) == NULL) { + out->print_cr("\nNative Memory Tracking:\n"); + } else { + out->print_cr("\nNative Memory Tracking: end time is %d-%02d-%02d %02d:%02d:%02d, elapsed time is %d secs\n", +diff --git a/hotspot/src/share/vm/services/nmtDCmd.cpp b/hotspot/src/share/vm/services/nmtDCmd.cpp +index 417a58c59..5f6842a99 100644 +--- a/hotspot/src/share/vm/services/nmtDCmd.cpp ++++ b/hotspot/src/share/vm/services/nmtDCmd.cpp +@@ -132,7 +132,7 @@ void NMTDCmd::execute(DCmdSource source, TRAPS) { + NMTDCmd::set_start_time(time(0)); + time_t startTime = NMTDCmd::get_start_time(); + struct tm startTimeTm = {0}; +- if (localtime_r(&startTime, &startTimeTm) == NULL) { ++ if (os::localtime_pd(&startTime, &startTimeTm) == NULL) { + output()->print_cr("Baseline succeeded"); + } else { + output()->print_cr("Baseline succeeded, start time is %d-%02d-%02d %02d:%02d:%02d", +-- +2.19.0 + diff --git a/Huawei-fix-windows-build-Dynamic-CDS-failure.patch b/Huawei-fix-windows-build-Dynamic-CDS-failure.patch deleted file mode 100644 index 253dc9ed38395ed0b62211b96501e6796b0b0427..0000000000000000000000000000000000000000 --- a/Huawei-fix-windows-build-Dynamic-CDS-failure.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 90eec1e71cb818dae6d0ed1be7f7a7c3fe9da1cf Mon Sep 17 00:00:00 2001 -From: zhangyipeng -Date: Fri, 21 Oct 2022 11:24:48 +0800 -Subject: [PATCH] fix windows build Dynamic CDS failure - ---- - hotspot/make/windows/makefiles/vm.make | 7 +++++++ - 1 file changed, 7 insertions(+) - -diff --git a/hotspot/make/windows/makefiles/vm.make b/hotspot/make/windows/makefiles/vm.make -index e303da77b..5322a4b4b 100644 ---- a/hotspot/make/windows/makefiles/vm.make -+++ b/hotspot/make/windows/makefiles/vm.make -@@ -148,6 +148,7 @@ VM_PATH=$(VM_PATH);$(WorkSpace)/src/share/vm/code - VM_PATH=$(VM_PATH);$(WorkSpace)/src/share/vm/interpreter - VM_PATH=$(VM_PATH);$(WorkSpace)/src/share/vm/ci - VM_PATH=$(VM_PATH);$(WorkSpace)/src/share/vm/classfile -+VM_PATH=$(VM_PATH);$(WorkSpace)/src/share/vm/cds - VM_PATH=$(VM_PATH);$(WorkSpace)/src/share/vm/gc_implementation/parallelScavenge - VM_PATH=$(VM_PATH);$(WorkSpace)/src/share/vm/gc_implementation/shared - VM_PATH=$(VM_PATH);$(WorkSpace)/src/share/vm/gc_implementation/parNew -@@ -233,6 +234,9 @@ arguments.obj: $(WorkSpace)\src\share\vm\runtime\arguments.cpp - {$(COMMONSRC)\share\vm\classfile}.cpp.obj:: - $(CXX) $(CXX_FLAGS) $(CXX_USE_PCH) /c $< - -+{$(COMMONSRC)\share\vm\cds}.cpp.obj:: -+ $(CXX) $(CXX_FLAGS) $(CXX_USE_PCH) /c $< -+ - {$(COMMONSRC)\share\vm\gc_implementation\parallelScavenge}.cpp.obj:: - $(CXX) $(CXX_FLAGS) $(CXX_USE_PCH) /c $< - -@@ -316,6 +320,9 @@ arguments.obj: $(WorkSpace)\src\share\vm\runtime\arguments.cpp - {$(ALTSRC)\share\vm\classfile}.cpp.obj:: - $(CXX) $(CXX_FLAGS) $(CXX_USE_PCH) /c $< - -+{$(ALTSRC)\share\vm\cds}.cpp.obj:: -+ $(CXX) $(CXX_FLAGS) $(CXX_USE_PCH) /c $< -+ - {$(ALTSRC)\share\vm\gc_implementation\parallelScavenge}.cpp.obj:: - $(CXX) $(CXX_FLAGS) $(CXX_USE_PCH) /c $< - --- -2.22.0 - diff --git a/Test8167409.sh-fails-to-run-with-32bit-jdk-on-64bit-.patch b/Test8167409.sh-fails-to-run-with-32bit-jdk-on-64bit-.patch index df845fd0af5795e9a84ced64e763a9f26a8492da..bf15871160c44f9d75bf0bcaf2c6ef662516eedc 100644 --- a/Test8167409.sh-fails-to-run-with-32bit-jdk-on-64bit-.patch +++ b/Test8167409.sh-fails-to-run-with-32bit-jdk-on-64bit-.patch @@ -23,7 +23,7 @@ index e2de2d3e55..7d0431980e 100644 +fi + # CriticalJNINatives is not supported for aarch64 - if [ $VM_CPU == "aarch64" ]; then + if [ $VM_CPU = "aarch64" ]; then echo "Test Passed" @@ -73,7 +78,7 @@ THIS_DIR=. cp ${TESTSRC}${FS}*.java ${THIS_DIR} diff --git a/add-appcds-test-case.patch b/add-appcds-test-case.patch index f5c7db99732a20698f4a9a41f06e429491e83921..6cec98f1840c247da0a174e6b4a94ffb710c34cb 100644 --- a/add-appcds-test-case.patch +++ b/add-appcds-test-case.patch @@ -2649,11 +2649,10 @@ diff --git a/hotspot/test/testlibrary/com/oracle/java/testlibrary/Utils.java b/h index 902e3b13..be48a7e6 100644 --- a/hotspot/test/testlibrary/com/oracle/java/testlibrary/Utils.java +++ b/hotspot/test/testlibrary/com/oracle/java/testlibrary/Utils.java -@@ -370,4 +370,57 @@ public final class Utils { - } - return new String(hexView); +@@ -395,4 +395,56 @@ public final class Utils { + return Files.createTempDirectory(dir, prefix); } -+ + + // This method is intended to be called from a jtreg test. + // It will identify the name of the test by means of stack walking. + // It can handle both jtreg tests and a testng tests wrapped inside jtreg tests. @@ -3520,7 +3519,7 @@ index 909e09f9..f06b1cbb 100644 import java.net.URL; import sun.hotspot.parser.DiagnosticCommand; -@@ -137,6 +139,31 @@ public class WhiteBox { +@@ -140,6 +142,31 @@ public class WhiteBox { } public native boolean isMethodCompilable(Executable method, int compLevel, boolean isOsr); public native boolean isMethodQueuedForCompilation(Executable method); @@ -3552,12 +3551,6 @@ index 909e09f9..f06b1cbb 100644 public int deoptimizeMethod(Executable method) { return deoptimizeMethod(method, false /*not osr*/); } -@@ -253,5 +280,4 @@ public class WhiteBox { - // Container testing - public native boolean isContainerized(); - public native void printOsInfo(); -- - } diff --git a/hotspot/test/testlibrary/whitebox/sun/hotspot/code/Compiler.java b/hotspot/test/testlibrary/whitebox/sun/hotspot/code/Compiler.java new file mode 100644 index 00000000..bb06f1af diff --git a/add-missing-test-case.patch b/add-missing-test-case.patch index 6b220f40d59fe0bf95794d290165e78d8a635a26..be8231d5052a738dc5a0979a047d21fd7e60ad48 100644 --- a/add-missing-test-case.patch +++ b/add-missing-test-case.patch @@ -91,7 +91,7 @@ index 00000000..9b614024 --- /dev/null +++ b/version.txt @@ -0,0 +1 @@ -+8.362.9.0.13 ++8.372.7.0.13 -- 2.23.0 diff --git a/fix-CVE-2023-21930.patch b/fix-CVE-2023-21930.patch deleted file mode 100644 index 5f0c353c5e157cc5fd04dde2af4024779b692080..0000000000000000000000000000000000000000 --- a/fix-CVE-2023-21930.patch +++ /dev/null @@ -1,118 +0,0 @@ -From 3f83229f04df85503de1c18405eb08f81ab50054 Mon Sep 17 00:00:00 2001 -From: xzf1234 -Date: Mon, 24 Apr 2023 22:50:30 +0800 -Subject: [PATCH] fix CVE-2023-21930 - ---- - .../share/classes/sun/security/ssl/KeyUpdate.java | 6 ++++-- - .../classes/sun/security/ssl/SSLEngineImpl.java | 8 ++++---- - .../classes/sun/security/ssl/SSLSocketImpl.java | 6 +++--- - .../classes/sun/security/ssl/TransportContext.java | 13 ++++++++++--- - 4 files changed, 21 insertions(+), 12 deletions(-) - -diff --git a/jdk/src/share/classes/sun/security/ssl/KeyUpdate.java b/jdk/src/share/classes/sun/security/ssl/KeyUpdate.java -index 1306344..9e921e6 100644 ---- a/jdk/src/share/classes/sun/security/ssl/KeyUpdate.java -+++ b/jdk/src/share/classes/sun/security/ssl/KeyUpdate.java -@@ -1,5 +1,5 @@ - /* -- * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. -+ * Copyright (c) 2018, 2023, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it -@@ -169,7 +169,9 @@ final class KeyUpdate { - public byte[] produce(ConnectionContext context) throws IOException { - PostHandshakeContext hc = (PostHandshakeContext)context; - return handshakeProducer.produce(context, -- new KeyUpdateMessage(hc, KeyUpdateRequest.REQUESTED)); -+ new KeyUpdateMessage(hc, hc.conContext.isInboundClosed() ? -+ KeyUpdateRequest.NOTREQUESTED : -+ KeyUpdateRequest.REQUESTED)); - } - } - -diff --git a/jdk/src/share/classes/sun/security/ssl/SSLEngineImpl.java b/jdk/src/share/classes/sun/security/ssl/SSLEngineImpl.java -index ef64c7b..05ffb8a 100644 ---- a/jdk/src/share/classes/sun/security/ssl/SSLEngineImpl.java -+++ b/jdk/src/share/classes/sun/security/ssl/SSLEngineImpl.java -@@ -1,5 +1,5 @@ - /* -- * Copyright (c) 2003, 2020, Oracle and/or its affiliates. All rights reserved. -+ * Copyright (c) 2003, 2023, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it -@@ -325,11 +325,11 @@ final class SSLEngineImpl extends SSLEngine implements SSLTransport { - */ - private HandshakeStatus tryKeyUpdate( - HandshakeStatus currentHandshakeStatus) throws IOException { -- // Don't bother to kickstart if handshaking is in progress, or if the -- // connection is not duplex-open. -+ // Don't bother to kickstart if handshaking is in progress, or if -+ // the write side of the connection is not open. We allow a half- -+ // duplex write-only connection for key updates. - if ((conContext.handshakeContext == null) && - !conContext.isOutboundClosed() && -- !conContext.isInboundClosed() && - !conContext.isBroken) { - if (SSLLogger.isOn && SSLLogger.isOn("ssl")) { - SSLLogger.finest("trigger key update"); -diff --git a/jdk/src/share/classes/sun/security/ssl/SSLSocketImpl.java b/jdk/src/share/classes/sun/security/ssl/SSLSocketImpl.java -index ab93e30..edf02a2 100644 ---- a/jdk/src/share/classes/sun/security/ssl/SSLSocketImpl.java -+++ b/jdk/src/share/classes/sun/security/ssl/SSLSocketImpl.java -@@ -1428,11 +1428,11 @@ public final class SSLSocketImpl - * wrapped. - */ - private void tryKeyUpdate() throws IOException { -- // Don't bother to kickstart if handshaking is in progress, or if the -- // connection is not duplex-open. -+ // Don't bother to kickstart if handshaking is in progress, or if -+ // the write side of the connection is not open. We allow a half- -+ // duplex write-only connection for key updates. - if ((conContext.handshakeContext == null) && - !conContext.isOutboundClosed() && -- !conContext.isInboundClosed() && - !conContext.isBroken) { - if (SSLLogger.isOn && SSLLogger.isOn("ssl")) { - SSLLogger.finest("trigger key update"); -diff --git a/jdk/src/share/classes/sun/security/ssl/TransportContext.java b/jdk/src/share/classes/sun/security/ssl/TransportContext.java -index 416113e..9427ed7 100644 ---- a/jdk/src/share/classes/sun/security/ssl/TransportContext.java -+++ b/jdk/src/share/classes/sun/security/ssl/TransportContext.java -@@ -1,5 +1,5 @@ - /* -- * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. -+ * Copyright (c) 2018, 2023, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it -@@ -200,7 +200,14 @@ class TransportContext implements ConnectionContext { - throw new IllegalStateException("Client/Server mode not yet set."); - } - -- if (outputRecord.isClosed() || inputRecord.isClosed() || isBroken) { -+ // The threshold for allowing the method to continue processing -+ // depends on whether we are doing a key update or kickstarting -+ // a handshake. In the former case, we only require the write-side -+ // to be open where a handshake would require a full duplex connection. -+ boolean isNotUsable = outputRecord.writeCipher.atKeyLimit() ? -+ (outputRecord.isClosed() || isBroken) : -+ (outputRecord.isClosed() || inputRecord.isClosed() || isBroken); -+ if (isNotUsable) { - if (closeReason != null) { - throw new SSLException( - "Cannot kickstart, the connection is broken or closed", -@@ -227,7 +234,7 @@ class TransportContext implements ConnectionContext { - // - // Need no kickstart message on server side unless the connection - // has been established. -- if(isNegotiated || sslConfig.isClientMode) { -+ if (isNegotiated || sslConfig.isClientMode) { - handshakeContext.kickstart(); - } - } --- -2.33.1.windows.1 - diff --git a/fix-CVE-2023-21954.patch b/fix-CVE-2023-21954.patch deleted file mode 100644 index afcec5ed8aaa31ec5eaf4b5d732aacd0dfc98d3a..0000000000000000000000000000000000000000 --- a/fix-CVE-2023-21954.patch +++ /dev/null @@ -1,67 +0,0 @@ -From 32430842ad5a3ca2d0d1cac8330a0ae6539cb676 Mon Sep 17 00:00:00 2001 -From: xzf1234 -Date: Wed, 26 Apr 2023 17:33:53 +0800 -Subject: [PATCH] fix CVE-2023-21954 - ---- - .../src/share/vm/gc_implementation/g1/dirtyCardQueue.hpp | 1 - - .../src/share/vm/gc_implementation/g1/g1CollectedHeap.cpp | 1 - - openjdk/hotspot/src/share/vm/gc_implementation/g1/g1RemSet.cpp | 3 +-- - openjdk/hotspot/src/share/vm/gc_implementation/g1/ptrQueue.hpp | 2 +- - 4 files changed, 2 insertions(+), 5 deletions(-) - -diff --git a/hotspot/src/share/vm/gc_implementation/g1/dirtyCardQueue.hpp b/hotspot/src/share/vm/gc_implementation/g1/dirtyCardQueue.hpp -index 27d287e..986c0ea 100644 ---- a/hotspot/src/share/vm/gc_implementation/g1/dirtyCardQueue.hpp -+++ b/hotspot/src/share/vm/gc_implementation/g1/dirtyCardQueue.hpp -@@ -161,7 +161,6 @@ public: - - // If any threads have partial logs, add them to the global list of logs. - void concatenate_logs(); -- void clear_n_completed_buffers() { _n_completed_buffers = 0;} - - jint processed_buffers_mut() { - return _processed_buffers_mut; -diff --git a/hotspot/src/share/vm/gc_implementation/g1/g1CollectedHeap.cpp b/hotspot/src/share/vm/gc_implementation/g1/g1CollectedHeap.cpp -index e597534..1da72ea 100644 ---- a/hotspot/src/share/vm/gc_implementation/g1/g1CollectedHeap.cpp -+++ b/hotspot/src/share/vm/gc_implementation/g1/g1CollectedHeap.cpp -@@ -2287,7 +2287,6 @@ void G1CollectedHeap::iterate_dirty_card_closure(CardTableEntryClosure* cl, - n_completed_buffers++; - } - g1_policy()->phase_times()->record_thread_work_item(G1GCPhaseTimes::UpdateRS, worker_i, n_completed_buffers); -- dcqs.clear_n_completed_buffers(); - assert(!dcqs.completed_buffers_exist_dirty(), "Completed buffers exist!"); - } - -diff --git a/hotspot/src/share/vm/gc_implementation/g1/g1RemSet.cpp b/hotspot/src/share/vm/gc_implementation/g1/g1RemSet.cpp -index b0d3d57..9bedba5 100644 ---- a/hotspot/src/share/vm/gc_implementation/g1/g1RemSet.cpp -+++ b/hotspot/src/share/vm/gc_implementation/g1/g1RemSet.cpp -@@ -377,9 +377,8 @@ void G1RemSet::cleanup_after_oops_into_collection_set_do() { - // Free any completed buffers in the DirtyCardQueueSet used to hold cards - // which contain references that point into the collection. - _g1->into_cset_dirty_card_queue_set().clear(); -- assert(_g1->into_cset_dirty_card_queue_set().completed_buffers_num() == 0, -+ assert(!_g1->into_cset_dirty_card_queue_set().completed_buffers_exist_dirty(), - "all buffers should be freed"); -- _g1->into_cset_dirty_card_queue_set().clear_n_completed_buffers(); - } - - class ScrubRSClosure: public HeapRegionClosure { -diff --git a/hotspot/src/share/vm/gc_implementation/g1/ptrQueue.hpp b/hotspot/src/share/vm/gc_implementation/g1/ptrQueue.hpp -index 988e90b..27404f0 100644 ---- a/hotspot/src/share/vm/gc_implementation/g1/ptrQueue.hpp -+++ b/hotspot/src/share/vm/gc_implementation/g1/ptrQueue.hpp -@@ -279,7 +279,7 @@ public: - bool process_or_enqueue_complete_buffer(void** buf); - - bool completed_buffers_exist_dirty() { -- return _n_completed_buffers > 0; -+ return _n_completed_buffers > 0 || _completed_buffers_head != NULL; - } - - bool process_completed_buffers() { return _process_completed; } --- -2.33.1.windows.1 - diff --git a/fix-CVE-2023-21967.patch b/fix-CVE-2023-21967.patch deleted file mode 100644 index 281be23852959c3f8bb07831df376bd46120d860..0000000000000000000000000000000000000000 --- a/fix-CVE-2023-21967.patch +++ /dev/null @@ -1,453 +0,0 @@ -From 01582b1045c5d42ca772e9dc9c94635988b3dcd1 Mon Sep 17 00:00:00 2001 -From: xzf1234 -Date: Thu, 27 Apr 2023 15:53:15 +0800 -Subject: [PATCH] fix CVE-2023-21967 - ---- - .../provider/certpath/AdjacencyList.java | 11 ++- - .../security/provider/certpath/Builder.java | 15 ++-- - .../provider/certpath/ForwardBuilder.java | 81 ++++++++++++------- - .../provider/certpath/ForwardState.java | 34 ++------ - .../sun/security/provider/certpath/State.java | 10 +-- - .../provider/certpath/SunCertPathBuilder.java | 70 +++++++++------- - 6 files changed, 115 insertions(+), 106 deletions(-) - -diff --git a/jdk/src/share/classes/sun/security/provider/certpath/AdjacencyList.java b/jdk/src/share/classes/sun/security/provider/certpath/AdjacencyList.java -index f26919b..a29582b 100644 ---- a/jdk/src/share/classes/sun/security/provider/certpath/AdjacencyList.java -+++ b/jdk/src/share/classes/sun/security/provider/certpath/AdjacencyList.java -@@ -1,5 +1,5 @@ - /* -- * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved. -+ * Copyright (c) 2000, 2023, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it -@@ -87,7 +87,7 @@ public class AdjacencyList { - // the actual set of steps the AdjacencyList represents - private ArrayList mStepList; - -- // the original list, just for the toString method -+ // the original list, just for the toString method, just for the toString method - private List> mOrigList; - - /** -@@ -114,6 +114,13 @@ public class AdjacencyList { - return Collections.unmodifiableList(mStepList).iterator(); - } - -+ /** -+ * Returns the number of attempted paths (useful for debugging). -+ */ -+ public int numAttemptedPaths() { -+ return mOrigList.size(); -+ } -+ - /** - * Recursive, private method which actually builds the step list from - * the given adjacency list. Follow is the parent BuildStep -diff --git a/jdk/src/share/classes/sun/security/provider/certpath/Builder.java b/jdk/src/share/classes/sun/security/provider/certpath/Builder.java -index e6b5fc0..d5aba24 100644 ---- a/jdk/src/share/classes/sun/security/provider/certpath/Builder.java -+++ b/jdk/src/share/classes/sun/security/provider/certpath/Builder.java -@@ -1,5 +1,5 @@ - /* -- * Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved. -+ * Copyright (c) 2000, 2023, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it -@@ -412,8 +412,7 @@ public abstract class Builder { - - /** - * Search the specified CertStores and add all certificates matching -- * selector to resultCerts. Self-signed certs are not useful here -- * and therefore ignored. -+ * selector to resultCerts. - * - * If the targetCert criterion of the selector is set, only that cert - * is examined and the CertStores are not searched. -@@ -432,8 +431,7 @@ public abstract class Builder { - X509Certificate targetCert = selector.getCertificate(); - if (targetCert != null) { - // no need to search CertStores -- if (selector.match(targetCert) && !X509CertImpl.isSelfSigned -- (targetCert, buildParams.sigProvider())) { -+ if (selector.match(targetCert)) { - if (debug != null) { - debug.println("Builder.addMatchingCerts: " + - "adding target cert" + -@@ -452,11 +450,8 @@ public abstract class Builder { - Collection certs = - store.getCertificates(selector); - for (Certificate cert : certs) { -- if (!X509CertImpl.isSelfSigned -- ((X509Certificate)cert, buildParams.sigProvider())) { -- if (resultCerts.add((X509Certificate)cert)) { -- add = true; -- } -+ if (resultCerts.add((X509Certificate)cert)) { -+ add = true; - } - } - if (!checkAll && add) { -diff --git a/jdk/src/share/classes/sun/security/provider/certpath/ForwardBuilder.java b/jdk/src/share/classes/sun/security/provider/certpath/ForwardBuilder.java -index 56ecabf..35cba12 100644 ---- a/jdk/src/share/classes/sun/security/provider/certpath/ForwardBuilder.java -+++ b/jdk/src/share/classes/sun/security/provider/certpath/ForwardBuilder.java -@@ -1,5 +1,5 @@ - /* -- * Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved. -+ * Copyright (c) 2000, 2023, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it -@@ -48,6 +48,7 @@ import sun.security.x509.AccessDescription; - import sun.security.x509.AuthorityInfoAccessExtension; - import sun.security.x509.AuthorityKeyIdentifierExtension; - import static sun.security.x509.PKIXExtensions.*; -+import sun.security.x509.SubjectAlternativeNameExtension; - import sun.security.x509.X500Name; - import sun.security.x509.X509CertImpl; - -@@ -294,9 +295,7 @@ class ForwardBuilder extends Builder { - "\n Issuer: " + - trustedCert.getIssuerX500Principal()); - } -- if (caCerts.add(trustedCert) && !searchAllCertStores) { -- return; -- } -+ caCerts.add(trustedCert); - } - } - -@@ -675,8 +674,7 @@ class ForwardBuilder extends Builder { - * only be executed in a reverse direction are deferred until the - * complete path has been built. - * -- * Trust anchor certs are not validated, but are used to verify the -- * signature and revocation status of the previous cert. -+ * Trust anchor certs are not validated. - * - * If the last certificate is being verified (the one whose subject - * matches the target subject, then steps in 6.1.4 of the PKIX -@@ -707,17 +705,15 @@ class ForwardBuilder extends Builder { - currState.untrustedChecker.check(cert, Collections.emptySet()); - - /* -- * check for looping - abort a loop if we encounter the same -- * certificate twice -+ * Abort if we encounter the same certificate or a certificate with -+ * the same public key, subject DN, and subjectAltNames as a cert -+ * that is already in path. - */ -- if (certPathList != null) { -- for (X509Certificate cpListCert : certPathList) { -- if (cert.equals(cpListCert)) { -- if (debug != null) { -- debug.println("loop detected!!"); -- } -- throw new CertPathValidatorException("loop detected"); -- } -+ for (X509Certificate cpListCert : certPathList) { -+ if (repeated(cpListCert, cert)) { -+ throw new CertPathValidatorException( -+ "cert with repeated subject, public key, and " + -+ "subjectAltNames detected"); - } - } - -@@ -796,21 +792,48 @@ class ForwardBuilder extends Builder { - */ - KeyChecker.verifyCAKeyUsage(cert); - } -+ } - -- /* -- * the following checks are performed even when the cert -- * is a trusted cert, since we are only extracting the -- * subjectDN, and publicKey from the cert -- * in order to verify a previous cert -- */ -+ /** -+ * Return true if two certificates are equal or have the same subject, -+ * public key, and subject alternative names. -+ */ -+ private static boolean repeated( -+ X509Certificate currCert, X509Certificate nextCert) { -+ if (currCert.equals(nextCert)) { -+ return true; -+ } -+ return (currCert.getSubjectX500Principal().equals( -+ nextCert.getSubjectX500Principal()) && -+ currCert.getPublicKey().equals(nextCert.getPublicKey()) && -+ altNamesEqual(currCert, nextCert)); -+ } - -- /* -- * Check signature only if no key requiring key parameters has been -- * encountered. -- */ -- if (!currState.keyParamsNeeded()) { -- (currState.cert).verify(cert.getPublicKey(), -- buildParams.sigProvider()); -+ /** -+ * Return true if two certificates have the same subject alternative names. -+ */ -+ private static boolean altNamesEqual( -+ X509Certificate currCert, X509Certificate nextCert) { -+ X509CertImpl curr, next; -+ try { -+ curr = X509CertImpl.toImpl(currCert); -+ next = X509CertImpl.toImpl(nextCert); -+ } catch (CertificateException ce) { -+ return false; -+ } -+ -+ SubjectAlternativeNameExtension currAltNameExt = -+ curr.getSubjectAlternativeNameExtension(); -+ SubjectAlternativeNameExtension nextAltNameExt = -+ next.getSubjectAlternativeNameExtension(); -+ if (currAltNameExt != null) { -+ if (nextAltNameExt == null) { -+ return false; -+ } -+ return Arrays.equals(currAltNameExt.getExtensionValue(), -+ nextAltNameExt.getExtensionValue()); -+ } else { -+ return (nextAltNameExt == null); - } - } - -diff --git a/jdk/src/share/classes/sun/security/provider/certpath/ForwardState.java b/jdk/src/share/classes/sun/security/provider/certpath/ForwardState.java -index 2dc9e20..c96ed61 100644 ---- a/jdk/src/share/classes/sun/security/provider/certpath/ForwardState.java -+++ b/jdk/src/share/classes/sun/security/provider/certpath/ForwardState.java -@@ -1,5 +1,5 @@ - /* -- * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. -+ * Copyright (c) 2000, 2023, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it -@@ -80,10 +80,8 @@ class ForwardState implements State { - /* The list of user-defined checkers that support forward checking */ - ArrayList forwardCheckers; - -- /* Flag indicating if key needing to inherit key parameters has been -- * encountered. -- */ -- boolean keyParamsNeededFlag = false; -+ /* Flag indicating if last cert in path is self-issued */ -+ boolean selfIssued; - - /** - * Returns a boolean flag indicating if the state is initial -@@ -96,18 +94,6 @@ class ForwardState implements State { - return init; - } - -- /** -- * Return boolean flag indicating whether a public key that needs to inherit -- * key parameters has been encountered. -- * -- * @return boolean true if key needing to inherit parameters has been -- * encountered; false otherwise. -- */ -- @Override -- public boolean keyParamsNeeded() { -- return keyParamsNeededFlag; -- } -- - /** - * Display state for debugging purposes - */ -@@ -118,10 +104,10 @@ class ForwardState implements State { - sb.append("\n issuerDN of last cert: ").append(issuerDN); - sb.append("\n traversedCACerts: ").append(traversedCACerts); - sb.append("\n init: ").append(String.valueOf(init)); -- sb.append("\n keyParamsNeeded: ").append -- (String.valueOf(keyParamsNeededFlag)); - sb.append("\n subjectNamesTraversed: \n").append - (subjectNamesTraversed); -+ sb.append("\n selfIssued: ").append -+ (String.valueOf(selfIssued)); - sb.append("]\n"); - return sb.toString(); - } -@@ -166,18 +152,14 @@ class ForwardState implements State { - - X509CertImpl icert = X509CertImpl.toImpl(cert); - -- /* see if certificate key has null parameters */ -- if (PKIX.isDSAPublicKeyWithoutParams(icert.getPublicKey())) { -- keyParamsNeededFlag = true; -- } -- - /* update certificate */ - this.cert = icert; - - /* update issuer DN */ - issuerDN = cert.getIssuerX500Principal(); - -- if (!X509CertImpl.isSelfIssued(cert)) { -+ selfIssued = X509CertImpl.isSelfIssued(cert); -+ if (!selfIssued) { - - /* - * update traversedCACerts only if this is a non-self-issued -@@ -190,7 +172,7 @@ class ForwardState implements State { - - /* update subjectNamesTraversed only if this is the EE cert or if - this cert is not self-issued */ -- if (init || !X509CertImpl.isSelfIssued(cert)){ -+ if (init || !selfIssued) { - X500Principal subjName = cert.getSubjectX500Principal(); - subjectNamesTraversed.add(X500Name.asX500Name(subjName)); - -diff --git a/jdk/src/share/classes/sun/security/provider/certpath/State.java b/jdk/src/share/classes/sun/security/provider/certpath/State.java -index 93a153f..3292d65 100644 ---- a/jdk/src/share/classes/sun/security/provider/certpath/State.java -+++ b/jdk/src/share/classes/sun/security/provider/certpath/State.java -@@ -1,5 +1,5 @@ - /* -- * Copyright (c) 2000, 2001, Oracle and/or its affiliates. All rights reserved. -+ * Copyright (c) 2000, 2023, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it -@@ -62,12 +62,4 @@ interface State extends Cloneable { - * @return boolean flag indicating if the state is initial (just starting) - */ - public boolean isInitial(); -- -- /** -- * Returns a boolean flag indicating if a key lacking necessary key -- * algorithm parameters has been encountered. -- * -- * @return boolean flag indicating if key lacking parameters encountered. -- */ -- public boolean keyParamsNeeded(); - } -diff --git a/jdk/src/share/classes/sun/security/provider/certpath/SunCertPathBuilder.java b/jdk/src/share/classes/sun/security/provider/certpath/SunCertPathBuilder.java -index c1c03d8..fd4eb95 100644 ---- a/jdk/src/share/classes/sun/security/provider/certpath/SunCertPathBuilder.java -+++ b/jdk/src/share/classes/sun/security/provider/certpath/SunCertPathBuilder.java -@@ -1,5 +1,5 @@ - /* -- * Copyright (c) 2000, 2021, Oracle and/or its affiliates. All rights reserved. -+ * Copyright (c) 2000, 2023, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it -@@ -42,6 +42,7 @@ import javax.security.auth.x500.X500Principal; - - import sun.security.provider.certpath.PKIX.BuilderParams; - import static sun.security.x509.PKIXExtensions.*; -+import sun.security.x509.X509CertImpl; - import sun.security.util.Debug; - - /** -@@ -130,18 +131,21 @@ public final class SunCertPathBuilder extends CertPathBuilderSpi { - List> adjList = new ArrayList<>(); - PKIXCertPathBuilderResult result = buildCertPath(false, adjList); - if (result == null) { -- if (debug != null) { -- debug.println("SunCertPathBuilder.engineBuild: 2nd pass; " + -+ if (buildParams.certStores().size() > 1 || Builder.USE_AIA) { -+ if (debug != null) { -+ debug.println("SunCertPathBuilder.engineBuild: 2nd pass; " + - "try building again searching all certstores"); -+ } -+ // try again -+ adjList.clear(); -+ result = buildCertPath(true, adjList); -+ if (result != null) { -+ return result; -+ } - } -- // try again -- adjList.clear(); -- result = buildCertPath(true, adjList); -- if (result == null) { -- throw new SunCertPathBuilderException("unable to find valid " -- + "certification path to requested target", -- new AdjacencyList(adjList)); -- } -+ throw new SunCertPathBuilderException("unable to find valid " -+ + "certification path to requested target", -+ new AdjacencyList(adjList)); - } - return result; - } -@@ -270,8 +274,8 @@ public final class SunCertPathBuilder extends CertPathBuilderSpi { - /* - * For each cert in the collection, verify anything - * that hasn't been checked yet (signature, revocation, etc) -- * and check for loops. Call depthFirstSearchForward() -- * recursively for each good cert. -+ * and check for certs with repeated public key and subject. -+ * Call depthFirstSearchForward() recursively for each good cert. - */ - - vertices: -@@ -346,26 +350,24 @@ public final class SunCertPathBuilder extends CertPathBuilderSpi { - checkers.add(new AlgorithmChecker(builder.trustAnchor, - buildParams.timestamp(), buildParams.variant())); - -- BasicChecker basicChecker = null; -- if (nextState.keyParamsNeeded()) { -- PublicKey rootKey = cert.getPublicKey(); -- if (builder.trustAnchor.getTrustedCert() == null) { -- rootKey = builder.trustAnchor.getCAPublicKey(); -- if (debug != null) -- debug.println( -- "SunCertPathBuilder.depthFirstSearchForward " + -- "using buildParams public key: " + -- rootKey.toString()); -- } -- TrustAnchor anchor = new TrustAnchor -- (cert.getSubjectX500Principal(), rootKey, null); -+ PublicKey rootKey = cert.getPublicKey(); -+ if (builder.trustAnchor.getTrustedCert() == null) { -+ rootKey = builder.trustAnchor.getCAPublicKey(); -+ if (debug != null) -+ debug.println( -+ "SunCertPathBuilder.depthFirstSearchForward " + -+ "using buildParams public key: " + -+ rootKey.toString()); -+ } -+ TrustAnchor anchor = new TrustAnchor -+ (cert.getSubjectX500Principal(), rootKey, null); - -- // add the basic checker -- basicChecker = new BasicChecker(anchor, buildParams.date(), -+ // add the basic checker -+ BasicChecker basicChecker = new BasicChecker(anchor, -+ buildParams.date(), - buildParams.sigProvider(), - true); -- checkers.add(basicChecker); -- } -+ checkers.add(basicChecker); - - buildParams.setCertPath(cf.generateCertPath(appendedCerts)); - -@@ -511,6 +513,14 @@ public final class SunCertPathBuilder extends CertPathBuilderSpi { - policyTreeResult = policyChecker.getPolicyTree(); - return; - } else { -+ // If successive certs are self-issued, don't continue search -+ // on this branch. -+ if (currentState.selfIssued && X509CertImpl.isSelfIssued(cert)) { -+ if (debug != null) { -+ debug.println("Successive certs are self-issued"); -+ } -+ return; -+ } - builder.addCertToPath(cert, cpList); - } - --- -2.33.1.windows.1 - diff --git a/fix-log-bug-enhance-aes-hmac-performance.patch b/fix-log-bug-enhance-aes-hmac-performance.patch index 6f42559b23943815edc84ecea5f6e3e1b93d3310..c4110a17189c104a70107927ecc75b781e52fa47 100644 --- a/fix-log-bug-enhance-aes-hmac-performance.patch +++ b/fix-log-bug-enhance-aes-hmac-performance.patch @@ -1,11 +1,7 @@ From f08447dcb86c2637fc306de73572c5d8de14520f Mon Sep 17 00:00:00 2001 -From: zhangyipeng Date: Tue, 16 Mar 2021 10:11:31 +0800 Subject: [PATCH] [Huawei]fix log bug && enhance aes/hmac performance - - -Signed-off-by: He Dongbo --- common/autoconf/generated-configure.sh | 44 ++++++----- common/autoconf/toolchain_windows.m4 | 20 +++-- @@ -182,19 +178,6 @@ index a405eb336..e5aed4418 100644 !if "$(BUILDARCH)" == "i486" LD_FLAGS = $(SAFESEH_FLAG) $(LD_FLAGS) !endif -diff --git a/hotspot/make/windows/makefiles/vm.make b/hotspot/make/windows/makefiles/vm.make -index 082232719..b46354a5e 100644 ---- a/hotspot/make/windows/makefiles/vm.make -+++ b/hotspot/make/windows/makefiles/vm.make -@@ -129,7 +129,7 @@ CXX_DONT_USE_PCH=/D DONT_USE_PRECOMPILED_HEADER - - !if "$(USE_PRECOMPILED_HEADER)" != "0" - CXX_USE_PCH=/Fp"vm.pch" /Yu"precompiled.hpp" --!if "$(COMPILER_NAME)" == "VS2012" || "$(COMPILER_NAME)" == "VS2013" || "$(COMPILER_NAME)" == "VS2015" || "$(COMPILER_NAME)" == "VS2017" -+!if "$(COMPILER_NAME)" == "VS2012" || "$(COMPILER_NAME)" == "VS2013" || "$(COMPILER_NAME)" == "VS2015" || "$(COMPILER_NAME)" == "VS2017" || "$(COMPILER_NAME)" == "VS2019" - # VS2012 and later require this object file to be listed: - LD_FLAGS=$(LD_FLAGS) _build_pch_file.obj - !endif diff --git a/hotspot/src/share/vm/runtime/os.cpp b/hotspot/src/share/vm/runtime/os.cpp index f5182ea75..3242c6666 100644 --- a/hotspot/src/share/vm/runtime/os.cpp diff --git a/fix-the-issue-that-cert-of-geotrustglobalca-expired.patch b/fix-the-issue-that-cert-of-geotrustglobalca-expired.patch new file mode 100644 index 0000000000000000000000000000000000000000..2e16b8254ba16fa86228d6877108c3fcde82dfc4 --- /dev/null +++ b/fix-the-issue-that-cert-of-geotrustglobalca-expired.patch @@ -0,0 +1,68 @@ +From bffc13e0e35ff04fea1ef2af74615c7c5b287c27 Mon Sep 17 00:00:00 2001 +From: wanghao_hw +Date: Fri, 24 Mar 2023 15:47:35 +0800 +Subject: [PATCH] fix the issue that cert of geotrustglobalca expired. + +--- + jdk/make/data/cacerts/geotrustglobalca | 27 ------------------- + .../security/lib/cacerts/VerifyCACerts.java | 7 ++--- + 2 files changed, 2 insertions(+), 32 deletions(-) + delete mode 100644 jdk/make/data/cacerts/geotrustglobalca + +diff --git a/jdk/make/data/cacerts/geotrustglobalca b/jdk/make/data/cacerts/geotrustglobalca +deleted file mode 100644 +index 7f8bf9a66..000000000 +--- a/jdk/make/data/cacerts/geotrustglobalca ++++ /dev/null +@@ -1,27 +0,0 @@ +-Owner: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US +-Issuer: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US +-Serial number: 23456 +-Valid from: Tue May 21 04:00:00 GMT 2002 until: Sat May 21 04:00:00 GMT 2022 +-Signature algorithm name: SHA1withRSA +-Subject Public Key Algorithm: 2048-bit RSA key +-Version: 3 +------BEGIN CERTIFICATE----- +-MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT +-MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i +-YWwgQ0EwHhcNMDIwNTIxMDQwMDAwWhcNMjIwNTIxMDQwMDAwWjBCMQswCQYDVQQG +-EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMSR2VvVHJ1c3Qg +-R2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2swYYzD9 +-9BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9mOSm9BXiLnTjoBbdq +-fnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIuT8rxh0PBFpVXLVDv +-iS2Aelet8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6cJmTM386DGXHKTubU +-1XupGc1V3sjs0l44U+VcT4wt/lAjNvxm5suOpDkZALeVAjmRCw7+OC7RHQWa9k0+ +-bw8HHa8sHo9gOeL6NlMTOdReJivbPagUvTLrGAMoUgRx5aszPeE4uwc2hGKceeoW +-MPRfwCvocWvk+QIDAQABo1MwUTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTA +-ephojYn7qwVkDBF9qn1luMrMTjAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1l +-uMrMTjANBgkqhkiG9w0BAQUFAAOCAQEANeMpauUvXVSOKVCUn5kaFOSPeCpilKIn +-Z57QzxpeR+nBsqTP3UEaBU6bS+5Kb1VSsyShNwrrZHYqLizz/Tt1kL/6cdjHPTfS +-tQWVYrmm3ok9Nns4d0iXrKYgjy6myQzCsplFAMfOEVEiIuCl6rYVSAlk6l5PdPcF +-PseKUgzbFbS9bZvlxrFUaKnjaZC2mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Un +-hw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6pXE0zX5IJL4hmXXeXxx12E6nV +-5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvmMw== +------END CERTIFICATE----- +diff --git a/jdk/test/sun/security/lib/cacerts/VerifyCACerts.java b/jdk/test/sun/security/lib/cacerts/VerifyCACerts.java +index c1423dc5b..8bca06c52 100644 +--- a/jdk/test/sun/security/lib/cacerts/VerifyCACerts.java ++++ b/jdk/test/sun/security/lib/cacerts/VerifyCACerts.java +@@ -111,8 +111,6 @@ public class VerifyCACerts { + "7E:37:CB:8B:4C:47:09:0C:AB:36:55:1B:A6:F4:5D:B8:40:68:0F:BA:16:6A:95:2D:B1:00:71:7F:43:05:3F:C2"); + put("digicerthighassuranceevrootca [jdk]", + "74:31:E5:F4:C3:C1:CE:46:90:77:4F:0B:61:E0:54:40:88:3B:A9:A0:1E:D0:0B:A6:AB:D7:80:6E:D3:B1:18:CF"); +- put("geotrustglobalca [jdk]", +- "FF:85:6A:2D:25:1D:CD:88:D3:66:56:F4:50:12:67:98:CF:AB:AA:DE:40:79:9C:72:2D:E4:D2:B5:DB:36:A7:3A"); + put("geotrustprimaryca [jdk]", + "37:D5:10:06:C5:12:EA:AB:62:64:21:F1:EC:8C:92:01:3F:C5:F8:2A:E9:8E:E5:33:EB:46:19:B8:DE:B4:D0:6C"); + put("geotrustprimarycag2 [jdk]", +@@ -242,7 +240,6 @@ public class VerifyCACerts { + private static final HashSet EXPIRY_EXC_ENTRIES = new HashSet() { + { + // Valid until: Sat May 21 04:00:00 GMT 2022 +- add("geotrustglobalca [jdk]"); + } + }; + +-- +2.39.0 + diff --git a/fix_X509TrustManagerImpl_symantec_distrust.patch b/fix_X509TrustManagerImpl_symantec_distrust.patch index 5ff273d601590b1792daf6e352851a4fb7718929..e26a88213e6afeb5a681171da86b43affb346de5 100644 --- a/fix_X509TrustManagerImpl_symantec_distrust.patch +++ b/fix_X509TrustManagerImpl_symantec_distrust.patch @@ -46,7 +46,7 @@ index 54e1bfa0d..c1423dc5b 100644 // shasum -a 256 cacerts | sed -e 's/../&:/g' | tr '[:lower:]' '[:upper:]' | cut -c1-95 private static final String CHECKSUM - = "2D:04:88:6C:52:53:54:EB:38:2D:BC:E0:AF:B7:82:F4:9E:32:A8:1A:1B:A3:AE:CF:25:CB:C2:F6:0F:4E:E1:20"; -+ = "D3:05:21:64:FA:D7:CD:29:E8:CB:57:E7:47:ED:79:9B:47:D8:0E:75:2D:CA:83:BB:86:AF:D9:43:FD:3E:17:85"; ++ = "DE:42:B4:05:C8:64:19:5A:16:14:D8:F2:04:DE:66:D6:1B:86:BD:D3:F7:05:75:31:4F:B5:23:FE:8D:58:0B:49"; // map of cert alias to SHA-256 fingerprint @SuppressWarnings("serial") diff --git a/jcmd-mnt-add-start-time-and-end-time.patch b/jcmd-mnt-add-start-time-and-end-time.patch new file mode 100644 index 0000000000000000000000000000000000000000..ea86acb2de7c88ab080ac4aa987edbc6ac9f0665 --- /dev/null +++ b/jcmd-mnt-add-start-time-and-end-time.patch @@ -0,0 +1,114 @@ +From d16c3a864883eade51aac931db1ff403e90ac959 Mon Sep 17 00:00:00 2001 +From: z30010524 +Date: Tue, 7 Feb 2023 15:31:05 +0000 +Subject: [PATCH 08/15] jcmd mnt add start time and end time + +DTS/AR: AR.SR.02ce7e6e.001 +Summary: :jcmd mnt add start time and end time +LLT: NA +Patch Type:huawei +Bug url: NA +--- + hotspot/src/share/vm/services/memReporter.cpp | 15 ++++++++++++++- + hotspot/src/share/vm/services/nmtDCmd.cpp | 14 +++++++++++++- + hotspot/src/share/vm/services/nmtDCmd.hpp | 9 +++++++++ + 3 files changed, 36 insertions(+), 2 deletions(-) + +diff --git a/hotspot/src/share/vm/services/memReporter.cpp b/hotspot/src/share/vm/services/memReporter.cpp +index a324890d3..8ea363805 100644 +--- a/hotspot/src/share/vm/services/memReporter.cpp ++++ b/hotspot/src/share/vm/services/memReporter.cpp +@@ -24,6 +24,7 @@ + #include "precompiled.hpp" + + #include "memory/allocation.hpp" ++#include "services/nmtDCmd.hpp" + #include "services/mallocTracker.hpp" + #include "services/memReporter.hpp" + #include "services/virtualMemoryTracker.hpp" +@@ -294,7 +295,19 @@ void MemDetailReporter::report_virtual_memory_region(const ReservedMemoryRegion* + void MemSummaryDiffReporter::report_diff() { + const char* scale = current_scale(); + outputStream* out = output(); +- out->print_cr("\nNative Memory Tracking:\n"); ++ time_t startTime = NMTDCmd::get_start_time(); ++ time_t endTime = time(0); ++ struct tm endTimeTm = {0}; ++ if (localtime_r(&endTime, &endTimeTm) == NULL) { ++ out->print_cr("\nNative Memory Tracking:\n"); ++ } else { ++ out->print_cr("\nNative Memory Tracking: end time is %d-%02d-%02d %02d:%02d:%02d, elapsed time is %d secs\n", ++ static_cast(endTimeTm.tm_year) + START_YEAR, ++ static_cast(endTimeTm.tm_mon) + 1, ++ static_cast(endTimeTm.tm_mday), static_cast(endTimeTm.tm_hour), ++ static_cast(endTimeTm.tm_min), static_cast(endTimeTm.tm_sec), ++ static_cast(endTime - startTime)); ++ } + + // Overall diff + out->print("Total: "); +diff --git a/hotspot/src/share/vm/services/nmtDCmd.cpp b/hotspot/src/share/vm/services/nmtDCmd.cpp +index 2635bbb6e..417a58c59 100644 +--- a/hotspot/src/share/vm/services/nmtDCmd.cpp ++++ b/hotspot/src/share/vm/services/nmtDCmd.cpp +@@ -73,6 +73,7 @@ size_t NMTDCmd::get_scale(const char* scale) const { + return NMTUtil::scale_from_name(scale); + } + ++time_t NMTDCmd::_start_time = 0; + void NMTDCmd::execute(DCmdSource source, TRAPS) { + // Check NMT state + // native memory tracking has to be on +@@ -128,7 +129,18 @@ void NMTDCmd::execute(DCmdSource source, TRAPS) { + if (!baseline.baseline(MemTracker::tracking_level() != NMT_detail)) { + output()->print_cr("Baseline failed"); + } else { +- output()->print_cr("Baseline succeeded"); ++ NMTDCmd::set_start_time(time(0)); ++ time_t startTime = NMTDCmd::get_start_time(); ++ struct tm startTimeTm = {0}; ++ if (localtime_r(&startTime, &startTimeTm) == NULL) { ++ output()->print_cr("Baseline succeeded"); ++ } else { ++ output()->print_cr("Baseline succeeded, start time is %d-%02d-%02d %02d:%02d:%02d", ++ static_cast(startTimeTm.tm_year) + START_YEAR, ++ static_cast(startTimeTm.tm_mon) + 1, ++ static_cast(startTimeTm.tm_mday), static_cast(startTimeTm.tm_hour), ++ static_cast(startTimeTm.tm_min), static_cast(startTimeTm.tm_sec)); ++ } + } + } else if (_summary_diff.value()) { + MemBaseline& baseline = MemTracker::get_baseline(); +diff --git a/hotspot/src/share/vm/services/nmtDCmd.hpp b/hotspot/src/share/vm/services/nmtDCmd.hpp +index df1ab367f..fc7af5c8d 100644 +--- a/hotspot/src/share/vm/services/nmtDCmd.hpp ++++ b/hotspot/src/share/vm/services/nmtDCmd.hpp +@@ -32,6 +32,8 @@ + #include "services/memBaseline.hpp" + #include "services/mallocTracker.hpp" + ++const int START_YEAR = 1900; // tm struct, the number of years since 1900. ++ + /** + * Native memory tracking DCmd implementation + */ +@@ -61,9 +63,16 @@ class NMTDCmd: public DCmdWithParser { + return p; + } + static int num_arguments(); ++ static void set_start_time(const time_t &time) { ++ _start_time = time; ++ } ++ static time_t get_start_time() { ++ return _start_time; ++ } + virtual void execute(DCmdSource source, TRAPS); + + private: ++ static time_t _start_time; + void report(bool summaryOnly, size_t scale); + void report_diff(bool summaryOnly, size_t scale); + +-- +2.19.0 + diff --git a/jdk8u-jdk8u362-b09.tar.xz b/jdk8u-jdk8u372-b07.tar.xz similarity index 82% rename from jdk8u-jdk8u362-b09.tar.xz rename to jdk8u-jdk8u372-b07.tar.xz index 6d219adbd6a9d9b457afd87672fc03a9178dcab8..56f3f61a7365fc26295c02d0f6bdc1414de0cdb8 100644 Binary files a/jdk8u-jdk8u362-b09.tar.xz and b/jdk8u-jdk8u372-b07.tar.xz differ diff --git a/openjdk-1.8.0.spec b/openjdk-1.8.0.spec index e3aa08898e213fec91909071e15f96dbee05d644..bc1cc2c93afe063990435c3c3a01fc402900ae97 100644 --- a/openjdk-1.8.0.spec +++ b/openjdk-1.8.0.spec @@ -146,13 +146,13 @@ %global origin_nice OpenJDK %global top_level_dir_name %{origin} %global repo jdk8u -%global revision jdk8u362-b09 +%global revision jdk8u372-b07 %global full_revision %{repo}-%{revision} # Define IcedTea version used for SystemTap tapsets and desktop files %global icedteaver 3.15.0 -%global updatever 362 -%global buildver b09 +%global updatever 372 +%global buildver b07 # priority must be 7 digits in total. The expression is workarounding tip %global priority 1800%{updatever} @@ -916,7 +916,7 @@ Provides: java-%{javaver}-%{origin}-accessibility%{?1} = %{epoch}:%{version}-%{r Name: java-%{javaver}-%{origin} Version: %{javaver}.%{updatever}.%{buildver} -Release: 6 +Release: 0 # java-1.5.0-ibm from jpackage.org set Epoch to 1 for unknown reasons # and this change was brought into RHEL-4. java-1.5.0-ibm packages # also included the epoch in their virtual provides. This created a @@ -996,7 +996,6 @@ Patch67: 8165860.patch Patch70: 8164948.patch # 8u242 -Patch75: Add-ability-to-configure-third-port-for-remote-JMX.patch Patch83: 8204947.patch Patch85: 8139041.patch @@ -1145,14 +1144,10 @@ Patch259: fix-dumped-heap-using-jhat-parsing-to-appear-failed-to-resolve-object- Patch261: revert-fPIC-and-security-compilation-flag-on.patch Patch262: add-configuration-option-of-huawei-internal-version-shown-in-release-file.patch Patch263: The-code-style-is-fixed-and-test-cases-are-added.patch -Patch264: 8287109-Distrust-failed-with-CertificateExpired.patch # 8u352 Patch265: cve-2022-37434-Fix-a-bug-when-getting-a-gzip-header-extra-field-with-inflate.patch Patch266: 8065895-Synchronous-signals-during-error-reporting-may-terminate-or-hang-vm-process.patch -Patch267: Huawei-fix-windows-build-Dynamic-CDS-failure.patch -Patch268: 8296480-Fix-the-problem-that-the-TestPolicy.java-cas.patch -Patch269: 8296485-BuildEEBasicConstraints.java-test-fails-with.patch Patch273: 8257695-linux-Add-process-memory-information-to-hs-e.patch Patch274: 8261167-print_process_memory_info-add-a-close-call-a.patch Patch275: 8268893-jcmd-to-trim-the-glibc-heap.patch @@ -1184,9 +1179,15 @@ Patch298: Add-CMS-s-trim-test-cases-and-fix-failure.patch Patch299: Disable-cds-on-x86-32.patch Patch300: Disable-no-compressedOop-cds-on-x86-32.patch Patch301: fix-SUSE-x86_32-build-failure.patch -Patch302: fix-CVE-2023-21930.patch -Patch303: fix-CVE-2023-21954.patch -Patch304: fix-CVE-2023-21967.patch + +# 8u372 +Patch305: fix-the-issue-that-cert-of-geotrustglobalca-expired.patch +Patch306: 8074354-Make-CreateMinidumpOnCrash-a-new-name-and-av.patch +Patch307: jcmd-mnt-add-start-time-and-end-time.patch +Patch308: Fix-localtime_r-not-defined-on-windows.patch +Patch309: 8057743-process-Synchronize-exiting-of-threads-and-p.patch +Patch310: 8305541-C2-Div-Mod-nodes-without-zero-check-could-be.patch + ############################################# # @@ -1547,7 +1548,6 @@ pushd %{top_level_dir_name} %patch63 -p1 %patch67 -p1 %patch70 -p1 -%patch75 -p1 %patch83 -p1 %patch85 -p1 %patch86 -p1 @@ -1674,12 +1674,8 @@ pushd %{top_level_dir_name} %patch261 -p1 %patch262 -p1 %patch263 -p1 -%patch264 -p1 %patch265 -p1 %patch266 -p1 -%patch267 -p1 -%patch268 -p1 -%patch269 -p1 %patch273 -p1 %patch274 -p1 %patch275 -p1 @@ -1709,9 +1705,12 @@ pushd %{top_level_dir_name} %patch299 -p1 %patch300 -p1 %patch301 -p1 -%patch302 -p1 -%patch303 -p1 -%patch304 -p1 +%patch305 -p1 +%patch306 -p1 +%patch307 -p1 +%patch308 -p1 +%patch309 -p1 +%patch310 -p1 popd # System library fixes @@ -2336,6 +2335,32 @@ cjc.mainProgram(arg) %endif %changelog +* Fri May 10 2023 crash888 - 1:1.8.0.372-b07.0 +- deleted Add-ability-to-configure-third-port-for-remote-JMX.patch +- deleted 8287109-Distrust-failed-with-CertificateExpired.patch +- deleted Huawei-fix-windows-build-Dynamic-CDS-failure.patch +- deleted 8296480-Fix-the-problem-that-the-TestPolicy.java-cas.patch +- deleted 8296485-BuildEEBasicConstraints.java-test-fails-with.patch +- deleted fix-CVE-2023-21930.patch +- deleted fix-CVE-2023-21954.patch +- deleted fix-CVE-2023-21967.patch +- modified 8202951-Support-default-jsa.patch +- modified 8204595-add-more-thread-related-system-settings-info.patch +- modified 8257695-linux-Add-process-memory-information-to-hs-e.patch +- modified add-appcds-test-case.patch +- modified fix-log-bug-enhance-aes-hmac-performance.patch +- modified Test8167409.sh-fails-to-run-with-32bit-jdk-on-64bit-.patch +- modified update-cacerts-and-VerifyCACerts.java-test.patch +- modified add-missing-test-case.patch +- add fix-the-issue-that-cert-of-geotrustglobalca-expired.patch +- modified fix_X509TrustManagerImpl_symantec_distrust.patch +- add 8074354-Make-CreateMinidumpOnCrash-a-new-name-and-av.patch +- add jcmd-mnt-add-start-time-and-end-time.patch +- add Fix-localtime_r-not-defined-on-windows.patch +- add 8057743-process-Synchronize-exiting-of-threads-and-p.patch +- add 8305541-C2-Div-Mod-nodes-without-zero-check-could-be.patch +- upgrade to jdk8u372-b07 + * Fri Apr 28 2023 yangjing - 1:1.8.0.362.b09-6 - fix CVE-2023-21967. diff --git a/update-cacerts-and-VerifyCACerts.java-test.patch b/update-cacerts-and-VerifyCACerts.java-test.patch index 424d2f552982a1c075673ec11a2466a51f457c0e..1bb9fda7f2da4c15b623d3fad57842608aa98a5d 100644 --- a/update-cacerts-and-VerifyCACerts.java-test.patch +++ b/update-cacerts-and-VerifyCACerts.java-test.patch @@ -1,11 +1,7 @@ From 1125b6be8c484b41b46954a38b6e01861157b6d7 Mon Sep 17 00:00:00 2001 -From: zhangyipeng Date: Tue, 20 Apr 2021 10:40:35 +0800 Subject: [PATCH] [Huawei]update cacerts and VerifyCACerts.java test -Offering: Cloud Compiler JDK - -Signed-off-by: Wang Kun --- jdk/make/data/cacerts/addtrustexternalca | 32 ----------------- jdk/make/data/cacerts/addtrustqualifiedca | 32 ----------------- @@ -261,13 +257,13 @@ index dd107fc..791ddb6 100644 + File.separator + "security" + File.separator + "cacerts"; // The numbers of certs now. -- private static final int COUNT = 89; +- private static final int COUNT = 90; + private static final int COUNT = 83; // SHA-256 of cacerts, can be generated with // shasum -a 256 cacerts | sed -e 's/../&:/g' | tr '[:lower:]' '[:upper:]' | cut -c1-95 private static final String CHECKSUM -- = "CC:AD:BB:49:70:97:3F:42:AD:73:91:A0:A2:C4:B8:AA:D1:95:59:F3:B3:22:09:2A:1F:2C:AB:04:47:08:EF:AA"; +- = "21:8C:35:29:4C:E2:49:D2:83:30:DF:8B:5E:39:F8:8C:D6:C5:2B:59:05:32:74:E5:79:A5:91:9F:3C:57:B9:E3"; + = "2D:04:88:6C:52:53:54:EB:38:2D:BC:E0:AF:B7:82:F4:9E:32:A8:1A:1B:A3:AE:CF:25:CB:C2:F6:0F:4E:E1:20"; // map of cert alias to SHA-256 fingerprint