diff --git a/.gitignore b/.gitignore
index 477a337..3ca8fbe 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,2 @@
-SOURCES/shenandoah-jdk11-shenandoah-jdk-11.0.7+10.tar.xz
-SOURCES/systemtap_3.2_tapsets_hg-icedtea8-9d464368e06d.tar.xz
+SOURCES/shenandoah-jdk11-shenandoah-jdk-11.0.6+10-4curve.tar.xz
+SOURCES/tapsets-icedtea-3.15.0.tar.xz
diff --git a/.java-11-openjdk.metadata b/.java-11-openjdk.metadata
index be1cc33..a477770 100644
--- a/.java-11-openjdk.metadata
+++ b/.java-11-openjdk.metadata
@@ -1,2 +1,2 @@
-39ab7cbe6b338f041ff3c1bc79038120c2142e53 SOURCES/shenandoah-jdk11-shenandoah-jdk-11.0.7+10.tar.xz
-cd8bf91753b9eb1401cfc529e78517105fc66011 SOURCES/systemtap_3.2_tapsets_hg-icedtea8-9d464368e06d.tar.xz
+770fb5e2a0c18da9239ffdd4d0511fb0f5a6a2b6 SOURCES/shenandoah-jdk11-shenandoah-jdk-11.0.6+10-4curve.tar.xz
+7ae2cba67467825b2c2a5fec7aea041865023002 SOURCES/tapsets-icedtea-3.15.0.tar.xz
diff --git a/SOURCES/NEWS b/SOURCES/NEWS
deleted file mode 100644
index 6a269f1..0000000
--- a/SOURCES/NEWS
+++ /dev/null
@@ -1,369 +0,0 @@
-Key:
-
-JDK-X - https://bugs.openjdk.java.net/browse/JDK-X
-CVE-XXXX-YYYY: https://cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY
-
-New in release OpenJDK 11.0.7 (2020-04-14):
-===========================================
-Live versions of these release notes can be found at:
- * https://bitly.com/oj1107
- * https://builds.shipilev.net/backports-monitor/release-notes-11.0.7.txt
-
-* Security fixes
- - JDK-8223898, CVE-2020-2754: Forward references to Nashorn
- - JDK-8223904, CVE-2020-2755: Improve Nashorn matching
- - JDK-8224541, CVE-2020-2756: Better mapping of serial ENUMs
- - JDK-8224549, CVE-2020-2757: Less Blocking Array Queues
- - JDK-8225603: Enhancement for big integers
- - JDK-8226346: Build better binary builders
- - JDK-8227467: Better class method invocations
- - JDK-8227542: Manifest improved jar headers
- - JDK-8229733: TLS message handling improvements
- - JDK-8231415, CVE-2020-2773: Better signatures in XML
- - JDK-8231785: Improved socket permissions
- - JDK-8232424, CVE-2020-2778: More constrained algorithms
- - JDK-8232581, CVE-2020-2767: Improve TLS verification
- - JDK-8233250: Better X11 rendering
- - JDK-8233410: Better Build Scripting
- - JDK-8234027: Better JCEKS key support
- - JDK-8234408, CVE-2020-2781: Improve TLS session handling
- - JDK-8234825, CVE-2020-2800: Better Headings for HTTP Servers
- - JDK-8234841, CVE-2020-2803: Enhance buffering of byte buffers
- - JDK-8235274, CVE-2020-2805: Enhance typing of methods
- - JDK-8235691, CVE-2020-2816: Enhance TLS connectivity
- - JDK-8236201, CVE-2020-2830: Better Scanner conversions
- - JDK-8238960: linux-i586 builds are inconsistent as the newly build jdk is not able to reserve enough space for object heap
-* Other changes
- - JDK-4919790: Errors in alert ssl message does not reflect the actual certificate status
- - JDK-4949105: Access Bridge lacks html tags parsing
- - JDK-7092821: java.security.Provider.getService() is synchronized and became scalability bottleneck
- - JDK-7143743: Potential memory leak with zip provider
- - JDK-8005819: Support cross-realm MSSFU
- - JDK-8042383: [TEST_BUG] Test javax/swing/plaf/basic/BasicMenuUI/4983388/bug4983388.java fails with shortcuts on menus do not work
- - JDK-8068184: Fix for JDK-8032832 caused a deadlock
- - JDK-8145845: [AOT] NullPointerException in compiler/whitebox/GetCodeHeapEntriesTest.java
- - JDK-8152988: [AOT] Update test batch definitions to include aot-ed java.base module mode into hs-comp testing
- - JDK-8160926: FLAGS_COMPILER_CHECK_ARGUMENTS doesn't handle cross-compilation
- - JDK-8163083: SocketListeningConnector does not allow invocations with port 0
- - JDK-8163251: Hard coded loop limit prevents reading of smart card data greater than 8k
- - JDK-8167276: jvmci/compilerToVM/MaterializeVirtualObjectTest.java fails with -XX:-EliminateAllocations
- - JDK-8169718: nsk/jdb/locals/locals002: ERROR: Cannot find boolVar with expected value: false
- - JDK-8176556: java/awt/dnd/ImageTransferTest/ImageTransferTest.java fails for JFIF
- - JDK-8178798: Two compiler/aot/verification/vmflags tests fail by timeout with UseAVX=3
- - JDK-8183107: PKCS11 regression regarding checkKeySize
- - JDK-8185005: Improve performance of ThreadMXBean.getThreadInfo(long ids[], int maxDepth)
- - JDK-8189633: Missing -Xcheck:jni checking for DeleteWeakGlobalRef
- - JDK-8189861: Refactor CacheFind
- - JDK-8193042: NativeLookup::lookup_critical_entry() should only load shared library once
- - JDK-8193596: java/net/DatagramPacket/ReuseBuf.java failed due to timeout
- - JDK-8194944: Regression automated test 'open/test/jdk/javax/swing/JInternalFrame/8145896/TestJInternalFrameMaximize.java' fails
- - JDK-8196467: javax/swing/JInternalFrame/Test6325652.java fails
- - JDK-8196969: JTreg Failure: serviceability/sa/ClhsdbJstack.java causes NPE
- - JDK-8198321: javax/swing/JEditorPane/5076514/bug5076514.java fails
- - JDK-8198398: Test javax/swing/JColorChooser/Test6199676.java fails in mach5
- - JDK-8199072: Test javax/swing/GroupLayout/6613904/bug6613904.java is unstable
- - JDK-8200432: javadoc fails with ClassCastException on {@link byte[]}
- - JDK-8201349: build broken when configured with --with-zlib=bundled on gcc 7.3
- - JDK-8201355: Avoid native memory allocation in sun.security.mscapi.PRNG.generateSeed
- - JDK-8201513: nsk/jvmti/IterateThroughHeap/filter-* are broken
- - JDK-8203364: Some serviceability/sa/ tests intermittently fail with java.io.IOException: LingeredApp terminated with non-zero exit code 3
- - JDK-8203687: javax/net/ssl/compatibility/Compatibility.java supports TLS 1.3
- - JDK-8203904: javax/swing/JSplitPane/4816114/bug4816114.java: The divider location is wrong
- - JDK-8203911: Test runtime/modules/getModuleJNI/GetModule fails with -Xcheck:jni
- - JDK-8204525: [TESTBUG] runtime/NMT/MallocStressTest.java ran out of java heap
- - JDK-8204529: gc/TestAllocateHeapAtMultiple.java fail with Agent 7 timed out
- - JDK-8204551: Event descriptions are truncated in logs
- - JDK-8206963: [AOT] bug with multiple class loaders
- - JDK-8207367: 10 vmTestbase/nsk/jdi tests timed out when running with jtreg
- - JDK-8207832: serviceability/sa/ClhsdbCDSCore.java failed with "Couldn't find core file location"
- - JDK-8207938: At step6,Click Add button,case failed automatically.
- - JDK-8208157: requires.VMProps throws NPE for missing properties in "release" file
- - JDK-8208379: compiler/jvmci/events/JvmciNotifyInstallEventTest.java failed with "Got unexpected event count after 2nd install attempt: expected 9 to equal 2"
- - JDK-8208658: Make CDS archived heap regions usable even if compressed oop encoding has changed
- - JDK-8208715: Conversion of milliseconds to nanoseconds in UNIXProcess contains bug
- - JDK-8209361: [AOT] Unexpected number of references for JVMTI_HEAP_REFERENCE_CONSTANT_POOL [111-->111]: 0 (expected at least 1)
- - JDK-8209385: CDS runtime classpath checking is too strict when only classes from the system modules are archived
- - JDK-8209389: SIGSEGV in WalkOopAndArchiveClosure::do_oop_work.
- - JDK-8209418: Synchronize test/jdk/sanity/client/lib/jemmy with code-tools/jemmy/v2
- - JDK-8209494: Create a test for SwingSet InternalFrameDemo
- - JDK-8209499: Create test for SwingSet EditorPaneDemo
- - JDK-8209574: [AOT] breakpoint events are generated in different threads does not meet expected count
- - JDK-8209686: cleanup arguments to PhaseIdealLoop() constructor
- - JDK-8209789: Synchronize test/jdk/sanity/client/lib/jemmy with code-tools/jemmy/v2
- - JDK-8209802: Garbage collectors should register JFR types themselves to avoid build errors.
- - JDK-8209807: improve handling exception in requires.VMProps
- - JDK-8209817: stack is executable when building with Clang on Linux
- - JDK-8209824: Improve the code coverage for ThreadLocal
- - JDK-8209826: Undefined reference to os::write after JDK-8209657 (filemap.hpp cleanup)
- - JDK-8209850: Allow NamedThreads to use GlobalCounter critical sections
- - JDK-8209976: Improve iteration over non-JavaThreads
- - JDK-8209993: Create a test for SwingSet3 ToolTipDemo
- - JDK-8210024: JFR calls virtual is_Java_thread from ~Thread()
- - JDK-8210052: Enable testing for all the available look and feels in SwingSet3 demo tests
- - JDK-8210055: Enable different look and feel tests in SwingSet3 demo tests
- - JDK-8210057: Enable different look and feels in SwingSet3 demo test InternalFrameDemoTest
- - JDK-8210058: Algorithmic Italic font leans opposite angle in Printing
- - JDK-8210220: [AOT] jdwp test cases are failing with error # ERROR: TEST FAILED: Cought IOException while receiving event packet
- - JDK-8210289: ArchivedKlassSubGraphInfoRecord is incomplete
- - JDK-8210459: Add support for generating compile_commands.json
- - JDK-8210476: sun/security/mscapi/PrngSlow.java fails with Still too slow
- - JDK-8210512: [Testbug] vmTestbase/nsk/jdi/ObjectReference/referringObjects/referringObjects002/referringObjects002.java fails with unexpected size of ClassLoaderReference.referringObjects
- - JDK-8210523: runtime/appcds/cacheObject/DifferentHeapSizes.java crash
- - JDK-8210632: Add key exchange algorithm to javax/net/ssl/TLSCommon/CipherSuite.java
- - JDK-8210699: Problem list tests which times out in Xcomp mode
- - JDK-8210793: [JVMCI] AllocateCompileIdTest.java failed to find DiagnosticCommand.class
- - JDK-8210910: Create test for FileChooserDemo
- - JDK-8210994: Create test for SwingSet3 FrameDemo
- - JDK-8211139: Increase timeout value in all tests under jdk/sanity/client/SwingSet/src
- - JDK-8211160: Handle different look and feels in JInternalFrameOperator
- - JDK-8211211: vmTestbase/metaspace/stressDictionary/StressDictionary.java timeout
- - JDK-8211322: Reduce the timeout of tooltip in SwingSet2DemoTest
- - JDK-8211443: Enable different look and feels in SwingSet3 demo test SplitPaneDemoTest
- - JDK-8211703: JInternalFrame : java.lang.AssertionError: cannot find the internal frame
- - JDK-8211781: re-building fails after changing Graal sources
- - JDK-8212897: Some improvements in the EditorPaneDemotest
- - JDK-8212903: [TestBug] Tests test/jdk/javax/swing/LookAndFeel/8145547/DemandGTK2.sh and DemandGTK3.sh fail on Ubuntu 18.04 LTS
- - JDK-8213009: Refactoring existing SunMSCAPI classes
- - JDK-8213010: Supporting keys created with certmgr.exe
- - JDK-8213168: Enable different look and feel tests in SwingSet3 demo test FileChooserDemoTest
- - JDK-8213348: jdk.internal.vm.compiler.management service providers missing in module descriptor
- - JDK-8213906: Update arm devkits with libXrandr headers
- - JDK-8213908: AssertionError in DeferredAttr at setOverloadKind
- - JDK-8214124: [TESTBUG] Bugs in runtime/NMT/MallocStressTest.java
- - JDK-8214344: C2: assert(con.basic_type() != T_ILLEGAL) failed: elembt=byte; loadbt=void; unsigned=0
- - JDK-8214345: infinite recursion while checking super class
- - JDK-8214471: Enable different look and feel tests in SwingSet3 demo test ToolTipDemoTest
- - JDK-8214534: Setting of THIS_FILE in the build is broken
- - JDK-8214557: Filter out VM flags which don't affect AOT code generation
- - JDK-8214578: [macos] Problem with backslashes on macOS/JIS keyboard: Java ignores system settings
- - JDK-8214840: runtime/NMT/MallocStressTest.java timed out
- - JDK-8214850: Rename vm_operations.?pp files to vmOperations.?pp files
- - JDK-8214904: Test8004741.java failed due to "Too few ThreadDeath hits; expected at least 6 but saw only 5"
- - JDK-8215322: add @file support to jaotc
- - JDK-8215355: Object monitor deadlock with no threads holding the monitor (using jemalloc 5.1)
- - JDK-8215396: JTabbedPane preferred size calculation is wrong for SCROLL_TAB_LAYOUT
- - JDK-8216180: [AOT] compiler/intrinsics/bigInteger/TestMulAdd.java crashed with AOT enabled
- - JDK-8216353: Use utility APIs introduced in org/netbeans/jemmy/util/LookAndFeel class in client sanity test cases
- - JDK-8216354: Syntax error in toolchain_windows.m4
- - JDK-8216472: (se) Stack overflow during selection operation leads to crash (win)
- - JDK-8216535: tools/jimage/JImageExtractTest.java timed out
- - JDK-8217235: Create automated test for SwingSet ColorChooserDemoTest
- - JDK-8217297: Add support for multiple look and feel for SwingSet SliderDemoTest
- - JDK-8217338: [Containers] Improve systemd slice memory limit support
- - JDK-8217613: [AOT] TEST_OPTS_AOT_MODULES doesn't work on mac
- - JDK-8217634: RunTest documentation and usability update
- - JDK-8217717: ZGC: Broken oop map in C1 load barrier stub
- - JDK-8217728: Speed up incremental rerun of "make hotspot"
- - JDK-8218268: Javac treats Manifest Class-Path entries as Paths instead of URLs
- - JDK-8218662: Allow 204 responses with Content-Length:0
- - JDK-8218882: NET_Writev is declared, NET_WriteV is defined
- - JDK-8218889: Improperly use of the Optional API
- - JDK-8219205: JFR file without license header
- - JDK-8219597: (bf) Heap buffer state changes could provoke unexpected exceptions
- - JDK-8219723: javax/net/ssl/compatibility/Compatibility.java failed on some SNI cases
- - JDK-8220348: [ntintel] asserts about copying unaligned array
- - JDK-8220451: jdi/EventQueue/remove/remove004 failed due to "ERROR: thread2 is not alive"
- - JDK-8220456: jdi/EventQueue/remove_l/remove_l004 failed due to "TIMEOUT while waiting for event"
- - JDK-8220479: java/nio/channels/Selector/SelectWithConsumer.java failed at testTwoChannels()
- - JDK-8220613: java/util/Arrays/TimSortStackSize2.java times out with fastdebug build
- - JDK-8220688: [TESTBUG] runtime/NMT/MallocStressTest.java timed out
- - JDK-8220786: Create new switch to redirect error reporting output to stdout or stderr
- - JDK-8221270: Duplicated synchronized keywords in SSLSocketImpl
- - JDK-8221312: test/jdk/sanity/client/SwingSet/src/ColorChooserDemoTest.java failed
- - JDK-8221851: Use of THIS_FILE in hotspot invalidates precompiled header on Linux/GCC
- - JDK-8221885: Add intermittent test in the JavaSound to the ProblemList
- - JDK-8222264: Windows incremental build is broken with JDK-8217728
- - JDK-8222391: javax/net/ssl/compatibility/Compatibility.java should be more flexible
- - JDK-8222448: java/lang/reflect/PublicMethods/PublicMethodsTest.java times out
- - JDK-8222519: ButtonDemoScreenshotTest fails randomly with "still state to be reached"
- - JDK-8222741: jdi/EventQueue/remove/remove004 fails due to VMDisconnectedException
- - JDK-8223003: SunMSCAPI keys are not cleaned up
- - JDK-8223063: Support CNG RSA keys
- - JDK-8223158: Docked MacBook cannot start any Java Swing applications
- - JDK-8223260: NamingManager should cache InitialContextFactory
- - JDK-8223464: Improve version string for Oracle CI builds
- - JDK-8223558: Java does not render Myanmar script correctly
- - JDK-8223627: jdk-13+20 bundle name contains null instead of ea
- - JDK-8223638: Replace wildcard address with loopback or local host in tests - part 6
- - JDK-8223678: Add Visual Studio Code workspace generation support (for native code)
- - JDK-8223727: com/sun/jndi/ldap/privconn/RunTest.java failed due to hang in LdapRequest.getReplyBer
- - JDK-8223769: Assert triggers with -XX:+StressReflectiveCode
- - JDK-8224187: Refactor arraycopy_prologue to allow ZGC read barriers on arraycopy
- - JDK-8224475: JTextPane does not show images in HTML rendering
- - JDK-8224673: Adjust permission for delayed starting of debugging
- - JDK-8224705: Tests that need to be problem-listed or have printer resources
- - JDK-8224778: test/jdk/demo/jfc/J2Ddemo/J2DdemoTest.java cannot find J2Ddemo.jar
- - JDK-8224821: java/awt/Focus/NoAutotransferToDisabledCompTest/NoAutotransferToDisabledCompTest.java fails linux-x64
- - JDK-8224830: test/jdk/java/awt/Focus/ModalExcludedWindowClickTest/ModalExcludedWindowClickTest.java fails on linux-x64
- - JDK-8224851: AArch64: fix warnings and errors with Clang and GCC 8.3
- - JDK-8224905: java/lang/ProcessBuilder/Basic.java#id1 failed with stream closed
- - JDK-8225007: java/awt/print/PrinterJob/LandscapeStackOverflow.java may hang
- - JDK-8225105: java/awt/Focus/ShowFrameCheckForegroundTest/ShowFrameCheckForegroundTest.java fails in Windows 10
- - JDK-8225117: java/math/BigInteger/SymmetricRangeTests.java fails with ParseException
- - JDK-8225128: Add exception for expiring DocuSign root to VerifyCACerts test
- - JDK-8225130: Add exception for expiring Comodo roots to VerifyCACerts test
- - JDK-8225144: [macos] In Aqua L&F backspace key does not delete when Shift is pressed
- - JDK-8225180: SignedObject with invalid Key not throwing the InvalidKeyException in Windows
- - JDK-8225182: JNI exception pending in DestroyXIMCallback of awt_InputMethod.c:1327
- - JDK-8225199: [Graal] compiler/jvmci/compilerToVM/IsMatureVsReprofileTest.java fails with -XX:CompileThresholdScaling=0.1
- - JDK-8225305: ProblemList java/lang/invoke/VarHandles tests
- - JDK-8225350: compiler/jvmci/compilerToVM/IsCompilableTest.java timed out
- - JDK-8225430: Replace wildcard address with loopback or local host in tests - part 14
- - JDK-8225435: Upgrade IANA Language Subtag Registry to the latest for JDK14
- - JDK-8225487: giflib legal file is missing attribution for openbsd-reallocarray.c
- - JDK-8225567: Wrong file headers with 8202414 fix changeset
- - JDK-8225684: [AOT] vmTestbase/vm/oom/production/AlwaysOOMProduction tests fail with AOTed java.base
- - JDK-8225766: Curve in certificate should not affect signature scheme when using TLSv1.3
- - JDK-8225797: OldObjectSample event creates unexpected amount of checkpoint data
- - JDK-8226381: ProblemList java/lang/reflect/PublicMethods/PublicMethodsTest.java
- - JDK-8226406: JVM fails to detect mismatched or corrupt CDS archive
- - JDK-8226608: Hide the onjcmd option from the help output
- - JDK-8226892: ActionListeners on JRadioButtons don't get notified when selection is changed with arrow keys
- - JDK-8227112: exclude compiler/intrinsics/sha/sanity tests from AOT runs
- - JDK-8227324: Upgrade to freetype 2.10.1
- - JDK-8227528: TestAbortVMOnSafepointTimeout.java failed due to "RuntimeException: 'Safepoint sync time longer than' missing from stdout/stderr"
- - JDK-8227645: Some tests in serviceability/sa run with fixed -Xmx values and risk running out of memory
- - JDK-8227646: [TESTBUG] appcds/SharedArchiveConsistency timed out
- - JDK-8227662: freetype seeks to index at the end of the font data
- - JDK-8228479: Correct the format of ColorChooserDemoTest
- - JDK-8228613: java.security.Provider#getServices order is no longer deterministic
- - JDK-8228969: 2019-09-28 public suffix list update
- - JDK-8229236: CriticalJNINatives: dll handling should be done in native thread state
- - JDK-8229345: Memory leak due to vtable stubs not being shared on SPARC
- - JDK-8229888: (zipfs) Updating an existing zip file does not preserve original permissions
- - JDK-8229994: assert(false) failed: Bad graph detected in get_early_ctrl_for_expensive
- - JDK-8230004: jdk/internal/jimage/JImageOpenTest.java runs no test
- - JDK-8230235: Rendering HTML with empty img attribute and documentBaseKey cause Exception
- - JDK-8230390: Problemlist SA tests with AOT
- - JDK-8230400: Missing constant pool entry for a method in stacktrace
- - JDK-8230459: Test failed to resume JVMCI CompilerThread
- - JDK-8230480: check malloc/calloc results in java.desktop
- - JDK-8230597: Update GIFlib library to the 5.2.1
- - JDK-8230611: infinite loop in LogOutputList::wait_until_no_readers()
- - JDK-8230624: [TESTBUG] Problemlist JFR compiler/TestCodeSweeper.java
- - JDK-8230677: Should disable Escape Analysis if JVMTI capability can_get_owned_monitor_info was taken
- - JDK-8230926: [macosx] Two apostrophes are entered instead of one with "U.S. International - PC" layout
- - JDK-8231025: Incorrect method tag offset for big endian platform
- - JDK-8231081: TestMetadataRetention fails due to missing symbol id
- - JDK-8231387: java.security.Provider.getService returns random result due to race condition with mutating methods in the same class
- - JDK-8231430: C2: Memory stomp in max_array_length() for T_ILLEGAL type
- - JDK-8231445: check ZALLOC return values in awt coding
- - JDK-8231507: Update Apache Santuario (XML Signature) to version 2.1.4
- - JDK-8231584: Deadlock with ClassLoader.findLibrary and System.loadLibrary call
- - JDK-8231753: use more Posix functionality in aix os::print_os_info
- - JDK-8231810: javax/net/ssl/templates/SSLSocketSSLEngineTemplate.java fails intermittently with "java.lang.Exception: Unexpected EOF"
- - JDK-8232003: (fs) Files.write can leak file descriptor in the exception case
- - JDK-8232056: GetOwnedMonitorInfoWithEATest.java fails with ZGC: Heap too small
- - JDK-8232060: add some initializations using sigemptyset in os_aix.cpp
- - JDK-8232154: Update Mesa 3-D Headers to version 19.2.1
- - JDK-8232167: Visual Studio install found through --with-tools-dir value is discarded
- - JDK-8232170: FSInfo#getJarClassPath throws an exception not declared in its throws clause
- - JDK-8232200: [macos 10.15] Windows in fullscreen tests jumps around the screen
- - JDK-8232207: Linux os::available_memory re-reads cgroup configuration on every invocation
- - JDK-8232224: [TESTBUG] problemlist JFR TestLargeRootSet.java
- - JDK-8232370: Refactor some com.sun.jdi tests to enable IDE integration
- - JDK-8232433: [macos 10.15] java/awt/Window/LocationAtScreenCorner/LocationAtScreenCorner.java may fail
- - JDK-8232571: Add missing SIGINFO signal
- - JDK-8232692: [TESTBUG] compiler/aot/fingerprint/SelfChangedCDS.java fails when cds is disabled
- - JDK-8232713: Update BCEL version to 6.3.1 in license file
- - JDK-8232806: Introduce a system property to disable eager lambda initialization
- - JDK-8232834: RunTest sometimes fails to produce valid exitcode.txt
- - JDK-8232880: Update test documentation with additional settings for client UI tooltip tests
- - JDK-8232950: SUNPKCS11 Provider incorrectly check key length for PSS Signatures.
- - JDK-8233018: Add a new test to verify that DatagramSocket is not interruptible
- - JDK-8233019: java.lang.Class.isPrimitive() (C1) returns wrong result if Klass* is aligned to 32bit
- - JDK-8233032: assert(in_bb(n)) failed: must be
- - JDK-8233078: fix minimal VM build on Linux ppc64(le)
- - JDK-8233328: fix minimal VM build on Linux s390x
- - JDK-8233383: Various minor fixes
- - JDK-8233466: aarch64: remove unnecessary load of mdo when profiling return and parameters type
- - JDK-8233491: Crash in AdapterHandlerLibrary::get_adapter with CDS due to code cache exhaustion
- - JDK-8233529: loopTransform.cpp:2984: Error: assert(p_f->Opcode() == Op_IfFalse) failed
- - JDK-8233548: Update CUP to v0.11b
- - JDK-8233649: Update ProblemList.txt to exclude failing headful tests on macos
- - JDK-8233656: assert(d->is_CFG() && n->is_CFG()) failed: must have CFG nodes
- - JDK-8233657: Intermittent NPE in Component.validate()
- - JDK-8234288: Turkey Time Zone returns incorrect time zone name
- - JDK-8234323: NULL-check return value of SurfaceData_InitOps on macosx
- - JDK-8234339: replace JLI_StrTok in java_md_solinux.c
- - JDK-8234340: Bump update version for OpenJDK: jdk-11.0.7
- - JDK-8234350: assert(mode == ControlAroundStripMined && (use == sfpt || !use->is_reachable_from_root())) failed: missed a node
- - JDK-8234386: [macos] NPE was thrown at expanding Choice from maximized frame
- - JDK-8234397: add OS uptime information to os::print_os_info output
- - JDK-8234423: Modifying ArrayList.subList().subList() resets modCount of subList
- - JDK-8234466: Class loading deadlock involving X509Factory#commitEvent()
- - JDK-8234501: remove obsolete NET_ReadV
- - JDK-8234525: enable link-time section-gc for linux s390x to remove unused code
- - JDK-8234610: MaxVectorSize set wrongly when UseAVX=3 is specified after JDK-8221092
- - JDK-8234617: C1: Incorrect result of field load due to missing narrowing conversion
- - JDK-8234723: javax/net/ssl/TLS tests support TLSv1.3
- - JDK-8234724: javax/net/ssl/templates/SSLSocketSSLEngineTemplate.java supports TLSv1.3
- - JDK-8234741: enhance os::get_core_path on macOS
- - JDK-8234769: Duplicate attribution in freetype.md
- - JDK-8234786: Fix for JDK-8214578 breaks OS X 10.12 compatibility
- - JDK-8234809: set relro in linker flags when building with gcc
- - JDK-8234824: java/nio/channels/SocketChannel/AdaptSocket.java fails on Windows 10
- - JDK-8235243: handle VS2017 15.9 and VS2019 in abstract_vm_version
- - JDK-8235288: AVX 512 instructions inadvertently used on Xeon for small vector width operations
- - JDK-8235325: build failure on Linux after 8235243
- - JDK-8235383: C1 compilation fails with -XX:+PrintIRDuringConstruction -XX:+Verbose
- - JDK-8235489: handle return values of sscanf calls in hotspot
- - JDK-8235509: Backport for JDK-8209657 Refactor filemap.hpp to simplify integration with Serviceability Agent.
- - JDK-8235510: java.util.zip.CRC32 performance drop after 8200067
- - JDK-8235563: [TESTBUG] appcds/CommandLineFlagComboNegative.java does not handle archive mapping failure
- - JDK-8235637: jhsdb jmap from OpenJDK 11.0.5 doesn't work if prelink is enabled
- - JDK-8235671: enhance print_rlimit_info in os_posix
- - JDK-8235744: PIT: test/jdk/javax/swing/text/html/TestJLabelWithHTMLText.java times out in linux-x64
- - JDK-8235904: Infinite loop when rendering huge lines
- - JDK-8235998: [c2] Memory leaks during tracing after '8224193: stringStream should not use Resource Area'.
- - JDK-8236039: JSSE Client does not accept status_request extension in CertificateRequest messages for TLS 1.3
- - JDK-8236140: assert(!VerifyHashTableKeys || _hash_lock == 0) failed: remove node from hash table before modifying it
- - JDK-8236179: C1 register allocation error with T_ADDRESS
- - JDK-8236488: Support for configure option --with-native-debug-symbols=internal is impossible on Windows
- - JDK-8236500: Windows ucrt.dll should be looked up in versioned WINSDK subdirectory
- - JDK-8236709: struct SwitchRange in HS violates C++ One Definition Rule
- - JDK-8236848: [JDK 11u] make run-test-tier1 fails after backport of JDK-8232834
- - JDK-8236873: Worker has a deadlock bug
- - JDK-8237217: Incorrect G1StringDedupEntry type used in StringDedupTable destructor
- - JDK-8237368: Problem with NullPointerException in RMI TCPEndpoint.read
- - JDK-8237375: SimpleThresholdPolicy misses CounterDecay timestamp initialization
- - JDK-8237508: Simplify JarFile.isInitializing
- - JDK-8237540: Missing files in backport of JDK-8210910
- - JDK-8237541: Missing files in backport of JDK-8236528
- - JDK-8237600: Test SunJSSEFIPSInit fails on Ubuntu
- - JDK-8237819: s390x - remove unused pd_zero_to_words_large
- - JDK-8237869: exclude jtreg test security/infra/java/security/cert/CertPathValidator/certification/LuxTrustCA.java because of instabilities
- - JDK-8237879: make 4.3 breaks build
- - JDK-8237945: CTW: C2 compilation fails with assert(just_allocated_object(alloc_ctl) == ptr) failed: most recent allo
- - JDK-8238225: Issues reported after replacing symlink at Contents/MacOS/libjli.dylib with binary
- - JDK-8238247: CTW runner should sweep nmethods more aggressively
- - JDK-8238366: CTW runner closes standard output on exit
- - JDK-8238438: SuperWord::co_locate_pack picks memory state of first instead of last load
- - JDK-8238502: sunmscapi.dll causing EXCEPTION_ACCESS_VIOLATION
- - JDK-8238534: Deep sign macOS bundles before bundle archive is being created
- - JDK-8238591: CTW: Split applications/ctw/modules/jdk_localedata.java
- - JDK-8238596: AVX enabled by default for Skylake even when unsupported
- - JDK-8238811: C2: assert(i >= req() || i == 0 || is_Region() || is_Phi()) with -XX:+VerifyGraphEdges
- - JDK-8239005: [TESTBUG] test/hotspot/jtreg/runtime/StackGuardPages/TestStackGuardPages.java: exeinvoke.c: must initialize static state before calling do_overflow()
- - JDK-8239466: Loss of precision in counter decay calculation in 11u backport of JDK-8237375
- - JDK-8239856: [ntintel] asserts about copying unaligned array element
- - JDK-8240724: [test] jdk11 downport of 8224475 misses binary file test/jdk/javax/swing/JTextPane/arrow.png
- - JDK-8241296: Segfault in JNIHandleBlock::oops_do()
-
-Notes on individual issues:
-===========================
-
-security-libs/javax.xml.crypto:
-
-JDK-8239467: Apache Santuario Library Updated to Version 2.1.4
-==============================================================
-The Apache Santuario library has been upgraded to version 2.1.4. As a
-result, a new system property
-`com.sun.org.apache.xml.internal.security.parser.pool-size` has been
-introduced.
-
-This new system property sets the pool size of the internal
-`DocumentBuilder` cache used when processing XML Signatures. The
-function is equivalent to the
-`org.apache.xml.security.parser.pool-size` system property used in
-Apache Santuario and has the same default value of 20.
diff --git a/SOURCES/jconsole.desktop.in b/SOURCES/jconsole.desktop.in
index a8917c1..8a3b04d 100644
--- a/SOURCES/jconsole.desktop.in
+++ b/SOURCES/jconsole.desktop.in
@@ -1,8 +1,8 @@
[Desktop Entry]
-Name=OpenJDK @JAVA_MAJOR_VERSION@ Monitoring & Management Console @ARCH@
-Comment=Monitor and manage OpenJDK @JAVA_MAJOR_VERSION@ applications for @ARCH@
-Exec=@JAVA_HOME@/jconsole
-Icon=java-@JAVA_MAJOR_VERSION@-@JAVA_VENDOR@
+Name=OpenJDK @JAVA_VER@ for @target_cpu@ Monitoring & Management Console (@OPENJDK_VER@)
+Comment=Monitor and manage OpenJDK applications
+Exec=_SDKBINDIR_/jconsole
+Icon=java-@JAVA_VER@-@JAVA_VENDOR@
Terminal=false
Type=Application
StartupWMClass=sun-tools-jconsole-JConsole
diff --git a/SOURCES/jdk8228407-shared_archive_crash.patch b/SOURCES/jdk8228407-shared_archive_crash.patch
deleted file mode 100644
index f3c8086..0000000
--- a/SOURCES/jdk8228407-shared_archive_crash.patch
+++ /dev/null
@@ -1,54 +0,0 @@
-# HG changeset patch
-# User ccheung
-# Date 1564075552 25200
-# Thu Jul 25 10:25:52 2019 -0700
-# Node ID 1edf6cc224fbf975eadf2a1810f67816a8607d30
-# Parent 73dbc713d4ddbdbeae71375db1603d85cef47f99
-8228407: JVM crashes with shared archive file mismatch
-Summary: Stop processing other header fields if initial header check has failed.
-Reviewed-by: dholmes, jiangli
-
-diff --git a/src/hotspot/share/memory/filemap.cpp b/src/hotspot/share/memory/filemap.cpp
---- a/src/hotspot/share/memory/filemap.cpp
-+++ b/src/hotspot/share/memory/filemap.cpp
-@@ -1287,7 +1287,9 @@
- }
-
- init_from_file(_fd);
-- if (!validate_header()) {
-+ // UseSharedSpaces could be disabled if the checking of some of the header fields in
-+ // init_from_file has failed.
-+ if (!UseSharedSpaces || !validate_header()) {
- return false;
- }
- return true;
-diff --git a/test/hotspot/jtreg/runtime/appcds/SharedArchiveConsistency.java b/test/hotspot/jtreg/runtime/appcds/SharedArchiveConsistency.java
---- a/test/hotspot/jtreg/runtime/appcds/SharedArchiveConsistency.java
-+++ b/test/hotspot/jtreg/runtime/appcds/SharedArchiveConsistency.java
-@@ -385,8 +385,16 @@
- output.shouldNotContain("Checksum verification failed");
-
- copyFile(orgJsaFile, jsa);
-+ // modify _jvm_ident and run with -Xshare:auto
-+ System.out.println("\n2b. Corrupt _jvm_ident run with -Xshare:auto\n");
-+ modifyJvmIdent();
-+ output = TestCommon.execAuto(execArgs);
-+ output.shouldContain("The shared archive file was created by a different version or build of HotSpot");
-+ output.shouldContain("Hello World");
-+
-+ copyFile(orgJsaFile, jsa);
- // modify _magic and _paths_misc_info_size, test should fail
-- System.out.println("\n2b. Corrupt _magic and _paths_misc_info_size, should fail\n");
-+ System.out.println("\n2c. Corrupt _magic and _paths_misc_info_size, should fail\n");
- modifyHeaderIntField(offset_magic, 0x00000000);
- modifyHeaderIntField(offset_paths_misc_info_size, Integer.MAX_VALUE);
- output = TestCommon.execCommon(execArgs);
-@@ -395,7 +403,7 @@
-
- copyFile(orgJsaFile, jsa);
- // modify _version and _paths_misc_info_size, test should fail
-- System.out.println("\n2c. Corrupt _version and _paths_misc_info_size, should fail\n");
-+ System.out.println("\n2d. Corrupt _version and _paths_misc_info_size, should fail\n");
- modifyHeaderIntField(offset_version, 0x00000000);
- modifyHeaderIntField(offset_paths_misc_info_size, Integer.MAX_VALUE);
- output = TestCommon.execCommon(execArgs);
diff --git a/SOURCES/jdk8236039-status_request_extension.patch b/SOURCES/jdk8236039-status_request_extension.patch
new file mode 100644
index 0000000..be7008c
--- /dev/null
+++ b/SOURCES/jdk8236039-status_request_extension.patch
@@ -0,0 +1,310 @@
+# HG changeset patch
+# User jnimeh
+# Date 1578287079 28800
+# Sun Jan 05 21:04:39 2020 -0800
+# Node ID b9d1ce20dd4b2ce34e74c8fa2d784335231abcd1
+# Parent 3782f295811625b65d57f1aef15daa10d82a58a7
+8236039: JSSE Client does not accept status_request extension in CertificateRequest messages for TLS 1.3
+Reviewed-by: xuelei
+
+diff --git a/src/java.base/share/classes/sun/security/ssl/CertStatusExtension.java b/src/java.base/share/classes/sun/security/ssl/CertStatusExtension.java
+--- a/src/java.base/share/classes/sun/security/ssl/CertStatusExtension.java
++++ b/src/java.base/share/classes/sun/security/ssl/CertStatusExtension.java
+@@ -1,5 +1,5 @@
+ /*
+- * Copyright (c) 2015, 2019, Oracle and/or its affiliates. All rights reserved.
++ * Copyright (c) 2015, 2020, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+@@ -39,11 +39,7 @@
+ import javax.net.ssl.SSLProtocolException;
+ import sun.security.provider.certpath.OCSPResponse;
+ import sun.security.provider.certpath.ResponderId;
+-import static sun.security.ssl.SSLExtension.CH_STATUS_REQUEST;
+-import static sun.security.ssl.SSLExtension.CH_STATUS_REQUEST_V2;
+ import sun.security.ssl.SSLExtension.ExtensionConsumer;
+-import static sun.security.ssl.SSLExtension.SH_STATUS_REQUEST;
+-import static sun.security.ssl.SSLExtension.SH_STATUS_REQUEST_V2;
+ import sun.security.ssl.SSLExtension.SSLExtensionSpec;
+ import sun.security.ssl.SSLHandshake.HandshakeMessage;
+ import sun.security.util.DerInputStream;
+@@ -434,8 +430,9 @@
+ } else {
+ extBuilder.append(",\n");
+ }
+- extBuilder.append(
+- "{\n" + Utilities.indent(ext.toString()) + "}");
++ extBuilder.append("{\n").
++ append(Utilities.indent(ext.toString())).
++ append("}");
+ }
+
+ extsStr = extBuilder.toString();
+@@ -552,11 +549,11 @@
+ return null;
+ }
+
+- if (!chc.sslConfig.isAvailable(CH_STATUS_REQUEST)) {
++ if (!chc.sslConfig.isAvailable(SSLExtension.CH_STATUS_REQUEST)) {
+ if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
+ SSLLogger.fine(
+ "Ignore unavailable extension: " +
+- CH_STATUS_REQUEST.name);
++ SSLExtension.CH_STATUS_REQUEST.name);
+ }
+ return null;
+ }
+@@ -568,8 +565,8 @@
+ byte[] extData = new byte[] {0x01, 0x00, 0x00, 0x00, 0x00};
+
+ // Update the context.
+- chc.handshakeExtensions.put(
+- CH_STATUS_REQUEST, CertStatusRequestSpec.DEFAULT);
++ chc.handshakeExtensions.put(SSLExtension.CH_STATUS_REQUEST,
++ CertStatusRequestSpec.DEFAULT);
+
+ return extData;
+ }
+@@ -593,10 +590,10 @@
+ // The consuming happens in server side only.
+ ServerHandshakeContext shc = (ServerHandshakeContext)context;
+
+- if (!shc.sslConfig.isAvailable(CH_STATUS_REQUEST)) {
++ if (!shc.sslConfig.isAvailable(SSLExtension.CH_STATUS_REQUEST)) {
+ if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
+ SSLLogger.fine("Ignore unavailable extension: " +
+- CH_STATUS_REQUEST.name);
++ SSLExtension.CH_STATUS_REQUEST.name);
+ }
+ return; // ignore the extension
+ }
+@@ -610,7 +607,7 @@
+ }
+
+ // Update the context.
+- shc.handshakeExtensions.put(CH_STATUS_REQUEST, spec);
++ shc.handshakeExtensions.put(SSLExtension.CH_STATUS_REQUEST, spec);
+ if (!shc.isResumption &&
+ !shc.negotiatedProtocol.useTLS13PlusSpec()) {
+ shc.handshakeProducers.put(SSLHandshake.CERTIFICATE_STATUS.id,
+@@ -654,13 +651,12 @@
+
+ // In response to "status_request" extension request only.
+ CertStatusRequestSpec spec = (CertStatusRequestSpec)
+- shc.handshakeExtensions.get(CH_STATUS_REQUEST);
++ shc.handshakeExtensions.get(SSLExtension.CH_STATUS_REQUEST);
+ if (spec == null) {
+ // Ignore, no status_request extension requested.
+ if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
+- SSLLogger.finest(
+- "Ignore unavailable extension: " +
+- CH_STATUS_REQUEST.name);
++ SSLLogger.finest("Ignore unavailable extension: " +
++ SSLExtension.CH_STATUS_REQUEST.name);
+ }
+
+ return null; // ignore the extension
+@@ -681,8 +677,8 @@
+ byte[] extData = new byte[0];
+
+ // Update the context.
+- shc.handshakeExtensions.put(
+- SH_STATUS_REQUEST, CertStatusRequestSpec.DEFAULT);
++ shc.handshakeExtensions.put(SSLExtension.SH_STATUS_REQUEST,
++ CertStatusRequestSpec.DEFAULT);
+
+ return extData;
+ }
+@@ -708,7 +704,7 @@
+
+ // In response to "status_request" extension request only.
+ CertStatusRequestSpec requestedCsr = (CertStatusRequestSpec)
+- chc.handshakeExtensions.get(CH_STATUS_REQUEST);
++ chc.handshakeExtensions.get(SSLExtension.CH_STATUS_REQUEST);
+ if (requestedCsr == null) {
+ throw chc.conContext.fatal(Alert.UNEXPECTED_MESSAGE,
+ "Unexpected status_request extension in ServerHello");
+@@ -722,8 +718,8 @@
+ }
+
+ // Update the context.
+- chc.handshakeExtensions.put(
+- SH_STATUS_REQUEST, CertStatusRequestSpec.DEFAULT);
++ chc.handshakeExtensions.put(SSLExtension.SH_STATUS_REQUEST,
++ CertStatusRequestSpec.DEFAULT);
+
+ // Since we've received a legitimate status_request in the
+ // ServerHello, stapling is active if it's been enabled.
+@@ -909,7 +905,7 @@
+ return null;
+ }
+
+- if (!chc.sslConfig.isAvailable(CH_STATUS_REQUEST_V2)) {
++ if (!chc.sslConfig.isAvailable(SSLExtension.CH_STATUS_REQUEST_V2)) {
+ if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
+ SSLLogger.finest(
+ "Ignore unavailable status_request_v2 extension");
+@@ -926,8 +922,8 @@
+ 0x00, 0x07, 0x02, 0x00, 0x04, 0x00, 0x00, 0x00, 0x00};
+
+ // Update the context.
+- chc.handshakeExtensions.put(
+- CH_STATUS_REQUEST_V2, CertStatusRequestV2Spec.DEFAULT);
++ chc.handshakeExtensions.put(SSLExtension.CH_STATUS_REQUEST_V2,
++ CertStatusRequestV2Spec.DEFAULT);
+
+ return extData;
+ }
+@@ -951,7 +947,7 @@
+ // The consuming happens in server side only.
+ ServerHandshakeContext shc = (ServerHandshakeContext)context;
+
+- if (!shc.sslConfig.isAvailable(CH_STATUS_REQUEST_V2)) {
++ if (!shc.sslConfig.isAvailable(SSLExtension.CH_STATUS_REQUEST_V2)) {
+ if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
+ SSLLogger.finest(
+ "Ignore unavailable status_request_v2 extension");
+@@ -969,7 +965,8 @@
+ }
+
+ // Update the context.
+- shc.handshakeExtensions.put(CH_STATUS_REQUEST_V2, spec);
++ shc.handshakeExtensions.put(SSLExtension.CH_STATUS_REQUEST_V2,
++ spec);
+ if (!shc.isResumption) {
+ shc.handshakeProducers.putIfAbsent(
+ SSLHandshake.CERTIFICATE_STATUS.id,
+@@ -1013,7 +1010,7 @@
+
+ // In response to "status_request_v2" extension request only
+ CertStatusRequestV2Spec spec = (CertStatusRequestV2Spec)
+- shc.handshakeExtensions.get(CH_STATUS_REQUEST_V2);
++ shc.handshakeExtensions.get(SSLExtension.CH_STATUS_REQUEST_V2);
+ if (spec == null) {
+ // Ignore, no status_request_v2 extension requested.
+ if (SSLLogger.isOn && SSLLogger.isOn("ssl,handshake")) {
+@@ -1038,8 +1035,8 @@
+ byte[] extData = new byte[0];
+
+ // Update the context.
+- shc.handshakeExtensions.put(
+- SH_STATUS_REQUEST_V2, CertStatusRequestV2Spec.DEFAULT);
++ shc.handshakeExtensions.put(SSLExtension.SH_STATUS_REQUEST_V2,
++ CertStatusRequestV2Spec.DEFAULT);
+
+ return extData;
+ }
+@@ -1065,7 +1062,7 @@
+
+ // In response to "status_request" extension request only
+ CertStatusRequestV2Spec requestedCsr = (CertStatusRequestV2Spec)
+- chc.handshakeExtensions.get(CH_STATUS_REQUEST_V2);
++ chc.handshakeExtensions.get(SSLExtension.CH_STATUS_REQUEST_V2);
+ if (requestedCsr == null) {
+ throw chc.conContext.fatal(Alert.UNEXPECTED_MESSAGE,
+ "Unexpected status_request_v2 extension in ServerHello");
+@@ -1079,8 +1076,8 @@
+ }
+
+ // Update the context.
+- chc.handshakeExtensions.put(
+- SH_STATUS_REQUEST_V2, CertStatusRequestV2Spec.DEFAULT);
++ chc.handshakeExtensions.put(SSLExtension.SH_STATUS_REQUEST_V2,
++ CertStatusRequestV2Spec.DEFAULT);
+
+ // Since we've received a legitimate status_request in the
+ // ServerHello, stapling is active if it's been enabled. If it
+diff --git a/src/java.base/share/classes/sun/security/ssl/SSLExtension.java b/src/java.base/share/classes/sun/security/ssl/SSLExtension.java
+--- a/src/java.base/share/classes/sun/security/ssl/SSLExtension.java
++++ b/src/java.base/share/classes/sun/security/ssl/SSLExtension.java
+@@ -1,5 +1,5 @@
+ /*
+- * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
++ * Copyright (c) 2018, 2020, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+@@ -113,7 +113,6 @@
+ null,
+ null,
+ CertStatusExtension.certStatusReqStringizer),
+-
+ CR_STATUS_REQUEST (0x0005, "status_request"),
+ CT_STATUS_REQUEST (0x0005, "status_request",
+ SSLHandshake.CERTIFICATE,
+@@ -124,6 +123,7 @@
+ null,
+ null,
+ CertStatusExtension.certStatusRespStringizer),
++
+ // extensions defined in RFC 4681
+ USER_MAPPING (0x0006, "user_mapping"),
+
+@@ -515,6 +515,16 @@
+ return null;
+ }
+
++ static String nameOf(int extensionType) {
++ for (SSLExtension ext : SSLExtension.values()) {
++ if (ext.id == extensionType) {
++ return ext.name;
++ }
++ }
++
++ return "unknown extension";
++ }
++
+ static boolean isConsumable(int extensionType) {
+ for (SSLExtension ext : SSLExtension.values()) {
+ if (ext.id == extensionType &&
+diff --git a/src/java.base/share/classes/sun/security/ssl/SSLExtensions.java b/src/java.base/share/classes/sun/security/ssl/SSLExtensions.java
+--- a/src/java.base/share/classes/sun/security/ssl/SSLExtensions.java
++++ b/src/java.base/share/classes/sun/security/ssl/SSLExtensions.java
+@@ -1,5 +1,5 @@
+ /*
+- * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
++ * Copyright (c) 2018, 2020 Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+@@ -86,11 +86,14 @@
+ "Received buggy supported_groups extension " +
+ "in the ServerHello handshake message");
+ }
+- } else {
++ } else if (handshakeType == SSLHandshake.SERVER_HELLO) {
+ throw hm.handshakeContext.conContext.fatal(
+- Alert.UNSUPPORTED_EXTENSION,
+- "extension (" + extId +
+- ") should not be presented in " + handshakeType.name);
++ Alert.UNSUPPORTED_EXTENSION, "extension (" +
++ extId + ") should not be presented in " +
++ handshakeType.name);
++ } else {
++ isSupported = false;
++ // debug log to ignore unknown extension for handshakeType
+ }
+ }
+
+@@ -365,9 +368,10 @@
+ }
+
+ private static String toString(int extId, byte[] extData) {
++ String extName = SSLExtension.nameOf(extId);
+ MessageFormat messageFormat = new MessageFormat(
+- "\"unknown extension ({0})\": '{'\n" +
+- "{1}\n" +
++ "\"{0} ({1})\": '{'\n" +
++ "{2}\n" +
+ "'}'",
+ Locale.ENGLISH);
+
+@@ -375,6 +379,7 @@
+ String encoded = hexEncoder.encodeBuffer(extData);
+
+ Object[] messageFields = {
++ extName,
+ extId,
+ Utilities.indent(encoded)
+ };
diff --git a/SOURCES/jdk8237396-avoid_triggering_barriers.patch b/SOURCES/jdk8237396-avoid_triggering_barriers.patch
new file mode 100644
index 0000000..90d7c65
--- /dev/null
+++ b/SOURCES/jdk8237396-avoid_triggering_barriers.patch
@@ -0,0 +1,58 @@
+# HG changeset patch
+# User zgu
+# Date 1579696811 18000
+# Wed Jan 22 07:40:11 2020 -0500
+# Node ID 91ea567eeabeade6b3f8d6cf10c02ba53f700eca
+# Parent 082f1d3eb1649ff776cda165ed78d65bc7361ebc
+8237396: JvmtiTagMap::weak_oops_do() should not trigger barriers
+Reviewed-by: stefank, rkennke
+
+diff --git a/src/hotspot/share/prims/jvmtiTagMap.cpp b/src/hotspot/share/prims/jvmtiTagMap.cpp
+--- a/src/hotspot/share/prims/jvmtiTagMap.cpp
++++ b/src/hotspot/share/prims/jvmtiTagMap.cpp
+@@ -1,5 +1,5 @@
+ /*
+- * Copyright (c) 2003, 2018, Oracle and/or its affiliates. All rights reserved.
++ * Copyright (c) 2003, 2020, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+@@ -96,6 +96,11 @@
+ inline oop object_peek() {
+ return NativeAccess<ON_PHANTOM_OOP_REF | AS_NO_KEEPALIVE>::oop_load(object_addr());
+ }
++
++ inline oop object_raw() {
++ return RawAccess<>::oop_load(object_addr());
++ }
++
+ inline jlong tag() const { return _tag; }
+
+ inline void set_tag(jlong tag) {
+@@ -3357,7 +3362,7 @@
+ JvmtiTagHashmapEntry* next = entry->next();
+
+ // has object been GC'ed
+- if (!is_alive->do_object_b(entry->object_peek())) {
++ if (!is_alive->do_object_b(entry->object_raw())) {
+ // grab the tag
+ jlong tag = entry->tag();
+ guarantee(tag != 0, "checking");
+@@ -3375,7 +3380,7 @@
+ ++freed;
+ } else {
+ f->do_oop(entry->object_addr());
+- oop new_oop = entry->object_peek();
++ oop new_oop = entry->object_raw();
+
+ // if the object has moved then re-hash it and move its
+ // entry to its new location.
+@@ -3409,7 +3414,7 @@
+ // Re-add all the entries which were kept aside
+ while (delayed_add != NULL) {
+ JvmtiTagHashmapEntry* next = delayed_add->next();
+- unsigned int pos = JvmtiTagHashmap::hash(delayed_add->object_peek(), size);
++ unsigned int pos = JvmtiTagHashmap::hash(delayed_add->object_raw(), size);
+ delayed_add->set_next(table[pos]);
+ table[pos] = delayed_add;
+ delayed_add = next;
diff --git a/SPECS/java-11-openjdk.spec b/SPECS/java-11-openjdk.spec
index e7c986e..8906590 100644
--- a/SPECS/java-11-openjdk.spec
+++ b/SPECS/java-11-openjdk.spec
@@ -147,51 +147,63 @@
# In some cases, the arch used by the JDK does
# not match _arch.
# Also, in some cases, the machine name used by SystemTap
-# does not match that given by _build_cpu
+# does not match that given by _target_cpu
%ifarch x86_64
%global archinstall amd64
+%global stapinstall x86_64
%endif
%ifarch ppc
%global archinstall ppc
+%global stapinstall powerpc
%endif
%ifarch %{ppc64be}
%global archinstall ppc64
+%global stapinstall powerpc
%endif
%ifarch %{ppc64le}
%global archinstall ppc64le
+%global stapinstall powerpc
%endif
%ifarch %{ix86}
%global archinstall i686
+%global stapinstall i386
%endif
%ifarch ia64
%global archinstall ia64
+%global stapinstall ia64
%endif
%ifarch s390
%global archinstall s390
+%global stapinstall s390
%endif
%ifarch s390x
%global archinstall s390x
+%global stapinstall s390
%endif
%ifarch %{arm}
%global archinstall arm
+%global stapinstall arm
%endif
%ifarch %{aarch64}
%global archinstall aarch64
+%global stapinstall arm64
%endif
# 32 bit sparc, optimized for v9
%ifarch sparcv9
%global archinstall sparc
+%global stapinstall %{_target_cpu}
%endif
# 64 bit sparc
%ifarch sparc64
%global archinstall sparcv9
+%global stapinstall %{_target_cpu}
%endif
-%ifnarch %{jit_arches}
-%global archinstall %{_arch}
+# Need to support noarch for srpm build
+%ifarch noarch
+%global archinstall %{nil}
+%global stapinstall %{nil}
%endif
-
-
%ifarch %{jit_arches}
%global with_systemtap 1
%else
@@ -200,7 +212,7 @@
# New Version-String scheme-style defines
%global majorver 11
-%global securityver 7
+%global securityver 6
# buildjdkver is usually same as %%{majorver},
# but in time of bootstrap of next jdk, it is majorver-1,
# and this it is better to change it here, on single place
@@ -217,13 +229,16 @@
%global lts_designator_zip ""
%endif
+# Define IcedTea version used for SystemTap tapsets and desktop file
+%global icedteaver 3.15.0
+
# Standard JPackage naming and versioning defines
%global origin openjdk
%global origin_nice OpenJDK
%global top_level_dir_name %{origin}
%global minorver 0
%global buildver 10
-%global rpmrelease 1
+%global rpmrelease 4
#%%global tagsuffix ""
# priority must be 8 digits in total; untill openjdk 1.8 we were using 18..... so when moving to 11 we had to add another digit
%if %is_system_jdk
@@ -303,10 +318,10 @@
# and 32 bit architectures we place the tapsets under the arch
# specific dir (note that systemtap will only pickup the tapset
# for the primary arch for now). Systemtap uses the machine name
-# aka build_cpu as architecture specific directory name.
+# aka target_cpu as architecture specific directory name.
%global tapsetroot /usr/share/systemtap
%global tapsetdirttapset %{tapsetroot}/tapset/
-%global tapsetdir %{tapsetdirttapset}/%{_build_cpu}
+%global tapsetdir %{tapsetdirttapset}/%{stapinstall}
%endif
# not-duplicated scriptlets for normal/debug packages
@@ -558,7 +573,6 @@ exit 0
%define files_jre_headless() %{expand:
%license %{_jvmdir}/%{sdkdir -- %{?1}}/legal
-%doc %{_defaultdocdir}/%{uniquejavadocdir -- %{?1}}/NEWS
%dir %{_sysconfdir}/.java/.systemPrefs
%dir %{_sysconfdir}/.java
%dir %{_jvmdir}/%{sdkdir -- %{?1}}
@@ -1014,17 +1028,18 @@ License: ASL 1.1 and ASL 2.0 and BSD and BSD with advertising and GPL+ and GPLv
URL: http://openjdk.java.net/
-# to regenerate source0 (jdk) and source8 (jdk's taspets) run update_package.sh
+# to regenerate source0 (jdk) run update_package.sh
# update_package.sh contains hard-coded repos, revisions, tags, and projects to regenerate the source archives
-Source0: shenandoah-jdk%{majorver}-shenandoah-jdk-%{newjavaver}+%{buildver}%{?tagsuffix:-%{tagsuffix}}.tar.xz
-Source8: systemtap_3.2_tapsets_hg-icedtea8-9d464368e06d.tar.xz
+Source0: shenandoah-jdk%{majorver}-shenandoah-jdk-%{newjavaver}+%{buildver}%{?tagsuffix:-%{tagsuffix}}-4curve.tar.xz
+
+# Use 'icedtea_sync.sh' to update the following
+# They are based on code contained in the IcedTea project (3.x).
+# Systemtap tapsets. Zipped up to keep it small.
+Source8: tapsets-icedtea-%{icedteaver}.tar.xz
# Desktop files. Adapted from IcedTea
Source9: jconsole.desktop.in
-# Release notes
-Source10: NEWS
-
# nss configuration file
Source11: nss.cfg.in
@@ -1060,6 +1075,8 @@ Patch1001: rh1655466-global_crypto_and_fips.patch
# Shenandoah specific patches
#
#############################################
+# JDK-8237396: JvmtiTagMap::weak_oops_do() should not trigger barriers
+Patch10: jdk8237396-avoid_triggering_barriers.patch
# Currently empty
@@ -1081,14 +1098,14 @@ Patch6: rh1566890-CVE_2018_3639-speculative_store_bypass.patch
Patch7: pr3695-toggle_system_crypto_policy.patch
# S390 ambiguous log2_intptr call
Patch8: s390-8214206_fix.patch
+# JDK-8236039: JSSE Client does not accept status_request extension in CertificateRequest messages for TLS 1.3
+Patch9: jdk8236039-status_request_extension.patch
#############################################
#
# JDK 9+ only patches
#
#############################################
-# JDK-8228407: JVM crashes with shared archive file mismatch
-Patch9: jdk8228407-shared_archive_crash.patch
BuildRequires: autoconf
BuildRequires: automake
@@ -1295,6 +1312,14 @@ The %{origin_nice} %{majorver} API documentation compressed in single archive.
%endif
%prep
+
+# Using the echo macro breaks rpmdev-bumpspec, as it parses the first line of stdout :-(
+%if 0%{?stapinstall:1}
+ echo "CPU: %{_target_cpu}, arch install directory: %{archinstall}, SystemTap install directory: %{stapinstall}"
+%else
+ %{error:Unrecognised architecture %{_target_cpu}}
+%endif
+
if [ %{include_normal_build} -eq 0 -o %{include_normal_build} -eq 1 ] ; then
echo "include_normal_build is %{include_normal_build}"
else
@@ -1332,6 +1357,7 @@ pushd %{top_level_dir_name}
%patch7 -p1
%patch8 -p1
%patch9 -p1
+%patch10 -p1
popd # openjdk
%patch1000
@@ -1347,7 +1373,7 @@ cp -r tapset tapset%{debug_suffix}
for suffix in %{build_loop} ; do
for file in "tapset"$suffix/*.in; do
- OUTPUT_FILE=`echo $file | sed -e "s:\.stp\.in$:%{version}-%{release}.%{_arch}.stp:g"`
+ OUTPUT_FILE=`echo $file | sed -e "s:\.stp\.in$:-%{version}-%{release}.%{_arch}.stp:g"`
sed -e "s:@ABS_SERVER_LIBJVM_SO@:%{_jvmdir}/%{sdkdir -- $suffix}/lib/server/libjvm.so:g" $file > $file.1
# TODO find out which architectures other than i686 have a client vm
%ifarch %{ix86}
@@ -1364,16 +1390,18 @@ done
%endif
# Prepare desktop files
+# The _X_ syntax indicates variables that are replaced by make upstream
+# The @X@ syntax indicates variables that are replaced by configure upstream
for suffix in %{build_loop} ; do
for file in %{SOURCE9}; do
FILE=`basename $file | sed -e s:\.in$::g`
EXT="${FILE##*.}"
NAME="${FILE%.*}"
OUTPUT_FILE=$NAME$suffix.$EXT
- sed -e "s:@JAVA_HOME@:%{sdkbindir -- $suffix}:g" $file > $OUTPUT_FILE
- sed -i -e "s:@JRE_HOME@:%{jrebindir -- $suffix}:g" $OUTPUT_FILE
- sed -i -e "s:@ARCH@:%{version}-%{release}.%{_arch}$suffix:g" $OUTPUT_FILE
- sed -i -e "s:@JAVA_MAJOR_VERSION@:%{majorver}:g" $OUTPUT_FILE
+ sed -e "s:_SDKBINDIR_:%{sdkbindir -- $suffix}:g" $file > $OUTPUT_FILE
+ sed -i -e "s:@target_cpu@:%{_arch}:g" $OUTPUT_FILE
+ sed -i -e "s:@OPENJDK_VER@:%{version}-%{release}.%{_arch}$suffix:g" $OUTPUT_FILE
+ sed -i -e "s:@JAVA_VER@:%{javaver}:g" $OUTPUT_FILE
sed -i -e "s:@JAVA_VENDOR@:%{origin}:g" $OUTPUT_FILE
done
done
@@ -1411,8 +1439,7 @@ EXTRA_CPP_FLAGS="%ourcppflags -std=gnu++98 -fno-delete-null-pointer-checks -fno-
# fix rpmlint warnings
EXTRA_CFLAGS="$EXTRA_CFLAGS -fno-strict-aliasing"
%endif
-EXTRA_ASFLAGS="${EXTRA_CFLAGS} -Wa,--generate-missing-build-notes=yes"
-export EXTRA_CFLAGS EXTRA_ASFLAGS
+export EXTRA_CFLAGS
for suffix in %{build_loop} ; do
if [ "x$suffix" = "x" ] ; then
@@ -1451,7 +1478,6 @@ bash ../configure \
--with-stdc++lib=dynamic \
--with-extra-cxxflags="$EXTRA_CPP_FLAGS" \
--with-extra-cflags="$EXTRA_CFLAGS" \
- --with-extra-asflags="$EXTRA_ASFLAGS" \
--with-extra-ldflags="%{ourldflags}" \
--with-num-cores="$NUM_PROC" \
--disable-javac-server \
@@ -1663,11 +1689,6 @@ if ! echo $suffix | grep -q "debug" ; then
cp -a %{buildoutputdir -- $suffix}/bundles/jdk-%{newjavaver}%{ea_designator_zip}+%{buildver}%{lts_designator_zip}-docs.zip $RPM_BUILD_ROOT%{_javadocdir}/%{uniquejavadocdir -- $suffix}.zip
fi
-# Install release notes
-commondocdir=${RPM_BUILD_ROOT}%{_defaultdocdir}/%{uniquejavadocdir $suffix}
-install -d -m 755 ${commondocdir}
-cp -a %{SOURCE10} ${commondocdir}
-
# Install icons and menu entries
for s in 16 24 32 48 ; do
install -D -p -m 644 \
@@ -1879,94 +1900,58 @@ require "copy_jdk_configs.lua"
%endif
%changelog
-* Wed Apr 15 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.7.10-1
-- Add JDK-8228407 backport to resolve crashes during verification.
-- Resolves: rhbz#1810557
-
-* Tue Apr 14 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.7.10-1
-- Amend release notes, removing issue actually fixed in 11.0.6.
-- Resolves: rhbz#1810557
+* Fri Mar 27 2020 Andrew John Hughes <gnu.andrew@redhat.com> - 1:11.0.6.10-4
+- Need to support noarch for creating source RPMs for non-scratch builds.
+- Resolves: rhbz#1737115
-* Tue Apr 14 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.7.10-1
-- Re-apply --with-extra-asflags as crash was not due to this.
-- Resolves: rhbz#1810557
+* Thu Mar 19 2020 Andrew John Hughes <gnu.andrew@redhat.com> - 1:11.0.6.10-4
+- Introduce stapinstall variable to set SystemTap arch directory correctly (e.g. arm64 on aarch64)
+- Resolves: rhbz#1737115
-* Mon Apr 13 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.7.10-1
-- Add release notes.
-- Resolves: rhbz#1810557
+* Sun Feb 23 2020 Andrew John Hughes <gnu.andrew@redhat.com> - 1:11.0.6.10-3
+- Sync SystemTap & desktop files with upstream IcedTea release 3.15.0
+- Resolves: rhbz#1737115
-* Mon Apr 13 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.7.10-1
-- Revert asflags changes as build remains broken.
-- Resolves: rhbz#1810557
+* Sun Feb 23 2020 Andrew John Hughes <gnu.andrew@redhat.com> - 1:11.0.6.10-3
+- Sync SystemTap & desktop files with upstream IcedTea release 3.11.0 using new script
+- Resolves: rhbz#1737115
-* Mon Apr 13 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.7.10-1
-- Build still failing with just assembler build notes option, trying with just optimisation flags.
-- Resolves: rhbz#1810557
-
-* Mon Apr 13 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.7.10-1
-- Passing optimisation flags to assembler causes build to crash.
-- Resolves: rhbz#1810557
-
-* Mon Apr 13 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.7.10-1
-- Make use of --with-extra-asflags introduced in jdk-11.0.6+1.
-- Resolves: rhbz#1810557
-
-* Tue Mar 31 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.7.10-0
-- Update to shenandoah-jdk-11.0.7+10 (GA)
-- Switch to GA mode for final release.
-- Resolves: rhbz#1810557
-
-* Sat Mar 28 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.7.9-0.0.ea
-- Update to shenandoah-jdk-11.0.7+9 (EA)
-- Resolves: rhbz#1810557
-
-* Sat Mar 28 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.7.8-0.0.ea
-- Update to shenandoah-jdk-11.0.7+8 (EA)
-- Resolves: rhbz#1810557
-
-* Sat Mar 28 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.7.7-0.0.ea
-- Update to shenandoah-jdk-11.0.7+7 (EA)
-- Resolves: rhbz#1810557
-
-* Mon Mar 16 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.7.6-0.0.ea
-- Update to shenandoah-jdk-11.0.7+6 (EA)
-- Resolves: rhbz#1810557
-
-* Sun Mar 15 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.7.5-0.0.ea
-- Update to shenandoah-jdk-11.0.7+5 (EA)
-- Resolves: rhbz#1810557
-
-* Fri Feb 28 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.7.4-0.0.ea
-- Update to shenandoah-jdk-11.0.7+4 (EA)
-- Resolves: rhbz#1810557
-
-* Tue Feb 18 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.7.3-0.0.ea
-- Update to shenandoah-jdk-11.0.7+3 (EA)
-- Resolves: rhbz#1810557
-
-* Sun Feb 16 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.7.2-0.0.ea
-- Update to shenandoah-jdk-11.0.7+2 (EA)
-- Resolves: rhbz#1810557
-
-* Sun Feb 16 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.7.1-0.0.ea
-- Update to shenandoah-jdk-11.0.7+1 (EA)
-- Switch to EA mode for 11.0.7 pre-release builds.
-- Drop JDK-8236039 backport now applied upstream.
-- Resolves: rhbz#1810557
+* Sun Feb 16 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.6.10-2
+- Add JDK-8237396 backport to resolve Shenandoah TCK breakage in traversal mode.
+- Resolves: rhbz#1785753
-* Sat Jan 11 2020 Andrew John Hughes <gnu.andrew@redhat.com> - 1:11.0.6.10-0
+* Sat Jan 11 2020 Andrew John Hughes <gnu.andrew@redhat.com> - 1:11.0.6.10-1
- Update to shenandoah-jdk-11.0.6+10 (GA)
- Switch to GA mode for final release.
- Add JDK-8236039 backport to resolve OpenShift blocker
- Resolves: rhbz#1785753
-* Thu Dec 19 2019 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.6.1-0.0.ea
+* Thu Jan 09 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.6.1-0.1.ea
- Update to shenandoah-jdk-11.0.6+1 (EA)
- Switch to EA mode for 11.0.6 pre-release builds.
- Add support for jfr binary.
- Drop JDK-8230923 now applied upstream.
- Resolves: rhbz#1785753
+* Wed Jan 08 2020 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.5.10-6
+- Update generate_source_tarball.sh script to use the PR3751 patch and retain the secp256k1 curve.
+- Regenerate source tarball using the updated script and add the -'4curve' suffix.
+- Resolves: rhbz#1746875
+
+* Thu Jan 02 2020 Andrew John Hughes <gnu.andrew@redhat.com> - 1:11.0.5.10-5
+- Revert SSBD removal for now, until appropriate messaging has been decided.
+- Resolves: rhbz#1784116
+
+* Fri Dec 27 2019 Andrew John Hughes <gnu.andrew@redhat.com> - 1:11.0.5.10-4
+- Remove CVE-2018-3639 mitigation due to performance regression and
+ OpenJDK position on speculative execution vulnerabilities.
+ https://mail.openjdk.java.net/pipermail/vuln-announce/2019-July/000002.html
+- Resolves: rhbz#1784116
+
+* Wed Nov 06 2019 Andrew John Hughes <gnu.andrew@redhat.com> - 1:11.0.5.10-3
+- Bump release number for RHEL 8.2.0.
+- Resolves: rhbz#1753423
+
* Fri Oct 25 2019 Andrew John Hughes <gnu.andrew@redhat.com> - 1:11.0.5.10-2
- Disable FIPS mode support unless com.redhat.fips is set to "true".
- Resolves: rhbz#1751845