Merge

2025-09-20 19:14:38 +02:00 · 2019-06-18 22:48:27 +02:00 · 2019-06-18 22:48:27 +02:00 · dc82364e05
commit dc82364e05
parent d577d9c678 454f9f9fd0
22 changed files with 463 additions and 74 deletions
--- a/.hgtags
+++ b/.hgtags
@ -563,4 +563,5 @@ f2f11d7f7f4e7128f8aba6ffa576cfa76fbf7d1a jdk-13+21
 b034d2dee5fc93d42a81b65e58ce3f91e42586ff jdk-13+23
 7e2238451585029680f126ccbb46d01f2ff5607f jdk-13+24
 22b3b7983adab54e318f75aeb94471f7a4429c1e jdk-14+0
 22b3b7983adab54e318f75aeb94471f7a4429c1e jdk-13+25
 2f4e214781a1d597ed36bf5a36f20928c6c82996 jdk-14+1
--- a/make/jdk/src/classes/build/tools/generatecacerts/GenerateCacerts.java
+++ b/make/jdk/src/classes/build/tools/generatecacerts/GenerateCacerts.java
@ -25,12 +25,23 @@
 package build.tools.generatecacerts;
 import java.io.DataOutputStream;
 import java.io.FileOutputStream;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.OutputStream;
 import java.io.UnsupportedEncodingException;
 import java.nio.file.Files;
 import java.nio.file.Path;
-import java.security.KeyStore;
+import java.security.DigestOutputStream;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.security.cert.CertificateException;
 import java.security.cert.CertificateFactory;
 import java.security.cert.X509Certificate;
 import java.util.Arrays;
 import java.util.List;
 import java.util.stream.Collectors;
 /**
 * Generate cacerts
@ -39,23 +50,99 @@ import java.security.cert.CertificateFactory;
 */
 public class GenerateCacerts {
    public static void main(String[] args) throws Exception {
        KeyStore ks = KeyStore.getInstance("JKS");
        ks.load(null, null);
        CertificateFactory cf = CertificateFactory.getInstance("X509");
        Files.list(Path.of(args[0]))
                .filter(p -> !p.getFileName().toString().equals("README"))
                .forEach(p -> {
                    try {
                        String alias = p.getFileName().toString() + " [jdk]";
                        try (InputStream fis = Files.newInputStream(p)) {
                            ks.setCertificateEntry(alias, cf.generateCertificate(fis));
                        }
                    } catch (Exception e) {
                        throw new RuntimeException(e);
                    }
                });
        try (FileOutputStream fos = new FileOutputStream(args[1])) {
-            ks.store(fos, "changeit".toCharArray());
+            store(args[0], fos, "changeit".toCharArray());
        }
    }
    // The following code are copied from JavaKeyStore.java.
    private static final int MAGIC = 0xfeedfeed;
    private static final int VERSION_2 = 0x02;
    // This method is a simplified version of JavaKeyStore::engineStore.
    // A new "dir" argument is added. All cert names in "dir" is collected into
    // a sorted array. Each cert is stored with a creation date set to its
    // notBefore value. Thus the output is determined as long as the certs
    // are the same.
    public static void store(String dir, OutputStream stream, char[] password)
            throws IOException, NoSuchAlgorithmException, CertificateException
    {
        byte[] encoded; // the certificate encoding
        CertificateFactory cf = CertificateFactory.getInstance("X509");
        MessageDigest md = getPreKeyedHash(password);
        DataOutputStream dos
                = new DataOutputStream(new DigestOutputStream(stream, md));
        dos.writeInt(MAGIC);
        // always write the latest version
        dos.writeInt(VERSION_2);
        // All file names in dir sorted.
        // README is excluded. Name starting with "." excluded.
        List<String> entries = Files.list(Path.of(dir))
                .map(p -> p.getFileName().toString())
                .filter(s -> !s.equals("README") && !s.startsWith("."))
                .collect(Collectors.toList());
        entries.sort(String::compareTo);
        dos.writeInt(entries.size());
        for (String entry : entries) {
            String alias = entry + " [jdk]";
            X509Certificate cert;
            try (InputStream fis = Files.newInputStream(Path.of(dir, entry))) {
                cert = (X509Certificate) cf.generateCertificate(fis);
            }
            dos.writeInt(2);
            // Write the alias
            dos.writeUTF(alias);
            // Write the (entry creation) date, which is notBefore of the cert
            dos.writeLong(cert.getNotBefore().getTime());
            // Write the trusted certificate
            encoded = cert.getEncoded();
            dos.writeUTF(cert.getType());
            dos.writeInt(encoded.length);
            dos.write(encoded);
        }
        /*
         * Write the keyed hash which is used to detect tampering with
         * the keystore (such as deleting or modifying key or
         * certificate entries).
         */
        byte[] digest = md.digest();
        dos.write(digest);
        dos.flush();
    }
    private static MessageDigest getPreKeyedHash(char[] password)
            throws NoSuchAlgorithmException, UnsupportedEncodingException
    {
        MessageDigest md = MessageDigest.getInstance("SHA");
        byte[] passwdBytes = convertToBytes(password);
        md.update(passwdBytes);
        Arrays.fill(passwdBytes, (byte) 0x00);
        md.update("Mighty Aphrodite".getBytes("UTF8"));
        return md;
    }
    private static byte[] convertToBytes(char[] password) {
        int i, j;
        byte[] passwdBytes = new byte[password.length * 2];
        for (i=0, j=0; i<password.length; i++) {
            passwdBytes[j++] = (byte)(password[i] >> 8);
            passwdBytes[j++] = (byte)password[i];
        }
        return passwdBytes;
    }
 }
--- a/src/hotspot/share/classfile/systemDictionary.cpp
+++ b/src/hotspot/share/classfile/systemDictionary.cpp
@ -2861,14 +2861,17 @@ void SystemDictionary::dump(outputStream *st, bool verbose) {
 }
 TableStatistics SystemDictionary::placeholders_statistics() {
  MutexLocker ml(SystemDictionary_lock);
  return placeholders()->statistics_calculate();
 }
 TableStatistics SystemDictionary::loader_constraints_statistics() {
  MutexLocker ml(SystemDictionary_lock);
  return constraints()->statistics_calculate();
 }
 TableStatistics SystemDictionary::protection_domain_cache_statistics() {
  MutexLocker ml(SystemDictionary_lock);
  return pd_cache_table()->statistics_calculate();
 }
--- a/src/hotspot/share/opto/library_call.cpp
+++ b/src/hotspot/share/opto/library_call.cpp
@ -4501,8 +4501,8 @@ JVMState* LibraryCallKit::arraycopy_restore_alloc_state(AllocateArrayNode* alloc
    ciMethod* trap_method = alloc->jvms()->method();
    int trap_bci = alloc->jvms()->bci();
-    if (!C->too_many_traps(trap_method, trap_bci, Deoptimization::Reason_intrinsic) &
+    if (!C->too_many_traps(trap_method, trap_bci, Deoptimization::Reason_intrinsic) &&
-          !C->too_many_traps(trap_method, trap_bci, Deoptimization::Reason_null_check)) {
+        !C->too_many_traps(trap_method, trap_bci, Deoptimization::Reason_null_check)) {
      // Make sure there's no store between the allocation and the
      // arraycopy otherwise visible side effects could be rexecuted
      // in case of deoptimization and cause incorrect execution.
--- a/src/hotspot/share/prims/jvmtiEnvBase.cpp
+++ b/src/hotspot/share/prims/jvmtiEnvBase.cpp
@ -1083,7 +1083,7 @@ JvmtiEnvBase::get_object_monitor_usage(JavaThread* calling_thread, jobject objec
          // If the monitor has no owner, then a non-suspended contending
          // thread could potentially change the state of the monitor by
          // entering it. The JVM/TI spec doesn't allow this.
-          if (owning_thread == NULL && !at_safepoint &
+          if (owning_thread == NULL && !at_safepoint &&
              !pending_thread->is_thread_fully_suspended(true, &debug_bits)) {
            if (ret.owner != NULL) {
              destroy_jni_reference(calling_thread, ret.owner);
--- a/src/java.base/share/classes/sun/security/ssl/SSLSocketImpl.java
+++ b/src/java.base/share/classes/sun/security/ssl/SSLSocketImpl.java
@ -38,6 +38,7 @@ import java.net.SocketException;
 import java.net.UnknownHostException;
 import java.nio.ByteBuffer;
 import java.util.List;
 import java.util.concurrent.TimeUnit;
 import java.util.concurrent.locks.ReentrantLock;
 import java.util.function.BiFunction;
 import javax.net.ssl.HandshakeCompletedListener;
@ -618,27 +619,76 @@ public final class SSLSocketImpl
        // Need a lock here so that the user_canceled alert and the
        // close_notify alert can be delivered together.
-        conContext.outputRecord.recordLock.lock();
+        int linger = getSoLinger();
-        try {
+        if (linger >= 0) {
            // don't wait more than SO_LINGER for obtaining the
            // the lock.
            //
            // keep and clear the current thread interruption status.
            boolean interrupted = Thread.interrupted();
            try {
-                // send a user_canceled alert if needed.
+                if (conContext.outputRecord.recordLock.tryLock() ||
-                if (useUserCanceled) {
+                        conContext.outputRecord.recordLock.tryLock(
-                    conContext.warning(Alert.USER_CANCELED);
+                                linger, TimeUnit.SECONDS)) {
-                }
+                    try {
                        handleClosedNotifyAlert(useUserCanceled);
                    } finally {
                        conContext.outputRecord.recordLock.unlock();
                    }
                } else {
                    // For layered, non-autoclose sockets, we are not
                    // able to bring them into a usable state, so we
                    // treat it as fatal error.
                    if (!super.isOutputShutdown()) {
                        if (isLayered() && !autoClose) {
                            throw new SSLException(
                                    "SO_LINGER timeout, " +
                                    "close_notify message cannot be sent.");
                        } else {
                            super.shutdownOutput();
                            if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
                                SSLLogger.warning(
                                    "SSLSocket output duplex close failed: " +
                                    "SO_LINGER timeout, " +
                                    "close_notify message cannot be sent.");
                            }
                        }
                    }
-                // send a close_notify alert
+                    // RFC2246 requires that the session becomes
-                conContext.warning(Alert.CLOSE_NOTIFY);
+                    // unresumable if any connection is terminated
-            } finally {
+                    // without proper close_notify messages with
-                if (!conContext.isOutboundClosed()) {
+                    // level equal to warning.
-                    conContext.outputRecord.close();
+                    //
-                }
+                    // RFC4346 no longer requires that a session not be
-
+                    // resumed if failure to properly close a connection.
-                if ((autoClose || !isLayered()) && !super.isOutputShutdown()) {
+                    //
-                    super.shutdownOutput();
+                    // We choose to make the session unresumable if
                    // failed to send the close_notify message.
                    //
                    conContext.conSession.invalidate();
                    if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
                        SSLLogger.warning(
                                "Invalidate the session: SO_LINGER timeout, " +
                                "close_notify message cannot be sent.");
                    }
                }
            } catch (InterruptedException ex) {
                // keep interrupted status
                interrupted = true;
            }
            // restore the interrupted status
            if (interrupted) {
                Thread.currentThread().interrupt();
            }
        } else {
            conContext.outputRecord.recordLock.lock();
            try {
                handleClosedNotifyAlert(useUserCanceled);
            } finally {
                conContext.outputRecord.recordLock.unlock();
            }
        } finally {
            conContext.outputRecord.recordLock.unlock();
        }
        if (!isInputShutdown()) {
@ -646,6 +696,28 @@ public final class SSLSocketImpl
        }
    }
    private void handleClosedNotifyAlert(
            boolean useUserCanceled) throws IOException {
        try {
            // send a user_canceled alert if needed.
            if (useUserCanceled) {
                conContext.warning(Alert.USER_CANCELED);
            }
            // send a close_notify alert
            conContext.warning(Alert.CLOSE_NOTIFY);
        } finally {
            if (!conContext.isOutboundClosed()) {
                conContext.outputRecord.close();
            }
            if (!super.isOutputShutdown() &&
                    (autoClose || !isLayered())) {
                super.shutdownOutput();
            }
        }
    }
    /**
     * Duplex close, start from closing inbound.
     *
--- a/src/java.base/share/classes/sun/security/tools/keytool/Main.java
+++ b/src/java.base/share/classes/sun/security/tools/keytool/Main.java
@ -2418,9 +2418,9 @@ public final class Main {
        out.println(form.format(source));
        out.println();
-        for (Enumeration<String> e = keyStore.aliases();
+        List<String> aliases = Collections.list(keyStore.aliases());
-                                        e.hasMoreElements(); ) {
+        aliases.sort(String::compareTo);
-            String alias = e.nextElement();
+        for (String alias : aliases) {
            doPrintEntry("<" + alias + ">", alias, out);
            if (verbose || rfc) {
                out.println(rb.getString("NEWLINE"));
--- a/src/jdk.compiler/share/classes/com/sun/tools/javac/main/Main.java
+++ b/src/jdk.compiler/share/classes/com/sun/tools/javac/main/Main.java
@ -477,7 +477,7 @@ public class Main {
        }
        try (InputStream in = getClass().getResourceAsStream('/' + className.replace('.', '/') + ".class")) {
-            final String algorithm = "MD5";
+            final String algorithm = "SHA-256";
            byte[] digest;
            MessageDigest md = MessageDigest.getInstance(algorithm);
            try (DigestInputStream din = new DigestInputStream(in, md)) {
--- a/src/jdk.crypto.cryptoki/share/native/libj2pkcs11/p11_general.c
+++ b/src/jdk.crypto.cryptoki/share/native/libj2pkcs11/p11_general.c
@ -51,6 +51,7 @@
 #include <stdlib.h>
 #include <string.h>
 #include <assert.h>
 #include "jlong.h"
 #include "sun_security_pkcs11_wrapper_PKCS11.h"
@ -96,8 +97,8 @@ JNIEXPORT jlong JNICALL
 Java_sun_security_pkcs11_wrapper_PKCS11_freeMechanism
 (JNIEnv *env, jclass thisClass, jlong ckpMechanism) {
    if (ckpMechanism != 0L) {
-        freeCKMechanismPtr((CK_MECHANISM_PTR) ckpMechanism);
+        freeCKMechanismPtr(jlong_to_ptr(ckpMechanism));
-        TRACE1("DEBUG PKCS11_freeMechanism: free pMech = %x\n", (jlong)ckpMechanism);
+        TRACE1("DEBUG PKCS11_freeMechanism: free pMech = %x\n", ckpMechanism);
    }
    return 0L;
 }
--- a/src/jdk.crypto.cryptoki/share/native/libj2pkcs11/p11_sign.c
+++ b/src/jdk.crypto.cryptoki/share/native/libj2pkcs11/p11_sign.c
@ -91,8 +91,8 @@ JNIEXPORT void JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1SignInit
            (ckpMechanism->pParameter == NULL)) {
        freeCKMechanismPtr(ckpMechanism);
    } else {
-        (*env)->SetLongField(env, jMechanism, mech_pHandleID, (jlong)ckpMechanism);
+        (*env)->SetLongField(env, jMechanism, mech_pHandleID, ptr_to_jlong(ckpMechanism));
-        TRACE1("DEBUG C_SignInit: stored pMech = 0x%lX\n", (jlong)ckpMechanism);
+        TRACE1("DEBUG C_SignInit: stored pMech = 0x%lX\n", ptr_to_jlong(ckpMechanism));
    }
    TRACE0("FINISHED\n");
 }
@ -303,8 +303,8 @@ JNIEXPORT void JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1SignRecoverIni
            (ckpMechanism->pParameter == NULL)) {
        freeCKMechanismPtr(ckpMechanism);
    } else {
-        (*env)->SetLongField(env, jMechanism, mech_pHandleID, (jlong)ckpMechanism);
+        (*env)->SetLongField(env, jMechanism, mech_pHandleID, ptr_to_jlong(ckpMechanism));
-        TRACE1("DEBUG C_SignRecoverInit, stored pMech = 0x%lX\n", (jlong)ckpMechanism);
+        TRACE1("DEBUG C_SignRecoverInit, stored pMech = 0x%lX\n", ptr_to_jlong(ckpMechanism));
    }
    TRACE0("FINISHED\n");
 }
@ -413,8 +413,8 @@ JNIEXPORT void JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1VerifyInit
            (ckpMechanism->pParameter == NULL)) {
        freeCKMechanismPtr(ckpMechanism);
    } else {
-        (*env)->SetLongField(env, jMechanism, mech_pHandleID, (jlong)ckpMechanism);
+        (*env)->SetLongField(env, jMechanism, mech_pHandleID, ptr_to_jlong(ckpMechanism));
-        TRACE1("DEBUG C_VerifyInit: stored pMech = 0x%lX\n", (jlong)ckpMechanism);
+        TRACE1("DEBUG C_VerifyInit: stored pMech = 0x%lX\n", ptr_to_jlong(ckpMechanism));
    }
    TRACE0("FINISHED\n");
 }
@ -601,8 +601,8 @@ JNIEXPORT void JNICALL Java_sun_security_pkcs11_wrapper_PKCS11_C_1VerifyRecoverI
            (ckpMechanism->pParameter == NULL)) {
        freeCKMechanismPtr(ckpMechanism);
    } else {
-        (*env)->SetLongField(env, jMechanism, mech_pHandleID, (jlong)ckpMechanism);
+        (*env)->SetLongField(env, jMechanism, mech_pHandleID, ptr_to_jlong(ckpMechanism));
-        TRACE1("DEBUG C_VerifyRecoverInit: stored pMech = 0x%lX\n", (jlong)ckpMechanism);
+        TRACE1("DEBUG C_VerifyRecoverInit: stored pMech = 0x%lX\n", ptr_to_jlong(ckpMechanism));
    }
    TRACE0("FINISHED\n");
 }
--- a/src/jdk.jdeps/share/classes/com/sun/tools/javap/JavapTask.java
+++ b/src/jdk.jdeps/share/classes/com/sun/tools/javap/JavapTask.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2007, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2007, 2019, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -808,7 +808,7 @@ public class JavapTask implements DisassemblerTool.DisassemblerTask, Messages {
            MessageDigest md  = null;
            if (options.sysInfo || options.verbose) {
                try {
-                    md = MessageDigest.getInstance("MD5");
+                    md = MessageDigest.getInstance("SHA-256");
                } catch (NoSuchAlgorithmException ignore) {
                }
                in = new DigestInputStream(in, md);
@ -829,7 +829,7 @@ public class JavapTask implements DisassemblerTool.DisassemblerTask, Messages {
        if (options.sysInfo || options.verbose) {
            classWriter.setFile(info.fo.toUri());
            classWriter.setLastModified(info.fo.getLastModified());
-            classWriter.setDigest("MD5", info.digest);
+            classWriter.setDigest("SHA-256", info.digest);
            classWriter.setFileSize(info.size);
        }
--- a/src/jdk.jdeps/share/classes/com/sun/tools/javap/resources/javap.properties
+++ b/src/jdk.jdeps/share/classes/com/sun/tools/javap/resources/javap.properties
@ -99,7 +99,7 @@ main.opt.constants=\
 \  -constants                       Show final constants
 main.opt.sysinfo=\
-\  -sysinfo                         Show system info (path, size, date, MD5 hash)\n\
+\  -sysinfo                         Show system info (path, size, date, SHA-256 hash)\n\
 \                                   of class being processed
 main.opt.module=\
--- a/test/hotspot/jtreg/ProblemList-graal.txt
+++ b/test/hotspot/jtreg/ProblemList-graal.txt
@ -43,8 +43,6 @@ compiler/jsr292/InvokerSignatureMismatch.java                   8223807   generi
 compiler/graalunit/JttThreadsTest.java                          8207757   generic-all
 compiler/jvmci/SecurityRestrictionsTest.java                    8181837   generic-all
 compiler/unsafe/UnsafeGetConstantField.java                     8181833   generic-all
 compiler/unsafe/UnsafeGetStableArrayElement.java                8181833   generic-all
 compiler/unsafe/UnsafeOffHeapBooleanTest.java                   8181833   generic-all
@ -62,7 +60,7 @@ gc/g1/TestConcurrentSystemGC.java                               8196611   generi
 gc/g1/TestPeriodicCollection.java                               8196611   generic-all
 gc/g1/TestFromCardCacheIndex.java                               8196611   generic-all
 gc/parallel/TestPrintGCDetailsVerbose.java                      8196611   generic-all
-vm/gc/InfiniteList.java                                         8196611   generic-all
+gc/InfiniteList.java                                            8196611   generic-all
 vmTestbase/gc/lock/jni/jnilock001/TestDescription.java          8196611   generic-all
 vmTestbase/gc/lock/jniref/jnireflock04/TestDescription.java     8196611   generic-all
@ -176,7 +174,6 @@ vmTestbase/nsk/jdi/BScenarios/hotswap/tc06x001/TestDescription.java
 vmTestbase/nsk/jdi/BScenarios/hotswap/tc08x001/TestDescription.java                               8195635 generic-all
 vmTestbase/nsk/jdi/BScenarios/hotswap/tc10x002/TestDescription.java                               8195635 generic-all
 vmTestbase/nsk/jdi/MethodExitEvent/returnValue/returnValue003/returnValue003.java                 8195635 generic-all
 vmTestbase/nsk/jdi/Scenarios/invokeMethod/popframes001/TestDescription.jav                        8195635 generic-all
 vmTestbase/nsk/jdi/Scenarios/invokeMethod/popframes001/TestDescription.java                       8195635 generic-all
 vmTestbase/nsk/jdi/ThreadReference/popFrames/popframes001/TestDescription.java                    8195635 generic-all
 vmTestbase/nsk/jdi/VirtualMachine/redefineClasses/redefineclasses002/TestDescription.java         8195635 generic-all
--- a/test/hotspot/jtreg/ProblemList.txt
+++ b/test/hotspot/jtreg/ProblemList.txt
@ -80,7 +80,6 @@ gc/metaspace/CompressedClassSpaceSizeInJmapHeap.java 8193639 solaris-all
 # :hotspot_runtime
 runtime/SharedArchiveFile/SASymbolTableTest.java 8193639 solaris-all
 runtime/jni/terminatedThread/TestTerminatedThread.java 8219652 aix-ppc64
 #############################################################################
@ -107,8 +106,6 @@ serviceability/sa/ClhsdbPstack.java 8193639,8211767 solaris-all,linux-ppc64le,li
 serviceability/sa/ClhsdbRegionDetailsScanOopsForG1.java 8193639 solaris-all
 serviceability/sa/ClhsdbScanOops.java 8193639,8211767 solaris-all,linux-ppc64le,linux-ppc64
 serviceability/sa/ClhsdbSource.java 8193639,8211767 solaris-all,linux-ppc64le,linux-ppc64
 serviceability/sa/ClhsdbSymbol.java 8193639 solaris-all
 serviceability/sa/ClhsdbSymbolTable.java 8193639 solaris-all
 serviceability/sa/ClhsdbThread.java 8193639,8211767 solaris-all,linux-ppc64le,linux-ppc64
 serviceability/sa/ClhsdbVmStructsDump.java 8193639 solaris-all
 serviceability/sa/ClhsdbWhere.java 8193639,8211767 solaris-all,linux-ppc64le,linux-ppc64
--- a/test/hotspot/jtreg/compiler/compilercontrol/share/scenario/Command.java
+++ b/test/hotspot/jtreg/compiler/compilercontrol/share/scenario/Command.java
@ -33,8 +33,8 @@ import java.util.Arrays;
 public enum Command {
    COMPILEONLY("compileonly", ".*", "-Xbatch"),
    EXCLUDE("exclude", "", "-Xbatch"),
-    INLINE("inline", ".*", "-Xbatch"),
+    INLINE("inline", ".*", "-Xbatch", "-XX:InlineSmallCode=4000"),
-    DONTINLINE("dontinline", "", "-Xbatch"),
+    DONTINLINE("dontinline", "", "-Xbatch", "-XX:InlineSmallCode=4000"),
    LOG("log", "", "-XX:+UnlockDiagnosticVMOptions",
            "-XX:+LogCompilation", "-XX:LogFile=" + LogProcessor.LOG_FILE),
    PRINT("print", ""),
--- a/test/jdk/ProblemList-graal.txt
+++ b/test/jdk/ProblemList-graal.txt
@ -76,7 +76,6 @@ java/lang/ref/OOMEInReferenceHandler.java                               8196611
 java/lang/ref/SoftReference/Pin.java                                    8196611   generic-all
 java/lang/Runtime/exec/LotsOfOutput.java                                8196611   generic-all
 java/util/concurrent/ScheduledThreadPoolExecutor/BasicCancelTest.java   8196611   generic-all
 vm/gc/InfiniteList.java                                                 8196611   generic-all
 # tests require pop_frame and force_early_return capabilities
 com/sun/jdi/RedefineTTYLineNumber.java                                  8195635   generic-all
--- a/test/jdk/javax/net/ssl/SSLSocket/Tls13PacketSize.java
+++ b/test/jdk/javax/net/ssl/SSLSocket/Tls13PacketSize.java
@ -53,6 +53,9 @@ public class Tls13PacketSize extends SSLSocketTemplate {
    @Override
    protected void runServerApplication(SSLSocket socket) throws Exception {
        // Set SO_LINGER in case of slow socket
        socket.setSoLinger(true, 10);
        // here comes the test logic
        InputStream sslIS = socket.getInputStream();
        OutputStream sslOS = socket.getOutputStream();
@ -81,6 +84,9 @@ public class Tls13PacketSize extends SSLSocketTemplate {
     * @see #isCustomizedClientConnection()
     */
    protected void runClientApplication(SSLSocket socket) throws Exception {
        // Set SO_LINGER in case of slow socket
        socket.setSoLinger(true, 10);
        socket.setEnabledProtocols(new String[] {"TLSv1.3"});
        InputStream sslIS = socket.getInputStream();
        OutputStream sslOS = socket.getOutputStream();
--- a/test/jdk/sun/security/lib/cacerts/VerifyCACerts.java
+++ b/test/jdk/sun/security/lib/cacerts/VerifyCACerts.java
@ -26,11 +26,13 @@
 * @test
 * @bug 8189131 8198240 8191844 8189949 8191031 8196141 8204923 8195774 8199779
 *      8209452 8209506 8210432 8195793 8216577 8222089 8222133 8222137 8222136
- *      8223499
+ *      8223499 8225392
 * @summary Check root CA entries in cacerts file
 */
 import java.io.ByteArrayInputStream;
 import java.io.File;
-import java.io.FileInputStream;
+import java.nio.file.Files;
 import java.nio.file.Path;
 import java.security.KeyStore;
 import java.security.MessageDigest;
 import java.security.cert.Certificate;
@ -52,6 +54,11 @@ public class VerifyCACerts {
    // The numbers of certs now.
    private static final int COUNT = 88;
    // SHA-256 of cacerts, can be generated with
    // shasum -a 256 cacerts | sed -e 's/../&:/g' | tr '[:lower:]' '[:upper:]' | cut -c1-95
    private static final String CHECKSUM
            = "4E:21:94:7C:1D:49:28:BB:34:B0:40:DF:AE:19:B4:41:C6:B5:8A:EE:EB:D5:DE:B4:EF:07:AF:63:18:73:A6:FE";
    // map of cert alias to SHA-256 fingerprint
    @SuppressWarnings("serial")
    private static final Map<String, String> FINGERPRINT_MAP = new HashMap<>() {
@ -255,8 +262,16 @@ public class VerifyCACerts {
    public static void main(String[] args) throws Exception {
        System.out.println("cacerts file: " + CACERTS);
        md = MessageDigest.getInstance("SHA-256");
        byte[] data = Files.readAllBytes(Path.of(CACERTS));
        String checksum = toHexString(md.digest(data));
        if (!checksum.equals(CHECKSUM)) {
            atLeastOneFailed = true;
            System.err.println("ERROR: wrong checksum\n" + checksum);
        }
        KeyStore ks = KeyStore.getInstance("JKS");
-        ks.load(new FileInputStream(CACERTS), "changeit".toCharArray());
+        ks.load(new ByteArrayInputStream(data), "changeit".toCharArray());
        // check the count of certs inside
        if (ks.size() != COUNT) {
--- a/test/jdk/sun/security/ssl/SSLSocketImpl/BlockedAsyncClose.java
+++ b/test/jdk/sun/security/ssl/SSLSocketImpl/BlockedAsyncClose.java
@ -0,0 +1,147 @@
 /*
 * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 * or visit www.oracle.com if you need additional information or have any
 * questions.
 */
 //
 // SunJSSE does not support dynamic system properties, no way to re-use
 // system properties in samevm/agentvm mode.
 //
 /*
 * @test
 * @bug 8224829
 * @summary AsyncSSLSocketClose.java has timing issue
 * @run main/othervm BlockedAsyncClose
 */
 import javax.net.ssl.*;
 import java.io.*;
 import java.net.SocketException;
 import java.net.InetAddress;
 import java.net.InetSocketAddress;
 import java.util.concurrent.CountDownLatch;
 import java.util.concurrent.TimeUnit;
 public class BlockedAsyncClose implements Runnable {
    SSLSocket socket;
    SSLServerSocket ss;
    // Is the socket ready to close?
    private final CountDownLatch closeCondition = new CountDownLatch(1);
    // Where do we find the keystores?
    static String pathToStores = "../../../../javax/net/ssl/etc";
    static String keyStoreFile = "keystore";
    static String trustStoreFile = "truststore";
    static String passwd = "passphrase";
    public static void main(String[] args) throws Exception {
        String keyFilename =
            System.getProperty("test.src", "./") + "/" + pathToStores +
                "/" + keyStoreFile;
        String trustFilename =
            System.getProperty("test.src", "./") + "/" + pathToStores +
                "/" + trustStoreFile;
        System.setProperty("javax.net.ssl.keyStore", keyFilename);
        System.setProperty("javax.net.ssl.keyStorePassword", passwd);
        System.setProperty("javax.net.ssl.trustStore", trustFilename);
        System.setProperty("javax.net.ssl.trustStorePassword", passwd);
        new BlockedAsyncClose();
    }
    public BlockedAsyncClose() throws Exception {
        SSLServerSocketFactory sslssf =
                (SSLServerSocketFactory)SSLServerSocketFactory.getDefault();
        InetAddress loopback = InetAddress.getLoopbackAddress();
        ss = (SSLServerSocket)sslssf.createServerSocket();
        ss.bind(new InetSocketAddress(loopback, 0));
        SSLSocketFactory sslsf =
            (SSLSocketFactory)SSLSocketFactory.getDefault();
        socket = (SSLSocket)sslsf.createSocket(loopback, ss.getLocalPort());
        SSLSocket serverSoc = (SSLSocket)ss.accept();
        ss.close();
        (new Thread(this)).start();
        serverSoc.startHandshake();
        boolean closeIsReady = closeCondition.await(90L, TimeUnit.SECONDS);
        if (!closeIsReady) {
            System.out.println(
                    "Ignore, the closure is not ready yet in 90 seconds.");
            return;
        }
        socket.setSoLinger(true, 10);
        System.out.println("Calling Socket.close");
        // Sleep for a while so that the write thread blocks by hitting the
        // output stream buffer limit.
        Thread.sleep(1000);
        socket.close();
        System.out.println("ssl socket get closed");
        System.out.flush();
    }
    // block in write
    public void run() {
        byte[] ba = new byte[1024];
        for (int i = 0; i < ba.length; i++) {
            ba[i] = 0x7A;
        }
        try {
            OutputStream os = socket.getOutputStream();
            int count = 0;
            // 1st round write
            count += ba.length;
            System.out.println(count + " bytes to be written");
            os.write(ba);
            System.out.println(count + " bytes written");
            // Signal, ready to close.
            closeCondition.countDown();
            // write more
            while (true) {
                count += ba.length;
                System.out.println(count + " bytes to be written");
                os.write(ba);
                System.out.println(count + " bytes written");
            }
        } catch (SocketException se) {
            // the closing may be in progress
            System.out.println("interrupted? " + se);
        } catch (Exception e) {
            if (socket.isClosed() || socket.isOutputShutdown()) {
                System.out.println("interrupted, the socket is closed");
            } else {
                throw new RuntimeException("interrupted?", e);
            }
        }
    }
 }
--- a/test/jdk/sun/security/tools/keytool/ListOrder.java
+++ b/test/jdk/sun/security/tools/keytool/ListOrder.java
@ -0,0 +1,64 @@
 /*
 * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 * or visit www.oracle.com if you need additional information or have any
 * questions.
 */
 /**
 * @test
 * @bug 8225392
 * @summary Comparison builds are failing due to cacerts file
 * @library /test/lib
 */
 import jdk.test.lib.SecurityTools;
 import java.util.Random;
 public class ListOrder {
    public static void main(String[] args) throws Throwable {
        Random rand = new Random();
        for (int i = 0; i < 10; i++) {
            gen(String.format("a%02d", rand.nextInt(100)));
        }
        String last = "";
        for (String line : SecurityTools.keytool(
                "-keystore ks -storepass changeit -list").asLines()) {
            if (line.contains("PrivateKeyEntry")) {
                // This is the line starting with the alias
                System.out.println(line);
                if (line.compareTo(last) <= 0) {
                    throw new RuntimeException("Not ordered");
                } else {
                    last = line;
                }
            }
        }
    }
    static void gen(String a) throws Exception {
        // Do not check result, there might be duplicated alias(es).
        SecurityTools.keytool("-keystore ks -storepass changeit "
                + "-keyalg ec -genkeypair -alias " + a + " -dname CN=" + a);
    }
 }
--- a/test/langtools/tools/javac/T6942649.java
+++ b/test/langtools/tools/javac/T6942649.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2010, 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2010, 2019, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -23,7 +23,7 @@
 /*
 * @test
- * @bug 6942649
+ * @bug 6942649 8225748
 * @summary add hidden option to identify location and version of javac classes
 * @modules jdk.compiler
 */
@ -60,7 +60,7 @@ public class T6942649 {
                throw new Exception("location of class not found in output");
        }
-        if (!out.contains("MD5 checksum: "))
+        if (!out.contains("SHA-256 checksum: "))
            throw new Exception("checksum not found in output");
    }
 }
--- a/test/langtools/tools/javap/T4884240.java
+++ b/test/langtools/tools/javap/T4884240.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2008, 2016, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2008, 2019, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -23,7 +23,7 @@
 /*
 * @test
- * @bug 4884240
+ * @bug 4884240 8225748
 * @summary additional option required for javap
 * @modules jdk.jdeps/com.sun.tools.javap
 */
@ -47,7 +47,7 @@ public class T4884240 {
        if (lines.length < 3
            || !lines[0].trim().startsWith("Classfile")
            || !lines[1].trim().startsWith("Last modified")
-            || !lines[2].trim().startsWith("MD5")) {
+            || !lines[2].trim().startsWith("SHA-256")) {
            System.out.println(sw);
            throw new Exception("unexpected output");
        }