Merge branch master into JDK-8252870

openjdk · Oct 21, 2020 · 8bf6b0a · 8bf6b0a
2 parents 7857012 + 8d9e6d0
commit 8bf6b0a
Show file tree

Hide file tree

Showing 585 changed files with 29,567 additions and 12,587 deletions.
diff --git a/.github/workflows/submit.yml b/.github/workflows/submit.yml
@@ -18,6 +18,7 @@ jobs:
     outputs:
       should_run: ${{ steps.check_submit.outputs.should_run }}
       bundle_id: ${{ steps.check_bundle_id.outputs.bundle_id }}
+      platform_linux_x32: ${{ steps.check_platforms.outputs.platform_linux_x32 }}
       platform_linux_x64: ${{ steps.check_platforms.outputs.platform_linux_x64 }}
       platform_windows_x64: ${{ steps.check_platforms.outputs.platform_windows_x64 }}
       platform_macos_x64: ${{ steps.check_platforms.outputs.platform_macos_x64 }}
@@ -32,6 +33,7 @@ jobs:
         id: check_platforms
         run: |
           echo "::set-output name=platform_linux_x64::${{ contains(github.event.inputs.platforms, 'linux x64') || (github.event.inputs.platforms == '' && (secrets.JDK_SUBMIT_PLATFORMS == '' || contains(secrets.JDK_SUBMIT_PLATFORMS, 'linux x64'))) }}"
+          echo "::set-output name=platform_linux_x32::${{ contains(github.event.inputs.platforms, 'linux x32') || (github.event.inputs.platforms == '' && (secrets.JDK_SUBMIT_PLATFORMS == '' || contains(secrets.JDK_SUBMIT_PLATFORMS, 'linux x32'))) }}"
           echo "::set-output name=platform_windows_x64::${{ contains(github.event.inputs.platforms, 'windows x64') || (github.event.inputs.platforms == '' && (secrets.JDK_SUBMIT_PLATFORMS == '' || contains(secrets.JDK_SUBMIT_PLATFORMS, 'windows x64'))) }}"
           echo "::set-output name=platform_macos_x64::${{ contains(github.event.inputs.platforms, 'macos x64') || (github.event.inputs.platforms == '' && (secrets.JDK_SUBMIT_PLATFORMS == '' || contains(secrets.JDK_SUBMIT_PLATFORMS, 'macos x64'))) }}"
         if: steps.check_submit.outputs.should_run != 'false'
@@ -356,6 +358,103 @@ jobs:
           path: build/*/test-results
         continue-on-error: true
 
+  linux_x32_build:
+    name: Linux x32
+    runs-on: "ubuntu-latest"
+    needs: prerequisites
+    if: needs.prerequisites.outputs.should_run != 'false' && needs.prerequisites.outputs.platform_linux_x32 != 'false'
+
+    strategy:
+      fail-fast: false
+      matrix:
+        flavor:
+          - build debug
+        include:
+          - flavor: build debug
+            flags: --enable-debug
+            artifact: -debug
+
+    # Reduced 32-bit build uses the same boot JDK as 64-bit build
+    env:
+      JDK_VERSION: "${{ fromJson(needs.prerequisites.outputs.dependencies).DEFAULT_VERSION_FEATURE }}"
+      BOOT_JDK_VERSION: "${{ fromJson(needs.prerequisites.outputs.dependencies).BOOT_JDK_VERSION }}"
+      BOOT_JDK_FILENAME: "${{ fromJson(needs.prerequisites.outputs.dependencies).LINUX_X64_BOOT_JDK_FILENAME }}"
+      BOOT_JDK_URL: "${{ fromJson(needs.prerequisites.outputs.dependencies).LINUX_X64_BOOT_JDK_URL }}"
+      BOOT_JDK_SHA256: "${{ fromJson(needs.prerequisites.outputs.dependencies).LINUX_X64_BOOT_JDK_SHA256 }}"
+
+    steps:
+      - name: Checkout the source
+        uses: actions/checkout@v2
+        with:
+          path: jdk
+
+      - name: Restore boot JDK from cache
+        id: bootjdk
+        uses: actions/cache@v2
+        with:
+          path: ~/bootjdk/${{ env.BOOT_JDK_VERSION }}
+          key: bootjdk-${{ runner.os }}-${{ env.BOOT_JDK_VERSION }}-${{ env.BOOT_JDK_SHA256 }}-v1
+
+      - name: Download boot JDK
+        run: |
+          mkdir -p "${HOME}/bootjdk/${BOOT_JDK_VERSION}"
+          wget -O "${HOME}/bootjdk/${BOOT_JDK_FILENAME}" "${BOOT_JDK_URL}"
+          echo "${BOOT_JDK_SHA256} ${HOME}/bootjdk/${BOOT_JDK_FILENAME}" | sha256sum -c >/dev/null -
+          tar -xf "${HOME}/bootjdk/${BOOT_JDK_FILENAME}" -C "${HOME}/bootjdk/${BOOT_JDK_VERSION}"
+          mv "${HOME}/bootjdk/${BOOT_JDK_VERSION}/"*/* "${HOME}/bootjdk/${BOOT_JDK_VERSION}/"
+        if: steps.bootjdk.outputs.cache-hit != 'true'
+
+      - name: Restore jtreg artifact
+        id: jtreg_restore
+        uses: actions/download-artifact@v2
+        with:
+          name: transient_jtreg_${{ needs.prerequisites.outputs.bundle_id }}
+          path: ~/jtreg/
+        continue-on-error: true
+
+      - name: Restore jtreg artifact (retry)
+        uses: actions/download-artifact@v2
+        with:
+          name: transient_jtreg_${{ needs.prerequisites.outputs.bundle_id }}
+          path: ~/jtreg/
+        if: steps.jtreg_restore.outcome == 'failure'
+
+      - name: Checkout gtest sources
+        uses: actions/checkout@v2
+        with:
+          repository: "google/googletest"
+          ref: "release-${{ fromJson(needs.prerequisites.outputs.dependencies).GTEST_VERSION }}"
+          path: gtest
+
+      # Roll in the multilib environment and its dependencies.
+      # Some multilib libraries do not have proper inter-dependencies, so we have to
+      # install their dependencies manually.
+      - name: Install dependencies
+        run: |
+          sudo dpkg --add-architecture i386
+          sudo apt-get update
+          sudo apt-get install gcc-multilib g++-multilib libfreetype6-dev:i386 libxrandr-dev:i386 libxtst-dev:i386 libtiff-dev:i386 libcupsimage2-dev:i386 libcups2-dev:i386 libasound2-dev:i386
+
+      - name: Configure
+        run: >
+          bash configure
+          --with-conf-name=linux-x32
+          --with-target-bits=32
+          ${{ matrix.flags }}
+          --with-version-opt=${GITHUB_ACTOR}-${GITHUB_SHA}
+          --with-version-build=0
+          --with-boot-jdk=${HOME}/bootjdk/${BOOT_JDK_VERSION}
+          --with-jtreg=${HOME}/jtreg
+          --with-gtest=${GITHUB_WORKSPACE}/gtest
+          --with-default-make-target="product-bundles test-bundles"
+          --with-zlib=system
+          --enable-jtreg-failure-handler
+        working-directory: jdk
+
+      - name: Build
+        run: make CONF_NAME=linux-x32 ${{ matrix.build-target }}
+        working-directory: jdk
+
   windows_x64_build:
     name: Windows x64
     runs-on: "windows-latest"

diff --git a/.hgignore b/.hgignore
diff --git a/make/CompileJavaModules.gmk b/make/CompileJavaModules.gmk
@@ -546,6 +546,10 @@ jdk.jfr_DISABLED_WARNINGS += exports
 jdk.jfr_COPY := .xsd .xml .dtd
 jdk.jfr_JAVAC_FLAGS := -XDstringConcat=inline
 
+################################################################################
+
+jdk.incubator.vector_DOCLINT += -Xdoclint:all/protected
+
 ################################################################################
 # If this is an imported module that has prebuilt classes, only compile
 # module-info.java.

diff --git a/make/CompileToolsJdk.gmk b/make/CompileToolsJdk.gmk
@@ -56,7 +56,8 @@ $(eval $(call SetupJavaCompilation, BUILD_TOOLS_JDK, \
     DISABLED_WARNINGS := options, \
     JAVAC_FLAGS := \
         --add-exports java.desktop/sun.awt=ALL-UNNAMED \
-        --add-exports java.base/sun.text=ALL-UNNAMED, \
+        --add-exports java.base/sun.text=ALL-UNNAMED \
+        --add-exports java.base/sun.security.util=ALL-UNNAMED, \
 ))
 
 TARGETS += $(BUILD_TOOLS_JDK)

diff --git a/make/ToolsJdk.gmk b/make/ToolsJdk.gmk
@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2011, 2019, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2011, 2020, Oracle and/or its affiliates. All rights reserved.
 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 #
 # This code is free software; you can redistribute it and/or modify it
@@ -68,6 +68,7 @@ TOOL_TZDB = $(JAVA_SMALL) -cp $(BUILDTOOLS_OUTPUTDIR)/jdk_tools_classes \
     build.tools.tzdb.TzdbZoneRulesCompiler
 
 TOOL_BLACKLISTED_CERTS = $(JAVA_SMALL) -cp $(BUILDTOOLS_OUTPUTDIR)/jdk_tools_classes \
+    --add-exports java.base/sun.security.util=ALL-UNNAMED \
     build.tools.blacklistedcertsconverter.BlacklistedCertsConverter
 
 TOOL_MAKEJAVASECURITY = $(JAVA_SMALL) -cp $(BUILDTOOLS_OUTPUTDIR)/jdk_tools_classes \

diff --git a/make/conf/jib-profiles.js b/make/conf/jib-profiles.js
@@ -960,7 +960,7 @@ var getJibProfilesDependencies = function (input, common) {
 
     var devkit_platform_revisions = {
         linux_x64: "gcc10.2.0-OL6.4+1.0",
-        macosx_x64: "Xcode11.3.1-MacOSX10.15+1.0",
+        macosx_x64: "Xcode11.3.1-MacOSX10.15+1.1",
         windows_x64: "VS2019-16.7.2+1.0",
         linux_aarch64: "gcc10.2.0-OL7.6+1.0",
         linux_arm: "gcc8.2.0-Fedora27+1.0",

diff --git a/make/data/blacklistedcertsconverter/blacklisted.certs.pem b/make/data/blacklistedcertsconverter/blacklisted.certs.pem
@@ -1,8 +1,7 @@
 #! java BlacklistedCertsConverter SHA-256
 
-# The line above must be the first line of the blacklisted.certs.pem
-# file inside src/share/lib/security/. It will be ignored if added in
-# src/closed/share/lib/security/blacklisted.certs.pem.
+# The line above must be the first line of this file. Do not
+# remove it.
 
 // Subject: CN=Digisign Server ID (Enrich),
 //          OU=457608-K,

diff --git a/make/devkit/createMacosxDevkit.sh b/make/devkit/createMacosxDevkit.sh
@@ -91,7 +91,6 @@ EXCLUDE_DIRS=" \
     Platforms/AppleTVSimulator.platform \
     Platforms/iPhoneSimulator.platform \
     Platforms/WatchSimulator.platform \
-    Contents/SharedFrameworks/LLDB.framework \
     Contents/SharedFrameworks/ModelIO.framework \
     Contents/SharedFrameworks/XCSUI.framework \
     Contents/SharedFrameworks/SceneKit.framework \

diff --git a/make/hotspot/symbols/symbols-unix b/make/hotspot/symbols/symbols-unix
@@ -143,15 +143,15 @@ JVM_InternString
 JVM_Interrupt
 JVM_InvokeMethod
 JVM_IsArrayClass
-JVM_IsDynamicDumpingEnabled
-JVM_IsSharingEnabled
+JVM_IsCDSDumpingEnabled
 JVM_IsConstructorIx
 JVM_IsDumpingClassList
 JVM_IsHiddenClass
 JVM_IsInterface
 JVM_IsPrimitiveClass
 JVM_IsRecord
 JVM_IsSameClassPackage
+JVM_IsSharingEnabled
 JVM_IsSupportedJNIVersion
 JVM_IsThreadAlive
 JVM_IsVMGeneratedMethodIx

diff --git a/make/jdk/src/classes/build/tools/blacklistedcertsconverter/BlacklistedCertsConverter.java b/make/jdk/src/classes/build/tools/blacklistedcertsconverter/BlacklistedCertsConverter.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2013, 2020, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -25,14 +25,24 @@
 
 package build.tools.blacklistedcertsconverter;
 
+import java.io.IOException;
+import java.math.BigInteger;
 import java.security.MessageDigest;
+import java.security.PublicKey;
 import java.security.cert.Certificate;
 import java.security.cert.CertificateFactory;
 import java.security.cert.X509Certificate;
+import java.security.interfaces.ECPublicKey;
+import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.Collection;
+import java.util.List;
 import java.util.Set;
 import java.util.TreeSet;
 
+import sun.security.util.DerInputStream;
+import sun.security.util.DerOutputStream;
+import sun.security.util.DerValue;
 
 /**
  * Converts blacklisted.certs.pem from System.in to blacklisted.certs in
@@ -75,8 +85,8 @@ public static void main(String[] args) throws Exception {
         // Output sorted so that it's easy to locate an entry.
         Set<String> fingerprints = new TreeSet<>();
         for (Certificate cert: certs) {
-            fingerprints.add(
-                    getCertificateFingerPrint(mdAlg, (X509Certificate)cert));
+            fingerprints.addAll(
+                getCertificateFingerPrints(mdAlg, (X509Certificate)cert));
         }
 
         for (String s: fingerprints) {
@@ -97,17 +107,90 @@ private static void byte2hex(byte b, StringBuffer buf) {
     }
 
     /**
-     * Gets the requested finger print of the certificate.
+     * Computes the possible fingerprints of the certificate.
      */
-    private static String getCertificateFingerPrint(
+    private static List<String> getCertificateFingerPrints(
             String mdAlg, X509Certificate cert) throws Exception {
-        byte[] encCertInfo = cert.getEncoded();
-        MessageDigest md = MessageDigest.getInstance(mdAlg);
-        byte[] digest = md.digest(encCertInfo);
-        StringBuffer buf = new StringBuffer();
-        for (int i = 0; i < digest.length; i++) {
-            byte2hex(digest[i], buf);
+        List<String> fingerprints = new ArrayList<>();
+        for (byte[] encoding : altEncodings(cert)) {
+            MessageDigest md = MessageDigest.getInstance(mdAlg);
+            byte[] digest = md.digest(encoding);
+            StringBuffer buf = new StringBuffer();
+            for (int i = 0; i < digest.length; i++) {
+                byte2hex(digest[i], buf);
+            }
+            fingerprints.add(buf.toString());
+        }
+        return fingerprints;
+    }
+
+    private static List<byte[]> altEncodings(X509Certificate c)
+            throws Exception {
+        List<byte[]> result = new ArrayList<>();
+
+        DerValue d = new DerValue(c.getEncoded());
+        DerValue[] seq = new DerValue[3];
+        // tbsCertificate
+        seq[0] = d.data.getDerValue();
+        // signatureAlgorithm
+        seq[1] = d.data.getDerValue();
+        // signature
+        seq[2] = d.data.getDerValue();
+
+        List<DerValue> algIds = Arrays.asList(seq[1], altAlgId(seq[1]));
+
+        List<DerValue> sigs;
+        PublicKey p = c.getPublicKey();
+        if (p instanceof ECPublicKey) {
+            ECPublicKey ep = (ECPublicKey) p;
+            BigInteger mod = ep.getParams().getOrder();
+            sigs = Arrays.asList(seq[2], altSig(mod, seq[2]));
+        } else {
+            sigs = Arrays.asList(seq[2]);
+        }
+
+        for (DerValue algId : algIds) {
+            for (DerValue sig : sigs) {
+                DerOutputStream tmp = new DerOutputStream();
+                tmp.putDerValue(seq[0]);
+                tmp.putDerValue(algId);
+                tmp.putDerValue(sig);
+                DerOutputStream tmp2 = new DerOutputStream();
+                tmp2.write(DerValue.tag_Sequence, tmp);
+                result.add(tmp2.toByteArray());
+            }
+        }
+        return result;
+    }
+
+    private static DerValue altSig(BigInteger mod, DerValue sig)
+            throws IOException {
+        byte[] sigBits = sig.getBitString();
+        DerInputStream in =
+            new DerInputStream(sigBits, 0, sigBits.length, false);
+        DerValue[] values = in.getSequence(2);
+        BigInteger r = values[0].getBigInteger();
+        BigInteger s = values[1].getBigInteger();
+        BigInteger s2 = s.negate().mod(mod);
+        DerOutputStream out = new DerOutputStream();
+        out.putInteger(r);
+        out.putInteger(s2);
+        DerOutputStream tmp = new DerOutputStream();
+        tmp.putBitString(new DerValue(DerValue.tag_Sequence,
+                out.toByteArray()).toByteArray());
+        return new DerValue(tmp.toByteArray());
+    }
+
+    private static DerValue altAlgId(DerValue algId) throws IOException {
+        DerInputStream in = algId.toDerInputStream();
+        DerOutputStream bytes = new DerOutputStream();
+        bytes.putOID(in.getOID());
+        // encode parameters as NULL if not present or omit if NULL
+        if (in.available() == 0) {
+            bytes.putNull();
         }
-        return buf.toString();
+        DerOutputStream tmp = new DerOutputStream();
+        tmp.write(DerValue.tag_Sequence, bytes);
+        return new DerValue(tmp.toByteArray());
     }
 }