diff options
| author | Jung-uk Kim <jkim@FreeBSD.org> | 2012-10-19 22:43:10 +0000 |
|---|---|---|
| committer | Jung-uk Kim <jkim@FreeBSD.org> | 2012-10-19 22:43:10 +0000 |
| commit | 81a8a55b63815f66e325d8ba0051a10e48f90bd1 (patch) | |
| tree | 583a72c17d448ec15fd905bf3467d0378376c4de /java/openjdk6/files | |
| parent | Update to 7u9. (diff) | |
- Add 2012/10/16 security patches from IcedTea6 1.11.5. [1]
http://icedtea.classpath.org/hg/release/icedtea6-1.11/rev/d9564350faa6
http://blog.fuseyism.com/index.php/2012/10/19/security-icedtea-1-10-10-1-11-15-2-1-3-2-2-3-2-3-3-released/
- Completely turn off parallel build by default and remove parallel build
hack for HotSpot. There were several reports that it fails to build under
certain environment, ports/162991 for example. Users can still do parallel
build by setting FORCE_MAKE_JOBS (and MAKE_JOBS_NUMBER if desired).
- Implement os::available_memory(). Now it is consistent with "vm.vmtotal"
sysctl(3) MIB rather than bogus (physical memory / 4).
- Prefer sysconf(_SC_NPROCESSORS_CONF) over HW_NCPU sysctl MIB to get the
number of installed processors. There is no functional difference except
for CURRENT, which obtains the information from ELF aux vector.
- Prefer sysconf(_SC_PHYS_PAGES) * sysconf(_SC_PAGESIZE) over HW_USERMEM
sysctl MIB to get size of physical memory. Although it looks more logical
to find currently available memory, it has an inevitable side-effect, i. e.,
it changes dynamically depending on current wired page count. Therefore,
it is unpredictable and not too useful some times. For example, launcher
uses the parameter to determine initial heap size and machine class for i386.
Now it is more consistent with other places (and Linux JDK/JREs, including
the ones we have in ports tree).
- Implement os::active_processor_count() using cpuset_getaffinity(2). For
example, Runtime.getRuntime().availableProcessors() now returns number of
available processors for the current process as it should.
- Sync. launchers (java_md.c) for HotSpot and JDK as much as possible for
maintainability. As a good side-effect, launcher for i386 can now determine
machine class based on the current hardware configuration. Previously,
client VM was always chosen by default.
- Fix CounterGet(), which is only used for debugging launcher.
- Add swap info for os::print_memory_info().
Obtained from: IcedTea project [1]
Feature safe: yes
Notes
Notes:
svn path=/head/; revision=306138
Diffstat (limited to 'java/openjdk6/files')
22 files changed, 3714 insertions, 141 deletions
diff --git a/java/openjdk6/files/icedtea/security/6631398.patch b/java/openjdk6/files/icedtea/security/6631398.patch new file mode 100644 index 000000000000..cc004dbc1c6f --- /dev/null +++ b/java/openjdk6/files/icedtea/security/6631398.patch @@ -0,0 +1,20 @@ +# HG changeset patch +# User weijun +# Date 1339724916 -28800 +# Node ID 0fdc422fba9b63be684f1229af75f0c1f3ceec87 +# Parent f09937f0b2e32aa60a2cdd23f03a7e2d45091b60 +6631398: FilePermission improved path checking +Reviewed-by: mullan, skoivu, jdn + +diff --git a/src/share/classes/java/io/FilePermission.java b/src/share/classes/java/io/FilePermission.java +--- jdk/src/share/classes/java/io/FilePermission.java ++++ jdk/src/share/classes/java/io/FilePermission.java +@@ -399,7 +399,7 @@ + */ + + public int hashCode() { +- return this.cpath.hashCode(); ++ return 0; + } + + /** diff --git a/java/openjdk6/files/icedtea/security/7093490.patch b/java/openjdk6/files/icedtea/security/7093490.patch new file mode 100644 index 000000000000..e4209a692f17 --- /dev/null +++ b/java/openjdk6/files/icedtea/security/7093490.patch @@ -0,0 +1,28 @@ +# HG changeset patch +# User coffeys +# Date 1340913225 -3600 +# Node ID e7334bb16ad694bed492da52e5713c8391e79ce8 +# Parent 0fdc422fba9b63be684f1229af75f0c1f3ceec87 +7093490: adjust package access in rmiregistry +Reviewed-by: smarks + +diff --git a/src/share/classes/sun/rmi/registry/RegistryImpl.java b/src/share/classes/sun/rmi/registry/RegistryImpl.java +--- jdk/src/share/classes/sun/rmi/registry/RegistryImpl.java ++++ jdk/src/share/classes/sun/rmi/registry/RegistryImpl.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 1996, 2011, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1996, 2012, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -405,7 +405,8 @@ + */ + perms.add(new SocketPermission("*", "connect,accept")); + +- perms.add(new RuntimePermission("accessClassInPackage.sun.*")); ++ perms.add(new RuntimePermission("accessClassInPackage.sun.jvmstat.*")); ++ perms.add(new RuntimePermission("accessClassInPackage.sun.jvm.hotspot.*")); + + perms.add(new FilePermission("<<ALL FILES>>", "read")); + diff --git a/java/openjdk6/files/icedtea/security/7143535.patch b/java/openjdk6/files/icedtea/security/7143535.patch new file mode 100644 index 000000000000..99dcde0ecbb0 --- /dev/null +++ b/java/openjdk6/files/icedtea/security/7143535.patch @@ -0,0 +1,31 @@ +# HG changeset patch +# User sundar +# Date 1345469787 -14400 +# Node ID 1e170e3c1b682d0f98a61a47e5049535c5bd4999 +# Parent e7334bb16ad694bed492da52e5713c8391e79ce8 +7143535: ScriptEngine corrected permissions +Reviewed-by: mschoene + +diff --git a/src/share/classes/com/sun/script/javascript/RhinoScriptEngine.java b/src/share/classes/com/sun/script/javascript/RhinoScriptEngine.java +--- jdk/src/share/classes/com/sun/script/javascript/RhinoScriptEngine.java ++++ jdk/src/share/classes/com/sun/script/javascript/RhinoScriptEngine.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -130,7 +130,11 @@ + public RhinoScriptEngine() { + + if (System.getSecurityManager() != null) { +- accCtxt = AccessController.getContext(); ++ try { ++ AccessController.checkPermission(new AllPermission()); ++ } catch (AccessControlException ace) { ++ accCtxt = AccessController.getContext(); ++ } + } + + Context cx = enterContext(); diff --git a/java/openjdk6/files/icedtea/security/7158800.patch b/java/openjdk6/files/icedtea/security/7158800.patch new file mode 100644 index 000000000000..cf16db2f05b0 --- /dev/null +++ b/java/openjdk6/files/icedtea/security/7158800.patch @@ -0,0 +1,1413 @@ +# HG changeset patch +# User kevinw +# Date 1345802362 -3600 +# Node ID 2faa3f7bad65189e69ab2f9a491743786bb8f07f +# Parent a080633e3a056dae9e94077c9ac4cf966137ade9 +7158800: Improve storage of symbol tables +7178670: runtime/7158800/BadUtf8.java fails in SymbolTable::rehash_table +7181200: JVM new hashing code breaks SA in product mode +7190262: Debug builds fail to verify String table with +UseCompressedStrings after 7158800 +Reviewed-by: coleenp + +diff --git a/src/share/vm/classfile/altHashing.cpp b/src/share/vm/classfile/altHashing.cpp +new file mode 100644 +--- /dev/null ++++ hotspot/src/share/vm/classfile/altHashing.cpp +@@ -0,0 +1,304 @@ ++/* ++ * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved. ++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. ++ * ++ * This code is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License version 2 only, as ++ * published by the Free Software Foundation. ++ * ++ * This code is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * version 2 for more details (a copy is included in the LICENSE file that ++ * accompanied this code). ++ * ++ * You should have received a copy of the GNU General Public License version ++ * 2 along with this work; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ++ * ++ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA ++ * or visit www.oracle.com if you need additional information or have any ++ * questions. ++ * ++ */ ++ ++#include "precompiled.hpp" ++#include "classfile/altHashing.hpp" ++#include "classfile/symbolTable.hpp" ++#include "classfile/systemDictionary.hpp" ++#include "oops/markOop.hpp" ++#include "runtime/thread.hpp" ++ ++// Get the hash code of the classes mirror if it exists, otherwise just ++// return a random number, which is one of the possible hash code used for ++// objects. We don't want to call the synchronizer hash code to install ++// this value because it may safepoint. ++intptr_t object_hash(klassOop k) { ++ intptr_t hc = Klass::cast(k)->java_mirror()->mark()->hash(); ++ return hc != markOopDesc::no_hash ? hc : os::random(); ++} ++ ++// Seed value used for each alternative hash calculated. ++jint AltHashing::compute_seed() { ++ jlong nanos = os::javaTimeNanos(); ++ jlong now = os::javaTimeMillis(); ++ jint SEED_MATERIAL[8] = { ++ (jint) object_hash(SystemDictionary::String_klass()), ++ (jint) object_hash(SystemDictionary::System_klass()), ++ (jint) os::random(), // current thread isn't a java thread ++ (jint) (((julong)nanos) >> 32), ++ (jint) nanos, ++ (jint) (((julong)now) >> 32), ++ (jint) now, ++ (jint) (os::javaTimeNanos() >> 2) ++ }; ++ ++ return murmur3_32(SEED_MATERIAL, 8); ++} ++ ++ ++// Murmur3 hashing for Symbol ++jint AltHashing::murmur3_32(jint seed, const jbyte* data, int len) { ++ jint h1 = seed; ++ int count = len; ++ int offset = 0; ++ ++ // body ++ while (count >= 4) { ++ jint k1 = (data[offset] & 0x0FF) ++ | (data[offset + 1] & 0x0FF) << 8 ++ | (data[offset + 2] & 0x0FF) << 16 ++ | data[offset + 3] << 24; ++ ++ count -= 4; ++ offset += 4; ++ ++ k1 *= 0xcc9e2d51; ++ k1 = Integer_rotateLeft(k1, 15); ++ k1 *= 0x1b873593; ++ ++ h1 ^= k1; ++ h1 = Integer_rotateLeft(h1, 13); ++ h1 = h1 * 5 + 0xe6546b64; ++ } ++ ++ // tail ++ ++ if (count > 0) { ++ jint k1 = 0; ++ ++ switch (count) { ++ case 3: ++ k1 ^= (data[offset + 2] & 0xff) << 16; ++ // fall through ++ case 2: ++ k1 ^= (data[offset + 1] & 0xff) << 8; ++ // fall through ++ case 1: ++ k1 ^= (data[offset] & 0xff); ++ // fall through ++ default: ++ k1 *= 0xcc9e2d51; ++ k1 = Integer_rotateLeft(k1, 15); ++ k1 *= 0x1b873593; ++ h1 ^= k1; ++ } ++ } ++ ++ // finalization ++ h1 ^= len; ++ ++ // finalization mix force all bits of a hash block to avalanche ++ h1 ^= ((unsigned int)h1) >> 16; ++ h1 *= 0x85ebca6b; ++ h1 ^= ((unsigned int)h1) >> 13; ++ h1 *= 0xc2b2ae35; ++ h1 ^= ((unsigned int)h1) >> 16; ++ ++ return h1; ++} ++ ++// Murmur3 hashing for Strings ++jint AltHashing::murmur3_32(jint seed, const jchar* data, int len) { ++ jint h1 = seed; ++ ++ int off = 0; ++ int count = len; ++ ++ // body ++ while (count >= 2) { ++ jchar d1 = data[off++] & 0xFFFF; ++ jchar d2 = data[off++]; ++ jint k1 = (d1 | d2 << 16); ++ ++ count -= 2; ++ ++ k1 *= 0xcc9e2d51; ++ k1 = Integer_rotateLeft(k1, 15); ++ k1 *= 0x1b873593; ++ ++ h1 ^= k1; ++ h1 = Integer_rotateLeft(h1, 13); ++ h1 = h1 * 5 + 0xe6546b64; ++ } ++ ++ // tail ++ ++ if (count > 0) { ++ int k1 = data[off]; ++ ++ k1 *= 0xcc9e2d51; ++ k1 = Integer_rotateLeft(k1, 15); ++ k1 *= 0x1b873593; ++ h1 ^= k1; ++ } ++ ++ // finalization ++ h1 ^= len * 2; // (Character.SIZE / Byte.SIZE); ++ ++ // finalization mix force all bits of a hash block to avalanche ++ h1 ^= ((unsigned int)h1) >> 16; ++ h1 *= 0x85ebca6b; ++ h1 ^= ((unsigned int)h1) >> 13; ++ h1 *= 0xc2b2ae35; ++ h1 ^= ((unsigned int)h1) >> 16; ++ ++ return h1; ++} ++ ++// Hash used for the seed. ++jint AltHashing::murmur3_32(jint seed, const int* data, int len) { ++ jint h1 = seed; ++ ++ int off = 0; ++ int end = len; ++ ++ // body ++ while (off < end) { ++ jint k1 = data[off++]; ++ ++ k1 *= 0xcc9e2d51; ++ k1 = Integer_rotateLeft(k1, 15); ++ k1 *= 0x1b873593; ++ ++ h1 ^= k1; ++ h1 = Integer_rotateLeft(h1, 13); ++ h1 = h1 * 5 + 0xe6546b64; ++ } ++ ++ // tail (always empty, as body is always 32-bit chunks) ++ ++ // finalization ++ ++ h1 ^= len * 4; // (Integer.SIZE / Byte.SIZE); ++ ++ // finalization mix force all bits of a hash block to avalanche ++ h1 ^= ((juint)h1) >> 16; ++ h1 *= 0x85ebca6b; ++ h1 ^= ((juint)h1) >> 13; ++ h1 *= 0xc2b2ae35; ++ h1 ^= ((juint)h1) >> 16; ++ ++ return h1; ++} ++ ++jint AltHashing::murmur3_32(const int* data, int len) { ++ return murmur3_32(0, data, len); ++} ++ ++#ifndef PRODUCT ++// Overloaded versions for internal test. ++jint AltHashing::murmur3_32(const jbyte* data, int len) { ++ return murmur3_32(0, data, len); ++} ++ ++jint AltHashing::murmur3_32(const jchar* data, int len) { ++ return murmur3_32(0, data, len); ++} ++ ++// Internal test for alternate hashing. Translated from JDK version ++// test/sun/misc/Hashing.java ++static const jbyte ONE_BYTE[] = { (jbyte) 0x80}; ++static const jbyte TWO_BYTE[] = { (jbyte) 0x80, (jbyte) 0x81}; ++static const jchar ONE_CHAR[] = { (jchar) 0x8180}; ++static const jbyte THREE_BYTE[] = { (jbyte) 0x80, (jbyte) 0x81, (jbyte) 0x82}; ++static const jbyte FOUR_BYTE[] = { (jbyte) 0x80, (jbyte) 0x81, (jbyte) 0x82, (jbyte) 0x83}; ++static const jchar TWO_CHAR[] = { (jchar) 0x8180, (jchar) 0x8382}; ++static const jint ONE_INT[] = { 0x83828180}; ++static const jbyte SIX_BYTE[] = { (jbyte) 0x80, (jbyte) 0x81, (jbyte) 0x82, (jbyte) 0x83, (jbyte) 0x84, (jbyte) 0x85}; ++static const jchar THREE_CHAR[] = { (jchar) 0x8180, (jchar) 0x8382, (jchar) 0x8584}; ++static const jbyte EIGHT_BYTE[] = { ++ (jbyte) 0x80, (jbyte) 0x81, (jbyte) 0x82, ++ (jbyte) 0x83, (jbyte) 0x84, (jbyte) 0x85, ++ (jbyte) 0x86, (jbyte) 0x87}; ++static const jchar FOUR_CHAR[] = { ++ (jchar) 0x8180, (jchar) 0x8382, ++ (jchar) 0x8584, (jchar) 0x8786}; ++ ++static const jint TWO_INT[] = { 0x83828180, 0x87868584}; ++ ++static const juint MURMUR3_32_X86_CHECK_VALUE = 0xB0F57EE3; ++ ++void AltHashing::testMurmur3_32_ByteArray() { ++ // printf("testMurmur3_32_ByteArray\n"); ++ ++ jbyte* vector = new jbyte[256]; ++ jbyte* hashes = new jbyte[4 * 256]; ++ ++ for (int i = 0; i < 256; i++) { ++ vector[i] = (jbyte) i; ++ } ++ ++ // Hash subranges {}, {0}, {0,1}, {0,1,2}, ..., {0,...,255} ++ for (int i = 0; i < 256; i++) { ++ jint hash = murmur3_32(256 - i, vector, i); ++ hashes[i * 4] = (jbyte) hash; ++ hashes[i * 4 + 1] = (jbyte) (((juint)hash) >> 8); ++ hashes[i * 4 + 2] = (jbyte) (((juint)hash) >> 16); ++ hashes[i * 4 + 3] = (jbyte) (((juint)hash) >> 24); ++ } ++ ++ // hash to get const result. ++ juint final_hash = murmur3_32(hashes, 4*256); ++ ++ assert (MURMUR3_32_X86_CHECK_VALUE == final_hash, ++ err_msg( ++ "Calculated hash result not as expected. Expected %08X got %08X\n", ++ MURMUR3_32_X86_CHECK_VALUE, ++ final_hash)); ++} ++ ++void AltHashing::testEquivalentHashes() { ++ jint jbytes, jchars, ints; ++ ++ // printf("testEquivalentHashes\n"); ++ ++ jbytes = murmur3_32(TWO_BYTE, 2); ++ jchars = murmur3_32(ONE_CHAR, 1); ++ assert (jbytes == jchars, ++ err_msg("Hashes did not match. b:%08x != c:%08x\n", jbytes, jchars)); ++ ++ jbytes = murmur3_32(FOUR_BYTE, 4); ++ jchars = murmur3_32(TWO_CHAR, 2); ++ ints = murmur3_32(ONE_INT, 1); ++ assert ((jbytes == jchars) && (jbytes == ints), ++ err_msg("Hashes did not match. b:%08x != c:%08x != i:%08x\n", jbytes, jchars, ints)); ++ ++ jbytes = murmur3_32(SIX_BYTE, 6); ++ jchars = murmur3_32(THREE_CHAR, 3); ++ assert (jbytes == jchars, ++ err_msg("Hashes did not match. b:%08x != c:%08x\n", jbytes, jchars)); ++ ++ jbytes = murmur3_32(EIGHT_BYTE, 8); ++ jchars = murmur3_32(FOUR_CHAR, 4); ++ ints = murmur3_32(TWO_INT, 2); ++ assert ((jbytes == jchars) && (jbytes == ints), ++ err_msg("Hashes did not match. b:%08x != c:%08x != i:%08x\n", jbytes, jchars, ints)); ++} ++ ++// Returns true if the alternate hashcode is correct ++void AltHashing::test_alt_hash() { ++ testMurmur3_32_ByteArray(); ++ testEquivalentHashes(); ++} ++#endif // PRODUCT +diff --git a/src/share/vm/classfile/altHashing.hpp b/src/share/vm/classfile/altHashing.hpp +new file mode 100644 +--- /dev/null ++++ hotspot/src/share/vm/classfile/altHashing.hpp +@@ -0,0 +1,62 @@ ++/* ++ * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved. ++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. ++ * ++ * This code is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License version 2 only, as ++ * published by the Free Software Foundation. ++ * ++ * This code is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * version 2 for more details (a copy is included in the LICENSE file that ++ * accompanied this code). ++ * ++ * You should have received a copy of the GNU General Public License version ++ * 2 along with this work; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ++ * ++ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA ++ * or visit www.oracle.com if you need additional information or have any ++ * questions. ++ * ++ */ ++ ++#ifndef SHARE_VM_CLASSFILE_ALTHASHING_HPP ++#define SHARE_VM_CLASSFILE_ALTHASHING_HPP ++ ++#include "prims/jni.h" ++#include "classfile/symbolTable.hpp" ++ ++/** ++ * Hashing utilities. ++ * ++ * Implementation of Murmur3 hashing. ++ * This code was translated from src/share/classes/sun/misc/Hashing.java ++ * code in the JDK. ++ */ ++ ++class AltHashing : AllStatic { ++ ++ // utility function copied from java/lang/Integer ++ static jint Integer_rotateLeft(jint i, int distance) { ++ return (i << distance) | (((juint)i) >> (32-distance)); ++ } ++ static jint murmur3_32(const int* data, int len); ++ static jint murmur3_32(jint seed, const int* data, int len); ++ ++#ifndef PRODUCT ++ // Hashing functions used for internal testing ++ static jint murmur3_32(const jbyte* data, int len); ++ static jint murmur3_32(const jchar* data, int len); ++ static void testMurmur3_32_ByteArray(); ++ static void testEquivalentHashes(); ++#endif // PRODUCT ++ ++ public: ++ static jint compute_seed(); ++ static jint murmur3_32(jint seed, const jbyte* data, int len); ++ static jint murmur3_32(jint seed, const jchar* data, int len); ++ NOT_PRODUCT(static void test_alt_hash();) ++}; ++#endif // SHARE_VM_CLASSFILE_ALTHASHING_HPP +diff --git a/src/share/vm/classfile/javaClasses.cpp b/src/share/vm/classfile/javaClasses.cpp +--- hotspot/src/share/vm/classfile/javaClasses.cpp ++++ hotspot/src/share/vm/classfile/javaClasses.cpp +@@ -278,6 +278,28 @@ + return result; + } + ++unsigned int java_lang_String::to_hash(oop java_string) { ++ int length = java_lang_String::length(java_string); ++ // Zero length string will hash to zero with String.toHash() function. ++ if (length == 0) return 0; ++ ++ typeArrayOop value = java_lang_String::value(java_string); ++ int offset = java_lang_String::offset(java_string); ++ return java_lang_String::to_hash(value->char_at_addr(offset), length); ++} ++ ++unsigned int java_lang_String::hash_string(oop java_string) { ++ int length = java_lang_String::length(java_string); ++ // Zero length string doesn't hash necessarily hash to zero. ++ if (length == 0) { ++ return StringTable::hash_string(NULL, 0); ++ } ++ ++ typeArrayOop value = java_lang_String::value(java_string); ++ int offset = java_lang_String::offset(java_string); ++ return StringTable::hash_string(value->char_at_addr(offset), length); ++} ++ + symbolHandle java_lang_String::as_symbol(Handle java_string, TRAPS) { + oop obj = java_string(); + typeArrayOop value = java_lang_String::value(obj); +diff --git a/src/share/vm/classfile/javaClasses.hpp b/src/share/vm/classfile/javaClasses.hpp +--- hotspot/src/share/vm/classfile/javaClasses.hpp ++++ hotspot/src/share/vm/classfile/javaClasses.hpp +@@ -109,6 +109,30 @@ + static char* as_platform_dependent_str(Handle java_string, TRAPS); + static jchar* as_unicode_string(oop java_string, int& length); + ++ // Compute the hash value for a java.lang.String object which would ++ // contain the characters passed in. ++ // ++ // As the hash value used by the String object itself, in ++ // String.hashCode(). This value is normally calculated in Java code ++ // in the String.hashCode method(), but is precomputed for String ++ // objects in the shared archive file. ++ // hash P(31) from Kernighan & Ritchie ++ // ++ // For this reason, THIS ALGORITHM MUST MATCH String.toHash(). ++ template <typename T> static unsigned int to_hash(T* s, int len) { ++ unsigned int h = 0; ++ while (len-- > 0) { ++ h = 31*h + (unsigned int) *s; ++ s++; ++ } ++ return h; ++ } ++ static unsigned int to_hash(oop java_string); ++ ++ // This is the string hash code used by the StringTable, which may be ++ // the same as String.toHash or an alternate hash code. ++ static unsigned int hash_string(oop java_string); ++ + static bool equals(oop java_string, jchar* chars, int len); + + // Conversion between '.' and '/' formats +diff --git a/src/share/vm/classfile/symbolTable.cpp b/src/share/vm/classfile/symbolTable.cpp +--- hotspot/src/share/vm/classfile/symbolTable.cpp ++++ hotspot/src/share/vm/classfile/symbolTable.cpp +@@ -23,6 +23,7 @@ + */ + + #include "precompiled.hpp" ++#include "classfile/altHashing.hpp" + #include "classfile/javaClasses.hpp" + #include "classfile/symbolTable.hpp" + #include "classfile/systemDictionary.hpp" +@@ -34,16 +35,40 @@ + #include "oops/symbolKlass.hpp" + #include "runtime/mutexLocker.hpp" + #include "utilities/hashtable.inline.hpp" ++#include "utilities/numberSeq.hpp" + + // -------------------------------------------------------------------------- + + SymbolTable* SymbolTable::_the_table = NULL; ++bool SymbolTable::_needs_rehashing = false; ++ ++// Create a new table and using alternate hash code, populate the new table ++// with the existing strings. Set flag to use the alternate hash code afterwards. ++void SymbolTable::rehash_table() { ++ ++ assert(SafepointSynchronize::is_at_safepoint(), "must be at safepoint"); ++ // This should never happen with -Xshare:dump but it might in testing mode. ++ if (DumpSharedSpaces) return; ++ // Create a new symbol table ++ SymbolTable* new_table = new SymbolTable(); ++ ++ the_table()->move_to(new_table); ++ ++ // Delete the table and buckets (entries are reused in new table). ++ delete _the_table; ++ // Don't check if we need rehashing until the table gets unbalanced again. ++ // Then rehash with a new global seed. ++ _needs_rehashing = false; ++ _the_table = new_table; ++} + + // Lookup a symbol in a bucket. + + symbolOop SymbolTable::lookup(int index, const char* name, + int len, unsigned int hash) { ++ int count = 0; + for (HashtableEntry* e = bucket(index); e != NULL; e = e->next()) { ++ count++; + if (e->hash() == hash) { + symbolOop sym = symbolOop(e->literal()); + if (sym->equals(name, len)) { +@@ -51,9 +76,20 @@ + } + } + } ++ // If the bucket size is too deep check if this hash code is insufficient. ++ if (count >= BasicHashtable::rehash_count && !needs_rehashing()) { ++ _needs_rehashing = check_rehash_table(count); ++ } + return NULL; + } + ++// Pick hashing algorithm. ++unsigned int SymbolTable::hash_symbol(const char* s, int len) { ++ return the_table()->use_alternate_hashcode() ? ++ AltHashing::murmur3_32(the_table()->seed(), (const jbyte*)s, len) : ++ java_lang_String::to_hash(s, len); ++} ++ + + // We take care not to be blocking while holding the + // SymbolTable_lock. Otherwise, the system might deadlock, since the +@@ -71,8 +107,17 @@ + // Found + if (s != NULL) return s; + ++ // We assume that lookup() has been called already, that it failed, ++ // and symbol was not found. We create the symbol here. ++ symbolKlass* sk = (symbolKlass*) Universe::symbolKlassObj()->klass_part(); ++ symbolOop s_oop = sk->allocate_symbol((u1*)name, len, CHECK_NULL); ++ symbolHandle sym (THREAD, s_oop); ++ ++ // Allocation must be done before grabbing the SymbolTable_lock lock ++ MutexLocker ml(SymbolTable_lock, THREAD); ++ + // Otherwise, add to symbol to table +- return the_table()->basic_add(index, (u1*)name, len, hashValue, CHECK_NULL); ++ return the_table()->basic_add(sym, index, (u1*)name, len, hashValue, CHECK_NULL); + } + + symbolOop SymbolTable::lookup(symbolHandle sym, int begin, int end, TRAPS) { +@@ -108,7 +153,16 @@ + // We can't include the code in No_Safepoint_Verifier because of the + // ResourceMark. + +- return the_table()->basic_add(index, (u1*)buffer, len, hashValue, CHECK_NULL); ++ // We assume that lookup() has been called already, that it failed, ++ // and symbol was not found. We create the symbol here. ++ symbolKlass* sk = (symbolKlass*) Universe::symbolKlassObj()->klass_part(); ++ symbolOop s_oop = sk->allocate_symbol((u1*)buffer, len, CHECK_NULL); ++ symbolHandle newsym (THREAD, s_oop); ++ ++ // Allocation must be done before grabbing the SymbolTable_lock lock ++ MutexLocker ml(SymbolTable_lock, THREAD); ++ ++ return the_table()->basic_add(newsym, index, (u1*)buffer, len, hashValue, CHECK_NULL); + } + + symbolOop SymbolTable::lookup_only(const char* name, int len, +@@ -156,36 +210,68 @@ + void SymbolTable::add(constantPoolHandle cp, int names_count, + const char** names, int* lengths, int* cp_indices, + unsigned int* hashValues, TRAPS) { +- SymbolTable* table = the_table(); +- bool added = table->basic_add(cp, names_count, names, lengths, +- cp_indices, hashValues, CHECK); +- if (!added) { ++ ++ symbolKlass* sk = (symbolKlass*) Universe::symbolKlassObj()->klass_part(); ++ symbolOop sym_oops[symbol_alloc_batch_size]; ++ bool allocated = sk->allocate_symbols(names_count, names, lengths, ++ sym_oops, CHECK); ++ if (!allocated) { + // do it the hard way + for (int i=0; i<names_count; i++) { ++ assert(!Universe::heap()->is_in_reserved(names[i]) || GC_locker::is_active(), ++ "proposed name of symbol must be stable"); ++ ++ // We assume that lookup() has been called already, that it failed, ++ // and symbol was not found. We create the symbol here. ++ symbolKlass* sk = (symbolKlass*) Universe::symbolKlassObj()->klass_part(); ++ symbolOop s_oop = sk->allocate_symbol((u1*)names[i], lengths[i], CHECK); ++ symbolHandle sym (THREAD, s_oop); ++ ++ // Allocation must be done before grabbing the SymbolTable_lock lock ++ MutexLocker ml(SymbolTable_lock, THREAD); ++ ++ SymbolTable* table = the_table(); + int index = table->hash_to_index(hashValues[i]); +- symbolOop sym = table->basic_add(index, (u1*)names[i], lengths[i], ++ symbolOop s = table->basic_add(sym, index, (u1*)names[i], lengths[i], + hashValues[i], CHECK); +- cp->symbol_at_put(cp_indices[i], sym); ++ cp->symbol_at_put(cp_indices[i], s); + } ++ return; + } ++ ++ symbolHandle syms[symbol_alloc_batch_size]; ++ for (int i=0; i<names_count; i++) { ++ syms[i] = symbolHandle(THREAD, sym_oops[i]); ++ } ++ ++ // Allocation must be done before grabbing the SymbolTable_lock lock ++ MutexLocker ml(SymbolTable_lock, THREAD); ++ ++ SymbolTable* table = the_table(); ++ bool added = table->basic_add(syms, cp, names_count, names, lengths, ++ cp_indices, hashValues, CHECK); ++ assert(added, "should always return true"); + } + +-symbolOop SymbolTable::basic_add(int index, u1 *name, int len, +- unsigned int hashValue, TRAPS) { +- assert(!Universe::heap()->is_in_reserved(name) || GC_locker::is_active(), +- "proposed name of symbol must be stable"); +- +- // We assume that lookup() has been called already, that it failed, +- // and symbol was not found. We create the symbol here. +- symbolKlass* sk = (symbolKlass*) Universe::symbolKlassObj()->klass_part(); +- symbolOop s_oop = sk->allocate_symbol(name, len, CHECK_NULL); +- symbolHandle sym (THREAD, s_oop); +- +- // Allocation must be done before grapping the SymbolTable_lock lock +- MutexLocker ml(SymbolTable_lock, THREAD); ++symbolOop SymbolTable::basic_add(symbolHandle sym, int index_arg, u1 *name, int len, ++ unsigned int hashValue_arg, TRAPS) { ++ // Cannot hit a safepoint in this function because the "this" pointer can move. ++ No_Safepoint_Verifier nsv; + + assert(sym->equals((char*)name, len), "symbol must be properly initialized"); + ++ // Check if the symbol table has been rehashed, if so, need to recalculate ++ // the hash value and index. ++ unsigned int hashValue; ++ int index; ++ if (use_alternate_hashcode()) { ++ hashValue = hash_symbol((const char*)name, len); ++ index = hash_to_index(hashValue); ++ } else { ++ hashValue = hashValue_arg; ++ index = index_arg; ++ } ++ + // Since look-up was done lock-free, we need to check if another + // thread beat us in the race to insert the symbol. + +@@ -201,48 +287,42 @@ + return sym(); + } + +-bool SymbolTable::basic_add(constantPoolHandle cp, int names_count, ++bool SymbolTable::basic_add(symbolHandle* syms, ++ constantPoolHandle cp, int names_count, + const char** names, int* lengths, + int* cp_indices, unsigned int* hashValues, + TRAPS) { +- symbolKlass* sk = (symbolKlass*) Universe::symbolKlassObj()->klass_part(); +- symbolOop sym_oops[symbol_alloc_batch_size]; +- bool allocated = sk->allocate_symbols(names_count, names, lengths, +- sym_oops, CHECK_false); +- if (!allocated) { +- return false; +- } +- symbolHandle syms[symbol_alloc_batch_size]; +- int i; +- for (i=0; i<names_count; i++) { +- syms[i] = symbolHandle(THREAD, sym_oops[i]); +- } ++ // Cannot hit a safepoint in this function because the "this" pointer can move. ++ No_Safepoint_Verifier nsv; + +- // Allocation must be done before grabbing the SymbolTable_lock lock +- MutexLocker ml(SymbolTable_lock, THREAD); +- +- for (i=0; i<names_count; i++) { ++ for (int i=0; i<names_count; i++) { + assert(syms[i]->equals(names[i], lengths[i]), "symbol must be properly initialized"); ++ // Check if the symbol table has been rehashed, if so, need to recalculate ++ // the hash value. ++ unsigned int hashValue; ++ if (use_alternate_hashcode()) { ++ hashValue = hash_symbol(names[i], lengths[i]); ++ } else { ++ hashValue = hashValues[i]; ++ } + // Since look-up was done lock-free, we need to check if another + // thread beat us in the race to insert the symbol. +- int index = hash_to_index(hashValues[i]); +- symbolOop test = lookup(index, names[i], lengths[i], hashValues[i]); ++ int index = hash_to_index(hashValue); ++ symbolOop test = lookup(index, names[i], lengths[i], hashValue); + if (test != NULL) { + // A race occurred and another thread introduced the symbol, this one + // will be dropped and collected. Use test instead. + cp->symbol_at_put(cp_indices[i], test); + } else { + symbolOop sym = syms[i](); +- HashtableEntry* entry = new_entry(hashValues[i], sym); ++ HashtableEntry* entry = new_entry(hashValue, sym); + add_entry(index, entry); + cp->symbol_at_put(cp_indices[i], sym); + } + } +- +- return true; ++ return true; // always returns true + } + +- + void SymbolTable::verify() { + for (int i = 0; i < the_table()->table_size(); ++i) { + HashtableEntry* p = the_table()->bucket(i); +@@ -251,7 +331,7 @@ + guarantee(s != NULL, "symbol is NULL"); + s->verify(); + guarantee(s->is_perm(), "symbol not in permspace"); +- unsigned int h = hash_symbol((char*)s->bytes(), s->utf8_length()); ++ unsigned int h = hash_symbol((const char*)s->bytes(), s->utf8_length()); + guarantee(p->hash() == h, "broken hash in symbol table entry"); + guarantee(the_table()->hash_to_index(h) == i, + "wrong index in symbol table"); +@@ -259,6 +339,23 @@ + } + } + ++void SymbolTable::dump(outputStream* st) { ++ NumberSeq summary; ++ for (int i = 0; i < the_table()->table_size(); ++i) { ++ int count = 0; ++ for (HashtableEntry* e = the_table()->bucket(i); ++ e != NULL; e = e->next()) { ++ count++; ++ } ++ summary.add((double)count); ++ } ++ st->print_cr("SymbolTable statistics:"); ++ st->print_cr("Number of buckets : %7d", summary.num()); ++ st->print_cr("Average bucket size : %7.0f", summary.avg()); ++ st->print_cr("Variance of bucket size : %7.0f", summary.variance()); ++ st->print_cr("Std. dev. of bucket size: %7.0f", summary.sd()); ++ st->print_cr("Maximum bucket size : %7.0f", summary.maximum()); ++} + + //--------------------------------------------------------------------------- + // Non-product code +@@ -321,7 +418,6 @@ + tty->print_cr(" %s %d: %d\n", "Number chains longer than", + results_length, out_of_range); + } +- + #endif // PRODUCT + + // -------------------------------------------------------------------------- +@@ -367,66 +463,56 @@ + // -------------------------------------------------------------------------- + + +-// Compute the hash value for a java.lang.String object which would +-// contain the characters passed in. This hash value is used for at +-// least two purposes. +-// +-// (a) As the hash value used by the StringTable for bucket selection +-// and comparison (stored in the HashtableEntry structures). This +-// is used in the String.intern() method. +-// +-// (b) As the hash value used by the String object itself, in +-// String.hashCode(). This value is normally calculate in Java code +-// in the String.hashCode method(), but is precomputed for String +-// objects in the shared archive file. +-// +-// For this reason, THIS ALGORITHM MUST MATCH String.hashCode(). ++StringTable* StringTable::_the_table = NULL; + +-int StringTable::hash_string(jchar* s, int len) { +- unsigned h = 0; +- while (len-- > 0) { +- h = 31*h + (unsigned) *s; +- s++; +- } +- return h; ++bool StringTable::_needs_rehashing = false; ++ ++// Pick hashing algorithm ++unsigned int StringTable::hash_string(const jchar* s, int len) { ++ return the_table()->use_alternate_hashcode() ? AltHashing::murmur3_32(the_table()->seed(), s, len) : ++ java_lang_String::to_hash(s, len); + } + +- +-StringTable* StringTable::_the_table = NULL; +- + oop StringTable::lookup(int index, jchar* name, + int len, unsigned int hash) { ++ int count = 0; + for (HashtableEntry* l = bucket(index); l != NULL; l = l->next()) { ++ count++; + if (l->hash() == hash) { + if (java_lang_String::equals(l->literal(), name, len)) { + return l->literal(); + } + } + } ++ // If the bucket size is too deep check if this hash code is insufficient. ++ if (count >= BasicHashtable::rehash_count && !needs_rehashing()) { ++ _needs_rehashing = check_rehash_table(count); ++ } + return NULL; + } + + +-oop StringTable::basic_add(int index, Handle string_or_null, jchar* name, +- int len, unsigned int hashValue, TRAPS) { +- debug_only(StableMemoryChecker smc(name, len * sizeof(name[0]))); +- assert(!Universe::heap()->is_in_reserved(name) || GC_locker::is_active(), +- "proposed name of symbol must be stable"); ++oop StringTable::basic_add(int index_arg, Handle string, jchar* name, ++ int len, unsigned int hashValue_arg, TRAPS) { + +- Handle string; +- // try to reuse the string if possible +- if (!string_or_null.is_null() && string_or_null()->is_perm()) { +- string = string_or_null; +- } else { +- string = java_lang_String::create_tenured_from_unicode(name, len, CHECK_NULL); +- } +- +- // Allocation must be done before grapping the SymbolTable_lock lock +- MutexLocker ml(StringTable_lock, THREAD); ++ // Cannot hit a safepoint in this function because the "this" pointer can move. ++ No_Safepoint_Verifier nsv; + + assert(java_lang_String::equals(string(), name, len), + "string must be properly initialized"); + ++ // Check if the symbol table has been rehashed, if so, need to recalculate ++ // the hash value and index before second lookup. ++ unsigned int hashValue; ++ int index; ++ if (use_alternate_hashcode()) { ++ hashValue = hash_string(name, len); ++ index = hash_to_index(hashValue); ++ } else { ++ hashValue = hashValue_arg; ++ index = index_arg; ++ } ++ + // Since look-up was done lock-free, we need to check if another + // thread beat us in the race to insert the symbol. + +@@ -456,13 +542,28 @@ + int len, TRAPS) { + unsigned int hashValue = hash_string(name, len); + int index = the_table()->hash_to_index(hashValue); +- oop string = the_table()->lookup(index, name, len, hashValue); ++ oop found_string = the_table()->lookup(index, name, len, hashValue); + + // Found +- if (string != NULL) return string; ++ if (found_string != NULL) return found_string; ++ ++ debug_only(StableMemoryChecker smc(name, len * sizeof(name[0]))); ++ assert(!Universe::heap()->is_in_reserved(name) || GC_locker::is_active(), ++ "proposed name of symbol must be stable"); ++ ++ Handle string; ++ // try to reuse the string if possible ++ if (!string_or_null.is_null() && string_or_null()->is_perm()) { ++ string = string_or_null; ++ } else { ++ string = java_lang_String::create_tenured_from_unicode(name, len, CHECK_NULL); ++ } ++ ++ // Allocation must be done before grabbing the StringTable_lock lock ++ MutexLocker ml(StringTable_lock, THREAD); + + // Otherwise, add to symbol to table +- return the_table()->basic_add(index, string_or_null, name, len, ++ return the_table()->basic_add(index, string, name, len, + hashValue, CHECK_NULL); + } + +@@ -517,3 +618,41 @@ + } + } + } ++ ++void StringTable::dump(outputStream* st) { ++ NumberSeq summary; ++ for (int i = 0; i < the_table()->table_size(); ++i) { ++ HashtableEntry* p = the_table()->bucket(i); ++ int count = 0; ++ for ( ; p != NULL; p = p->next()) { ++ count++; ++ } ++ summary.add((double)count); ++ } ++ st->print_cr("StringTable statistics:"); ++ st->print_cr("Number of buckets : %7d", summary.num()); ++ st->print_cr("Average bucket size : %7.0f", summary.avg()); ++ st->print_cr("Variance of bucket size : %7.0f", summary.variance()); ++ st->print_cr("Std. dev. of bucket size: %7.0f", summary.sd()); ++ st->print_cr("Maximum bucket size : %7.0f", summary.maximum()); ++} ++ ++ ++// Create a new table and using alternate hash code, populate the new table ++// with the existing strings. Set flag to use the alternate hash code afterwards. ++void StringTable::rehash_table() { ++ assert(SafepointSynchronize::is_at_safepoint(), "must be at safepoint"); ++ // This should never happen with -Xshare:dump but it might in testing mode. ++ if (DumpSharedSpaces) return; ++ StringTable* new_table = new StringTable(); ++ ++ // Rehash the table ++ the_table()->move_to(new_table); ++ ++ // Delete the table and buckets (entries are reused in new table). ++ delete _the_table; ++ // Don't check if we need rehashing until the table gets unbalanced again. ++ // Then rehash with a new global seed. ++ _needs_rehashing = false; ++ _the_table = new_table; ++} +diff --git a/src/share/vm/classfile/symbolTable.hpp b/src/share/vm/classfile/symbolTable.hpp +--- hotspot/src/share/vm/classfile/symbolTable.hpp ++++ hotspot/src/share/vm/classfile/symbolTable.hpp +@@ -40,6 +40,7 @@ + // - symbolTableEntrys are allocated in blocks to reduce the space overhead. + + class BoolObjectClosure; ++class outputStream; + + + class SymbolTable : public Hashtable { +@@ -49,10 +50,13 @@ + // The symbol table + static SymbolTable* _the_table; + ++ // Set if one bucket is out of balance due to hash algorithm deficiency ++ static bool _needs_rehashing; ++ + // Adding elements +- symbolOop basic_add(int index, u1* name, int len, ++ symbolOop basic_add(symbolHandle sym, int index, u1* name, int len, + unsigned int hashValue, TRAPS); +- bool basic_add(constantPoolHandle cp, int names_count, ++ bool basic_add(symbolHandle* syms, constantPoolHandle cp, int names_count, + const char** names, int* lengths, int* cp_indices, + unsigned int* hashValues, TRAPS); + +@@ -61,6 +65,8 @@ + symbol_table_size = 20011 + }; + ++ static unsigned int hash_symbol(const char* s, int len); ++ + symbolOop lookup(int index, const char* name, int len, unsigned int hash); + + SymbolTable() +@@ -70,7 +76,6 @@ + : Hashtable(symbol_table_size, sizeof (HashtableEntry), t, + number_of_entries) {} + +- + public: + enum { + symbol_alloc_batch_size = 8 +@@ -137,6 +142,7 @@ + + // Debugging + static void verify(); ++ static void dump(outputStream* st); + + // Sharing + static void copy_buckets(char** top, char*end) { +@@ -148,6 +154,10 @@ + static void reverse(void* boundary = NULL) { + ((Hashtable*)the_table())->reverse(boundary); + } ++ ++ // Rehash the symbol table if it gets out of balance ++ static void rehash_table(); ++ static bool needs_rehashing() { return _needs_rehashing; } + }; + + +@@ -158,8 +168,11 @@ + // The string table + static StringTable* _the_table; + ++ // Set if one bucket is out of balance due to hash algorithm deficiency ++ static bool _needs_rehashing; ++ + static oop intern(Handle string_or_null, jchar* chars, int length, TRAPS); +- oop basic_add(int index, Handle string_or_null, jchar* name, int len, ++ oop basic_add(int index, Handle string, jchar* name, int len, + unsigned int hashValue, TRAPS); + + // Table size +@@ -192,10 +205,6 @@ + _the_table = new StringTable(t, number_of_entries); + } + +- +- static int hash_string(jchar* s, int len); +- +- + // GC support + // Delete pointers to otherwise-unreachable objects. + static void unlink(BoolObjectClosure* cl) { +@@ -207,6 +216,14 @@ + the_table()->Hashtable::oops_do(f); + } + ++ // Hashing algorithm, used as the hash value used by the ++ // StringTable for bucket selection and comparison (stored in the ++ // HashtableEntry structures). This is used in the String.intern() method. ++ static unsigned int hash_string(const jchar* s, int len); ++ ++ // Internal test. ++ static void test_alt_hash() PRODUCT_RETURN; ++ + // Probing + static oop lookup(symbolOop symbol); + +@@ -217,6 +234,7 @@ + + // Debugging + static void verify(); ++ static void dump(outputStream* st); + + // Sharing + static void copy_buckets(char** top, char*end) { +@@ -228,6 +246,9 @@ + static void reverse() { + ((BasicHashtable*)the_table())->reverse(); + } ++ ++ // Rehash the symbol table if it gets out of balance ++ static void rehash_table(); ++ static bool needs_rehashing() { return _needs_rehashing; } + }; +- + #endif // SHARE_VM_CLASSFILE_SYMBOLTABLE_HPP +diff --git a/src/share/vm/memory/dump.cpp b/src/share/vm/memory/dump.cpp +--- hotspot/src/share/vm/memory/dump.cpp ++++ hotspot/src/share/vm/memory/dump.cpp +@@ -62,8 +62,8 @@ + // written later, increasing the likelihood that the shared page contain + // the hash can be shared. + // +-// NOTE THAT the algorithm in StringTable::hash_string() MUST MATCH the +-// algorithm in java.lang.String.hashCode(). ++// NOTE THAT we have to call java_lang_String::to_hash() to match the ++// algorithm in java.lang.String.toHash(). + + class StringHashCodeClosure: public OopClosure { + private: +@@ -88,7 +88,7 @@ + } else { + int offset = java_lang_String::offset(obj); + jchar* s = value->char_at_addr(offset); +- hash = StringTable::hash_string(s, length); ++ hash = java_lang_String::to_hash(s, length); + } + obj->int_field_put(hash_offset, hash); + } +diff --git a/src/share/vm/runtime/globals.hpp b/src/share/vm/runtime/globals.hpp +--- hotspot/src/share/vm/runtime/globals.hpp ++++ hotspot/src/share/vm/runtime/globals.hpp +@@ -2511,6 +2511,9 @@ + product(bool, UseHeavyMonitors, false, \ + "use heavyweight instead of lightweight Java monitors") \ + \ ++ product(bool, PrintStringTableStatistics, false, \ ++ "print statistics about the StringTable and SymbolTable") \ ++ \ + notproduct(bool, PrintSymbolTableSizeHistogram, false, \ + "print histogram of the symbol table") \ + \ +diff --git a/src/share/vm/runtime/init.cpp b/src/share/vm/runtime/init.cpp +--- hotspot/src/share/vm/runtime/init.cpp ++++ hotspot/src/share/vm/runtime/init.cpp +@@ -23,6 +23,7 @@ + */ + + #include "precompiled.hpp" ++#include "classfile/symbolTable.hpp" + #include "code/icBuffer.hpp" + #include "gc_interface/collectedHeap.hpp" + #include "interpreter/bytecodes.hpp" +@@ -153,6 +154,10 @@ + // Print the collected safepoint statistics. + SafepointSynchronize::print_stat_on_exit(); + } ++ if (PrintStringTableStatistics) { ++ SymbolTable::dump(tty); ++ StringTable::dump(tty); ++ } + ostream_exit(); + } + } +diff --git a/src/share/vm/runtime/safepoint.cpp b/src/share/vm/runtime/safepoint.cpp +--- hotspot/src/share/vm/runtime/safepoint.cpp ++++ hotspot/src/share/vm/runtime/safepoint.cpp +@@ -23,6 +23,7 @@ + */ + + #include "precompiled.hpp" ++#include "classfile/symbolTable.hpp" + #include "classfile/systemDictionary.hpp" + #include "code/codeCache.hpp" + #include "code/icBuffer.hpp" +@@ -501,8 +502,20 @@ + CompilationPolicy::policy()->do_safepoint_work(); + } + +- TraceTime t4("sweeping nmethods", TraceSafepointCleanupTime); +- NMethodSweeper::scan_stacks(); ++ { ++ TraceTime t4("sweeping nmethods", TraceSafepointCleanupTime); ++ NMethodSweeper::scan_stacks(); ++ } ++ ++ if (SymbolTable::needs_rehashing()) { ++ TraceTime t5("rehashing symbol table", TraceSafepointCleanupTime); ++ SymbolTable::rehash_table(); ++ } ++ ++ if (StringTable::needs_rehashing()) { ++ TraceTime t6("rehashing string table", TraceSafepointCleanupTime); ++ StringTable::rehash_table(); ++ } + } + + +diff --git a/src/share/vm/utilities/hashtable.cpp b/src/share/vm/utilities/hashtable.cpp +--- hotspot/src/share/vm/utilities/hashtable.cpp ++++ hotspot/src/share/vm/utilities/hashtable.cpp +@@ -1,5 +1,4 @@ +-/* +- * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved. ++/* * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -23,7 +22,10 @@ + */ + + #include "precompiled.hpp" ++#include "classfile/altHashing.hpp" ++#include "classfile/javaClasses.hpp" + #include "memory/allocation.inline.hpp" ++#include "memory/filemap.hpp" + #include "memory/resourceArea.hpp" + #include "oops/oop.inline.hpp" + #include "runtime/safepoint.hpp" +@@ -69,7 +71,6 @@ + + HashtableEntry* Hashtable::new_entry(unsigned int hashValue, oop obj) { + HashtableEntry* entry; +- + entry = (HashtableEntry*)BasicHashtable::new_entry(hashValue); + entry->set_literal(obj); // clears literal string field + HS_DTRACE_PROBE4(hs_private, hashtable__new_entry, +@@ -85,18 +86,24 @@ + // entries at a safepoint. + assert(SafepointSynchronize::is_at_safepoint(), "must be at safepoint"); + for (int i = 0; i < table_size(); ++i) { +- for (HashtableEntry** p = bucket_addr(i); *p != NULL; ) { +- HashtableEntry* entry = *p; +- if (entry->is_shared()) { ++ HashtableEntry** p = bucket_addr(i); ++ HashtableEntry* entry = bucket(i); ++ while (entry != NULL) { ++ // Shared entries are normally at the end of the bucket and if we run into ++ // a shared entry, then there is nothing more to remove. However, if we ++ // have rehashed the table, then the shared entries are no longer at the ++ // end of the bucket. ++ if (entry->is_shared() && !use_alternate_hashcode()) { + break; + } + assert(entry->literal() != NULL, "just checking"); +- if (is_alive->do_object_b(entry->literal())) { ++ if (entry->is_shared() || is_alive->do_object_b(entry->literal())) { + p = entry->next_addr(); + } else { + *p = entry->next(); + free_entry(entry); + } ++ entry = (HashtableEntry*)HashtableEntry::make_ptr(*p); + } + } + } +@@ -123,6 +130,96 @@ + } + + ++// Check to see if the hashtable is unbalanced. The caller set a flag to ++// rehash at the next safepoint. If this bucket is 60 times greater than the ++// expected average bucket length, it's an unbalanced hashtable. ++// This is somewhat an arbitrary heuristic but if one bucket gets to ++// rehash_count which is currently 100, there's probably something wrong. ++ ++bool BasicHashtable::check_rehash_table(int count) { ++ assert(table_size() != 0, "underflow"); ++ if (count > (((double)number_of_entries()/(double)table_size())*rehash_multiple)) { ++ // Set a flag for the next safepoint, which should be at some guaranteed ++ // safepoint interval. ++ return true; ++ } ++ return false; ++} ++ ++unsigned int Hashtable::new_hash(oop string) { ++ ResourceMark rm; ++ int length; ++ if (java_lang_String::is_instance(string)) { ++ jchar* chars = java_lang_String::as_unicode_string(string, length); ++ // Use alternate hashing algorithm on the string ++ return AltHashing::murmur3_32(seed(), chars, length); ++ } else { ++ // Use alternate hashing algorithm on this symbol. ++ symbolOop symOop = (symbolOop) string; ++ return AltHashing::murmur3_32(seed(), (const jbyte*)symOop->bytes(), symOop->utf8_length()); ++ } ++} ++ ++// Create a new table and using alternate hash code, populate the new table ++// with the existing elements. This can be used to change the hash code ++// and could in the future change the size of the table. ++ ++void Hashtable::move_to(Hashtable* new_table) { ++ // Initialize the global seed for hashing. ++ assert(new_table->seed() == 0, "should be zero"); ++ _seed = AltHashing::compute_seed(); ++ assert(seed() != 0, "shouldn't be zero"); ++ new_table->set_seed(_seed); ++ ++ int saved_entry_count = this->number_of_entries(); ++ ++ // Iterate through the table and create a new entry for the new table ++ for (int i = 0; i < new_table->table_size(); ++i) { ++ for (HashtableEntry* p = bucket(i); p != NULL; ) { ++ HashtableEntry* next = p->next(); ++ oop string = p->literal(); ++ // Use alternate hashing algorithm on the symbol in the first table ++ unsigned int hashValue = new_hash(string); ++ // Get a new index relative to the new table (can also change size) ++ int index = new_table->hash_to_index(hashValue); ++ p->set_hash(hashValue); ++ // Keep the shared bit in the Hashtable entry to indicate that this entry ++ // can't be deleted. The shared bit is the LSB in the _next field so ++ // walking the hashtable past these entries requires ++ // BasicHashtableEntry::make_ptr() call. ++ bool keep_shared = p->is_shared(); ++ unlink_entry(p); ++ new_table->add_entry(index, p); ++ if (keep_shared) { ++ p->set_shared(); ++ } ++ p = next; ++ } ++ } ++ // give the new table the free list as well ++ new_table->copy_freelist(this); ++ assert(new_table->number_of_entries() == saved_entry_count, "lost entry on dictionary copy?"); ++ ++ // Destroy memory used by the buckets in the hashtable. The memory ++ // for the elements has been used in a new table and is not ++ // destroyed. The memory reuse will benefit resizing the SystemDictionary ++ // to avoid a memory allocation spike at safepoint. ++ free_buckets(); ++} ++ ++void BasicHashtable::free_buckets() { ++ if (NULL != _buckets) { ++ // Don't delete the buckets in the shared space. They aren't ++ // allocated by os::malloc ++ if (!UseSharedSpaces || ++ !FileMapInfo::current_info()->is_in_shared_space(_buckets)) { ++ FREE_C_HEAP_ARRAY(HashtableBucket, _buckets); ++ } ++ _buckets = NULL; ++ } ++} ++ ++ + // Reverse the order of elements in the hash buckets. + + void BasicHashtable::reverse() { +diff --git a/src/share/vm/utilities/hashtable.hpp b/src/share/vm/utilities/hashtable.hpp +--- hotspot/src/share/vm/utilities/hashtable.hpp ++++ hotspot/src/share/vm/utilities/hashtable.hpp +@@ -177,6 +177,11 @@ + void verify_lookup_length(double load); + #endif + ++ enum { ++ rehash_count = 100, ++ rehash_multiple = 60 ++ }; ++ + void initialize(int table_size, int entry_size, int number_of_entries); + + // Accessor +@@ -192,6 +197,29 @@ + // Table entry management + BasicHashtableEntry* new_entry(unsigned int hashValue); + ++ // Check that the table is unbalanced ++ bool check_rehash_table(int count); ++ ++ // Used when moving the entry to another table ++ // Clean up links, but do not add to free_list ++ void unlink_entry(BasicHashtableEntry* entry) { ++ entry->set_next(NULL); ++ --_number_of_entries; ++ } ++ ++ // Move over freelist and free block for allocation ++ void copy_freelist(BasicHashtable* src) { ++ _free_list = src->_free_list; ++ src->_free_list = NULL; ++ _first_free_entry = src->_first_free_entry; ++ src->_first_free_entry = NULL; ++ _end_block = src->_end_block; ++ src->_end_block = NULL; ++ } ++ ++ // Free the buckets in this hashtable ++ void free_buckets(); ++ + public: + void set_entry(int index, BasicHashtableEntry* entry); + +@@ -210,11 +238,11 @@ + + public: + Hashtable(int table_size, int entry_size) +- : BasicHashtable(table_size, entry_size) { } ++ : BasicHashtable(table_size, entry_size), _seed(0) { } + + Hashtable(int table_size, int entry_size, + HashtableBucket* buckets, int number_of_entries) +- : BasicHashtable(table_size, entry_size, buckets, number_of_entries) { } ++ : BasicHashtable(table_size, entry_size, buckets, number_of_entries), _seed(0) { } + + // Invoke "f->do_oop" on the locations of all oops in the table. + void oops_do(OopClosure* f); +@@ -234,8 +262,6 @@ + + protected: + +- static unsigned int hash_symbol(const char* s, int len); +- + unsigned int compute_hash(symbolHandle name) { + return (unsigned int) name->identity_hash(); + } +@@ -256,6 +282,17 @@ + HashtableEntry** bucket_addr(int i) { + return (HashtableEntry**)BasicHashtable::bucket_addr(i); + } ++ ++ // Function to move these elements into the new table. ++ void move_to(Hashtable* new_table); ++ bool use_alternate_hashcode() { return _seed != 0; } ++ jint seed() { return _seed; } ++ void set_seed(jint seed) { _seed = seed; } ++ ++ private: ++ jint _seed; ++ ++ unsigned int new_hash(oop string); + }; + + +diff --git a/src/share/vm/utilities/hashtable.inline.hpp b/src/share/vm/utilities/hashtable.inline.hpp +--- hotspot/src/share/vm/utilities/hashtable.inline.hpp ++++ hotspot/src/share/vm/utilities/hashtable.inline.hpp +@@ -30,27 +30,6 @@ + + // Inline function definitions for hashtable.hpp. + +- +-// -------------------------------------------------------------------------- +-// Hash function +- +-// We originally used hashpjw, but hash P(31) gives just as good results +-// and is slighly faster. We would like a hash function that looks at every +-// character, since package names have large common prefixes, and also because +-// hash_or_fail does error checking while iterating. +- +-// hash P(31) from Kernighan & Ritchie +- +-inline unsigned int Hashtable::hash_symbol(const char* s, int len) { +- unsigned int h = 0; +- while (len-- > 0) { +- h = 31*h + (unsigned) *s; +- s++; +- } +- return h; +-} +- +- + // -------------------------------------------------------------------------- + + // Initialize a table. diff --git a/java/openjdk6/files/icedtea/security/7158801.patch b/java/openjdk6/files/icedtea/security/7158801.patch new file mode 100644 index 000000000000..91d1464eafbd --- /dev/null +++ b/java/openjdk6/files/icedtea/security/7158801.patch @@ -0,0 +1,30 @@ +# HG changeset patch +# User kvn +# Date 1337800285 25200 +# Node ID f7493d50b47d3946902e18153bcd912e37589d00 +# Parent 2faa3f7bad65189e69ab2f9a491743786bb8f07f +7158801: Improve VM CompileOnly option +Summary: Fixed buffer overflow during parsing flags -XX:CompileCommand=, -XX:CompileOnly= and command lines in .hotspot_compiler file. +Reviewed-by: never + +diff --git a/src/share/vm/compiler/compilerOracle.cpp b/src/share/vm/compiler/compilerOracle.cpp +--- hotspot/src/share/vm/compiler/compilerOracle.cpp ++++ hotspot/src/share/vm/compiler/compilerOracle.cpp +@@ -573,7 +573,7 @@ + char token[1024]; + int pos = 0; + int c = getc(stream); +- while(c != EOF) { ++ while(c != EOF && pos < (sizeof(token)-1)) { + if (c == '\n') { + token[pos++] = '\0'; + parse_from_line(token); +@@ -594,7 +594,7 @@ + int pos = 0; + const char* sp = str; + int c = *sp++; +- while (c != '\0') { ++ while (c != '\0' && pos < (sizeof(token)-1)) { + if (c == '\n') { + token[pos++] = '\0'; + parse_line(token); diff --git a/java/openjdk6/files/icedtea/security/7158804.patch b/java/openjdk6/files/icedtea/security/7158804.patch new file mode 100644 index 000000000000..318a1aa572db --- /dev/null +++ b/java/openjdk6/files/icedtea/security/7158804.patch @@ -0,0 +1,28 @@ +# HG changeset patch +# User dbuck +# Date 1342799006 25200 +# Node ID fde4cc8479824449b03abedd5357500aec92e990 +# Parent f7493d50b47d3946902e18153bcd912e37589d00 +7158804: Improve config file parsing +Summary: see bugdb 13784108 for details +Reviewed-by: vikram, kamg + +diff --git a/src/share/vm/runtime/arguments.cpp b/src/share/vm/runtime/arguments.cpp +--- hotspot/src/share/vm/runtime/arguments.cpp ++++ hotspot/src/share/vm/runtime/arguments.cpp +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1997, 2012, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -842,7 +842,7 @@ + bool result = true; + + int c = getc(stream); +- while(c != EOF) { ++ while(c != EOF && pos < (int)(sizeof(token)-1)) { + if (in_white_space) { + if (in_comment) { + if (c == '\n') in_comment = false; diff --git a/java/openjdk6/files/icedtea/security/7167656.patch b/java/openjdk6/files/icedtea/security/7167656.patch new file mode 100644 index 000000000000..105fe0140587 --- /dev/null +++ b/java/openjdk6/files/icedtea/security/7167656.patch @@ -0,0 +1,75 @@ +# HG changeset patch +# User coffeys +# Date 1340139680 -3600 +# Node ID d04575148db287475168da344159e583f7bff02c +# Parent 1e170e3c1b682d0f98a61a47e5049535c5bd4999 +7167656: Multiple Seeders are being created +Reviewed-by: wetmore + +diff --git a/src/share/classes/sun/security/provider/SecureRandom.java b/src/share/classes/sun/security/provider/SecureRandom.java +--- jdk/src/share/classes/sun/security/provider/SecureRandom.java ++++ jdk/src/share/classes/sun/security/provider/SecureRandom.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 1998, 2003, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1998, 2012, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -56,12 +56,6 @@ + + private static final long serialVersionUID = 3581829991155417889L; + +- /** +- * This static object will be seeded by SeedGenerator, and used +- * to seed future instances of SecureRandom +- */ +- private static SecureRandom seeder; +- + private static final int DIGEST_SIZE = 20; + private transient MessageDigest digest; + private byte[] state; +@@ -173,6 +167,28 @@ + } + + /** ++ * This static object will be seeded by SeedGenerator, and used ++ * to seed future instances of SHA1PRNG SecureRandoms. ++ * ++ * Bloch, Effective Java Second Edition: Item 71 ++ */ ++ private static class SeederHolder { ++ ++ private static final SecureRandom seeder; ++ ++ static { ++ /* ++ * Call to SeedGenerator.generateSeed() to add additional ++ * seed material (likely from the Native implementation). ++ */ ++ seeder = new SecureRandom(SeedGenerator.getSystemEntropy()); ++ byte [] b = new byte[DIGEST_SIZE]; ++ SeedGenerator.generateSeed(b); ++ seeder.engineSetSeed(b); ++ } ++ } ++ ++ /** + * Generates a user-specified number of random bytes. + * + * @param bytes the array to be filled in with random bytes. +@@ -183,13 +199,8 @@ + byte[] output = remainder; + + if (state == null) { +- if (seeder == null) { +- seeder = new SecureRandom(SeedGenerator.getSystemEntropy()); +- seeder.engineSetSeed(engineGenerateSeed(DIGEST_SIZE)); +- } +- + byte[] seed = new byte[DIGEST_SIZE]; +- seeder.engineNextBytes(seed); ++ SeederHolder.seeder.engineNextBytes(seed); + state = digest.digest(seed); + } + diff --git a/java/openjdk6/files/icedtea/security/7169884.patch b/java/openjdk6/files/icedtea/security/7169884.patch new file mode 100644 index 000000000000..e0f023038ade --- /dev/null +++ b/java/openjdk6/files/icedtea/security/7169884.patch @@ -0,0 +1,349 @@ +# HG changeset patch +# User robm +# Date 1347903606 -3600 +# Node ID 47e7c8e33cd82dade3e84af94bff125cdbdae062 +# Parent d04575148db287475168da344159e583f7bff02c +7169884: LogManager checks do not work correctly for sub-types +Reviewed-by: alanb + +diff --git a/src/share/classes/java/util/logging/FileHandler.java b/src/share/classes/java/util/logging/FileHandler.java +--- jdk/src/share/classes/java/util/logging/FileHandler.java ++++ jdk/src/share/classes/java/util/logging/FileHandler.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2000, 2006, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -220,7 +220,7 @@ + * @exception NullPointerException if pattern property is an empty String. + */ + public FileHandler() throws IOException, SecurityException { +- checkAccess(); ++ checkPermission(); + configure(); + openFiles(); + } +@@ -246,7 +246,7 @@ + if (pattern.length() < 1 ) { + throw new IllegalArgumentException(); + } +- checkAccess(); ++ checkPermission(); + configure(); + this.pattern = pattern; + this.limit = 0; +@@ -278,7 +278,7 @@ + if (pattern.length() < 1 ) { + throw new IllegalArgumentException(); + } +- checkAccess(); ++ checkPermission(); + configure(); + this.pattern = pattern; + this.limit = 0; +@@ -315,7 +315,7 @@ + if (limit < 0 || count < 1 || pattern.length() < 1) { + throw new IllegalArgumentException(); + } +- checkAccess(); ++ checkPermission(); + configure(); + this.pattern = pattern; + this.limit = limit; +@@ -354,7 +354,7 @@ + if (limit < 0 || count < 1 || pattern.length() < 1) { + throw new IllegalArgumentException(); + } +- checkAccess(); ++ checkPermission(); + configure(); + this.pattern = pattern; + this.limit = limit; +@@ -367,7 +367,7 @@ + // configured instance variables. + private void openFiles() throws IOException { + LogManager manager = LogManager.getLogManager(); +- manager.checkAccess(); ++ manager.checkPermission(); + if (count < 1) { + throw new IllegalArgumentException("file count = " + count); + } +diff --git a/src/share/classes/java/util/logging/Handler.java b/src/share/classes/java/util/logging/Handler.java +--- jdk/src/share/classes/java/util/logging/Handler.java ++++ jdk/src/share/classes/java/util/logging/Handler.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2000, 2006, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -111,7 +111,7 @@ + * the caller does not have <tt>LoggingPermission("control")</tt>. + */ + public void setFormatter(Formatter newFormatter) throws SecurityException { +- checkAccess(); ++ checkPermission(); + // Check for a null pointer: + newFormatter.getClass(); + formatter = newFormatter; +@@ -140,7 +140,7 @@ + */ + public void setEncoding(String encoding) + throws SecurityException, java.io.UnsupportedEncodingException { +- checkAccess(); ++ checkPermission(); + if (encoding != null) { + try { + if(!java.nio.charset.Charset.isSupported(encoding)) { +@@ -175,7 +175,7 @@ + * the caller does not have <tt>LoggingPermission("control")</tt>. + */ + public void setFilter(Filter newFilter) throws SecurityException { +- checkAccess(); ++ checkPermission(); + filter = newFilter; + } + +@@ -199,7 +199,7 @@ + * the caller does not have <tt>LoggingPermission("control")</tt>. + */ + public void setErrorManager(ErrorManager em) { +- checkAccess(); ++ checkPermission(); + if (em == null) { + throw new NullPointerException(); + } +@@ -213,7 +213,7 @@ + * the caller does not have <tt>LoggingPermission("control")</tt>. + */ + public ErrorManager getErrorManager() { +- checkAccess(); ++ checkPermission(); + return errorManager; + } + +@@ -253,7 +253,7 @@ + if (newLevel == null) { + throw new NullPointerException(); + } +- checkAccess(); ++ checkPermission(); + logLevel = newLevel; + } + +@@ -296,9 +296,9 @@ + // If "sealed" is true, we check that the caller has + // appropriate security privileges to update Handler + // state and if not throw a SecurityException. +- void checkAccess() throws SecurityException { ++ void checkPermission() throws SecurityException { + if (sealed) { +- manager.checkAccess(); ++ manager.checkPermission(); + } + } + } +diff --git a/src/share/classes/java/util/logging/LogManager.java b/src/share/classes/java/util/logging/LogManager.java +--- jdk/src/share/classes/java/util/logging/LogManager.java ++++ jdk/src/share/classes/java/util/logging/LogManager.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -303,7 +303,7 @@ + if (l == null) { + throw new NullPointerException(); + } +- checkAccess(); ++ checkPermission(); + changes.addPropertyChangeListener(l); + } + +@@ -322,7 +322,7 @@ + * the caller does not have LoggingPermission("control"). + */ + public void removePropertyChangeListener(PropertyChangeListener l) throws SecurityException { +- checkAccess(); ++ checkPermission(); + changes.removePropertyChangeListener(l); + } + +@@ -740,7 +740,7 @@ + * @exception IOException if there are IO problems reading the configuration. + */ + public void readConfiguration() throws IOException, SecurityException { +- checkAccess(); ++ checkPermission(); + + // if a configuration class is specified, load it and use it. + String cname = System.getProperty("java.util.logging.config.class"); +@@ -798,7 +798,7 @@ + */ + + public void reset() throws SecurityException { +- checkAccess(); ++ checkPermission(); + synchronized (this) { + props = new Properties(); + // Since we are doing a reset we no longer want to initialize +@@ -883,7 +883,7 @@ + * @exception IOException if there are problems reading from the stream. + */ + public void readConfiguration(InputStream ins) throws IOException, SecurityException { +- checkAccess(); ++ checkPermission(); + reset(); + + // Load the properties +@@ -1045,7 +1045,13 @@ + } + + +- private Permission ourPermission = new LoggingPermission("control", null); ++ private final Permission controlPermission = new LoggingPermission("control", null); ++ ++ void checkPermission() { ++ SecurityManager sm = System.getSecurityManager(); ++ if (sm != null) ++ sm.checkPermission(controlPermission); ++ } + + /** + * Check that the current context is trusted to modify the logging +@@ -1058,11 +1064,7 @@ + * the caller does not have LoggingPermission("control"). + */ + public void checkAccess() throws SecurityException { +- SecurityManager sm = System.getSecurityManager(); +- if (sm == null) { +- return; +- } +- sm.checkPermission(ourPermission); ++ checkPermission(); + } + + // Nested class to represent a node in our tree of named loggers. +diff --git a/src/share/classes/java/util/logging/Logger.java b/src/share/classes/java/util/logging/Logger.java +--- jdk/src/share/classes/java/util/logging/Logger.java ++++ jdk/src/share/classes/java/util/logging/Logger.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -266,13 +266,13 @@ + this.manager = manager; + } + +- private void checkAccess() throws SecurityException { ++ private void checkPermission() throws SecurityException { + if (!anonymous) { + if (manager == null) { + // Complete initialization of the global Logger. + manager = LogManager.getLogManager(); + } +- manager.checkAccess(); ++ manager.checkPermission(); + } + } + +@@ -454,7 +454,7 @@ + * the caller does not have LoggingPermission("control"). + */ + public synchronized void setFilter(Filter newFilter) throws SecurityException { +- checkAccess(); ++ checkPermission(); + filter = newFilter; + } + +@@ -1145,7 +1145,7 @@ + * the caller does not have LoggingPermission("control"). + */ + public void setLevel(Level newLevel) throws SecurityException { +- checkAccess(); ++ checkPermission(); + synchronized (treeLock) { + levelObject = newLevel; + updateEffectiveLevel(); +@@ -1200,7 +1200,7 @@ + public synchronized void addHandler(Handler handler) throws SecurityException { + // Check for null handler + handler.getClass(); +- checkAccess(); ++ checkPermission(); + if (handlers == null) { + handlers = new ArrayList<Handler>(); + } +@@ -1217,7 +1217,7 @@ + * the caller does not have LoggingPermission("control"). + */ + public synchronized void removeHandler(Handler handler) throws SecurityException { +- checkAccess(); ++ checkPermission(); + if (handler == null) { + return; + } +@@ -1251,7 +1251,7 @@ + * the caller does not have LoggingPermission("control"). + */ + public synchronized void setUseParentHandlers(boolean useParentHandlers) { +- checkAccess(); ++ checkPermission(); + this.useParentHandlers = useParentHandlers; + } + +@@ -1388,7 +1388,7 @@ + if (parent == null) { + throw new NullPointerException(); + } +- manager.checkAccess(); ++ manager.checkPermission(); + doSetParent(parent); + } + +diff --git a/src/share/classes/java/util/logging/MemoryHandler.java b/src/share/classes/java/util/logging/MemoryHandler.java +--- jdk/src/share/classes/java/util/logging/MemoryHandler.java ++++ jdk/src/share/classes/java/util/logging/MemoryHandler.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2000, 2004, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -238,7 +238,7 @@ + throw new NullPointerException(); + } + LogManager manager = LogManager.getLogManager(); +- checkAccess(); ++ checkPermission(); + pushLevel = newLevel; + } + +diff --git a/src/share/classes/java/util/logging/StreamHandler.java b/src/share/classes/java/util/logging/StreamHandler.java +--- jdk/src/share/classes/java/util/logging/StreamHandler.java ++++ jdk/src/share/classes/java/util/logging/StreamHandler.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2000, 2006, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -249,7 +249,7 @@ + } + + private synchronized void flushAndClose() throws SecurityException { +- checkAccess(); ++ checkPermission(); + if (writer != null) { + try { + if (!doneHeader) { diff --git a/java/openjdk6/files/icedtea/security/7169888.patch b/java/openjdk6/files/icedtea/security/7169888.patch new file mode 100644 index 000000000000..537648fc2ae8 --- /dev/null +++ b/java/openjdk6/files/icedtea/security/7169888.patch @@ -0,0 +1,125 @@ +# HG changeset patch +# User dbuck +# Date 1342799616 25200 +# Node ID 39b599e90c7b33435ca42ae96ed673812a8be3d7 +# Parent 47e7c8e33cd82dade3e84af94bff125cdbdae062 +7169888: Narrowing resource definitions in JMX RMI connector +Summary: see bugdb 13932219 for details +Reviewed-by: fparain, vikram + +diff --git a/src/share/classes/javax/management/remote/rmi/RMIConnectionImpl.java b/src/share/classes/javax/management/remote/rmi/RMIConnectionImpl.java +--- jdk/src/share/classes/javax/management/remote/rmi/RMIConnectionImpl.java ++++ jdk/src/share/classes/javax/management/remote/rmi/RMIConnectionImpl.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2002, 2007, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 2002, 2012, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -39,11 +39,17 @@ + import java.rmi.MarshalledObject; + import java.rmi.UnmarshalException; + import java.rmi.server.Unreferenced; ++ + import java.security.AccessControlContext; + import java.security.AccessController; ++import java.security.Permission; ++import java.security.PermissionCollection; ++import java.security.Permissions; + import java.security.PrivilegedAction; + import java.security.PrivilegedActionException; + import java.security.PrivilegedExceptionAction; ++import java.security.ProtectionDomain; ++ + import java.util.Arrays; + import java.util.Collections; + import java.util.Map; +@@ -60,6 +66,7 @@ + import javax.management.MBeanException; + import javax.management.MBeanInfo; + import javax.management.MBeanRegistrationException; ++import javax.management.MBeanPermission; + import javax.management.MBeanServer; + import javax.management.NotCompliantMBeanException; + import javax.management.NotificationFilter; +@@ -144,15 +151,20 @@ + this.mbeanServer = rmiServer.getMBeanServer(); + + final ClassLoader dcl = defaultClassLoader; ++ + this.classLoaderWithRepository = + AccessController.doPrivileged( + new PrivilegedAction<ClassLoaderWithRepository>() { + public ClassLoaderWithRepository run() { + return new ClassLoaderWithRepository( +- getClassLoaderRepository(), ++ mbeanServer.getClassLoaderRepository(), + dcl); + } +- }); ++ }, ++ ++ withPermissions( new MBeanPermission("*", "getClassLoaderRepository"), ++ new RuntimePermission("createClassLoader")) ++ ); + + serverCommunicatorAdmin = new + RMIServerCommunicatorAdmin(EnvHelp.getServerConnectionTimeout(env)); +@@ -160,6 +172,17 @@ + this.env = env; + } + ++ private static AccessControlContext withPermissions(Permission ... perms){ ++ Permissions col = new Permissions(); ++ ++ for (Permission thePerm : perms ) { ++ col.add(thePerm); ++ } ++ ++ final ProtectionDomain pd = new ProtectionDomain(null, col); ++ return new AccessControlContext( new ProtectionDomain[] { pd }); ++ } ++ + private synchronized ServerNotifForwarder getServerNotifFwd() { + // Lazily created when first use. Mainly when + // addNotificationListener is first called. +@@ -1314,16 +1337,6 @@ + // private methods + //------------------------------------------------------------------------ + +- private ClassLoaderRepository getClassLoaderRepository() { +- return +- AccessController.doPrivileged( +- new PrivilegedAction<ClassLoaderRepository>() { +- public ClassLoaderRepository run() { +- return mbeanServer.getClassLoaderRepository(); +- } +- }); +- } +- + private ClassLoader getClassLoader(final ObjectName name) + throws InstanceNotFoundException { + try { +@@ -1333,7 +1346,9 @@ + public ClassLoader run() throws InstanceNotFoundException { + return mbeanServer.getClassLoader(name); + } +- }); ++ }, ++ withPermissions(new MBeanPermission("*", "getClassLoader")) ++ ); + } catch (PrivilegedActionException pe) { + throw (InstanceNotFoundException) extractException(pe); + } +@@ -1348,7 +1363,9 @@ + public Object run() throws InstanceNotFoundException { + return mbeanServer.getClassLoaderFor(name); + } +- }); ++ }, ++ withPermissions(new MBeanPermission("*", "getClassLoaderFor")) ++ ); + } catch (PrivilegedActionException pe) { + throw (InstanceNotFoundException) extractException(pe); + } diff --git a/java/openjdk6/files/icedtea/security/7172522.patch b/java/openjdk6/files/icedtea/security/7172522.patch new file mode 100644 index 000000000000..74c1aceacf59 --- /dev/null +++ b/java/openjdk6/files/icedtea/security/7172522.patch @@ -0,0 +1,36 @@ +# HG changeset patch +# User coffeys +# Date 1340096399 -3600 +# Node ID 88243aa6e67b6b84ff529ccdfd3b476410f60057 +# Parent 39b599e90c7b33435ca42ae96ed673812a8be3d7 +7172522: Improve DomainCombiner checking +Reviewed-by: mullan + +diff --git a/src/share/classes/java/security/AccessController.java b/src/share/classes/java/security/AccessController.java +--- jdk/src/share/classes/java/security/AccessController.java ++++ jdk/src/share/classes/java/security/AccessController.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 1997, 2007, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1997, 2012, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -293,7 +293,7 @@ + DomainCombiner dc = null; + AccessControlContext acc = getStackAccessControlContext(); + if (acc == null || (dc = acc.getAssignedCombiner()) == null) { +- return AccessController.doPrivileged(action); ++ return AccessController.doPrivileged(action, acc); + } + return AccessController.doPrivileged(action, preserveCombiner(dc)); + } +@@ -389,7 +389,7 @@ + DomainCombiner dc = null; + AccessControlContext acc = getStackAccessControlContext(); + if (acc == null || (dc = acc.getAssignedCombiner()) == null) { +- return AccessController.doPrivileged(action); ++ return AccessController.doPrivileged(action, acc); + } + return AccessController.doPrivileged(action, preserveCombiner(dc)); + } diff --git a/java/openjdk6/files/icedtea/security/7176337.patch b/java/openjdk6/files/icedtea/security/7176337.patch new file mode 100644 index 000000000000..c323d4155ee2 --- /dev/null +++ b/java/openjdk6/files/icedtea/security/7176337.patch @@ -0,0 +1,29 @@ +# HG changeset patch +# User asaha +# Date 1340145914 25200 +# Node ID a148157cd348fe4c251063db7d3973a83cfcf483 +# Parent fde4cc8479824449b03abedd5357500aec92e990 +7176337: Additional changes needed for 7158801 fix +Reviewed-by: kvn + +diff --git a/src/share/vm/compiler/compilerOracle.cpp b/src/share/vm/compiler/compilerOracle.cpp +--- hotspot/src/share/vm/compiler/compilerOracle.cpp ++++ hotspot/src/share/vm/compiler/compilerOracle.cpp +@@ -573,7 +573,7 @@ + char token[1024]; + int pos = 0; + int c = getc(stream); +- while(c != EOF && pos < (sizeof(token)-1)) { ++ while(c != EOF && pos < (int)(sizeof(token)-1)) { + if (c == '\n') { + token[pos++] = '\0'; + parse_from_line(token); +@@ -594,7 +594,7 @@ + int pos = 0; + const char* sp = str; + int c = *sp++; +- while (c != '\0' && pos < (sizeof(token)-1)) { ++ while (c != '\0' && pos < (int)(sizeof(token)-1)) { + if (c == '\n') { + token[pos++] = '\0'; + parse_line(token); diff --git a/java/openjdk6/files/icedtea/security/7186286.patch b/java/openjdk6/files/icedtea/security/7186286.patch new file mode 100644 index 000000000000..cc5adc1a3cf9 --- /dev/null +++ b/java/openjdk6/files/icedtea/security/7186286.patch @@ -0,0 +1,552 @@ +# HG changeset patch +# User xuelei +# Date 1343546404 25200 +# Node ID a6294da5a21f609b67a0d4d216028dda9f56e689 +# Parent 88243aa6e67b6b84ff529ccdfd3b476410f60057 +7186286: TLS implementation to better adhere to RFC +Summary: also reviewed by Alexander Fomin <Alexander.Fomin@Oracle.COM>, Andrew Gross<Andrew.Gross@Oracle.COM>, Sean Coffey<Sean.Coffey@Oracle.COM> +Reviewed-by: valeriep, wetmore + +diff --git a/src/share/classes/sun/security/pkcs11/P11Cipher.java b/src/share/classes/sun/security/pkcs11/P11Cipher.java +--- jdk/src/share/classes/sun/security/pkcs11/P11Cipher.java ++++ jdk/src/share/classes/sun/security/pkcs11/P11Cipher.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -650,7 +650,7 @@ + // see JCE spec + protected int engineGetKeySize(Key key) throws InvalidKeyException { + int n = P11SecretKeyFactory.convertKey +- (token, key, keyAlgorithm).keyLength(); ++ (token, key, keyAlgorithm).length(); + return n; + } + } +diff --git a/src/share/classes/sun/security/pkcs11/P11Key.java b/src/share/classes/sun/security/pkcs11/P11Key.java +--- jdk/src/share/classes/sun/security/pkcs11/P11Key.java ++++ jdk/src/share/classes/sun/security/pkcs11/P11Key.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -46,6 +46,7 @@ + import static sun.security.pkcs11.wrapper.PKCS11Constants.*; + + import sun.security.util.DerValue; ++import sun.security.util.Length; + + /** + * Key implementation classes. +@@ -61,7 +62,7 @@ + * @author Andreas Sterbenz + * @since 1.5 + */ +-abstract class P11Key implements Key { ++abstract class P11Key implements Key, Length { + + private final static String PUBLIC = "public"; + private final static String PRIVATE = "private"; +@@ -212,7 +213,11 @@ + return s1; + } + +- int keyLength() { ++ /** ++ * Return bit length of the key. ++ */ ++ @Override ++ public int length() { + return keyLength; + } + +diff --git a/src/share/classes/sun/security/pkcs11/P11RSACipher.java b/src/share/classes/sun/security/pkcs11/P11RSACipher.java +--- jdk/src/share/classes/sun/security/pkcs11/P11RSACipher.java ++++ jdk/src/share/classes/sun/security/pkcs11/P11RSACipher.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -201,7 +201,7 @@ + } else { + throw new InvalidKeyException("Unknown key type: " + p11Key); + } +- int n = (p11Key.keyLength() + 7) >> 3; ++ int n = (p11Key.length() + 7) >> 3; + outputSize = n; + buffer = new byte[n]; + maxInputSize = encrypt ? (n - PKCS1_MIN_PADDING_LENGTH) : n; +@@ -458,7 +458,7 @@ + + // see JCE spec + protected int engineGetKeySize(Key key) throws InvalidKeyException { +- int n = P11KeyFactory.convertKey(token, key, algorithm).keyLength(); ++ int n = P11KeyFactory.convertKey(token, key, algorithm).length(); + return n; + } + } +diff --git a/src/share/classes/sun/security/pkcs11/P11Signature.java b/src/share/classes/sun/security/pkcs11/P11Signature.java +--- jdk/src/share/classes/sun/security/pkcs11/P11Signature.java ++++ jdk/src/share/classes/sun/security/pkcs11/P11Signature.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -274,7 +274,7 @@ + if (keyAlgorithm.equals("DSA")) { + signature = new byte[40]; + } else { +- signature = new byte[(p11Key.keyLength() + 7) >> 3]; ++ signature = new byte[(p11Key.length() + 7) >> 3]; + } + if (type == T_UPDATE) { + token.p11.C_VerifyFinal(session.id(), signature); +@@ -359,7 +359,7 @@ + if (keyAlgorithm.equals("RSA") && publicKey != p11Key) { + int keyLen; + if (publicKey instanceof P11Key) { +- keyLen = ((P11Key) publicKey).keyLength(); ++ keyLen = ((P11Key) publicKey).length(); + } else { + keyLen = ((RSAKey) publicKey).getModulus().bitLength(); + } +@@ -620,7 +620,7 @@ + + private byte[] pkcs1Pad(byte[] data) { + try { +- int len = (p11Key.keyLength() + 7) >> 3; ++ int len = (p11Key.length() + 7) >> 3; + RSAPadding padding = RSAPadding.getInstance + (RSAPadding.PAD_BLOCKTYPE_1, len); + byte[] padded = padding.pad(data); +diff --git a/src/share/classes/sun/security/ssl/HandshakeInStream.java b/src/share/classes/sun/security/ssl/HandshakeInStream.java +--- jdk/src/share/classes/sun/security/ssl/HandshakeInStream.java ++++ jdk/src/share/classes/sun/security/ssl/HandshakeInStream.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 1996, 2007, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1996, 2012, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -190,6 +190,7 @@ + + byte[] getBytes8() throws IOException { + int len = getInt8(); ++ verifyLength(len); + byte b[] = new byte[len]; + + read(b, 0, len); +@@ -198,6 +199,7 @@ + + byte[] getBytes16() throws IOException { + int len = getInt16(); ++ verifyLength(len); + byte b[] = new byte[len]; + + read(b, 0, len); +@@ -206,10 +208,19 @@ + + byte[] getBytes24() throws IOException { + int len = getInt24(); ++ verifyLength(len); + byte b[] = new byte[len]; + + read(b, 0, len); + return b; + } + ++ // Is a length greater than available bytes in the record? ++ private void verifyLength(int len) throws SSLException { ++ if (len > available()) { ++ throw new SSLException( ++ "Not enough data to fill declared vector size"); ++ } ++ } ++ + } +diff --git a/src/share/classes/sun/security/ssl/Handshaker.java b/src/share/classes/sun/security/ssl/Handshaker.java +--- jdk/src/share/classes/sun/security/ssl/Handshaker.java ++++ jdk/src/share/classes/sun/security/ssl/Handshaker.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 1996, 2010, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1996, 2012, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -776,9 +776,9 @@ + if (debug != null && Debug.isOn("handshake")) { + System.out.println("RSA master secret generation error:"); + e.printStackTrace(System.out); +- System.out.println("Generating new random premaster secret"); + } +- preMasterSecret = RSAClientKeyExchange.generateDummySecret(protocolVersion); ++ preMasterSecret = ++ RSAClientKeyExchange.generateDummySecret(protocolVersion); + // recursive call with new premaster secret + return calculateMasterSecret(preMasterSecret, null); + } +@@ -821,9 +821,9 @@ + System.out.println("RSA PreMasterSecret version error: expected" + + protocolVersion + " or " + requestedVersion + ", decrypted: " + + premasterVersion); +- System.out.println("Generating new random premaster secret"); + } +- preMasterSecret = RSAClientKeyExchange.generateDummySecret(protocolVersion); ++ preMasterSecret = ++ RSAClientKeyExchange.generateDummySecret(protocolVersion); + // recursive call with new premaster secret + return calculateMasterSecret(preMasterSecret, null); + } +diff --git a/src/share/classes/sun/security/ssl/RSAClientKeyExchange.java b/src/share/classes/sun/security/ssl/RSAClientKeyExchange.java +--- jdk/src/share/classes/sun/security/ssl/RSAClientKeyExchange.java ++++ jdk/src/share/classes/sun/security/ssl/RSAClientKeyExchange.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 1996, 2007, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1996, 2012, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -36,6 +36,7 @@ + import javax.net.ssl.*; + + import sun.security.internal.spec.TlsRsaPremasterSecretParameterSpec; ++import sun.security.util.KeyLength; + + /** + * This is the client key exchange message (CLIENT --> SERVER) used with +@@ -85,7 +86,8 @@ + * it, using its RSA private key. Result is the same size as the + * server's public key, and uses PKCS #1 block format 02. + */ +- RSAClientKeyExchange(ProtocolVersion protocolVersion, ProtocolVersion maxVersion, ++ RSAClientKeyExchange(ProtocolVersion protocolVersion, ++ ProtocolVersion maxVersion, + SecureRandom generator, PublicKey publicKey) throws IOException { + if (publicKey.getAlgorithm().equals("RSA") == false) { + throw new SSLKeyException("Public key not of type RSA"); +@@ -120,7 +122,8 @@ + * Server gets the PKCS #1 (block format 02) data, decrypts + * it with its private key. + */ +- RSAClientKeyExchange(ProtocolVersion currentVersion, HandshakeInStream input, ++ RSAClientKeyExchange(ProtocolVersion currentVersion, ++ ProtocolVersion maxVersion, HandshakeInStream input, + int messageSize, PrivateKey privateKey) throws IOException { + + if (privateKey.getAlgorithm().equals("RSA") == false) { +@@ -143,28 +146,119 @@ + cipher.init(Cipher.UNWRAP_MODE, privateKey); + preMaster = (SecretKey)cipher.unwrap(encrypted, + "TlsRsaPremasterSecret", Cipher.SECRET_KEY); ++ ++ // polish the premaster secret ++ preMaster = polishPreMasterSecretKey( ++ currentVersion, maxVersion, preMaster, null); + } catch (Exception e) { +- /* +- * Bogus decrypted ClientKeyExchange? If so, conjure a +- * a random preMaster secret that will fail later during +- * Finished message processing. This is a countermeasure against +- * the "interactive RSA PKCS#1 encryption envelop attack" reported +- * in June 1998. Preserving the executation path will +- * mitigate timing attacks and force consistent error handling +- * that will prevent an attacking client from differentiating +- * different kinds of decrypted ClientKeyExchange bogosities. +- */ +- if (debug != null && Debug.isOn("handshake")) { +- System.out.println("Error decrypting premaster secret:"); +- e.printStackTrace(System.out); +- System.out.println("Generating random secret"); ++ // polish the premaster secret ++ preMaster = polishPreMasterSecretKey( ++ currentVersion, maxVersion, preMaster, e); ++ } ++ } ++ ++ /** ++ * To avoid vulnerabilities described by section 7.4.7.1, RFC 5246, ++ * treating incorrectly formatted message blocks and/or mismatched ++ * version numbers in a manner indistinguishable from correctly ++ * formatted RSA blocks. ++ * ++ * RFC 5246 describes the approach as : ++ * ++ * 1. Generate a string R of 46 random bytes ++ * ++ * 2. Decrypt the message to recover the plaintext M ++ * ++ * 3. If the PKCS#1 padding is not correct, or the length of message ++ * M is not exactly 48 bytes: ++ * pre_master_secret = ClientHello.client_version || R ++ * else If ClientHello.client_version <= TLS 1.0, and version ++ * number check is explicitly disabled: ++ * pre_master_secret = M ++ * else: ++ * pre_master_secret = ClientHello.client_version || M[2..47] ++ * ++ * Note that although TLS 1.2 is not supported in this release, we still ++ * want to make use of the above approach to provide better protection. ++ */ ++ private SecretKey polishPreMasterSecretKey( ++ ProtocolVersion currentVersion, ProtocolVersion clientHelloVersion, ++ SecretKey secretKey, Exception failoverException) { ++ ++ if (failoverException == null && secretKey != null) { ++ // check the length ++ byte[] encoded = secretKey.getEncoded(); ++ if (encoded == null) { // unable to get the encoded key ++ if (debug != null && Debug.isOn("handshake")) { ++ System.out.println( ++ "unable to get the plaintext of the premaster secret"); ++ } ++ ++ int keySize = KeyLength.getKeySize(secretKey); ++ if (keySize > 0 && keySize != 384) { // 384 = 48 * 8 ++ if (debug != null && Debug.isOn("handshake")) { ++ System.out.println( ++ "incorrect length of premaster secret: " + ++ (keySize/8)); ++ } ++ ++ return generateDummySecret(currentVersion); ++ } ++ ++ // The key size is exactly 48 bytes or not accessible. ++ // ++ // Conservatively, pass the checking to master secret ++ // calculation. ++ return secretKey; ++ } else if (encoded.length == 48) { ++ // check the version ++ if (clientHelloVersion.major == encoded[0] && ++ clientHelloVersion.minor == encoded[1]) { ++ ++ return secretKey; ++ } else if (clientHelloVersion.v <= ProtocolVersion.TLS10.v && ++ currentVersion.major == encoded[0] && ++ currentVersion.minor == encoded[1]) { ++ /* ++ * For compatibility, we maintain the behavior that the ++ * version in pre_master_secret can be the negotiated ++ * version for TLS v1.0 and SSL v3.0. ++ */ ++ return secretKey; ++ } ++ ++ if (debug != null && Debug.isOn("handshake")) { ++ System.out.println("Mismatching Protocol Versions, " + ++ "ClientHello.client_version is " + clientHelloVersion + ++ ", while PreMasterSecret.client_version is " + ++ ProtocolVersion.valueOf(encoded[0], encoded[1])); ++ } ++ return generateDummySecret(currentVersion); ++ } else { ++ if (debug != null && Debug.isOn("handshake")) { ++ System.out.println( ++ "incorrect length of premaster secret: " + ++ encoded.length); ++ } ++ return generateDummySecret(currentVersion); + } +- preMaster = generateDummySecret(currentVersion); + } ++ ++ if (debug != null && Debug.isOn("handshake") && ++ failoverException != null) { ++ System.out.println("Error decrypting premaster secret:"); ++ failoverException.printStackTrace(System.out); ++ } ++ ++ return generateDummySecret(currentVersion); + } + + // generate a premaster secret with the specified version number + static SecretKey generateDummySecret(ProtocolVersion version) { ++ if (debug != null && Debug.isOn("handshake")) { ++ System.out.println("Generating a random fake premaster secret"); ++ } ++ + try { + KeyGenerator kg = + JsseJce.getKeyGenerator("SunTlsRsaPremasterSecret"); +diff --git a/src/share/classes/sun/security/ssl/ServerHandshaker.java b/src/share/classes/sun/security/ssl/ServerHandshaker.java +--- jdk/src/share/classes/sun/security/ssl/ServerHandshaker.java ++++ jdk/src/share/classes/sun/security/ssl/ServerHandshaker.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 1996, 2010, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1996, 2012, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -190,8 +190,9 @@ + * temporary one used for non-export or signing-only + * certificates/keys. + */ +- RSAClientKeyExchange pms = new RSAClientKeyExchange +- (protocolVersion, input, message_len, privateKey); ++ RSAClientKeyExchange pms = new RSAClientKeyExchange( ++ protocolVersion, clientRequestedVersion, ++ input, message_len, privateKey); + preMasterSecret = this.clientKeyExchange(pms); + break; + case K_KRB5: +diff --git a/src/share/classes/sun/security/util/KeyLength.java b/src/share/classes/sun/security/util/KeyLength.java +new file mode 100644 +--- /dev/null ++++ jdk/src/share/classes/sun/security/util/KeyLength.java +@@ -0,0 +1,91 @@ ++/* ++ * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved. ++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. ++ * ++ * This code is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License version 2 only, as ++ * published by the Free Software Foundation. Oracle designates this ++ * particular file as subject to the "Classpath" exception as provided ++ * by Oracle in the LICENSE file that accompanied this code. ++ * ++ * This code is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * version 2 for more details (a copy is included in the LICENSE file that ++ * accompanied this code). ++ * ++ * You should have received a copy of the GNU General Public License version ++ * 2 along with this work; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ++ * ++ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA ++ * or visit www.oracle.com if you need additional information or have any ++ * questions. ++ */ ++ ++package sun.security.util; ++ ++import java.security.Key; ++import java.security.PrivilegedAction; ++import java.security.AccessController; ++import java.security.interfaces.ECKey; ++import java.security.interfaces.RSAKey; ++import java.security.interfaces.DSAKey; ++import javax.crypto.SecretKey; ++import javax.crypto.interfaces.DHKey; ++ ++/** ++ * A utility class to get key length ++ */ ++public final class KeyLength { ++ ++ /** ++ * Returns the key size of the given key object in bits. ++ * ++ * @param key the key object, cannot be null ++ * @return the key size of the given key object in bits, or -1 if the ++ * key size is not accessible ++ */ ++ final public static int getKeySize(Key key) { ++ int size = -1; ++ ++ if (key instanceof Length) { ++ try { ++ Length ruler = (Length)key; ++ size = ruler.length(); ++ } catch (UnsupportedOperationException usoe) { ++ // ignore the exception ++ } ++ ++ if (size >= 0) { ++ return size; ++ } ++ } ++ ++ // try to parse the length from key specification ++ if (key instanceof SecretKey) { ++ SecretKey sk = (SecretKey)key; ++ String format = sk.getFormat(); ++ if ("RAW".equals(format) && sk.getEncoded() != null) { ++ size = (sk.getEncoded().length * 8); ++ } // Otherwise, it may be a unextractable key of PKCS#11, or ++ // a key we are not able to handle. ++ } else if (key instanceof RSAKey) { ++ RSAKey pubk = (RSAKey)key; ++ size = pubk.getModulus().bitLength(); ++ } else if (key instanceof ECKey) { ++ ECKey pubk = (ECKey)key; ++ size = pubk.getParams().getOrder().bitLength(); ++ } else if (key instanceof DSAKey) { ++ DSAKey pubk = (DSAKey)key; ++ size = pubk.getParams().getP().bitLength(); ++ } else if (key instanceof DHKey) { ++ DHKey pubk = (DHKey)key; ++ size = pubk.getParams().getP().bitLength(); ++ } // Otherwise, it may be a unextractable key of PKCS#11, or ++ // a key we are not able to handle. ++ ++ return size; ++ } ++} ++ +diff --git a/src/share/classes/sun/security/util/Length.java b/src/share/classes/sun/security/util/Length.java +new file mode 100644 +--- /dev/null ++++ jdk/src/share/classes/sun/security/util/Length.java +@@ -0,0 +1,43 @@ ++/* ++ * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved. ++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. ++ * ++ * This code is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License version 2 only, as ++ * published by the Free Software Foundation. Oracle designates this ++ * particular file as subject to the "Classpath" exception as provided ++ * by Oracle in the LICENSE file that accompanied this code. ++ * ++ * This code is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * version 2 for more details (a copy is included in the LICENSE file that ++ * accompanied this code). ++ * ++ * You should have received a copy of the GNU General Public License version ++ * 2 along with this work; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ++ * ++ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA ++ * or visit www.oracle.com if you need additional information or have any ++ * questions. ++ */ ++ ++package sun.security.util; ++ ++/** ++ * The Length interface defines the length of an object ++ */ ++public interface Length { ++ ++ /** ++ * Gets the length of this object ++ * <p> ++ * Note that if a class of java.security.Key implements this interfaces, ++ * the length should be measured in bits. ++ * ++ * @return the length of this object ++ * @throws UnsupportedOperationException if the operation is not supported ++ */ ++ public int length(); ++} diff --git a/java/openjdk6/files/icedtea/security/7189103.patch b/java/openjdk6/files/icedtea/security/7189103.patch new file mode 100644 index 000000000000..c855299d2ac2 --- /dev/null +++ b/java/openjdk6/files/icedtea/security/7189103.patch @@ -0,0 +1,39 @@ +# HG changeset patch +# User coffeys +# Date 1345121690 -3600 +# Node ID b6a7a661db8a2141ebb2e79ba5739722d1be7bfd +# Parent a6294da5a21f609b67a0d4d216028dda9f56e689 +7189103: Executors needs to maintain state +Reviewed-by: chegar + +diff --git a/src/share/classes/java/util/concurrent/Executors.java b/src/share/classes/java/util/concurrent/Executors.java +--- jdk/src/share/classes/java/util/concurrent/Executors.java ++++ jdk/src/share/classes/java/util/concurrent/Executors.java +@@ -530,18 +530,17 @@ + return AccessController.doPrivileged( + new PrivilegedExceptionAction<T>() { + public T run() throws Exception { +- ClassLoader savedcl = null; + Thread t = Thread.currentThread(); +- try { +- ClassLoader cl = t.getContextClassLoader(); +- if (ccl != cl) { +- t.setContextClassLoader(ccl); +- savedcl = cl; ++ ClassLoader cl = t.getContextClassLoader(); ++ if (ccl == cl) { ++ return task.call(); ++ } else { ++ t.setContextClassLoader(ccl); ++ try { ++ return task.call(); ++ } finally { ++ t.setContextClassLoader(cl); + } +- return task.call(); +- } finally { +- if (savedcl != null) +- t.setContextClassLoader(savedcl); + } + } + }, acc); diff --git a/java/openjdk6/files/icedtea/security/7189490.patch b/java/openjdk6/files/icedtea/security/7189490.patch new file mode 100644 index 000000000000..3a8826dde48e --- /dev/null +++ b/java/openjdk6/files/icedtea/security/7189490.patch @@ -0,0 +1,55 @@ +# HG changeset patch +# User coffeys +# Date 1345121553 -3600 +# Node ID 7fe230af5036c83eb337b3560821b97c6dec08c9 +# Parent b6a7a661db8a2141ebb2e79ba5739722d1be7bfd +7189490: More improvements to DomainCombiner checking +Reviewed-by: mullan + +diff --git a/src/share/classes/java/security/AccessController.java b/src/share/classes/java/security/AccessController.java +--- jdk/src/share/classes/java/security/AccessController.java ++++ jdk/src/share/classes/java/security/AccessController.java +@@ -290,11 +290,11 @@ + */ + public static <T> T doPrivilegedWithCombiner(PrivilegedAction<T> action) { + +- DomainCombiner dc = null; + AccessControlContext acc = getStackAccessControlContext(); +- if (acc == null || (dc = acc.getAssignedCombiner()) == null) { +- return AccessController.doPrivileged(action, acc); ++ if (acc == null) { ++ return AccessController.doPrivileged(action); + } ++ DomainCombiner dc = acc.getAssignedCombiner(); + return AccessController.doPrivileged(action, preserveCombiner(dc)); + } + +@@ -386,11 +386,11 @@ + public static <T> T doPrivilegedWithCombiner + (PrivilegedExceptionAction<T> action) throws PrivilegedActionException { + +- DomainCombiner dc = null; + AccessControlContext acc = getStackAccessControlContext(); +- if (acc == null || (dc = acc.getAssignedCombiner()) == null) { +- return AccessController.doPrivileged(action, acc); ++ if (acc == null) { ++ return AccessController.doPrivileged(action); + } ++ DomainCombiner dc = acc.getAssignedCombiner(); + return AccessController.doPrivileged(action, preserveCombiner(dc)); + } + +@@ -417,7 +417,12 @@ + // perform 'combine' on the caller of doPrivileged, + // even if the caller is from the bootclasspath + ProtectionDomain[] pds = new ProtectionDomain[] {callerPd}; +- return new AccessControlContext(combiner.combine(pds, null), combiner); ++ if (combiner == null) { ++ return new AccessControlContext(pds); ++ } else { ++ return new AccessControlContext(combiner.combine(pds, null), ++ combiner); ++ } + } + + diff --git a/java/openjdk6/files/icedtea/security/7189567.patch b/java/openjdk6/files/icedtea/security/7189567.patch new file mode 100644 index 000000000000..9ba015744f67 --- /dev/null +++ b/java/openjdk6/files/icedtea/security/7189567.patch @@ -0,0 +1,95 @@ +# HG changeset patch +# User robm +# Date 1347900712 -3600 +# Node ID aa1fa3f96d77541a3bafd767001f3100fe6b8a5a +# Parent 7fe230af5036c83eb337b3560821b97c6dec08c9 +7189567: java net obselete protocol +Reviewed-by: chegar + +diff --git a/src/share/classes/java/net/URL.java b/src/share/classes/java/net/URL.java +--- jdk/src/share/classes/java/net/URL.java ++++ jdk/src/share/classes/java/net/URL.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 1995, 2007, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 1995, 2012, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -28,6 +28,8 @@ + import java.io.IOException; + import java.io.InputStream; + import java.io.OutputStream; ++import java.security.AccessController; ++import java.security.PrivilegedAction; + import java.util.Hashtable; + import java.util.StringTokenizer; + import sun.security.util.SecurityConstants; +@@ -1110,6 +1112,21 @@ + static Hashtable handlers = new Hashtable(); + private static Object streamHandlerLock = new Object(); + ++ // special case the gopher protocol, disabled by default ++ private static final String GOPHER = "gopher"; ++ private static final String ENABLE_GOPHER_PROP = "jdk.net.registerGopherProtocol"; ++ private static final boolean enableGopher = AccessController.doPrivileged( ++ new PrivilegedAction<Boolean>() { ++ public Boolean run() { ++ String prop = System.getProperty(ENABLE_GOPHER_PROP); ++ return prop == null ? false : ++ (prop.equalsIgnoreCase("false") ? false : true); ++ } ++ }); ++ ++ // package name of the JDK implementation protocol handlers ++ private static final String JDK_PACKAGE_PREFIX = "sun.net.www.protocol"; ++ + /** + * Returns the Stream Handler. + * @param protocol the protocol to use +@@ -1141,7 +1158,7 @@ + + // REMIND: decide whether to allow the "null" class prefix + // or not. +- packagePrefixList += "sun.net.www.protocol"; ++ packagePrefixList += JDK_PACKAGE_PREFIX; + + StringTokenizer packagePrefixIter = + new StringTokenizer(packagePrefixList, "|"); +@@ -1151,6 +1168,15 @@ + + String packagePrefix = + packagePrefixIter.nextToken().trim(); ++ ++ // do not try to instantiate the JDK gopher handler ++ // unless the system property had been explicitly set ++ if (protocol.equalsIgnoreCase(GOPHER) && ++ packagePrefix.equals(JDK_PACKAGE_PREFIX) && ++ !enableGopher) { ++ continue; ++ } ++ + try { + String clsName = packagePrefix + "." + protocol + + ".Handler"; +diff --git a/test/java/net/URL/Test.java b/test/java/net/URL/Test.java +--- jdk/test/java/net/URL/Test.java ++++ jdk/test/java/net/URL/Test.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2001, 2003, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 2001, 2012, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -322,10 +322,6 @@ + test("ftp://ftp.is.co.za/rfc/rfc1808.txt") + .s("ftp").h("ftp.is.co.za").p("/rfc/rfc1808.txt").z(); + +- test("gopher://spinaltap.micro.umn.edu/00/Weather/California/Los%20Angeles") +- .s("gopher").h("spinaltap.micro.umn.edu") +- .p("/00/Weather/California/Los%20Angeles").z(); +- + test("http://www.math.uio.no/faq/compression-faq/part1.html") + .s("http").h("www.math.uio.no").p("/faq/compression-faq/part1.html").z(); + diff --git a/java/openjdk6/files/icedtea/security/7192975.patch b/java/openjdk6/files/icedtea/security/7192975.patch new file mode 100644 index 000000000000..3d7188368211 --- /dev/null +++ b/java/openjdk6/files/icedtea/security/7192975.patch @@ -0,0 +1,35 @@ +# HG changeset patch +# User asaha +# Date 1349309813 25200 +# Node ID d77bc9151c1dea1a4a396fb59d58ba7c8d77fd88 +# Parent aa1fa3f96d77541a3bafd767001f3100fe6b8a5a +7192975: Conditional usage check is wrong +Reviewed-by: dsamersoff +Contributed-by: andreas.eriksson@oracle.com + +diff --git a/src/share/classes/javax/management/modelmbean/DescriptorSupport.java b/src/share/classes/javax/management/modelmbean/DescriptorSupport.java +--- jdk/src/share/classes/javax/management/modelmbean/DescriptorSupport.java ++++ jdk/src/share/classes/javax/management/modelmbean/DescriptorSupport.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2000, 2007, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -1239,13 +1239,12 @@ + return s.substring(1, s.length() - 1); + } + final String className = s.substring(1, slash); ++ + final Constructor<?> constr; + try { ++ ReflectUtil.checkPackageAccess(className); + final ClassLoader contextClassLoader = + Thread.currentThread().getContextClassLoader(); +- if (contextClassLoader == null) { +- ReflectUtil.checkPackageAccess(className); +- } + final Class<?> c = + Class.forName(className, false, contextClassLoader); + constr = c.getConstructor(new Class[] {String.class}); diff --git a/java/openjdk6/files/icedtea/security/7195194.patch b/java/openjdk6/files/icedtea/security/7195194.patch new file mode 100644 index 000000000000..4251c0c35bf1 --- /dev/null +++ b/java/openjdk6/files/icedtea/security/7195194.patch @@ -0,0 +1,29 @@ +# HG changeset patch +# User andrew +# Date 1349974205 -3600 +# Node ID 6a383aef225ab7bb99b723bbb29786e29747a4f0 +# Parent d77bc9151c1dea1a4a396fb59d58ba7c8d77fd88 +7195194: Better data validation for Swing +Reviewed-by: art, ahgross + +diff --git a/src/share/classes/javax/swing/text/DefaultFormatter.java b/src/share/classes/javax/swing/text/DefaultFormatter.java +--- jdk/src/share/classes/javax/swing/text/DefaultFormatter.java ++++ jdk/src/share/classes/javax/swing/text/DefaultFormatter.java +@@ -24,6 +24,8 @@ + */ + package javax.swing.text; + ++import sun.reflect.misc.ConstructorUtil; ++ + import java.io.Serializable; + import java.lang.reflect.*; + import java.text.ParseException; +@@ -245,7 +247,7 @@ + Constructor cons; + + try { +- cons = vc.getConstructor(new Class[] { String.class }); ++ cons = ConstructorUtil.getConstructor(vc, new Class[]{String.class}); + + } catch (NoSuchMethodException nsme) { + cons = null; diff --git a/java/openjdk6/files/icedtea/security/7195917.patch b/java/openjdk6/files/icedtea/security/7195917.patch new file mode 100644 index 000000000000..479e7fa78fa1 --- /dev/null +++ b/java/openjdk6/files/icedtea/security/7195917.patch @@ -0,0 +1,88 @@ +# HG changeset patch +# User malenkov +# Date 1348148080 -14400 +# Node ID 074f132d65c91231ca989e4c757207e1cf25a476 +# Parent 6a383aef225ab7bb99b723bbb29786e29747a4f0 +7195917: XMLDecoder parsing at close-time should be improved +Reviewed-by: art, ahgross + +diff --git a/src/share/classes/java/beans/XMLDecoder.java b/src/share/classes/java/beans/XMLDecoder.java +--- jdk/src/share/classes/java/beans/XMLDecoder.java ++++ jdk/src/share/classes/java/beans/XMLDecoder.java +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2000, 2005, Oracle and/or its affiliates. All rights reserved. ++ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it +@@ -32,6 +32,10 @@ + import java.lang.ref.Reference; + import java.lang.ref.WeakReference; + ++import java.security.AccessControlContext; ++import java.security.AccessController; ++import java.security.PrivilegedAction; ++ + import org.xml.sax.SAXException; + + import javax.xml.parsers.SAXParserFactory; +@@ -66,6 +70,7 @@ + * @author Philip Milne + */ + public class XMLDecoder { ++ private final AccessControlContext acc = AccessController.getContext(); + private InputStream in; + private Object owner; + private ExceptionListener exceptionListener; +@@ -248,25 +253,33 @@ + */ + private ObjectHandler getHandler() { + if ( handler == null ) { +- SAXParserFactory factory = SAXParserFactory.newInstance(); +- try { +- SAXParser parser = factory.newSAXParser(); +- handler = new ObjectHandler( this, getClassLoader() ); +- parser.parse( in, handler ); ++ if ((this.acc == null) && (null != System.getSecurityManager())) { ++ throw new SecurityException("AccessControlContext is not set"); + } +- catch ( ParserConfigurationException e ) { +- getExceptionListener().exceptionThrown( e ); +- } +- catch ( SAXException se ) { +- Exception e = se.getException(); +- if ( e == null ) { +- e = se; ++ handler = AccessController.doPrivileged(new PrivilegedAction<ObjectHandler>() { ++ public ObjectHandler run() { ++ ObjectHandler handler = new ObjectHandler(XMLDecoder.this, getClassLoader()); ++ SAXParserFactory factory = SAXParserFactory.newInstance(); ++ try { ++ SAXParser parser = factory.newSAXParser(); ++ parser.parse( in, handler ); ++ } ++ catch ( ParserConfigurationException e ) { ++ getExceptionListener().exceptionThrown( e ); ++ } ++ catch ( SAXException se ) { ++ Exception e = se.getException(); ++ if ( e == null ) { ++ e = se; ++ } ++ getExceptionListener().exceptionThrown( e ); ++ } ++ catch ( IOException ioe ) { ++ getExceptionListener().exceptionThrown( ioe ); ++ } ++ return handler; + } +- getExceptionListener().exceptionThrown( e ); +- } +- catch ( IOException ioe ) { +- getExceptionListener().exceptionThrown( ioe ); +- } ++ }, this.acc); + } + return handler; + } diff --git a/java/openjdk6/files/icedtea/security/7195919.patch b/java/openjdk6/files/icedtea/security/7195919.patch new file mode 100644 index 000000000000..2d14c00701b8 --- /dev/null +++ b/java/openjdk6/files/icedtea/security/7195919.patch @@ -0,0 +1,63 @@ +# HG changeset patch +# User dmeetry +# Date 1347313661 -14400 +# Node ID 5352a40bb0ff7e8a6e826478d7687fff695d9805 +# Parent 074f132d65c91231ca989e4c757207e1cf25a476 +7195919: (sl) ServiceLoader can throw CCE without needing to create instance +Reviewed-by: smarks + +diff --git a/src/share/classes/java/util/ServiceLoader.java b/src/share/classes/java/util/ServiceLoader.java +--- jdk/src/share/classes/java/util/ServiceLoader.java ++++ jdk/src/share/classes/java/util/ServiceLoader.java +@@ -358,14 +358,21 @@ + } + String cn = nextName; + nextName = null; ++ Class<?> c = null; + try { +- S p = service.cast(Class.forName(cn, true, loader) +- .newInstance()); +- providers.put(cn, p); +- return p; ++ c = Class.forName(cn, false, loader); + } catch (ClassNotFoundException x) { + fail(service, + "Provider " + cn + " not found"); ++ } ++ if (!service.isAssignableFrom(c)) { ++ fail(service, ++ "Provider " + cn + " not a subtype"); ++ } ++ try { ++ S p = service.cast(c.newInstance()); ++ providers.put(cn, p); ++ return p; + } catch (Throwable x) { + fail(service, + "Provider " + cn + " could not be instantiated: " + x, +diff --git a/src/share/classes/sun/misc/Service.java b/src/share/classes/sun/misc/Service.java +--- jdk/src/share/classes/sun/misc/Service.java ++++ jdk/src/share/classes/sun/misc/Service.java +@@ -284,12 +284,20 @@ + } + String cn = nextName; + nextName = null; ++ Class<?> c = null; + try { +- return Class.forName(cn, true, loader).newInstance(); ++ c = Class.forName(cn, false, loader); + } catch (ClassNotFoundException x) { + fail(service, + "Provider " + cn + " not found"); +- } catch (Exception x) { ++ } ++ if (!service.isAssignableFrom(c)) { ++ fail(service, ++ "Provider " + cn + " not a subtype"); ++ } ++ try { ++ return service.cast(c.newInstance()); ++ } catch (Throwable x) { + fail(service, + "Provider " + cn + " could not be instantiated: " + x, + x); diff --git a/java/openjdk6/files/icedtea/security/7198296.patch b/java/openjdk6/files/icedtea/security/7198296.patch new file mode 100644 index 000000000000..056090582212 --- /dev/null +++ b/java/openjdk6/files/icedtea/security/7198296.patch @@ -0,0 +1,114 @@ +# HG changeset patch +# User asaha +# Date 1349309940 25200 +# Node ID a66bba985c2c46743d6780879278092c0fa5cf2b +# Parent 5352a40bb0ff7e8a6e826478d7687fff695d9805 +7198296: Refactor classloader usage +Reviewed-by: dsamersoff +Contributed-by: andreas.eriksson@oracle.com + +diff --git a/src/share/classes/javax/management/remote/rmi/RMIConnectionImpl.java b/src/share/classes/javax/management/remote/rmi/RMIConnectionImpl.java +--- jdk/src/share/classes/javax/management/remote/rmi/RMIConnectionImpl.java ++++ jdk/src/share/classes/javax/management/remote/rmi/RMIConnectionImpl.java +@@ -165,9 +165,17 @@ + withPermissions( new MBeanPermission("*", "getClassLoaderRepository"), + new RuntimePermission("createClassLoader")) + ); +- +- serverCommunicatorAdmin = new +- RMIServerCommunicatorAdmin(EnvHelp.getServerConnectionTimeout(env)); ++ this.defaultContextClassLoader = ++ AccessController.doPrivileged( ++ new PrivilegedAction<ClassLoader>() { ++ @Override ++ public ClassLoader run() { ++ return new CombinedClassLoader(Thread.currentThread().getContextClassLoader(), ++ dcl); ++ } ++ }); ++ serverCommunicatorAdmin = new ++ RMIServerCommunicatorAdmin(EnvHelp.getServerConnectionTimeout(env)); + + this.env = env; + } +@@ -529,7 +537,7 @@ + "connectionId=" + connectionId + +" unwrapping query with defaultClassLoader."); + +- queryValue = unwrap(query, defaultClassLoader, QueryExp.class); ++ queryValue = unwrap(query, defaultContextClassLoader, QueryExp.class); + + try { + final Object params[] = new Object[] { name, queryValue }; +@@ -563,7 +571,7 @@ + "connectionId=" + connectionId + +" unwrapping query with defaultClassLoader."); + +- queryValue = unwrap(query, defaultClassLoader, QueryExp.class); ++ queryValue = unwrap(query, defaultContextClassLoader, QueryExp.class); + + try { + final Object params[] = new Object[] { name, queryValue }; +@@ -1592,7 +1600,8 @@ + ClassLoader orderCL = AccessController.doPrivileged( + new PrivilegedExceptionAction<ClassLoader>() { + public ClassLoader run() throws Exception { +- return new OrderClassLoaders(cl1, cl2); ++ return new CombinedClassLoader(Thread.currentThread().getContextClassLoader(), ++ new OrderClassLoaders(cl1, cl2)); + } + } + ); +@@ -1684,6 +1693,8 @@ + + private final ClassLoader defaultClassLoader; + ++ private final ClassLoader defaultContextClassLoader; ++ + private final ClassLoaderWithRepository classLoaderWithRepository; + + private boolean terminated = false; +@@ -1768,4 +1779,43 @@ + + private static final ClassLogger logger = + new ClassLogger("javax.management.remote.rmi", "RMIConnectionImpl"); ++ ++ private static final class CombinedClassLoader extends ClassLoader { ++ ++ private final static class ClassLoaderWrapper extends ClassLoader { ++ ClassLoaderWrapper(ClassLoader cl) { ++ super(cl); ++ } ++ ++ @Override ++ protected Class<?> loadClass(String name, boolean resolve) ++ throws ClassNotFoundException { ++ return super.loadClass(name, resolve); ++ } ++ }; ++ ++ final ClassLoaderWrapper defaultCL; ++ ++ private CombinedClassLoader(ClassLoader parent, ClassLoader defaultCL) { ++ super(parent); ++ this.defaultCL = new ClassLoaderWrapper(defaultCL); ++ } ++ ++ @Override ++ protected Class<?> loadClass(String name, boolean resolve) ++ throws ClassNotFoundException { ++ try { ++ super.loadClass(name, resolve); ++ } catch(Exception e) { ++ for(Throwable t = e; t != null; t = t.getCause()) { ++ if(t instanceof SecurityException) { ++ throw t==e?(SecurityException)t:new SecurityException(t.getMessage(), e); ++ } ++ } ++ } ++ final Class<?> cl = defaultCL.loadClass(name, resolve); ++ return cl; ++ } ++ ++ } + } diff --git a/java/openjdk6/files/icedtea/security/7198606.patch b/java/openjdk6/files/icedtea/security/7198606.patch new file mode 100644 index 000000000000..e8a246828a65 --- /dev/null +++ b/java/openjdk6/files/icedtea/security/7198606.patch @@ -0,0 +1,28 @@ +# HG changeset patch +# User andrew +# Date 1349974451 -3600 +# Node ID 8319efc7c840d099832e06db7a50dcfb95bfd4aa +# Parent a148157cd348fe4c251063db7d3973a83cfcf483 +7198606: Improve VM optimization +Reviewed-by: roland, twisti + +diff --git a/src/share/vm/opto/loopTransform.cpp b/src/share/vm/opto/loopTransform.cpp +--- hotspot/src/share/vm/opto/loopTransform.cpp ++++ hotspot/src/share/vm/opto/loopTransform.cpp +@@ -2721,6 +2721,8 @@ + result_mem = new (C, 1) ProjNode(call,TypeFunc::Memory); + _igvn.register_new_node_with_optimizer(result_mem); + ++/* Disable following optimization until proper fix (add missing checks). ++ + // If this fill is tightly coupled to an allocation and overwrites + // the whole body, allow it to take over the zeroing. + AllocateNode* alloc = AllocateNode::Ideal_allocation(base, this); +@@ -2744,6 +2746,7 @@ + #endif + } + } ++*/ + + // Redirect the old control and memory edges that are outside the loop. + Node* exit = head->loopexit()->proj_out(0); diff --git a/java/openjdk6/files/patch-set b/java/openjdk6/files/patch-set index 960b5c4eeb2f..d64c58204f17 100644 --- a/java/openjdk6/files/patch-set +++ b/java/openjdk6/files/patch-set @@ -4140,7 +4140,7 @@ # include <signal.h> # include <errno.h> # include <dlfcn.h> -@@ -102,21 +101,51 @@ +@@ -102,21 +101,57 @@ # include <sys/utsname.h> # include <sys/socket.h> # include <sys/wait.h> @@ -4166,6 +4166,12 @@ # include <sys/ioctl.h> +#ifdef __FreeBSD__ ++#if __FreeBSD_version > 700109 ++#include <bitset> ++#include <sys/cpuset.h> ++#endif ++#include <vm/swap_pager.h> ++#include <vm/vm_param.h> +#if __FreeBSD_version > 900030 +#include <pthread_np.h> +#else @@ -4193,7 +4199,7 @@ #define MAX_PATH (2 * K) // for timer info max values which include all bits -@@ -127,19 +156,25 @@ +@@ -127,19 +162,25 @@ // global variables julong os::Bsd::_physical_memory = 0; @@ -4219,7 +4225,7 @@ static jlong initial_time_count=0; -@@ -157,8 +192,6 @@ +@@ -157,8 +198,6 @@ static int SR_signum = SIGUSR2; sigset_t SR_sigset; @@ -4228,11 +4234,33 @@ //////////////////////////////////////////////////////////////////////////////// // utility functions -@@ -171,11 +204,16 @@ +@@ -171,11 +210,38 @@ } julong os::Bsd::available_memory() { +#ifdef _ALLBSD_SOURCE ++#ifdef __FreeBSD__ ++ static const char *vm_stats[] = { ++ "vm.stats.vm.v_free_count", ++ "vm.stats.vm.v_cache_count", ++ /* "vm.stats.vm.v_inactive_count", */ ++ NULL ++ }; ++ size_t size; ++ julong free_pages; ++ u_int i, npages; ++ ++ for (i = 0, free_pages = 0, size = sizeof(npages); vm_stats[i] != NULL; i++) { ++ if (sysctlbyname(vm_stats[i], &npages, &size, NULL, 0) == -1) { ++ free_pages = 0; ++ break; ++ } ++ free_pages += npages; ++ } ++ if (free_pages > 0) ++ free_pages *= os::vm_page_size(); ++ else ++#endif + // XXXBSD: this is just a stopgap implementation + return physical_memory() >> 2; +#else @@ -4245,7 +4273,7 @@ } julong os::physical_memory() { -@@ -223,6 +261,7 @@ +@@ -223,6 +289,7 @@ } @@ -4253,7 +4281,7 @@ #ifndef SYS_gettid // i386: 224, ia64: 1105, amd64: 186, sparc 143 #ifdef __ia64__ -@@ -237,6 +276,7 @@ +@@ -237,6 +304,7 @@ #error define gettid for the arch #endif #endif @@ -4261,7 +4289,7 @@ // Cpu architecture string #if defined(ZERO) -@@ -267,28 +307,58 @@ +@@ -267,28 +335,86 @@ // Returns the kernel thread id of the currently running thread. Kernel // thread id is used to access /proc. // @@ -4284,18 +4312,38 @@ + thr_self(&tid); + return (pid_t)tid; +#endif - } ++} +#endif - --// Most versions of bsd have a bug where the number of processors are --// determined by looking at the /proc file system. In a chroot environment, --// the system call returns 1. This causes the VM to act as if it is --// a single processor and elide locking (see is_MP() call). --static bool unsafe_chroot_detected = false; --static const char *unstable_chroot_error = "/proc file system not found.\n" -- "Java may be unstable running multithreaded in a chroot " -- "environment on Bsd when /proc filesystem is not mounted."; -+#ifdef _ALLBSD_SOURCE ++ ++#if defined(__FreeBSD__) ++void os::Bsd::initialize_system_info() { ++ int cpu_val = sysconf(_SC_NPROCESSORS_CONF); ++ if (cpu_val >= 1) ++ set_processor_count(cpu_val); ++ else ++ set_processor_count(1); // fallback ++ ++#ifdef _SC_PHYS_PAGES ++ long phys_pages = sysconf(_SC_PHYS_PAGES); ++ if (phys_pages > 0) ++ _physical_memory = (julong)phys_pages * _page_size; ++ else ++ _physical_memory = 256*1024*1024; // fallback (XXXBSD?) ++#else ++ int mib[2]; ++ size_t len; ++ u_long mem_val; ++ ++ mib[0] = CTL_HW; ++ mib[1] = HW_PHYSMEM; ++ len = sizeof(mem_val); ++ if (sysctl(mib, 2, &mem_val, &len, NULL, 0) != -1) ++ _physical_memory = mem_val; ++ else ++ _physical_memory = 256*1024*1024; // fallback (XXXBSD?) ++#endif + } ++#elif defined(_ALLBSD_SOURCE) +void os::Bsd::initialize_system_info() { + int mib[2]; + size_t len; @@ -4313,6 +4361,14 @@ + set_processor_count(1); // fallback + } +-// Most versions of bsd have a bug where the number of processors are +-// determined by looking at the /proc file system. In a chroot environment, +-// the system call returns 1. This causes the VM to act as if it is +-// a single processor and elide locking (see is_MP() call). +-static bool unsafe_chroot_detected = false; +-static const char *unstable_chroot_error = "/proc file system not found.\n" +- "Java may be unstable running multithreaded in a chroot " +- "environment on Bsd when /proc filesystem is not mounted."; + /* get physical memory via hw.usermem sysctl (hw.usermem is used + * instead of hw.physmem because we need size of allocatable memory + */ @@ -4323,7 +4379,7 @@ + _physical_memory = mem_val; + else + _physical_memory = 256*1024*1024; // fallback (XXXBSD?) -+ + +#ifdef __OpenBSD__ + { + // limit _physical_memory memory view on OpenBSD since @@ -4338,7 +4394,7 @@ void os::Bsd::initialize_system_info() { set_processor_count(sysconf(_SC_NPROCESSORS_CONF)); if (processor_count() == 1) { -@@ -305,6 +375,7 @@ +@@ -305,6 +431,7 @@ _physical_memory = (julong)sysconf(_SC_PHYS_PAGES) * (julong)sysconf(_SC_PAGESIZE); assert(processor_count() > 0, "bsd error"); } @@ -4346,7 +4402,7 @@ void os::init_system_properties_values() { // char arch[12]; -@@ -348,9 +419,7 @@ +@@ -348,9 +475,7 @@ * ... * 7: The default directories, normally /lib and /usr/lib. */ @@ -4357,7 +4413,7 @@ #define DEFAULT_LIBPATH "/lib:/usr/lib" #endif -@@ -429,7 +498,11 @@ +@@ -429,7 +554,11 @@ * should always exist (until the legacy problem cited above is * addressed). */ @@ -4369,7 +4425,7 @@ if (v != NULL) { char *t = ld_library_path; /* That's +1 for the colon and +1 for the trailing '\0' */ -@@ -588,6 +661,7 @@ +@@ -588,6 +717,7 @@ } } @@ -4377,7 +4433,7 @@ ////////////////////////////////////////////////////////////////////////////// // detecting pthread library -@@ -751,6 +825,7 @@ +@@ -751,6 +881,7 @@ } return false; } @@ -4385,7 +4441,7 @@ ////////////////////////////////////////////////////////////////////////////// // create new thread -@@ -759,6 +834,9 @@ +@@ -759,6 +890,9 @@ // check if it's safe to start a new thread static bool _thread_safety_check(Thread* thread) { @@ -4395,7 +4451,7 @@ if (os::Bsd::is_BsdThreads() && !os::Bsd::is_floating_stack()) { // Fixed stack BsdThreads (SuSE Bsd/x86, and some versions of Redhat) // Heap is mmap'ed at lower end of memory space. Thread stacks are -@@ -792,6 +870,7 @@ +@@ -792,6 +926,7 @@ // here, that means enough space has been reserved for stack. return true; } @@ -4403,7 +4459,7 @@ } // Thread start routine for all newly created threads -@@ -819,15 +898,22 @@ +@@ -819,15 +954,22 @@ return NULL; } @@ -4426,7 +4482,7 @@ // initialize signal mask for this thread os::Bsd::hotspot_sigmask(thread); -@@ -910,17 +996,22 @@ +@@ -910,17 +1052,22 @@ // let pthread_create() pick the default value. } @@ -4449,7 +4505,7 @@ pthread_t tid; int ret = pthread_create(&tid, &attr, (void* (*)(void*)) java_start, thread); -@@ -934,7 +1025,9 @@ +@@ -934,7 +1081,9 @@ // Need to clean up stuff we've allocated so far thread->set_osthread(NULL); delete osthread; @@ -4459,7 +4515,7 @@ return false; } -@@ -950,9 +1043,11 @@ +@@ -950,9 +1099,11 @@ } } @@ -4471,7 +4527,7 @@ } // Aborted due to thread limit being reached -@@ -990,7 +1085,11 @@ +@@ -990,7 +1141,11 @@ } // Store pthread info into the OSThread @@ -4483,7 +4539,7 @@ osthread->set_pthread_id(::pthread_self()); // initialize floating point control register -@@ -1001,6 +1100,7 @@ +@@ -1001,6 +1156,7 @@ thread->set_osthread(osthread); @@ -4491,7 +4547,7 @@ if (UseNUMA) { int lgrp_id = os::numa_get_group_id(); if (lgrp_id != -1) { -@@ -1027,6 +1127,7 @@ +@@ -1027,6 +1183,7 @@ os::Bsd::manually_expand_stack(jt, addr); osthread->clear_expanding_stack(); } @@ -4499,7 +4555,7 @@ // initialize signal mask for this thread // and save the caller's signal mask -@@ -1085,6 +1186,7 @@ +@@ -1085,6 +1242,7 @@ ////////////////////////////////////////////////////////////////////////////// // initial thread @@ -4507,7 +4563,7 @@ // Check if current thread is the initial thread, similar to Solaris thr_main. bool os::Bsd::is_initial_thread(void) { char dummy; -@@ -1321,6 +1423,7 @@ +@@ -1321,6 +1479,7 @@ _initial_thread_stack_size = align_size_down(_initial_thread_stack_size, page_size()); _initial_thread_stack_bottom = (address)stack_top - _initial_thread_stack_size; } @@ -4515,7 +4571,7 @@ //////////////////////////////////////////////////////////////////////////////// // time support -@@ -1342,9 +1445,7 @@ +@@ -1342,9 +1501,7 @@ return (1000 * 1000); } @@ -4526,7 +4582,7 @@ bool os::supports_vtime() { return false; } bool os::enable_vtime() { return false; } bool os::vtime_enabled() { return false; } -@@ -1364,6 +1465,21 @@ +@@ -1364,6 +1521,21 @@ #define CLOCK_MONOTONIC (1) #endif @@ -4548,7 +4604,7 @@ void os::Bsd::clock_init() { // we do dlopen's in this particular order due to bug in bsd // dynamical loader (see 6348968) leading to crash on exit -@@ -1399,7 +1515,9 @@ +@@ -1399,7 +1571,9 @@ } } } @@ -4558,7 +4614,7 @@ #ifndef SYS_clock_getres #if defined(IA32) || defined(AMD64) -@@ -1440,6 +1558,7 @@ +@@ -1440,6 +1614,7 @@ _pthread_getcpuclockid = pthread_getcpuclockid_func; } } @@ -4566,7 +4622,7 @@ jlong os::javaTimeNanos() { if (Bsd::supports_monotonic_clock()) { -@@ -1608,7 +1727,14 @@ +@@ -1608,7 +1783,14 @@ // DLL functions @@ -4582,7 +4638,7 @@ // This must be hard coded because it's the system's temporary // directory not the java application's temp directory, ala java.io.tmpdir. -@@ -1628,13 +1754,13 @@ +@@ -1628,13 +1810,13 @@ const size_t pnamelen = pname ? strlen(pname) : 0; // Quietly truncate on buffer overflow. Should be an error. @@ -4598,7 +4654,7 @@ } else if (strchr(pname, *os::path_separator()) != NULL) { int n; char** pelements = split_path(pname, &n); -@@ -1643,7 +1769,8 @@ +@@ -1643,7 +1825,8 @@ if (pelements[i] == NULL || strlen(pelements[i]) == 0) { continue; // skip the empty path values } @@ -4608,7 +4664,7 @@ if (file_exists(buffer)) { break; } -@@ -1658,7 +1785,7 @@ +@@ -1658,7 +1841,7 @@ FREE_C_HEAP_ARRAY(char*, pelements); } } else { @@ -4617,7 +4673,7 @@ } } -@@ -1708,6 +1835,23 @@ +@@ -1708,6 +1891,23 @@ return false; } @@ -4641,7 +4697,7 @@ struct _address_to_library_name { address addr; // input : memory address size_t buflen; // size of fname -@@ -1782,11 +1926,27 @@ +@@ -1782,11 +1982,27 @@ return false; } } @@ -4658,18 +4714,18 @@ + // Successful loading + return result; + } - ++ + // Read system error message into ebuf + ::strncpy(ebuf, ::dlerror(), ebuflen-1); + ebuf[ebuflen-1]='\0'; -+ + + return NULL; +} +#else void * os::dll_load(const char *filename, char *ebuf, int ebuflen) { void * result= ::dlopen(filename, RTLD_LAZY); -@@ -1839,6 +1999,26 @@ +@@ -1839,6 +2055,26 @@ #define EM_486 6 /* Intel 80486 */ #endif @@ -4696,7 +4752,7 @@ static const arch_t arch_array[]={ {EM_386, EM_386, ELFCLASS32, ELFDATA2LSB, (char*)"IA 32"}, {EM_486, EM_386, ELFCLASS32, ELFDATA2LSB, (char*)"IA 32"}, -@@ -1942,17 +2122,11 @@ +@@ -1942,17 +2178,11 @@ return NULL; } @@ -4717,7 +4773,7 @@ } -@@ -1975,7 +2149,51 @@ +@@ -1975,7 +2205,51 @@ void os::print_dll_info(outputStream *st) { st->print_cr("Dynamic libraries:"); @@ -4770,7 +4826,7 @@ char fname[32]; pid_t pid = os::Bsd::gettid(); -@@ -1984,6 +2202,7 @@ +@@ -1984,6 +2258,7 @@ if (!_print_ascii_file(fname, st)) { st->print("Can not get library information for pid = %d\n", pid); } @@ -4778,7 +4834,7 @@ } -@@ -2018,6 +2237,7 @@ +@@ -2018,6 +2293,7 @@ st->print(name.machine); st->cr(); @@ -4786,7 +4842,7 @@ // Print warning if unsafe chroot environment detected if (unsafe_chroot_detected) { st->print("WARNING!! "); -@@ -2032,6 +2252,7 @@ +@@ -2032,6 +2308,7 @@ st->print("(%s stack)", os::Bsd::is_floating_stack() ? "floating" : "fixed"); } st->cr(); @@ -4794,7 +4850,7 @@ // rlimit st->print("rlimit:"); -@@ -2057,6 +2278,7 @@ +@@ -2057,6 +2334,7 @@ if (rlim.rlim_cur == RLIM_INFINITY) st->print("infinity"); else st->print("%d", rlim.rlim_cur); @@ -4802,7 +4858,7 @@ st->print(", AS "); getrlimit(RLIMIT_AS, &rlim); if (rlim.rlim_cur == RLIM_INFINITY) st->print("infinity"); -@@ -2069,11 +2291,7 @@ +@@ -2069,11 +2347,7 @@ os::loadavg(loadavg, 3); st->print("%0.02f %0.02f %0.02f", loadavg[0], loadavg[1], loadavg[2]); st->cr(); @@ -4815,11 +4871,29 @@ } void os::print_memory_info(outputStream* st) { -@@ -2081,18 +2299,27 @@ +@@ -2081,19 +2355,55 @@ st->print("Memory:"); st->print(" %dk page", os::vm_page_size()>>10); -+#ifndef _ALLBSD_SOURCE ++#ifdef _ALLBSD_SOURCE ++#ifdef __FreeBSD__ ++ struct xswdev xsw; ++ size_t mibsize, size; ++ int mib[16], n, total = 0, used = 0; ++ ++ mibsize = sizeof(mib) / sizeof(mib[0]); ++ if (sysctlnametomib("vm.swap_info", mib, &mibsize) != -1) { ++ for (n = 0; ; n++) { ++ mib[mibsize] = n; ++ size = sizeof(xsw); ++ if (sysctl(mib, mibsize + 1, &xsw, &size, NULL, 0) == -1) ++ break; ++ total += xsw.xsw_nblks; ++ used += xsw.xsw_used; ++ } ++ } ++#endif ++#else // values in struct sysinfo are "unsigned long" struct sysinfo si; sysinfo(&si); @@ -4829,7 +4903,14 @@ os::physical_memory() >> 10); st->print("(" UINT64_FORMAT "k free)", os::available_memory() >> 10); -+#ifndef _ALLBSD_SOURCE ++#ifdef _ALLBSD_SOURCE ++#ifdef __FreeBSD__ ++ st->print(", swap " UINT64_FORMAT "k", ++ ((jlong)total * os::vm_page_size()) >> 10); ++ st->print("(" UINT64_FORMAT "k free)", ++ ((jlong)(total - used) * os::vm_page_size()) >> 10); ++#endif ++#else st->print(", swap " UINT64_FORMAT "k", ((jlong)si.totalswap * si.mem_unit) >> 10); st->print("(" UINT64_FORMAT "k free)", @@ -4837,13 +4918,16 @@ +#endif + st->cr(); + ++#ifndef _ALLBSD_SOURCE + // meminfo + st->print("\n/proc/meminfo:\n"); + _print_ascii_file("/proc/meminfo", st); st->cr(); ++#endif } -@@ -2333,19 +2560,29 @@ + // Taken from /usr/include/bits/siginfo.h Supposed to be architecture specific +@@ -2333,19 +2643,29 @@ static volatile jint pending_signals[NSIG+1] = { 0 }; // Bsd(POSIX) specific hand shaking semaphore. @@ -4875,7 +4959,7 @@ } static int check_pending_signals(bool wait) { -@@ -2367,7 +2604,7 @@ +@@ -2367,7 +2687,7 @@ do { thread->set_suspend_equivalent(); // cleared by handle_special_suspend_equivalent_condition() or java_suspend_self() @@ -4884,7 +4968,7 @@ // were we externally suspended while we were waiting? threadIsSuspended = thread->handle_special_suspend_equivalent_condition(); -@@ -2378,7 +2615,7 @@ +@@ -2378,7 +2698,7 @@ // while suspended because that would surprise the thread that // suspended us. // @@ -4893,7 +4977,7 @@ thread->java_suspend_self(); } -@@ -2422,10 +2659,10 @@ +@@ -2422,10 +2742,10 @@ return; } @@ -4906,7 +4990,7 @@ os::get_temp_directory(), os::current_process_id(), num); unlink(buf); -@@ -2451,9 +2688,14 @@ +@@ -2451,9 +2771,14 @@ // problem. bool os::commit_memory(char* addr, size_t size, bool exec) { int prot = exec ? PROT_READ|PROT_WRITE|PROT_EXEC : PROT_READ|PROT_WRITE; @@ -4921,7 +5005,7 @@ } bool os::commit_memory(char* addr, size_t size, size_t alignment_hint, -@@ -2469,36 +2711,27 @@ +@@ -2469,36 +2794,27 @@ } void os::numa_make_global(char *addr, size_t bytes) { @@ -4963,7 +5047,7 @@ } bool os::get_page_info(char *start, page_info* info) { -@@ -2509,6 +2742,7 @@ +@@ -2509,6 +2825,7 @@ return end; } @@ -4971,7 +5055,7 @@ extern "C" void numa_warn(int number, char *where, ...) { } extern "C" void numa_error(char *where) { } -@@ -2610,104 +2844,26 @@ +@@ -2610,104 +2927,26 @@ os::Bsd::numa_tonode_memory_func_t os::Bsd::_numa_tonode_memory; os::Bsd::numa_interleave_memory_func_t os::Bsd::_numa_interleave_memory; unsigned long* os::Bsd::_numa_all_nodes; @@ -5083,7 +5167,7 @@ return os::uncommit_memory(addr, size); } -@@ -2812,6 +2968,9 @@ +@@ -2812,6 +3051,9 @@ static size_t _large_page_size = 0; bool os::large_page_init() { @@ -5093,7 +5177,7 @@ if (!UseLargePages) return false; if (LargePageSizeInBytes) { -@@ -2869,6 +3028,7 @@ +@@ -2869,6 +3111,7 @@ // We optimistically assume the support is available. If later it turns out // not true, VM will automatically switch to use regular page size. return true; @@ -5101,7 +5185,7 @@ } #ifndef SHM_HUGETLB -@@ -3045,7 +3205,7 @@ +@@ -3045,7 +3288,7 @@ } size_t os::read(int fd, void *buf, unsigned int nBytes) { @@ -5110,7 +5194,7 @@ } // TODO-FIXME: reconcile Solaris' os::sleep with the bsd variation. -@@ -3181,6 +3341,44 @@ +@@ -3181,6 +3424,44 @@ // this reason, the code should not be used as default (ThreadPriorityPolicy=0). // It is only used when ThreadPriorityPolicy=1 and requires root privilege. @@ -5155,7 +5239,7 @@ int os::java_to_os_priority[MaxPriority + 1] = { 19, // 0 Entry should never be used -@@ -3198,6 +3396,7 @@ +@@ -3198,6 +3479,7 @@ -5 // 10 MaxPriority }; @@ -5163,7 +5247,7 @@ static int prio_init() { if (ThreadPriorityPolicy == 1) { -@@ -3217,8 +3416,28 @@ +@@ -3217,8 +3499,28 @@ OSReturn os::set_native_priority(Thread* thread, int newpri) { if ( !UseThreadPriorities || ThreadPriorityPolicy == 0 ) return OS_OK; @@ -5192,7 +5276,7 @@ } OSReturn os::get_native_priority(const Thread* const thread, int *priority_ptr) { -@@ -3228,7 +3447,17 @@ +@@ -3228,7 +3530,17 @@ } errno = 0; @@ -5210,7 +5294,7 @@ return (*priority_ptr != -1 || errno == 0 ? OS_OK : OS_ERR); } -@@ -3338,7 +3567,7 @@ +@@ -3338,7 +3650,7 @@ /* Get signal number to use for suspend/resume */ if ((s = ::getenv("_JAVA_SR_SIGNUM")) != 0) { int sig = ::strtol(s, 0, 10); @@ -5219,7 +5303,7 @@ SR_signum = sig; } } -@@ -3682,6 +3911,28 @@ +@@ -3682,6 +3994,28 @@ set_signal_handler(SIGFPE, true); set_signal_handler(SIGXFSZ, true); @@ -5248,7 +5332,7 @@ if (libjsig_is_loaded) { // Tell libjsig jvm finishes setting signal handlers (*end_signal_setting)(); -@@ -3702,6 +3953,7 @@ +@@ -3702,6 +4036,7 @@ } } @@ -5256,7 +5340,7 @@ // This is the fastest way to get thread cpu time on Bsd. // Returns cpu time (user+sys) for any thread, not only for current. // POSIX compliant clocks are implemented in the kernels 2.6.16+. -@@ -3716,6 +3968,7 @@ +@@ -3716,6 +4051,7 @@ return (tp.tv_sec * SEC_IN_NANOSECS) + tp.tv_nsec; } @@ -5264,7 +5348,7 @@ ///// // glibc on Bsd platform uses non-documented flag -@@ -3937,13 +4190,13 @@ +@@ -3937,13 +4273,13 @@ _initial_pid = (java_launcher_pid > 0) ? java_launcher_pid : getpid(); @@ -5280,7 +5364,7 @@ if (Bsd::page_size() == -1) { fatal(err_msg("os_bsd.cpp: os::init: sysconf failed (%s)", strerror(errno))); -@@ -3957,7 +4210,16 @@ +@@ -3957,7 +4293,16 @@ Bsd::clock_init(); initial_time_count = os::elapsed_counter(); @@ -5298,7 +5382,7 @@ } // To install functions for atexit system call -@@ -3970,7 +4232,9 @@ +@@ -3970,7 +4315,9 @@ // this is called _after_ the global arguments have been parsed jint os::init_2(void) { @@ -5308,7 +5392,7 @@ // Allocate a single page and mark it as readable for safepoint polling address polling_page = (address) ::mmap(NULL, Bsd::page_size(), PROT_READ, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0); -@@ -4028,6 +4292,7 @@ +@@ -4028,6 +4375,7 @@ JavaThread::set_stack_size_at_create(round_to(threadStackSizeInBytes, vm_page_size())); @@ -5316,7 +5400,7 @@ Bsd::capture_initial_stack(JavaThread::stack_size_at_create()); Bsd::libpthread_init(); -@@ -4050,6 +4315,7 @@ +@@ -4050,6 +4398,7 @@ UseNUMA = true; } } @@ -5324,7 +5408,7 @@ if (MaxFDLimit) { // set the number of file descriptors to max. print out error -@@ -4061,6 +4327,14 @@ +@@ -4061,6 +4410,14 @@ perror("os::init_2 getrlimit failed"); } else { nbr_files.rlim_cur = nbr_files.rlim_max; @@ -5339,7 +5423,7 @@ status = setrlimit(RLIMIT_NOFILE, &nbr_files); if (status != 0) { if (PrintMiscellaneous && (Verbose || WizardMode)) -@@ -4069,8 +4343,10 @@ +@@ -4069,8 +4426,10 @@ } } @@ -5350,11 +5434,25 @@ // at-exit methods are called in the reverse order of their registration. // atexit functions are called on return from main or as a result of a -@@ -4114,11 +4390,15 @@ +@@ -4114,11 +4473,29 @@ }; int os::active_processor_count() { +#ifdef _ALLBSD_SOURCE ++#ifdef __FreeBSD__ ++ int online_cpus = 0; ++#if __FreeBSD_version > 700109 ++ std::bitset<CPU_SETSIZE> mask; ++ assert(sizeof(mask) == sizeof(cpuset_t), "Invalid bitset for cpuset_t"); ++ if (cpuset_getaffinity(CPU_LEVEL_WHICH, CPU_WHICH_PID, -1, sizeof(mask), ++ reinterpret_cast<cpuset_t*>(&mask)) == 0) ++ online_cpus = mask.count(); ++#else ++ online_cpus = ::sysconf(_SC_NPROCESSORS_ONLN); ++#endif ++ if (online_cpus > 0 && online_cpus <= _processor_count) ++ return online_cpus; ++#endif + return _processor_count; +#else // Bsd doesn't yet have a (official) notion of processor sets, @@ -5366,7 +5464,7 @@ } bool os::distribute_processes(uint length, uint* distribution) { -@@ -4160,6 +4440,9 @@ +@@ -4160,6 +4537,9 @@ int os::Bsd::safe_cond_timedwait(pthread_cond_t *_cond, pthread_mutex_t *_mutex, const struct timespec *_abstime) { @@ -5376,7 +5474,7 @@ if (is_NPTL()) { return pthread_cond_timedwait(_cond, _mutex, _abstime); } else { -@@ -4175,6 +4458,7 @@ +@@ -4175,6 +4555,7 @@ #endif // IA64 return status; } @@ -5384,7 +5482,7 @@ } //////////////////////////////////////////////////////////////////////////////// -@@ -4322,14 +4606,14 @@ +@@ -4322,14 +4703,14 @@ int o_delete = (oflag & O_DELETE); oflag = oflag & ~O_DELETE; @@ -5403,7 +5501,7 @@ if (ret != -1) { if ((st_mode & S_IFMT) == S_IFDIR) { -@@ -4386,17 +4670,17 @@ +@@ -4386,17 +4767,17 @@ if (!rewrite_existing) { oflags |= O_EXCL; } @@ -5424,7 +5522,7 @@ } // This code originates from JDK's sysAvailable -@@ -4405,10 +4689,10 @@ +@@ -4405,10 +4786,10 @@ int os::available(int fd, jlong *bytes) { jlong cur, end; int mode; @@ -5438,7 +5536,7 @@ if (S_ISCHR(mode) || S_ISFIFO(mode) || S_ISSOCK(mode)) { /* * XXX: is the following call interruptible? If so, this might -@@ -4422,11 +4706,11 @@ +@@ -4422,11 +4803,11 @@ } } } @@ -5453,7 +5551,7 @@ return 0; } *bytes = end - cur; -@@ -4489,6 +4773,7 @@ +@@ -4489,6 +4870,7 @@ return munmap(addr, bytes) == 0; } @@ -5461,7 +5559,7 @@ static jlong slow_thread_cpu_time(Thread *thread, bool user_sys_cpu_time); static clockid_t thread_cpu_clockid(Thread* thread) { -@@ -4500,6 +4785,7 @@ +@@ -4500,6 +4882,7 @@ assert(rc == 0, "pthread_getcpuclockid is expected to return 0 code"); return clockid; } @@ -5469,7 +5567,7 @@ // current_thread_cpu_time(bool) and thread_cpu_time(Thread*, bool) // are used by JVM M&M and JVMTI to get user+sys or user CPU time -@@ -4509,39 +4795,71 @@ +@@ -4509,39 +4892,71 @@ // the fast estimate available on the platform. jlong os::current_thread_cpu_time() { @@ -5541,7 +5639,7 @@ // // -1 on error. // -@@ -4631,6 +4949,7 @@ +@@ -4631,6 +5046,7 @@ return (jlong)user_time * (1000000000 / clock_tics_per_sec); } } @@ -5549,21 +5647,21 @@ void os::current_thread_cpu_time_info(jvmtiTimerInfo *info_ptr) { info_ptr->max_value = ALL_64_BITS; // will not wrap in less than 64 bits -@@ -4647,7 +4966,13 @@ +@@ -4647,7 +5063,13 @@ } bool os::is_thread_cpu_time_supported() { +#ifdef __APPLE__ -+ return true; + return true; +#elif defined(_ALLBSD_SOURCE) + return false; +#else - return true; ++ return true; +#endif } // System loadavg support. Returns -1 if load average cannot be obtained. -@@ -4780,7 +5105,7 @@ +@@ -4780,7 +5202,7 @@ // abstime will be the absolute timeout time // TODO: replace compute_abstime() with unpackTime() @@ -5572,7 +5670,7 @@ if (millis < 0) millis = 0; struct timeval now; int status = gettimeofday(&now, NULL); -@@ -4832,7 +5157,7 @@ +@@ -4832,7 +5254,7 @@ status = pthread_cond_wait(_cond, _mutex); // for some reason, under 2.7 lwp_cond_wait() may return ETIME ... // Treat this the same as if the wait was interrupted @@ -5581,7 +5679,7 @@ assert_status(status == 0 || status == EINTR, status, "cond_wait"); } -- _nParked ; -@@ -4890,10 +5215,10 @@ +@@ -4890,10 +5312,10 @@ pthread_cond_init (_cond, NULL) ; } assert_status(status == 0 || status == EINTR || @@ -5594,7 +5692,7 @@ // We consume and ignore EINTR and spurious wakeups. } --_nParked ; -@@ -4985,7 +5310,7 @@ +@@ -4985,7 +5407,7 @@ * years from "now". */ @@ -5603,7 +5701,7 @@ assert (time > 0, "convertTime"); struct timeval now; -@@ -5045,7 +5370,7 @@ +@@ -5045,7 +5467,7 @@ } // Next, demultiplex/decode time arguments @@ -5612,7 +5710,7 @@ if (time < 0 || (isAbsolute && time == 0) ) { // don't wait at all return; } -@@ -5099,7 +5424,7 @@ +@@ -5099,7 +5521,7 @@ } } assert_status(status == 0 || status == EINTR || @@ -5621,7 +5719,7 @@ status, "cond_timedwait"); #ifdef ASSERT -@@ -5142,14 +5467,12 @@ +@@ -5142,14 +5564,12 @@ } @@ -5641,7 +5739,7 @@ #endif // Run the specified command in a separate process. Return its exit value, -@@ -5164,8 +5487,7 @@ +@@ -5164,8 +5584,7 @@ // separate process to execve. Make a direct syscall to fork process. // On IA64 there's no fork syscall, we have to use fork() and hope for // the best... @@ -5651,7 +5749,7 @@ if (pid < 0) { // fork failed -@@ -5181,8 +5503,7 @@ +@@ -5181,8 +5600,7 @@ // in the new process, so make a system call directly. // IA64 should use normal execve() from glibc to match the glibc fork() // above. @@ -5872,7 +5970,16 @@ os::fork_and_exec(buf); --- hotspot/src/os/posix/launcher/java_md.c +++ hotspot/src/os/posix/launcher/java_md.c -@@ -41,14 +41,21 @@ +@@ -35,20 +35,30 @@ + #include <sys/stat.h> + #include <unistd.h> + #include <sys/types.h> ++#ifndef _SC_PHYS_PAGES ++#include <sys/sysctl.h> ++#endif + + #ifndef GAMMA + #include "manifest_info.h" #include "version_comp.h" #endif @@ -5895,7 +6002,7 @@ #ifndef GAMMA /* launcher.make defines ARCH */ /* -@@ -89,7 +96,7 @@ +@@ -89,7 +99,7 @@ * A collection of useful strings. One should think of these as #define * entries, but actual strings can be more efficient (with many compilers). */ @@ -5904,7 +6011,7 @@ static const char *system_dir = "/usr/java"; static const char *user_dir = "/java"; #else /* Solaris */ -@@ -423,10 +430,10 @@ +@@ -423,10 +433,10 @@ * If not on Solaris, assume only a single LD_LIBRARY_PATH * variable. */ @@ -5917,7 +6024,7 @@ /* * On linux, if a binary is running as sgid or suid, glibc sets * LD_LIBRARY_PATH to the empty string for security purposes. (In -@@ -442,6 +449,22 @@ +@@ -442,6 +452,22 @@ if((getgid() != getegid()) || (getuid() != geteuid()) ) { return; } @@ -5940,7 +6047,7 @@ #endif /* runpath contains current effective LD_LIBRARY_PATH setting */ -@@ -450,7 +473,7 @@ +@@ -450,7 +476,7 @@ new_runpath = JLI_MemAlloc( ((runpath!=NULL)?strlen(runpath):0) + 2*strlen(jrepath) + 2*strlen(arch) + strlen(jvmpath) + 52); @@ -5949,7 +6056,7 @@ /* -@@ -465,7 +488,7 @@ +@@ -465,7 +491,7 @@ /* jvmpath, ((running != wanted)?((wanted==64)?"/"LIBARCH64NAME:"/.."):""), */ @@ -5958,7 +6065,16 @@ "%s:" "%s/lib/%s:" "%s/../lib/%s", -@@ -792,7 +815,7 @@ +@@ -503,7 +529,7 @@ + * LD_LIBRARY_PATH. Note that this prevents any possible infinite + * loop of execv() because we test for the prefix, above. + */ +- if (runpath != 0) { ++ if (runpath != 0 && runpath[0] != '\0') { + strcat(new_runpath, ":"); + strcat(new_runpath, runpath); + } +@@ -792,7 +818,7 @@ jboolean GetApplicationHome(char *buf, jint bufsize) { @@ -5967,7 +6083,7 @@ char *execname = GetExecname(); if (execname) { strncpy(buf, execname, bufsize-1); -@@ -961,9 +984,13 @@ +@@ -961,9 +987,13 @@ } } } @@ -5982,7 +6098,7 @@ char buf[PATH_MAX+1]; int len = readlink(self, buf, PATH_MAX); if (len >= 0) { -@@ -971,7 +998,7 @@ +@@ -971,7 +1001,7 @@ exec_path = JLI_StringDup(buf); } } @@ -5991,7 +6107,44 @@ { /* Not implemented */ } -@@ -1175,7 +1202,7 @@ +@@ -1069,6 +1099,7 @@ + /* Compute physical memory by asking the OS */ + uint64_t + physical_memory(void) { ++#ifdef _SC_PHYS_PAGES + const uint64_t pages = (uint64_t) sysconf(_SC_PHYS_PAGES); + const uint64_t page_size = (uint64_t) sysconf(_SC_PAGESIZE); + const uint64_t result = pages * page_size; +@@ -1080,6 +1111,28 @@ + " physical memory: " UINT64_FORMAT " (%.3fGB)\n", + pages, page_size, result, result / (double) GB); + } ++#else ++#ifdef HW_PHYSMEM64 ++ int64_t physmem; ++ int name[2] = { CTL_HW, HW_PHYSMEM64 }; ++#else ++ unsigned long physmem; ++ int name[2] = { CTL_HW, HW_PHYSMEM }; ++#endif ++ size_t physmem_len = sizeof(physmem); ++ uint64_t result; ++# define UINT64_FORMAT "%" PRIu64 ++ ++ if (sysctl(name, 2, &physmem, &physmem_len, NULL, 0) == -1) ++ physmem = 256 * MB; ++ ++ result = (uint64_t)physmem; ++ ++ if (_launcher_debug) { ++ printf("physical memory: " UINT64_FORMAT " (%.3fGB)\n", ++ result, result / (double) GB); ++ } ++#endif + return result; + } + +@@ -1175,7 +1228,7 @@ #endif /* __sun && i586 */ @@ -6000,7 +6153,7 @@ /* * A utility method for asking the CPU about itself. -@@ -1240,7 +1267,7 @@ +@@ -1240,7 +1293,7 @@ #endif } @@ -6009,7 +6162,7 @@ #ifdef i586 /* -@@ -1452,6 +1479,39 @@ +@@ -1452,6 +1505,39 @@ #endif /* __linux__ && i586 */ @@ -6038,7 +6191,7 @@ + } + } + if (_launcher_debug) { -+ printf("linux_" LIBARCHNAME "_ServerClassMachine: %s\n", ++ printf("bsd_" LIBARCHNAME "_ServerClassMachine: %s\n", + (result == JNI_TRUE ? "true" : "false")); + } + return result; @@ -6049,7 +6202,7 @@ /* Dispatch to the platform-specific definition of "server-class" */ jboolean ServerClassMachine(void) { -@@ -1466,6 +1526,8 @@ +@@ -1466,6 +1552,8 @@ result = solaris_i586_ServerClassMachine(); #elif defined(__linux__) && defined(i586) result = linux_i586_ServerClassMachine(); @@ -6058,7 +6211,16 @@ #else if (_launcher_debug) { printf("ServerClassMachine: returns default value of %s\n", -@@ -1821,7 +1883,7 @@ +@@ -1606,7 +1694,7 @@ + while (dp != NULL) { + cp = strchr(dp, (int)':'); + if (cp != NULL) +- *cp = (char)NULL; ++ *cp = '\0'; + if ((target = ProcessDir(info, dp)) != NULL) + break; + dp = cp; +@@ -1821,7 +1909,7 @@ int ContinueInNewThread(int (JNICALL *continuation)(void *), jlong stack_size, void * args) { int rslt; @@ -6067,6 +6229,17 @@ pthread_t tid; pthread_attr_t attr; pthread_attr_init(&attr); +@@ -1865,8 +1953,8 @@ + #define MAX_PID_STR_SZ 20 + + void SetJavaLauncherPlatformProps() { +- /* Linux only */ +-#ifdef __linux__ ++ /* Linux and BSDs only */ ++#if defined(__linux__) || defined(_ALLBSD_SOURCE) + const char *substr = "-Dsun.java.launcher.pid="; + char *pid_prop_str = (char *)JLI_MemAlloc(strlen(substr) + MAX_PID_STR_SZ + 1); + sprintf(pid_prop_str, "%s%d", substr, getpid()); --- hotspot/src/os/posix/launcher/launcher.script +++ hotspot/src/os/posix/launcher/launcher.script @@ -1,4 +1,4 @@ @@ -14099,11 +14272,34 @@ #endif /* __sun */ -#ifdef __linux -+#if defined(__linux__) || defined(_ALLBSD_SOURCE) ++#if defined(__linux__) /* * On linux, if a binary is running as sgid or suid, glibc sets * LD_LIBRARY_PATH to the empty string for security purposes. (In -@@ -431,7 +465,7 @@ +@@ -423,6 +457,22 @@ + if((getgid() != getegid()) || (getuid() != geteuid()) ) { + return; + } ++#elif defined(_ALLBSD_SOURCE) ++ /* ++ * On BSD, if a binary is running as sgid or suid, libc sets ++ * LD_LIBRARY_PATH to the empty string for security purposes. (In ++ * contrast, on Solaris the LD_LIBRARY_PATH variable for a ++ * privileged binary does not lose its settings; but the dynamic ++ * linker does apply more scrutiny to the path.) The launcher uses ++ * the value of LD_LIBRARY_PATH to prevent an exec loop. ++ * Therefore, if we are running sgid or suid, this function's ++ * setting of LD_LIBRARY_PATH will be ineffective and we should ++ * return from the function now. Getting the right libraries to ++ * be found must be handled through other mechanisms. ++ */ ++ if(issetugid()) { ++ return; ++ } + #endif + + /* runpath contains current effective LD_LIBRARY_PATH setting */ +@@ -431,7 +481,7 @@ new_runpath = JLI_MemAlloc( ((runpath!=NULL)?strlen(runpath):0) + 2*strlen(jrepath) + 2*strlen(arch) + strlen(jvmpath) + 52); @@ -14112,7 +14308,7 @@ /* -@@ -446,7 +480,7 @@ +@@ -446,7 +496,7 @@ /* jvmpath, ((running != wanted)?((wanted==64)?"/"LIBARCH64NAME:"/.."):""), */ @@ -14121,7 +14317,16 @@ "%s:" "%s/lib/%s:" "%s/../lib/%s", -@@ -878,9 +912,13 @@ +@@ -721,7 +771,7 @@ + jboolean + GetApplicationHome(char *buf, jint bufsize) + { +-#ifdef __linux__ ++#if defined(__linux__) || defined(_ALLBSD_SOURCE) + char *execname = GetExecname(); + if (execname) { + strncpy(buf, execname, bufsize-1); +@@ -878,9 +928,13 @@ } } } @@ -14136,7 +14341,7 @@ char buf[PATH_MAX+1]; int len = readlink(self, buf, PATH_MAX); if (len >= 0) { -@@ -888,7 +926,7 @@ +@@ -888,7 +942,7 @@ exec_path = JLI_StringDup(buf); } } @@ -14145,7 +14350,7 @@ { /* Not implemented */ } -@@ -977,6 +1015,7 @@ +@@ -977,6 +1031,7 @@ /* Compute physical memory by asking the OS */ uint64_t physical_memory(void) { @@ -14153,7 +14358,7 @@ const uint64_t pages = (uint64_t) sysconf(_SC_PHYS_PAGES); const uint64_t page_size = (uint64_t) sysconf(_SC_PAGESIZE); const uint64_t result = pages * page_size; -@@ -988,6 +1027,28 @@ +@@ -988,6 +1043,28 @@ " physical memory: " UINT64_FORMAT " (%.3fGB)\n", pages, page_size, result, result / (double) GB); } @@ -14182,7 +14387,7 @@ return result; } -@@ -1083,7 +1144,7 @@ +@@ -1083,7 +1160,7 @@ #endif /* __sun && i586 */ @@ -14191,7 +14396,74 @@ /* * A utility method for asking the CPU about itself. -@@ -1692,9 +1753,23 @@ +@@ -1148,7 +1225,7 @@ + #endif + } + +-#endif /* __linux__ && i586 */ ++#endif /* (__linux__ || _ALLBSD_SOURCE) && i586 */ + + #ifdef i586 + /* +@@ -1360,6 +1437,39 @@ + + #endif /* __linux__ && i586 */ + ++#if defined(_ALLBSD_SOURCE) && defined(i586) ++ ++/* The definition of a server-class machine for bsd-i586 */ ++jboolean ++bsd_i586_ServerClassMachine(void) { ++ jboolean result = JNI_FALSE; ++ /* How big is a server class machine? */ ++ const unsigned long server_processors = 2UL; ++ const uint64_t server_memory = 2UL * GB; ++ /* ++ * We seem not to get our full complement of memory. ++ * We allow some part (1/8?) of the memory to be "missing", ++ * based on the sizes of DIMMs, and maybe graphics cards. ++ */ ++ const uint64_t missing_memory = 256UL * MB; ++ const uint64_t actual_memory = physical_memory(); ++ ++ /* Is this a server class machine? */ ++ if (actual_memory >= (server_memory - missing_memory)) { ++ const unsigned long actual_processors = physical_processors(); ++ if (actual_processors >= server_processors) { ++ result = JNI_TRUE; ++ } ++ } ++ if (_launcher_debug) { ++ printf("bsd_" LIBARCHNAME "_ServerClassMachine: %s\n", ++ (result == JNI_TRUE ? "true" : "false")); ++ } ++ return result; ++} ++ ++#endif /* _ALLBSD_SOURCE && i586 */ ++ + /* Dispatch to the platform-specific definition of "server-class" */ + jboolean + ServerClassMachine(void) { +@@ -1374,6 +1484,8 @@ + result = solaris_i586_ServerClassMachine(); + #elif defined(__linux__) && defined(i586) + result = linux_i586_ServerClassMachine(); ++#elif defined(_ALLBSD_SOURCE) && defined(i586) ++ result = bsd_i586_ServerClassMachine(); + #else + if (_launcher_debug) { + printf("ServerClassMachine: returns default value of %s\n", +@@ -1514,7 +1626,7 @@ + while (dp != NULL) { + cp = strchr(dp, (int)':'); + if (cp != NULL) +- *cp = (char)NULL; ++ *cp = '\0'; + if ((target = ProcessDir(info, dp)) != NULL) + break; + dp = cp; +@@ -1692,9 +1804,29 @@ return(borrowed_unsetenv(name)); } @@ -14202,9 +14474,15 @@ +int64_t +CounterGet() +{ ++#ifdef __FreeBSD__ ++ struct timespec tp; ++ clock_gettime(CLOCK_MONOTONIC, &tp); ++ return (uint64_t)tp.tv_sec * 1000000 + tp.tv_nsec / 1000; ++#else + struct timeval tv; + gettimeofday(&tv, NULL); -+ return (tv.tv_sec * 1000) + tv.tv_usec; ++ return (uint64_t)tv.tv_sec * 1000000 + tv.tv_usec; ++#endif +} +#endif + @@ -14216,7 +14494,7 @@ static void* hSplashLib = NULL; -@@ -1722,13 +1797,15 @@ +@@ -1722,13 +1854,15 @@ return "%lld"; } @@ -14234,7 +14512,23 @@ pthread_t tid; pthread_attr_t attr; pthread_attr_init(&attr); -@@ -1765,13 +1842,11 @@ +@@ -1741,7 +1875,7 @@ + if (pthread_create(&tid, &attr, (void *(*)(void*))continuation, (void*)args) == 0) { + void * tmp; + pthread_join(tid, &tmp); +- rslt = (int)tmp; ++ rslt = (int)(intptr_t)tmp; + } else { + /* + * Continue execution in current thread if for some reason (e.g. out of +@@ -1759,25 +1893,23 @@ + if (thr_create(NULL, stack_size, (void *(*)(void *))continuation, args, flags, &tid) == 0) { + void * tmp; + thr_join(tid, NULL, &tmp); +- rslt = (int)tmp; ++ rslt = (int)(intptr_t)tmp; + } else { + /* See above. Continue in current thread if thr_create() failed */ rslt = continuation(args); } #endif @@ -14251,6 +14545,14 @@ /* Coarse estimation of number of digits assuming the worst case is a 64-bit pid. */ #define MAX_PID_STR_SZ 20 + void SetJavaLauncherPlatformProps() { +- /* Linux only */ +-#ifdef __linux__ ++ /* Linux and BSDs only */ ++#if defined(__linux__) || defined(_ALLBSD_SOURCE) + const char *substr = "-Dsun.java.launcher.pid="; + char *pid_prop_str = (char *)JLI_MemAlloc(strlen(substr) + MAX_PID_STR_SZ + 1); + sprintf(pid_prop_str, "%s%d", substr, getpid()); --- jdk/src/solaris/bin/java_md.h +++ jdk/src/solaris/bin/java_md.h @@ -58,10 +58,14 @@ @@ -16453,17 +16755,26 @@ clk_tck = 100; #endif if (clk_tck == -1) { -@@ -244,32 +310,70 @@ +@@ -244,32 +310,79 @@ Java_com_sun_management_UnixOperatingSystem_getFreePhysicalMemorySize (JNIEnv *env, jobject mbean) { +#if defined (__FreeBSD__) -+ int npages; ++ static const char *vm_stats[] = { ++ "vm.stats.vm.v_free_count", ++ "vm.stats.vm.v_cache_count", ++ /* "vm.stats.vm.v_inactive_count", */ ++ NULL ++ }; + size_t size; -+ size = sizeof(npages); -+ if (sysctlbyname("vm.stats.vm.v_free_count", &npages, &size, NULL, 0) == - 1) -+ return (0); -+ return ((jlong)npages * page_size); ++ jlong free_pages; ++ u_int i, npages; ++ for (i = 0, free_pages = 0, size = sizeof(npages); vm_stats[i] != NULL; i++) { ++ if (sysctlbyname(vm_stats[i], &npages, &size, NULL, 0) == -1) ++ return 0; ++ free_pages += npages; ++ } ++ return (free_pages * page_size); +#elif defined(_ALLBSD_SOURCE) + // throw_internal_error(env, "Unimplemented in BSD"); + return (128 * MB); @@ -16524,7 +16835,7 @@ // iterate through directory entries, skipping '.' and '..' // each entry represents an open file descriptor. -@@ -282,6 +386,7 @@ +@@ -282,6 +395,7 @@ closedir(dirp); // subtract by 1 which was the fd open for this implementation return (fds - 1); |