------------------------------------------------------------ revno: 602 committer: Matthias Klose <d...@ubuntu.com> branch nick: openjdk7 timestamp: Fri 2016-04-22 21:21:50 +0200 message: openjdk-7 (7u95-2.6.4-3) experimental; urgency=medium [ Tiago Stürmer Daitx ] * SECURITY UPDATE: Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets. - d/p/jdk-8152335-improve-methodhandle-consistency.patch: S8152335, CVE-2016-0636: Improve MethodHandle consistency [ Matthias Klose ] * Use internal tzdata for builds in stretch, unstable, experimental. Closes: #818308. -- Matthias Klose <d...@ubuntu.com> Thu, 24 Mar 2016 15:24:32 +0100 openjdk-7 (7u95-2.6.4-2) experimental; urgency=medium * Upload to experimental. -- Matthias Klose <d...@ubuntu.com> Fri, 05 Feb 2016 17:51:20 +0100 openjdk-7 (7u95-2.6.4-1) unstable; urgency=high [ Tiago Stürmer Daitx ] * IcedTea release 2.6.4 (based on 7u95): * Security fixes - S8059054, CVE-2016-0402: Better URL processing - S8130710, CVE-2016-0448: Better attributes processing - S8132210: Reinforce JMX collector internals - S8132988: Better printing dialogues - S8133962, CVE-2016-0466: More general limits - S8137060: JMX memory management improvements - S8139012: Better font substitutions - S8139017, CVE-2016-0483: More stable image decoding - S8140543, CVE-2016-0494: Arrange font actions - S8143185: Cleanup for handling proxies - S8143941, CVE-2015-8126, CVE-2015-8472: Update splashscreen displays - S8144773, CVE-2015-7575: Further reduce use of MD5 (SLOTH) * debian/patches/it-debian-build-flags.diff: refreshed * debian/patches/it-set-compiler.diff: refreshed * debian/patches/it-use-quilt.diff: refreshed * debian/patches/it-jamvm-2.0.diff: refreshed * debian/patches/icedtea-pretend-memory.diff: refreshed * debian/patches/fix_extra_flags-default.diff: refreshed * debian/patches/zero-sparc.diff: refreshed [ Matthias Klose ] * Remove obsolete IcedTea configure options. * Fix build failure on squeeze (Thorsten Glaser). Closes: #809205. * Don't run the test on mips, still having stone age buildd hardware and empty promises to fix these issues since 2010. -- Matthias Klose <d...@ubuntu.com> Thu, 21 Jan 2016 13:17:54 +0100 added: patches/jdk-8152335-improve-methodhandle-consistency.patch modified: changelog patches/fix_extra_flags-default.diff patches/icedtea-pretend-memory.diff patches/it-debian-build-flags.diff patches/it-jamvm-2.0.diff patches/it-set-compiler.diff patches/it-use-quilt.diff patches/zero-sparc.diff rules
-- lp:~openjdk/openjdk/openjdk7 https://code.launchpad.net/~openjdk/openjdk/openjdk7 Your team Debian Java Maintainers is subscribed to branch lp:~openjdk/openjdk/openjdk7. To unsubscribe from this branch go to https://code.launchpad.net/~openjdk/openjdk/openjdk7/+edit-subscription
=== modified file 'changelog' --- changelog 2015-12-13 13:39:09 +0000 +++ changelog 2016-04-22 19:21:50 +0000 @@ -1,3 +1,57 @@ +openjdk-7 (7u95-2.6.4-3) experimental; urgency=medium + + [ Tiago Stürmer Daitx ] + * SECURITY UPDATE: Applies to client deployment of Java only. This + vulnerability can be exploited only through sandboxed Java Web Start + applications and sandboxed Java applets. + - d/p/jdk-8152335-improve-methodhandle-consistency.patch: S8152335, + CVE-2016-0636: Improve MethodHandle consistency + + [ Matthias Klose ] + * Use internal tzdata for builds in stretch, unstable, experimental. + Closes: #818308. + + -- Matthias Klose <d...@ubuntu.com> Thu, 24 Mar 2016 15:24:32 +0100 + +openjdk-7 (7u95-2.6.4-2) experimental; urgency=medium + + * Upload to experimental. + + -- Matthias Klose <d...@ubuntu.com> Fri, 05 Feb 2016 17:51:20 +0100 + +openjdk-7 (7u95-2.6.4-1) unstable; urgency=high + + [ Tiago Stürmer Daitx ] + * IcedTea release 2.6.4 (based on 7u95): + * Security fixes + - S8059054, CVE-2016-0402: Better URL processing + - S8130710, CVE-2016-0448: Better attributes processing + - S8132210: Reinforce JMX collector internals + - S8132988: Better printing dialogues + - S8133962, CVE-2016-0466: More general limits + - S8137060: JMX memory management improvements + - S8139012: Better font substitutions + - S8139017, CVE-2016-0483: More stable image decoding + - S8140543, CVE-2016-0494: Arrange font actions + - S8143185: Cleanup for handling proxies + - S8143941, CVE-2015-8126, CVE-2015-8472: Update splashscreen displays + - S8144773, CVE-2015-7575: Further reduce use of MD5 (SLOTH) + * debian/patches/it-debian-build-flags.diff: refreshed + * debian/patches/it-set-compiler.diff: refreshed + * debian/patches/it-use-quilt.diff: refreshed + * debian/patches/it-jamvm-2.0.diff: refreshed + * debian/patches/icedtea-pretend-memory.diff: refreshed + * debian/patches/fix_extra_flags-default.diff: refreshed + * debian/patches/zero-sparc.diff: refreshed + + [ Matthias Klose ] + * Remove obsolete IcedTea configure options. + * Fix build failure on squeeze (Thorsten Glaser). Closes: #809205. + * Don't run the test on mips, still having stone age buildd hardware and + empty promises to fix these issues since 2010. + + -- Matthias Klose <d...@ubuntu.com> Thu, 21 Jan 2016 13:17:54 +0100 + openjdk-7 (7u91-2.6.3-3) unstable; urgency=medium * Fix stripping packages (use bash instead of expr substring). === modified file 'patches/fix_extra_flags-default.diff' --- patches/fix_extra_flags-default.diff 2015-07-06 13:57:08 +0000 +++ patches/fix_extra_flags-default.diff 2016-04-22 19:21:50 +0000 @@ -8,9 +8,9 @@ Index: openjdk/hotspot/make/linux/makefiles/jsig.make =================================================================== ---- openjdk/hotspot/make/linux/makefiles/jsig.make +--- openjdk/hotspot/make/linux/makefiles/jsig.make.orig +++ openjdk/hotspot/make/linux/makefiles/jsig.make -@@ -59,7 +59,7 @@ endif +@@ -59,7 +59,7 @@ $(LIBJSIG): $(JSIGSRCDIR)/jsig.c $(LIBJSIG_MAPFILE) @echo Making signal interposition lib... $(QUIETLY) $(CC) $(SYMFLAG) $(ARCHFLAG) $(SHARED_FLAG) $(PICFLAG) \ @@ -21,9 +21,9 @@ ifneq ($(STRIP_POLICY),no_strip) Index: openjdk/hotspot/make/linux/makefiles/launcher.make =================================================================== ---- openjdk/hotspot/make/linux/makefiles/launcher.make +--- openjdk/hotspot/make/linux/makefiles/launcher.make.orig +++ openjdk/hotspot/make/linux/makefiles/launcher.make -@@ -73,16 +73,16 @@ DEPFILES := $(patsubst %.o,%.d,$(OBJS)) +@@ -73,16 +73,16 @@ $(LAUNCHER_OUT)/%.o: $(LAUNCHERDIR_SHARE)/%.c $(QUIETLY) [ -d $(LAUNCHER_OUT) ] || { mkdir -p $(LAUNCHER_OUT); } @@ -45,9 +45,9 @@ $(LAUNCHER): $(LAUNCHER_SCRIPT) Index: openjdk/hotspot/make/linux/makefiles/vm.make =================================================================== ---- openjdk/hotspot/make/linux/makefiles/vm.make +--- openjdk/hotspot/make/linux/makefiles/vm.make.orig +++ openjdk/hotspot/make/linux/makefiles/vm.make -@@ -131,8 +131,8 @@ CFLAGS += $(CFLAGS_WARN/BYFILE) +@@ -134,8 +134,8 @@ CFLAGS += $(CFLAGS/NOEX) # Extra flags from gnumake's invocation or environment @@ -60,9 +60,9 @@ # the same could be done by separate execstack command Index: openjdk/jdk/make/common/Defs.gmk =================================================================== ---- openjdk/jdk/make/common/Defs.gmk +--- openjdk/jdk/make/common/Defs.gmk.orig +++ openjdk/jdk/make/common/Defs.gmk -@@ -562,11 +562,11 @@ CXXFLAGS_$(VARIANT)/BYFILE = $(CXXFLAGS +@@ -562,11 +562,11 @@ # EXTRA_CFLAGS are used to define cross-compilation options # ASFLAGS = $(ASFLAGS_$(VARIANT)) $(ASFLAGS_COMMON) $(OTHER_ASFLAGS) @@ -80,9 +80,9 @@ $(OTHER_LINTFLAGS) Index: openjdk/hotspot/make/linux/makefiles/saproc.make =================================================================== ---- openjdk/hotspot/make/linux/makefiles/saproc.make +--- openjdk/hotspot/make/linux/makefiles/saproc.make.orig +++ openjdk/hotspot/make/linux/makefiles/saproc.make -@@ -77,7 +77,7 @@ ALT_SAINCDIR=-I$(ALT_SASRCDIR) +@@ -77,7 +77,7 @@ else ALT_SAINCDIR= endif === modified file 'patches/icedtea-pretend-memory.diff' --- patches/icedtea-pretend-memory.diff 2015-07-06 13:57:08 +0000 +++ patches/icedtea-pretend-memory.diff 2016-04-22 19:21:50 +0000 @@ -1,8 +1,8 @@ Index: openjdk/jdk/make/common/shared/Platform.gmk =================================================================== ---- openjdk/jdk/make/common/shared/Platform.gmk +--- openjdk/jdk/make/common/shared/Platform.gmk.orig +++ openjdk/jdk/make/common/shared/Platform.gmk -@@ -247,7 +247,7 @@ ifeq ($(SYSTEM_UNAME), Linux) +@@ -246,7 +246,7 @@ # Suffix for file bundles used in previous release BUNDLE_FILE_SUFFIX=.tar.gz # How much RAM does this machine have: @@ -13,9 +13,9 @@ ifeq ($(SYSTEM_UNAME), Darwin) Index: openjdk/corba/make/common/shared/Platform.gmk =================================================================== ---- openjdk/corba/make/common/shared/Platform.gmk +--- openjdk/corba/make/common/shared/Platform.gmk.orig +++ openjdk/corba/make/common/shared/Platform.gmk -@@ -240,7 +240,7 @@ ifeq ($(SYSTEM_UNAME), Linux) +@@ -240,7 +240,7 @@ endif endif # How much RAM does this machine have: === modified file 'patches/it-debian-build-flags.diff' --- patches/it-debian-build-flags.diff 2015-10-30 15:18:48 +0000 +++ patches/it-debian-build-flags.diff 2016-04-22 19:21:50 +0000 @@ -3,8 +3,8 @@ Forwarded: not-needed Last-Update: 2014-07-06 ---- a/Makefile.am -+++ b/Makefile.am +--- openjdk-7-7u95-2.6.4.orig/Makefile.am ++++ openjdk-7-7u95-2.6.4/Makefile.am @@ -153,7 +153,7 @@ IT_JAVACFLAGS=$(IT_JAVAC_SETTINGS) -source $(IT_LANGUAGE_SOURCE_VERSION) -target $(IT_CLASS_TARGET_VERSION) @@ -14,7 +14,7 @@ # Conditional defintions -@@ -2501,7 +2501,8 @@ +@@ -2497,7 +2497,8 @@ if BUILD_JAMVM cd jamvm/jamvm && \ ./autogen.sh --with-java-runtime-library=openjdk7 \ @@ -24,7 +24,7 @@ $(MAKE) ; \ $(MAKE) install mkdir -p $(abs_top_builddir)/jamvm/install/hotspot/jre/lib/$(INSTALL_ARCH_DIR)/server -@@ -2571,7 +2572,8 @@ +@@ -2567,7 +2568,8 @@ --with-java-runtime-library-prefix=$(abs_top_builddir)/openjdk \ --with-java-runtime-library-classes=$(RUNTIME) \ --with-libatomic-ops=no \ === modified file 'patches/it-jamvm-2.0.diff' --- patches/it-jamvm-2.0.diff 2015-10-30 15:18:48 +0000 +++ patches/it-jamvm-2.0.diff 2016-04-22 19:21:50 +0000 @@ -1,5 +1,5 @@ ---- a/Makefile.am -+++ b/Makefile.am +--- openjdk-7-7u95-2.6.4.orig/Makefile.am ++++ openjdk-7-7u95-2.6.4/Makefile.am @@ -26,8 +26,8 @@ CACAO_SRC_ZIP = cacao-$(CACAO_VERSION).tar.gz CACAO_URL = $(CACAO_BASE_URL)/$(CACAO_SRC_ZIP) @@ -11,7 +11,7 @@ JAMVM_BASE_URL = $(DROP_URL)/jamvm JAMVM_URL = $(JAMVM_BASE_URL)/jamvm-$(JAMVM_VERSION).tar.gz JAMVM_SRC_ZIP = jamvm-$(JAMVM_VERSION).tar.gz -@@ -401,8 +401,6 @@ +@@ -400,8 +400,6 @@ if BUILD_JAMVM ICEDTEA_PATCHES += \ @@ -20,7 +20,7 @@ patches/jamvm/noexecstack.patch endif -@@ -414,6 +412,11 @@ +@@ -413,6 +411,11 @@ ICEDTEA_PATCHES += patches/rh1022017.patch endif @@ -32,7 +32,7 @@ ICEDTEA_PATCHES += $(DISTRIBUTION_PATCHES) # Bootstrapping patches -@@ -2372,7 +2375,7 @@ +@@ -2368,7 +2371,7 @@ stamps/jamvm.stamp: $(OPENJDK_TREE) stamps/rt.stamp if BUILD_JAMVM cd jamvm/jamvm && \ @@ -42,7 +42,7 @@ CFLAGS='$(EXTRA_CFLAGS_JAMVM)' LDFLAGS='$(EXTRA_LDFLAGS_JAMVM)' CPPFLAGS='$(EXTRA_CPPFLAGS_JAMVM)' CXXFLAGS='$(EXTRA_CXXFLAGS_JAMVM)'; \ $(MAKE) ; \ --- /dev/null -+++ b/patches/jamvm-2.5.3-fix.diff ++++ openjdk-7-7u95-2.6.4/patches/jamvm-2.5.3-fix.diff @@ -0,0 +1,76 @@ +--- jamvm/jamvm-2.0.0/src/classlib/openjdk/jvm.c ++++ jamvm/jamvm-2.0.0/src/classlib/openjdk/jvm.c === modified file 'patches/it-set-compiler.diff' --- patches/it-set-compiler.diff 2015-10-30 15:18:48 +0000 +++ patches/it-set-compiler.diff 2016-04-22 19:21:50 +0000 @@ -2,9 +2,9 @@ Author: Matthias Klose <d...@ubuntu.com> Forwarded: #openjdk on OFTC ---- a/Makefile.am -+++ b/Makefile.am -@@ -617,6 +617,7 @@ +--- openjdk-7-7u95-2.6.4.orig/Makefile.am ++++ openjdk-7-7u95-2.6.4/Makefile.am +@@ -616,6 +616,7 @@ VERBOSE="$(VERBOSE)" \ STATIC_CXX="false" \ BUILD_GCC="$(CC)" \ === modified file 'patches/it-use-quilt.diff' --- patches/it-use-quilt.diff 2015-10-30 15:18:48 +0000 +++ patches/it-use-quilt.diff 2016-04-22 19:21:50 +0000 @@ -3,9 +3,9 @@ Forwarded: not accepted Last-Update: 2014-07-06 ---- a/Makefile.am -+++ b/Makefile.am -@@ -1650,132 +1650,37 @@ +--- openjdk-7-7u95-2.6.4.orig/Makefile.am ++++ openjdk-7-7u95-2.6.4/Makefile.am +@@ -1646,132 +1646,37 @@ rm -f stamps/fonts.stamp stamps/patch-fsg.stamp: stamps/extract.stamp stamps/fonts.stamp @@ -160,7 +160,7 @@ fi stamps/versioning.stamp: stamps/patch.stamp -@@ -1845,54 +1750,20 @@ +@@ -1841,54 +1746,20 @@ rm -f stamps/clone-boot.stamp stamps/patch-boot.stamp: stamps/clone-boot.stamp === added file 'patches/jdk-8152335-improve-methodhandle-consistency.patch' --- patches/jdk-8152335-improve-methodhandle-consistency.patch 1970-01-01 00:00:00 +0000 +++ patches/jdk-8152335-improve-methodhandle-consistency.patch 2016-04-22 19:21:50 +0000 @@ -0,0 +1,177 @@ +# HG changeset patch +# User poonam +# Date 1458593316 25200 +# Mon Mar 21 13:48:36 2016 -0700 +# Node ID 8b0a075978f66e873d34258b0d6680320aa86f45 +# Parent c69b0765755e604a01d5802df49fbb9e9f8b3327 +8152335: Improve MethodHandle consistency +Reviewed-by: vlivanov, acorn, jrose + +diff --git openjdk/jdk/src/share/classes/java/lang/ClassLoader.java openjdk/jdk/src//share/classes/java/lang/ClassLoader.java +--- openjdk/jdk/src/share/classes/java/lang/ClassLoader.java ++++ openjdk/jdk/src/share/classes/java/lang/ClassLoader.java +@@ -654,6 +654,9 @@ + if (!checkName(name)) + throw new NoClassDefFoundError("IllegalName: " + name); + ++ // Note: Checking logic in java.lang.invoke.MemberName.checkForTypeAlias ++ // relies on the fact that spoofing is impossible if a class has a name ++ // of the form "java.*" + if ((name != null) && name.startsWith("java.")) { + throw new SecurityException + ("Prohibited package name: " + +diff --git openjdk/jdk/src/share/classes/java/lang/invoke/MemberName.java openjdk/jdk/src//share/classes/java/lang/invoke/MemberName.java +--- openjdk/jdk/src/share/classes/java/lang/invoke/MemberName.java ++++ openjdk/jdk/src/share/classes/java/lang/invoke/MemberName.java +@@ -668,7 +668,7 @@ + assert(isResolved() == isResolved); + } + +- void checkForTypeAlias() { ++ void checkForTypeAlias(Class<?> refc) { + if (isInvocable()) { + MethodType type; + if (this.type instanceof MethodType) +@@ -676,16 +676,16 @@ + else + this.type = type = getMethodType(); + if (type.erase() == type) return; +- if (VerifyAccess.isTypeVisible(type, clazz)) return; +- throw new LinkageError("bad method type alias: "+type+" not visible from "+clazz); ++ if (VerifyAccess.isTypeVisible(type, refc)) return; ++ throw new LinkageError("bad method type alias: "+type+" not visible from "+refc); + } else { + Class<?> type; + if (this.type instanceof Class<?>) + type = (Class<?>) this.type; + else + this.type = type = getFieldType(); +- if (VerifyAccess.isTypeVisible(type, clazz)) return; +- throw new LinkageError("bad field type alias: "+type+" not visible from "+clazz); ++ if (VerifyAccess.isTypeVisible(type, refc)) return; ++ throw new LinkageError("bad field type alias: "+type+" not visible from "+refc); + } + } + +@@ -844,10 +844,25 @@ + MemberName m = ref.clone(); // JVM will side-effect the ref + assert(refKind == m.getReferenceKind()); + try { ++ // There are 4 entities in play here: ++ // * LC: lookupClass ++ // * REFC: symbolic reference class (MN.clazz before resolution); ++ // * DEFC: resolved method holder (MN.clazz after resolution); ++ // * PTYPES: parameter types (MN.type) ++ // ++ // What we care about when resolving a MemberName is consistency between DEFC and PTYPES. ++ // We do type alias (TA) checks on DEFC to ensure that. DEFC is not known until the JVM ++ // finishes the resolution, so do TA checks right after MHN.resolve() is over. ++ // ++ // All parameters passed by a caller are checked against MH type (PTYPES) on every invocation, ++ // so it is safe to call a MH from any context. ++ // ++ // REFC view on PTYPES doesn't matter, since it is used only as a starting point for resolution and doesn't ++ // participate in method selection. + m = MethodHandleNatives.resolve(m, lookupClass); +- m.checkForTypeAlias(); ++ m.checkForTypeAlias(m.getDeclaringClass()); + m.resolution = null; +- } catch (LinkageError ex) { ++ } catch (ClassNotFoundException | LinkageError ex) { + // JVM reports that the "bytecode behavior" would get an error + assert(!m.isResolved()); + m.resolution = ex; +diff --git openjdk/jdk/src/share/classes/java/lang/invoke/MethodHandleNatives.java openjdk/jdk/src//share/classes/java/lang/invoke/MethodHandleNatives.java +--- openjdk/jdk/src/share/classes/java/lang/invoke/MethodHandleNatives.java ++++ openjdk/jdk/src/share/classes/java/lang/invoke/MethodHandleNatives.java +@@ -46,7 +46,7 @@ + + static native void init(MemberName self, Object ref); + static native void expand(MemberName self); +- static native MemberName resolve(MemberName self, Class<?> caller) throws LinkageError; ++ static native MemberName resolve(MemberName self, Class<?> caller) throws LinkageError, ClassNotFoundException; + static native int getMembers(Class<?> defc, String matchName, String matchSig, + int matchFlags, Class<?> caller, int skip, MemberName[] results); + +diff --git openjdk/jdk/src/share/classes/sun/invoke/util/VerifyAccess.java openjdk/jdk/src//share/classes/sun/invoke/util/VerifyAccess.java +--- openjdk/jdk/src/share/classes/sun/invoke/util/VerifyAccess.java ++++ openjdk/jdk/src/share/classes/sun/invoke/util/VerifyAccess.java +@@ -168,22 +168,66 @@ + * @param refc + */ + public static boolean isTypeVisible(Class<?> type, Class<?> refc) { +- if (type == refc) return true; // easy check ++ if (type == refc) { ++ return true; // easy check ++ } + while (type.isArray()) type = type.getComponentType(); +- if (type.isPrimitive() || type == Object.class) return true; +- ClassLoader parent = type.getClassLoader(); +- if (parent == null) return true; +- ClassLoader child = refc.getClassLoader(); +- if (child == null) return false; +- if (parent == child || loadersAreRelated(parent, child, true)) ++ if (type.isPrimitive() || type == Object.class) { + return true; +- // Do it the hard way: Look up the type name from the refc loader. +- try { +- Class<?> res = child.loadClass(type.getName()); +- return (type == res); +- } catch (ClassNotFoundException ex) { ++ } ++ ClassLoader typeLoader = type.getClassLoader(); ++ final ClassLoader refcLoader = refc.getClassLoader(); ++ if (typeLoader == refcLoader) { ++ return true; ++ } ++ if (refcLoader == null && typeLoader != null) { + return false; + } ++ if (typeLoader == null && type.getName().startsWith("java.")) { ++ // Note: The API for actually loading classes, ClassLoader.defineClass, ++ // guarantees that classes with names beginning "java." cannot be aliased, ++ // because class loaders cannot load them directly. ++ return true; ++ } ++ ++ // Do it the hard way: Look up the type name from the refc loader. ++ // ++ // Force the refc loader to report and commit to a particular binding for this type name (type.getName()). ++ // ++ // In principle, this query might force the loader to load some unrelated class, ++ // which would cause this query to fail (and the original caller to give up). ++ // This would be wasted effort, but it is expected to be very rare, occurring ++ // only when an attacker is attempting to create a type alias. ++ // In the normal case, one class loader will simply delegate to the other, ++ // and the same type will be visible through both, with no extra loading. ++ // ++ // It is important to go through Class.forName instead of ClassLoader.loadClass ++ // because Class.forName goes through the JVM system dictionary, which records ++ // the class lookup once for all. This means that even if a not-well-behaved class loader ++ // would "change its mind" about the meaning of the name, the Class.forName request ++ // will use the result cached in the JVM system dictionary. Note that the JVM system dictionary ++ // will record the first successful result. Unsuccessful results are not stored. ++ // ++ // We use doPrivileged in order to allow an unprivileged caller to ask an arbitrary ++ // class loader about the binding of the proposed name (type.getName()). ++ // The looked up type ("res") is compared for equality against the proposed ++ // type ("type") and then is discarded. Thus, the worst that can happen to ++ // the "child" class loader is that it is bothered to load and report a class ++ // that differs from "type"; this happens once due to JVM system dictionary ++ // memoization. And the caller never gets to look at the alternate type binding ++ // ("res"), whether it exists or not. ++ final String name = type.getName(); ++ Class<?> res = java.security.AccessController.doPrivileged( ++ new java.security.PrivilegedAction<Class>() { ++ public Class<?> run() { ++ try { ++ return Class.forName(name, false, refcLoader); ++ } catch (ClassNotFoundException | LinkageError e) { ++ return null; // Assume the class is not found ++ } ++ } ++ }); ++ return (type == res); + } + + /** === modified file 'patches/zero-sparc.diff' --- patches/zero-sparc.diff 2015-09-03 18:30:37 +0000 +++ patches/zero-sparc.diff 2016-04-22 19:21:50 +0000 @@ -15,7 +15,7 @@ =================================================================== --- openjdk/hotspot/src/os_cpu/linux_zero/vm/os_linux_zero.cpp.orig +++ openjdk/hotspot/src/os_cpu/linux_zero/vm/os_linux_zero.cpp -@@ -88,7 +88,7 @@ char* os::non_memory_address_word() { +@@ -88,7 +88,7 @@ // Must never look like an address returned by reserve_memory, // even in its subfields (as defined by the CPU immediate fields, // if the CPU splits constants across multiple instructions). @@ -28,7 +28,7 @@ =================================================================== --- openjdk/hotspot/src/share/vm/opto/output.cpp.orig +++ openjdk/hotspot/src/share/vm/opto/output.cpp -@@ -695,7 +695,7 @@ void Compile::FillLocArray( int idx, Mac +@@ -695,7 +695,7 @@ array->append(new_loc_value( _regalloc, regnum, Location::lng )); } #else //_LP64 @@ -41,7 +41,7 @@ =================================================================== --- openjdk/hotspot/src/share/vm/opto/chaitin.hpp.orig +++ openjdk/hotspot/src/share/vm/opto/chaitin.hpp -@@ -293,7 +293,7 @@ public: +@@ -293,7 +293,7 @@ // TEMPORARILY REPLACED WITH COMMAND LINE FLAG //// !!!!! Magic Constants need to move into ad file @@ -54,7 +54,7 @@ =================================================================== --- openjdk/hotspot/src/share/vm/opto/chaitin.cpp.orig +++ openjdk/hotspot/src/share/vm/opto/chaitin.cpp -@@ -723,7 +723,7 @@ void PhaseChaitin::gather_lrg_masks( boo +@@ -723,7 +723,7 @@ case Op_RegFlags: case 0: // not an ideal register lrg.set_num_regs(1); @@ -63,7 +63,7 @@ lrg.set_reg_pressure(2); #else lrg.set_reg_pressure(1); -@@ -1328,7 +1328,7 @@ uint PhaseChaitin::Select( ) { +@@ -1328,7 +1328,7 @@ // Check if a color is available and if so pick the color OptoReg::Name reg = choose_color( *lrg, chunk ); @@ -76,7 +76,7 @@ =================================================================== --- openjdk/hotspot/src/share/vm/runtime/advancedThresholdPolicy.cpp.orig +++ openjdk/hotspot/src/share/vm/runtime/advancedThresholdPolicy.cpp -@@ -62,7 +62,7 @@ void AdvancedThresholdPolicy::initialize +@@ -62,7 +62,7 @@ } #endif @@ -89,7 +89,7 @@ =================================================================== --- openjdk/hotspot/src/share/vm/runtime/deoptimization.cpp.orig +++ openjdk/hotspot/src/share/vm/runtime/deoptimization.cpp -@@ -824,7 +824,7 @@ public: +@@ -824,7 +824,7 @@ #ifdef _LP64 jlong res = (jlong)low->get_int(); #else @@ -98,7 +98,7 @@ // For SPARC we have to swap high and low words. jlong res = jlong_from((jint)low->get_int(), (jint)value->get_int()); #else -@@ -875,7 +875,7 @@ void Deoptimization::reassign_type_array +@@ -875,7 +875,7 @@ #ifdef _LP64 jlong res = (jlong)low->get_int(); #else @@ -111,7 +111,7 @@ =================================================================== --- openjdk/hotspot/src/share/vm/runtime/safepoint.cpp.orig +++ openjdk/hotspot/src/share/vm/runtime/safepoint.cpp -@@ -758,7 +758,7 @@ void SafepointSynchronize::block(JavaThr +@@ -758,7 +758,7 @@ #define PTR_PAD " " #endif @@ -124,7 +124,7 @@ =================================================================== --- openjdk/hotspot/src/share/vm/runtime/stackValue.cpp.orig +++ openjdk/hotspot/src/share/vm/runtime/stackValue.cpp -@@ -34,7 +34,7 @@ StackValue* StackValue::create_stack_val +@@ -34,7 +34,7 @@ // Stack or register value Location loc = ((LocationValue *)sv)->location(); @@ -137,7 +137,7 @@ =================================================================== --- openjdk/hotspot/src/share/vm/c1/c1_Runtime1.cpp.orig +++ openjdk/hotspot/src/share/vm/c1/c1_Runtime1.cpp -@@ -1095,7 +1095,7 @@ JRT_ENTRY(void, Runtime1::patch_code(Jav +@@ -1095,7 +1095,7 @@ RelocIterator iter(nm, (address)instr_pc, (address)(instr_pc + 1)); relocInfo::change_reloc_info_for_address(&iter, (address) instr_pc, relocInfo::none, relocInfo::oop_type); @@ -150,7 +150,7 @@ =================================================================== --- openjdk/hotspot/src/share/vm/c1/c1_LIRAssembler.cpp.orig +++ openjdk/hotspot/src/share/vm/c1/c1_LIRAssembler.cpp -@@ -584,7 +584,7 @@ void LIR_Assembler::emit_op1(LIR_Op1* op +@@ -584,7 +584,7 @@ monitor_address(op->in_opr()->as_constant_ptr()->as_jint(), op->result_opr()); break; @@ -159,7 +159,7 @@ case lir_pack64: pack64(op->in_opr(), op->result_opr()); break; -@@ -859,7 +859,7 @@ void LIR_Assembler::verify_oop_map(CodeE +@@ -859,7 +859,7 @@ if (!r->is_stack()) { stringStream st; st.print("bad oop %s at %d", r->as_Register()->name(), _masm->offset()); @@ -172,7 +172,7 @@ =================================================================== --- openjdk/hotspot/src/share/vm/c1/c1_LinearScan.cpp.orig +++ openjdk/hotspot/src/share/vm/c1/c1_LinearScan.cpp -@@ -2133,7 +2133,7 @@ LIR_Opr LinearScan::calc_operand_for_int +@@ -2133,7 +2133,7 @@ } #endif @@ -181,7 +181,7 @@ assert(assigned_reg >= pd_first_fpu_reg && assigned_reg <= pd_last_fpu_reg, "no fpu register"); assert(interval->assigned_regHi() >= pd_first_fpu_reg && interval->assigned_regHi() <= pd_last_fpu_reg, "no fpu register"); assert(assigned_reg % 2 == 0 && assigned_reg + 1 == interval->assigned_regHi(), "must be sequential and even"); -@@ -2732,7 +2732,7 @@ int LinearScan::append_scope_value_for_o +@@ -2732,7 +2732,7 @@ assert(opr->fpu_regnrLo() == opr->fpu_regnrHi(), "assumed in calculation (only fpu_regnrLo is used)"); #endif @@ -194,7 +194,7 @@ =================================================================== --- openjdk/hotspot/src/share/vm/c1/c1_LIR.hpp.orig +++ openjdk/hotspot/src/share/vm/c1/c1_LIR.hpp -@@ -595,7 +595,7 @@ class LIR_OprFact: public AllStatic { +@@ -595,7 +595,7 @@ static LIR_Opr single_softfp(int reg) { return (LIR_Opr)((reg << LIR_OprDesc::reg1_shift) | LIR_OprDesc::float_type | LIR_OprDesc::cpu_register | LIR_OprDesc::single_size); } static LIR_Opr double_softfp(int reg1, int reg2) { return (LIR_Opr)((reg1 << LIR_OprDesc::reg1_shift) | (reg2 << LIR_OprDesc::reg2_shift) | LIR_OprDesc::double_type | LIR_OprDesc::cpu_register | LIR_OprDesc::double_size); } #endif @@ -207,7 +207,7 @@ =================================================================== --- openjdk/hotspot/src/share/vm/c1/c1_GraphBuilder.cpp.orig +++ openjdk/hotspot/src/share/vm/c1/c1_GraphBuilder.cpp -@@ -1891,7 +1891,7 @@ void GraphBuilder::invoke(Bytecodes::Cod +@@ -1891,7 +1891,7 @@ Value recv = has_receiver ? apop() : NULL; int vtable_index = methodOopDesc::invalid_vtable_index; @@ -220,7 +220,7 @@ =================================================================== --- openjdk/hotspot/src/share/vm/interpreter/bytecodeInterpreter.cpp.orig +++ openjdk/hotspot/src/share/vm/interpreter/bytecodeInterpreter.cpp -@@ -3481,7 +3481,7 @@ BytecodeInterpreter::print() { +@@ -3481,7 +3481,7 @@ tty->print_cr("stack_base: " INTPTR_FORMAT, (uintptr_t) this->_stack_base); tty->print_cr("stack_limit: " INTPTR_FORMAT, (uintptr_t) this->_stack_limit); tty->print_cr("monitor_base: " INTPTR_FORMAT, (uintptr_t) this->_monitor_base); @@ -246,7 +246,7 @@ =================================================================== --- openjdk/hotspot/src/share/vm/utilities/globalDefinitions_gcc.hpp.orig +++ openjdk/hotspot/src/share/vm/utilities/globalDefinitions_gcc.hpp -@@ -243,7 +243,7 @@ extern "C" void breakpoint(); +@@ -235,7 +235,7 @@ // checking for nanness #ifdef SOLARIS @@ -259,7 +259,7 @@ =================================================================== --- openjdk/hotspot/src/share/vm/utilities/globalDefinitions_sparcWorks.hpp.orig +++ openjdk/hotspot/src/share/vm/utilities/globalDefinitions_sparcWorks.hpp -@@ -249,7 +249,7 @@ extern "C" void breakpoint(); +@@ -240,7 +240,7 @@ // checking for nanness #ifdef SOLARIS @@ -272,7 +272,7 @@ =================================================================== --- openjdk/hotspot/src/share/vm/adlc/formssel.cpp.orig +++ openjdk/hotspot/src/share/vm/adlc/formssel.cpp -@@ -1043,7 +1043,7 @@ uint InstructForm::reloc(FormDict &glob +@@ -1043,7 +1043,7 @@ const char *opType = NULL; while (_matrule->base_operand(position, globals, result, name, opType)) { if ( strcmp(opType,"ConP") == 0 ) { @@ -281,7 +281,7 @@ reloc_entries += 2; // 1 for sethi + 1 for setlo #else ++reloc_entries; -@@ -1081,7 +1081,7 @@ uint InstructForm::reloc(FormDict &glob +@@ -1081,7 +1081,7 @@ // Check for any component being an immediate float or double. Form::DataType data_type = is_chain_of_constant(globals); if( data_type==idealD || data_type==idealF ) { @@ -294,7 +294,7 @@ =================================================================== --- openjdk/hotspot/src/share/vm/adlc/output_h.cpp.orig +++ openjdk/hotspot/src/share/vm/adlc/output_h.cpp -@@ -722,7 +722,7 @@ void ArchDesc::declare_pipe_classes(FILE +@@ -722,7 +722,7 @@ fprintf(fp_hpp, "class Pipeline_Use_Cycle_Mask {\n"); if (_pipeline->_maxcycleused <= @@ -307,7 +307,7 @@ =================================================================== --- openjdk/hotspot/src/share/vm/adlc/output_c.cpp.orig +++ openjdk/hotspot/src/share/vm/adlc/output_c.cpp -@@ -784,7 +784,7 @@ void ArchDesc::build_pipe_classes(FILE * +@@ -784,7 +784,7 @@ /* Do Nothing */; else if (_pipeline->_maxcycleused <= === modified file 'rules' --- rules 2015-12-13 13:39:09 +0000 +++ rules 2016-04-22 19:21:50 +0000 @@ -6,6 +6,8 @@ unexport LANG LC_ALL +dh_version := $(shell dpkg-query -f '$${Version}\n' -W debhelper | sed -n 's/^\(.\).*/\1/p') + # using brace expansion and substring replacements (${var:0:2}). SHELL = /bin/bash @@ -373,7 +375,9 @@ endif endif -with_tzdata = yes +ifneq (,$(filter $(distrel),squeeze wheezy precise lucid precise trusty vivid wily)) + with_tzdata = yes +endif ifneq (,$(filter $(distrel),lenny squeeze natty maverick lucid karmic jaunty intrepid hardy)) lcms_version = 1 @@ -455,6 +459,7 @@ debian/patches/dnd-files.patch \ debian/patches/jdk-bold-swing-fonts.patch \ debian/patches/javadoc-sort-enum-and-annotation-types.patch \ + debian/patches/jdk-8152335-improve-methodhandle-consistency.patch \ ifeq (,$(filter $(DEB_HOST_ARCH),arm64)) DISTRIBUTION_PATCHES += \ @@ -631,7 +636,7 @@ endif ifneq (,$(filter $(distrel),squeeze lenny maverick lucid karmic hardy)) - CONFIGURE_ARGS += --disable-system-gio + CONFIGURE_ARGS += --disable-system-gio --disable-system-gconf endif # assume we don't build binary indep packages on these architectures @@ -651,10 +656,6 @@ # causes corrupt bold fonts in 2.5.0 CONFIGURE_ARGS += --disable-infinality -ifeq ($(with_pulse),yes) - CONFIGURE_ARGS += --enable-pulse-java -endif - ifneq ($(lcms_version),2) CONFIGURE_ARGS += --disable-system-lcms else @@ -673,10 +674,6 @@ CONFIGURE_ARGS += --disable-nss endif -ifeq ($(with_systemtap),yes) - CONFIGURE_ARGS += --enable-systemtap --with-abs-install-dir=/$(basedir) -endif - ifneq (,$(alternate_vms)) CONFIGURE_ARGS += --with-additional-vms=$(subst $(SPACE),$(COMMA),$(alternate_vms)) endif @@ -1223,10 +1220,10 @@ touch $@ ifeq ($(with_check),yes) - ifneq (,$(filter $(DEB_HOST_ARCH), $(hotspot_archs) alpha ia64 mips mipsel mips64 mips64el powerpc powerpcspe ppc64 ppc64el s390 sh4)) + ifneq (,$(filter $(DEB_HOST_ARCH), $(hotspot_archs) alpha ia64 mipsel mips64 mips64el powerpc powerpcspe ppc64 ppc64el s390 sh4)) with_mauve_check = $(default_vm) endif - ifneq (,$(filter $(DEB_HOST_ARCH), $(hotspot_archs) alpha arm64 armel armhf ia64 mips mipsel mips64 mips64el powerpc powerpcspe ppc64 ppc64el s390 s390x sh4 x32)) + ifneq (,$(filter $(DEB_HOST_ARCH), $(hotspot_archs) alpha arm64 armel armhf ia64 mipsel mips64 mips64el powerpc powerpcspe ppc64 ppc64el s390 s390x sh4 x32)) with_jtreg_check = $(default_vm) endif @@ -1235,7 +1232,7 @@ # only activate after testing; problems on s390 with_mauve_check += cacao endif - ifneq (,$(filter $(DEB_HOST_ARCH), alpha amd64 armel armhf i386 lpia mips mipsel mips64 mips64el powerpc powerpcspe s390)) + ifneq (,$(filter $(DEB_HOST_ARCH), alpha amd64 armel armhf i386 lpia mipsel mips64 mips64el powerpc powerpcspe s390)) # only activate after testing; hangs several tests. with_jtreg_check += cacao endif @@ -2188,15 +2185,15 @@ --strip-debug $$i; \ objcopy --add-gnu-debuglink $$id $$i; \ else \ - d=$(d_dbg)/usr/lib/debug/.build-id/$${b_id:0:2}; \ - mkdir -p $$d; \ - objcopy --only-keep-debug --compress-debug-sections \ - $$i $$d/$$b_id.debug; \ - chmod 644 $$d/$$b_id.debug; \ - strip --remove-section=.comment --remove-section=.note \ - $$i; \ - objcopy --add-gnu-debuglink \ - $$d/$$b_id.debug $$i; \ + d=usr/lib/debug/.build-id/$${b_id:0:2}; \ + f=$${b_id:2}.debug; \ + mkdir -p $(d_dbg)/$$d; \ + objcopy --only-keep-debug --compress-debug-sections $$i $(d_dbg)/$$d/$$f; \ + chmod 644 $(d_dbg)/$$d/$$f; \ + strip --remove-section=.comment --remove-section=.note $$i; \ + pushd $(d_dbg)/$$d >/dev/null; \ + objcopy --add-gnu-debuglink $$f $(CURDIR)/$$i; \ + popd >/dev/null; \ fi; \ done endif
__ This is the maintainer address of Debian's Java team <http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers>. Please use debian-j...@lists.debian.org for discussions and questions.