changeset 38904:202a2a7b584a

Merge
author duke
date Wed, 05 Jul 2017 21:49:47 +0200
parents 3a36994e91a2 88485e91143a
children 0e3e0e35a5b4
files jdk/src/java.httpclient/share/classes/java/net/http/WSDisposableText.java jdk/src/jdk.crypto.ucrypto/solaris/native/libj2ucrypto/sys_old/crypto/common.h jdk/src/jdk.crypto.ucrypto/solaris/native/libj2ucrypto/sys_old/crypto/spi.h jdk/test/java/security/Security/ClassLoaderDeadlock/CreateSerialized.java jdk/test/java/security/Security/ClassLoaderDeadlock/Deadlock2.java jdk/test/java/security/Security/ClassLoaderDeadlock/Deadlock2.sh jdk/test/sun/net/www/http/ChunkedOutputStream/checkError.java jdk/test/sun/security/provider/SecureRandom/AbstractDrbgSpec.java
diffstat 135 files changed, 3898 insertions(+), 3770 deletions(-) [+]
line wrap: on
line diff
--- a/.hgtags-top-repo	Thu Jun 09 17:28:37 2016 +0000
+++ b/.hgtags-top-repo	Wed Jul 05 21:49:47 2017 +0200
@@ -364,3 +364,4 @@
 3463a3f14f0f0e8a68f29ac6405454f2fa2f598a jdk-9+119
 647e0142a5a52749db572b5e6638d561def6479e jdk-9+120
 cae471d3b87783e0a3deea658e1e1c84b2485b6c jdk-9+121
+346be2df0f5b31d423807f53a719d1b9a67f3354 jdk-9+122
--- a/common/autoconf/basics.m4	Thu Jun 09 17:28:37 2016 +0000
+++ b/common/autoconf/basics.m4	Wed Jul 05 21:49:47 2017 +0200
@@ -99,8 +99,8 @@
   $ECHO "Check if jvm arg is ok: $1" >&AS_MESSAGE_LOG_FD
   $ECHO "Command: $3 $1 -version" >&AS_MESSAGE_LOG_FD
   OUTPUT=`$3 $1 -version 2>&1`
-  FOUND_WARN=`$ECHO "$OUTPUT" | grep -i warn`
-  FOUND_VERSION=`$ECHO $OUTPUT | grep " version \""`
+  FOUND_WARN=`$ECHO "$OUTPUT" | $GREP -i warn`
+  FOUND_VERSION=`$ECHO $OUTPUT | $GREP " version \""`
   if test "x$FOUND_VERSION" != x && test "x$FOUND_WARN" = x; then
     $2="[$]$2 $1"
     JVM_ARG_OK=true
@@ -715,7 +715,7 @@
 
         if test -n "$SDKNAME"; then
           # Call xcodebuild to determine SYSROOT
-          SYSROOT=`"$XCODEBUILD" -sdk $SDKNAME -version | grep '^Path: ' | sed 's/Path: //'`
+          SYSROOT=`"$XCODEBUILD" -sdk $SDKNAME -version | $GREP '^Path: ' | $SED 's/Path: //'`
         fi
       else
         if test $HAVE_SYSTEM_FRAMEWORK_HEADERS -eq 0; then
@@ -994,18 +994,18 @@
   TEST_DELETE=`$FIND "$DELETEDIR" -name TestIfFindSupportsDelete $FIND_DELETE 2>&1`
   if test -f $DELETEDIR/TestIfFindSupportsDelete; then
     # No, it does not.
-    rm $DELETEDIR/TestIfFindSupportsDelete
+    $RM $DELETEDIR/TestIfFindSupportsDelete
     if test "x$OPENJDK_TARGET_OS" = "xaix"; then
       # AIX 'find' is buggy if called with '-exec {} \+' and an empty file list
-      FIND_DELETE="-print | xargs rm"
+      FIND_DELETE="-print | $XARGS $RM"
     else
-      FIND_DELETE="-exec rm \{\} \+"
+      FIND_DELETE="-exec $RM \{\} \+"
     fi
     AC_MSG_RESULT([no])
   else
     AC_MSG_RESULT([yes])
   fi
-  rmdir $DELETEDIR
+  $RMDIR $DELETEDIR
   AC_SUBST(FIND_DELETE)
 ])
 
@@ -1080,10 +1080,10 @@
     if test "x$CODESIGN" != "x"; then
       # Verify that the openjdk_codesign certificate is present
       AC_MSG_CHECKING([if openjdk_codesign certificate is present])
-      rm -f codesign-testfile
-      touch codesign-testfile
-      codesign -s openjdk_codesign codesign-testfile 2>&AS_MESSAGE_LOG_FD >&AS_MESSAGE_LOG_FD || CODESIGN=
-      rm -f codesign-testfile
+      $RM codesign-testfile
+      $TOUCH codesign-testfile
+      $CODESIGN -s openjdk_codesign codesign-testfile 2>&AS_MESSAGE_LOG_FD >&AS_MESSAGE_LOG_FD || CODESIGN=
+      $RM codesign-testfile
       if test "x$CODESIGN" = x; then
         AC_MSG_RESULT([no])
       else
--- a/common/autoconf/basics_windows.m4	Thu Jun 09 17:28:37 2016 +0000
+++ b/common/autoconf/basics_windows.m4	Wed Jul 05 21:49:47 2017 +0200
@@ -330,7 +330,7 @@
     fi
     AC_MSG_CHECKING([cygwin root directory as unix-style path])
     # The cmd output ends with Windows line endings (CR/LF), the grep command will strip that away
-    cygwin_winpath_root=`cd / ; cmd /c cd | grep ".*"`
+    cygwin_winpath_root=`cd / ; cmd /c cd | $GREP ".*"`
     # Force cygpath to report the proper root by including a trailing space, and then stripping it off again.
     CYGWIN_ROOT_PATH=`$CYGPATH -u "$cygwin_winpath_root " | $CUT -f 1 -d " "`
     AC_MSG_RESULT([$CYGWIN_ROOT_PATH])
@@ -349,7 +349,7 @@
 
     AC_MSG_CHECKING([msys root directory as unix-style path])
     # The cmd output ends with Windows line endings (CR/LF), the grep command will strip that away
-    MSYS_ROOT_PATH=`cd / ; cmd /c cd | grep ".*"`
+    MSYS_ROOT_PATH=`cd / ; cmd /c cd | $GREP ".*"`
     BASIC_WINDOWS_REWRITE_AS_UNIX_PATH(MSYS_ROOT_PATH)
     AC_MSG_RESULT([$MSYS_ROOT_PATH])
     WINDOWS_ENV_ROOT_PATH="$MSYS_ROOT_PATH"
@@ -392,7 +392,7 @@
       # Take all collected prefixes and turn them into a -m/c/foo@/c/bar@... command line
       # @ was chosen as separator to minimize risk of other tools messing around with it
       all_unique_prefixes=`echo "${all_fixpath_prefixes@<:@@@:>@}" \
-          | tr ' ' '\n' | grep '^/./' | sort | uniq`
+          | tr ' ' '\n' | $GREP '^/./' | $SORT | $UNIQ`
       fixpath_argument_list=`echo $all_unique_prefixes  | tr ' ' '@'`
       FIXPATH="$FIXPATH_BIN -m$fixpath_argument_list"
     fi
--- a/common/autoconf/boot-jdk.m4	Thu Jun 09 17:28:37 2016 +0000
+++ b/common/autoconf/boot-jdk.m4	Wed Jul 05 21:49:47 2017 +0200
@@ -74,7 +74,7 @@
           BOOT_JDK_FOUND=no
         else
           # Oh, this is looking good! We probably have found a proper JDK. Is it the correct version?
-          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | head -n 1`
+          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | $HEAD -n 1`
 
           # Extra M4 quote needed to protect [] in grep expression.
           [FOUND_CORRECT_VERSION=`$ECHO $BOOT_JDK_VERSION | $EGREP '\"9([\.+-].*)?\"|(1\.[89]\.)'`]
@@ -445,7 +445,7 @@
         BUILD_JDK_FOUND=no
       else
         # Oh, this is looking good! We probably have found a proper JDK. Is it the correct version?
-        BUILD_JDK_VERSION=`"$BUILD_JDK/bin/java" -version 2>&1 | head -n 1`
+        BUILD_JDK_VERSION=`"$BUILD_JDK/bin/java" -version 2>&1 | $HEAD -n 1`
 
         # Extra M4 quote needed to protect [] in grep expression.
         [FOUND_CORRECT_VERSION=`echo $BUILD_JDK_VERSION | $EGREP '\"9([\.+-].*)?\"'`]
--- a/common/autoconf/build-performance.m4	Thu Jun 09 17:28:37 2016 +0000
+++ b/common/autoconf/build-performance.m4	Wed Jul 05 21:49:47 2017 +0200
@@ -383,7 +383,7 @@
       else
         AC_MSG_RESULT([yes])
       fi
-      rm -f conftest.h conftest.hpp.gch
+      $RM conftest.h conftest.hpp.gch
     fi
   fi
 
--- a/common/autoconf/flags.m4	Thu Jun 09 17:28:37 2016 +0000
+++ b/common/autoconf/flags.m4	Wed Jul 05 21:49:47 2017 +0200
@@ -155,7 +155,7 @@
         AC_MSG_RESULT(no)
         COMPILER_COMMAND_FILE_FLAG=
       fi
-      rm -rf command.file
+      $RM command.file
     fi
   fi
   AC_SUBST(COMPILER_TARGET_BITS_FLAG)
--- a/common/autoconf/generated-configure.sh	Thu Jun 09 17:28:37 2016 +0000
+++ b/common/autoconf/generated-configure.sh	Wed Jul 05 21:49:47 2017 +0200
@@ -5092,7 +5092,7 @@
 #CUSTOM_AUTOCONF_INCLUDE
 
 # Do not change or remove the following line, it is needed for consistency checks:
-DATE_WHEN_GENERATED=1464173584
+DATE_WHEN_GENERATED=1465306933
 
 ###############################################################################
 #
@@ -16171,7 +16171,7 @@
     { $as_echo "$as_me:${as_lineno-$LINENO}: checking cygwin root directory as unix-style path" >&5
 $as_echo_n "checking cygwin root directory as unix-style path... " >&6; }
     # The cmd output ends with Windows line endings (CR/LF), the grep command will strip that away
-    cygwin_winpath_root=`cd / ; cmd /c cd | grep ".*"`
+    cygwin_winpath_root=`cd / ; cmd /c cd | $GREP ".*"`
     # Force cygpath to report the proper root by including a trailing space, and then stripping it off again.
     CYGWIN_ROOT_PATH=`$CYGPATH -u "$cygwin_winpath_root " | $CUT -f 1 -d " "`
     { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CYGWIN_ROOT_PATH" >&5
@@ -16194,7 +16194,7 @@
     { $as_echo "$as_me:${as_lineno-$LINENO}: checking msys root directory as unix-style path" >&5
 $as_echo_n "checking msys root directory as unix-style path... " >&6; }
     # The cmd output ends with Windows line endings (CR/LF), the grep command will strip that away
-    MSYS_ROOT_PATH=`cd / ; cmd /c cd | grep ".*"`
+    MSYS_ROOT_PATH=`cd / ; cmd /c cd | $GREP ".*"`
 
   windows_path="$MSYS_ROOT_PATH"
   if test "x$OPENJDK_BUILD_OS_ENV" = "xwindows.cygwin"; then
@@ -17185,7 +17185,7 @@
 
         if test -n "$SDKNAME"; then
           # Call xcodebuild to determine SYSROOT
-          SYSROOT=`"$XCODEBUILD" -sdk $SDKNAME -version | grep '^Path: ' | sed 's/Path: //'`
+          SYSROOT=`"$XCODEBUILD" -sdk $SDKNAME -version | $GREP '^Path: ' | $SED 's/Path: //'`
         fi
       else
         if test $HAVE_SYSTEM_FRAMEWORK_HEADERS -eq 0; then
@@ -21142,12 +21142,12 @@
   TEST_DELETE=`$FIND "$DELETEDIR" -name TestIfFindSupportsDelete $FIND_DELETE 2>&1`
   if test -f $DELETEDIR/TestIfFindSupportsDelete; then
     # No, it does not.
-    rm $DELETEDIR/TestIfFindSupportsDelete
+    $RM $DELETEDIR/TestIfFindSupportsDelete
     if test "x$OPENJDK_TARGET_OS" = "xaix"; then
       # AIX 'find' is buggy if called with '-exec {} \+' and an empty file list
-      FIND_DELETE="-print | xargs rm"
-    else
-      FIND_DELETE="-exec rm \{\} \+"
+      FIND_DELETE="-print | $XARGS $RM"
+    else
+      FIND_DELETE="-exec $RM \{\} \+"
     fi
     { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
 $as_echo "no" >&6; }
@@ -21155,7 +21155,7 @@
     { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
 $as_echo "yes" >&6; }
   fi
-  rmdir $DELETEDIR
+  $RMDIR $DELETEDIR
 
 
 
@@ -23800,10 +23800,10 @@
       # Verify that the openjdk_codesign certificate is present
       { $as_echo "$as_me:${as_lineno-$LINENO}: checking if openjdk_codesign certificate is present" >&5
 $as_echo_n "checking if openjdk_codesign certificate is present... " >&6; }
-      rm -f codesign-testfile
-      touch codesign-testfile
-      codesign -s openjdk_codesign codesign-testfile 2>&5 >&5 || CODESIGN=
-      rm -f codesign-testfile
+      $RM codesign-testfile
+      $TOUCH codesign-testfile
+      $CODESIGN -s openjdk_codesign codesign-testfile 2>&5 >&5 || CODESIGN=
+      $RM codesign-testfile
       if test "x$CODESIGN" = x; then
         { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
 $as_echo "no" >&6; }
@@ -24293,7 +24293,7 @@
   elif test "x$with_copyright_year" != x; then
     COPYRIGHT_YEAR="$with_copyright_year"
   else
-    COPYRIGHT_YEAR=`date +'%Y'`
+    COPYRIGHT_YEAR=`$DATE +'%Y'`
   fi
 
 
@@ -24815,7 +24815,7 @@
           BOOT_JDK_FOUND=no
         else
           # Oh, this is looking good! We probably have found a proper JDK. Is it the correct version?
-          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | head -n 1`
+          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | $HEAD -n 1`
 
           # Extra M4 quote needed to protect [] in grep expression.
           FOUND_CORRECT_VERSION=`$ECHO $BOOT_JDK_VERSION | $EGREP '\"9([\.+-].*)?\"|(1\.[89]\.)'`
@@ -25017,7 +25017,7 @@
           BOOT_JDK_FOUND=no
         else
           # Oh, this is looking good! We probably have found a proper JDK. Is it the correct version?
-          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | head -n 1`
+          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | $HEAD -n 1`
 
           # Extra M4 quote needed to protect [] in grep expression.
           FOUND_CORRECT_VERSION=`$ECHO $BOOT_JDK_VERSION | $EGREP '\"9([\.+-].*)?\"|(1\.[89]\.)'`
@@ -25207,7 +25207,7 @@
           BOOT_JDK_FOUND=no
         else
           # Oh, this is looking good! We probably have found a proper JDK. Is it the correct version?
-          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | head -n 1`
+          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | $HEAD -n 1`
 
           # Extra M4 quote needed to protect [] in grep expression.
           FOUND_CORRECT_VERSION=`$ECHO $BOOT_JDK_VERSION | $EGREP '\"9([\.+-].*)?\"|(1\.[89]\.)'`
@@ -25396,7 +25396,7 @@
           BOOT_JDK_FOUND=no
         else
           # Oh, this is looking good! We probably have found a proper JDK. Is it the correct version?
-          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | head -n 1`
+          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | $HEAD -n 1`
 
           # Extra M4 quote needed to protect [] in grep expression.
           FOUND_CORRECT_VERSION=`$ECHO $BOOT_JDK_VERSION | $EGREP '\"9([\.+-].*)?\"|(1\.[89]\.)'`
@@ -25585,7 +25585,7 @@
           BOOT_JDK_FOUND=no
         else
           # Oh, this is looking good! We probably have found a proper JDK. Is it the correct version?
-          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | head -n 1`
+          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | $HEAD -n 1`
 
           # Extra M4 quote needed to protect [] in grep expression.
           FOUND_CORRECT_VERSION=`$ECHO $BOOT_JDK_VERSION | $EGREP '\"9([\.+-].*)?\"|(1\.[89]\.)'`
@@ -25765,7 +25765,7 @@
           BOOT_JDK_FOUND=no
         else
           # Oh, this is looking good! We probably have found a proper JDK. Is it the correct version?
-          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | head -n 1`
+          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | $HEAD -n 1`
 
           # Extra M4 quote needed to protect [] in grep expression.
           FOUND_CORRECT_VERSION=`$ECHO $BOOT_JDK_VERSION | $EGREP '\"9([\.+-].*)?\"|(1\.[89]\.)'`
@@ -26096,7 +26096,7 @@
           BOOT_JDK_FOUND=no
         else
           # Oh, this is looking good! We probably have found a proper JDK. Is it the correct version?
-          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | head -n 1`
+          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | $HEAD -n 1`
 
           # Extra M4 quote needed to protect [] in grep expression.
           FOUND_CORRECT_VERSION=`$ECHO $BOOT_JDK_VERSION | $EGREP '\"9([\.+-].*)?\"|(1\.[89]\.)'`
@@ -26427,7 +26427,7 @@
           BOOT_JDK_FOUND=no
         else
           # Oh, this is looking good! We probably have found a proper JDK. Is it the correct version?
-          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | head -n 1`
+          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | $HEAD -n 1`
 
           # Extra M4 quote needed to protect [] in grep expression.
           FOUND_CORRECT_VERSION=`$ECHO $BOOT_JDK_VERSION | $EGREP '\"9([\.+-].*)?\"|(1\.[89]\.)'`
@@ -26645,7 +26645,7 @@
           BOOT_JDK_FOUND=no
         else
           # Oh, this is looking good! We probably have found a proper JDK. Is it the correct version?
-          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | head -n 1`
+          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | $HEAD -n 1`
 
           # Extra M4 quote needed to protect [] in grep expression.
           FOUND_CORRECT_VERSION=`$ECHO $BOOT_JDK_VERSION | $EGREP '\"9([\.+-].*)?\"|(1\.[89]\.)'`
@@ -26828,7 +26828,7 @@
           BOOT_JDK_FOUND=no
         else
           # Oh, this is looking good! We probably have found a proper JDK. Is it the correct version?
-          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | head -n 1`
+          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | $HEAD -n 1`
 
           # Extra M4 quote needed to protect [] in grep expression.
           FOUND_CORRECT_VERSION=`$ECHO $BOOT_JDK_VERSION | $EGREP '\"9([\.+-].*)?\"|(1\.[89]\.)'`
@@ -27039,7 +27039,7 @@
           BOOT_JDK_FOUND=no
         else
           # Oh, this is looking good! We probably have found a proper JDK. Is it the correct version?
-          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | head -n 1`
+          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | $HEAD -n 1`
 
           # Extra M4 quote needed to protect [] in grep expression.
           FOUND_CORRECT_VERSION=`$ECHO $BOOT_JDK_VERSION | $EGREP '\"9([\.+-].*)?\"|(1\.[89]\.)'`
@@ -27222,7 +27222,7 @@
           BOOT_JDK_FOUND=no
         else
           # Oh, this is looking good! We probably have found a proper JDK. Is it the correct version?
-          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | head -n 1`
+          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | $HEAD -n 1`
 
           # Extra M4 quote needed to protect [] in grep expression.
           FOUND_CORRECT_VERSION=`$ECHO $BOOT_JDK_VERSION | $EGREP '\"9([\.+-].*)?\"|(1\.[89]\.)'`
@@ -27433,7 +27433,7 @@
           BOOT_JDK_FOUND=no
         else
           # Oh, this is looking good! We probably have found a proper JDK. Is it the correct version?
-          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | head -n 1`
+          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | $HEAD -n 1`
 
           # Extra M4 quote needed to protect [] in grep expression.
           FOUND_CORRECT_VERSION=`$ECHO $BOOT_JDK_VERSION | $EGREP '\"9([\.+-].*)?\"|(1\.[89]\.)'`
@@ -27616,7 +27616,7 @@
           BOOT_JDK_FOUND=no
         else
           # Oh, this is looking good! We probably have found a proper JDK. Is it the correct version?
-          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | head -n 1`
+          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | $HEAD -n 1`
 
           # Extra M4 quote needed to protect [] in grep expression.
           FOUND_CORRECT_VERSION=`$ECHO $BOOT_JDK_VERSION | $EGREP '\"9([\.+-].*)?\"|(1\.[89]\.)'`
@@ -27827,7 +27827,7 @@
           BOOT_JDK_FOUND=no
         else
           # Oh, this is looking good! We probably have found a proper JDK. Is it the correct version?
-          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | head -n 1`
+          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | $HEAD -n 1`
 
           # Extra M4 quote needed to protect [] in grep expression.
           FOUND_CORRECT_VERSION=`$ECHO $BOOT_JDK_VERSION | $EGREP '\"9([\.+-].*)?\"|(1\.[89]\.)'`
@@ -28010,7 +28010,7 @@
           BOOT_JDK_FOUND=no
         else
           # Oh, this is looking good! We probably have found a proper JDK. Is it the correct version?
-          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | head -n 1`
+          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | $HEAD -n 1`
 
           # Extra M4 quote needed to protect [] in grep expression.
           FOUND_CORRECT_VERSION=`$ECHO $BOOT_JDK_VERSION | $EGREP '\"9([\.+-].*)?\"|(1\.[89]\.)'`
@@ -28208,7 +28208,7 @@
           BOOT_JDK_FOUND=no
         else
           # Oh, this is looking good! We probably have found a proper JDK. Is it the correct version?
-          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | head -n 1`
+          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | $HEAD -n 1`
 
           # Extra M4 quote needed to protect [] in grep expression.
           FOUND_CORRECT_VERSION=`$ECHO $BOOT_JDK_VERSION | $EGREP '\"9([\.+-].*)?\"|(1\.[89]\.)'`
@@ -28389,7 +28389,7 @@
           BOOT_JDK_FOUND=no
         else
           # Oh, this is looking good! We probably have found a proper JDK. Is it the correct version?
-          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | head -n 1`
+          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | $HEAD -n 1`
 
           # Extra M4 quote needed to protect [] in grep expression.
           FOUND_CORRECT_VERSION=`$ECHO $BOOT_JDK_VERSION | $EGREP '\"9([\.+-].*)?\"|(1\.[89]\.)'`
@@ -28588,7 +28588,7 @@
           BOOT_JDK_FOUND=no
         else
           # Oh, this is looking good! We probably have found a proper JDK. Is it the correct version?
-          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | head -n 1`
+          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | $HEAD -n 1`
 
           # Extra M4 quote needed to protect [] in grep expression.
           FOUND_CORRECT_VERSION=`$ECHO $BOOT_JDK_VERSION | $EGREP '\"9([\.+-].*)?\"|(1\.[89]\.)'`
@@ -28769,7 +28769,7 @@
           BOOT_JDK_FOUND=no
         else
           # Oh, this is looking good! We probably have found a proper JDK. Is it the correct version?
-          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | head -n 1`
+          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | $HEAD -n 1`
 
           # Extra M4 quote needed to protect [] in grep expression.
           FOUND_CORRECT_VERSION=`$ECHO $BOOT_JDK_VERSION | $EGREP '\"9([\.+-].*)?\"|(1\.[89]\.)'`
@@ -28967,7 +28967,7 @@
           BOOT_JDK_FOUND=no
         else
           # Oh, this is looking good! We probably have found a proper JDK. Is it the correct version?
-          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | head -n 1`
+          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | $HEAD -n 1`
 
           # Extra M4 quote needed to protect [] in grep expression.
           FOUND_CORRECT_VERSION=`$ECHO $BOOT_JDK_VERSION | $EGREP '\"9([\.+-].*)?\"|(1\.[89]\.)'`
@@ -29148,7 +29148,7 @@
           BOOT_JDK_FOUND=no
         else
           # Oh, this is looking good! We probably have found a proper JDK. Is it the correct version?
-          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | head -n 1`
+          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | $HEAD -n 1`
 
           # Extra M4 quote needed to protect [] in grep expression.
           FOUND_CORRECT_VERSION=`$ECHO $BOOT_JDK_VERSION | $EGREP '\"9([\.+-].*)?\"|(1\.[89]\.)'`
@@ -29347,7 +29347,7 @@
           BOOT_JDK_FOUND=no
         else
           # Oh, this is looking good! We probably have found a proper JDK. Is it the correct version?
-          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | head -n 1`
+          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | $HEAD -n 1`
 
           # Extra M4 quote needed to protect [] in grep expression.
           FOUND_CORRECT_VERSION=`$ECHO $BOOT_JDK_VERSION | $EGREP '\"9([\.+-].*)?\"|(1\.[89]\.)'`
@@ -29528,7 +29528,7 @@
           BOOT_JDK_FOUND=no
         else
           # Oh, this is looking good! We probably have found a proper JDK. Is it the correct version?
-          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | head -n 1`
+          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | $HEAD -n 1`
 
           # Extra M4 quote needed to protect [] in grep expression.
           FOUND_CORRECT_VERSION=`$ECHO $BOOT_JDK_VERSION | $EGREP '\"9([\.+-].*)?\"|(1\.[89]\.)'`
@@ -29708,7 +29708,7 @@
           BOOT_JDK_FOUND=no
         else
           # Oh, this is looking good! We probably have found a proper JDK. Is it the correct version?
-          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | head -n 1`
+          BOOT_JDK_VERSION=`"$BOOT_JDK/bin/java" -version 2>&1 | $HEAD -n 1`
 
           # Extra M4 quote needed to protect [] in grep expression.
           FOUND_CORRECT_VERSION=`$ECHO $BOOT_JDK_VERSION | $EGREP '\"9([\.+-].*)?\"|(1\.[89]\.)'`
@@ -30612,8 +30612,8 @@
   $ECHO "Check if jvm arg is ok: -Xpatch:foo=bar" >&5
   $ECHO "Command: $JAVA -Xpatch:foo=bar -version" >&5
   OUTPUT=`$JAVA -Xpatch:foo=bar -version 2>&1`
-  FOUND_WARN=`$ECHO "$OUTPUT" | grep -i warn`
-  FOUND_VERSION=`$ECHO $OUTPUT | grep " version \""`
+  FOUND_WARN=`$ECHO "$OUTPUT" | $GREP -i warn`
+  FOUND_VERSION=`$ECHO $OUTPUT | $GREP " version \""`
   if test "x$FOUND_VERSION" != x && test "x$FOUND_WARN" = x; then
     dummy="$dummy -Xpatch:foo=bar"
     JVM_ARG_OK=true
@@ -30697,7 +30697,7 @@
         BUILD_JDK_FOUND=no
       else
         # Oh, this is looking good! We probably have found a proper JDK. Is it the correct version?
-        BUILD_JDK_VERSION=`"$BUILD_JDK/bin/java" -version 2>&1 | head -n 1`
+        BUILD_JDK_VERSION=`"$BUILD_JDK/bin/java" -version 2>&1 | $HEAD -n 1`
 
         # Extra M4 quote needed to protect [] in grep expression.
         FOUND_CORRECT_VERSION=`echo $BUILD_JDK_VERSION | $EGREP '\"9([\.+-].*)?\"'`
@@ -47860,7 +47860,7 @@
 $as_echo "yes" >&6; }
       USING_BROKEN_SUSE_LD=yes
     fi
-    rm -rf version-script.map main.c a.out
+    $RM version-script.map main.c a.out
   fi
 
 
@@ -48294,7 +48294,7 @@
 $as_echo "no" >&6; }
         COMPILER_COMMAND_FILE_FLAG=
       fi
-      rm -rf command.file
+      $RM command.file
     fi
   fi
 
@@ -53498,7 +53498,7 @@
       # Take all collected prefixes and turn them into a -m/c/foo@/c/bar@... command line
       # @ was chosen as separator to minimize risk of other tools messing around with it
       all_unique_prefixes=`echo "${all_fixpath_prefixes[@]}" \
-          | tr ' ' '\n' | grep '^/./' | sort | uniq`
+          | tr ' ' '\n' | $GREP '^/./' | $SORT | $UNIQ`
       fixpath_argument_list=`echo $all_unique_prefixes  | tr ' ' '@'`
       FIXPATH="$FIXPATH_BIN -m$fixpath_argument_list"
     fi
@@ -63947,7 +63947,7 @@
         fi
       fi
     done
-    llvm_version=$("${LLVM_CONFIG}" --version | sed 's/\.//; s/svn.*//')
+    llvm_version=$("${LLVM_CONFIG}" --version | $SED 's/\.//; s/svn.*//')
     LLVM_CFLAGS="${LLVM_CFLAGS} -DSHARK_LLVM_VERSION=${llvm_version}"
 
     unset LLVM_LDFLAGS
@@ -65050,8 +65050,8 @@
   $ECHO "Check if jvm arg is ok: -XX:-PrintVMOptions -XX:-UnlockDiagnosticVMOptions -XX:-LogVMOutput" >&5
   $ECHO "Command: $JAVA -XX:-PrintVMOptions -XX:-UnlockDiagnosticVMOptions -XX:-LogVMOutput -version" >&5
   OUTPUT=`$JAVA -XX:-PrintVMOptions -XX:-UnlockDiagnosticVMOptions -XX:-LogVMOutput -version 2>&1`
-  FOUND_WARN=`$ECHO "$OUTPUT" | grep -i warn`
-  FOUND_VERSION=`$ECHO $OUTPUT | grep " version \""`
+  FOUND_WARN=`$ECHO "$OUTPUT" | $GREP -i warn`
+  FOUND_VERSION=`$ECHO $OUTPUT | $GREP " version \""`
   if test "x$FOUND_VERSION" != x && test "x$FOUND_WARN" = x; then
     boot_jdk_jvmargs="$boot_jdk_jvmargs -XX:-PrintVMOptions -XX:-UnlockDiagnosticVMOptions -XX:-LogVMOutput"
     JVM_ARG_OK=true
@@ -65067,8 +65067,8 @@
   $ECHO "Check if jvm arg is ok: $with_boot_jdk_jvmargs" >&5
   $ECHO "Command: $JAVA $with_boot_jdk_jvmargs -version" >&5
   OUTPUT=`$JAVA $with_boot_jdk_jvmargs -version 2>&1`
-  FOUND_WARN=`$ECHO "$OUTPUT" | grep -i warn`
-  FOUND_VERSION=`$ECHO $OUTPUT | grep " version \""`
+  FOUND_WARN=`$ECHO "$OUTPUT" | $GREP -i warn`
+  FOUND_VERSION=`$ECHO $OUTPUT | $GREP " version \""`
   if test "x$FOUND_VERSION" != x && test "x$FOUND_WARN" = x; then
     boot_jdk_jvmargs="$boot_jdk_jvmargs $with_boot_jdk_jvmargs"
     JVM_ARG_OK=true
@@ -65095,8 +65095,8 @@
   $ECHO "Check if jvm arg is ok: -Xms64M" >&5
   $ECHO "Command: $JAVA -Xms64M -version" >&5
   OUTPUT=`$JAVA -Xms64M -version 2>&1`
-  FOUND_WARN=`$ECHO "$OUTPUT" | grep -i warn`
-  FOUND_VERSION=`$ECHO $OUTPUT | grep " version \""`
+  FOUND_WARN=`$ECHO "$OUTPUT" | $GREP -i warn`
+  FOUND_VERSION=`$ECHO $OUTPUT | $GREP " version \""`
   if test "x$FOUND_VERSION" != x && test "x$FOUND_WARN" = x; then
     boot_jdk_jvmargs_big="$boot_jdk_jvmargs_big -Xms64M"
     JVM_ARG_OK=true
@@ -65130,8 +65130,8 @@
   $ECHO "Check if jvm arg is ok: -Xmx${JVM_MAX_HEAP}M" >&5
   $ECHO "Command: $JAVA -Xmx${JVM_MAX_HEAP}M -version" >&5
   OUTPUT=`$JAVA -Xmx${JVM_MAX_HEAP}M -version 2>&1`
-  FOUND_WARN=`$ECHO "$OUTPUT" | grep -i warn`
-  FOUND_VERSION=`$ECHO $OUTPUT | grep " version \""`
+  FOUND_WARN=`$ECHO "$OUTPUT" | $GREP -i warn`
+  FOUND_VERSION=`$ECHO $OUTPUT | $GREP " version \""`
   if test "x$FOUND_VERSION" != x && test "x$FOUND_WARN" = x; then
     boot_jdk_jvmargs_big="$boot_jdk_jvmargs_big -Xmx${JVM_MAX_HEAP}M"
     JVM_ARG_OK=true
@@ -65145,8 +65145,8 @@
   $ECHO "Check if jvm arg is ok: -XX:ThreadStackSize=$STACK_SIZE" >&5
   $ECHO "Command: $JAVA -XX:ThreadStackSize=$STACK_SIZE -version" >&5
   OUTPUT=`$JAVA -XX:ThreadStackSize=$STACK_SIZE -version 2>&1`
-  FOUND_WARN=`$ECHO "$OUTPUT" | grep -i warn`
-  FOUND_VERSION=`$ECHO $OUTPUT | grep " version \""`
+  FOUND_WARN=`$ECHO "$OUTPUT" | $GREP -i warn`
+  FOUND_VERSION=`$ECHO $OUTPUT | $GREP " version \""`
   if test "x$FOUND_VERSION" != x && test "x$FOUND_WARN" = x; then
     boot_jdk_jvmargs_big="$boot_jdk_jvmargs_big -XX:ThreadStackSize=$STACK_SIZE"
     JVM_ARG_OK=true
@@ -65175,8 +65175,8 @@
   $ECHO "Check if jvm arg is ok: -XX:+UseSerialGC" >&5
   $ECHO "Command: $JAVA -XX:+UseSerialGC -version" >&5
   OUTPUT=`$JAVA -XX:+UseSerialGC -version 2>&1`
-  FOUND_WARN=`$ECHO "$OUTPUT" | grep -i warn`
-  FOUND_VERSION=`$ECHO $OUTPUT | grep " version \""`
+  FOUND_WARN=`$ECHO "$OUTPUT" | $GREP -i warn`
+  FOUND_VERSION=`$ECHO $OUTPUT | $GREP " version \""`
   if test "x$FOUND_VERSION" != x && test "x$FOUND_WARN" = x; then
     boot_jdk_jvmargs_small="$boot_jdk_jvmargs_small -XX:+UseSerialGC"
     JVM_ARG_OK=true
@@ -65190,8 +65190,8 @@
   $ECHO "Check if jvm arg is ok: -Xms32M" >&5
   $ECHO "Command: $JAVA -Xms32M -version" >&5
   OUTPUT=`$JAVA -Xms32M -version 2>&1`
-  FOUND_WARN=`$ECHO "$OUTPUT" | grep -i warn`
-  FOUND_VERSION=`$ECHO $OUTPUT | grep " version \""`
+  FOUND_WARN=`$ECHO "$OUTPUT" | $GREP -i warn`
+  FOUND_VERSION=`$ECHO $OUTPUT | $GREP " version \""`
   if test "x$FOUND_VERSION" != x && test "x$FOUND_WARN" = x; then
     boot_jdk_jvmargs_small="$boot_jdk_jvmargs_small -Xms32M"
     JVM_ARG_OK=true
@@ -65205,8 +65205,8 @@
   $ECHO "Check if jvm arg is ok: -Xmx512M" >&5
   $ECHO "Command: $JAVA -Xmx512M -version" >&5
   OUTPUT=`$JAVA -Xmx512M -version 2>&1`
-  FOUND_WARN=`$ECHO "$OUTPUT" | grep -i warn`
-  FOUND_VERSION=`$ECHO $OUTPUT | grep " version \""`
+  FOUND_WARN=`$ECHO "$OUTPUT" | $GREP -i warn`
+  FOUND_VERSION=`$ECHO $OUTPUT | $GREP " version \""`
   if test "x$FOUND_VERSION" != x && test "x$FOUND_WARN" = x; then
     boot_jdk_jvmargs_small="$boot_jdk_jvmargs_small -Xmx512M"
     JVM_ARG_OK=true
@@ -65220,8 +65220,8 @@
   $ECHO "Check if jvm arg is ok: -XX:TieredStopAtLevel=1" >&5
   $ECHO "Command: $JAVA -XX:TieredStopAtLevel=1 -version" >&5
   OUTPUT=`$JAVA -XX:TieredStopAtLevel=1 -version 2>&1`
-  FOUND_WARN=`$ECHO "$OUTPUT" | grep -i warn`
-  FOUND_VERSION=`$ECHO $OUTPUT | grep " version \""`
+  FOUND_WARN=`$ECHO "$OUTPUT" | $GREP -i warn`
+  FOUND_VERSION=`$ECHO $OUTPUT | $GREP " version \""`
   if test "x$FOUND_VERSION" != x && test "x$FOUND_WARN" = x; then
     boot_jdk_jvmargs_small="$boot_jdk_jvmargs_small -XX:TieredStopAtLevel=1"
     JVM_ARG_OK=true
@@ -65270,8 +65270,8 @@
   $ECHO "Check if jvm arg is ok: -d64" >&5
   $ECHO "Command: $SJAVAC_SERVER_JAVA -d64 -version" >&5
   OUTPUT=`$SJAVAC_SERVER_JAVA -d64 -version 2>&1`
-  FOUND_WARN=`$ECHO "$OUTPUT" | grep -i warn`
-  FOUND_VERSION=`$ECHO $OUTPUT | grep " version \""`
+  FOUND_WARN=`$ECHO "$OUTPUT" | $GREP -i warn`
+  FOUND_VERSION=`$ECHO $OUTPUT | $GREP " version \""`
   if test "x$FOUND_VERSION" != x && test "x$FOUND_WARN" = x; then
     SJAVAC_SERVER_JAVA_FLAGS="$SJAVAC_SERVER_JAVA_FLAGS -d64"
     JVM_ARG_OK=true
@@ -65308,8 +65308,8 @@
   $ECHO "Check if jvm arg is ok: -Xms${MS_VALUE}M -Xmx${MX_VALUE}M" >&5
   $ECHO "Command: $SJAVAC_SERVER_JAVA -Xms${MS_VALUE}M -Xmx${MX_VALUE}M -version" >&5
   OUTPUT=`$SJAVAC_SERVER_JAVA -Xms${MS_VALUE}M -Xmx${MX_VALUE}M -version 2>&1`
-  FOUND_WARN=`$ECHO "$OUTPUT" | grep -i warn`
-  FOUND_VERSION=`$ECHO $OUTPUT | grep " version \""`
+  FOUND_WARN=`$ECHO "$OUTPUT" | $GREP -i warn`
+  FOUND_VERSION=`$ECHO $OUTPUT | $GREP " version \""`
   if test "x$FOUND_VERSION" != x && test "x$FOUND_WARN" = x; then
     SJAVAC_SERVER_JAVA_FLAGS="$SJAVAC_SERVER_JAVA_FLAGS -Xms${MS_VALUE}M -Xmx${MX_VALUE}M"
     JVM_ARG_OK=true
@@ -66140,7 +66140,7 @@
         { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
 $as_echo "yes" >&6; }
       fi
-      rm -f conftest.h conftest.hpp.gch
+      $RM conftest.h conftest.hpp.gch
     fi
   fi
 
--- a/common/autoconf/jdk-options.m4	Thu Jun 09 17:28:37 2016 +0000
+++ b/common/autoconf/jdk-options.m4	Wed Jul 05 21:49:47 2017 +0200
@@ -224,7 +224,7 @@
   elif test "x$with_copyright_year" != x; then
     COPYRIGHT_YEAR="$with_copyright_year"
   else
-    COPYRIGHT_YEAR=`date +'%Y'`
+    COPYRIGHT_YEAR=`$DATE +'%Y'`
   fi
   AC_SUBST(COPYRIGHT_YEAR)
 ])
--- a/common/autoconf/libraries.m4	Thu Jun 09 17:28:37 2016 +0000
+++ b/common/autoconf/libraries.m4	Wed Jul 05 21:49:47 2017 +0200
@@ -122,7 +122,7 @@
         fi
       fi
     done
-    llvm_version=$("${LLVM_CONFIG}" --version | sed 's/\.//; s/svn.*//')
+    llvm_version=$("${LLVM_CONFIG}" --version | $SED 's/\.//; s/svn.*//')
     LLVM_CFLAGS="${LLVM_CFLAGS} -DSHARK_LLVM_VERSION=${llvm_version}"
 
     unset LLVM_LDFLAGS
--- a/common/autoconf/toolchain.m4	Thu Jun 09 17:28:37 2016 +0000
+++ b/common/autoconf/toolchain.m4	Wed Jul 05 21:49:47 2017 +0200
@@ -934,7 +934,7 @@
       AC_MSG_RESULT(yes)
       USING_BROKEN_SUSE_LD=yes
     fi
-    rm -rf version-script.map main.c a.out
+    $RM version-script.map main.c a.out
   fi
   AC_SUBST(USING_BROKEN_SUSE_LD)
 
--- a/corba/.hgtags	Thu Jun 09 17:28:37 2016 +0000
+++ b/corba/.hgtags	Wed Jul 05 21:49:47 2017 +0200
@@ -364,3 +364,4 @@
 daf533920b1266603b5cbdab31908d2a931c5361 jdk-9+119
 5943b791e131e79b969d4cea053aecda34801723 jdk-9+120
 9a5fc5a27560ac272c1341f8f3838338fba49059 jdk-9+121
+a39131aafc51a6fd8836e6ebe1b04458702ce7d6 jdk-9+122
--- a/hotspot/.hgtags	Thu Jun 09 17:28:37 2016 +0000
+++ b/hotspot/.hgtags	Wed Jul 05 21:49:47 2017 +0200
@@ -524,3 +524,4 @@
 15f3fe264872766bcb205696198f0c1502420e17 jdk-9+119
 0be6f4f5d18671184e62583668cb1d783dffa128 jdk-9+120
 7e293105dbb0789a468655f81320c891f491f371 jdk-9+121
+af6b4ad908e732d23021f12e8322b204433d5cf6 jdk-9+122
--- a/jdk/.hgtags	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/.hgtags	Wed Jul 05 21:49:47 2017 +0200
@@ -364,3 +364,4 @@
 bad3f8a33db271a6143ba6eac0c8bd5bbd942417 jdk-9+119
 b9a518bf72516954e57ac2f6e3ef21e13008f1cd jdk-9+120
 ee29aaab5889555ea56e4c0ed690aabb7613529d jdk-9+121
+981ae344923f09c46d8d1d5a3ed9fa71deafe0c6 jdk-9+122
--- a/jdk/src/java.base/share/classes/java/lang/System.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.base/share/classes/java/lang/System.java	Wed Jul 05 21:49:47 2017 +0200
@@ -1942,6 +1942,10 @@
      * the application classpath or modulepath.
      */
     private static void initPhase3() {
+        // Initialize publicLookup early, to avoid bootstrapping circularities
+        // with security manager using java.lang.invoke infrastructure.
+        java.lang.invoke.MethodHandles.publicLookup();
+
         // set security manager
         String cn = System.getProperty("java.security.manager");
         if (cn != null) {
--- a/jdk/src/java.base/share/classes/java/lang/invoke/MethodHandles.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.base/share/classes/java/lang/invoke/MethodHandles.java	Wed Jul 05 21:49:47 2017 +0200
@@ -2204,15 +2204,7 @@
             }
         }
 
-        private static final Class<?> PUBLIC_LOOKUP_CLASS;
-        static {
-            PrivilegedAction<Class<?>> pa = new PrivilegedAction<Class<?>>() {
-                public Class<?> run() {
-                    return createClass();
-                }
-            };
-            PUBLIC_LOOKUP_CLASS = AccessController.doPrivileged(pa);
-        }
+        private static final Class<?> PUBLIC_LOOKUP_CLASS = createClass();
 
         /**
          * Lookup that is trusted minimally. It can only be used to create
--- a/jdk/src/java.base/share/classes/java/lang/invoke/StringConcatFactory.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.base/share/classes/java/lang/invoke/StringConcatFactory.java	Wed Jul 05 21:49:47 2017 +0200
@@ -1733,41 +1733,32 @@
             // no instantiation
         }
 
-        // This one is deliberately non-lambdified to optimize startup time:
-        private static final Function<Class<?>, MethodHandle> MOST = new Function<Class<?>, MethodHandle>() {
+        private static class StringifierMost extends ClassValue<MethodHandle> {
             @Override
-            public MethodHandle apply(Class<?> cl) {
-                MethodHandle mhObject = lookupStatic(MethodHandles.publicLookup(), String.class, "valueOf", String.class, Object.class);
-
-                // We need the additional conversion here, because String.valueOf(Object) may return null.
-                // String conversion rules in Java state we need to produce "null" String in this case.
-                // It can be easily done with applying valueOf the second time.
-                MethodHandle mhObjectNoNulls = MethodHandles.filterReturnValue(mhObject,
-                        mhObject.asType(MethodType.methodType(String.class, String.class)));
-
+            protected MethodHandle computeValue(Class<?> cl) {
                 if (cl == String.class) {
-                    return mhObject;
+                    return lookupStatic(MethodHandles.publicLookup(), String.class, "valueOf", String.class, Object.class);
                 } else if (cl == float.class) {
                     return lookupStatic(MethodHandles.publicLookup(), String.class, "valueOf", String.class, float.class);
                 } else if (cl == double.class) {
                     return lookupStatic(MethodHandles.publicLookup(), String.class, "valueOf", String.class, double.class);
                 } else if (!cl.isPrimitive()) {
-                    return mhObjectNoNulls;
+                    MethodHandle mhObject = lookupStatic(MethodHandles.publicLookup(), String.class, "valueOf", String.class, Object.class);
+
+                    // We need the additional conversion here, because String.valueOf(Object) may return null.
+                    // String conversion rules in Java state we need to produce "null" String in this case.
+                    // It can be easily done with applying valueOf the second time.
+                    return MethodHandles.filterReturnValue(mhObject,
+                            mhObject.asType(MethodType.methodType(String.class, String.class)));
                 }
 
                 return null;
             }
-        };
+        }
 
-        // This one is deliberately non-lambdified to optimize startup time:
-        private static final Function<Class<?>, MethodHandle> ANY = new Function<Class<?>, MethodHandle>() {
+        private static class StringifierAny extends ClassValue<MethodHandle> {
             @Override
-            public MethodHandle apply(Class<?> cl) {
-                MethodHandle mh = MOST.apply(cl);
-                if (mh != null) {
-                    return mh;
-                }
-
+            protected MethodHandle computeValue(Class<?> cl) {
                 if (cl == byte.class || cl == short.class || cl == int.class) {
                     return lookupStatic(MethodHandles.publicLookup(), String.class, "valueOf", String.class, int.class);
                 } else if (cl == boolean.class) {
@@ -1777,13 +1768,18 @@
                 } else if (cl == long.class) {
                     return lookupStatic(MethodHandles.publicLookup(), String.class, "valueOf", String.class, long.class);
                 } else {
-                    throw new IllegalStateException("Unknown class: " + cl);
+                    MethodHandle mh = STRINGIFIERS_MOST.get(cl);
+                    if (mh != null) {
+                        return mh;
+                    } else {
+                        throw new IllegalStateException("Unknown class: " + cl);
+                    }
                 }
             }
-        };
+        }
 
-        private static final ConcurrentMap<Class<?>, MethodHandle> STRINGIFIERS_MOST = new ConcurrentHashMap<>();
-        private static final ConcurrentMap<Class<?>, MethodHandle> STRINGIFIERS_ANY = new ConcurrentHashMap<>();
+        private static final ClassValue<MethodHandle> STRINGIFIERS_MOST = new StringifierMost();
+        private static final ClassValue<MethodHandle> STRINGIFIERS_ANY = new StringifierAny();
 
         /**
          * Returns a stringifier for references and floats/doubles only.
@@ -1793,7 +1789,7 @@
          * @return stringifier; null, if not available
          */
         static MethodHandle forMost(Class<?> t) {
-            return STRINGIFIERS_MOST.computeIfAbsent(t, MOST);
+            return STRINGIFIERS_MOST.get(t);
         }
 
         /**
@@ -1803,7 +1799,7 @@
          * @return stringifier
          */
         static MethodHandle forAny(Class<?> t) {
-            return STRINGIFIERS_ANY.computeIfAbsent(t, ANY);
+            return STRINGIFIERS_ANY.get(t);
         }
     }
 
--- a/jdk/src/java.base/share/classes/java/lang/module/ModuleDescriptor.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.base/share/classes/java/lang/module/ModuleDescriptor.java	Wed Jul 05 21:49:47 2017 +0200
@@ -790,10 +790,10 @@
     private final String osName;
     private final String osArch;
     private final String osVersion;
-    private final Set<String> conceals;
     private final Set<String> packages;
     private final ModuleHashes hashes;
 
+
     private ModuleDescriptor(String name,
                              boolean automatic,
                              boolean synthetic,
@@ -806,7 +806,7 @@
                              String osName,
                              String osArch,
                              String osVersion,
-                             Set<String> conceals,
+                             Set<String> packages,
                              ModuleHashes hashes)
     {
 
@@ -836,10 +836,7 @@
         this.osVersion = osVersion;
         this.hashes = hashes;
 
-        assert !exports.keySet().stream().anyMatch(conceals::contains)
-            : "Module " + name + ": Package sets overlap";
-        this.conceals = emptyOrUnmodifiableSet(conceals);
-        this.packages = computePackages(this.exports, this.conceals);
+        this.packages = emptyOrUnmodifiableSet(packages);
     }
 
     /**
@@ -862,8 +859,9 @@
         this.osVersion = md.osVersion;
         this.hashes = null; // need to ignore
 
-        this.packages = emptyOrUnmodifiableSet(pkgs);
-        this.conceals = computeConcealedPackages(this.exports, this.packages);
+        Set<String> packages = new HashSet<>(md.packages);
+        packages.addAll(pkgs);
+        this.packages = emptyOrUnmodifiableSet(packages);
     }
 
     /**
@@ -882,7 +880,6 @@
                      String osName,
                      String osArch,
                      String osVersion,
-                     Set<String> conceals,
                      Set<String> packages,
                      ModuleHashes hashes) {
         this.name = name;
@@ -892,7 +889,6 @@
         this.exports = Collections.unmodifiableSet(exports);
         this.uses = Collections.unmodifiableSet(uses);
         this.provides = Collections.unmodifiableMap(provides);
-        this.conceals = Collections.unmodifiableSet(conceals);
         this.packages = Collections.unmodifiableSet(packages);
 
         this.version = version;
@@ -1055,7 +1051,9 @@
      * @return A possibly-empty unmodifiable set of the concealed packages
      */
     public Set<String> conceals() {
-        return conceals;
+        Set<String> conceals = new HashSet<>(packages);
+        exports.stream().map(Exports::source).forEach(conceals::remove);
+        return emptyOrUnmodifiableSet(conceals);
     }
 
     /**
@@ -1605,6 +1603,8 @@
         public ModuleDescriptor build() {
             assert name != null;
 
+            Set<String> packages = new HashSet<>(conceals);
+            packages.addAll(exportedPackages());
             return new ModuleDescriptor(name,
                                         automatic,
                                         synthetic,
@@ -1617,7 +1617,7 @@
                                         osName,
                                         osArch,
                                         osVersion,
-                                        conceals,
+                                        packages,
                                         hashes);
         }
 
@@ -1692,7 +1692,7 @@
                 && Objects.equals(osName, that.osName)
                 && Objects.equals(osArch, that.osArch)
                 && Objects.equals(osVersion, that.osVersion)
-                && Objects.equals(conceals, that.conceals)
+                && Objects.equals(packages, that.packages)
                 && Objects.equals(hashes, that.hashes));
     }
 
@@ -1723,7 +1723,7 @@
             hc = hc * 43 + Objects.hashCode(osName);
             hc = hc * 43 + Objects.hashCode(osArch);
             hc = hc * 43 + Objects.hashCode(osVersion);
-            hc = hc * 43 + Objects.hashCode(conceals);
+            hc = hc * 43 + Objects.hashCode(packages);
             hc = hc * 43 + Objects.hashCode(hashes);
             if (hc == 0)
                 hc = -1;
@@ -1879,37 +1879,6 @@
         return ModuleInfo.read(bb, null);
     }
 
-
-    /**
-     * Computes the set of packages from exports and concealed packages.
-     * It returns the concealed packages set if there is no exported package.
-     */
-    private static Set<String> computePackages(Set<Exports> exports,
-                                               Set<String> conceals)
-    {
-        if (exports.isEmpty())
-            return conceals;
-
-        Set<String> pkgs = new HashSet<>(conceals);
-        exports.stream().map(Exports::source).forEach(pkgs::add);
-        return emptyOrUnmodifiableSet(pkgs);
-    }
-
-    /**
-     * Computes the set of concealed packages from exports and all packages.
-     * It returns the packages set if there are no exported packages.
-     */
-    private static Set<String> computeConcealedPackages(Set<Exports> exports,
-                                                        Set<String> pkgs)
-    {
-        if (exports.isEmpty())
-            return pkgs;
-
-        Set<String> conceals = new HashSet<>(pkgs);
-        exports.stream().map(Exports::source).forEach(conceals::remove);
-        return emptyOrUnmodifiableSet(conceals);
-    }
-
     private static <K,V> Map<K,V> emptyOrUnmodifiableMap(Map<K,V> map) {
         if (map.isEmpty()) {
             return Collections.emptyMap();
@@ -1975,14 +1944,14 @@
                                                             boolean automatic,
                                                             boolean synthetic,
                                                             Set<Requires> requires,
-                                                            Set<String> uses, Set<Exports> exports,
+                                                            Set<String> uses,
+                                                            Set<Exports> exports,
                                                             Map<String, Provides> provides,
                                                             Version version,
                                                             String mainClass,
                                                             String osName,
                                                             String osArch,
                                                             String osVersion,
-                                                            Set<String> conceals,
                                                             Set<String> packages,
                                                             ModuleHashes hashes) {
                     return new ModuleDescriptor(name,
@@ -1997,7 +1966,6 @@
                                                 osName,
                                                 osArch,
                                                 osVersion,
-                                                conceals,
                                                 packages,
                                                 hashes);
                 }
--- a/jdk/src/java.base/share/classes/java/lang/reflect/Method.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.base/share/classes/java/lang/reflect/Method.java	Wed Jul 05 21:49:47 2017 +0200
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -30,6 +30,8 @@
 import jdk.internal.reflect.CallerSensitive;
 import jdk.internal.reflect.MethodAccessor;
 import jdk.internal.reflect.Reflection;
+import sun.reflect.annotation.ExceptionProxy;
+import sun.reflect.annotation.TypeNotPresentExceptionProxy;
 import sun.reflect.generics.repository.MethodRepository;
 import sun.reflect.generics.factory.CoreReflectionFactory;
 import sun.reflect.generics.factory.GenericsFactory;
@@ -641,8 +643,13 @@
             SharedSecrets.getJavaLangAccess().
                 getConstantPool(getDeclaringClass()),
             getDeclaringClass());
-        if (result instanceof sun.reflect.annotation.ExceptionProxy)
+        if (result instanceof ExceptionProxy) {
+            if (result instanceof TypeNotPresentExceptionProxy) {
+                TypeNotPresentExceptionProxy proxy = (TypeNotPresentExceptionProxy)result;
+                throw new TypeNotPresentException(proxy.typeName(), proxy.getCause());
+            }
             throw new AnnotationFormatError("Invalid default: " + this);
+        }
         return result;
     }
 
--- a/jdk/src/java.base/share/classes/java/net/URI.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.base/share/classes/java/net/URI.java	Wed Jul 05 21:49:47 2017 +0200
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -92,9 +92,9 @@
  * URIs are:
  *
  * <blockquote>
- * {@code http://java.sun.com/j2se/1.3/}<br>
- * {@code docs/guide/collections/designfaq.html#28}<br>
- * {@code ../../../demo/jfc/SwingSet2/src/SwingSet2.java}<br>
+ * {@code http://example.com/languages/java/}<br>
+ * {@code sample/a/index.html#28}<br>
+ * {@code ../../demo/b/index.html}<br>
  * {@code file:///~/calendar}
  * </blockquote>
  *
@@ -178,28 +178,28 @@
  * normalized.  The result, for example, of resolving
  *
  * <blockquote>
- * {@code docs/guide/collections/designfaq.html#28}
+ * {@code sample/a/index.html#28}
  * &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
  * &nbsp;&nbsp;&nbsp;&nbsp;(1)
  * </blockquote>
  *
- * against the base URI {@code http://java.sun.com/j2se/1.3/} is the result
+ * against the base URI {@code http://example.com/languages/java/} is the result
  * URI
  *
  * <blockquote>
- * {@code http://docs.oracle.com/javase/1.3/docs/guide/collections/designfaq.html#28}
+ * {@code http://example.com/languages/java/sample/a/index.html#28}
  * </blockquote>
  *
  * Resolving the relative URI
  *
  * <blockquote>
- * {@code ../../../demo/jfc/SwingSet2/src/SwingSet2.java}&nbsp;&nbsp;&nbsp;&nbsp;(2)
+ * {@code ../../demo/b/index.html}&nbsp;&nbsp;&nbsp;&nbsp;(2)
  * </blockquote>
  *
  * against this result yields, in turn,
  *
  * <blockquote>
- * {@code http://java.sun.com/j2se/1.3/demo/jfc/SwingSet2/src/SwingSet2.java}
+ * {@code http://example.com/languages/java/demo/b/index.html}
  * </blockquote>
  *
  * Resolution of both absolute and relative URIs, and of both absolute and
@@ -210,7 +210,7 @@
  * URI
  *
  * <blockquote>
- * {@code demo/jfc/SwingSet2/src/SwingSet2.java}
+ * {@code demo/b/index.html}
  * </blockquote>
  *
  * <p> <i>Relativization</i>, finally, is the inverse of resolution: For any
@@ -226,16 +226,16 @@
  * possible.  For example, relativizing the URI
  *
  * <blockquote>
- * {@code http://docs.oracle.com/javase/1.3/docs/guide/index.html}
+ * {@code http://example.com/languages/java/sample/a/index.html#28}
  * </blockquote>
  *
  * against the base URI
  *
  * <blockquote>
- * {@code http://java.sun.com/j2se/1.3}
+ * {@code http://example.com/languages/java/}
  * </blockquote>
  *
- * yields the relative URI {@code docs/guide/index.html}.
+ * yields the relative URI {@code sample/a/index.html#28}.
  *
  *
  * <h4> Character categories </h4>
--- a/jdk/src/java.base/share/classes/java/security/DrbgParameters.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.base/share/classes/java/security/DrbgParameters.java	Wed Jul 05 21:49:47 2017 +0200
@@ -383,6 +383,10 @@
 
         private Instantiation(int strength, Capability capability,
                               byte[] personalizationString) {
+            if (strength < -1) {
+                throw new IllegalArgumentException(
+                        "Illegal security strength: " + strength);
+            }
             this.strength = strength;
             this.capability = capability;
             this.personalizationString = (personalizationString == null) ?
@@ -446,6 +450,10 @@
 
         private NextBytes(int strength, boolean predictionResistance,
                           byte[] additionalInput) {
+            if (strength < -1) {
+                throw new IllegalArgumentException(
+                        "Illegal security strength: " + strength);
+            }
             this.strength = strength;
             this.predictionResistance = predictionResistance;
             this.additionalInput = (additionalInput == null) ?
@@ -502,6 +510,7 @@
      *                              byte array will be copied.
      * @return a new {@code Instantiation} object
      * @throws NullPointerException if {@code capability} is {@code null}
+     * @throws IllegalArgumentException if {@code strength} is less than -1
      */
     public static Instantiation instantiation(int strength,
                                               Capability capability,
@@ -518,6 +527,7 @@
      * @param predictionResistance prediction resistance requested
      * @param additionalInput additional input, can be {@code null}.
      *                        The content of this byte array will be copied.
+     * @throws IllegalArgumentException if {@code strength} is less than -1
      * @return a new {@code NextBytes} object
      */
     public static NextBytes nextBytes(int strength,
--- a/jdk/src/java.base/share/classes/java/security/SecureRandomParameters.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.base/share/classes/java/security/SecureRandomParameters.java	Wed Jul 05 21:49:47 2017 +0200
@@ -33,6 +33,7 @@
  * can be passed to those implementations that support them.
  *
  * @see DrbgParameters
+ * @since 9
  */
 public interface SecureRandomParameters {
 }
--- a/jdk/src/java.base/share/classes/java/util/Locale.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.base/share/classes/java/util/Locale.java	Wed Jul 05 21:49:47 2017 +0200
@@ -2858,6 +2858,8 @@
          * @param range a language range
          * @throws NullPointerException if the given {@code range} is
          *     {@code null}
+         * @throws IllegalArgumentException if the given {@code range} does not
+         * comply with the syntax of the language range mentioned in RFC 4647
          */
         public LanguageRange(String range) {
             this(range, MAX_WEIGHT);
@@ -2873,8 +2875,10 @@
          *     {@code MAX_WEIGHT}
          * @throws NullPointerException if the given {@code range} is
          *     {@code null}
-         * @throws IllegalArgumentException if the given {@code weight} is less
-         *     than {@code MIN_WEIGHT} or greater than {@code MAX_WEIGHT}
+         * @throws IllegalArgumentException if the given {@code range} does not
+         * comply with the syntax of the language range mentioned in RFC 4647
+         * or if the given {@code weight} is less than {@code MIN_WEIGHT}
+         * or greater than {@code MAX_WEIGHT}
          */
         public LanguageRange(String range, double weight) {
             if (range == null) {
--- a/jdk/src/java.base/share/classes/javax/net/ssl/X509KeyManager.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.base/share/classes/javax/net/ssl/X509KeyManager.java	Wed Jul 05 21:49:47 2017 +0200
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -35,7 +35,7 @@
  * key pairs are used to authenticate the local side of a secure
  * socket.
  * <P>
- * During secure socket negotiations, implentations
+ * During secure socket negotiations, implementations
  * call methods in this interface to:
  * <UL>
  * <LI> determine the set of aliases that are available for negotiations
--- a/jdk/src/java.base/share/classes/jdk/internal/misc/JavaLangModuleAccess.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.base/share/classes/jdk/internal/misc/JavaLangModuleAccess.java	Wed Jul 05 21:49:47 2017 +0200
@@ -99,7 +99,6 @@
                                          String osName,
                                          String osArch,
                                          String osVersion,
-                                         Set<String> conceals,
                                          Set<String> packages,
                                          ModuleHashes hashes);
 
--- a/jdk/src/java.base/share/classes/jdk/internal/module/Builder.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.base/share/classes/jdk/internal/module/Builder.java	Wed Jul 05 21:49:47 2017 +0200
@@ -66,8 +66,7 @@
     final Set<Requires> requires;
     final Set<Exports> exports;
     final Map<String, Provides> provides;
-    final Set<String> conceals;
-    final int numPackages;
+    Set<String> packages;
     Set<String> uses;
     Version version;
     String mainClass;
@@ -78,14 +77,12 @@
     Map<String, String> hashes;
 
     Builder(String name, int reqs, int exports,
-            int provides, int conceals, int packages) {
+            int provides, int packages) {
         this.name = name;
         this.requires = reqs > 0 ? new HashSet<>(reqs) : Collections.emptySet();
         this.exports  = exports > 0 ? new HashSet<>(exports) : Collections.emptySet();
         this.provides = provides > 0 ? new HashMap<>(provides) : Collections.emptyMap();
-        this.conceals = conceals > 0 ? new HashSet<>(conceals) : Collections.emptySet();
         this.uses = Collections.emptySet();
-        this.numPackages = packages;
     }
 
     /**
@@ -169,18 +166,10 @@
     }
 
     /**
-     * Adds a set of (possible empty) concealed packages.
+     * Adds a set of (possible empty) packages.
      */
-    public Builder conceals(Set<String> packages) {
-        conceals.addAll(packages);
-        return this;
-    }
-
-    /**
-     * Adds a concealed package.
-     */
-    public Builder conceals(String pn) {
-        conceals.add(pn);
+    public Builder packages(Set<String> packages) {
+        this.packages = packages;
         return this;
     }
 
@@ -273,22 +262,6 @@
     }
 
     /**
-     * Returns the set of packages that is the union of the exported and
-     * concealed packages.
-     */
-    private Set<String> computePackages(Set<Exports> exports, Set<String> conceals) {
-        if (exports.isEmpty())
-            return conceals;
-
-        Set<String> pkgs = new HashSet<>(numPackages);
-        pkgs.addAll(conceals);
-        for (Exports e : exports) {
-            pkgs.add(e.source());
-        }
-        return pkgs;
-    }
-
-    /**
      * Builds a {@code ModuleDescriptor} from the components.
      */
     public ModuleDescriptor build() {
@@ -309,8 +282,7 @@
                                         osName,
                                         osArch,
                                         osVersion,
-                                        conceals,
-                                        computePackages(exports, conceals),
+                                        packages,
                                         moduleHashes);
     }
 }
--- a/jdk/src/java.base/share/classes/sun/reflect/annotation/AnnotationType.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.base/share/classes/sun/reflect/annotation/AnnotationType.java	Wed Jul 05 21:49:47 2017 +0200
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -118,16 +118,22 @@
         members = new HashMap<>(methods.length+1, 1.0f);
 
         for (Method method : methods) {
-            if (method.getParameterTypes().length != 0)
-                throw new IllegalArgumentException(method + " has params");
-            String name = method.getName();
-            Class<?> type = method.getReturnType();
-            memberTypes.put(name, invocationHandlerReturnType(type));
-            members.put(name, method);
+            if (Modifier.isPublic(method.getModifiers()) &&
+                Modifier.isAbstract(method.getModifiers()) &&
+                !method.isSynthetic()) {
+                if (method.getParameterTypes().length != 0) {
+                    throw new IllegalArgumentException(method + " has params");
+                }
+                String name = method.getName();
+                Class<?> type = method.getReturnType();
+                memberTypes.put(name, invocationHandlerReturnType(type));
+                members.put(name, method);
 
-            Object defaultValue = method.getDefaultValue();
-            if (defaultValue != null)
-                memberDefaults.put(name, defaultValue);
+                Object defaultValue = method.getDefaultValue();
+                if (defaultValue != null) {
+                    memberDefaults.put(name, defaultValue);
+                }
+            }
         }
 
         // Initialize retention, & inherited fields.  Special treatment
--- a/jdk/src/java.base/share/classes/sun/reflect/annotation/TypeNotPresentExceptionProxy.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.base/share/classes/sun/reflect/annotation/TypeNotPresentExceptionProxy.java	Wed Jul 05 21:49:47 2017 +0200
@@ -46,6 +46,14 @@
         return new TypeNotPresentException(typeName, cause);
     }
 
+    public String typeName() {
+        return typeName;
+    }
+
+    public Throwable getCause() {
+        return cause;
+    }
+
     @Override
     public String toString() {
         return typeName + ".class /* Warning: type not present! */";
--- a/jdk/src/java.base/share/classes/sun/security/provider/AbstractDrbg.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.base/share/classes/sun/security/provider/AbstractDrbg.java	Wed Jul 05 21:49:47 2017 +0200
@@ -33,12 +33,13 @@
 import static java.security.DrbgParameters.Capability.*;
 
 /**
- * The abstract base class for all DRBGs.
+ * The abstract base class for all DRBGs. It is used as {@link DRBG#impl}.
  * <p>
- * This class creates 5 new abstract methods. 3 are defined by the SP800-90A:
+ * This class has 5 abstract methods. 3 are defined by SP800-90A:
  * <ol>
  *  <li>{@link #generateAlgorithm(byte[], byte[])}
- *  <li>{@link #reseedAlgorithm(byte[], byte[])} (might not be supported)
+ *  <li>{@link #reseedAlgorithm(byte[], byte[])} (In fact this is not an
+ *      abstract method, but any DRBG supporting reseeding must override it.)
  *  <li>{@link #instantiateAlgorithm(byte[])}
  * </ol>
  * and 2 for implementation purpose:
@@ -46,18 +47,19 @@
  *  <li>{@link #initEngine()}
  *  <li>{@link #chooseAlgorithmAndStrength}
  * </ol>
- * All existing {@link SecureRandomSpi} methods are implemented based on the
- * methods above as final. The initialization process is divided into 2 phases:
- * configuration is eagerly called to set up parameters, and instantiation
- * is lazily called only when nextBytes or reseed is called.
+ * Although this class is not a child class of {@link SecureRandomSpi}, it
+ * implements all abstract methods there as final.
+ * <p>
+ * The initialization process of a DRBG is divided into 2 phases:
+ * {@link #configure configuration} is eagerly called to set up parameters,
+ * and {@link #instantiateIfNecessary instantiation} is lazily called only
+ * when nextBytes or reseed is called.
  * <p>
  * SecureRandom methods like reseed and nextBytes are not thread-safe.
  * An implementation is required to protect shared access to instantiate states
- * (instantiated, nonce) and DRBG states (v, c, key, reseedCounter).
+ * (instantiated, nonce) and DRBG states (v, c, key, reseedCounter, etc).
  */
-public abstract class AbstractDrbg extends SecureRandomSpi {
-
-    private static final long serialVersionUID = 9L;
+public abstract class AbstractDrbg {
 
     /**
      * This field is not null if {@code -Djava.security.debug=securerandom} is
@@ -69,7 +71,7 @@
 
     // Common working status
 
-    private transient boolean instantiated = false;
+    private boolean instantiated = false;
 
     /**
      * Reseed counter of a DRBG instance. A mechanism should increment it
@@ -78,7 +80,7 @@
      *
      * Volatile, will be used in a double checked locking.
      */
-    protected transient volatile int reseedCounter = 0;
+    protected volatile int reseedCounter = 0;
 
     // Mech features. If not same as below, must be redefined in constructor.
 
@@ -170,7 +172,7 @@
     /**
      * Algorithm used by this instance (SHA-512 or AES-256). Must be assigned
      * in {@link #chooseAlgorithmAndStrength}. This field is used in
-     * {@link #toString()} and {@link DRBG#algorithmName}.
+     * {@link #toString()}.
      */
     protected String algorithm;
 
@@ -217,7 +219,7 @@
      * After instantiation, this field is not null. Do not modify it
      * in a mechanism.
      */
-    protected transient byte[] nonce;
+    protected byte[] nonce;
 
     /**
      * Requested nonce in {@link MoreDrbgParameters}. If set to null,
@@ -237,7 +239,7 @@
      * {@link #configure(SecureRandomParameters)}. This field
      * can be null. {@link #getEntropyInput} will take care of null check.
      */
-    private transient EntropySource es;
+    private EntropySource es;
 
     // Five abstract methods for SP 800-90A DRBG
 
@@ -286,10 +288,7 @@
 
     /**
      * Initiates security engines ({@code MessageDigest}, {@code Mac},
-     * or {@code Cipher}). Must be called in deserialization. Please note
-     * that before instantiation the algorithm might not be available yet.
-     * In this case, just return and this method will be called
-     * automatically at instantiation.
+     * or {@code Cipher}). This method is called during instantiation.
      */
     protected abstract void initEngine();
 
@@ -331,13 +330,11 @@
 
     // SecureRandomSpi methods taken care of here. All final.
 
-    @Override
     protected final void engineNextBytes(byte[] result) {
         engineNextBytes(result, DrbgParameters.nextBytes(
                 -1, predictionResistanceFlag, null));
     }
 
-    @Override
     protected final void engineNextBytes(
             byte[] result, SecureRandomParameters params) {
 
@@ -402,7 +399,6 @@
         }
     }
 
-    @Override
     public final void engineReseed(SecureRandomParameters params) {
         if (debug != null) {
             debug.println(this, "reseed with params");
@@ -454,7 +450,6 @@
      * @param numBytes the number of seed bytes to generate.
      * @return the seed bytes.
      */
-    @Override
     public final byte[] engineGenerateSeed(int numBytes) {
         byte[] b = new byte[numBytes];
         SeedGenerator.generateSeed(b);
@@ -469,7 +464,6 @@
      *
      * @param input the seed
      */
-    @Override
     public final synchronized void engineSetSeed(byte[] input) {
         if (debug != null) {
             debug.println(this, "setSeed");
@@ -598,7 +592,6 @@
      *
      * @return the curent configuration
      */
-    @Override
     protected SecureRandomParameters engineGetParameters() {
         // Or read from variable.
         return DrbgParameters.instantiation(
@@ -631,7 +624,8 @@
             this.es = m.es;
             this.requestedAlgorithm = m.algorithm;
             this.usedf = m.usedf;
-            params = m.config;
+            params = DrbgParameters.instantiation(m.strength,
+                    m.capability, m.personalizationString);
         }
         if (params != null) {
             if (params instanceof DrbgParameters.Instantiation) {
--- a/jdk/src/java.base/share/classes/sun/security/provider/AbstractHashDrbg.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.base/share/classes/sun/security/provider/AbstractHashDrbg.java	Wed Jul 05 21:49:47 2017 +0200
@@ -32,8 +32,6 @@
 
 public abstract class AbstractHashDrbg extends AbstractDrbg {
 
-    private static final long serialVersionUID = 9L;
-
     protected int outLen;
     protected int seedLen;
 
--- a/jdk/src/java.base/share/classes/sun/security/provider/CtrDrbg.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.base/share/classes/sun/security/provider/CtrDrbg.java	Wed Jul 05 21:49:47 2017 +0200
@@ -28,14 +28,12 @@
 import javax.crypto.Cipher;
 import javax.crypto.NoSuchPaddingException;
 import javax.crypto.spec.SecretKeySpec;
-import java.io.IOException;
 import java.security.*;
 import java.util.Arrays;
 import java.util.Locale;
 
 public class CtrDrbg extends AbstractDrbg {
 
-    private static final long serialVersionUID = 9L;
     private static final int AES_LIMIT;
 
     static {
@@ -47,7 +45,7 @@
         }
     }
 
-    private transient Cipher cipher;
+    private Cipher cipher;
 
     private String cipherAlg;
     private String keyAlg;
@@ -57,8 +55,8 @@
     private int keyLen;
     private int seedLen;
 
-    private transient byte[] v;
-    private transient byte[] k;
+    private byte[] v;
+    private byte[] k;
 
     public CtrDrbg(SecureRandomParameters params) {
         mechName = "CTR_DRBG";
@@ -165,7 +163,7 @@
     protected void initEngine() {
         try {
             /*
-             * Use the local SUN implementation to avoid native
+             * Use the local SunJCE implementation to avoid native
              * performance overhead.
              */
             cipher = Cipher.getInstance(cipherAlg, "SunJCE");
@@ -463,12 +461,6 @@
         // Step 8. Return
     }
 
-    private void readObject(java.io.ObjectInputStream s)
-            throws IOException, ClassNotFoundException {
-        s.defaultReadObject ();
-        initEngine();
-    }
-
     @Override
     public String toString() {
         return super.toString() + ","
--- a/jdk/src/java.base/share/classes/sun/security/provider/DRBG.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.base/share/classes/sun/security/provider/DRBG.java	Wed Jul 05 21:49:47 2017 +0200
@@ -25,6 +25,7 @@
 
 package sun.security.provider;
 
+import java.io.IOException;
 import java.security.AccessController;
 import java.security.DrbgParameters;
 import java.security.PrivilegedAction;
@@ -61,11 +62,12 @@
 
     private static final long serialVersionUID = 9L;
 
-    private final AbstractDrbg impl;
+    private transient AbstractDrbg impl;
 
-    private final String mechName;
-
-    private final String algorithmName;
+    /**
+     * @serial
+     */
+    private final MoreDrbgParameters mdp;
 
     public DRBG(SecureRandomParameters params) {
 
@@ -91,7 +93,7 @@
         // Can be configured with a security property
 
         String config = AccessController.doPrivileged((PrivilegedAction<String>)
-                    () -> Security.getProperty(PROP_NAME));
+                () -> Security.getProperty(PROP_NAME));
 
         if (config != null && !config.isEmpty()) {
             for (String part : config.split(",")) {
@@ -151,8 +153,9 @@
         if (params != null) {
             // MoreDrbgParameters is used for testing.
             if (params instanceof MoreDrbgParameters) {
-                MoreDrbgParameters m = (MoreDrbgParameters)params;
-                params = m.config;
+                MoreDrbgParameters m = (MoreDrbgParameters) params;
+                params = DrbgParameters.instantiation(m.strength,
+                        m.capability, m.personalizationString);
 
                 // No need to check null for es and nonce, they are still null
                 es = m.es;
@@ -197,26 +200,27 @@
             usedf = true;
         }
 
-        MoreDrbgParameters m = new MoreDrbgParameters(
+        mdp = new MoreDrbgParameters(
                 es, mech, algorithm, nonce, usedf,
                 DrbgParameters.instantiation(strength, cap, ps));
 
-        switch (mech.toLowerCase(Locale.ROOT)) {
+        createImpl();
+    }
+
+    private void createImpl() {
+        switch (mdp.mech.toLowerCase(Locale.ROOT)) {
             case "hash_drbg":
-                impl = new HashDrbg(m);
+                impl = new HashDrbg(mdp);
                 break;
             case "hmac_drbg":
-                impl = new HmacDrbg(m);
+                impl = new HmacDrbg(mdp);
                 break;
             case "ctr_drbg":
-                impl = new CtrDrbg(m);
+                impl = new CtrDrbg(mdp);
                 break;
             default:
-                throw new IllegalArgumentException("Unsupported mech: " + mech);
+                throw new IllegalArgumentException("Unsupported mech: " + mdp.mech);
         }
-
-        mechName = mech;
-        algorithmName = impl.algorithm;
     }
 
     @Override
@@ -268,4 +272,13 @@
                     + " cannot be provided more than once in " + PROP_NAME);
         }
     }
+
+    private void readObject(java.io.ObjectInputStream s)
+            throws IOException, ClassNotFoundException {
+        s.defaultReadObject();
+        if (mdp.mech == null) {
+            throw new IllegalArgumentException("Input data is corrupted");
+        }
+        createImpl();
+    }
 }
--- a/jdk/src/java.base/share/classes/sun/security/provider/HashDrbg.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.base/share/classes/sun/security/provider/HashDrbg.java	Wed Jul 05 21:49:47 2017 +0200
@@ -25,7 +25,6 @@
 
 package sun.security.provider;
 
-import java.io.IOException;
 import java.math.BigInteger;
 import java.security.DigestException;
 import java.security.MessageDigest;
@@ -36,15 +35,13 @@
 
 public class HashDrbg extends AbstractHashDrbg {
 
-    private static final long serialVersionUID = 9L;
-
     private static final byte[] ZERO = new byte[1];
     private static final byte[] ONE = new byte[]{1};
 
-    private transient MessageDigest digest;
+    private MessageDigest digest;
 
-    private transient byte[] v;
-    private transient byte[] c;
+    private byte[] v;
+    private byte[] c;
 
     public HashDrbg(SecureRandomParameters params) {
         mechName = "Hash_DRBG";
@@ -267,10 +264,4 @@
         // Step 5: No need to truncate
         // Step 6: Return
     }
-
-    private void readObject(java.io.ObjectInputStream s)
-            throws IOException, ClassNotFoundException {
-        s.defaultReadObject ();
-        initEngine();
-    }
 }
--- a/jdk/src/java.base/share/classes/sun/security/provider/HmacDrbg.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.base/share/classes/sun/security/provider/HmacDrbg.java	Wed Jul 05 21:49:47 2017 +0200
@@ -27,7 +27,6 @@
 
 import javax.crypto.Mac;
 import javax.crypto.spec.SecretKeySpec;
-import java.io.IOException;
 import java.security.InvalidKeyException;
 import java.security.NoSuchAlgorithmException;
 import java.security.NoSuchProviderException;
@@ -36,14 +35,12 @@
 
 public class HmacDrbg extends AbstractHashDrbg {
 
-    private static final long serialVersionUID = 9L;
-
-    private transient Mac mac;
+    private Mac mac;
 
     private String macAlg;
 
-    private transient byte[] v;
-    private transient byte[] k;
+    private byte[] v;
+    private byte[] k;
 
     public HmacDrbg(SecureRandomParameters params) {
         mechName = "HMAC_DRBG";
@@ -101,6 +98,10 @@
     protected void initEngine() {
         macAlg = "HmacSHA" + algorithm.substring(4);
         try {
+            /*
+             * Use the local SunJCE implementation to avoid native
+             * performance overhead.
+             */
             mac = Mac.getInstance(macAlg, "SunJCE");
         } catch (NoSuchProviderException | NoSuchAlgorithmException e) {
             // Fallback to any available.
@@ -194,10 +195,4 @@
 
         // Step 8. Return
     }
-
-    private void readObject(java.io.ObjectInputStream s)
-            throws IOException, ClassNotFoundException {
-        s.defaultReadObject ();
-        initEngine();
-    }
 }
--- a/jdk/src/java.base/share/classes/sun/security/provider/MoreDrbgParameters.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.base/share/classes/sun/security/provider/MoreDrbgParameters.java	Wed Jul 05 21:49:47 2017 +0200
@@ -25,20 +25,30 @@
 
 package sun.security.provider;
 
+import java.io.IOException;
+import java.io.Serializable;
 import java.security.DrbgParameters;
 import java.security.SecureRandomParameters;
 
 /**
- * Extra non-standard parameters that can be used by DRBGs.
+ * Exported and non-exported parameters that can be used by DRBGs.
  */
-public class MoreDrbgParameters implements SecureRandomParameters {
+public class MoreDrbgParameters implements SecureRandomParameters, Serializable {
+
+    private static final long serialVersionUID = 9L;
+
+    final transient EntropySource es;
 
     final String mech;
     final String algorithm;
-    final EntropySource es;
-    final byte[] nonce;
     final boolean usedf;
-    final DrbgParameters.Instantiation config;
+    final int strength;
+    final DrbgParameters.Capability capability;
+
+    // The following 2 fields will be reassigned in readObject and
+    // thus cannot be final
+    byte[] nonce;
+    byte[] personalizationString;
 
     /**
      * Creates a new {@code MoreDrbgParameters} object.
@@ -61,13 +71,31 @@
         this.mech = mech;
         this.algorithm = algorithm;
         this.es = es;
-        this.nonce = nonce;
+        this.nonce = (nonce == null) ? null : nonce.clone();
         this.usedf = usedf;
-        this.config = config;
+
+        this.strength = config.getStrength();
+        this.capability = config.getCapability();
+        this.personalizationString = config.getPersonalizationString();
     }
 
     @Override
     public String toString() {
-        return mech + "," + algorithm + "," + usedf + "," + config;
+        return mech + "," + algorithm + "," + usedf + "," + strength
+                + "," + capability + "," + personalizationString;
+    }
+
+    private void readObject(java.io.ObjectInputStream s)
+            throws IOException, ClassNotFoundException {
+        s.defaultReadObject();
+        if (nonce != null) {
+            nonce = nonce.clone();
+        }
+        if (personalizationString != null) {
+            personalizationString = personalizationString.clone();
+        }
+        if (capability == null) {
+            throw new IllegalArgumentException("Input data is corrupted");
+        }
     }
 }
--- a/jdk/src/java.base/share/classes/sun/security/provider/SHA3.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.base/share/classes/sun/security/provider/SHA3.java	Wed Jul 05 21:49:47 2017 +0200
@@ -61,14 +61,14 @@
         0x8000000000008080L, 0x80000001L, 0x8000000080008008L,
     };
 
-    private byte[] state;
+    private byte[] state = new byte[WIDTH];
+    private final long[] lanes = new long[DM*DM];
 
     /**
      * Creates a new SHA-3 object.
      */
     SHA3(String name, int digestLength) {
         super(name, digestLength, (WIDTH - (2 * digestLength)));
-        implReset();
     }
 
     /**
@@ -79,7 +79,7 @@
         for (int i = 0; i < buffer.length; i++) {
             state[i] ^= b[ofs++];
         }
-        state = keccak(state);
+        keccak();
     }
 
     /**
@@ -95,7 +95,7 @@
         for (int i = 0; i < buffer.length; i++) {
             state[i] ^= buffer[i];
         }
-        state = keccak(state);
+        keccak();
         System.arraycopy(state, 0, out, ofs, engineGetDigestLength());
     }
 
@@ -103,15 +103,8 @@
      * Resets the internal state to start a new hash.
      */
     void implReset() {
-        state = new byte[WIDTH];
-    }
-
-    /**
-     * Utility function for circular shift the specified long
-     * value to the left for n bits.
-     */
-    private static long circularShiftLeft(long lane, int n) {
-        return ((lane << n) | (lane >>> (64 - n)));
+        Arrays.fill(state, (byte)0);
+        Arrays.fill(lanes, 0L);
     }
 
     /**
@@ -132,115 +125,119 @@
     }
 
     /**
-     * Utility function for transforming the specified state from
-     * the byte array format into array of lanes as defined in
-     * section 3.1.2.
+     * Utility function for transforming the specified byte array 's'
+     * into array of lanes 'm' as defined in section 3.1.2.
      */
-    private static long[][] bytes2Lanes(byte[] s) {
-        if (s.length != WIDTH) {
-            throw new ProviderException("Error: incorrect input size " +
-                s.length);
+    private static void bytes2Lanes(byte[] s, long[] m) {
+        int sOfs = 0;
+        // Conversion traverses along x-axis before y-axis
+        for (int y = 0; y < DM; y++, sOfs += 40) {
+            b2lLittle(s, sOfs, m, DM*y, 40);
         }
-        // The conversion traverses along x-axis before y-axis. So, y is the
-        // first dimension and x is the second dimension.
-        long[][] s2 = new long[DM][DM];
-        int sOfs = 0;
-        for (int y = 0; y < DM; y++, sOfs += 40) {
-            b2lLittle(s, sOfs, s2[y], 0, 40);
-        }
-        return s2;
     }
 
     /**
-     * Utility function for transforming the specified arrays of
-     * lanes into a byte array as defined in section 3.1.3.
+     * Utility function for transforming the specified array of
+     * lanes 'm' into a byte array 's' as defined in section 3.1.3.
      */
-    private static byte[] lanes2Bytes(long[][] m) {
-        byte[] s = new byte[WIDTH];
+    private static void lanes2Bytes(long[] m, byte[] s) {
         int sOfs = 0;
-        // The conversion traverses along x-axis before y-axis. So, y is the
-        // first dimension and x is the second dimension.
+        // Conversion traverses along x-axis before y-axis
         for (int y = 0; y < DM; y++, sOfs += 40) {
-            l2bLittle(m[y], 0, s, sOfs, 40);
+            l2bLittle(m, DM*y, s, sOfs, 40);
         }
-        return s;
     }
 
     /**
      * Step mapping Theta as defined in section 3.2.1 .
      */
-    private static long[][] smTheta(long[][] a) {
-        long[] c = new long[DM];
-        for (int i = 0; i < DM; i++) {
-            c[i] = a[0][i]^a[1][i]^a[2][i]^a[3][i]^a[4][i];
-        }
-        long[] d = new long[DM];
-        for (int i = 0; i < DM; i++) {
-            long c1 = c[(i + 4) % DM];
-            // left shift and wrap the leftmost bit into the rightmost bit
-            long c2 = circularShiftLeft(c[(i + 1) % DM], 1);
-            d[i] = c1^c2;
-        }
-        for (int y = 0; y < DM; y++) {
-            for (int x = 0; x < DM; x++) {
-                a[y][x] ^= d[x];
-            }
+    private static long[] smTheta(long[] a) {
+        long c0 = a[0]^a[5]^a[10]^a[15]^a[20];
+        long c1 = a[1]^a[6]^a[11]^a[16]^a[21];
+        long c2 = a[2]^a[7]^a[12]^a[17]^a[22];
+        long c3 = a[3]^a[8]^a[13]^a[18]^a[23];
+        long c4 = a[4]^a[9]^a[14]^a[19]^a[24];
+        long d0 = c4 ^ Long.rotateLeft(c1, 1);
+        long d1 = c0 ^ Long.rotateLeft(c2, 1);
+        long d2 = c1 ^ Long.rotateLeft(c3, 1);
+        long d3 = c2 ^ Long.rotateLeft(c4, 1);
+        long d4 = c3 ^ Long.rotateLeft(c0, 1);
+        for (int y = 0; y < a.length; y += DM) {
+            a[y] ^= d0;
+            a[y+1] ^= d1;
+            a[y+2] ^= d2;
+            a[y+3] ^= d3;
+            a[y+4] ^= d4;
         }
         return a;
     }
 
     /**
-     * Step mapping Rho as defined in section 3.2.2.
+     * Merged Step mapping Rho (section 3.2.2) and Pi (section 3.2.3).
+     * for performance. Optimization is achieved by precalculating
+     * shift constants for the following loop
+     *   int xNext, yNext;
+     *   for (int t = 0, x = 1, y = 0; t <= 23; t++, x = xNext, y = yNext) {
+     *        int numberOfShift = ((t + 1)*(t + 2)/2) % 64;
+     *        a[y][x] = Long.rotateLeft(a[y][x], numberOfShift);
+     *        xNext = y;
+     *        yNext = (2 * x + 3 * y) % DM;
+     *   }
+     * and with inplace permutation.
      */
-    private static long[][] smRho(long[][] a) {
-        long[][] a2 = new long[DM][DM];
-        a2[0][0] = a[0][0];
-        int xNext, yNext;
-        for (int t = 0, x = 1, y = 0; t <= 23; t++, x = xNext, y = yNext) {
-            int numberOfShift = ((t + 1)*(t + 2)/2) % 64;
-            a2[y][x] = circularShiftLeft(a[y][x], numberOfShift);
-            xNext = y;
-            yNext = (2 * x + 3 * y) % DM;
-        }
-        return a2;
-    }
-
-    /**
-     * Step mapping Pi as defined in section 3.2.3.
-     */
-    private static long[][] smPi(long[][] a) {
-        long[][] a2 = new long[DM][DM];
-        for (int y = 0; y < DM; y++) {
-            for (int x = 0; x < DM; x++) {
-                a2[y][x] = a[x][(x + 3 * y) % DM];
-            }
-        }
-        return a2;
+    private static long[] smPiRho(long[] a) {
+        long tmp = Long.rotateLeft(a[10], 3);
+        a[10] = Long.rotateLeft(a[1], 1);
+        a[1] = Long.rotateLeft(a[6], 44);
+        a[6] = Long.rotateLeft(a[9], 20);
+        a[9] = Long.rotateLeft(a[22], 61);
+        a[22] = Long.rotateLeft(a[14], 39);
+        a[14] = Long.rotateLeft(a[20], 18);
+        a[20] = Long.rotateLeft(a[2], 62);
+        a[2] = Long.rotateLeft(a[12], 43);
+        a[12] = Long.rotateLeft(a[13], 25);
+        a[13] = Long.rotateLeft(a[19], 8);
+        a[19] = Long.rotateLeft(a[23], 56);
+        a[23] = Long.rotateLeft(a[15], 41);
+        a[15] = Long.rotateLeft(a[4], 27);
+        a[4] = Long.rotateLeft(a[24], 14);
+        a[24] = Long.rotateLeft(a[21], 2);
+        a[21] = Long.rotateLeft(a[8], 55);
+        a[8] = Long.rotateLeft(a[16], 45);
+        a[16] = Long.rotateLeft(a[5], 36);
+        a[5] = Long.rotateLeft(a[3], 28);
+        a[3] = Long.rotateLeft(a[18], 21);
+        a[18] = Long.rotateLeft(a[17], 15);
+        a[17] = Long.rotateLeft(a[11], 10);
+        a[11] = Long.rotateLeft(a[7], 6);
+        a[7] = tmp;
+        return a;
     }
 
     /**
      * Step mapping Chi as defined in section 3.2.4.
      */
-    private static long[][] smChi(long[][] a) {
-        long[][] a2 = new long[DM][DM];
-        for (int y = 0; y < DM; y++) {
-            for (int x = 0; x < DM; x++) {
-                a2[y][x] = a[y][x] ^
-                    ((a[y][(x + 1) % DM] ^ 0xFFFFFFFFFFFFFFFFL) &
-                     a[y][(x + 2) % DM]);
-            }
+    private static long[] smChi(long[] a) {
+        for (int y = 0; y < a.length; y+=DM) {
+            long ay0 = a[y];
+            long ay1 = a[y+1];
+            long ay2 = a[y+2];
+            long ay3 = a[y+3];
+            long ay4 = a[y+4];
+            a[y] = ay0 ^ ((~ay1) & ay2);
+            a[y+1] = ay1 ^ ((~ay2) & ay3);
+            a[y+2] = ay2 ^ ((~ay3) & ay4);
+            a[y+3] = ay3 ^ ((~ay4) & ay0);
+            a[y+4] = ay4 ^ ((~ay0) & ay1);
         }
-        return a2;
+        return a;
     }
 
     /**
      * Step mapping Iota as defined in section 3.2.5.
-     *
-     * @return the processed state array
-     * @param state the state array to be processed
      */
-    private static long[][] smIota(long[][] a, int rndIndex) {
-        a[0][0] ^= RC_CONSTANTS[rndIndex];
+    private static long[] smIota(long[] a, int rndIndex) {
+        a[0] ^= RC_CONSTANTS[rndIndex];
         return a;
     }
 
@@ -248,12 +245,15 @@
      * The function Keccak as defined in section 5.2 with
      * rate r = 1600 and capacity c = (digest length x 2).
      */
-    private static byte[] keccak(byte[] state) {
-        long[][] lanes = bytes2Lanes(state);
+    private void keccak() {
+        // convert the 200-byte state into 25 lanes
+        bytes2Lanes(state, lanes);
+        // process the lanes through step mappings
         for (int ir = 0; ir < NR; ir++) {
-            lanes = smIota(smChi(smPi(smRho(smTheta(lanes)))), ir);
+            smIota(smChi(smPiRho(smTheta(lanes))), ir);
         }
-        return lanes2Bytes(lanes);
+        // convert the resulting 25 lanes back into 200-byte state
+        lanes2Bytes(lanes, state);
     }
 
     public Object clone() throws CloneNotSupportedException {
--- a/jdk/src/java.base/share/classes/sun/security/ssl/SSLServerSocketImpl.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.base/share/classes/sun/security/ssl/SSLServerSocketImpl.java	Wed Jul 05 21:49:47 2017 +0200
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -347,7 +347,7 @@
         SSLSocketImpl s = new SSLSocketImpl(sslContext, useServerMode,
             enabledCipherSuites, clientAuthType, enableSessionCreation,
             enabledProtocols, identificationProtocol, algorithmConstraints,
-            sniMatchers, preferLocalCipherSuites);
+            sniMatchers, preferLocalCipherSuites, applicationProtocols);
 
         implAccept(s);
         s.doneConnect();
--- a/jdk/src/java.base/share/classes/sun/security/ssl/SSLSocketImpl.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.base/share/classes/sun/security/ssl/SSLSocketImpl.java	Wed Jul 05 21:49:47 2017 +0200
@@ -497,7 +497,8 @@
             String identificationProtocol,
             AlgorithmConstraints algorithmConstraints,
             Collection<SNIMatcher> sniMatchers,
-            boolean preferLocalCipherSuites) throws IOException {
+            boolean preferLocalCipherSuites,
+            String[] applicationProtocols) throws IOException {
 
         super();
         doClientAuth = clientAuth;
@@ -506,6 +507,7 @@
         this.algorithmConstraints = algorithmConstraints;
         this.sniMatchers = sniMatchers;
         this.preferLocalCipherSuites = preferLocalCipherSuites;
+        this.applicationProtocols = applicationProtocols;
         init(context, serverMode);
 
         /*
--- a/jdk/src/java.base/share/classes/sun/security/tools/keytool/Main.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.base/share/classes/sun/security/tools/keytool/Main.java	Wed Jul 05 21:49:47 2017 +0200
@@ -206,7 +206,7 @@
         IMPORTKEYSTORE("Imports.one.or.all.entries.from.another.keystore",
             SRCKEYSTORE, DESTKEYSTORE, SRCSTORETYPE,
             DESTSTORETYPE, SRCSTOREPASS, DESTSTOREPASS,
-            SRCPROTECTED, SRCPROVIDERNAME, DESTPROVIDERNAME,
+            SRCPROTECTED, DESTPROTECTED, SRCPROVIDERNAME, DESTPROVIDERNAME,
             SRCALIAS, DESTALIAS, SRCKEYPASS, DESTKEYPASS,
             NOPROMPT, PROVIDERCLASS, PROVIDERARG, PROVIDERPATH,
             V),
--- a/jdk/src/java.base/share/classes/sun/util/locale/LocaleEquivalentMaps.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.base/share/classes/sun/util/locale/LocaleEquivalentMaps.java	Wed Jul 05 21:49:47 2017 +0200
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2012, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -43,12 +43,16 @@
         regionVariantEquivMap = new HashMap<>();
 
         // This is an auto-generated file and should not be manually edited.
-        //   LSR Revision: 2013-09-23
+        //   LSR Revision: 2016-02-10
+        singleEquivMap.put("aam", "aas");
+        singleEquivMap.put("aas", "aam");
         singleEquivMap.put("acn", "xia");
+        singleEquivMap.put("adp", "dz");
         singleEquivMap.put("adx", "pcr");
         singleEquivMap.put("ami", "i-ami");
         singleEquivMap.put("art-lojban", "jbo");
         singleEquivMap.put("ase", "sgn-us");
+        singleEquivMap.put("aue", "ktz");
         singleEquivMap.put("ayx", "nun");
         singleEquivMap.put("bfi", "sgn-gb");
         singleEquivMap.put("bjd", "drl");
@@ -67,12 +71,17 @@
         singleEquivMap.put("drl", "bjd");
         singleEquivMap.put("dse", "sgn-nl");
         singleEquivMap.put("dsl", "sgn-dk");
+        singleEquivMap.put("dz", "adp");
+        singleEquivMap.put("ema", "uok");
+        singleEquivMap.put("en-gb-oed", "en-gb-oxendict");
+        singleEquivMap.put("en-gb-oxendict", "en-gb-oed");
         singleEquivMap.put("fsl", "sgn-fr");
         singleEquivMap.put("gal", "ilw");
         singleEquivMap.put("gan", "zh-gan");
         singleEquivMap.put("gav", "dev");
         singleEquivMap.put("gsg", "sgn-de");
         singleEquivMap.put("gss", "sgn-gr");
+        singleEquivMap.put("gti", "nyc");
         singleEquivMap.put("he", "iw");
         singleEquivMap.put("hle", "sca");
         singleEquivMap.put("hrr", "jal");
@@ -102,28 +111,46 @@
         singleEquivMap.put("kgh", "kml");
         singleEquivMap.put("khk", "drh");
         singleEquivMap.put("kml", "kgh");
+        singleEquivMap.put("koj", "kwv");
+        singleEquivMap.put("ktz", "aue");
+        singleEquivMap.put("kwq", "yam");
+        singleEquivMap.put("kwv", "koj");
+        singleEquivMap.put("kxe", "tvd");
         singleEquivMap.put("lb", "i-lux");
         singleEquivMap.put("lcq", "ppr");
+        singleEquivMap.put("lii", "raq");
+        singleEquivMap.put("lmm", "rmx");
         singleEquivMap.put("lrr", "yma");
         singleEquivMap.put("meg", "cir");
         singleEquivMap.put("mfs", "sgn-mx");
         singleEquivMap.put("mo", "ro");
         singleEquivMap.put("mom", "cjr");
+        singleEquivMap.put("mtm", "ymt");
         singleEquivMap.put("nan", "zh-min-nan");
         singleEquivMap.put("nb", "no-bok");
         singleEquivMap.put("ncs", "sgn-ni");
+        singleEquivMap.put("ngv", "nnx");
         singleEquivMap.put("nn", "no-nyn");
+        singleEquivMap.put("nnx", "ngv");
         singleEquivMap.put("no-bok", "nb");
         singleEquivMap.put("no-nyn", "nn");
         singleEquivMap.put("nsl", "sgn-no");
         singleEquivMap.put("nun", "ayx");
         singleEquivMap.put("nv", "i-navajo");
+        singleEquivMap.put("nyc", "gti");
         singleEquivMap.put("opa", "ibi");
+        singleEquivMap.put("oyb", "thx");
         singleEquivMap.put("pcr", "adx");
+        singleEquivMap.put("phr", "pmu");
+        singleEquivMap.put("pmu", "phr");
         singleEquivMap.put("ppr", "lcq");
         singleEquivMap.put("psr", "sgn-pt");
+        singleEquivMap.put("pub", "puz");
+        singleEquivMap.put("puz", "pub");
         singleEquivMap.put("pwn", "i-pwn");
+        singleEquivMap.put("raq", "lii");
         singleEquivMap.put("ras", "tie");
+        singleEquivMap.put("rmx", "lmm");
         singleEquivMap.put("ro", "mo");
         singleEquivMap.put("sca", "hle");
         singleEquivMap.put("sfb", "sgn-be-fr");
@@ -152,24 +179,35 @@
         singleEquivMap.put("sgn-us", "ase");
         singleEquivMap.put("sgn-za", "sfs");
         singleEquivMap.put("ssp", "sgn-es");
+        singleEquivMap.put("suj", "xsj");
         singleEquivMap.put("swl", "sgn-se");
+        singleEquivMap.put("taj", "tsf");
         singleEquivMap.put("tao", "i-tao");
         singleEquivMap.put("tay", "i-tay");
+        singleEquivMap.put("thx", "oyb");
         singleEquivMap.put("tie", "ras");
         singleEquivMap.put("tkk", "twm");
         singleEquivMap.put("tlh", "i-klingon");
         singleEquivMap.put("tlw", "weo");
+        singleEquivMap.put("tsf", "taj");
         singleEquivMap.put("tsu", "i-tsu");
+        singleEquivMap.put("tvd", "kxe");
         singleEquivMap.put("twm", "tkk");
+        singleEquivMap.put("uok", "ema");
         singleEquivMap.put("vgt", "sgn-be-nl");
         singleEquivMap.put("weo", "tlw");
         singleEquivMap.put("wuu", "zh-wuu");
         singleEquivMap.put("xch", "cmk");
         singleEquivMap.put("xia", "acn");
+        singleEquivMap.put("xsj", "suj");
+        singleEquivMap.put("yam", "kwq");
         singleEquivMap.put("yi", "ji");
         singleEquivMap.put("yma", "lrr");
+        singleEquivMap.put("ymt", "mtm");
         singleEquivMap.put("yos", "zom");
         singleEquivMap.put("yue", "zh-yue");
+        singleEquivMap.put("yug", "yuu");
+        singleEquivMap.put("yuu", "yug");
         singleEquivMap.put("zh-cmn-hans", "cmn-hans");
         singleEquivMap.put("zh-cmn-hant", "cmn-hant");
         singleEquivMap.put("zh-gan", "gan");
@@ -182,14 +220,18 @@
         multiEquivsMap.put("ccq", new String[] {"rki", "ybd"});
         multiEquivsMap.put("cmn", new String[] {"zh-guoyu", "zh-cmn"});
         multiEquivsMap.put("drw", new String[] {"prs", "tnf"});
+        multiEquivsMap.put("gfx", new String[] {"vaj", "mwj", "oun"});
         multiEquivsMap.put("hak", new String[] {"i-hak", "zh-hakka"});
         multiEquivsMap.put("i-hak", new String[] {"hak", "zh-hakka"});
         multiEquivsMap.put("mry", new String[] {"mst", "myt"});
         multiEquivsMap.put("mst", new String[] {"mry", "myt"});
+        multiEquivsMap.put("mwj", new String[] {"vaj", "gfx", "oun"});
         multiEquivsMap.put("myt", new String[] {"mry", "mst"});
+        multiEquivsMap.put("oun", new String[] {"vaj", "gfx", "mwj"});
         multiEquivsMap.put("prs", new String[] {"drw", "tnf"});
         multiEquivsMap.put("rki", new String[] {"ccq", "ybd"});
         multiEquivsMap.put("tnf", new String[] {"prs", "drw"});
+        multiEquivsMap.put("vaj", new String[] {"gfx", "mwj", "oun"});
         multiEquivsMap.put("ybd", new String[] {"rki", "ccq"});
         multiEquivsMap.put("zh-cmn", new String[] {"cmn", "zh-guoyu"});
         multiEquivsMap.put("zh-guoyu", new String[] {"cmn", "zh-cmn"});
--- a/jdk/src/java.base/unix/native/libnet/NetworkInterface.c	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.base/unix/native/libnet/NetworkInterface.c	Wed Jul 05 21:49:47 2017 +0200
@@ -135,7 +135,8 @@
 #endif
 
 static netif  *addif(JNIEnv *env, int sock, const char *if_name, netif *ifs,
-                     struct sockaddr *ifr_addrP, int family, short prefix);
+                     struct sockaddr *ifr_addrP, struct sockaddr *ifr_broadaddrP,
+                     struct sockaddr *ifr_subnetaddrP, int family, short prefix);
 static void    freeif(netif *ifs);
 
 static int     openSocket(JNIEnv *env, int proto);
@@ -145,6 +146,7 @@
 static struct  sockaddr *getBroadcast(JNIEnv *env, int sock, const char *name,
                                       struct sockaddr *brdcast_store);
 static short   getSubnet(JNIEnv *env, int sock, const char *ifname);
+static short   computeMaskFromAddress(struct sockaddr *ifr_subnetaddrP);
 static int     getIndex(int sock, const char *ifname);
 
 static int     getFlags(int sock, const char *ifname, int *flags);
@@ -864,7 +866,8 @@
 }
 
 netif *addif(JNIEnv *env, int sock, const char *if_name, netif *ifs,
-             struct sockaddr *ifr_addrP, int family, short prefix)
+             struct sockaddr *ifr_addrP, struct sockaddr *ifr_broadaddrP,
+             struct sockaddr *ifr_subnetaddrP, int family, short prefix)
 {
     netif *currif = ifs, *parent;
     netaddr *addrP;
@@ -912,19 +915,30 @@
     addrP->mask = prefix;
     addrP->next = 0;
     if (family == AF_INET) {
-       // Deal with broadcast addr & subnet mask
-       struct sockaddr *brdcast_to =
-              (struct sockaddr *) ((char *)addrP + sizeof(netaddr) + addr_size);
-       addrP->brdcast = getBroadcast(env, sock, name, brdcast_to);
-       if ((*env)->ExceptionCheck(env) == JNI_TRUE) {
-           return ifs;
-       }
-       if ((mask = getSubnet(env, sock, name)) != -1) {
-           addrP->mask = mask;
-       } else if((*env)->ExceptionCheck(env)) {
-           return ifs;
-       }
-     }
+        // Deal with broadcast addr & subnet mask
+        if (ifr_broadaddrP != NULL) {  // just set it, if already known
+            addrP->brdcast =
+                (struct sockaddr *)((char *)addrP + sizeof(netaddr) + addr_size);
+            memcpy(addrP->brdcast, ifr_broadaddrP, addr_size);
+        } else {  // otherwise look it up
+            struct sockaddr *brdcast_to =
+                (struct sockaddr *)((char *)addrP + sizeof(netaddr) + addr_size);
+            addrP->brdcast = getBroadcast(env, sock, name, brdcast_to);
+            if ((*env)->ExceptionCheck(env) == JNI_TRUE) {
+                return ifs;
+            }
+        }
+
+        if (ifr_subnetaddrP != NULL) {  // just compute the mask, if already known
+            addrP->mask = computeMaskFromAddress(ifr_subnetaddrP);
+        } else {   // otherwise look it up
+            if ((mask = getSubnet(env, sock, name)) != -1) {
+                addrP->mask = mask;
+            } else if((*env)->ExceptionCheck(env)) {
+                return ifs;
+            }
+        }
+    }
 
     // Deal with virtual interface with colon notation e.g. eth0:1
     name_colonP = strchr(name, ':');
@@ -1023,6 +1037,20 @@
     return ifs;
 }
 
+static short computeMaskFromAddress(struct sockaddr *ifr_subnetaddrP) {
+    short ret = 0;
+    unsigned int mask;
+
+    mask = ntohl(((struct sockaddr_in*)ifr_subnetaddrP)->sin_addr.s_addr);
+
+    while (mask) {
+       mask <<= 1;
+       ret++;
+    }
+
+    return ret;
+}
+
 /*
  * Opens a socket for further ioct calls. proto is one of AF_INET or AF_INET6.
  */
@@ -1122,13 +1150,43 @@
 
     // Iterate through each interface
     ifreqP = ifc.ifc_req;
+    struct sockaddr addr, broadaddr, netmask;
     for (i = 0; i < ifc.ifc_len / sizeof(struct ifreq); i++, ifreqP++) {
+        struct sockaddr* broadaddrP = NULL;
+        struct sockaddr* subnetaddrP = NULL;
+
+        // Ignore non IPv4 Interfaces
+        if ((struct sockaddr *)&(ifreqP->ifr_addr) != NULL &&
+            ((struct sockaddr *)&(ifreqP->ifr_addr))->sa_family != AF_INET) {
+            continue;
+        }
+
+        memcpy(&addr, &(ifreqP->ifr_addr), sizeof(struct sockaddr));
+
+        // set broadaddrP, if applicable
+        if ((ifreqP->ifr_flags & IFF_POINTOPOINT) == 0 &&
+            ifreqP->ifr_flags & IFF_BROADCAST) {
+
+            if (ioctl(sock, SIOCGIFBRDADDR, ifreqP) == 0) {
+                memcpy(&broadaddr, &(ifreqP->ifr_broadaddr), sizeof(struct sockaddr));
+                broadaddrP = &broadaddr;
+            }
+            // restore the address, for subsequent calls
+            memcpy(&(ifreqP->ifr_addr), &addr, sizeof(struct sockaddr));
+        }
+
+        if (ioctl(sock, SIOCGIFNETMASK, ifreqP) == 0) {
 #if defined(_AIX)
-        if (ifreqP->ifr_addr.sa_family != AF_INET) continue;
+            memcpy(&netmask, &(ifreqP->ifr_addr), sizeof(struct sockaddr));
+#else
+            memcpy(&netmask, &(ifreqP->ifr_netmask), sizeof(struct sockaddr));
 #endif
+            subnetaddrP = &netmask;
+        }
+
         // Add to the list
         ifs = addif(env, sock, ifreqP->ifr_name, ifs,
-                    (struct sockaddr *)&(ifreqP->ifr_addr), AF_INET, 0);
+                    &addr, broadaddrP, subnetaddrP, AF_INET, 0);
 
         // If an exception occurred then free the list
         if ((*env)->ExceptionOccurred(env)) {
@@ -1177,7 +1235,7 @@
             addr.sin6_scope_id = if_idx;
 
             ifs = addif(env, sock, devname, ifs, (struct sockaddr *)&addr,
-                        AF_INET6, (short)prefix);
+                        NULL, NULL, AF_INET6, (short)prefix);
 
             // If an exception occurred then return the list as is.
             if ((*env)->ExceptionOccurred(env)) {
@@ -1261,7 +1319,8 @@
 
         // Add to the list
         ifs = addif(env, sock, ifreqP->ifr_name, ifs,
-                    (struct sockaddr *)&(ifreqP->ifr_addr), AF_INET6, 0);
+                    (struct sockaddr *)&(ifreqP->ifr_addr),
+                    NULL, NULL, AF_INET6, 0);
 
         // If an exception occurred then free the list
         if ((*env)->ExceptionOccurred(env)) {
@@ -1346,14 +1405,7 @@
         return -1;
     }
 
-    mask = ntohl(((struct sockaddr_in*)&(if2.ifr_addr))->sin_addr.s_addr);
-    ret = 0;
-    while (mask) {
-       mask <<= 1;
-       ret++;
-    }
-
-    return ret;
+    return computeMaskFromAddress(&(if2.ifr_addr));
 }
 
 /*
@@ -1595,8 +1647,8 @@
 
         // add to the list
         ifs = addif(env, sock,ifr->lifr_name, ifs,
-                    (struct sockaddr *)&(ifr->lifr_addr), family,
-                    (short)ifr->lifr_addrlen);
+                    (struct sockaddr *)&(ifr->lifr_addr),
+                    NULL, NULL, family, (short)ifr->lifr_addrlen);
 
         // If an exception occurred we return immediately
         if ((*env)->ExceptionOccurred(env)) {
@@ -1674,15 +1726,7 @@
         return -1;
     }
 
-    mask = ntohl(((struct sockaddr_in*)&(if2.lifr_addr))->sin_addr.s_addr);
-    ret = 0;
-
-    while (mask) {
-       mask <<= 1;
-       ret++;
-    }
-
-    return ret;
+    return computeMaskFromAddress(&(if2.lifr_addr));
 }
 
 
@@ -1889,13 +1933,21 @@
     }
 
     for (ifa = origifa; ifa != NULL; ifa = ifa->ifa_next) {
+        struct sockaddr* ifa_broadaddr = NULL;
 
         // Skip non-AF_INET entries.
         if (ifa->ifa_addr == NULL || ifa->ifa_addr->sa_family != AF_INET)
             continue;
 
+        // set ifa_broadaddr, if there is one
+        if ((ifa->ifa_flags & IFF_POINTOPOINT) == 0 &&
+            ifa->ifa_flags & IFF_BROADCAST) {
+            ifa_broadaddr = ifa->ifa_broadaddr;
+        }
+
         // Add to the list.
-        ifs = addif(env, sock, ifa->ifa_name, ifs, ifa->ifa_addr, AF_INET, 0);
+        ifs = addif(env, sock, ifa->ifa_name, ifs, ifa->ifa_addr,
+                    ifa_broadaddr, ifa->ifa_netmask, AF_INET, 0);
 
         // If an exception occurred then free the list.
         if ((*env)->ExceptionOccurred(env)) {
@@ -1971,8 +2023,9 @@
 
         // Add to the list.
         sin6 = (struct sockaddr_in6 *)&ifr6.ifr_addr;
-        ifs = addif(env, sock, ifa->ifa_name, ifs, ifa->ifa_addr, AF_INET6,
-            (short)prefix(&sin6->sin6_addr, sizeof(struct in6_addr)));
+        ifs = addif(env, sock, ifa->ifa_name, ifs, ifa->ifa_addr, NULL, NULL,
+                    AF_INET6,
+                    (short)prefix(&sin6->sin6_addr, sizeof(struct in6_addr)));
 
         // If an exception occurred then free the list.
         if ((*env)->ExceptionOccurred(env)) {
@@ -2059,14 +2112,7 @@
         return -1;
     }
 
-    mask = ntohl(((struct sockaddr_in*)&(if2.ifr_addr))->sin_addr.s_addr);
-    ret = 0;
-    while (mask) {
-       mask <<= 1;
-       ret++;
-    }
-
-    return ret;
+    return computeMaskFromAddress(&(if2.ifr_addr));
 }
 
 /*
--- a/jdk/src/java.desktop/macosx/classes/com/apple/eawt/Application.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.desktop/macosx/classes/com/apple/eawt/Application.java	Wed Jul 05 21:49:47 2017 +0200
@@ -372,7 +372,6 @@
      * Acceptable values are from 0 to 100, any other disables progress indication.
      *
      * @param value progress value
-     * @since 1.9
      */
     public void setDockIconProgress(final int value) {
         iconHandler.setDockIconProgress(value);
--- a/jdk/src/java.httpclient/share/classes/java/net/http/WS.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.httpclient/share/classes/java/net/http/WS.java	Wed Jul 05 21:49:47 2017 +0200
@@ -86,7 +86,7 @@
                 }
             }
         };
-        transmitter = new WSTransmitter(executor, channel, errorHandler);
+        transmitter = new WSTransmitter(this, executor, channel, errorHandler);
         receiver = new WSReceiver(this.listener, this, executor, channel);
     }
 
@@ -95,12 +95,7 @@
     }
 
     @Override
-    public CompletableFuture<Void> sendText(ByteBuffer message, boolean isLast) {
-        throw new UnsupportedOperationException("Not implemented");
-    }
-
-    @Override
-    public CompletableFuture<Void> sendText(CharSequence message, boolean isLast) {
+    public CompletableFuture<WebSocket> sendText(CharSequence message, boolean isLast) {
         requireNonNull(message, "message");
         synchronized (stateLock) {
             checkState();
@@ -109,7 +104,7 @@
     }
 
     @Override
-    public CompletableFuture<Void> sendText(Stream<? extends CharSequence> message) {
+    public CompletableFuture<WebSocket> sendText(Stream<? extends CharSequence> message) {
         requireNonNull(message, "message");
         synchronized (stateLock) {
             checkState();
@@ -118,7 +113,7 @@
     }
 
     @Override
-    public CompletableFuture<Void> sendBinary(ByteBuffer message, boolean isLast) {
+    public CompletableFuture<WebSocket> sendBinary(ByteBuffer message, boolean isLast) {
         requireNonNull(message, "message");
         synchronized (stateLock) {
             checkState();
@@ -127,7 +122,7 @@
     }
 
     @Override
-    public CompletableFuture<Void> sendPing(ByteBuffer message) {
+    public CompletableFuture<WebSocket> sendPing(ByteBuffer message) {
         requireNonNull(message, "message");
         synchronized (stateLock) {
             checkState();
@@ -136,7 +131,7 @@
     }
 
     @Override
-    public CompletableFuture<Void> sendPong(ByteBuffer message) {
+    public CompletableFuture<WebSocket> sendPong(ByteBuffer message) {
         requireNonNull(message, "message");
         synchronized (stateLock) {
             checkState();
@@ -145,7 +140,7 @@
     }
 
     @Override
-    public CompletableFuture<Void> sendClose(CloseCode code, CharSequence reason) {
+    public CompletableFuture<WebSocket> sendClose(CloseCode code, CharSequence reason) {
         requireNonNull(code, "code");
         requireNonNull(reason, "reason");
         synchronized (stateLock) {
@@ -154,13 +149,13 @@
     }
 
     @Override
-    public CompletableFuture<Void> sendClose() {
+    public CompletableFuture<WebSocket> sendClose() {
         synchronized (stateLock) {
             return doSendClose(() -> transmitter.sendClose());
         }
     }
 
-    private CompletableFuture<Void> doSendClose(Supplier<CompletableFuture<Void>> s) {
+    private CompletableFuture<WebSocket> doSendClose(Supplier<CompletableFuture<WebSocket>> s) {
         checkState();
         boolean closeChannel = false;
         synchronized (stateLock) {
@@ -170,7 +165,7 @@
                 tryChangeState(State.CLOSED_LOCALLY);
             }
         }
-        CompletableFuture<Void> sent = s.get();
+        CompletableFuture<WebSocket> sent = s.get();
         if (closeChannel) {
             sent.whenComplete((v, t) -> {
                 try {
@@ -239,7 +234,7 @@
             }
 
             @Override
-            public CompletionStage<?> onText(WebSocket webSocket, Text message,
+            public CompletionStage<?> onText(WebSocket webSocket, CharSequence message,
                                              MessagePart part) {
                 synchronized (visibilityLock) {
                     return listener.onText(webSocket, message, part);
--- a/jdk/src/java.httpclient/share/classes/java/net/http/WSDisposableText.java	Thu Jun 09 17:28:37 2016 +0000
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,67 +0,0 @@
-/*
- * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General  License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General  License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General  License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-package java.net.http;
-
-import java.nio.ByteBuffer;
-import java.nio.CharBuffer;
-
-final class WSDisposableText implements WebSocket.Text, WSDisposable {
-
-    private final WSShared<CharBuffer> text;
-
-    WSDisposableText(WSShared<CharBuffer> text) {
-        this.text = text;
-    }
-
-    @Override
-    public int length() {
-        return text.buffer().length();
-    }
-
-    @Override
-    public char charAt(int index) {
-        return text.buffer().charAt(index);
-    }
-
-    @Override
-    public CharSequence subSequence(int start, int end) {
-        return text.buffer().subSequence(start, end);
-    }
-
-    @Override
-    public ByteBuffer asByteBuffer() {
-        throw new UnsupportedOperationException("To be removed from the API");
-    }
-
-    @Override
-    public String toString() {
-        return text.buffer().toString();
-    }
-
-    @Override
-    public void dispose() {
-        text.dispose();
-    }
-}
--- a/jdk/src/java.httpclient/share/classes/java/net/http/WSFrameConsumer.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.httpclient/share/classes/java/net/http/WSFrameConsumer.java	Wed Jul 05 21:49:47 2017 +0200
@@ -214,7 +214,7 @@
                 if (!(binaryNonEmpty && !textData.hasRemaining())) {
                     // If there's a binary data, that result in no text, then we
                     // don't deliver anything
-                    output.onText(part, new WSDisposableText(textData));
+                    output.onText(part, textData);
                 }
             }
         }
--- a/jdk/src/java.httpclient/share/classes/java/net/http/WSMessageConsumer.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.httpclient/share/classes/java/net/http/WSMessageConsumer.java	Wed Jul 05 21:49:47 2017 +0200
@@ -27,10 +27,11 @@
 import java.net.http.WebSocket.CloseCode;
 import java.net.http.WebSocket.MessagePart;
 import java.nio.ByteBuffer;
+import java.nio.CharBuffer;
 
 interface WSMessageConsumer {
 
-    void onText(MessagePart part, WSDisposableText data);
+    void onText(MessagePart part, WSShared<CharBuffer> data);
 
     void onBinary(MessagePart part, WSShared<ByteBuffer> data);
 
--- a/jdk/src/java.httpclient/share/classes/java/net/http/WSReceiver.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.httpclient/share/classes/java/net/http/WSReceiver.java	Wed Jul 05 21:49:47 2017 +0200
@@ -29,6 +29,7 @@
 import java.net.ProtocolException;
 import java.net.http.WebSocket.Listener;
 import java.nio.ByteBuffer;
+import java.nio.CharBuffer;
 import java.nio.channels.SelectionKey;
 import java.util.Optional;
 import java.util.concurrent.CompletionStage;
@@ -169,11 +170,11 @@
     private final class MessageConsumer implements WSMessageConsumer {
 
         @Override
-        public void onText(WebSocket.MessagePart part, WSDisposableText data) {
+        public void onText(WebSocket.MessagePart part, WSShared<CharBuffer> data) {
             decrementDemand();
             CompletionStage<?> cs;
             try {
-                cs = listener.onText(webSocket, data, part);
+                cs = listener.onText(webSocket, data.buffer(), part);
             } catch (Exception e) {
                 closeExceptionally(new RuntimeException("onText threw an exception", e));
                 return;
--- a/jdk/src/java.httpclient/share/classes/java/net/http/WSTransmitter.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.httpclient/share/classes/java/net/http/WSTransmitter.java	Wed Jul 05 21:49:47 2017 +0200
@@ -51,15 +51,17 @@
  */
 final class WSTransmitter {
 
-    private final BlockingQueue<Pair<WSOutgoingMessage, CompletableFuture<Void>>>
+    private final BlockingQueue<Pair<WSOutgoingMessage, CompletableFuture<WebSocket>>>
             backlog = new LinkedBlockingQueue<>();
     private final WSMessageSender sender;
     private final WSSignalHandler handler;
+    private final WebSocket webSocket;
     private boolean previousMessageSent = true;
     private boolean canSendBinary = true;
     private boolean canSendText = true;
 
-    WSTransmitter(Executor executor, RawChannel channel, Consumer<Throwable> errorHandler) {
+    WSTransmitter(WebSocket ws, Executor executor, RawChannel channel, Consumer<Throwable> errorHandler) {
+        this.webSocket = ws;
         this.handler = new WSSignalHandler(executor, this::handleSignal);
         Consumer<Throwable> sendCompletion = (error) -> {
             synchronized (this) {
@@ -76,41 +78,41 @@
         this.sender = new WSMessageSender(channel, sendCompletion);
     }
 
-    CompletableFuture<Void> sendText(CharSequence message, boolean isLast) {
+    CompletableFuture<WebSocket> sendText(CharSequence message, boolean isLast) {
         checkAndUpdateText(isLast);
         return acceptMessage(new Text(isLast, message));
     }
 
-    CompletableFuture<Void> sendText(Stream<? extends CharSequence> message) {
+    CompletableFuture<WebSocket> sendText(Stream<? extends CharSequence> message) {
         checkAndUpdateText(true);
         return acceptMessage(new StreamedText(message));
     }
 
-    CompletableFuture<Void> sendBinary(ByteBuffer message, boolean isLast) {
+    CompletableFuture<WebSocket> sendBinary(ByteBuffer message, boolean isLast) {
         checkAndUpdateBinary(isLast);
         return acceptMessage(new Binary(isLast, message));
     }
 
-    CompletableFuture<Void> sendPing(ByteBuffer message) {
+    CompletableFuture<WebSocket> sendPing(ByteBuffer message) {
         checkSize(message.remaining(), 125);
         return acceptMessage(new Ping(message));
     }
 
-    CompletableFuture<Void> sendPong(ByteBuffer message) {
+    CompletableFuture<WebSocket> sendPong(ByteBuffer message) {
         checkSize(message.remaining(), 125);
         return acceptMessage(new Pong(message));
     }
 
-    CompletableFuture<Void> sendClose(WebSocket.CloseCode code, CharSequence reason) {
+    CompletableFuture<WebSocket> sendClose(WebSocket.CloseCode code, CharSequence reason) {
         return acceptMessage(createCloseMessage(code, reason));
     }
 
-    CompletableFuture<Void> sendClose() {
+    CompletableFuture<WebSocket> sendClose() {
         return acceptMessage(new Close(ByteBuffer.allocate(0)));
     }
 
-    private CompletableFuture<Void> acceptMessage(WSOutgoingMessage m) {
-        CompletableFuture<Void> cf = new CompletableFuture<>();
+    private CompletableFuture<WebSocket> acceptMessage(WSOutgoingMessage m) {
+        CompletableFuture<WebSocket> cf = new CompletableFuture<>();
         synchronized (this) {
             backlog.offer(pair(m, cf));
         }
@@ -123,11 +125,11 @@
         synchronized (this) {
             while (!backlog.isEmpty() && previousMessageSent) {
                 previousMessageSent = false;
-                Pair<WSOutgoingMessage, CompletableFuture<Void>> p = backlog.peek();
+                Pair<WSOutgoingMessage, CompletableFuture<WebSocket>> p = backlog.peek();
                 boolean sent = sender.trySendFully(p.first);
                 if (sent) {
                     backlog.remove();
-                    p.second.complete(null);
+                    p.second.complete(webSocket);
                     previousMessageSent = true;
                 }
             }
--- a/jdk/src/java.httpclient/share/classes/java/net/http/WebSocket.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.httpclient/share/classes/java/net/http/WebSocket.java	Wed Jul 05 21:49:47 2017 +0200
@@ -52,8 +52,8 @@
  *
  * <p> Messages of type {@code X} are sent through the {@code WebSocket.sendX}
  * methods and received through {@link WebSocket.Listener}{@code .onX} methods
- * asynchronously. Each of the methods begins the operation and returns a {@link
- * CompletionStage} which completes when the operation has completed.
+ * asynchronously. Each of the methods returns a {@link CompletionStage} which
+ * completes when the operation has completed.
  *
  * <p> Messages are received only if {@linkplain #request(long) requested}.
  *
@@ -79,6 +79,9 @@
  * or method of this type will cause a {@link NullPointerException
  * NullPointerException} to be thrown.
  *
+ * @implNote The default implementation's methods do not block before returning
+ * a {@code CompletableFuture}.
+ *
  * @since 9
  */
 public interface WebSocket {
@@ -234,9 +237,9 @@
         /**
          * Builds a {@code WebSocket}.
          *
-         * <p> Returns immediately with a {@code CompletableFuture<WebSocket>}
-         * which completes with the {@code WebSocket} when it is connected, or
-         * completes exceptionally if an error occurs.
+         * <p> Returns a {@code CompletableFuture<WebSocket>} which completes
+         * normally with the {@code WebSocket} when it is connected or completes
+         * exceptionally if an error occurs.
          *
          * <p> {@code CompletableFuture} may complete exceptionally with the
          * following errors:
@@ -252,7 +255,7 @@
          *          if the opening handshake fails
          * </ul>
          *
-         * @return a {@code CompletableFuture} of {@code WebSocket}
+         * @return a {@code CompletableFuture} with the {@code WebSocket}
          */
         CompletableFuture<WebSocket> buildAsync();
     }
@@ -264,7 +267,7 @@
      * <ul>
      * <li> {@link #onOpen onOpen} <br>
      * This method is always the first to be invoked.
-     * <li> {@link #onText(WebSocket, WebSocket.Text, WebSocket.MessagePart)
+     * <li> {@link #onText(WebSocket, CharSequence, WebSocket.MessagePart)
      * onText}, {@link #onBinary(WebSocket, ByteBuffer, WebSocket.MessagePart)
      * onBinary}, {@link #onPing(WebSocket, ByteBuffer) onPing} and {@link
      * #onPong(WebSocket, ByteBuffer) onPong} <br>
@@ -375,6 +378,9 @@
          * @implSpec The default implementation {@linkplain WebSocket#request(long)
          * requests one more message}.
          *
+         * @implNote This implementation passes only complete UTF-16 sequences
+         * to the {@code onText} method.
+         *
          * @param webSocket
          *         the WebSocket
          * @param message
@@ -386,7 +392,7 @@
          * is done; or {@code null} if already done
          */
         default CompletionStage<?> onText(WebSocket webSocket,
-                                          Text message,
+                                          CharSequence message,
                                           MessagePart part) {
             webSocket.request(1);
             return null;
@@ -596,59 +602,11 @@
     }
 
     /**
-     * Sends a Text message with bytes from the given {@code ByteBuffer}.
+     * Sends a Text message with characters from the given {@code CharSequence}.
      *
-     * <p> Returns immediately with a {@code CompletableFuture<Void>} which
-     * completes normally when the message has been sent, or completes
-     * exceptionally if an error occurs.
-     *
-     * <p> This message may be a partial UTF-8 sequence. However, the
-     * concatenation of all messages through the last must be a whole UTF-8
-     * sequence.
-     *
-     * <p> The {@code ByteBuffer} should not be modified until the returned
-     * {@code CompletableFuture} completes (either normally or exceptionally).
-     *
-     * <p> The returned {@code CompletableFuture} can complete exceptionally
-     * with:
-     * <ul>
-     * <li> {@link IOException}
-     *          if an I/O error occurs during this operation; or the
-     *          {@code WebSocket} closes while this operation is in progress;
-     *          or the {@code message} is a malformed UTF-8 sequence
-     * </ul>
-     *
-     * @param message
-     *         the message
-     * @param isLast
-     *         {@code true} if this is the final part of the message,
-     *         {@code false} otherwise
-     *
-     * @return a CompletableFuture of Void
-     *
-     * @throws IllegalStateException
-     *         if the WebSocket is closed
-     * @throws IllegalStateException
-     *         if a Close message has been sent already
-     * @throws IllegalStateException
-     *         if there is an outstanding send operation
-     * @throws IllegalStateException
-     *         if a previous Binary message
-     *         was not sent with {@code isLast == true}
-     */
-    CompletableFuture<Void> sendText(ByteBuffer message, boolean isLast);
-
-    /**
-     * Sends a Text message with characters from the given {@code
-     * CharSequence}.
-     *
-     * <p> Returns immediately with a {@code CompletableFuture<Void>} which
-     * completes normally when the message has been sent, or completes
-     * exceptionally if an error occurs.
-     *
-     * <p> This message may be a partial UTF-16 sequence. However, the
-     * concatenation of all messages through the last must be a whole UTF-16
-     * sequence.
+     * <p> Returns a {@code CompletableFuture<WebSocket>} which completes
+     * normally when the message has been sent or completes exceptionally if an
+     * error occurs.
      *
      * <p> The {@code CharSequence} should not be modified until the returned
      * {@code CompletableFuture} completes (either normally or exceptionally).
@@ -657,30 +615,30 @@
      * with:
      * <ul>
      * <li> {@link IOException}
-     *          if an I/O error occurs during this operation; or the
-     *          {@code WebSocket} closes while this operation is in progress;
-     *          or the {@code message} is a malformed UTF-16 sequence
+     *          if an I/O error occurs during this operation
+     * <li> {@link IllegalStateException}
+     *          if the {@code WebSocket} closes while this operation is in progress;
+     *          or if a Close message has been sent already;
+     *          or if there is an outstanding send operation;
+     *          or if a previous Binary message was not sent with {@code isLast == true}
      * </ul>
      *
+     * @implNote This implementation does not accept partial UTF-16
+     * sequences. In case such a sequence is passed, a returned {@code
+     * CompletableFuture} completes exceptionally.
+     *
      * @param message
      *         the message
      * @param isLast
-     *         {@code true} if this is the final part of the message
+     *         {@code true} if this is the final part of the message,
      *         {@code false} otherwise
      *
-     * @return a CompletableFuture of Void
+     * @return a CompletableFuture with this WebSocket
      *
-     * @throws IllegalStateException
-     *         if the WebSocket is closed
-     * @throws IllegalStateException
-     *         if a Close message has been already sent
-     * @throws IllegalStateException
-     *         if there is an outstanding send operation
-     * @throws IllegalStateException
-     *         if a previous Binary message was not sent
-     *         with {@code isLast == true}
+     * @throws IllegalArgumentException
+     *         if {@code message} is a malformed (or an incomplete) UTF-16 sequence
      */
-    CompletableFuture<Void> sendText(CharSequence message, boolean isLast);
+    CompletableFuture<WebSocket> sendText(CharSequence message, boolean isLast);
 
     /**
      * Sends a whole Text message with characters from the given {@code
@@ -689,9 +647,9 @@
      * <p> This is a convenience method. For the general case, use {@link
      * #sendText(CharSequence, boolean)}.
      *
-     * <p> Returns immediately with a {@code CompletableFuture<Void>} which
-     * completes normally when the message has been sent, or completes
-     * exceptionally if an error occurs.
+     * <p> Returns a {@code CompletableFuture<WebSocket>} which completes
+     * normally when the message has been sent or completes exceptionally if an
+     * error occurs.
      *
      * <p> The {@code CharSequence} should not be modified until the returned
      * {@code CompletableFuture} completes (either normally or exceptionally).
@@ -700,27 +658,23 @@
      * with:
      * <ul>
      * <li> {@link IOException}
-     *          if an I/O error occurs during this operation; or the
-     *          {@code WebSocket} closes while this operation is in progress;
-     *          or the message is a malformed UTF-16 sequence
+     *          if an I/O error occurs during this operation
+     * <li> {@link IllegalStateException}
+     *          if the {@code WebSocket} closes while this operation is in progress;
+     *          or if a Close message has been sent already;
+     *          or if there is an outstanding send operation;
+     *          or if a previous Binary message was not sent with {@code isLast == true}
      * </ul>
      *
      * @param message
      *         the message
      *
-     * @return a CompletableFuture of Void
+     * @return a CompletableFuture with this WebSocket
      *
-     * @throws IllegalStateException
-     *         if the WebSocket is closed
-     * @throws IllegalStateException
-     *         if a Close message has been already sent
-     * @throws IllegalStateException
-     *         if there is an outstanding send operation
-     * @throws IllegalStateException
-     *         if a previous Binary message was not sent
-     *         with {@code isLast == true}
+     * @throws IllegalArgumentException
+     *         if {@code message} is a malformed (or an incomplete) UTF-16 sequence
      */
-    default CompletableFuture<Void> sendText(CharSequence message) {
+    default CompletableFuture<WebSocket> sendText(CharSequence message) {
         return sendText(message, true);
     }
 
@@ -731,9 +685,9 @@
      * <p> This is a convenience method. For the general case use {@link
      * #sendText(CharSequence, boolean)}.
      *
-     * <p> Returns immediately with a {@code CompletableFuture<Void>} which
-     * completes normally when the message has been sent, or completes
-     * exceptionally if an error occurs.
+     * <p> Returns a {@code CompletableFuture<WebSocket>} which completes
+     * normally when the message has been sent or completes exceptionally if an
+     * error occurs.
      *
      * <p> Streamed character sequences should not be modified until the
      * returned {@code CompletableFuture} completes (either normally or
@@ -743,41 +697,41 @@
      * with:
      * <ul>
      * <li> {@link IOException}
-     *          if an I/O error occurs during this operation; or the
-     *          {@code WebSocket} closes while this operation is in progress;
-     *          or the message is a malformed UTF-16 sequence
+     *          if an I/O error occurs during this operation
+     * <li> {@link IllegalStateException}
+     *          if the {@code WebSocket} closes while this operation is in progress;
+     *          or if a Close message has been sent already;
+     *          or if there is an outstanding send operation;
+     *          or if a previous Binary message was not sent with {@code isLast == true}
      * </ul>
      *
      * @param message
      *         the message
      *
-     * @return a CompletableFuture of Void
+     * @return a CompletableFuture with this WebSocket
      *
-     * @throws IllegalStateException
-     *         if the WebSocket is closed
-     * @throws IllegalStateException
-     *         if a Close message has been already sent
-     * @throws IllegalStateException
-     *         if there is an outstanding send operation
-     * @throws IllegalStateException
-     *         if a previous Binary message was not sent
-     *         with {@code isLast == true}
+     * @throws IllegalArgumentException
+     *         if {@code message} is a malformed (or an incomplete) UTF-16 sequence
      */
-    CompletableFuture<Void> sendText(Stream<? extends CharSequence> message);
+    CompletableFuture<WebSocket> sendText(Stream<? extends CharSequence> message);
 
     /**
      * Sends a Binary message with bytes from the given {@code ByteBuffer}.
      *
-     * <p> Returns immediately with a {@code CompletableFuture<Void>} which
-     * completes normally when the message has been sent, or completes
-     * exceptionally if an error occurs.
+     * <p> Returns a {@code CompletableFuture<WebSocket>} which completes
+     * normally when the message has been sent or completes exceptionally if an
+     * error occurs.
      *
      * <p> The returned {@code CompletableFuture} can complete exceptionally
      * with:
      * <ul>
      * <li> {@link IOException}
-     *          if an I/O error occurs during this operation or the
-     *          {@code WebSocket} closes while this operation is in progress
+     *          if an I/O error occurs during this operation
+     * <li> {@link IllegalStateException}
+     *          if the {@code WebSocket} closes while this operation is in progress;
+     *          or if a Close message has been sent already;
+     *          or if there is an outstanding send operation;
+     *          or if a previous Text message was not sent with {@code isLast == true}
      * </ul>
      *
      * @param message
@@ -786,33 +740,27 @@
      *         {@code true} if this is the final part of the message,
      *         {@code false} otherwise
      *
-     * @return a CompletableFuture of Void
-     *
-     * @throws IllegalStateException
-     *         if the WebSocket is closed
-     * @throws IllegalStateException
-     *         if a Close message has been already sent
-     * @throws IllegalStateException
-     *         if there is an outstanding send operation
-     * @throws IllegalStateException
-     *         if a previous Text message was not sent
-     *         with {@code isLast == true}
+     * @return a CompletableFuture with this WebSocket
      */
-    CompletableFuture<Void> sendBinary(ByteBuffer message, boolean isLast);
+    CompletableFuture<WebSocket> sendBinary(ByteBuffer message, boolean isLast);
 
     /**
      * Sends a Binary message with bytes from the given {@code byte[]}.
      *
-     * <p> Returns immediately with a {@code CompletableFuture<Void>} which
-     * completes normally when the message has been sent, or completes
-     * exceptionally if an error occurs.
+     * <p> Returns a {@code CompletableFuture<WebSocket>} which completes
+     * normally when the message has been sent or completes exceptionally if an
+     * error occurs.
      *
      * <p> The returned {@code CompletableFuture} can complete exceptionally
      * with:
      * <ul>
      * <li> {@link IOException}
-     *          if an I/O error occurs during this operation or the
-     *          {@code WebSocket} closes while this operation is in progress
+     *          if an I/O error occurs during this operation
+     * <li> {@link IllegalStateException}
+     *          if the {@code WebSocket} closes while this operation is in progress;
+     *          or if a Close message has been sent already;
+     *          or if there is an outstanding send operation;
+     *          or if a previous Text message was not sent with {@code isLast == true}
      * </ul>
      *
      * @implSpec This is equivalent to:
@@ -826,19 +774,9 @@
      *         {@code true} if this is the final part of the message,
      *         {@code false} otherwise
      *
-     * @return a CompletableFuture of Void
-     *
-     * @throws IllegalStateException
-     *         if the WebSocket is closed
-     * @throws IllegalStateException
-     *         if a Close message has been already sent
-     * @throws IllegalStateException
-     *         if there is an outstanding send operation
-     * @throws IllegalStateException
-     *         if a previous Text message was not sent
-     *         with {@code isLast == true}
+     * @return a CompletableFuture with this WebSocket
      */
-    default CompletableFuture<Void> sendBinary(byte[] message, boolean isLast) {
+    default CompletableFuture<WebSocket> sendBinary(byte[] message, boolean isLast) {
         Objects.requireNonNull(message, "message");
         return sendBinary(ByteBuffer.wrap(message), isLast);
     }
@@ -846,9 +784,9 @@
     /**
      * Sends a Ping message.
      *
-     * <p> Returns immediately with a {@code CompletableFuture<Void>} which
-     * completes normally when the message has been sent, or completes
-     * exceptionally if an error occurs.
+     * <p> Returns a {@code CompletableFuture<WebSocket>} which completes
+     * normally when the message has been sent or completes exceptionally if an
+     * error occurs.
      *
      * <p> A Ping message may be sent or received by either client or server.
      * It may serve either as a keepalive or as a means to verify that the
@@ -861,32 +799,29 @@
      * with:
      * <ul>
      * <li> {@link IOException}
-     *          if an I/O error occurs during this operation or the
-     *          {@code WebSocket} closes while this operation is in progress
+     *          if an I/O error occurs during this operation
+     * <li> {@link IllegalStateException}
+     *          if the {@code WebSocket} closes while this operation is in progress;
+     *          or if a Close message has been sent already;
+     *          or if there is an outstanding send operation
      * </ul>
      *
      * @param message
      *         the message
      *
-     * @return a CompletableFuture of Void
+     * @return a CompletableFuture with this WebSocket
      *
-     * @throws IllegalStateException
-     *         if the WebSocket is closed
-     * @throws IllegalStateException
-     *         if a Close message has been already sent
-     * @throws IllegalStateException
-     *         if there is an outstanding send operation
      * @throws IllegalArgumentException
      *         if {@code message.remaining() > 125}
      */
-    CompletableFuture<Void> sendPing(ByteBuffer message);
+    CompletableFuture<WebSocket> sendPing(ByteBuffer message);
 
     /**
      * Sends a Pong message.
      *
-     * <p> Returns immediately with a {@code CompletableFuture<Void>} which
-     * completes normally when the message has been sent, or completes
-     * exceptionally if an error occurs.
+     * <p> Returns a {@code CompletableFuture<WebSocket>} which completes
+     * normally when the message has been sent or completes exceptionally if an
+     * error occurs.
      *
      * <p> A Pong message may be unsolicited or may be sent in response to a
      * previously received Ping. In latter case the contents of the Pong is
@@ -899,32 +834,29 @@
      * with:
      * <ul>
      * <li> {@link IOException}
-     *          if an I/O error occurs during this operation or the
-     *          {@code WebSocket} closes while this operation is in progress
+     *          if an I/O error occurs during this operation
+     * <li> {@link IllegalStateException}
+     *          if the {@code WebSocket} closes while this operation is in progress;
+     *          or if a Close message has been sent already;
+     *          or if there is an outstanding send operation
      * </ul>
      *
      * @param message
      *         the message
      *
-     * @return a CompletableFuture of Void
+     * @return a CompletableFuture with this WebSocket
      *
-     * @throws IllegalStateException
-     *         if the WebSocket is closed
-     * @throws IllegalStateException
-     *         if a Close message has been already sent
-     * @throws IllegalStateException
-     *         if there is an outstanding send operation
      * @throws IllegalArgumentException
      *         if {@code message.remaining() > 125}
      */
-    CompletableFuture<Void> sendPong(ByteBuffer message);
+    CompletableFuture<WebSocket> sendPong(ByteBuffer message);
 
     /**
      * Sends a Close message with the given close code and the reason.
      *
-     * <p> Returns immediately with a {@code CompletableFuture<Void>} which
-     * completes normally when the message has been sent, or completes
-     * exceptionally if an error occurs.
+     * <p> Returns a {@code CompletableFuture<WebSocket>} which completes
+     * normally when the message has been sent or completes exceptionally if an
+     * error occurs.
      *
      * <p> A Close message may consist of a close code and a reason for closing.
      * The reason must have a valid UTF-8 representation not longer than {@code
@@ -935,8 +867,11 @@
      * with:
      * <ul>
      * <li> {@link IOException}
-     *          if an I/O error occurs during this operation or the
-     *          {@code WebSocket} closes while this operation is in progress
+     *          if an I/O error occurs during this operation
+     * <li> {@link IllegalStateException}
+     *          if the {@code WebSocket} closes while this operation is in progress;
+     *          or if a Close message has been sent already;
+     *          or if there is an outstanding send operation
      * </ul>
      *
      * @param code
@@ -944,45 +879,35 @@
      * @param reason
      *         the reason; can be empty
      *
-     * @return a CompletableFuture of Void
+     * @return a CompletableFuture with this WebSocket
      *
-     * @throws IllegalStateException
-     *         if the WebSocket is closed
-     * @throws IllegalStateException
-     *         if a Close message has been already sent
-     * @throws IllegalStateException
-     *         if there is an outstanding send operation
      * @throws IllegalArgumentException
-     *         if the {@code reason} doesn't have a valid UTF-8
-     *         representation not longer than {@code 123} bytes
+     *         if {@code reason} doesn't have an UTF-8 representation not longer
+     *         than {@code 123} bytes
      */
-    CompletableFuture<Void> sendClose(CloseCode code, CharSequence reason);
+    CompletableFuture<WebSocket> sendClose(CloseCode code, CharSequence reason);
 
     /**
      * Sends an empty Close message.
      *
-     * <p> Returns immediately with a {@code CompletableFuture<Void>} which
-     * completes normally when the message has been sent, or completes
-     * exceptionally if an error occurs.
+     * <p> Returns a {@code CompletableFuture<WebSocket>} which completes
+     * normally when the message has been sent or completes exceptionally if an
+     * error occurs.
      *
      * <p> The returned {@code CompletableFuture} can complete exceptionally
      * with:
      * <ul>
      * <li> {@link IOException}
-     *          if an I/O error occurs during this operation or the
-     *          {@code WebSocket} closes while this operation is in progress
+     *          if an I/O error occurs during this operation
+     * <li> {@link IllegalStateException}
+     *          if the {@code WebSocket} closes while this operation is in progress;
+     *          or if a Close message has been sent already;
+     *          or if there is an outstanding send operation
      * </ul>
      *
-     * @return a CompletableFuture of Void
-     *
-     * @throws IllegalStateException
-     *         if the WebSocket is closed
-     * @throws IllegalStateException
-     *         if a Close message has been already sent
-     * @throws IllegalStateException
-     *         if there is an outstanding send operation
+     * @return a CompletableFuture with this WebSocket
      */
-    CompletableFuture<Void> sendClose();
+    CompletableFuture<WebSocket> sendClose();
 
     /**
      * Requests {@code n} more messages to be received by the {@link Listener
@@ -1001,6 +926,7 @@
      * @implNote This implementation does not distinguish between partial and
      * whole messages, because it's not known beforehand how a message will be
      * received.
+     *
      * <p> If a server sends more messages than requested, the implementation
      * queues up these messages on the TCP connection and may eventually force
      * the sender to stop sending through TCP flow control.
@@ -1242,47 +1168,4 @@
             return Map.entry(cc.getCode(), cc);
         }
     }
-
-    /**
-     * A character sequence that provides access to the characters UTF-8 decoded
-     * from a message in a {@code ByteBuffer}.
-     *
-     * @since 9
-     */
-    interface Text extends CharSequence {
-
-        // Methods from the CharSequence below are mentioned explicitly for the
-        // purpose of documentation, so when looking at javadoc it immediately
-        // obvious what methods Text has
-
-        @Override
-        int length();
-
-        @Override
-        char charAt(int index);
-
-        @Override
-        CharSequence subSequence(int start, int end);
-
-        /**
-         * Returns a string containing the characters in this sequence in the
-         * same order as this sequence. The length of the string will be the
-         * length of this sequence.
-         *
-         * @return a string consisting of exactly this sequence of characters
-         */
-        @Override
-        // TODO: remove the explicit javadoc above when:
-        // (JDK-8144034 has been resolved) AND (the comment is still identical
-        // to CharSequence#toString)
-        String toString();
-
-        /**
-         * Returns a read-only {@code ByteBuffer} containing the message encoded
-         * in UTF-8.
-         *
-         * @return a read-only ByteBuffer
-         */
-        ByteBuffer asByteBuffer();
-    }
 }
--- a/jdk/src/java.httpclient/share/classes/sun/net/httpclient/hpack/HeaderTable.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.httpclient/share/classes/sun/net/httpclient/hpack/HeaderTable.java	Wed Jul 05 21:49:47 2017 +0200
@@ -310,14 +310,14 @@
 
         @Override
         public int hashCode() {
-            return 31 * (name.hashCode()) + value.hashCode();
+            return 31 * name.hashCode() + value.hashCode();
         }
     }
 
     //
-    // In order to be able to find an index of an entry with the given contents
-    // in the dynamic table an effective inverse mapping is needed. Here's a
-    // simple idea behind such a mapping.
+    // To quickly find an index of an entry in the dynamic table with the given
+    // contents an effective inverse mapping is needed. Here's a simple idea
+    // behind such a mapping.
     //
     // # The problem:
     //
@@ -325,21 +325,21 @@
     //
     //     get: index -> x
     //
-    // What we also want is an O(1) reverse lookup:
+    // What we want is an O(1) reverse lookup:
     //
     //     indexOf: x -> index
     //
     // # Solution:
     //
-    // Let's store an inverse mapping as a Map<X, Integer>. This have a problem
-    // that when a new element is added to the queue all indexes in the map
-    // becomes invalid. Namely, each i becomes shifted by 1 to the right:
+    // Let's store an inverse mapping in a Map<x, Integer>. This have a problem
+    // that when a new element is added to the queue, all indexes in the map
+    // become invalid. Namely, the new element is assigned with an index of 1,
+    // and each index i, i > 1 becomes shifted by 1 to the left:
     //
-    //     i -> i + 1
+    //     1, 1, 2, 3, ... , n-1, n
     //
-    // And the new element is assigned with an index of 1. This would seem to
-    // require a pass through the map incrementing all indexes (map values) by
-    // 1, which is O(n).
+    // Re-establishing the invariant would seem to require a pass through the
+    // map incrementing all indexes (map values) by 1, which is O(n).
     //
     // The good news is we can do much better then this!
     //
@@ -373,7 +373,7 @@
     //
     // Where 'recalibrate()' goes through the table doing this:
     //
-    //  value -= counter
+    //     value -= counter
     //
     // That's given, of course, the size of the table itself is less than
     // Long.MAX_VALUE :-)
--- a/jdk/src/java.logging/share/classes/java/util/logging/Formatter.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.logging/share/classes/java/util/logging/Formatter.java	Wed Jul 05 21:49:47 2017 +0200
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -101,23 +101,23 @@
      * formatting.
      * <ul>
      * <li>If there are no parameters, no formatter is used.
-     * <li>Otherwise, if the string contains "{0" then
-     *     java.text.MessageFormat  is used to format the string.
+     * <li>Otherwise, if the string contains "{{@literal<digit>}"
+     *     where {@literal <digit>} is in [0-9],
+     *     java.text.MessageFormat is used to format the string.
      * <li>Otherwise no formatting is performed.
      * </ul>
      *
      * @param  record  the log record containing the raw message
      * @return   a localized and formatted message
      */
-    public synchronized String formatMessage(LogRecord record) {
+    public String formatMessage(LogRecord record) {
         String format = record.getMessage();
         java.util.ResourceBundle catalog = record.getResourceBundle();
         if (catalog != null) {
             try {
-                format = catalog.getString(record.getMessage());
+                format = catalog.getString(format);
             } catch (java.util.MissingResourceException ex) {
                 // Drop through.  Use record message as format
-                format = record.getMessage();
             }
         }
         // Do the formatting.
@@ -130,11 +130,16 @@
             // Is it a java.text style format?
             // Ideally we could match with
             // Pattern.compile("\\{\\d").matcher(format).find())
-            // However the cost is 14% higher, so we cheaply check for
-            // 1 of the first 4 parameters
-            if (format.indexOf("{0") >= 0 || format.indexOf("{1") >=0 ||
-                        format.indexOf("{2") >=0|| format.indexOf("{3") >=0) {
-                return java.text.MessageFormat.format(format, parameters);
+            // However the cost is 14% higher, so we cheaply use indexOf
+            // and charAt to look for that pattern.
+            int index = -1;
+            int fence = format.length() - 1;
+            while ((index = format.indexOf('{', index+1)) > -1) {
+                if (index >= fence) break;
+                char digit = format.charAt(index+1);
+                if (digit >= '0' & digit <= '9') {
+                   return java.text.MessageFormat.format(format, parameters);
+                }
             }
             return format;
 
--- a/jdk/src/java.logging/share/classes/java/util/logging/SimpleFormatter.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.logging/share/classes/java/util/logging/SimpleFormatter.java	Wed Jul 05 21:49:47 2017 +0200
@@ -153,7 +153,7 @@
      * @return a formatted log record
      */
     @Override
-    public synchronized String format(LogRecord record) {
+    public String format(LogRecord record) {
         ZonedDateTime zdt = ZonedDateTime.ofInstant(
                 record.getInstant(), ZoneId.systemDefault());
         String source;
--- a/jdk/src/java.prefs/macosx/classes/java/util/prefs/MacOSXPreferences.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.prefs/macosx/classes/java/util/prefs/MacOSXPreferences.java	Wed Jul 05 21:49:47 2017 +0200
@@ -44,27 +44,39 @@
     private final String path;
 
     // User root and system root nodes
-    private static MacOSXPreferences userRoot = null;
-    private static MacOSXPreferences systemRoot = null;
+    private static volatile MacOSXPreferences userRoot;
+    private static volatile MacOSXPreferences systemRoot;
 
 
     // Returns user root node, creating it if necessary.
     // Called by MacOSXPreferencesFactory
-    static synchronized Preferences getUserRoot() {
-        if (userRoot == null) {
-            userRoot = new MacOSXPreferences(true);
+    static Preferences getUserRoot() {
+        MacOSXPreferences root = userRoot;
+        if (root == null) {
+            synchronized (MacOSXPreferences.class) {
+                root = userRoot;
+                if (root == null) {
+                    userRoot = root = new MacOSXPreferences(true);
+                }
+            }
         }
-        return userRoot;
+        return root;
     }
 
 
     // Returns system root node, creating it if necessary.
     // Called by MacOSXPreferencesFactory
-    static synchronized Preferences getSystemRoot() {
-        if (systemRoot == null) {
-            systemRoot = new MacOSXPreferences(false);
+    static Preferences getSystemRoot() {
+        MacOSXPreferences root = systemRoot;
+        if (root == null) {
+            synchronized (MacOSXPreferences.class) {
+                root = systemRoot;
+                if (root == null) {
+                    systemRoot = root = new MacOSXPreferences(false);
+                }
+            }
         }
-        return systemRoot;
+        return root;
     }
 
 
--- a/jdk/src/java.prefs/unix/classes/java/util/prefs/FileSystemPreferences.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.prefs/unix/classes/java/util/prefs/FileSystemPreferences.java	Wed Jul 05 21:49:47 2017 +0200
@@ -94,14 +94,20 @@
    /**
      * The user root.
      */
-    static Preferences userRoot = null;
+    private static volatile Preferences userRoot;
 
-    static synchronized Preferences getUserRoot() {
-        if (userRoot == null) {
-            setupUserRoot();
-            userRoot = new FileSystemPreferences(true);
+    static Preferences getUserRoot() {
+        Preferences root = userRoot;
+        if (root == null) {
+            synchronized (FileSystemPreferences.class) {
+                root = userRoot;
+                if (root == null) {
+                    setupUserRoot();
+                    userRoot = root = new FileSystemPreferences(true);
+                }
+            }
         }
-        return userRoot;
+        return root;
     }
 
     private static void setupUserRoot() {
@@ -155,14 +161,20 @@
     /**
      * The system root.
      */
-    static Preferences systemRoot;
+    private static volatile Preferences systemRoot;
 
-    static synchronized Preferences getSystemRoot() {
-        if (systemRoot == null) {
-            setupSystemRoot();
-            systemRoot = new FileSystemPreferences(false);
+    static Preferences getSystemRoot() {
+        Preferences root = systemRoot;
+        if (root == null) {
+            synchronized (FileSystemPreferences.class) {
+                root = systemRoot;
+                if (root == null) {
+                    setupSystemRoot();
+                    systemRoot = root = new FileSystemPreferences(false);
+                }
+            }
         }
-        return systemRoot;
+        return root;
     }
 
     private static void setupSystemRoot() {
--- a/jdk/src/java.prefs/windows/classes/java/util/prefs/WindowsPreferences.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.prefs/windows/classes/java/util/prefs/WindowsPreferences.java	Wed Jul 05 21:49:47 2017 +0200
@@ -91,14 +91,40 @@
     /**
      * User root node.
      */
-    static final Preferences userRoot =
-         new WindowsPreferences(USER_ROOT_NATIVE_HANDLE, WINDOWS_ROOT_PATH);
+    private static volatile Preferences userRoot;
+
+    static Preferences getUserRoot() {
+        Preferences root = userRoot;
+        if (root == null) {
+            synchronized (WindowsPreferences.class) {
+                root = userRoot;
+                if (root == null) {
+                    root = new WindowsPreferences(USER_ROOT_NATIVE_HANDLE, WINDOWS_ROOT_PATH);
+                    userRoot = root;
+                }
+            }
+        }
+        return root;
+    }
 
     /**
      * System root node.
      */
-    static final Preferences systemRoot =
-        new WindowsPreferences(SYSTEM_ROOT_NATIVE_HANDLE, WINDOWS_ROOT_PATH);
+    private static volatile Preferences systemRoot;
+
+    static Preferences getSystemRoot() {
+        Preferences root = systemRoot;
+        if (root == null) {
+            synchronized (WindowsPreferences.class) {
+                root = systemRoot;
+                if (root == null) {
+                    root = new WindowsPreferences(SYSTEM_ROOT_NATIVE_HANDLE, WINDOWS_ROOT_PATH);
+                    systemRoot = root;
+                }
+            }
+        }
+        return root;
+    }
 
     /*  Windows error codes. */
     private static final int ERROR_SUCCESS = 0;
--- a/jdk/src/java.prefs/windows/classes/java/util/prefs/WindowsPreferencesFactory.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.prefs/windows/classes/java/util/prefs/WindowsPreferencesFactory.java	Wed Jul 05 21:49:47 2017 +0200
@@ -39,13 +39,13 @@
      * Returns WindowsPreferences.userRoot
      */
     public Preferences userRoot() {
-        return WindowsPreferences.userRoot;
+        return WindowsPreferences.getUserRoot();
     }
 
     /**
      * Returns WindowsPreferences.systemRoot
      */
     public Preferences systemRoot() {
-        return WindowsPreferences.systemRoot;
+        return WindowsPreferences.getSystemRoot();
     }
 }
--- a/jdk/src/java.scripting/share/classes/javax/script/ScriptEngineFactory.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/java.scripting/share/classes/javax/script/ScriptEngineFactory.java	Wed Jul 05 21:49:47 2017 +0200
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -128,7 +128,7 @@
      * of &quot;MULTITHREADED&quot;, and also, the engine maintains independent values
      * for symbols in scripts executing on different threads.
      * <li><code>&quot;STATELESS&quot;</code> - The implementation satisfies the requirements of
-     * <li><code>&quot;THREAD-ISOLATED&quot;</code>.  In addition, script executions do not alter the
+     * <code>&quot;THREAD-ISOLATED&quot;</code>.  In addition, script executions do not alter the
      * mappings in the <code>Bindings</code> which is the engine scope of the
      * <code>ScriptEngine</code>.  In particular, the keys in the <code>Bindings</code>
      * and their associated values are the same before and after the execution of the script.
--- a/jdk/src/jdk.crypto.ucrypto/solaris/native/libj2ucrypto/nativeCrypto.c	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/jdk.crypto.ucrypto/solaris/native/libj2ucrypto/nativeCrypto.c	Wed Jul 05 21:49:47 2017 +0200
@@ -28,7 +28,6 @@
 #include <strings.h>
 #include <jni.h>
 #include "jni_util.h"
-#include <libsoftcrypto.h>
 #include "nativeCrypto.h"
 #include "nativeFunc.h"
 
--- a/jdk/src/jdk.crypto.ucrypto/solaris/native/libj2ucrypto/nativeCrypto.h	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/jdk.crypto.ucrypto/solaris/native/libj2ucrypto/nativeCrypto.h	Wed Jul 05 21:49:47 2017 +0200
@@ -23,12 +23,38 @@
  * questions.
  */
 
+#include <libsoftcrypto.h> // redirects to libucrypto.h starting 11.3
+
 #ifndef _Included_com_oracle_security_ucrypto_NativeCrypto
 #define _Included_com_oracle_security_ucrypto_NativeCrypto
 #ifdef __cplusplus
 extern "C" {
 #endif
 
+// used by nativeCrypto.c
+#ifdef _LIBUCRYPTO_H // workaround for Solaris bug; see 8157627
+#define CK_AES_CTR_PARAMS    crypto_ctr_params_t
+#define ulCounterBits    ct_ctr_bits
+#define cb        ct_cb
+
+#define CK_AES_CCM_PARAMS    crypto_ccm_params_t
+#define ulMACSize    cc_mac_size
+#define ulNonceSize    cc_nonce_size
+#define ulAuthDataSize    cc_auth_data_size
+#define ulDataSize    cc_data_size
+#define nonce        cc_nonce
+#define authData    cc_auth_data
+
+#define CK_AES_GCM_PARAMS    crypto_gcm_params_t
+#define pIv        gc_iv
+#define ulIvLen        gc_iv_len
+#define ulIvBits    gc_iv_bits
+#define pAAD        gc_aad
+#define ulAADLen    gc_aad_len
+#define ulTagBits    gc_tag_bits
+#endif
+
+// used by nativeCryptoMD.c
 #undef com_oracle_security_ucrypto_NativeDigestMD_MECH_MD5
 #define com_oracle_security_ucrypto_NativeDigestMD_MECH_MD5 1L
 #undef com_oracle_security_ucrypto_NativeDigestMD_MECH_SHA1
--- a/jdk/src/jdk.crypto.ucrypto/solaris/native/libj2ucrypto/nativeCryptoMD.c	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/jdk.crypto.ucrypto/solaris/native/libj2ucrypto/nativeCryptoMD.c	Wed Jul 05 21:49:47 2017 +0200
@@ -28,7 +28,6 @@
 #include <strings.h>
 #include <jni.h>
 #include "jni_util.h"
-#include <libsoftcrypto.h>
 #include "nativeCrypto.h"
 #include "nativeFunc.h"
 
--- a/jdk/src/jdk.crypto.ucrypto/solaris/native/libj2ucrypto/nativeFunc.h	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/jdk.crypto.ucrypto/solaris/native/libj2ucrypto/nativeFunc.h	Wed Jul 05 21:49:47 2017 +0200
@@ -28,7 +28,7 @@
 #include <md5.h>
 #include <sha1.h>
 #include <sha2.h>
-#include <libsoftcrypto.h>
+#include <libsoftcrypto.h> // redirects to libucrypto.h starting 11.3
 
 jboolean* loadNative();
 
--- a/jdk/src/jdk.crypto.ucrypto/solaris/native/libj2ucrypto/sys_old/crypto/common.h	Thu Jun 09 17:28:37 2016 +0000
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,637 +0,0 @@
-/*
- * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-#ifndef _SYS_CRYPTO_COMMON_H
-#define _SYS_CRYPTO_COMMON_H
-
-/*
- * Header file for the common data structures of the cryptographic framework
- */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#include <sys/types.h>
-#include <sys/uio.h>
-#include <sys/stream.h>
-#include <sys/mutex.h>
-#include <sys/condvar.h>
-
-/* Convenience defines/macros */
-
-#define CRYPTO_ARG_INPLACE(input, output)    \
-    if ((output) == NULL)        \
-        (output) = (input);
-
-#ifdef _KERNEL
-
-#include <sys/kmem.h>
-#define CRYPTO_KMFLAG(x)        crypto_kmflag((x))
-#define CRYPTO_ALLOC(sz, kmflag)        kmem_alloc((sz), (kmflag))
-#define CRYPTO_ZALLOC(sz, kmflag)        kmem_zalloc((sz), (kmflag))
-#define CRYPTO_FREE(ptr, sz)        kmem_free((ptr), (sz))
-#define CRYPTO_ZFREE(ptr, sz)        if (ptr != NULL) { \
-                                         bzero((ptr), (sz)), \
-                                         kmem_free((ptr), (sz)); \
-                                     }
-
-#else /* _KERNEL */
-
-#include <malloc.h>
-#define    CRYPTO_KMFLAG(x)        (0)
-#define    CRYPTO_ALLOC(sz, kmflag)        malloc((sz))
-#define    CRYPTO_ZALLOC(sz, kmflag)        calloc(1, (sz))
-#define    CRYPTO_FREE(ptr, sz)        free((ptr))
-#define    CRYPTO_ZFREE(ptr, sz)        if (ptr != NULL) { \
-                                         bzero((ptr), (sz)), \
-                                         free((ptr)); \
-                                     }
-
-#endif /* _KERNEL */
-
-/* Cryptographic Mechanisms */
-
-#define    CRYPTO_MAX_MECH_NAME 32
-typedef char crypto_mech_name_t[CRYPTO_MAX_MECH_NAME];
-
-typedef uint64_t crypto_mech_type_t;
-
-typedef struct crypto_mechanism {
-    crypto_mech_type_t    cm_type;    /* mechanism type */
-    caddr_t            cm_param;    /* mech. parameter */
-    size_t            cm_param_len;    /* mech. parameter len */
-} crypto_mechanism_t;
-
-#ifdef  _SYSCALL32
-
-typedef struct crypto_mechanism32 {
-    crypto_mech_type_t    cm_type;    /* mechanism type */
-    caddr32_t        cm_param;    /* mech. parameter */
-    size32_t        cm_param_len;   /* mech. parameter len */
-} crypto_mechanism32_t;
-
-#endif  /* _SYSCALL32 */
-
-#ifdef _KERNEL
-/* CK_AES_CTR_PARAMS provides parameters to the CKM_AES_CTR mechanism */
-typedef struct CK_AES_CTR_PARAMS {
-    ulong_t    ulCounterBits;
-    uint8_t cb[16];
-} CK_AES_CTR_PARAMS;
-#endif
-
-/* CK_AES_CCM_PARAMS provides parameters to the CKM_AES_CCM mechanism */
-typedef struct CK_AES_CCM_PARAMS {
-    ulong_t ulMACSize;
-    ulong_t ulNonceSize;
-    ulong_t ulAuthDataSize;
-    ulong_t ulDataSize; /* used for plaintext or ciphertext */
-    uchar_t *nonce;
-    uchar_t *authData;
-} CK_AES_CCM_PARAMS;
-
-/* CK_AES_GCM_PARAMS provides parameters to the CKM_AES_GCM mechanism */
-typedef struct CK_AES_GCM_PARAMS {
-    uchar_t *pIv;
-    ulong_t ulIvLen;
-    ulong_t ulIvBits;
-    uchar_t *pAAD;
-    ulong_t ulAADLen;
-    ulong_t ulTagBits;
-} CK_AES_GCM_PARAMS;
-
-/* CK_AES_GMAC_PARAMS provides parameters to the CKM_AES_GMAC mechanism */
-typedef struct CK_AES_GMAC_PARAMS {
-    uchar_t *pIv;
-    uchar_t *pAAD;
-    ulong_t ulAADLen;
-} CK_AES_GMAC_PARAMS;
-
-#ifdef _KERNEL
-/*
- * CK_ECDH1_DERIVE_PARAMS provides the parameters to the
- * CKM_ECDH1_KEY_DERIVE mechanism
- */
-typedef struct CK_ECDH1_DERIVE_PARAMS {
-    ulong_t        kdf;
-    ulong_t        ulSharedDataLen;
-    uchar_t        *pSharedData;
-    ulong_t        ulPublicDataLen;
-    uchar_t        *pPublicData;
-} CK_ECDH1_DERIVE_PARAMS;
-#endif
-
-#ifdef _KERNEL
-#ifdef  _SYSCALL32
-
-/* needed for 32-bit applications running on 64-bit kernels */
-typedef struct CK_AES_CTR_PARAMS32 {
-    uint32_t ulCounterBits;
-    uint8_t cb[16];
-} CK_AES_CTR_PARAMS32;
-
-/* needed for 32-bit applications running on 64-bit kernels */
-typedef struct CK_AES_CCM_PARAMS32 {
-    uint32_t ulMACSize;
-    uint32_t ulNonceSize;
-    uint32_t ulAuthDataSize;
-    uint32_t ulDataSize;
-    caddr32_t nonce;
-    caddr32_t authData;
-} CK_AES_CCM_PARAMS32;
-
-/* needed for 32-bit applications running on 64-bit kernels */
-typedef struct CK_AES_GCM_PARAMS32 {
-    caddr32_t pIv;
-    uint32_t ulIvLen;
-    uint32_t ulIvBits;
-    caddr32_t pAAD;
-    uint32_t ulAADLen;
-    uint32_t ulTagBits;
-} CK_AES_GCM_PARAMS32;
-
-/* needed for 32-bit applications running on 64-bit kernels */
-typedef struct CK_AES_GMAC_PARAMS32 {
-    caddr32_t pIv;
-    caddr32_t pAAD;
-    uint32_t ulAADLen;
-} CK_AES_GMAC_PARAMS32;
-
-typedef struct CK_ECDH1_DERIVE_PARAMS32 {
-    uint32_t    kdf;
-    uint32_t    ulSharedDataLen;
-    caddr32_t    pSharedData;
-    uint32_t    ulPublicDataLen;
-    caddr32_t    pPublicData;
-} CK_ECDH1_DERIVE_PARAMS32;
-
-#endif  /* _SYSCALL32 */
-#endif /* _KERNEL */
-
-/*
- * The measurement unit bit flag for a mechanism's minimum or maximum key size.
- * The unit are mechanism dependent.  It can be in bits or in bytes.
- */
-typedef uint32_t crypto_keysize_unit_t;
-
-/*
- * The following bit flags are valid in cm_mech_flags field in
- * the crypto_mech_info_t structure of the SPI.
- *
- * Only the first two bit flags are valid in mi_keysize_unit
- * field in the crypto_mechanism_info_t structure of the API.
- */
-#define    CRYPTO_KEYSIZE_UNIT_IN_BITS    0x00000001
-#define    CRYPTO_KEYSIZE_UNIT_IN_BYTES    0x00000002
-#define    CRYPTO_CAN_SHARE_OPSTATE    0x00000004 /* supports sharing */
-
-
-/* Mechanisms supported out-of-the-box */
-#define    SUN_CKM_MD4            "CKM_MD4"
-#define    SUN_CKM_MD5            "CKM_MD5"
-#define    SUN_CKM_MD5_HMAC        "CKM_MD5_HMAC"
-#define    SUN_CKM_MD5_HMAC_GENERAL    "CKM_MD5_HMAC_GENERAL"
-#define    SUN_CKM_SHA1            "CKM_SHA_1"
-#define    SUN_CKM_SHA1_HMAC        "CKM_SHA_1_HMAC"
-#define    SUN_CKM_SHA1_HMAC_GENERAL    "CKM_SHA_1_HMAC_GENERAL"
-#define    SUN_CKM_SHA256            "CKM_SHA256"
-#define    SUN_CKM_SHA256_HMAC        "CKM_SHA256_HMAC"
-#define    SUN_CKM_SHA256_HMAC_GENERAL    "CKM_SHA256_HMAC_GENERAL"
-#define    SUN_CKM_SHA384            "CKM_SHA384"
-#define    SUN_CKM_SHA384_HMAC        "CKM_SHA384_HMAC"
-#define    SUN_CKM_SHA384_HMAC_GENERAL    "CKM_SHA384_HMAC_GENERAL"
-#define    SUN_CKM_SHA512            "CKM_SHA512"
-#define    SUN_CKM_SHA512_HMAC        "CKM_SHA512_HMAC"
-#define    SUN_CKM_SHA512_HMAC_GENERAL    "CKM_SHA512_HMAC_GENERAL"
-#define    SUN_CKM_DES_CBC            "CKM_DES_CBC"
-#define    SUN_CKM_DES3_CBC        "CKM_DES3_CBC"
-#define    SUN_CKM_DES_ECB            "CKM_DES_ECB"
-#define    SUN_CKM_DES3_ECB        "CKM_DES3_ECB"
-#define    SUN_CKM_BLOWFISH_CBC        "CKM_BLOWFISH_CBC"
-#define    SUN_CKM_BLOWFISH_ECB        "CKM_BLOWFISH_ECB"
-#define    SUN_CKM_AES_CBC            "CKM_AES_CBC"
-#define    SUN_CKM_AES_ECB            "CKM_AES_ECB"
-#define    SUN_CKM_AES_CTR            "CKM_AES_CTR"
-#define    SUN_CKM_AES_CCM            "CKM_AES_CCM"
-#define    SUN_CKM_AES_GCM            "CKM_AES_GCM"
-#define    SUN_CKM_AES_GMAC        "CKM_AES_GMAC"
-#define    SUN_CKM_AES_CFB128        "CKM_AES_CFB128"
-#define    SUN_CKM_RC4            "CKM_RC4"
-#define    SUN_CKM_RSA_PKCS        "CKM_RSA_PKCS"
-#define    SUN_CKM_RSA_X_509        "CKM_RSA_X_509"
-#define    SUN_CKM_MD5_RSA_PKCS        "CKM_MD5_RSA_PKCS"
-#define    SUN_CKM_SHA1_RSA_PKCS        "CKM_SHA1_RSA_PKCS"
-#define    SUN_CKM_SHA256_RSA_PKCS        "CKM_SHA256_RSA_PKCS"
-#define    SUN_CKM_SHA384_RSA_PKCS        "CKM_SHA384_RSA_PKCS"
-#define    SUN_CKM_SHA512_RSA_PKCS        "CKM_SHA512_RSA_PKCS"
-#define    SUN_CKM_EC_KEY_PAIR_GEN        "CKM_EC_KEY_PAIR_GEN"
-#define    SUN_CKM_ECDH1_DERIVE        "CKM_ECDH1_DERIVE"
-#define    SUN_CKM_ECDSA_SHA1        "CKM_ECDSA_SHA1"
-#define    SUN_CKM_ECDSA            "CKM_ECDSA"
-
-/* Shared operation context format for CKM_RC4 */
-typedef struct {
-#if defined(__amd64)
-    uint32_t    i, j;
-    uint32_t    arr[256];
-    uint32_t    flag;
-#else
-    uchar_t        arr[256];
-    uchar_t        i, j;
-#endif /* __amd64 */
-    uint64_t    pad;        /* For 64-bit alignment */
-} arcfour_state_t;
-
-/* Data arguments of cryptographic operations */
-
-typedef enum crypto_data_format {
-    CRYPTO_DATA_RAW = 1,
-    CRYPTO_DATA_UIO,
-    CRYPTO_DATA_MBLK
-} crypto_data_format_t;
-
-typedef struct crypto_data {
-    crypto_data_format_t    cd_format;    /* Format identifier    */
-    off_t            cd_offset;    /* Offset from the beginning */
-    size_t            cd_length;    /* # of bytes in use */
-    caddr_t            cd_miscdata;    /* ancillary data */
-    union {
-        /* Raw format */
-        iovec_t cdu_raw;        /* Pointer and length        */
-
-        /* uio scatter-gather format */
-        uio_t    *cdu_uio;
-
-        /* mblk scatter-gather format */
-        mblk_t    *cdu_mp;        /* The mblk chain */
-
-    } cdu;    /* Crypto Data Union */
-} crypto_data_t;
-
-#define    cd_raw        cdu.cdu_raw
-#define    cd_uio        cdu.cdu_uio
-#define    cd_mp        cdu.cdu_mp
-
-#define    CRYPTO_SET_RAW_DATA(var, str, len)    \
-    (var).cd_format = CRYPTO_DATA_RAW;    \
-    (var).cd_offset = 0;            \
-    (var).cd_length = (len);        \
-    (var).cd_miscdata = NULL;        \
-    (var).cd_raw.iov_base = (caddr_t)(str);    \
-    (var).cd_raw.iov_len = (len);
-
-#define    CRYPTO_DATA_IS_USERSPACE(buf) \
-    ((buf->cd_format == CRYPTO_DATA_UIO && \
-    buf->cd_uio->uio_segflg == UIO_USERSPACE))
-
-typedef struct crypto_dual_data {
-    crypto_data_t        dd_data;    /* The data */
-    off_t            dd_offset2;    /* Used by dual operation */
-    size_t            dd_len2;    /* # of bytes to take    */
-} crypto_dual_data_t;
-
-#define    dd_format    dd_data.cd_format
-#define    dd_offset1    dd_data.cd_offset
-#define    dd_len1        dd_data.cd_length
-#define    dd_miscdata    dd_data.cd_miscdata
-#define    dd_raw        dd_data.cd_raw
-#define    dd_uio        dd_data.cd_uio
-#define    dd_mp        dd_data.cd_mp
-
-/* The keys, and their contents */
-
-typedef enum {
-    CRYPTO_KEY_RAW = 1,    /* ck_data is a cleartext key */
-    CRYPTO_KEY_REFERENCE,    /* ck_obj_id is an opaque reference */
-    CRYPTO_KEY_ATTR_LIST    /* ck_attrs is a list of object attributes */
-} crypto_key_format_t;
-
-typedef uint64_t crypto_attr_type_t;
-
-/* Attribute types to use for passing a RSA public key or a private key. */
-#define    SUN_CKA_MODULUS            0x00000120
-#define    SUN_CKA_MODULUS_BITS        0x00000121
-#define    SUN_CKA_PUBLIC_EXPONENT        0x00000122
-#define    SUN_CKA_PRIVATE_EXPONENT    0x00000123
-#define    SUN_CKA_PRIME_1            0x00000124
-#define    SUN_CKA_PRIME_2            0x00000125
-#define    SUN_CKA_EXPONENT_1        0x00000126
-#define    SUN_CKA_EXPONENT_2        0x00000127
-#define    SUN_CKA_COEFFICIENT        0x00000128
-#define    SUN_CKA_PRIME            0x00000130
-#define    SUN_CKA_SUBPRIME        0x00000131
-#define    SUN_CKA_BASE            0x00000132
-
-#define    CKK_EC            0x00000003
-#define    CKK_GENERIC_SECRET    0x00000010
-#define    CKK_RC4            0x00000012
-#define    CKK_AES            0x0000001F
-#define    CKK_DES            0x00000013
-#define    CKK_DES2        0x00000014
-#define    CKK_DES3        0x00000015
-
-#define    CKO_PUBLIC_KEY        0x00000002
-#define    CKO_PRIVATE_KEY        0x00000003
-#define    CKA_CLASS        0x00000000
-#define    CKA_VALUE        0x00000011
-#define    CKA_KEY_TYPE        0x00000100
-#define    CKA_VALUE_LEN        0x00000161
-#define    CKA_EC_PARAMS        0x00000180
-#define    CKA_EC_POINT        0x00000181
-
-typedef uint32_t    crypto_object_id_t;
-
-typedef struct crypto_object_attribute {
-    crypto_attr_type_t    oa_type;    /* attribute type */
-    caddr_t            oa_value;    /* attribute value */
-    ssize_t            oa_value_len;    /* length of attribute value */
-} crypto_object_attribute_t;
-
-typedef struct crypto_key {
-    crypto_key_format_t    ck_format;    /* format identifier */
-    union {
-        /* for CRYPTO_KEY_RAW ck_format */
-        struct {
-            uint_t    cku_v_length;    /* # of bits in ck_data   */
-            void    *cku_v_data;    /* ptr to key value */
-        } cku_key_value;
-
-        /* for CRYPTO_KEY_REFERENCE ck_format */
-        crypto_object_id_t cku_key_id;    /* reference to object key */
-
-        /* for CRYPTO_KEY_ATTR_LIST ck_format */
-        struct {
-            uint_t cku_a_count;    /* number of attributes */
-            crypto_object_attribute_t *cku_a_oattr;
-        } cku_key_attrs;
-    } cku_data;                /* Crypto Key union */
-} crypto_key_t;
-
-#ifdef  _SYSCALL32
-
-typedef struct crypto_object_attribute32 {
-    uint64_t    oa_type;    /* attribute type */
-    caddr32_t    oa_value;    /* attribute value */
-    ssize32_t    oa_value_len;    /* length of attribute value */
-} crypto_object_attribute32_t;
-
-typedef struct crypto_key32 {
-    crypto_key_format_t    ck_format;    /* format identifier */
-    union {
-        /* for CRYPTO_KEY_RAW ck_format */
-        struct {
-            uint32_t cku_v_length;    /* # of bytes in ck_data */
-            caddr32_t cku_v_data;    /* ptr to key value */
-        } cku_key_value;
-
-        /* for CRYPTO_KEY_REFERENCE ck_format */
-        crypto_object_id_t cku_key_id; /* reference to object key */
-
-        /* for CRYPTO_KEY_ATTR_LIST ck_format */
-        struct {
-            uint32_t cku_a_count;    /* number of attributes */
-            caddr32_t cku_a_oattr;
-        } cku_key_attrs;
-    } cku_data;                /* Crypto Key union */
-} crypto_key32_t;
-
-#endif  /* _SYSCALL32 */
-
-#define    ck_data        cku_data.cku_key_value.cku_v_data
-#define    ck_length    cku_data.cku_key_value.cku_v_length
-#define    ck_obj_id    cku_data.cku_key_id
-#define    ck_count    cku_data.cku_key_attrs.cku_a_count
-#define    ck_attrs    cku_data.cku_key_attrs.cku_a_oattr
-
-/*
- * Raw key lengths are expressed in number of bits.
- * The following macro returns the minimum number of
- * bytes that can contain the specified number of bits.
- * Round up without overflowing the integer type.
- */
-#define    CRYPTO_BITS2BYTES(n) ((n) == 0 ? 0 : (((n) - 1) >> 3) + 1)
-#define    CRYPTO_BYTES2BITS(n) ((n) << 3)
-
-/* Providers */
-
-typedef enum {
-    CRYPTO_HW_PROVIDER = 0,
-    CRYPTO_SW_PROVIDER,
-    CRYPTO_LOGICAL_PROVIDER
-} crypto_provider_type_t;
-
-typedef uint32_t     crypto_provider_id_t;
-#define    KCF_PROVID_INVALID    ((uint32_t)-1)
-
-typedef struct crypto_provider_entry {
-    crypto_provider_id_t    pe_provider_id;
-    uint_t            pe_mechanism_count;
-} crypto_provider_entry_t;
-
-typedef struct crypto_dev_list_entry {
-    char            le_dev_name[MAXNAMELEN];
-    uint_t            le_dev_instance;
-    uint_t            le_mechanism_count;
-} crypto_dev_list_entry_t;
-
-/* User type for authentication ioctls and SPI entry points */
-
-typedef enum crypto_user_type {
-    CRYPTO_SO = 0,
-    CRYPTO_USER
-} crypto_user_type_t;
-
-/* Version for provider management ioctls and SPI entry points */
-
-typedef struct crypto_version {
-    uchar_t    cv_major;
-    uchar_t    cv_minor;
-} crypto_version_t;
-
-/* session data structure opaque to the consumer */
-typedef void *crypto_session_t;
-
-/* provider data structure opaque to the consumer */
-typedef void *crypto_provider_t;
-
-/* Limits used by both consumers and providers */
-#define    CRYPTO_EXT_SIZE_LABEL        32
-#define    CRYPTO_EXT_SIZE_MANUF        32
-#define    CRYPTO_EXT_SIZE_MODEL        16
-#define    CRYPTO_EXT_SIZE_SERIAL        16
-#define    CRYPTO_EXT_SIZE_TIME        16
-
-typedef struct crypto_provider_ext_info {
-    uchar_t            ei_label[CRYPTO_EXT_SIZE_LABEL];
-    uchar_t            ei_manufacturerID[CRYPTO_EXT_SIZE_MANUF];
-    uchar_t            ei_model[CRYPTO_EXT_SIZE_MODEL];
-    uchar_t            ei_serial_number[CRYPTO_EXT_SIZE_SERIAL];
-    ulong_t            ei_flags;
-    ulong_t            ei_max_session_count;
-    ulong_t            ei_max_pin_len;
-    ulong_t            ei_min_pin_len;
-    ulong_t            ei_total_public_memory;
-    ulong_t            ei_free_public_memory;
-    ulong_t            ei_total_private_memory;
-    ulong_t            ei_free_private_memory;
-    crypto_version_t    ei_hardware_version;
-    crypto_version_t    ei_firmware_version;
-    uchar_t            ei_time[CRYPTO_EXT_SIZE_TIME];
-    int            ei_hash_max_input_len;
-    int            ei_hmac_max_input_len;
-} crypto_provider_ext_info_t;
-
-typedef uint_t        crypto_session_id_t;
-
-typedef enum cmd_type {
-    COPY_FROM_DATA,
-    COPY_TO_DATA,
-    COMPARE_TO_DATA,
-    MD5_DIGEST_DATA,
-    SHA1_DIGEST_DATA,
-    SHA2_DIGEST_DATA,
-    GHASH_DATA
-} cmd_type_t;
-
-#define    CRYPTO_DO_UPDATE    0x01
-#define    CRYPTO_DO_FINAL        0x02
-#define    CRYPTO_DO_MD5        0x04
-#define    CRYPTO_DO_SHA1        0x08
-#define    CRYPTO_DO_SIGN        0x10
-#define    CRYPTO_DO_VERIFY    0x20
-#define    CRYPTO_DO_SHA2        0x40
-
-#define    PROVIDER_OWNS_KEY_SCHEDULE    0x00000001
-
-/*
- * Common cryptographic status and error codes.
- */
-#define    CRYPTO_SUCCESS                0x00000000
-#define    CRYPTO_CANCEL                0x00000001
-#define    CRYPTO_HOST_MEMORY            0x00000002
-#define    CRYPTO_GENERAL_ERROR            0x00000003
-#define    CRYPTO_FAILED                0x00000004
-#define    CRYPTO_ARGUMENTS_BAD            0x00000005
-#define    CRYPTO_ATTRIBUTE_READ_ONLY        0x00000006
-#define    CRYPTO_ATTRIBUTE_SENSITIVE        0x00000007
-#define    CRYPTO_ATTRIBUTE_TYPE_INVALID        0x00000008
-#define    CRYPTO_ATTRIBUTE_VALUE_INVALID        0x00000009
-#define    CRYPTO_CANCELED                0x0000000A
-#define    CRYPTO_DATA_INVALID            0x0000000B
-#define    CRYPTO_DATA_LEN_RANGE            0x0000000C
-#define    CRYPTO_DEVICE_ERROR            0x0000000D
-#define    CRYPTO_DEVICE_MEMORY            0x0000000E
-#define    CRYPTO_DEVICE_REMOVED            0x0000000F
-#define    CRYPTO_ENCRYPTED_DATA_INVALID        0x00000010
-#define    CRYPTO_ENCRYPTED_DATA_LEN_RANGE        0x00000011
-#define    CRYPTO_KEY_HANDLE_INVALID        0x00000012
-#define    CRYPTO_KEY_SIZE_RANGE            0x00000013
-#define    CRYPTO_KEY_TYPE_INCONSISTENT        0x00000014
-#define    CRYPTO_KEY_NOT_NEEDED            0x00000015
-#define    CRYPTO_KEY_CHANGED            0x00000016
-#define    CRYPTO_KEY_NEEDED            0x00000017
-#define    CRYPTO_KEY_INDIGESTIBLE            0x00000018
-#define    CRYPTO_KEY_FUNCTION_NOT_PERMITTED    0x00000019
-#define    CRYPTO_KEY_NOT_WRAPPABLE        0x0000001A
-#define    CRYPTO_KEY_UNEXTRACTABLE        0x0000001B
-#define    CRYPTO_MECHANISM_INVALID        0x0000001C
-#define    CRYPTO_MECHANISM_PARAM_INVALID        0x0000001D
-#define    CRYPTO_OBJECT_HANDLE_INVALID        0x0000001E
-#define    CRYPTO_OPERATION_IS_ACTIVE        0x0000001F
-#define    CRYPTO_OPERATION_NOT_INITIALIZED    0x00000020
-#define    CRYPTO_PIN_INCORRECT            0x00000021
-#define    CRYPTO_PIN_INVALID            0x00000022
-#define    CRYPTO_PIN_LEN_RANGE            0x00000023
-#define    CRYPTO_PIN_EXPIRED            0x00000024
-#define    CRYPTO_PIN_LOCKED            0x00000025
-#define    CRYPTO_SESSION_CLOSED            0x00000026
-#define    CRYPTO_SESSION_COUNT            0x00000027
-#define    CRYPTO_SESSION_HANDLE_INVALID        0x00000028
-#define    CRYPTO_SESSION_READ_ONLY        0x00000029
-#define    CRYPTO_SESSION_EXISTS            0x0000002A
-#define    CRYPTO_SESSION_READ_ONLY_EXISTS        0x0000002B
-#define    CRYPTO_SESSION_READ_WRITE_SO_EXISTS    0x0000002C
-#define    CRYPTO_SIGNATURE_INVALID        0x0000002D
-#define    CRYPTO_SIGNATURE_LEN_RANGE        0x0000002E
-#define    CRYPTO_TEMPLATE_INCOMPLETE        0x0000002F
-#define    CRYPTO_TEMPLATE_INCONSISTENT        0x00000030
-#define    CRYPTO_UNWRAPPING_KEY_HANDLE_INVALID    0x00000031
-#define    CRYPTO_UNWRAPPING_KEY_SIZE_RANGE    0x00000032
-#define    CRYPTO_UNWRAPPING_KEY_TYPE_INCONSISTENT    0x00000033
-#define    CRYPTO_USER_ALREADY_LOGGED_IN        0x00000034
-#define    CRYPTO_USER_NOT_LOGGED_IN        0x00000035
-#define    CRYPTO_USER_PIN_NOT_INITIALIZED        0x00000036
-#define    CRYPTO_USER_TYPE_INVALID        0x00000037
-#define    CRYPTO_USER_ANOTHER_ALREADY_LOGGED_IN    0x00000038
-#define    CRYPTO_USER_TOO_MANY_TYPES        0x00000039
-#define    CRYPTO_WRAPPED_KEY_INVALID        0x0000003A
-#define    CRYPTO_WRAPPED_KEY_LEN_RANGE        0x0000003B
-#define    CRYPTO_WRAPPING_KEY_HANDLE_INVALID    0x0000003C
-#define    CRYPTO_WRAPPING_KEY_SIZE_RANGE        0x0000003D
-#define    CRYPTO_WRAPPING_KEY_TYPE_INCONSISTENT    0x0000003E
-#define    CRYPTO_RANDOM_SEED_NOT_SUPPORTED    0x0000003F
-#define    CRYPTO_RANDOM_NO_RNG            0x00000040
-#define    CRYPTO_DOMAIN_PARAMS_INVALID        0x00000041
-#define    CRYPTO_BUFFER_TOO_SMALL            0x00000042
-#define    CRYPTO_INFORMATION_SENSITIVE        0x00000043
-#define    CRYPTO_NOT_SUPPORTED            0x00000044
-
-#define    CRYPTO_QUEUED                0x00000045
-#define    CRYPTO_BUFFER_TOO_BIG            0x00000046
-#define    CRYPTO_INVALID_CONTEXT            0x00000047
-#define    CRYPTO_INVALID_MAC            0x00000048
-#define    CRYPTO_MECH_NOT_SUPPORTED        0x00000049
-#define    CRYPTO_INCONSISTENT_ATTRIBUTE        0x0000004A
-#define    CRYPTO_NO_PERMISSION            0x0000004B
-#define    CRYPTO_INVALID_PROVIDER_ID        0x0000004C
-#define    CRYPTO_VERSION_MISMATCH            0x0000004D
-#define    CRYPTO_BUSY                0x0000004E
-#define    CRYPTO_UNKNOWN_PROVIDER            0x0000004F
-#define    CRYPTO_MODVERIFICATION_FAILED        0x00000050
-#define    CRYPTO_OLD_CTX_TEMPLATE            0x00000051
-#define    CRYPTO_WEAK_KEY                0x00000052
-#define    CRYPTO_FIPS140_ERROR            0x00000053
-/*
- * Don't forget to update CRYPTO_LAST_ERROR and the error_number_table[]
- * in kernelUtil.c when new error code is added.
- */
-#define    CRYPTO_LAST_ERROR            0x00000053
-
-/*
- * Special values that can be used to indicate that information is unavailable
- * or that there is not practical limit. These values can be used
- * by fields of the SPI crypto_provider_ext_info(9S) structure.
- * The value of CRYPTO_UNAVAILABLE_INFO should be the same as
- * CK_UNAVAILABLE_INFO in the PKCS#11 spec.
- */
-#define    CRYPTO_UNAVAILABLE_INFO        ((ulong_t)(-1))
-#define    CRYPTO_EFFECTIVELY_INFINITE    0x0
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* _SYS_CRYPTO_COMMON_H */
--- a/jdk/src/jdk.crypto.ucrypto/solaris/native/libj2ucrypto/sys_old/crypto/spi.h	Thu Jun 09 17:28:37 2016 +0000
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,791 +0,0 @@
-/*
- * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-#ifndef _SYS_CRYPTO_SPI_H
-#define    _SYS_CRYPTO_SPI_H
-
-/*
- * CSPI: Cryptographic Service Provider Interface.
- */
-
-#include <sys/types.h>
-#include <sys/crypto/common.h>
-
-#ifdef    __cplusplus
-extern "C" {
-#endif
-
-#ifdef    _KERNEL
-#include <sys/dditypes.h>
-#include <sys/ddi.h>
-#include <sys/kmem.h>
-
-#define    CRYPTO_SPI_VERSION_1    1
-#define    CRYPTO_SPI_VERSION_2    2
-#define    CRYPTO_SPI_VERSION_3    3
-#define    CRYPTO_SPI_VERSION_4    4
-#define    CRYPTO_SPI_VERSION_5    5
-
-#define    CRYPTO_OPS_OFFSET(f)        offsetof(crypto_ops_t, co_##f)
-#define    CRYPTO_PROVIDER_OFFSET(f)    \
-    offsetof(crypto_provider_management_ops_t, f)
-#define    CRYPTO_OBJECT_OFFSET(f)        offsetof(crypto_object_ops_t, f)
-#define    CRYPTO_SESSION_OFFSET(f)    offsetof(crypto_session_ops_t, f)
-
-#endif
-
-/*
- * Provider-private handle. This handle is specified by a provider
- * when it registers by means of the pi_provider_handle field of
- * the crypto_provider_info structure, and passed to the provider
- * when its entry points are invoked.
- */
-typedef void *crypto_provider_handle_t;
-
-/*
- * Context templates can be used to by software providers to pre-process
- * keying material, such as key schedules. They are allocated by
- * a software provider create_ctx_template(9E) entry point, and passed
- * as argument to initialization and atomic provider entry points.
- */
-typedef void *crypto_spi_ctx_template_t;
-
-/*
- * Request handles are used by the kernel to identify an asynchronous
- * request being processed by a provider. It is passed by the kernel
- * to a hardware provider when submitting a request, and must be
- * specified by a provider when calling crypto_op_notification(9F)
- */
-typedef void *crypto_req_handle_t;
-
-/*
- * The context structure is passed from kcf to a provider in kernel and
- * internally in libsoftcrypto between ucrypto and the algorithm.
- * It contains the information needed to process a multi-part or
- * single part operation. The context structure is not used
- * by atomic operations.
- *
- * Parameters needed to perform a cryptographic operation, such
- * as keys, mechanisms, input and output buffers, are passed
- * as separate arguments to Provider routines.
- */
-typedef struct crypto_ctx {
-    crypto_provider_handle_t cc_provider;
-    crypto_session_id_t    cc_session;
-    void            *cc_provider_private;    /* owned by provider */
-    void            *cc_framework_private;    /* owned by framework */
-    uint32_t        cc_flags;        /* flags */
-    void            *cc_opstate;        /* state */
-} crypto_ctx_t;
-
-#ifdef    _KERNEL
-
-/* Values for cc_flags field */
-#define    CRYPTO_INIT_OPSTATE    0x00000001 /* allocate and init cc_opstate */
-#define    CRYPTO_USE_OPSTATE    0x00000002 /* .. start using it as context */
-
-/*
- * Extended provider information.
- */
-
-/*
- * valid values for ei_flags field of extended info structure
- * They match the RSA Security, Inc PKCS#11 tokenInfo flags.
- */
-#define    CRYPTO_EXTF_RNG                    0x00000001
-#define    CRYPTO_EXTF_WRITE_PROTECTED            0x00000002
-#define    CRYPTO_EXTF_LOGIN_REQUIRED            0x00000004
-#define    CRYPTO_EXTF_USER_PIN_INITIALIZED        0x00000008
-#define    CRYPTO_EXTF_CLOCK_ON_TOKEN            0x00000040
-#define    CRYPTO_EXTF_PROTECTED_AUTHENTICATION_PATH    0x00000100
-#define    CRYPTO_EXTF_DUAL_CRYPTO_OPERATIONS        0x00000200
-#define    CRYPTO_EXTF_TOKEN_INITIALIZED            0x00000400
-#define    CRYPTO_EXTF_USER_PIN_COUNT_LOW            0x00010000
-#define    CRYPTO_EXTF_USER_PIN_FINAL_TRY            0x00020000
-#define    CRYPTO_EXTF_USER_PIN_LOCKED            0x00040000
-#define    CRYPTO_EXTF_USER_PIN_TO_BE_CHANGED        0x00080000
-#define    CRYPTO_EXTF_SO_PIN_COUNT_LOW            0x00100000
-#define    CRYPTO_EXTF_SO_PIN_FINAL_TRY            0x00200000
-#define    CRYPTO_EXTF_SO_PIN_LOCKED            0x00400000
-#define    CRYPTO_EXTF_SO_PIN_TO_BE_CHANGED        0x00800000
-
-/*
- * The crypto_control_ops structure contains pointers to control
- * operations for cryptographic providers.  It is passed through
- * the crypto_ops(9S) structure when providers register with the
- * kernel using crypto_register_provider(9F).
- */
-typedef struct crypto_control_ops {
-    void (*provider_status)(crypto_provider_handle_t, uint_t *);
-} crypto_control_ops_t;
-
-/*
- * The crypto_ctx_ops structure contains points to context and context
- * templates management operations for cryptographic providers. It is
- * passed through the crypto_ops(9S) structure when providers register
- * with the kernel using crypto_register_provider(9F).
- */
-typedef struct crypto_ctx_ops {
-    int (*create_ctx_template)(crypto_provider_handle_t,
-        crypto_mechanism_t *, crypto_key_t *,
-        crypto_spi_ctx_template_t *, size_t *, crypto_req_handle_t);
-    int (*free_context)(crypto_ctx_t *);
-} crypto_ctx_ops_t;
-
-/*
- * The crypto_digest_ops structure contains pointers to digest
- * operations for cryptographic providers.  It is passed through
- * the crypto_ops(9S) structure when providers register with the
- * kernel using crypto_register_provider(9F).
- */
-typedef struct crypto_digest_ops {
-    int (*digest_init)(crypto_ctx_t *, crypto_mechanism_t *,
-        crypto_req_handle_t);
-    int (*digest)(crypto_ctx_t *, crypto_data_t *, crypto_data_t *,
-        crypto_req_handle_t);
-    int (*digest_update)(crypto_ctx_t *, crypto_data_t *,
-        crypto_req_handle_t);
-    int (*digest_key)(crypto_ctx_t *, crypto_key_t *, crypto_req_handle_t);
-    int (*digest_final)(crypto_ctx_t *, crypto_data_t *,
-        crypto_req_handle_t);
-    int (*digest_atomic)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_mechanism_t *, crypto_data_t *,
-        crypto_data_t *, crypto_req_handle_t);
-} crypto_digest_ops_t;
-
-/*
- * The crypto_cipher_ops structure contains pointers to encryption
- * and decryption operations for cryptographic providers.  It is
- * passed through the crypto_ops(9S) structure when providers register
- * with the kernel using crypto_register_provider(9F).
- */
-typedef struct crypto_cipher_ops {
-    int (*encrypt_init)(crypto_ctx_t *,
-        crypto_mechanism_t *, crypto_key_t *,
-        crypto_spi_ctx_template_t, crypto_req_handle_t);
-    int (*encrypt)(crypto_ctx_t *,
-        crypto_data_t *, crypto_data_t *, crypto_req_handle_t);
-    int (*encrypt_update)(crypto_ctx_t *,
-        crypto_data_t *, crypto_data_t *, crypto_req_handle_t);
-    int (*encrypt_final)(crypto_ctx_t *,
-        crypto_data_t *, crypto_req_handle_t);
-    int (*encrypt_atomic)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_mechanism_t *, crypto_key_t *, crypto_data_t *,
-        crypto_data_t *, crypto_spi_ctx_template_t, crypto_req_handle_t);
-
-    int (*decrypt_init)(crypto_ctx_t *,
-        crypto_mechanism_t *, crypto_key_t *,
-        crypto_spi_ctx_template_t, crypto_req_handle_t);
-    int (*decrypt)(crypto_ctx_t *,
-        crypto_data_t *, crypto_data_t *, crypto_req_handle_t);
-    int (*decrypt_update)(crypto_ctx_t *,
-        crypto_data_t *, crypto_data_t *, crypto_req_handle_t);
-    int (*decrypt_final)(crypto_ctx_t *,
-        crypto_data_t *, crypto_req_handle_t);
-    int (*decrypt_atomic)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_mechanism_t *, crypto_key_t *, crypto_data_t *,
-        crypto_data_t *, crypto_spi_ctx_template_t, crypto_req_handle_t);
-} crypto_cipher_ops_t;
-
-/*
- * The crypto_mac_ops structure contains pointers to MAC
- * operations for cryptographic providers.  It is passed through
- * the crypto_ops(9S) structure when providers register with the
- * kernel using crypto_register_provider(9F).
- */
-typedef struct crypto_mac_ops {
-    int (*mac_init)(crypto_ctx_t *,
-        crypto_mechanism_t *, crypto_key_t *,
-        crypto_spi_ctx_template_t, crypto_req_handle_t);
-    int (*mac)(crypto_ctx_t *,
-        crypto_data_t *, crypto_data_t *, crypto_req_handle_t);
-    int (*mac_update)(crypto_ctx_t *,
-        crypto_data_t *, crypto_req_handle_t);
-    int (*mac_final)(crypto_ctx_t *,
-        crypto_data_t *, crypto_req_handle_t);
-    int (*mac_atomic)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_mechanism_t *, crypto_key_t *, crypto_data_t *,
-        crypto_data_t *, crypto_spi_ctx_template_t,
-        crypto_req_handle_t);
-    int (*mac_verify_atomic)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_mechanism_t *, crypto_key_t *, crypto_data_t *,
-        crypto_data_t *, crypto_spi_ctx_template_t,
-        crypto_req_handle_t);
-} crypto_mac_ops_t;
-
-/*
- * The crypto_sign_ops structure contains pointers to signing
- * operations for cryptographic providers.  It is passed through
- * the crypto_ops(9S) structure when providers register with the
- * kernel using crypto_register_provider(9F).
- */
-typedef struct crypto_sign_ops {
-    int (*sign_init)(crypto_ctx_t *,
-        crypto_mechanism_t *, crypto_key_t *, crypto_spi_ctx_template_t,
-        crypto_req_handle_t);
-    int (*sign)(crypto_ctx_t *,
-        crypto_data_t *, crypto_data_t *, crypto_req_handle_t);
-    int (*sign_update)(crypto_ctx_t *,
-        crypto_data_t *, crypto_req_handle_t);
-    int (*sign_final)(crypto_ctx_t *,
-        crypto_data_t *, crypto_req_handle_t);
-    int (*sign_atomic)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_mechanism_t *, crypto_key_t *, crypto_data_t *,
-        crypto_data_t *, crypto_spi_ctx_template_t,
-        crypto_req_handle_t);
-    int (*sign_recover_init)(crypto_ctx_t *, crypto_mechanism_t *,
-        crypto_key_t *, crypto_spi_ctx_template_t,
-        crypto_req_handle_t);
-    int (*sign_recover)(crypto_ctx_t *,
-        crypto_data_t *, crypto_data_t *, crypto_req_handle_t);
-    int (*sign_recover_atomic)(crypto_provider_handle_t,
-        crypto_session_id_t, crypto_mechanism_t *, crypto_key_t *,
-        crypto_data_t *, crypto_data_t *, crypto_spi_ctx_template_t,
-        crypto_req_handle_t);
-} crypto_sign_ops_t;
-
-/*
- * The crypto_verify_ops structure contains pointers to verify
- * operations for cryptographic providers.  It is passed through
- * the crypto_ops(9S) structure when providers register with the
- * kernel using crypto_register_provider(9F).
- */
-typedef struct crypto_verify_ops {
-    int (*verify_init)(crypto_ctx_t *,
-        crypto_mechanism_t *, crypto_key_t *, crypto_spi_ctx_template_t,
-        crypto_req_handle_t);
-    int (*verify)(crypto_ctx_t *,
-        crypto_data_t *, crypto_data_t *, crypto_req_handle_t);
-    int (*verify_update)(crypto_ctx_t *,
-        crypto_data_t *, crypto_req_handle_t);
-    int (*verify_final)(crypto_ctx_t *,
-        crypto_data_t *, crypto_req_handle_t);
-    int (*verify_atomic)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_mechanism_t *, crypto_key_t *, crypto_data_t *,
-        crypto_data_t *, crypto_spi_ctx_template_t,
-        crypto_req_handle_t);
-    int (*verify_recover_init)(crypto_ctx_t *, crypto_mechanism_t *,
-        crypto_key_t *, crypto_spi_ctx_template_t,
-        crypto_req_handle_t);
-    int (*verify_recover)(crypto_ctx_t *,
-        crypto_data_t *, crypto_data_t *, crypto_req_handle_t);
-    int (*verify_recover_atomic)(crypto_provider_handle_t,
-        crypto_session_id_t, crypto_mechanism_t *, crypto_key_t *,
-        crypto_data_t *, crypto_data_t *, crypto_spi_ctx_template_t,
-        crypto_req_handle_t);
-} crypto_verify_ops_t;
-
-/*
- * The crypto_dual_ops structure contains pointers to dual
- * cipher and sign/verify operations for cryptographic providers.
- * It is passed through the crypto_ops(9S) structure when
- * providers register with the kernel using
- * crypto_register_provider(9F).
- */
-typedef struct crypto_dual_ops {
-    int (*digest_encrypt_update)(
-        crypto_ctx_t *, crypto_ctx_t *, crypto_data_t *,
-        crypto_data_t *, crypto_req_handle_t);
-    int (*decrypt_digest_update)(
-        crypto_ctx_t *, crypto_ctx_t *, crypto_data_t *,
-        crypto_data_t *, crypto_req_handle_t);
-    int (*sign_encrypt_update)(
-        crypto_ctx_t *, crypto_ctx_t *, crypto_data_t *,
-        crypto_data_t *, crypto_req_handle_t);
-    int (*decrypt_verify_update)(
-        crypto_ctx_t *, crypto_ctx_t *, crypto_data_t *,
-        crypto_data_t *, crypto_req_handle_t);
-} crypto_dual_ops_t;
-
-/*
- * The crypto_dual_cipher_mac_ops structure contains pointers to dual
- * cipher and MAC operations for cryptographic providers.
- * It is passed through the crypto_ops(9S) structure when
- * providers register with the kernel using
- * crypto_register_provider(9F).
- */
-typedef struct crypto_dual_cipher_mac_ops {
-    int (*encrypt_mac_init)(crypto_ctx_t *,
-        crypto_mechanism_t *, crypto_key_t *, crypto_mechanism_t *,
-        crypto_key_t *, crypto_spi_ctx_template_t,
-        crypto_spi_ctx_template_t, crypto_req_handle_t);
-    int (*encrypt_mac)(crypto_ctx_t *,
-        crypto_data_t *, crypto_dual_data_t *, crypto_data_t *,
-        crypto_req_handle_t);
-    int (*encrypt_mac_update)(crypto_ctx_t *,
-        crypto_data_t *, crypto_dual_data_t *, crypto_req_handle_t);
-    int (*encrypt_mac_final)(crypto_ctx_t *,
-        crypto_dual_data_t *, crypto_data_t *, crypto_req_handle_t);
-    int (*encrypt_mac_atomic)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_mechanism_t *, crypto_key_t *, crypto_mechanism_t *,
-        crypto_key_t *, crypto_data_t *, crypto_dual_data_t *,
-        crypto_data_t *, crypto_spi_ctx_template_t,
-        crypto_spi_ctx_template_t, crypto_req_handle_t);
-
-    int (*mac_decrypt_init)(crypto_ctx_t *,
-        crypto_mechanism_t *, crypto_key_t *, crypto_mechanism_t *,
-        crypto_key_t *, crypto_spi_ctx_template_t,
-        crypto_spi_ctx_template_t, crypto_req_handle_t);
-    int (*mac_decrypt)(crypto_ctx_t *,
-        crypto_dual_data_t *, crypto_data_t *, crypto_data_t *,
-        crypto_req_handle_t);
-    int (*mac_decrypt_update)(crypto_ctx_t *,
-        crypto_dual_data_t *, crypto_data_t *, crypto_req_handle_t);
-    int (*mac_decrypt_final)(crypto_ctx_t *,
-        crypto_data_t *, crypto_data_t *, crypto_req_handle_t);
-    int (*mac_decrypt_atomic)(crypto_provider_handle_t,
-        crypto_session_id_t, crypto_mechanism_t *, crypto_key_t *,
-        crypto_mechanism_t *, crypto_key_t *, crypto_dual_data_t *,
-        crypto_data_t *, crypto_data_t *, crypto_spi_ctx_template_t,
-        crypto_spi_ctx_template_t, crypto_req_handle_t);
-    int (*mac_verify_decrypt_atomic)(crypto_provider_handle_t,
-        crypto_session_id_t, crypto_mechanism_t *, crypto_key_t *,
-        crypto_mechanism_t *, crypto_key_t *, crypto_dual_data_t *,
-        crypto_data_t *, crypto_data_t *, crypto_spi_ctx_template_t,
-        crypto_spi_ctx_template_t, crypto_req_handle_t);
-} crypto_dual_cipher_mac_ops_t;
-
-/*
- * The crypto_random_number_ops structure contains pointers to random
- * number operations for cryptographic providers.  It is passed through
- * the crypto_ops(9S) structure when providers register with the
- * kernel using crypto_register_provider(9F).
- */
-typedef struct crypto_random_number_ops {
-    int (*seed_random)(crypto_provider_handle_t, crypto_session_id_t,
-        uchar_t *, size_t, uint_t, uint32_t, crypto_req_handle_t);
-    int (*generate_random)(crypto_provider_handle_t, crypto_session_id_t,
-        uchar_t *, size_t, crypto_req_handle_t);
-} crypto_random_number_ops_t;
-
-/*
- * Flag values for seed_random.
- */
-#define    CRYPTO_SEED_NOW        0x00000001
-
-/*
- * The crypto_session_ops structure contains pointers to session
- * operations for cryptographic providers.  It is passed through
- * the crypto_ops(9S) structure when providers register with the
- * kernel using crypto_register_provider(9F).
- */
-typedef struct crypto_session_ops {
-    int (*session_open)(crypto_provider_handle_t, crypto_session_id_t *,
-        crypto_req_handle_t);
-    int (*session_close)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_req_handle_t);
-    int (*session_login)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_user_type_t, char *, size_t, crypto_req_handle_t);
-    int (*session_logout)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_req_handle_t);
-} crypto_session_ops_t;
-
-/*
- * The crypto_object_ops structure contains pointers to object
- * operations for cryptographic providers.  It is passed through
- * the crypto_ops(9S) structure when providers register with the
- * kernel using crypto_register_provider(9F).
- */
-typedef struct crypto_object_ops {
-    int (*object_create)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_object_attribute_t *, uint_t, crypto_object_id_t *,
-        crypto_req_handle_t);
-    int (*object_copy)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_object_id_t, crypto_object_attribute_t *, uint_t,
-        crypto_object_id_t *, crypto_req_handle_t);
-    int (*object_destroy)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_object_id_t, crypto_req_handle_t);
-    int (*object_get_size)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_object_id_t, size_t *, crypto_req_handle_t);
-    int (*object_get_attribute_value)(crypto_provider_handle_t,
-        crypto_session_id_t, crypto_object_id_t,
-        crypto_object_attribute_t *, uint_t, crypto_req_handle_t);
-    int (*object_set_attribute_value)(crypto_provider_handle_t,
-        crypto_session_id_t, crypto_object_id_t,
-        crypto_object_attribute_t *,  uint_t, crypto_req_handle_t);
-    int (*object_find_init)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_object_attribute_t *, uint_t, void **,
-        crypto_req_handle_t);
-    int (*object_find)(crypto_provider_handle_t, void *,
-        crypto_object_id_t *, uint_t, uint_t *, crypto_req_handle_t);
-    int (*object_find_final)(crypto_provider_handle_t, void *,
-        crypto_req_handle_t);
-} crypto_object_ops_t;
-
-/*
- * The crypto_key_ops structure contains pointers to key
- * operations for cryptographic providers.  It is passed through
- * the crypto_ops(9S) structure when providers register with the
- * kernel using crypto_register_provider(9F).
- */
-typedef struct crypto_key_ops {
-    int (*key_generate)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_mechanism_t *, crypto_object_attribute_t *, uint_t,
-        crypto_object_id_t *, crypto_req_handle_t);
-    int (*key_generate_pair)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_mechanism_t *, crypto_object_attribute_t *, uint_t,
-        crypto_object_attribute_t *, uint_t, crypto_object_id_t *,
-        crypto_object_id_t *, crypto_req_handle_t);
-    int (*key_wrap)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_mechanism_t *, crypto_key_t *, crypto_object_id_t *,
-        uchar_t *, size_t *, crypto_req_handle_t);
-    int (*key_unwrap)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_mechanism_t *, crypto_key_t *, uchar_t *, size_t *,
-        crypto_object_attribute_t *, uint_t,
-        crypto_object_id_t *, crypto_req_handle_t);
-    int (*key_derive)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_mechanism_t *, crypto_key_t *, crypto_object_attribute_t *,
-        uint_t, crypto_object_id_t *, crypto_req_handle_t);
-    int (*key_check)(crypto_provider_handle_t, crypto_mechanism_t *,
-        crypto_key_t *);
-} crypto_key_ops_t;
-
-/*
- * The crypto_provider_management_ops structure contains pointers
- * to management operations for cryptographic providers.  It is passed
- * through the crypto_ops(9S) structure when providers register with the
- * kernel using crypto_register_provider(9F).
- */
-typedef struct crypto_provider_management_ops {
-    int (*ext_info)(crypto_provider_handle_t,
-        crypto_provider_ext_info_t *, crypto_req_handle_t);
-    int (*init_token)(crypto_provider_handle_t, char *, size_t,
-        char *, crypto_req_handle_t);
-    int (*init_pin)(crypto_provider_handle_t, crypto_session_id_t,
-        char *, size_t, crypto_req_handle_t);
-    int (*set_pin)(crypto_provider_handle_t, crypto_session_id_t,
-        char *, size_t, char *, size_t, crypto_req_handle_t);
-} crypto_provider_management_ops_t;
-
-typedef struct crypto_mech_ops {
-    int (*copyin_mechanism)(crypto_provider_handle_t,
-        crypto_mechanism_t *, crypto_mechanism_t *, int *, int);
-    int (*copyout_mechanism)(crypto_provider_handle_t,
-        crypto_mechanism_t *, crypto_mechanism_t *, int *, int);
-    int (*free_mechanism)(crypto_provider_handle_t, crypto_mechanism_t *);
-} crypto_mech_ops_t;
-
-typedef struct crypto_nostore_key_ops {
-    int (*nostore_key_generate)(crypto_provider_handle_t,
-        crypto_session_id_t, crypto_mechanism_t *,
-        crypto_object_attribute_t *, uint_t, crypto_object_attribute_t *,
-        uint_t, crypto_req_handle_t);
-    int (*nostore_key_generate_pair)(crypto_provider_handle_t,
-        crypto_session_id_t, crypto_mechanism_t *,
-        crypto_object_attribute_t *, uint_t, crypto_object_attribute_t *,
-        uint_t, crypto_object_attribute_t *, uint_t,
-        crypto_object_attribute_t *, uint_t, crypto_req_handle_t);
-    int (*nostore_key_derive)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_mechanism_t *, crypto_key_t *, crypto_object_attribute_t *,
-        uint_t, crypto_object_attribute_t *, uint_t, crypto_req_handle_t);
-} crypto_nostore_key_ops_t;
-
-/*
- * crypto_fips140_ops provides a function for FIPS 140 Power-On Self Test for
- * those providers that are part of the Cryptographic Framework bounday.  See
- * crypto_fips140_ops(9s) for details.
- */
-typedef struct crypto_fips140_ops {
-    void (*fips140_post)(int *);
-} crypto_fips140_ops_t;
-
-/*
- * The crypto_ops(9S) structure contains the structures containing
- * the pointers to functions implemented by cryptographic providers.
- * It is specified as part of the crypto_provider_info(9S)
- * supplied by a provider when it registers with the kernel
- * by calling crypto_register_provider(9F).
- */
-typedef struct crypto_ops_v1 {
-    crypto_control_ops_t            *co_control_ops;
-    crypto_digest_ops_t            *co_digest_ops;
-    crypto_cipher_ops_t            *co_cipher_ops;
-    crypto_mac_ops_t            *co_mac_ops;
-    crypto_sign_ops_t            *co_sign_ops;
-    crypto_verify_ops_t            *co_verify_ops;
-    crypto_dual_ops_t            *co_dual_ops;
-    crypto_dual_cipher_mac_ops_t        *co_dual_cipher_mac_ops;
-    crypto_random_number_ops_t        *co_random_ops;
-    crypto_session_ops_t            *co_session_ops;
-    crypto_object_ops_t            *co_object_ops;
-    crypto_key_ops_t            *co_key_ops;
-    crypto_provider_management_ops_t    *co_provider_ops;
-    crypto_ctx_ops_t            *co_ctx_ops;
-} crypto_ops_v1_t;
-
-typedef struct crypto_ops_v2 {
-    crypto_ops_v1_t                v1_ops;
-    crypto_mech_ops_t            *co_mech_ops;
-} crypto_ops_v2_t;
-
-typedef struct crypto_ops_v3 {
-    crypto_ops_v2_t                v2_ops;
-    crypto_nostore_key_ops_t        *co_nostore_key_ops;
-} crypto_ops_v3_t;
-
-typedef struct crypto_ops_v4 {
-    crypto_ops_v3_t                v3_ops;
-    crypto_fips140_ops_t            *co_fips140_ops;
-} crypto_ops_v4_t;
-
-typedef struct crypto_ops_v5 {
-    crypto_ops_v4_t                v4_ops;
-    boolean_t                co_uio_userspace_ok;
-} crypto_ops_v5_t;
-
-typedef struct crypto_ops {
-    union {
-        crypto_ops_v5_t    cou_v5;
-        crypto_ops_v4_t    cou_v4;
-        crypto_ops_v3_t    cou_v3;
-        crypto_ops_v2_t    cou_v2;
-        crypto_ops_v1_t    cou_v1;
-    } cou;
-} crypto_ops_t;
-
-#define    co_control_ops            cou.cou_v1.co_control_ops
-#define    co_digest_ops            cou.cou_v1.co_digest_ops
-#define    co_cipher_ops            cou.cou_v1.co_cipher_ops
-#define    co_mac_ops            cou.cou_v1.co_mac_ops
-#define    co_sign_ops            cou.cou_v1.co_sign_ops
-#define    co_verify_ops            cou.cou_v1.co_verify_ops
-#define    co_dual_ops            cou.cou_v1.co_dual_ops
-#define    co_dual_cipher_mac_ops        cou.cou_v1.co_dual_cipher_mac_ops
-#define    co_random_ops            cou.cou_v1.co_random_ops
-#define    co_session_ops            cou.cou_v1.co_session_ops
-#define    co_object_ops            cou.cou_v1.co_object_ops
-#define    co_key_ops            cou.cou_v1.co_key_ops
-#define    co_provider_ops            cou.cou_v1.co_provider_ops
-#define    co_ctx_ops            cou.cou_v1.co_ctx_ops
-#define    co_mech_ops            cou.cou_v2.co_mech_ops
-#define    co_nostore_key_ops        cou.cou_v3.co_nostore_key_ops
-#define    co_fips140_ops            cou.cou_v4.co_fips140_ops
-#define    co_uio_userspace_ok        cou.cou_v5.co_uio_userspace_ok
-
-/*
- * Provider device specification passed during registration.
- *
- * Software providers set the pi_provider_type field of provider_info_t
- * to CRYPTO_SW_PROVIDER, and set the pd_sw field of
- * crypto_provider_dev_t to the address of their modlinkage.
- *
- * Hardware providers set the pi_provider_type field of provider_info_t
- * to CRYPTO_HW_PROVIDER, and set the pd_hw field of
- * crypto_provider_dev_t to the dev_info structure corresponding
- * to the device instance being registered.
- *
- * Logical providers set the pi_provider_type field of provider_info_t
- * to CRYPTO_LOGICAL_PROVIDER, and set the pd_hw field of
- * crypto_provider_dev_t to the dev_info structure corresponding
- * to the device instance being registered.
- */
-
-typedef union crypto_provider_dev {
-    struct modlinkage    *pd_sw; /* for CRYPTO_SW_PROVIDER */
-    dev_info_t        *pd_hw; /* for CRYPTO_HW_PROVIDER */
-} crypto_provider_dev_t;
-
-/*
- * The mechanism info structure crypto_mech_info_t contains a function group
- * bit mask cm_func_group_mask. This field, of type crypto_func_group_t,
- * specifies the provider entry point that can be used a particular
- * mechanism. The function group mask is a combination of the following values.
- */
-
-typedef uint32_t crypto_func_group_t;
-
-#endif /* _KERNEL */
-
-#define    CRYPTO_FG_ENCRYPT        0x00000001 /* encrypt_init() */
-#define    CRYPTO_FG_DECRYPT        0x00000002 /* decrypt_init() */
-#define    CRYPTO_FG_DIGEST        0x00000004 /* digest_init() */
-#define    CRYPTO_FG_SIGN            0x00000008 /* sign_init() */
-#define    CRYPTO_FG_SIGN_RECOVER        0x00000010 /* sign_recover_init() */
-#define    CRYPTO_FG_VERIFY        0x00000020 /* verify_init() */
-#define    CRYPTO_FG_VERIFY_RECOVER    0x00000040 /* verify_recover_init() */
-#define    CRYPTO_FG_GENERATE        0x00000080 /* key_generate() */
-#define    CRYPTO_FG_GENERATE_KEY_PAIR    0x00000100 /* key_generate_pair() */
-#define    CRYPTO_FG_WRAP            0x00000200 /* key_wrap() */
-#define    CRYPTO_FG_UNWRAP        0x00000400 /* key_unwrap() */
-#define    CRYPTO_FG_DERIVE        0x00000800 /* key_derive() */
-#define    CRYPTO_FG_MAC            0x00001000 /* mac_init() */
-#define    CRYPTO_FG_ENCRYPT_MAC        0x00002000 /* encrypt_mac_init() */
-#define    CRYPTO_FG_MAC_DECRYPT        0x00004000 /* decrypt_mac_init() */
-#define    CRYPTO_FG_ENCRYPT_ATOMIC    0x00008000 /* encrypt_atomic() */
-#define    CRYPTO_FG_DECRYPT_ATOMIC    0x00010000 /* decrypt_atomic() */
-#define    CRYPTO_FG_MAC_ATOMIC        0x00020000 /* mac_atomic() */
-#define    CRYPTO_FG_DIGEST_ATOMIC        0x00040000 /* digest_atomic() */
-#define    CRYPTO_FG_SIGN_ATOMIC        0x00080000 /* sign_atomic() */
-#define    CRYPTO_FG_SIGN_RECOVER_ATOMIC   0x00100000 /* sign_recover_atomic() */
-#define    CRYPTO_FG_VERIFY_ATOMIC        0x00200000 /* verify_atomic() */
-#define    CRYPTO_FG_VERIFY_RECOVER_ATOMIC    0x00400000 /* verify_recover_atomic() */
-#define    CRYPTO_FG_ENCRYPT_MAC_ATOMIC    0x00800000 /* encrypt_mac_atomic() */
-#define    CRYPTO_FG_MAC_DECRYPT_ATOMIC    0x01000000 /* mac_decrypt_atomic() */
-#define    CRYPTO_FG_RESERVED        0x80000000
-
-/*
- * Maximum length of the pi_provider_description field of the
- * crypto_provider_info structure.
- */
-#define    CRYPTO_PROVIDER_DESCR_MAX_LEN    64
-
-#ifdef _KERNEL
-
-/* Bit mask for all the simple operations */
-#define    CRYPTO_FG_SIMPLEOP_MASK    (CRYPTO_FG_ENCRYPT | CRYPTO_FG_DECRYPT | \
-    CRYPTO_FG_DIGEST | CRYPTO_FG_SIGN | CRYPTO_FG_VERIFY | CRYPTO_FG_MAC | \
-    CRYPTO_FG_ENCRYPT_ATOMIC | CRYPTO_FG_DECRYPT_ATOMIC |        \
-    CRYPTO_FG_MAC_ATOMIC | CRYPTO_FG_DIGEST_ATOMIC | CRYPTO_FG_SIGN_ATOMIC | \
-    CRYPTO_FG_VERIFY_ATOMIC)
-
-/* Bit mask for all the dual operations */
-#define    CRYPTO_FG_MAC_CIPHER_MASK    (CRYPTO_FG_ENCRYPT_MAC |    \
-    CRYPTO_FG_MAC_DECRYPT | CRYPTO_FG_ENCRYPT_MAC_ATOMIC |         \
-    CRYPTO_FG_MAC_DECRYPT_ATOMIC)
-
-/* Add other combos to CRYPTO_FG_DUAL_MASK */
-#define    CRYPTO_FG_DUAL_MASK    CRYPTO_FG_MAC_CIPHER_MASK
-
-/*
- * The crypto_mech_info structure specifies one of the mechanisms
- * supported by a cryptographic provider. The pi_mechanisms field of
- * the crypto_provider_info structure contains a pointer to an array
- * of crypto_mech_info's.
- */
-typedef struct crypto_mech_info {
-    crypto_mech_name_t    cm_mech_name;
-    crypto_mech_type_t    cm_mech_number;
-    crypto_func_group_t    cm_func_group_mask;
-    ssize_t            cm_min_key_length;
-    ssize_t            cm_max_key_length;
-    uint32_t        cm_mech_flags;
-} crypto_mech_info_t;
-
-/* Alias the old name to the new name for compatibility. */
-#define    cm_keysize_unit    cm_mech_flags
-
-/*
- * crypto_kcf_provider_handle_t is a handle allocated by the kernel.
- * It is returned after the provider registers with
- * crypto_register_provider(), and must be specified by the provider
- * when calling crypto_unregister_provider(), and
- * crypto_provider_notification().
- */
-typedef uint_t crypto_kcf_provider_handle_t;
-
-/*
- * Provider information. Passed as argument to crypto_register_provider(9F).
- * Describes the provider and its capabilities. Multiple providers can
- * register for the same device instance. In this case, the same
- * pi_provider_dev must be specified with a different pi_provider_handle.
- */
-typedef struct crypto_provider_info_v1 {
-    uint_t                pi_interface_version;
-    char                *pi_provider_description;
-    crypto_provider_type_t        pi_provider_type;
-    crypto_provider_dev_t        pi_provider_dev;
-    crypto_provider_handle_t    pi_provider_handle;
-    crypto_ops_t            *pi_ops_vector;
-    uint_t                pi_mech_list_count;
-    crypto_mech_info_t        *pi_mechanisms;
-    uint_t                pi_logical_provider_count;
-    crypto_kcf_provider_handle_t    *pi_logical_providers;
-} crypto_provider_info_v1_t;
-
-typedef struct crypto_provider_info_v2 {
-    crypto_provider_info_v1_t    v1_info;
-    uint_t                pi_flags;
-} crypto_provider_info_v2_t;
-
-typedef struct crypto_provider_info {
-    union {
-        crypto_provider_info_v2_t piu_v2;
-        crypto_provider_info_v1_t piu_v1;
-    } piu;
-} crypto_provider_info_t;
-
-#define    pi_interface_version        piu.piu_v1.pi_interface_version
-#define    pi_provider_description        piu.piu_v1.pi_provider_description
-#define    pi_provider_type        piu.piu_v1.pi_provider_type
-#define    pi_provider_dev            piu.piu_v1.pi_provider_dev
-#define    pi_provider_handle        piu.piu_v1.pi_provider_handle
-#define    pi_ops_vector            piu.piu_v1.pi_ops_vector
-#define    pi_mech_list_count        piu.piu_v1.pi_mech_list_count
-#define    pi_mechanisms            piu.piu_v1.pi_mechanisms
-#define    pi_logical_provider_count    piu.piu_v1.pi_logical_provider_count
-#define    pi_logical_providers        piu.piu_v1.pi_logical_providers
-#define    pi_flags            piu.piu_v2.pi_flags
-
-/* hidden providers can only be accessed via a logical provider */
-#define    CRYPTO_HIDE_PROVIDER        0x00000001
-/*
- * provider can not do multi-part digest (updates) and has a limit
- * on maximum input data that it can digest. The provider sets
- * this value in crypto_provider_ext_info_t by implementing
- * the ext_info entry point in the co_provider_ops vector.
- */
-#define    CRYPTO_HASH_NO_UPDATE        0x00000002
-/*
- * provider can not do multi-part HMAC (updates) and has a limit
- * on maximum input data that it can hmac. The provider sets
- * this value in crypto_provider_ext_info_t by implementing
- * the ext_info entry point in the co_provider_ops vector.
- */
-#define    CRYPTO_HMAC_NO_UPDATE        0x00000008
-
-/* provider can handle the request without returning a CRYPTO_QUEUED */
-#define    CRYPTO_SYNCHRONOUS        0x00000004
-
-#define    CRYPTO_PIFLAGS_RESERVED2    0x40000000
-#define    CRYPTO_PIFLAGS_RESERVED1    0x80000000
-
-/*
- * Provider status passed by a provider to crypto_provider_notification(9F)
- * and returned by the provider_stauts(9E) entry point.
- */
-#define    CRYPTO_PROVIDER_READY        0
-#define    CRYPTO_PROVIDER_BUSY        1
-#define    CRYPTO_PROVIDER_FAILED        2
-
-/*
- * Functions exported by Solaris to cryptographic providers. Providers
- * call these functions to register and unregister, notify the kernel
- * of state changes, and notify the kernel when a asynchronous request
- * completed.
- */
-extern int crypto_register_provider(crypto_provider_info_t *,
-        crypto_kcf_provider_handle_t *);
-extern int crypto_unregister_provider(crypto_kcf_provider_handle_t);
-extern void crypto_provider_notification(crypto_kcf_provider_handle_t, uint_t);
-extern void crypto_op_notification(crypto_req_handle_t, int);
-extern int crypto_kmflag(crypto_req_handle_t);
-
-#endif    /* _KERNEL */
-
-#ifdef    __cplusplus
-}
-#endif
-
-#endif    /* _SYS_CRYPTO_SPI_H */
--- a/jdk/src/jdk.internal.le/share/classes/jdk/internal/jline/extra/EditingHistory.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/jdk.internal.le/share/classes/jdk/internal/jline/extra/EditingHistory.java	Wed Jul 05 21:49:47 2017 +0200
@@ -54,7 +54,9 @@
              (Runnable) () -> moveHistoryToSnippet(in, ((EditingHistory) in.getHistory())::previousSnippet));
         bind(in, CTRL_DOWN,
              (Runnable) () -> moveHistoryToSnippet(in, ((EditingHistory) in.getHistory())::nextSnippet));
-        load(originalHistory);
+        if (originalHistory != null) {
+            load(originalHistory);
+        }
     }
 
     private void moveHistoryToSnippet(ConsoleReader in, Supplier<Boolean> action) {
--- a/jdk/src/jdk.jlink/share/classes/jdk/tools/jimage/JImageTask.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/jdk.jlink/share/classes/jdk/tools/jimage/JImageTask.java	Wed Jul 05 21:49:47 2017 +0200
@@ -28,19 +28,16 @@
 import java.io.File;
 import java.io.IOException;
 import java.io.PrintWriter;
-import java.nio.ByteBuffer;
-import java.nio.ByteOrder;
-import java.nio.channels.FileChannel;
+import java.nio.file.FileSystem;
 import java.nio.file.Files;
-import static java.nio.file.StandardOpenOption.READ;
-import static java.nio.file.StandardOpenOption.WRITE;
+import java.nio.file.PathMatcher;
+import java.util.ArrayList;
 import java.util.LinkedList;
 import java.util.List;
+import java.util.MissingResourceException;
+import java.util.function.Predicate;
 import jdk.internal.jimage.BasicImageReader;
 import jdk.internal.jimage.ImageHeader;
-import static jdk.internal.jimage.ImageHeader.MAGIC;
-import static jdk.internal.jimage.ImageHeader.MAJOR_VERSION;
-import static jdk.internal.jimage.ImageHeader.MINOR_VERSION;
 import jdk.internal.jimage.ImageLocation;
 import jdk.tools.jlink.internal.ImageResourcesTree;
 import jdk.tools.jlink.internal.TaskHelper;
@@ -48,53 +45,71 @@
 import static jdk.tools.jlink.internal.TaskHelper.JIMAGE_BUNDLE;
 import jdk.tools.jlink.internal.TaskHelper.Option;
 import jdk.tools.jlink.internal.TaskHelper.OptionsHelper;
+import jdk.tools.jlink.internal.Utils;
 
 class JImageTask {
-
-    static final Option<?>[] recognizedOptions = {
-        new Option<JImageTask>(true, (task, opt, arg) -> {
+    private static final Option<?>[] RECOGNIZED_OPTIONS = {
+        new Option<JImageTask>(true, (task, option, arg) -> {
             task.options.directory = arg;
         }, "--dir"),
-        new Option<JImageTask>(false, (task, opt, arg) -> {
+
+        new Option<JImageTask>(true, (task, option, arg) -> {
+            task.options.filters = arg;
+        }, "--filter"),
+
+        new Option<JImageTask>(false, (task, option, arg) -> {
             task.options.fullVersion = true;
         }, true, "--fullversion"),
-        new Option<JImageTask>(false, (task, opt, arg) -> {
+
+        new Option<JImageTask>(false, (task, option, arg) -> {
             task.options.help = true;
         }, "--help"),
-        new Option<JImageTask>(true, (task, opt, arg) -> {
-            task.options.flags = arg;
-        }, "--flags"),
-        new Option<JImageTask>(false, (task, opt, arg) -> {
+
+        new Option<JImageTask>(false, (task, option, arg) -> {
             task.options.verbose = true;
         }, "--verbose"),
-        new Option<JImageTask>(false, (task, opt, arg) -> {
+
+        new Option<JImageTask>(false, (task, option, arg) -> {
             task.options.version = true;
         }, "--version")
     };
-    private static final TaskHelper taskHelper
+    private static final TaskHelper TASK_HELPER
             = new TaskHelper(JIMAGE_BUNDLE);
-    private static final OptionsHelper<JImageTask> optionsHelper
-            = taskHelper.newOptionsHelper(JImageTask.class, recognizedOptions);
+    private static final OptionsHelper<JImageTask> OPTION_HELPER
+            = TASK_HELPER.newOptionsHelper(JImageTask.class, RECOGNIZED_OPTIONS);
+    private static final String PROGNAME = "jimage";
+    private static final FileSystem JRT_FILE_SYSTEM = Utils.jrtFileSystem();
+
+    private final OptionsValues options;
+    private final List<Predicate<String>> filterPredicates;
+    private PrintWriter log;
+
+    JImageTask() {
+        this.options = new OptionsValues();
+        this.filterPredicates = new ArrayList<>();
+        log = null;
+    }
+
+    void setLog(PrintWriter out) {
+        log = out;
+        TASK_HELPER.setLog(log);
+    }
 
     static class OptionsValues {
         Task task = Task.LIST;
         String directory = ".";
+        String filters = "";
         boolean fullVersion;
         boolean help;
-        String flags;
         boolean verbose;
         boolean version;
         List<File> jimages = new LinkedList<>();
     }
 
-    private static final String PROGNAME = "jimage";
-    private final OptionsValues options = new OptionsValues();
-
     enum Task {
         EXTRACT,
         INFO,
         LIST,
-        SET,
         VERIFY
     };
 
@@ -145,50 +160,97 @@
 
     int run(String[] args) {
         if (log == null) {
-            setLog(new PrintWriter(System.out));
+            setLog(new PrintWriter(System.out, true));
         }
 
         if (args.length == 0) {
-            log.println(taskHelper.getMessage("main.usage.summary", PROGNAME));
+            log.println(TASK_HELPER.getMessage("main.usage.summary", PROGNAME));
             return EXIT_ABNORMAL;
         }
 
         try {
-            List<String> unhandled = optionsHelper.handleOptions(this, args);
+            List<String> unhandled = OPTION_HELPER.handleOptions(this, args);
+
             if(!unhandled.isEmpty()) {
                 try {
                     options.task = Enum.valueOf(Task.class, unhandled.get(0).toUpperCase());
                 } catch (IllegalArgumentException ex) {
-                    throw taskHelper.newBadArgs("err.not.a.task", unhandled.get(0));
+                    throw TASK_HELPER.newBadArgs("err.not.a.task", unhandled.get(0));
                 }
+
                 for(int i = 1; i < unhandled.size(); i++) {
                     options.jimages.add(new File(unhandled.get(i)));
                 }
-            } else {
-                throw taskHelper.newBadArgs("err.not.a.task", "<unspecified>");
+            } else if (!options.help && !options.version && !options.fullVersion) {
+                throw TASK_HELPER.newBadArgs("err.invalid.task", "<unspecified>");
             }
+
             if (options.help) {
-                optionsHelper.showHelp(PROGNAME);
+                if (unhandled.isEmpty()) {
+                    log.println(TASK_HELPER.getMessage("main.usage", PROGNAME));
+
+                    for (Option<?> o : RECOGNIZED_OPTIONS) {
+                        String name = o.aliases()[0];
+
+                        if (name.startsWith("--")) {
+                            name = name.substring(2);
+                        } else if (name.startsWith("-")) {
+                            name = name.substring(1);
+                        }
+
+                        log.println(TASK_HELPER.getMessage("main.opt." + name));
+                    }
+                } else {
+                    try {
+                        log.println(TASK_HELPER.getMessage("main.usage." +
+                                options.task.toString().toLowerCase()));
+                    } catch (MissingResourceException ex) {
+                        throw TASK_HELPER.newBadArgs("err.not.a.task", unhandled.get(0));
+                    }
+                }
+                return EXIT_OK;
             }
+
             if (options.version || options.fullVersion) {
-                taskHelper.showVersion(options.fullVersion);
+                TASK_HELPER.showVersion(options.fullVersion);
+
+                if (unhandled.isEmpty()) {
+                    return EXIT_OK;
+                }
             }
-            boolean ok = run();
-            return ok ? EXIT_OK : EXIT_ERROR;
+
+            processFilter(options.filters);
+
+            return run() ? EXIT_OK : EXIT_ERROR;
         } catch (BadArgs e) {
-            taskHelper.reportError(e.key, e.args);
+            TASK_HELPER.reportError(e.key, e.args);
+
             if (e.showUsage) {
-                log.println(taskHelper.getMessage("main.usage.summary", PROGNAME));
+                log.println(TASK_HELPER.getMessage("main.usage.summary", PROGNAME));
             }
+
             return EXIT_CMDERR;
         } catch (Exception x) {
             x.printStackTrace();
+
             return EXIT_ABNORMAL;
         } finally {
             log.flush();
         }
     }
 
+    private void processFilter(String filters) {
+        if (filters.isEmpty()) {
+            return;
+        }
+
+        for (String filter : filters.split(",")) {
+            final PathMatcher matcher = Utils.getPathMatcher(JRT_FILE_SYSTEM, filter);
+            Predicate<String> predicate = (path) -> matcher.matches(JRT_FILE_SYSTEM.getPath(path));
+            filterPredicates.add(predicate);
+        }
+    }
+
     private void listTitle(File file, BasicImageReader reader) {
         log.println("jimage: " + file);
     }
@@ -216,10 +278,12 @@
 
         if (parent.exists()) {
             if (!parent.isDirectory()) {
-                throw taskHelper.newBadArgs("err.cannot.create.dir", parent.getAbsolutePath());
+                throw TASK_HELPER.newBadArgs("err.cannot.create.dir",
+                                            parent.getAbsolutePath());
             }
         } else if (!parent.mkdirs()) {
-            throw taskHelper.newBadArgs("err.cannot.create.dir", parent.getAbsolutePath());
+            throw TASK_HELPER.newBadArgs("err.cannot.create.dir",
+                                        parent.getAbsolutePath());
         }
 
         if (!ImageResourcesTree.isTreeInfoResource(name)) {
@@ -261,7 +325,7 @@
 
         log.println(" Major Version:  " + header.getMajorVersion());
         log.println(" Minor Version:  " + header.getMinorVersion());
-        log.println(" Flags:          " + Integer.toHexString(header.getMinorVersion()));
+        log.println(" Flags:          " + Integer.toHexString(header.getFlags()));
         log.println(" Resource Count: " + header.getResourceCount());
         log.println(" Table Length:   " + header.getTableLength());
         log.println(" Offsets Size:   " + header.getOffsetsSize());
@@ -287,36 +351,7 @@
         print(reader, name);
     }
 
-    void set(File file, BasicImageReader reader) throws BadArgs {
-        try {
-            ImageHeader oldHeader = reader.getHeader();
-
-            int value = 0;
-            try {
-                value = Integer.valueOf(options.flags);
-            } catch (NumberFormatException ex) {
-                throw taskHelper.newBadArgs("err.flags.not.int", options.flags);
-            }
-
-            ImageHeader newHeader = new ImageHeader(MAGIC, MAJOR_VERSION, MINOR_VERSION,
-                    value,
-                    oldHeader.getResourceCount(), oldHeader.getTableLength(),
-                    oldHeader.getLocationsSize(), oldHeader.getStringsSize());
-
-            ByteBuffer buffer = ByteBuffer.allocate(ImageHeader.getHeaderSize());
-            buffer.order(ByteOrder.nativeOrder());
-            newHeader.writeTo(buffer);
-            buffer.rewind();
-
-            try (FileChannel channel = FileChannel.open(file.toPath(), READ, WRITE)) {
-                channel.write(buffer, 0);
-            }
-        } catch (IOException ex) {
-            throw taskHelper.newBadArgs("err.cannot.update.file", file.getName());
-        }
-    }
-
-     void verify(BasicImageReader reader, String name, ImageLocation location) {
+      void verify(BasicImageReader reader, String name, ImageLocation location) {
         if (name.endsWith(".class")) {
             byte[] bytes = reader.getResource(location);
 
@@ -335,12 +370,12 @@
             ModuleAction moduleAction,
             ResourceAction resourceAction) throws IOException, BadArgs {
         if (options.jimages.isEmpty()) {
-            throw taskHelper.newBadArgs("err.no.jimage");
+            throw TASK_HELPER.newBadArgs("err.no.jimage");
         }
 
         for (File file : options.jimages) {
             if (!file.exists() || !file.isFile()) {
-                throw taskHelper.newBadArgs("err.not.a.jimage", file.getName());
+                throw TASK_HELPER.newBadArgs("err.not.a.jimage", file.getName());
             }
 
             try (BasicImageReader reader = BasicImageReader.open(file.toPath())) {
@@ -353,6 +388,19 @@
                     String oldModule = "";
 
                     for (String name : entryNames) {
+                        boolean match = filterPredicates.isEmpty();
+
+                        for (Predicate<String> predicate : filterPredicates) {
+                            if (predicate.test(name)) {
+                                match = true;
+                                break;
+                            }
+                        }
+
+                        if (!match) {
+                            continue;
+                        }
+
                         if (!ImageResourcesTree.isTreeInfoResource(name)) {
                             if (moduleAction != null) {
                                 int offset = name.indexOf('/', 1);
@@ -387,21 +435,13 @@
             case LIST:
                 iterate(this::listTitle, this::listModule, this::list);
                 break;
-            case SET:
-                iterate(this::set, null, null);
-                break;
             case VERIFY:
                 iterate(this::listTitle, null, this::verify);
                 break;
             default:
-                throw taskHelper.newBadArgs("err.invalid.task", options.task.name()).showUsage(true);
+                throw TASK_HELPER.newBadArgs("err.invalid.task",
+                        options.task.name()).showUsage(true);
         }
         return true;
     }
-
-    private PrintWriter log;
-    void setLog(PrintWriter out) {
-        log = out;
-        taskHelper.setLog(log);
-    }
 }
--- a/jdk/src/jdk.jlink/share/classes/jdk/tools/jimage/resources/jimage.properties	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/jdk.jlink/share/classes/jdk/tools/jimage/resources/jimage.properties	Wed Jul 05 21:49:47 2017 +0200
@@ -24,54 +24,67 @@
 #
 
 main.usage.summary=\
-Usage: {0} <extract|info|list|set|verify> <options> jimage...\n\
-use --help for a list of possible options
+Usage: {0} <extract | info | list | verify> <options> jimage...\n\
+use --help for a list of possible options.
 
 main.usage=\
-Usage: {0} <extract|info|list|set|verify> <options> jimage...\n\
+Usage: {0} <extract | info | list | verify> <options> jimage...\n\
 \n\
-\  extract  - Extract all jimage entries into separate files into the directory\n\
-\             specified by --dir=<directory> (default='.')\n\
-\  info     - Prints information specified in the jimage header.\n\
+\  extract  - Extract all jimage entries and place in a directory specified\n\
+\             by the --dir=<directory> (default='.') option.\n\
+\n\
+\  info     - Prints detailed information contained in the jimage header.\n\
+\n\
 \  list     - Prints the names of all the entries in the jimage.  When used with\n\
-\             --verbose will also print entry attributes ex. size and offset.\n\
-\  set      - sets the value of specific jimage header entries\n\
-\  verify   - Reports errors on any .class entries that don't verify as classes.\n\
+\             --verbose, list will also print entry size and offset attributes.\n\
+\n\
+\  verify   - Reports on any .class entries that don't verify as classes.\n\
 \n\
 Possible options include:
 
+main.usage.extract=\
+\  extract  - Extract all jimage entries and place in a directory specified\n\
+\             by the --dir=<directory> (default='.') option.
+
+main.usage.info=\
+\  info     - Prints detailed information contained in the jimage header.
+
+main.usage.list=\
+\  list     - Prints the names of all the entries in the jimage.  When used with\n\
+\             --verbose, list will also print entry size and offset attributes.
+
+main.usage.verify=\
+\  verify   - Reports errors on any .class entries that don't verify as classes.
+
 error.prefix=Error:
 warn.prefix=Warning:
 
 main.opt.dir=\
-\  --dir                                Target directory for extract
+\  --dir                             Target directory for extract directive
 
-main.opt.flags=\
-\  --flags=value                        Set the jimage flags to value
+main.opt.filter=\
+\  --filter                          Filter entries for list or extract\n\
+\                                    Ex. /java.base/*, */module-info.class
+
+main.opt.fullversion=\
+\  --fullversion                     Print full version information
 
 main.opt.help=\
-\  --help                               Print this usage message
+\  --help                            Print usage message
 
 main.opt.verbose=\
-\  --verbose                            Verbose listing
+\  --verbose                         Listing prints entry size and offset attributes
 
 main.opt.version=\
-\  --version                            Version information
+\  --version                         Print version information
 
 main.command.files=\
-\  @<filename>                          Read options from file
-err.cannot.read.file=cannot read file: {0}
-err.cannot.update.file=cannot update file: {0}
-err.file.not.found=cannot find file: {0}
-err.file.error=cannot access file: {0}
-err.flags.not.int=--flags value not integer: {0}
-err.internal.error=internal error: {0} {1} {2}
-err.invalid.arg.for.option=invalid argument for option: {0}
-err.invalid.task=task must be extract|info|list|verify: {0}
+\  @<filename>                       Read options from file
+
+err.not.a.task=task must be one of <extract | info | list | verify>: {0}
 err.missing.arg=no value given for {0}
 err.not.a.dir=not a directory: {0}
 err.not.a.jimage=not a jimage file: {0}
 err.no.jimage=no jimage provided
-err.not.a.task=not a valid task: {0}
 err.option.unsupported={0} not supported: {1}
 err.unknown.option=unknown option: {0}
--- a/jdk/src/jdk.jlink/share/classes/jdk/tools/jlink/internal/JlinkTask.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/jdk.jlink/share/classes/jdk/tools/jlink/internal/JlinkTask.java	Wed Jul 05 21:49:47 2017 +0200
@@ -186,7 +186,7 @@
 
     int run(String[] args) {
         if (log == null) {
-            setLog(new PrintWriter(System.err));
+            setLog(new PrintWriter(System.err, true));
         }
         try {
             optionsHelper.handleOptions(this, args);
--- a/jdk/src/jdk.jlink/share/classes/jdk/tools/jlink/internal/TaskHelper.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/jdk.jlink/share/classes/jdk/tools/jlink/internal/TaskHelper.java	Wed Jul 05 21:49:47 2017 +0200
@@ -136,6 +136,10 @@
         void process(T task, String opt, String arg) throws BadArgs {
             processing.process(task, opt, arg);
         }
+
+        public String[] aliases() {
+            return aliases;
+        }
     }
 
     private static class PlugOption extends Option<PluginsOptions> {
--- a/jdk/src/jdk.jlink/share/classes/jdk/tools/jlink/internal/Utils.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/jdk.jlink/share/classes/jdk/tools/jlink/internal/Utils.java	Wed Jul 05 21:49:47 2017 +0200
@@ -25,6 +25,10 @@
 package jdk.tools.jlink.internal;
 
 import java.lang.reflect.Module;
+import java.net.URI;
+import java.nio.file.FileSystem;
+import java.nio.file.FileSystems;
+import java.nio.file.PathMatcher;
 import java.util.ArrayList;
 import java.util.Comparator;
 import java.util.List;
@@ -155,4 +159,20 @@
     public static boolean isBuiltin(Plugin prov) {
         return THIS_MODULE.equals(prov.getClass().getModule());
     }
+
+    public static FileSystem jrtFileSystem() {
+        return FileSystems.getFileSystem(URI.create("jrt:/"));
+    }
+
+    public static PathMatcher getPathMatcher(FileSystem fs, String pattern) {
+        if (!pattern.startsWith("glob:") && !pattern.startsWith("regex:")) {
+            pattern = "glob:" + pattern;
+        }
+
+        return fs.getPathMatcher(pattern);
+    }
+
+    public static PathMatcher getPathMatcher(String pattern) {
+        return getPathMatcher(jrtFileSystem(), pattern);
+    }
 }
--- a/jdk/src/jdk.jlink/share/classes/jdk/tools/jlink/internal/plugins/OrderResourcesPlugin.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/jdk.jlink/share/classes/jdk/tools/jlink/internal/plugins/OrderResourcesPlugin.java	Wed Jul 05 21:49:47 2017 +0200
@@ -26,7 +26,9 @@
 
 import java.io.File;
 import java.io.IOException;
+import java.nio.file.FileSystem;
 import java.nio.file.Files;
+import java.nio.file.PathMatcher;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.HashMap;
@@ -47,6 +49,8 @@
  */
 public final class OrderResourcesPlugin implements TransformerPlugin {
     public static final String NAME = "order-resources";
+    private static final FileSystem JRT_FILE_SYSTEM = Utils.jrtFileSystem();
+
     private final List<ToIntFunction<String>> filters;
     private final Map<String, Integer> orderedPaths;
 
@@ -187,27 +191,11 @@
                     }
                 }
             } else {
-                boolean endsWith = pattern.startsWith("*");
-                boolean startsWith = pattern.endsWith("*");
-                ToIntFunction<String> function;
                 final int result = ordinal++;
-
-                if (startsWith && endsWith) {
-                    final String string = pattern.substring(1, pattern.length() - 1);
-                    function = (path)-> path.contains(string) ? result : Integer.MAX_VALUE;
-                } else if (startsWith) {
-                    final String string = pattern.substring(0, pattern.length() - 1);
-                    function = (path)-> path.startsWith(string) ? result : Integer.MAX_VALUE;
-                } else if (endsWith) {
-                    final String string = pattern.substring(1);
-                    function = (path)-> path.endsWith(string) ? result : Integer.MAX_VALUE;
-                } else {
-                    final String string = pattern;
-                    function = (path)-> path.equals(string) ? result : Integer.MAX_VALUE;
-                }
-
+                final PathMatcher matcher = Utils.getPathMatcher(JRT_FILE_SYSTEM, pattern);
+                ToIntFunction<String> function = (path)-> matcher.matches(JRT_FILE_SYSTEM.getPath(path)) ? result : Integer.MAX_VALUE;
                 filters.add(function);
-            }
+             }
         }
     }
 }
--- a/jdk/src/jdk.jlink/share/classes/jdk/tools/jlink/internal/plugins/ResourceFilter.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/jdk.jlink/share/classes/jdk/tools/jlink/internal/plugins/ResourceFilter.java	Wed Jul 05 21:49:47 2017 +0200
@@ -24,113 +24,71 @@
  */
 package jdk.tools.jlink.internal.plugins;
 
-import java.io.BufferedReader;
 import java.io.File;
-import java.io.FileInputStream;
 import java.io.IOException;
-import java.io.InputStreamReader;
-import java.nio.charset.StandardCharsets;
+import java.nio.file.FileSystem;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.nio.file.PathMatcher;
+import java.util.ArrayList;
 import java.util.List;
 import java.util.function.Predicate;
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
-import java.util.stream.Collectors;
+import jdk.tools.jlink.internal.Utils;
+import jdk.tools.jlink.plugin.PluginException;
 
 /**
  *
- * Filter in or out a resource
+ * Filter resource resources using path matcher.
  */
 public class ResourceFilter implements Predicate<String> {
+    private static final FileSystem JRT_FILE_SYSTEM = Utils.jrtFileSystem();
 
-    private final Pattern inPatterns;
-    private final Pattern outPatterns;
-
-    static final String NEG = "^";
+    final boolean negate;
+    final List<PathMatcher> matchers;
 
     public ResourceFilter(String[] patterns) throws IOException {
         this(patterns, false);
     }
 
-    public ResourceFilter(String[] patterns, boolean negateAll) throws IOException {
+    public ResourceFilter(String[] patterns, boolean negate) throws IOException {
+        this.negate = negate;
+        this.matchers = new ArrayList<>();
 
-        // Get the patterns from a file
-        if (patterns != null && patterns.length == 1) {
-            String filePath = patterns[0];
-            File f = new File(filePath);
-            if (f.exists()) {
-                List<String> pats;
-                try (FileInputStream fis = new FileInputStream(f);
-                        InputStreamReader ins = new InputStreamReader(fis,
-                                StandardCharsets.UTF_8);
-                        BufferedReader reader = new BufferedReader(ins)) {
-                    pats = reader.lines().collect(Collectors.toList());
+        for (String pattern : patterns) {
+            if (pattern.startsWith("@")) {
+                File file = new File(pattern.substring(1));
+
+                if (file.exists()) {
+                    List<String> lines;
+
+                    try {
+                        lines = Files.readAllLines(file.toPath());
+                    } catch (IOException ex) {
+                        throw new PluginException(ex);
+                    }
+
+                    for (String line : lines) {
+                        PathMatcher matcher = Utils.getPathMatcher(JRT_FILE_SYSTEM, line);
+                        matchers.add(matcher);
+                    }
                 }
-                patterns = new String[pats.size()];
-                pats.toArray(patterns);
+            } else {
+                PathMatcher matcher = Utils.getPathMatcher(JRT_FILE_SYSTEM, pattern);
+                matchers.add(matcher);
+            }
+        }
+    }
+
+    @Override
+    public boolean test(String name) {
+        Path path = JRT_FILE_SYSTEM.getPath(name);
+
+        for (PathMatcher matcher : matchers) {
+            if (matcher.matches(path)) {
+                return !negate;
             }
         }
 
-        if (patterns != null && negateAll) {
-            String[] excluded = new String[patterns.length];
-            for (int i = 0; i < patterns.length; i++) {
-                excluded[i] = ResourceFilter.NEG + patterns[i];
-            }
-            patterns = excluded;
-        }
-
-        StringBuilder inPatternsBuilder = new StringBuilder();
-        StringBuilder outPatternsBuilder = new StringBuilder();
-        if (patterns != null) {
-            for (int i = 0; i < patterns.length; i++) {
-                String p = patterns[i];
-                p = p.replaceAll(" ", "");
-                StringBuilder builder = p.startsWith(NEG)
-                        ? outPatternsBuilder : inPatternsBuilder;
-                String pat = p.startsWith(NEG) ? p.substring(NEG.length()) : p;
-                builder.append(escape(pat));
-                if (i < patterns.length - 1) {
-                    builder.append("|");
-                }
-            }
-        }
-        this.inPatterns = inPatternsBuilder.length() == 0 ? null
-                : Pattern.compile(inPatternsBuilder.toString());
-        this.outPatterns = outPatternsBuilder.length() == 0 ? null
-                : Pattern.compile(outPatternsBuilder.toString());
-    }
-
-    public static String escape(String s) {
-        s = s.replaceAll(" ", "");
-        s = s.replaceAll("\\$", Matcher.quoteReplacement("\\$"));
-        s = s.replaceAll("\\.", Matcher.quoteReplacement("\\."));
-        s = s.replaceAll("\\*", ".+");
-        return s;
-    }
-
-    private boolean accept(String path) {
-        if (outPatterns != null) {
-            Matcher mout = outPatterns.matcher(path);
-            if (mout.matches()) {
-                //System.out.println("Excluding file " + resource.getPath());
-                return false;
-            }
-        }
-        boolean accepted = false;
-        // If the inPatterns is null, means that all resources are accepted.
-        if (inPatterns == null) {
-            accepted = true;
-        } else {
-            Matcher m = inPatterns.matcher(path);
-            if (m.matches()) {
-                //System.out.println("Including file " + resource.getPath());
-                accepted = true;
-            }
-        }
-        return accepted;
-    }
-
-    @Override
-    public boolean test(String path) {
-        return accept(path);
+        return negate;
     }
 }
--- a/jdk/src/jdk.jlink/share/classes/jdk/tools/jlink/internal/plugins/SystemModuleDescriptorPlugin.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/jdk.jlink/share/classes/jdk/tools/jlink/internal/plugins/SystemModuleDescriptorPlugin.java	Wed Jul 05 21:49:47 2017 +0200
@@ -448,29 +448,27 @@
             }
 
             void newBuilder(String name, int reqs, int exports, int provides,
-                            int conceals, int packages) {
+                            int packages) {
                 mv.visitTypeInsn(NEW, MODULE_DESCRIPTOR_BUILDER);
                 mv.visitInsn(DUP);
                 mv.visitLdcInsn(name);
                 pushInt(initialCapacity(reqs));
                 pushInt(initialCapacity(exports));
                 pushInt(initialCapacity(provides));
-                pushInt(initialCapacity(conceals));
                 pushInt(initialCapacity(packages));
                 mv.visitMethodInsn(INVOKESPECIAL, MODULE_DESCRIPTOR_BUILDER,
-                                   "<init>", "(Ljava/lang/String;IIIII)V", false);
+                                   "<init>", "(Ljava/lang/String;IIII)V", false);
                 mv.visitVarInsn(ASTORE, BUILDER_VAR);
                 mv.visitVarInsn(ALOAD, BUILDER_VAR);
             }
 
             /*
              * Returns the set of concealed packages from ModuleDescriptor, if present
-             * or compute it if the module oes not have ConcealedPackages attribute
+             * or compute it if the module does not have ConcealedPackages attribute
              */
             Set<String> conceals() {
                 Set<String> conceals = md.conceals();
-                if (md.conceals().isEmpty() &&
-                        (md.exports().size() + md.conceals().size()) != packages.size()) {
+                if (conceals.isEmpty() && md.exports().size() != packages.size()) {
                     Set<String> exports = md.exports().stream()
                                             .map(Exports::source)
                                             .collect(Collectors.toSet());
@@ -492,8 +490,7 @@
                 newBuilder(md.name(), md.requires().size(),
                            md.exports().size(),
                            md.provides().size(),
-                           conceals().size(),
-                           conceals().size() + md.exports().size());
+                           packages.size());
 
                 // requires
                 for (ModuleDescriptor.Requires req : md.requires()) {
@@ -528,10 +525,8 @@
                     provides(p.service(), p.providers());
                 }
 
-                // concealed packages
-                for (String pn : conceals()) {
-                    conceals(pn);
-                }
+                // all packages
+                packages(packages);
 
                 // version
                 md.version().ifPresent(this::version);
@@ -675,11 +670,13 @@
             /*
              * Invoke Builder.conceals(String pn)
              */
-            void conceals(String pn) {
+            void packages(Set<String> packages) {
                 mv.visitVarInsn(ALOAD, BUILDER_VAR);
-                mv.visitLdcInsn(pn);
+                int varIndex = new StringSetBuilder(packages).build();
+                assert varIndex == STRING_SET_VAR;
+                mv.visitVarInsn(ALOAD, varIndex);
                 mv.visitMethodInsn(INVOKEVIRTUAL, MODULE_DESCRIPTOR_BUILDER,
-                                   "conceals", STRING_SIG, false);
+                                   "packages", SET_SIG, false);
                 mv.visitInsn(POP);
             }
 
@@ -761,7 +758,7 @@
                 if (localVarIndex == 0) {
                     // if non-empty and more than one set reference this builder,
                     // emit to a unique local
-                    index = refCount == 1 ? STRING_SET_VAR
+                    index = refCount <= 1 ? STRING_SET_VAR
                                           : nextLocalVar++;
                     if (index < MAX_LOCAL_VARS) {
                         localVarIndex = index;
--- a/jdk/src/jdk.jlink/share/classes/jdk/tools/jmod/JmodTask.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/src/jdk.jlink/share/classes/jdk/tools/jmod/JmodTask.java	Wed Jul 05 21:49:47 2017 +0200
@@ -1072,6 +1072,10 @@
         @Override
         public Pattern convert(String value) {
             try {
+                if (value.startsWith("regex:")) {
+                    value = value.substring("regex:".length()).trim();
+                }
+
                 return Pattern.compile(value);
             } catch (PatternSyntaxException e) {
                 throw new CommandException("err.bad.pattern", value);
@@ -1083,10 +1087,15 @@
         @Override public String valuePattern() { return "pattern"; }
     }
 
-    static class GlobConverter implements ValueConverter<PathMatcher> {
+    static class PathMatcherConverter implements ValueConverter<PathMatcher> {
         @Override
         public PathMatcher convert(String pattern) {
             try {
+                if (!pattern.startsWith("glob:") &&
+                    !pattern.startsWith("regex:")) {
+                    pattern = "glob:" + pattern;
+                }
+
                 return FileSystems.getDefault()
                                   .getPathMatcher("glob:" + pattern);
             } catch (PatternSyntaxException e) {
@@ -1194,7 +1203,7 @@
         OptionSpec<PathMatcher> excludes
                 = parser.accepts("exclude", getMessage("main.opt.exclude"))
                         .withRequiredArg()
-                        .withValuesConvertedBy(new GlobConverter());
+                        .withValuesConvertedBy(new PathMatcherConverter());
 
         OptionSpec<Pattern> hashModules
                 = parser.accepts("hash-modules", getMessage("main.opt.hash-modules"))
--- a/jdk/test/Makefile	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/test/Makefile	Wed Jul 05 21:49:47 2017 +0200
@@ -316,8 +316,9 @@
 # Always turn on assertions
 JTREG_ASSERT_OPTION = -ea -esa
 JTREG_BASIC_OPTIONS += $(JTREG_ASSERT_OPTION)
-# Report details on all failed or error tests, times too
-JTREG_BASIC_OPTIONS += -v:fail,error,time
+# jtreg verbosity setting
+JTREG_VERBOSE ?= fail,error,time
+JTREG_BASIC_OPTIONS += $(if $(JTREG_VERBOSE),-v:$(JTREG_VERBOSE))
 # Retain all files for failing tests
 JTREG_BASIC_OPTIONS += -retain:fail,error
 # Ignore tests are not run and completely silent about it
--- a/jdk/test/ProblemList.txt	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/test/ProblemList.txt	Wed Jul 05 21:49:47 2017 +0200
@@ -199,6 +199,8 @@
 
 sun/rmi/rmic/newrmic/equivalence/run.sh                         8145980 generic-all
 
+java/rmi/transport/dgcDeadLock/DGCDeadLock.java                 8029360 macosx-all
+
 ############################################################################
 
 # jdk_security
@@ -207,15 +209,10 @@
 
 sun/security/krb5/auto/Unreachable.java                         7164518 macosx-all no PortUnreachableException on Mac
 
-java/security/KeyPairGenerator/SolarisShortDSA.java             7041639 solaris-all
-sun/security/tools/keytool/standard.sh                          7041639 solaris-all
-
 sun/security/tools/keytool/ListKeychainStore.sh                 8156889 macosx-all
 
 sun/security/mscapi/ShortRSAKey1024.sh                          8153948 windows-all
 
-java/security/Security/ClassLoaderDeadlock/Deadlock2.sh         8062758 generic-all
-
 sun/security/tools/jarsigner/warnings/BadKeyUsageTest.java      8026393 generic-all
 
 sun/security/pkcs11/Cipher/ReinitCipher.java                    8077138,8023434 windows-all
@@ -399,4 +396,28 @@
 
 tools/jlink/plugins/IncludeLocalesPluginTest.java               8158272 generic-all
 
+tools/jlink/basic/BasicTest.java                                8159206 generic-all
+
+tools/jlink/IntegrationTest.java                                8159206 generic-all
+
+tools/jlink/JLinkOptimTest.java                                 8159206 generic-all
+
+tools/jlink/JLinkTest.java                                      8159206 generic-all
+
+tools/jlink/plugins/CompressorPluginTest.java                   8159206 generic-all
+
+tools/jlink/plugins/ExcludeFilesPluginTest.java                 8159206 generic-all
+
+tools/jlink/plugins/ExcludePluginTest.java                      8159206 generic-all
+
+tools/jlink/plugins/ExcludeVMPluginTest.java                    8159206 generic-all
+
+tools/jlink/plugins/OrderResourcesPluginTest.java               8159206 generic-all
+
+tools/jlink/plugins/ResourceFilterTest.java                     8159206 generic-all
+
+tools/jlink/plugins/StringSharingPluginTest.java                8159206 generic-all
+
+tools/jmod/JmodTest.java                                        8159206 generic-all
+
 ############################################################################
--- a/jdk/test/com/sun/crypto/provider/Cipher/TestCipher.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/test/com/sun/crypto/provider/Cipher/TestCipher.java	Wed Jul 05 21:49:47 2017 +0200
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -150,11 +150,6 @@
         }
 
         // Encryption
-        int PAD_LEN = 0;
-        if (pad.equalsIgnoreCase("PKCS5Padding")) {
-            // Need to consider pad bytes
-            PAD_LEN = 8;
-        }
 
         byte[] plainText = INPUT_TEXT.clone();
 
@@ -162,12 +157,13 @@
         byte[] cipherText = ci.doFinal(INPUT_TEXT, ENC_OFFSET, TEXT_LEN);
 
         // Generate cipher and save to same buffer
-        int offset = ci.update(
+        int enc_bytes = ci.update(
                 INPUT_TEXT, ENC_OFFSET, TEXT_LEN, INPUT_TEXT, STORAGE_OFFSET);
-        ci.doFinal(INPUT_TEXT, offset + STORAGE_OFFSET);
+        enc_bytes += ci.doFinal(INPUT_TEXT, enc_bytes + STORAGE_OFFSET);
 
         if (!equalsBlock(
-                INPUT_TEXT, STORAGE_OFFSET, cipherText, 0, cipherText.length)) {
+                INPUT_TEXT, STORAGE_OFFSET, enc_bytes,
+                cipherText, 0, cipherText.length)) {
             throw new RuntimeException(
                     "Different ciphers generated with same buffer");
         }
@@ -183,8 +179,8 @@
         byte[] recoveredText = ci.doFinal(cipherText, 0, cipherText.length);
 
         if (!equalsBlock(
-                plainText, ENC_OFFSET, recoveredText, 0,
-                recoveredText.length)) {
+                plainText, ENC_OFFSET, TEXT_LEN,
+                recoveredText, 0, recoveredText.length)) {
             throw new RuntimeException(
                     "Recovered text not same as plain text");
         } else {
@@ -192,13 +188,13 @@
         }
 
         // Recover text from cipher and save to same buffer
-        ci.update(INPUT_TEXT, STORAGE_OFFSET, TEXT_LEN + PAD_LEN, INPUT_TEXT,
-                ENC_OFFSET);
-        ci.doFinal(INPUT_TEXT, ENC_OFFSET);
+        int dec_bytes = ci.update(
+                INPUT_TEXT, STORAGE_OFFSET, enc_bytes, INPUT_TEXT, ENC_OFFSET);
+        dec_bytes += ci.doFinal(INPUT_TEXT, dec_bytes + ENC_OFFSET);
 
         if (!equalsBlock(
-                plainText, ENC_OFFSET, recoveredText, 0,
-                recoveredText.length)) {
+                plainText, ENC_OFFSET, TEXT_LEN,
+                INPUT_TEXT, ENC_OFFSET, dec_bytes)) {
             throw new RuntimeException(
                     "Recovered text not same as plain text with same buffer");
         } else {
@@ -208,9 +204,12 @@
         out.println("Test Passed.");
     }
 
-    private static boolean equalsBlock(byte[] b1, int off1, byte[] b2, int off2,
-            int len) {
-        for (int i = off1, j = off2, k = 0; k < len; i++, j++, k++) {
+    private static boolean equalsBlock(byte[] b1, int off1, int len1,
+            byte[] b2, int off2, int len2) {
+        if (len1 != len2) {
+            return false;
+        }
+        for (int i = off1, j = off2, k = 0; k < len1; i++, j++, k++) {
             if (b1[i] != b2[j]) {
                 return false;
             }
--- a/jdk/test/java/lang/String/concat/WithSecurityManager.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/test/java/lang/String/concat/WithSecurityManager.java	Wed Jul 05 21:49:47 2017 +0200
@@ -26,7 +26,7 @@
 /**
  * @test
  * @summary String concatenation fails with a custom SecurityManager that uses concatenation
- * @bug 8155090
+ * @bug 8155090 8158851
  *
  * @compile WithSecurityManager.java
  *
@@ -37,17 +37,43 @@
  * @run main/othervm -Xverify:all -Djava.lang.invoke.stringConcat=BC_SB_SIZED_EXACT      WithSecurityManager
  * @run main/othervm -Xverify:all -Djava.lang.invoke.stringConcat=MH_SB_SIZED_EXACT      WithSecurityManager
  * @run main/othervm -Xverify:all -Djava.lang.invoke.stringConcat=MH_INLINE_SIZED_EXACT  WithSecurityManager
+ *
+ * @run main/othervm -Xverify:all -limitmods java.base WithSecurityManager
+ * @run main/othervm -Xverify:all -limitmods java.base -Djava.lang.invoke.stringConcat=BC_SB                  WithSecurityManager
+ * @run main/othervm -Xverify:all -limitmods java.base -Djava.lang.invoke.stringConcat=BC_SB_SIZED            WithSecurityManager
+ * @run main/othervm -Xverify:all -limitmods java.base -Djava.lang.invoke.stringConcat=MH_SB_SIZED            WithSecurityManager
+ * @run main/othervm -Xverify:all -limitmods java.base -Djava.lang.invoke.stringConcat=BC_SB_SIZED_EXACT      WithSecurityManager
+ * @run main/othervm -Xverify:all -limitmods java.base -Djava.lang.invoke.stringConcat=MH_SB_SIZED_EXACT      WithSecurityManager
+ * @run main/othervm -Xverify:all -limitmods java.base -Djava.lang.invoke.stringConcat=MH_INLINE_SIZED_EXACT  WithSecurityManager
 */
 public class WithSecurityManager {
     public static void main(String[] args) throws Throwable {
-        SecurityManager sm = new SecurityManager() {
-            @Override
-            public void checkPermission(Permission perm) {
-                String abc = "abc";
-                String full = abc + "def";
-            }
-        };
-        System.setSecurityManager(sm);
-        ClassLoader cl = new ClassLoader() {};
+        // First time should succeed to bootstrap everything
+        {
+            SecurityManager sm = new SecurityManager() {
+                @Override
+                public void checkPermission(Permission perm) {
+                    String abc = "abc";
+                    String full = abc + "def";
+                }
+            };
+            System.setSecurityManager(sm);
+            ClassLoader cl = new ClassLoader() {
+            };
+        }
+
+        // Second time should succeed to run after bootstrapping
+        {
+            SecurityManager sm = new SecurityManager() {
+                @Override
+                public void checkPermission(Permission perm) {
+                    String abc = "abc";
+                    String full = abc + "def";
+                }
+            };
+            System.setSecurityManager(sm);
+            ClassLoader cl = new ClassLoader() {
+            };
+        }
     }
 }
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/java/lang/annotation/AnnotationWithLambda.java	Wed Jul 05 21:49:47 2017 +0200
@@ -0,0 +1,77 @@
+/*
+ * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 8147585
+ * @summary Check Annotation with Lambda, with or without parameter
+ * @run testng AnnotationWithLambda
+ */
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+import java.lang.reflect.Method;
+import java.util.function.Consumer;
+
+import org.testng.annotations.*;
+import static org.testng.Assert.*;
+
+public class AnnotationWithLambda {
+
+    @Test
+    void testAnnotationWithLambda() {
+        Method[] methods = AnnotationWithLambda.MethodsWithAnnotations.class.getDeclaredMethods();
+        for (Method method : methods) {
+            assertTrue((method.isAnnotationPresent(LambdaWithParameter.class)) &&
+                       (method.isAnnotationPresent(LambdaWithoutParameter.class)));
+
+        }
+    }
+
+    static class MethodsWithAnnotations {
+
+        @LambdaWithParameter
+        @LambdaWithoutParameter
+        public void testAnnotationLambda() {
+        }
+    }
+}
+
+@Target(value = ElementType.METHOD)
+@Retention(RetentionPolicy.RUNTIME)
+@interface LambdaWithParameter {
+    Consumer<Integer> f1 = a -> {
+        System.out.println("lambda has parameter");
+    };
+}
+
+@Target(value = ElementType.METHOD)
+@Retention(RetentionPolicy.RUNTIME)
+@interface LambdaWithoutParameter {
+    Runnable r = () -> System.out.println("lambda without parameter");
+}
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/java/lang/annotation/Missing/MissingDefault.java	Wed Jul 05 21:49:47 2017 +0200
@@ -0,0 +1,34 @@
+/*
+ * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.lang.annotation.Retention;
+import static java.lang.annotation.RetentionPolicy.*;
+
+/**
+ * Annotation type with a default value whose class will be missing
+ * when MissingTest is run.
+ */
+@Retention(RUNTIME)
+public @interface MissingDefault {
+    Class<?> value() default Missing.class;
+}
--- a/jdk/test/java/lang/annotation/Missing/MissingTest.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/test/java/lang/annotation/Missing/MissingTest.java	Wed Jul 05 21:49:47 2017 +0200
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,15 +23,16 @@
 
 /*
  * @test
- * @bug 6322301
+ * @bug 6322301 5041778
  * @summary Verify when missing annotation classes cause exceptions
  * @author Joseph D. Darcy
- * @compile MissingTest.java A.java B.java C.java D.java Marker.java Missing.java MissingWrapper.java
+ * @compile MissingTest.java A.java B.java C.java D.java Marker.java Missing.java MissingWrapper.java MissingDefault.java
  * @clean Missing
  * @run main MissingTest
  */
 
 import java.lang.reflect.*;
+import java.lang.annotation.*;
 
 /**
  * This test verifies that a missing annotation class leads to the
@@ -112,7 +113,20 @@
         }
     }
 
-    public static void main(String argv[]) throws Exception {
+    private static void testMethodGetDefaultValue(Class<?> clazz) throws Exception{
+        Method m = clazz.getMethod("value", (Class<?>[])null);
+
+        try {
+            System.out.println(m.getDefaultValue());
+            throw new RuntimeException("Expected exception not thrown");
+        } catch (TypeNotPresentException tnpe) {
+            ; // Expected
+        } catch (AnnotationFormatError afe) {
+            throw new RuntimeException(afe);
+        }
+    }
+
+    public static void main(String... args) throws Exception {
         // Class A has a directly applied annotation whose class is
         // missing.
         testAnnotation(A.class, false);
@@ -131,5 +145,7 @@
         // includes to an annotation class that is missing.
         testParameterAnnotation(D.class.getDeclaredMethod("method1", Object.class),
                                 true);
+        // The MissingDefault annotation type has a default value of the Missing class.
+        testMethodGetDefaultValue(MissingDefault.class);
     }
 }
--- a/jdk/test/java/net/Authenticator/B4769350.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/test/java/net/Authenticator/B4769350.java	Wed Jul 05 21:49:47 2017 +0200
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2002, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2002, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -24,6 +24,7 @@
 /**
  * @test
  * @bug 4769350 8017779
+ * @modules jdk.httpserver
  * @run main/othervm B4769350 server
  * @run main/othervm B4769350 proxy
  * @summary proxy authentication username and password caching only works in serial case
--- a/jdk/test/java/net/Authenticator/Deadlock.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/test/java/net/Authenticator/Deadlock.java	Wed Jul 05 21:49:47 2017 +0200
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2010, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -24,6 +24,7 @@
 /**
  * @test
  * @bug 6648001
+ * @modules jdk.httpserver
  * @run main/othervm/timeout=20 -ea:sun.net.www.protocol.http.AuthenticationInfo -Dhttp.auth.serializeRequests=true Deadlock
  * @summary  cancelling HTTP authentication causes deadlock
  */
--- a/jdk/test/java/net/CookieHandler/EmptyCookieHeader.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/test/java/net/CookieHandler/EmptyCookieHeader.java	Wed Jul 05 21:49:47 2017 +0200
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2013, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -24,6 +24,7 @@
 /*
  * @test
  * @bug 8015799
+ * @modules jdk.httpserver
  * @summary HttpURLConnection.getHeaderFields() throws IllegalArgumentException
  */
 
--- a/jdk/test/java/net/CookieHandler/LocalHostCookie.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/test/java/net/CookieHandler/LocalHostCookie.java	Wed Jul 05 21:49:47 2017 +0200
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2013, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -33,6 +33,7 @@
 /*
  * @test
  * @bug 7169142
+ * @modules jdk.httpserver
  * @summary CookieHandler does not work with localhost
  * @run main/othervm LocalHostCookie
  */
--- a/jdk/test/java/net/HttpCookie/IllegalCookieNameTest.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/test/java/net/HttpCookie/IllegalCookieNameTest.java	Wed Jul 05 21:49:47 2017 +0200
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2012, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,6 +23,7 @@
 
 /* @test
  * @bug 7183292
+ * @modules jdk.httpserver
  */
 import java.net.*;
 import java.util.*;
--- a/jdk/test/java/net/ResponseCache/Test.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/test/java/net/ResponseCache/Test.java	Wed Jul 05 21:49:47 2017 +0200
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2012, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -24,6 +24,7 @@
 /* @test
  * @summary Fixed a potential NullPointerException when setting a ResponseCache that returns a null CacheRequest
  * @bug 4837267
+ * @modules jdk.httpserver
  * @author Michael McMahon
  */
 
--- a/jdk/test/java/net/ResponseCache/Test2.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/test/java/net/ResponseCache/Test2.java	Wed Jul 05 21:49:47 2017 +0200
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2014, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -25,6 +25,7 @@
  * @test
  * @bug 8042622
  * @summary Check for CRL results in IllegalArgumentException "white space not allowed"
+ * @modules jdk.httpserver
  * @run main/othervm Test2
  */
 
--- a/jdk/test/java/net/SetFactoryPermission/SetFactoryPermission.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/test/java/net/SetFactoryPermission/SetFactoryPermission.java	Wed Jul 05 21:49:47 2017 +0200
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2014, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -26,6 +26,7 @@
  * @test
  * @bug 8048052
  * @summary Test a series of methods which requires "setFactory" runtime permission
+ * @modules java.rmi
  * @run main SetFactoryPermission success
  * @run main/othervm/policy=policy.fail SetFactoryPermission fail
  * @run main/othervm/policy=policy.success SetFactoryPermission success
--- a/jdk/test/java/net/Socks/SocksIPv6Test.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/test/java/net/Socks/SocksIPv6Test.java	Wed Jul 05 21:49:47 2017 +0200
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2013, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2013, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,6 +23,7 @@
 
 /* @test
  * @bug 7100957
+ * @modules jdk.httpserver
  * @summary Java doesn't correctly handle the SOCKS protocol when used over IPv6.
  * @run testng SocksIPv6Test
  */
--- a/jdk/test/java/net/URLClassLoader/ClassLoad.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/test/java/net/URLClassLoader/ClassLoad.java	Wed Jul 05 21:49:47 2017 +0200
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -24,6 +24,7 @@
 /**
  * @test
  * @bug 4151665
+ * @modules jdk.httpserver
  * @summary Test for FileNotFoundException when loading bogus class
  */
 
--- a/jdk/test/java/net/URLClassLoader/closetest/CloseTest.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/test/java/net/URLClassLoader/closetest/CloseTest.java	Wed Jul 05 21:49:47 2017 +0200
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2009, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -24,6 +24,7 @@
 /**
  * @test
  * @bug 4167874
+ * @modules jdk.httpserver
  * @library ../../../../com/sun/net/httpserver
  * @library /lib/testlibrary
  * @build FileServerHandler jdk.testlibrary.FileUtils
--- a/jdk/test/java/net/URLPermission/URLTest.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/test/java/net/URLPermission/URLTest.java	Wed Jul 05 21:49:47 2017 +0200
@@ -27,6 +27,7 @@
  *
  * @test
  * @bug 8010464
+ * @modules jdk.httpserver
  * @key intermittent
  * @library /lib/testlibrary/
  * @build jdk.testlibrary.SimpleSSLContext
--- a/jdk/test/java/net/httpclient/APIErrors.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/test/java/net/httpclient/APIErrors.java	Wed Jul 05 21:49:47 2017 +0200
@@ -24,6 +24,8 @@
 /**
  * @test
  * @bug 8087112
+ * @modules java.httpclient
+ *          jdk.httpserver
  * @library /lib/testlibrary/
  * @build jdk.testlibrary.SimpleSSLContext ProxyServer
  * @build TestKit
--- a/jdk/test/java/net/httpclient/BasicAuthTest.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/test/java/net/httpclient/BasicAuthTest.java	Wed Jul 05 21:49:47 2017 +0200
@@ -25,6 +25,8 @@
 /**
  * @test
  * @bug 8087112
+ * @modules java.httpclient
+ *          jdk.httpserver
  * @run main/othervm BasicAuthTest
  * @summary Basic Authentication Test
  */
--- a/jdk/test/java/net/httpclient/BasicWebSocketAPITest.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/test/java/net/httpclient/BasicWebSocketAPITest.java	Wed Jul 05 21:49:47 2017 +0200
@@ -30,6 +30,7 @@
 import java.net.http.WebSocket;
 import java.net.http.WebSocket.CloseCode;
 import java.nio.ByteBuffer;
+import java.nio.CharBuffer;
 import java.nio.channels.SocketChannel;
 import java.util.concurrent.CompletableFuture;
 import java.util.concurrent.TimeUnit;
@@ -92,12 +93,24 @@
         );
         checkAndClose(
                 (ws) ->
+                        TestKit.assertThrows(IllegalArgumentException.class,
+                                ".*message.*",
+                                () -> ws.sendPing(ByteBuffer.allocate(126)))
+        );
+        checkAndClose(
+                (ws) ->
                         TestKit.assertThrows(NullPointerException.class,
                                 "message",
                                 () -> ws.sendPing(null))
         );
         checkAndClose(
                 (ws) ->
+                        TestKit.assertThrows(IllegalArgumentException.class,
+                                ".*message.*",
+                                () -> ws.sendPong(ByteBuffer.allocate(126)))
+        );
+        checkAndClose(
+                (ws) ->
                         TestKit.assertThrows(NullPointerException.class,
                                 "message",
                                 () -> ws.sendPong(null))
@@ -106,7 +119,7 @@
                 (ws) ->
                         TestKit.assertThrows(NullPointerException.class,
                                 "message",
-                                () -> ws.sendText((CharSequence) null, true))
+                                () -> ws.sendText(null, true))
         );
         checkAndClose(
                 (ws) ->
@@ -122,6 +135,12 @@
         );
         checkAndClose(
                 (ws) ->
+                        TestKit.assertThrows(IllegalArgumentException.class,
+                                "(?i).*reason.*",
+                                () -> ws.sendClose(CloseCode.NORMAL_CLOSURE, CharBuffer.allocate(124)))
+        );
+        checkAndClose(
+                (ws) ->
                         TestKit.assertThrows(NullPointerException.class,
                                 "code",
                                 () -> ws.sendClose(null, ""))
--- a/jdk/test/java/net/httpclient/ImmutableHeaders.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/test/java/net/httpclient/ImmutableHeaders.java	Wed Jul 05 21:49:47 2017 +0200
@@ -25,6 +25,8 @@
 /**
  * @test
  * @bug 8087112
+ * @modules java.httpclient
+ *          jdk.httpserver
  * @run main/othervm ImmutableHeaders
  * @summary ImmutableHeaders
  */
--- a/jdk/test/java/net/httpclient/ManyRequests.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/test/java/net/httpclient/ManyRequests.java	Wed Jul 05 21:49:47 2017 +0200
@@ -24,6 +24,8 @@
 /**
  * @test
  * @bug 8087112
+ * @modules java.httpclient
+ *          jdk.httpserver
  * @library /lib/testlibrary/ /
  * @build jdk.testlibrary.SimpleSSLContext EchoHandler
  * @compile ../../../com/sun/net/httpserver/LogFilter.java
--- a/jdk/test/java/net/httpclient/RequestBodyTest.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/test/java/net/httpclient/RequestBodyTest.java	Wed Jul 05 21:49:47 2017 +0200
@@ -23,6 +23,8 @@
 
 /**
  * @test @bug 8087112
+ * @modules java.httpclient
+ *          jdk.httpserver
  * @library /lib/testlibrary/ /
  * @compile ../../../com/sun/net/httpserver/LogFilter.java
  * @compile ../../../com/sun/net/httpserver/FileServerHandler.java
--- a/jdk/test/java/net/httpclient/SmokeTest.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/test/java/net/httpclient/SmokeTest.java	Wed Jul 05 21:49:47 2017 +0200
@@ -24,6 +24,8 @@
 /**
  * @test
  * @bug 8087112
+ * @modules java.httpclient
+ *          jdk.httpserver
  * @library /lib/testlibrary/ /
  * @build jdk.testlibrary.SimpleSSLContext ProxyServer EchoHandler
  * @compile ../../../com/sun/net/httpserver/LogFilter.java
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/java/net/httpclient/TEST.properties	Wed Jul 05 21:49:47 2017 +0200
@@ -0,0 +1,1 @@
+modules = java.httpclient
--- a/jdk/test/java/net/httpclient/http2/java.httpclient/sun/net/httpclient/hpack/HeaderTableTest.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/test/java/net/httpclient/http2/java.httpclient/sun/net/httpclient/hpack/HeaderTableTest.java	Wed Jul 05 21:49:47 2017 +0200
@@ -28,6 +28,7 @@
 import java.nio.charset.StandardCharsets;
 import java.util.Collections;
 import java.util.HashMap;
+import java.util.Locale;
 import java.util.Map;
 import java.util.Random;
 import java.util.regex.Matcher;
@@ -35,7 +36,10 @@
 
 import static java.lang.String.format;
 import static org.testng.Assert.assertEquals;
-import static sun.net.httpclient.hpack.TestHelper.*;
+import static sun.net.httpclient.hpack.TestHelper.assertExceptionMessageContains;
+import static sun.net.httpclient.hpack.TestHelper.assertThrows;
+import static sun.net.httpclient.hpack.TestHelper.assertVoidThrows;
+import static sun.net.httpclient.hpack.TestHelper.newRandom;
 
 public class HeaderTableTest {
 
@@ -317,10 +321,24 @@
 
     @Test
     public void testToString() {
+        testToString0();
+    }
+
+    @Test
+    public void testToStringDifferentLocale() {
+        Locale.setDefault(Locale.FRENCH);
+        String s = format("%.1f", 3.1);
+        assertEquals("3,1", s); // assumption of the test, otherwise the test is useless
+        testToString0();
+    }
+
+    private void testToString0() {
         HeaderTable table = new HeaderTable(0);
         {
             table.setMaxSize(2048);
-            assertEquals("entries: 0; used 0/2048 (0.0%)", table.toString());
+            String expected =
+                    format("entries: %d; used %s/%s (%.1f%%)", 0, 0, 2048, 0.0);
+            assertEquals(expected, table.toString());
         }
 
         {
@@ -335,7 +353,8 @@
             int used = name.length() + value.length() + 32;
             double ratio = used * 100.0 / size;
 
-            String expected = format("entries: 1; used %s/%s (%.1f%%)", used, size, ratio);
+            String expected =
+                    format("entries: 1; used %s/%s (%.1f%%)", used, size, ratio);
             assertEquals(expected, s);
         }
 
@@ -344,7 +363,9 @@
             table.put(":method", "");
             table.put(":status", "");
             String s = table.toString();
-            assertEquals("entries: 2; used 78/78 (100.0%)", s);
+            String expected =
+                    format("entries: %d; used %s/%s (%.1f%%)", 2, 78, 78, 100.0);
+            assertEquals(expected, s);
         }
     }
 
--- a/jdk/test/java/net/httpclient/security/Security.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/test/java/net/httpclient/security/Security.java	Wed Jul 05 21:49:47 2017 +0200
@@ -25,6 +25,8 @@
 /**
  * @test
  * @bug 8087112
+ * @modules java.httpclient
+ *          jdk.httpserver
  * @library /lib/testlibrary/
  * @build jdk.testlibrary.SimpleSSLContext
  * @compile ../../../../com/sun/net/httpserver/LogFilter.java
--- a/jdk/test/java/net/spi/URLStreamHandlerProvider/Basic.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/test/java/net/spi/URLStreamHandlerProvider/Basic.java	Wed Jul 05 21:49:47 2017 +0200
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -45,6 +45,7 @@
 /*
  * @test
  * @bug 8064924
+ * @modules java.compiler
  * @summary Basic test for URLStreamHandlerProvider
  * @library /lib/testlibrary
  * @build jdk.testlibrary.FileUtils jdk.testlibrary.JDKToolFinder
--- a/jdk/test/java/security/SecureRandom/ApiTest.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/test/java/security/SecureRandom/ApiTest.java	Wed Jul 05 21:49:47 2017 +0200
@@ -105,7 +105,7 @@
 
     private static void runForEachAlg(String mech, String alg)
             throws Exception {
-        for (int strength : new int[]{Integer.MIN_VALUE, -1, 0, 1, 223, 224,
+        for (int strength : new int[]{-1, 0, 1, 223, 224,
             192, 255, 256}) {
             for (Capability cp : Capability.values()) {
                 for (byte[] pr : new byte[][]{null, new byte[]{},
--- a/jdk/test/java/security/SecureRandom/DrbgParametersSpec.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/test/java/security/SecureRandom/DrbgParametersSpec.java	Wed Jul 05 21:49:47 2017 +0200
@@ -22,7 +22,7 @@
  */
 
 /* @test
- * @bug 8051408
+ * @bug 8051408 8158534
  * @summary Make sure DrbgParameters coded as specified
  * @library /test/lib/share/classes
  */
@@ -68,6 +68,9 @@
         ins = DrbgParameters.instantiation(-1, NONE, null);
         Asserts.assertNull(ins.getPersonalizationString());
 
+        iae(() -> DrbgParameters.instantiation(-2, NONE, null));
+        npe(() -> DrbgParameters.instantiation(-1, null, null));
+
         // NextBytes
         p = "NextBytes".getBytes();
         DrbgParameters.NextBytes nb = DrbgParameters
@@ -85,6 +88,8 @@
         np2 = nb.getAdditionalInput();
         Asserts.assertTrue(Arrays.equals(np1, np2));
 
+        iae(() -> DrbgParameters.nextBytes(-2, false, null));
+
         // Reseed
         p = "Reseed".getBytes();
         DrbgParameters.Reseed rs = DrbgParameters
@@ -101,4 +106,29 @@
         np2 = rs.getAdditionalInput();
         Asserts.assertTrue(Arrays.equals(np1, np2));
     }
+
+    static void iae(RunnableWithException r) throws Exception {
+        checkException(r, IllegalArgumentException.class);
+    }
+
+    static void npe(RunnableWithException r) throws Exception {
+        checkException(r, NullPointerException.class);
+    }
+
+    interface RunnableWithException {
+        void run() throws Exception;
+    }
+
+    static void checkException(RunnableWithException r, Class ex)
+            throws Exception {
+        try {
+            r.run();
+        } catch (Exception e) {
+            if (ex.isAssignableFrom(e.getClass())) {
+                return;
+            }
+            throw e;
+        }
+        throw new Exception("No exception thrown");
+    }
 }
--- a/jdk/test/java/security/Security/ClassLoaderDeadlock/CreateSerialized.java	Thu Jun 09 17:28:37 2016 +0000
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,35 +0,0 @@
-/*
- * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-import java.io.*;
-import sun.misc.*;
-
-public class CreateSerialized {
-    public static void main(String[] args) throws Exception {
-        Object o = new com.sun.crypto.provider.SunJCE();
-
-        FileOutputStream fos = new FileOutputStream("object.tmp");
-        ObjectOutputStream objectOutputStream = new ObjectOutputStream(fos);
-        objectOutputStream.writeObject(o);
-        fos.close();
-    }
-}
--- a/jdk/test/java/security/Security/ClassLoaderDeadlock/Deadlock2.java	Thu Jun 09 17:28:37 2016 +0000
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,70 +0,0 @@
-/*
- * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-import java.io.*;
-import javax.xml.parsers.DocumentBuilderFactory;
-import java.security.*;
-
-public class Deadlock2 {
-    public static void main(String[] args) throws Exception {
-        File file = new File("object.tmp");
-        final byte[] bytes = new byte[(int) file.length()];
-        FileInputStream fileInputStream = new FileInputStream(file);
-        int read = fileInputStream.read(bytes);
-        if (read != file.length()) {
-            throw new Exception("Didn't read all");
-        }
-        Thread.sleep(1000);
-
-        Runnable xmlRunnable = new Runnable() {
-                public void run() {
-                    try {
-                        DocumentBuilderFactory.newInstance();
-                    } catch (Exception e) {
-                        e.printStackTrace();
-                    }
-                }
-            };
-
-        Runnable readObjectRunnable = new Runnable() {
-                public void run() {
-                    try {
-                        ObjectInputStream objectInputStream =
-                            new ObjectInputStream(new ByteArrayInputStream(bytes));
-                        Object o = objectInputStream.readObject();
-                        System.out.println(o.getClass());
-                    } catch (Exception e) {
-                        e.printStackTrace();
-                    }
-                }
-            };
-
-        Thread thread1 = new Thread(readObjectRunnable, "Read Object");
-        Thread thread2 = new Thread(xmlRunnable, "XML");
-
-        thread1.start();
-        thread2.start();
-
-        thread1.join();
-        thread2.join();
-    }
-}
--- a/jdk/test/java/security/Security/ClassLoaderDeadlock/Deadlock2.sh	Thu Jun 09 17:28:37 2016 +0000
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,115 +0,0 @@
-#!/bin/sh
-
-#
-# Copyright (c) 2009, 2012, Oracle and/or its affiliates. All rights reserved.
-# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
-#
-# This code is free software; you can redistribute it and/or modify it
-# under the terms of the GNU General Public License version 2 only, as
-# published by the Free Software Foundation.
-#
-# This code is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
-# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
-# version 2 for more details (a copy is included in the LICENSE file that
-# accompanied this code).
-#
-# You should have received a copy of the GNU General Public License version
-# 2 along with this work; if not, write to the Free Software Foundation,
-# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
-#
-# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
-# or visit www.oracle.com if you need additional information or have any
-# questions.
-#
-
-
-# @test
-# @bug 6440846
-# @summary make sure we do not deadlock between ExtClassLoader and AppClassLoader
-# @author Valerie Peng
-# @run shell/timeout=20 Deadlock2.sh
-
-# set a few environment variables so that the shell-script can run stand-alone
-# in the source directory
-
-if [ "${TESTSRC}" = "" ] ; then
-   TESTSRC="."
-fi
-
-if [ "${TESTCLASSES}" = "" ] ; then
-   TESTCLASSES="."
-fi
-
-if [ "${TESTJAVA}" = "" ] ; then
-   echo "TESTJAVA not set.  Test cannot execute."
-   echo "FAILED!!!"
-   exit 1
-fi
-
-if [ "${COMPILEJAVA}" = "" ]; then
-   COMPILEJAVA="${TESTJAVA}"
-fi
-
-# set platform-dependent variables
-OS=`uname -s`
-case "$OS" in
-  SunOS )
-    PATHSEP=":"
-    FILESEP="/"
-    ;;
-  Linux )
-    PATHSEP=":"
-    FILESEP="/"
-    ;;
-  CYGWIN* )
-    PATHSEP=";"
-    FILESEP="/"
-    ;;
-  Darwin )
-    PATHSEP=":"
-    FILESEP="/"
-    ;;
-  AIX )
-    PATHSEP=":"
-    FILESEP="/"
-    ;;
-  Windows* )
-    PATHSEP=";"
-    FILESEP="\\"
-    ;;
-  * )
-    echo "Unrecognized system!"
-    exit 1;
-    ;;
-esac
-
-# remove old class files
-cd ${TESTCLASSES}
-if [ -d testlib ] ; then
-    rm -rf testlib
-fi
-mkdir testlib
-
-# compile and package the test program
-${COMPILEJAVA}${FILESEP}bin${FILESEP}javac ${TESTJAVACOPTS} ${TESTTOOLVMOPTS} \
-    -d ${TESTCLASSES} \
-    ${TESTSRC}${FILESEP}CreateSerialized.java \
-    ${TESTSRC}${FILESEP}Deadlock2.java
-
-${COMPILEJAVA}${FILESEP}bin${FILESEP}jar ${TESTTOOLVMOPTS} \
-    -cvf testlib${FILESEP}Deadlock2.jar \
-    Deadlock2*.class
-
-rm Deadlock2*.class
-
-# create serialized object and run the test
-${TESTJAVA}${FILESEP}bin${FILESEP}java ${TESTVMOPTS} CreateSerialized
-${TESTJAVA}${FILESEP}bin${FILESEP}java ${TESTVMOPTS} \
-    -Djava.ext.dirs=${TESTCLASSES}${FILESEP}testlib${PATHSEP}${TESTJAVA}${FILESEP}lib${FILESEP}ext Deadlock2
-STATUS=$?
-
-# clean up
-rm object.tmp CreateSerialized.class
-rm -rf testlib
-exit ${STATUS}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/java/util/Locale/Bug8040211.java	Wed Jul 05 21:49:47 2017 +0200
@@ -0,0 +1,353 @@
+/*
+ * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 8040211
+ * @summary Checks the IANA language subtag registry data updation
+ *          (LSR Revision: 2016-02-10) with Locale and Locale.LanguageRange
+ *          class methods.
+ * @run main Bug8040211
+ */
+
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.Locale;
+import java.util.List;
+import java.util.Locale.LanguageRange;
+import java.util.Locale.FilteringMode;
+import static java.util.Locale.FilteringMode.EXTENDED_FILTERING;
+
+public class Bug8040211 {
+
+    static boolean err = false;
+
+    public static void main(String[] args) {
+        testLanguageRange();
+        testLocale();
+
+        if (err) {
+            throw new RuntimeException("Failed.");
+        }
+    }
+
+    private static void testLanguageRange() {
+        System.out.println("Test LanguageRange class parse method...");
+        test_parse();
+    }
+
+    private static void testLocale() {
+        System.out.println("Test Locale class methods...");
+        test_filter();
+        test_filterTags();
+        test_lookup();
+        test_lookupTag();
+    }
+
+    private static void test_parse() {
+        boolean error = false;
+        String str = "Accept-Language: aam, adp, aue, ema, en-gb-oed,"
+                + " gti, koj, kwq, kxe, lii, lmm, mtm, ngv, oyb, phr, pub,"
+                + " suj, taj;q=0.9, yug;q=0.5, gfx;q=0.4";
+        ArrayList<LanguageRange> expected = new ArrayList<>();
+        expected.add(new LanguageRange("aam", 1.0));
+        expected.add(new LanguageRange("aas", 1.0));
+        expected.add(new LanguageRange("adp", 1.0));
+        expected.add(new LanguageRange("dz", 1.0));
+        expected.add(new LanguageRange("aue", 1.0));
+        expected.add(new LanguageRange("ktz", 1.0));
+        expected.add(new LanguageRange("ema", 1.0));
+        expected.add(new LanguageRange("uok", 1.0));
+        expected.add(new LanguageRange("en-gb-oed", 1.0));
+        expected.add(new LanguageRange("en-gb-oxendict", 1.0));
+        expected.add(new LanguageRange("gti", 1.0));
+        expected.add(new LanguageRange("nyc", 1.0));
+        expected.add(new LanguageRange("koj", 1.0));
+        expected.add(new LanguageRange("kwv", 1.0));
+        expected.add(new LanguageRange("kwq", 1.0));
+        expected.add(new LanguageRange("yam", 1.0));
+        expected.add(new LanguageRange("kxe", 1.0));
+        expected.add(new LanguageRange("tvd", 1.0));
+        expected.add(new LanguageRange("lii", 1.0));
+        expected.add(new LanguageRange("raq", 1.0));
+        expected.add(new LanguageRange("lmm", 1.0));
+        expected.add(new LanguageRange("rmx", 1.0));
+        expected.add(new LanguageRange("mtm", 1.0));
+        expected.add(new LanguageRange("ymt", 1.0));
+        expected.add(new LanguageRange("ngv", 1.0));
+        expected.add(new LanguageRange("nnx", 1.0));
+        expected.add(new LanguageRange("oyb", 1.0));
+        expected.add(new LanguageRange("thx", 1.0));
+        expected.add(new LanguageRange("phr", 1.0));
+        expected.add(new LanguageRange("pmu", 1.0));
+        expected.add(new LanguageRange("pub", 1.0));
+        expected.add(new LanguageRange("puz", 1.0));
+        expected.add(new LanguageRange("suj", 1.0));
+        expected.add(new LanguageRange("xsj", 1.0));
+        expected.add(new LanguageRange("taj", 0.9));
+        expected.add(new LanguageRange("tsf", 0.9));
+        expected.add(new LanguageRange("yug", 0.5));
+        expected.add(new LanguageRange("yuu", 0.5));
+        expected.add(new LanguageRange("gfx", 0.4));
+        expected.add(new LanguageRange("oun", 0.4));
+        expected.add(new LanguageRange("mwj", 0.4));
+        expected.add(new LanguageRange("vaj", 0.4));
+        List<LanguageRange> got = LanguageRange.parse(str);
+        if (!areEqual(expected, got)) {
+            error = true;
+            System.err.println("    language parse() test failed.");
+        }
+
+        if (error) {
+            err = true;
+            System.err.println("  test_parse() failed.");
+        } else {
+            System.out.println("  test_parse() passed.");
+        }
+
+    }
+
+    private static boolean areEqual(List<LanguageRange> expected,
+            List<LanguageRange> got) {
+        boolean error = false;
+
+        int expectedSize = expected.size();
+        int actualSize = got.size();
+
+        if (expectedSize != actualSize) {
+            error = true;
+
+            System.err.println("  Expected size=" + expectedSize);
+            for (LanguageRange lr : expected) {
+                System.err.println("    range=" + lr.getRange()
+                        + ", weight=" + lr.getWeight());
+            }
+
+            System.out.println("  Actual size=" + actualSize);
+            for (LanguageRange lr : got) {
+                System.err.println("    range=" + lr.getRange()
+                        + ", weight=" + lr.getWeight());
+            }
+        } else {
+            for (int i = 0; i < expectedSize; i++) {
+                LanguageRange lr1 = expected.get(i);
+                LanguageRange lr2 = got.get(i);
+
+                if (!lr1.getRange().equals(lr2.getRange())
+                        || lr1.getWeight() != lr2.getWeight()) {
+                    error = true;
+                    System.err.println("  " + i + ": Expected: range=" + lr1.getRange()
+                            + ", weight=" + lr1.getWeight());
+                    System.err.println("  " + i + ": Actual:   range=" + lr2.getRange()
+                            + ", weight=" + lr2.getWeight());
+                }
+            }
+        }
+
+        return !error;
+    }
+
+    private static void test_filter() {
+        boolean error = false;
+
+        String ranges = "mtm-RU, en-gb-oed";
+        String tags = "de-DE, en, mtm-RU, ymt-RU, en-gb-oxendict, ja-JP";
+        FilteringMode mode = EXTENDED_FILTERING;
+
+        List<LanguageRange> priorityList = LanguageRange.parse(ranges);
+        List<Locale> tagList = generateLocales(tags);
+        String actualLocales
+                = showLocales(Locale.filter(priorityList, tagList, mode));
+        String expectedLocales = "mtm-RU, ymt-RU, en-GB-oxendict";
+
+        if (!expectedLocales.equals(actualLocales)) {
+            error = true;
+            showErrorMessage("#1 filter(" + mode + ")",
+                    ranges, tags, expectedLocales, actualLocales);
+        }
+
+        ranges = "phr-*-IN, ja-JP";
+        tags = "en, pmu-Guru-IN, ja-Latn-JP, iw";
+        mode = EXTENDED_FILTERING;
+
+        priorityList = LanguageRange.parse(ranges);
+        tagList = generateLocales(tags);
+        actualLocales = showLocales(Locale.filter(priorityList, tagList, mode));
+        expectedLocales = "pmu-Guru-IN, ja-Latn-JP";
+
+        if (!expectedLocales.equals(actualLocales)) {
+            error = true;
+            showErrorMessage("#2 filter(" + mode + ")",
+                    ranges, tags, expectedLocales, actualLocales);
+        }
+
+        if (error) {
+            err = true;
+            System.out.println("  test_filter() failed.");
+        } else {
+            System.out.println("  test_filter() passed.");
+        }
+    }
+
+    private static void test_filterTags() {
+        boolean error = false;
+
+        String ranges = "gti;q=0.2, gfx";
+        String tags = "de-DE, gti, he, nyc, mwj, vaj";
+
+        List<LanguageRange> priorityList = LanguageRange.parse(ranges);
+        List<String> tagList = generateLanguageTags(tags);
+        String actualTags
+                = showLanguageTags(Locale.filterTags(priorityList, tagList));
+        String expectedTags = "mwj, vaj, gti, nyc";
+
+        if (!expectedTags.equals(actualTags)) {
+            error = true;
+            showErrorMessage("filterTags()",
+                    ranges, tags, expectedTags, actualTags);
+        }
+
+        if (error) {
+            err = true;
+            System.out.println("  test_filterTags() failed.");
+        } else {
+            System.out.println("  test_filterTags() passed.");
+        }
+    }
+
+    private static void test_lookup() {
+        boolean error = false;
+
+        String ranges = "en;q=0.2, yam, rmx;q=0.9";
+        String tags = "de-DE, en, kwq, lmm";
+        List<LanguageRange> priorityList = LanguageRange.parse(ranges);
+        List<Locale> localeList = generateLocales(tags);
+        String actualLocale
+                = Locale.lookup(priorityList, localeList).toLanguageTag();
+        String expectedLocale = "kwq";
+
+        if (!expectedLocale.equals(actualLocale)) {
+            error = true;
+            showErrorMessage("lookup()", ranges, tags, expectedLocale, actualLocale);
+        }
+
+        if (error) {
+            err = true;
+            System.out.println("  test_lookup() failed.");
+        } else {
+            System.out.println("  test_lookup() passed.");
+        }
+    }
+
+    private static void test_lookupTag() {
+        boolean error = false;
+
+        String ranges = "en, tsf;q=0.2";
+        String tags = "es, ja-JP, taj";
+        List<LanguageRange> priorityList = LanguageRange.parse(ranges);
+        List<String> tagList = generateLanguageTags(tags);
+        String actualTag = Locale.lookupTag(priorityList, tagList);
+        String expectedTag = "taj";
+
+        if (!expectedTag.equals(actualTag)) {
+            error = true;
+            showErrorMessage("lookupTag()", ranges, tags, expectedTag, actualTag);
+        }
+
+        if (error) {
+            err = true;
+            System.out.println("  test_lookupTag() failed.");
+        } else {
+            System.out.println("  test_lookupTag() passed.");
+        }
+    }
+
+    private static List<Locale> generateLocales(String tags) {
+        if (tags == null) {
+            return null;
+        }
+
+        List<Locale> localeList = new ArrayList<>();
+        if (tags.equals("")) {
+            return localeList;
+        }
+        String[] t = tags.split(", ");
+        for (String tag : t) {
+            localeList.add(Locale.forLanguageTag(tag));
+        }
+        return localeList;
+    }
+
+    private static List<String> generateLanguageTags(String tags) {
+        List<String> tagList = new ArrayList<>();
+        String[] t = tags.split(", ");
+        for (String tag : t) {
+            tagList.add(tag);
+        }
+        return tagList;
+    }
+
+    private static String showLanguageTags(List<String> tags) {
+        StringBuilder sb = new StringBuilder();
+
+        Iterator<String> itr = tags.iterator();
+        if (itr.hasNext()) {
+            sb.append(itr.next());
+        }
+        while (itr.hasNext()) {
+            sb.append(", ");
+            sb.append(itr.next());
+        }
+
+        return sb.toString().trim();
+    }
+
+    private static String showLocales(List<Locale> locales) {
+        StringBuilder sb = new StringBuilder();
+
+        java.util.Iterator<Locale> itr = locales.iterator();
+        if (itr.hasNext()) {
+            sb.append(itr.next().toLanguageTag());
+        }
+        while (itr.hasNext()) {
+            sb.append(", ");
+            sb.append(itr.next().toLanguageTag());
+        }
+
+        return sb.toString().trim();
+    }
+
+    private static void showErrorMessage(String methodName,
+            String priorityList,
+            String tags,
+            String expectedTags,
+            String actualTags) {
+        System.out.println("\nIncorrect " + methodName + " result.");
+        System.out.println("  Priority list  :  " + priorityList);
+        System.out.println("  Language tags  :  " + tags);
+        System.out.println("  Expected value : " + expectedTags);
+        System.out.println("  Actual value   : " + actualTags);
+    }
+
+}
+
--- a/jdk/test/java/util/Locale/tools/EquivMapsGenerator.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/test/java/util/Locale/tools/EquivMapsGenerator.java	Wed Jul 05 21:49:47 2017 +0200
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2012, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,7 +21,6 @@
  * questions.
  */
 
-import java.io.*;
 import java.nio.charset.*;
 import java.nio.file.*;
 import java.util.*;
@@ -156,13 +155,10 @@
             if (subtags.length == 2) {
                 sortedLanguageMap1.put(subtags[0], subtags[1]);
                 sortedLanguageMap1.put(subtags[1], subtags[0]);
-            } else if (subtags.length == 3) {
-                sortedLanguageMap2.put(subtags[0],
-                                     new String[]{subtags[1], subtags[2]});
-                sortedLanguageMap2.put(subtags[1],
-                                     new String[]{subtags[0], subtags[2]});
-                sortedLanguageMap2.put(subtags[2],
-                                     new String[]{subtags[0], subtags[1]});
+            } else if (subtags.length > 2) {
+                for (int i = 0; i < subtags.length; i++) {
+                    sortedLanguageMap2.put(subtags[i], createLangArray(i, subtags));
+                }
             } else {
                     throw new RuntimeException("New case, need implementation."
                         + " A language subtag \"" + preferred
@@ -191,8 +187,9 @@
                 + sortedLanguageMap2.size());
             for (String key : sortedLanguageMap2.keySet()) {
                 String[] s = sortedLanguageMap2.get(key);
-                System.out.println("    " + key + ": \""
-                    + s[0] + "\", \"" + s[1] + "\"");
+                if (s.length >= 2) {
+                    System.out.println("    " + key + ": " + generateValuesString(s) + "");
+                }
             }
 
             System.out.println("\n  Sorted map for region and variant subtags. Size="
@@ -205,6 +202,30 @@
         System.out.println();
     }
 
+    /* create the array of subtags excluding the subtag at index location */
+    private static String[] createLangArray(int index, String[] subtags) {
+        List<String> list = new ArrayList<>();
+        for (int i = 0; i < subtags.length; i++) {
+            if (i != index) {
+                list.add(subtags[i]);
+            }
+        }
+        return list.toArray(new String[list.size()]);
+    }
+
+    private static String generateValuesString(String[] values) {
+        String outputStr = "";
+        for (int i = 0; i < values.length; i++) {
+            if (i != values.length - 1) {
+                outputStr = outputStr + "\"" + values[i] + "\", ";
+            } else {
+                outputStr = outputStr + "\"" + values[i] + "\"";
+            }
+
+        }
+        return outputStr;
+    }
+
     private static final String headerText =
         "final class LocaleEquivalentMaps {\n\n"
         + "    static final Map<String, String> singleEquivMap;\n"
@@ -232,9 +253,11 @@
         System.out.println();
         for (String key : sortedLanguageMap2.keySet()) {
             String[] values = sortedLanguageMap2.get(key);
-            System.out.println("        multiEquivsMap.put(\""
-                + key + "\", new String[] {\"" + values[0] + "\", \""
-                + values[1] + "\"});");
+
+            if (values.length >= 2) {
+                System.out.println("        multiEquivsMap.put(\""
+                        + key + "\", new String[] {" + generateValuesString(values) + "});");
+            }
         }
         System.out.println();
         for (String key : sortedRegionVariantMap.keySet()) {
--- a/jdk/test/java/util/Locale/tools/language-subtag-registry.txt	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/test/java/util/Locale/tools/language-subtag-registry.txt	Wed Jul 05 21:49:47 2017 +0200
@@ -1,4 +1,4 @@
-File-Date: 2013-09-23
+File-Date: 2016-02-10
 %%
 Type: language
 Subtag: aa
@@ -1214,6 +1214,8 @@
 Subtag: aam
 Description: Aramanik
 Added: 2009-07-29
+Deprecated: 2015-02-12
+Preferred-Value: aas
 %%
 Type: language
 Subtag: aan
@@ -1580,6 +1582,8 @@
 Subtag: adp
 Description: Adap
 Added: 2009-07-29
+Deprecated: 2015-02-12
+Preferred-Value: dz
 %%
 Type: language
 Subtag: adq
@@ -1651,6 +1655,7 @@
 %%
 Type: language
 Subtag: aee
+Description: Northeast Pashai
 Description: Northeast Pashayi
 Added: 2009-07-29
 %%
@@ -1744,6 +1749,7 @@
 Type: language
 Subtag: afi
 Description: Akrukay
+Description: Chini
 Added: 2009-07-29
 %%
 Type: language
@@ -2734,6 +2740,7 @@
 %%
 Type: language
 Subtag: aot
+Description: Atong (India)
 Description: A'tong
 Added: 2009-07-29
 %%
@@ -2933,6 +2940,11 @@
 Added: 2009-07-29
 %%
 Type: language
+Subtag: aqt
+Description: Angaité
+Added: 2014-02-28
+%%
+Type: language
 Subtag: aqz
 Description: Akuntsu
 Added: 2010-03-11
@@ -3252,7 +3264,7 @@
 %%
 Type: language
 Subtag: ato
-Description: Atong
+Description: Atong (Cameroon)
 Added: 2009-07-29
 %%
 Type: language
@@ -3334,6 +3346,8 @@
 Subtag: aue
 Description: =/Kx'au//'ein
 Added: 2009-07-29
+Deprecated: 2015-02-12
+Preferred-Value: ktz
 %%
 Type: language
 Subtag: auf
@@ -4452,6 +4466,7 @@
 %%
 Type: language
 Subtag: bfc
+Description: Panyi Bai
 Description: Northern Bai
 Added: 2009-07-29
 %%
@@ -5463,6 +5478,7 @@
 Subtag: bmy
 Description: Bemba (Democratic Republic of Congo)
 Added: 2009-07-29
+Deprecated: 2015-02-12
 %%
 Type: language
 Subtag: bmz
@@ -6832,6 +6848,7 @@
 Subtag: bxx
 Description: Borna (Democratic Republic of Congo)
 Added: 2009-07-29
+Deprecated: 2015-02-12
 %%
 Type: language
 Subtag: bxz
@@ -6959,6 +6976,7 @@
 Subtag: byy
 Description: Buya
 Added: 2009-07-29
+Deprecated: 2015-02-12
 %%
 Type: language
 Subtag: byz
@@ -7292,6 +7310,12 @@
 Added: 2009-07-29
 %%
 Type: language
+Subtag: cbq
+Description: Tsucuba
+Description: Cuba
+Added: 2015-02-12
+%%
+Type: language
 Subtag: cbr
 Description: Cashibo-Cacataibo
 Added: 2009-07-29
@@ -9296,8 +9320,8 @@
 %%
 Type: language
 Subtag: dhg
+Description: Dhangu
 Description: Djangu
-Description: Dhangu
 Added: 2009-07-29
 %%
 Type: language
@@ -10320,6 +10344,7 @@
 Subtag: dzd
 Description: Daza
 Added: 2009-07-29
+Deprecated: 2015-02-12
 %%
 Type: language
 Subtag: dze
@@ -10613,6 +10638,7 @@
 Subtag: emo
 Description: Emok
 Added: 2009-07-29
+Deprecated: 2014-02-28
 %%
 Type: language
 Subtag: emp
@@ -10676,6 +10702,11 @@
 Added: 2009-07-29
 %%
 Type: language
+Subtag: enl
+Description: Enlhet
+Added: 2014-02-28
+%%
+Type: language
 Subtag: enm
 Description: Middle English (1100-1500)
 Added: 2005-10-16
@@ -10717,6 +10748,11 @@
 Added: 2009-07-29
 %%
 Type: language
+Subtag: enx
+Description: Enxet
+Added: 2014-02-28
+%%
+Type: language
 Subtag: eot
 Description: Beti (Côte d'Ivoire)
 Added: 2009-07-29
@@ -10840,6 +10876,11 @@
 Scope: collection
 %%
 Type: language
+Subtag: esy
+Description: Eskayan
+Added: 2014-04-06
+%%
+Type: language
 Subtag: etb
 Description: Etebi
 Added: 2009-07-29
@@ -11158,6 +11199,7 @@
 %%
 Type: language
 Subtag: fly
+Description: Flaaitaal
 Description: Tsotsitaal
 Added: 2009-07-29
 %%
@@ -11881,6 +11923,11 @@
 Added: 2009-07-29
 %%
 Type: language
+Subtag: gev
+Description: Eviya
+Added: 2014-02-28
+%%
+Type: language
 Subtag: gew
 Description: Gera
 Added: 2009-07-29
@@ -11914,6 +11961,8 @@
 Subtag: gfx
 Description: Mangetti Dune !Xung
 Added: 2012-08-12
+Deprecated: 2015-02-12
+Preferred-Value: vaj
 %%
 Type: language
 Subtag: gga
@@ -11966,7 +12015,7 @@
 Description: Aghu Tharnggalu
 Added: 2009-07-29
 Deprecated: 2013-09-10
-Comments: see ggm, gtu, ikr
+Comments: see gtu, ikr
 %%
 Type: language
 Subtag: ggt
@@ -12195,6 +12244,12 @@
 Macrolanguage: kpe
 %%
 Type: language
+Subtag: gku
+Description: ǂUngkue
+Description: =/Ungkue
+Added: 2015-02-12
+%%
+Type: language
 Subtag: glc
 Description: Bon Gula
 Added: 2009-07-29
@@ -12206,6 +12261,7 @@
 %%
 Type: language
 Subtag: glh
+Description: Northwest Pashai
 Description: Northwest Pashayi
 Added: 2009-07-29
 %%
@@ -12276,6 +12332,11 @@
 Scope: collection
 %%
 Type: language
+Subtag: gmg
+Description: Magɨyi
+Added: 2014-02-28
+%%
+Type: language
 Subtag: gmh
 Description: Middle High German (ca. 1050-1500)
 Added: 2005-10-16
@@ -12376,6 +12437,7 @@
 Type: language
 Subtag: gnk
 Description: //Gana
+Description: ǁGana
 Added: 2009-07-29
 %%
 Type: language
@@ -12765,6 +12827,8 @@
 Subtag: gti
 Description: Gbati-ri
 Added: 2009-07-29
+Deprecated: 2015-02-12
+Preferred-Value: nyc
 %%
 Type: language
 Subtag: gtu
@@ -13003,6 +13067,7 @@
 Type: language
 Subtag: gwj
 Description: /Gwi
+Description: ǀGwi
 Added: 2009-07-29
 %%
 Type: language
@@ -13330,6 +13395,7 @@
 Type: language
 Subtag: hgm
 Description: Hai//om
+Description: Haiǁom
 Added: 2009-07-29
 %%
 Type: language
@@ -13668,6 +13734,7 @@
 Type: language
 Subtag: hnh
 Description: //Ani
+Description: ǁAni
 Added: 2009-07-29
 %%
 Type: language
@@ -13815,6 +13882,7 @@
 %%
 Type: language
 Subtag: hps
+Description: Hawai'i Sign Language (HSL)
 Description: Hawai'i Pidgin Sign Language
 Added: 2009-07-29
 %%
@@ -13946,6 +14014,7 @@
 Type: language
 Subtag: huc
 Description: =/Hua
+Description: ǂHua
 Added: 2009-07-29
 %%
 Type: language
@@ -14452,6 +14521,11 @@
 Added: 2013-09-10
 %%
 Type: language
+Subtag: iks
+Description: Inuit Sign Language
+Added: 2015-02-12
+%%
+Type: language
 Subtag: ikt
 Description: Inuinnaqtun
 Description: Western Canadian Inuktitut
@@ -14544,6 +14618,7 @@
 Subtag: ime
 Description: Imeraguen
 Added: 2009-07-29
+Deprecated: 2015-02-12
 %%
 Type: language
 Subtag: imi
@@ -15331,6 +15406,11 @@
 Added: 2009-07-29
 %%
 Type: language
+Subtag: jje
+Description: Jejueo
+Added: 2015-02-12
+%%
+Type: language
 Subtag: jjr
 Description: Bankal
 Added: 2012-08-12
@@ -15471,6 +15551,11 @@
 Added: 2009-07-29
 %%
 Type: language
+Subtag: jog
+Description: Jogi
+Added: 2015-05-27
+%%
+Type: language
 Subtag: jor
 Description: Jorá
 Added: 2009-07-29
@@ -15789,6 +15874,7 @@
 Subtag: kbf
 Description: Kakauhua
 Added: 2009-07-29
+Deprecated: 2015-02-12
 %%
 Type: language
 Subtag: kbg
@@ -16890,6 +16976,11 @@
 Added: 2009-07-29
 %%
 Type: language
+Subtag: kjv
+Description: Kaikavian Literary Language
+Added: 2015-02-12
+%%
+Type: language
 Subtag: kjx
 Description: Ramopa
 Added: 2009-07-29
@@ -17471,6 +17562,8 @@
 Subtag: koj
 Description: Sara Dunjo
 Added: 2009-07-29
+Deprecated: 2015-02-12
+Preferred-Value: kwv
 %%
 Type: language
 Subtag: kok
@@ -18184,6 +18277,7 @@
 Type: language
 Subtag: ktz
 Description: Ju/'hoan
+Description: Juǀʼhoan
 Added: 2009-07-29
 %%
 Type: language
@@ -18203,7 +18297,7 @@
 %%
 Type: language
 Subtag: kue
-Description: Kuman
+Description: Kuman (Papua New Guinea)
 Added: 2009-07-29
 %%
 Type: language
@@ -18525,6 +18619,8 @@
 Subtag: kwq
 Description: Kwak
 Added: 2009-07-29
+Deprecated: 2015-02-12
+Preferred-Value: yam
 %%
 Type: language
 Subtag: kwr
@@ -18598,6 +18694,8 @@
 Subtag: kxe
 Description: Kakihum
 Added: 2009-07-29
+Deprecated: 2015-02-12
+Preferred-Value: tvd
 %%
 Type: language
 Subtag: kxf
@@ -19070,7 +19168,7 @@
 %%
 Type: language
 Subtag: lay
-Description: Lama (Myanmar)
+Description: Lama Bai
 Added: 2009-07-29
 %%
 Type: language
@@ -19352,6 +19450,8 @@
 Subtag: leg
 Description: Lengua
 Added: 2009-07-29
+Deprecated: 2014-02-28
+Comments: see enl, enx
 %%
 Type: language
 Subtag: leh
@@ -19624,6 +19724,8 @@
 Subtag: lii
 Description: Lingkhim
 Added: 2009-07-29
+Deprecated: 2015-02-12
+Preferred-Value: raq
 %%
 Type: language
 Subtag: lij
@@ -19987,6 +20089,8 @@
 Subtag: lmm
 Description: Lamam
 Added: 2009-07-29
+Deprecated: 2014-02-28
+Preferred-Value: rmx
 %%
 Type: language
 Subtag: lmn
@@ -21596,6 +21700,7 @@
 Subtag: mhh
 Description: Maskoy Pidgin
 Added: 2009-07-29
+Deprecated: 2014-02-28
 %%
 Type: language
 Subtag: mhi
@@ -23496,6 +23601,8 @@
 Subtag: mwj
 Description: Maligo
 Added: 2009-07-29
+Deprecated: 2015-02-12
+Preferred-Value: vaj
 %%
 Type: language
 Subtag: mwk
@@ -24052,6 +24159,7 @@
 %%
 Type: language
 Subtag: naq
+Description: Khoekhoe
 Description: Nama (Namibia)
 Added: 2009-07-29
 %%
@@ -24067,6 +24175,7 @@
 %%
 Type: language
 Subtag: nat
+Description: Ca̱hungwa̱rya̱
 Description: Hungworo
 Added: 2009-07-29
 %%
@@ -24632,6 +24741,7 @@
 Type: language
 Subtag: ngh
 Description: N/u
+Description: Nǀu
 Added: 2009-07-29
 %%
 Type: language
@@ -25340,6 +25450,7 @@
 Type: language
 Subtag: nmn
 Description: !Xóõ
+Description: ǃXóõ
 Added: 2009-07-29
 %%
 Type: language
@@ -25385,6 +25496,7 @@
 Type: language
 Subtag: nmw
 Description: Nimoa
+Description: Rifao
 Added: 2009-07-29
 %%
 Type: language
@@ -25516,6 +25628,8 @@
 Subtag: nnx
 Description: Ngong
 Added: 2009-07-29
+Deprecated: 2015-02-12
+Preferred-Value: ngv
 %%
 Type: language
 Subtag: nny
@@ -25758,6 +25872,12 @@
 Added: 2009-07-29
 %%
 Type: language
+Subtag: nrf
+Description: Jèrriais
+Description: Guernésiais
+Added: 2015-02-12
+%%
+Type: language
 Subtag: nrg
 Description: Narango
 Added: 2009-07-29
@@ -26267,6 +26387,11 @@
 Added: 2009-07-29
 %%
 Type: language
+Subtag: nxo
+Description: Ndambomo
+Added: 2015-02-12
+%%
+Type: language
 Subtag: nxq
 Description: Naxi
 Added: 2011-08-16
@@ -26788,6 +26913,11 @@
 Added: 2009-07-29
 %%
 Type: language
+Subtag: olt
+Description: Old Lithuanian
+Added: 2014-02-28
+%%
+Type: language
 Subtag: oma
 Description: Omaha-Ponca
 Added: 2009-07-29
@@ -27264,6 +27394,8 @@
 Subtag: oun
 Description: !O!ung
 Added: 2009-07-29
+Deprecated: 2015-02-12
+Preferred-Value: vaj
 %%
 Type: language
 Subtag: owi
@@ -27507,7 +27639,7 @@
 %%
 Type: language
 Subtag: pby
-Description: Pyu
+Description: Pyu (Papua New Guinea)
 Added: 2009-07-29
 %%
 Type: language
@@ -27763,6 +27895,11 @@
 Macrolanguage: ar
 %%
 Type: language
+Subtag: pgd
+Description: Gāndhārī
+Added: 2015-02-12
+%%
+Type: language
 Subtag: pgg
 Description: Pangwali
 Added: 2009-07-29
@@ -28157,6 +28294,7 @@
 %%
 Type: language
 Subtag: pls
+Description: San Marcos Tlacoyalco Popoloca
 Description: San Marcos Tlalcoyalco Popoloca
 Added: 2009-07-29
 %%
@@ -28285,6 +28423,8 @@
 Subtag: pmu
 Description: Mirpur Panjabi
 Added: 2009-07-29
+Deprecated: 2015-02-12
+Preferred-Value: phr
 Macrolanguage: lah
 %%
 Type: language
@@ -28779,11 +28919,13 @@
 %%
 Type: language
 Subtag: psh
+Description: Southwest Pashai
 Description: Southwest Pashayi
 Added: 2009-07-29
 %%
 Type: language
 Subtag: psi
+Description: Southeast Pashai
 Description: Southeast Pashayi
 Added: 2009-07-29
 %%
@@ -28879,6 +29021,11 @@
 Added: 2009-07-29
 %%
 Type: language
+Subtag: ptq
+Description: Pattapu
+Added: 2014-04-06
+%%
+Type: language
 Subtag: ptr
 Description: Piamatsina
 Added: 2009-07-29
@@ -29012,6 +29159,8 @@
 Subtag: puz
 Description: Purum Naga
 Added: 2009-07-29
+Deprecated: 2014-02-28
+Preferred-Value: pub
 %%
 Type: language
 Subtag: pwa
@@ -30114,6 +30263,11 @@
 Added: 2009-07-29
 %%
 Type: language
+Subtag: rts
+Description: Yurats
+Added: 2015-02-12
+%%
+Type: language
 Subtag: rtw
 Description: Rathawi
 Added: 2009-07-29
@@ -30317,6 +30471,8 @@
 Subtag: sap
 Description: Sanapaná
 Added: 2009-07-29
+Deprecated: 2014-02-28
+Comments: see aqt, spn
 %%
 Type: language
 Subtag: saq
@@ -30395,6 +30551,7 @@
 %%
 Type: language
 Subtag: sbf
+Description: Chabu
 Description: Shabo
 Added: 2009-07-29
 %%
@@ -30926,6 +31083,7 @@
 Subtag: sgo
 Description: Songa
 Added: 2009-07-29
+Deprecated: 2015-02-12
 %%
 Type: language
 Subtag: sgp
@@ -31385,6 +31543,7 @@
 %%
 Type: language
 Subtag: skr
+Description: Saraiki
 Description: Seraiki
 Added: 2009-07-29
 Macrolanguage: lah
@@ -31940,6 +32099,11 @@
 Added: 2009-07-29
 %%
 Type: language
+Subtag: spn
+Description: Sanapaná
+Added: 2014-02-28
+%%
+Type: language
 Subtag: spo
 Description: Spokane
 Added: 2009-07-29
@@ -32804,6 +32968,11 @@
 Added: 2009-07-29
 %%
 Type: language
+Subtag: syx
+Description: Samay
+Added: 2015-02-12
+%%
+Type: language
 Subtag: syy
 Description: Al-Sayyid Bedouin Sign Language
 Added: 2009-07-29
@@ -33694,6 +33863,8 @@
 Subtag: thx
 Description: The
 Added: 2009-07-29
+Deprecated: 2015-02-12
+Preferred-Value: oyb
 %%
 Type: language
 Subtag: thy
@@ -33963,6 +34134,11 @@
 Added: 2009-07-29
 %%
 Type: language
+Subtag: tkv
+Description: Mur Pano
+Added: 2014-02-28
+%%
+Type: language
 Subtag: tkw
 Description: Teanu
 Added: 2009-07-29
@@ -34796,6 +34972,8 @@
 Subtag: tsf
 Description: Southwestern Tamang
 Added: 2009-07-29
+Deprecated: 2015-02-12
+Preferred-Value: taj
 %%
 Type: language
 Subtag: tsg
@@ -35340,6 +35518,11 @@
 Added: 2009-07-29
 %%
 Type: language
+Subtag: txj
+Description: Tarjumo
+Added: 2015-02-12
+%%
+Type: language
 Subtag: txm
 Description: Tomini
 Added: 2009-07-29
@@ -35902,6 +36085,8 @@
 Subtag: uok
 Description: Uokha
 Added: 2009-07-29
+Deprecated: 2015-02-12
+Preferred-Value: ema
 %%
 Type: language
 Subtag: upi
@@ -36177,7 +36362,10 @@
 %%
 Type: language
 Subtag: vaj
-Description: Vasekela Bushman
+Description: Sekele
+Description: Northwestern !Kung
+Description: Northwestern ǃKung
+Description: Vasekele
 Added: 2009-07-29
 %%
 Type: language
@@ -37778,6 +37966,11 @@
 Added: 2009-07-29
 %%
 Type: language
+Subtag: xaj
+Description: Ararandewára
+Added: 2014-02-28
+%%
+Type: language
 Subtag: xal
 Description: Kalmyk
 Description: Oirat
@@ -37786,6 +37979,7 @@
 Type: language
 Subtag: xam
 Description: /Xam
+Description: ǀXam
 Added: 2009-07-29
 %%
 Type: language
@@ -38037,6 +38231,7 @@
 Type: language
 Subtag: xeg
 Description: //Xegwi
+Description: ǁXegwi
 Added: 2009-07-29
 %%
 Type: language
@@ -38116,6 +38311,7 @@
 %%
 Type: language
 Subtag: xgm
+Description: Dharumbal
 Description: Guwinmal
 Added: 2013-09-10
 %%
@@ -38219,6 +38415,11 @@
 Added: 2009-07-29
 %%
 Type: language
+Subtag: xis
+Description: Kisan
+Added: 2014-02-28
+%%
+Type: language
 Subtag: xiv
 Description: Indus Valley Language
 Added: 2009-07-29
@@ -38890,6 +39091,8 @@
 Subtag: xsj
 Description: Subi
 Added: 2009-07-29
+Deprecated: 2015-02-12
+Preferred-Value: suj
 %%
 Type: language
 Subtag: xsl
@@ -39539,6 +39742,7 @@
 Subtag: yds
 Description: Yiddish Sign Language
 Added: 2009-07-29
+Deprecated: 2015-02-12
 %%
 Type: language
 Subtag: yea
@@ -39638,6 +39842,11 @@
 Added: 2009-07-29
 %%
 Type: language
+Subtag: ygs
+Description: Yolŋu Sign Language
+Added: 2014-02-28
+%%
+Type: language
 Subtag: ygu
 Description: Yugul
 Added: 2013-09-10
@@ -39664,6 +39873,11 @@
 Added: 2009-07-29
 %%
 Type: language
+Subtag: yhs
+Description: Yan-nhaŋu Sign Language
+Added: 2015-04-17
+%%
+Type: language
 Subtag: yia
 Description: Yinggarda
 Added: 2009-07-29
@@ -39979,6 +40193,8 @@
 Subtag: ymt
 Description: Mator-Taygi-Karagas
 Added: 2009-07-29
+Deprecated: 2015-02-12
+Preferred-Value: mtm
 %%
 Type: language
 Subtag: ymx
@@ -40014,6 +40230,7 @@
 Subtag: ynh
 Description: Yangho
 Added: 2009-07-29
+Deprecated: 2015-02-12
 %%
 Type: language
 Subtag: ynk
@@ -40313,6 +40530,7 @@
 Type: language
 Subtag: yue
 Description: Yue Chinese
+Description: Cantonese
 Added: 2009-07-29
 Macrolanguage: zh
 %%
@@ -40380,6 +40598,8 @@
 Subtag: yuu
 Description: Yugh
 Added: 2009-07-29
+Deprecated: 2014-02-28
+Preferred-Value: yug
 %%
 Type: language
 Subtag: yuw
@@ -42215,6 +42435,7 @@
 %%
 Type: extlang
 Subtag: hps
+Description: Hawai'i Sign Language (HSL)
 Description: Hawai'i Pidgin Sign Language
 Added: 2009-07-29
 Preferred-Value: hps
@@ -42250,6 +42471,13 @@
 Prefix: sgn
 %%
 Type: extlang
+Subtag: iks
+Description: Inuit Sign Language
+Added: 2015-02-12
+Preferred-Value: iks
+Prefix: sgn
+%%
+Type: extlang
 Subtag: ils
 Description: International Sign
 Added: 2009-07-29
@@ -43154,7 +43382,21 @@
 Subtag: yds
 Description: Yiddish Sign Language
 Added: 2009-07-29
-Preferred-Value: yds
+Deprecated: 2015-02-12
+Prefix: sgn
+%%
+Type: extlang
+Subtag: ygs
+Description: Yolŋu Sign Language
+Added: 2014-02-28
+Preferred-Value: ygs
+Prefix: sgn
+%%
+Type: extlang
+Subtag: yhs
+Description: Yan-nhaŋu Sign Language
+Added: 2015-04-17
+Preferred-Value: yhs
 Prefix: sgn
 %%
 Type: extlang
@@ -43167,6 +43409,7 @@
 Type: extlang
 Subtag: yue
 Description: Yue Chinese
+Description: Cantonese
 Added: 2009-07-29
 Preferred-Value: yue
 Prefix: zh
@@ -43211,6 +43454,11 @@
 Macrolanguage: ms
 %%
 Type: script
+Subtag: Adlm
+Description: Adlam
+Added: 2014-12-11
+%%
+Type: script
 Subtag: Afak
 Description: Afaka
 Added: 2011-01-07
@@ -43221,11 +43469,22 @@
 Added: 2012-11-01
 %%
 Type: script
+Subtag: Ahom
+Description: Ahom
+Description: Tai Ahom
+Added: 2013-12-02
+%%
+Type: script
 Subtag: Arab
 Description: Arabic
 Added: 2005-10-16
 %%
 Type: script
+Subtag: Aran
+Description: Arabic (Nastaliq variant)
+Added: 2014-12-11
+%%
+Type: script
 Subtag: Armi
 Description: Imperial Aramaic
 Added: 2007-12-05
@@ -43266,6 +43525,11 @@
 Added: 2005-10-16
 %%
 Type: script
+Subtag: Bhks
+Description: Bhaiksuki
+Added: 2015-07-24
+%%
+Type: script
 Subtag: Blis
 Description: Blissymbols
 Added: 2005-10-16
@@ -43431,6 +43695,11 @@
 Added: 2005-10-16
 %%
 Type: script
+Subtag: Hanb
+Description: Han with Bopomofo (alias for Han + Bopomofo)
+Added: 2016-02-08
+%%
+Type: script
 Subtag: Hang
 Description: Hangul
 Description: Hangŭl
@@ -43462,6 +43731,11 @@
 Added: 2005-10-16
 %%
 Type: script
+Subtag: Hatr
+Description: Hatran
+Added: 2013-12-02
+%%
+Type: script
 Subtag: Hebr
 Description: Hebrew
 Added: 2005-10-16
@@ -43506,6 +43780,11 @@
 Added: 2005-10-16
 %%
 Type: script
+Subtag: Jamo
+Description: Jamo (alias for Jamo subset of Hangul)
+Added: 2016-02-08
+%%
+Type: script
 Subtag: Java
 Description: Javanese
 Added: 2005-10-16
@@ -43546,6 +43825,16 @@
 Added: 2011-08-16
 %%
 Type: script
+Subtag: Kitl
+Description: Khitan large script
+Added: 2014-12-11
+%%
+Type: script
+Subtag: Kits
+Description: Khitan small script
+Added: 2014-12-11
+%%
+Type: script
 Subtag: Knda
 Description: Kannada
 Added: 2005-10-16
@@ -43592,6 +43881,11 @@
 Added: 2005-10-16
 %%
 Type: script
+Subtag: Leke
+Description: Leke
+Added: 2015-07-24
+%%
+Type: script
 Subtag: Lepc
 Description: Lepcha
 Description: Róng
@@ -43650,13 +43944,18 @@
 Added: 2007-07-28
 %%
 Type: script
+Subtag: Marc
+Description: Marchen
+Added: 2014-12-11
+%%
+Type: script
 Subtag: Maya
 Description: Mayan hieroglyphs
 Added: 2005-10-16
 %%
 Type: script
 Subtag: Mend
-Description: Mende
+Description: Mende Kikakui
 Added: 2010-04-10
 %%
 Type: script
@@ -43675,6 +43974,12 @@
 Added: 2005-10-16
 %%
 Type: script
+Subtag: Modi
+Description: Modi
+Description: Moḍī
+Added: 2013-12-02
+%%
+Type: script
 Subtag: Mong
 Description: Mongolian
 Added: 2005-10-16
@@ -43701,6 +44006,11 @@
 Added: 2007-01-26
 %%
 Type: script
+Subtag: Mult
+Description: Multani
+Added: 2013-12-02
+%%
+Type: script
 Subtag: Mymr
 Description: Myanmar
 Description: Burmese
@@ -43718,6 +44028,14 @@
 Added: 2010-04-10
 %%
 Type: script
+Subtag: Newa
+Description: Newa
+Description: Newar
+Description: Newari
+Description: Nepāla lipi
+Added: 2016-01-04
+%%
+Type: script
 Subtag: Nkgb
 Description: Nakhi Geba
 Description: 'Na-'Khi ²Ggŏ-¹baw
@@ -43760,6 +44078,11 @@
 Added: 2005-10-16
 %%
 Type: script
+Subtag: Osge
+Description: Osage
+Added: 2014-12-11
+%%
+Type: script
 Subtag: Osma
 Description: Osmanya
 Added: 2005-10-16
@@ -43770,6 +44093,11 @@
 Added: 2010-04-10
 %%
 Type: script
+Subtag: Pauc
+Description: Pau Cin Hau
+Added: 2013-12-02
+%%
+Type: script
 Subtag: Perm
 Description: Old Permic
 Added: 2005-10-16
@@ -43800,6 +44128,11 @@
 Added: 2005-10-16
 %%
 Type: script
+Subtag: Piqd
+Description: Klingon (KLI pIqaD)
+Added: 2016-01-04
+%%
+Type: script
 Subtag: Plrd
 Description: Miao
 Description: Pollard
@@ -43870,6 +44203,13 @@
 Added: 2011-01-07
 %%
 Type: script
+Subtag: Sidd
+Description: Siddham
+Description: Siddhaṃ
+Description: Siddhamātṛkā
+Added: 2013-12-02
+%%
+Type: script
 Subtag: Sind
 Description: Khudawadi
 Description: Sindhi
@@ -44048,6 +44388,11 @@
 Added: 2007-12-05
 %%
 Type: script
+Subtag: Zsye
+Description: Symbols (Emoji variant)
+Added: 2016-01-04
+%%
+Type: script
 Subtag: Zsym
 Description: Symbols
 Added: 2007-12-05
@@ -44360,6 +44705,7 @@
 %%
 Type: region
 Subtag: CV
+Description: Cabo Verde
 Description: Cape Verde
 Added: 2005-10-16
 %%
@@ -45647,6 +45993,15 @@
 Prefix: de
 %%
 Type: variant
+Subtag: abl1943
+Description: Orthographic formulation of 1943 - Official in Brazil
+  (Formulário Ortográfico de 1943 - Oficial no Brasil)
+Added: 2015-05-06
+Prefix: pt-BR
+Comments: Denotes conventions established by the Academia Brasileira de
+  Letras in 1943 and generally used in Brazil until 2009
+%%
+Type: variant
 Subtag: alalc97
 Description: ALA-LC Romanization, 1997 edition
 Added: 2009-12-09
@@ -45665,6 +46020,16 @@
   continuum in Eastern Suriname and Western French Guiana
 %%
 Type: variant
+Subtag: ao1990
+Description: Portuguese Language Orthographic Agreement of 1990 (Acordo
+  Ortográfico da Língua Portuguesa de 1990)
+Added: 2015-05-06
+Prefix: pt
+Prefix: gl
+Comments: Portuguese orthography conventions established in 1990 but
+  not brought into effect until 2009
+%%
+Type: variant
 Subtag: arevela
 Description: Eastern Armenian
 Added: 2006-09-18
@@ -45698,6 +46063,27 @@
   Jaŋalif (Janalif).
 %%
 Type: variant
+Subtag: balanka
+Description: The Balanka dialect of Anii
+Added: 2014-02-15
+Prefix: blo
+Comments: Balanka is one of 19 Anii dialects.
+%%
+Type: variant
+Subtag: barla
+Description: The Barlavento dialect group of Kabuverdianu
+Prefix: kea
+Comments: Barlavento is one of the two main dialect groups of
+  Kabuverdianu.
+Added: 2013-12-10
+%%
+Type: variant
+Subtag: basiceng
+Description: Basic English
+Added: 2015-12-29
+Prefix: en
+%%
+Type: variant
 Subtag: bauddha
 Description: Buddhist Hybrid Sanskrit
 Added: 2010-07-28
@@ -45723,9 +46109,9 @@
 Description: Slovene in Bohorič alphabet
 Added: 2012-06-27
 Prefix: sl
-Comments: The subtag represents the alphabet codified by Adam Bohorič in
-  1584 and used from the first printed Slovene book and up to the mid-
-  19th century.
+Comments: The subtag represents the alphabet codified by Adam Bohorič
+  in 1584 and used from the first printed Slovene book and up to the
+  mid-19th century.
 %%
 Type: variant
 Subtag: boont
@@ -45735,6 +46121,24 @@
 Comments: Jargon embedded in American English
 %%
 Type: variant
+Subtag: colb1945
+Description: Portuguese-Brazilian Orthographic Convention of 1945
+  (Convenção Ortográfica Luso-Brasileira de 1945)
+Added: 2015-05-06
+Prefix: pt
+Comments: Portuguese orthography conventions established in 1945,
+  generally in effect until 2009. This reform was not ratified in
+  Brazil.
+%%
+Type: variant
+Subtag: cornu
+Description: Cornu-English
+Description: Cornish English
+Description: Anglo-Cornish
+Added: 2015-12-07
+Prefix: en
+%%
+Type: variant
 Subtag: dajnko
 Description: Slovene in Dajnko alphabet
 Added: 2012-06-27
@@ -45744,6 +46148,14 @@
   Slovenia).
 %%
 Type: variant
+Subtag: ekavsk
+Description: Serbian with Ekavian pronunciation
+Prefix: sr
+Prefix: sr-Latn
+Prefix: sr-Cyrl
+Added: 2013-12-02
+%%
+Type: variant
 Subtag: emodeng
 Description: Early Modern English (1500-1700)
 Added: 2012-02-05
@@ -45789,6 +46201,14 @@
   including modern usage.
 %%
 Type: variant
+Subtag: ijekavsk
+Description: Serbian with Ijekavian pronunciation
+Prefix: sr
+Prefix: sr-Latn
+Prefix: sr-Cyrl
+Added: 2013-12-02
+%%
+Type: variant
 Subtag: itihasa
 Description: Epic Sanskrit
 Added: 2010-07-28
@@ -45816,6 +46236,14 @@
 Prefix: kw
 %%
 Type: variant
+Subtag: kociewie
+Description: The Kociewie dialect of Polish
+Added: 2014-11-27
+Prefix: pl
+Comments: The dialect of Kociewie is spoken in the region around
+  Starogard Gdański, Tczew and Świecie in northern Poland.
+%%
+Type: variant
 Subtag: kscor
 Description: Standard Cornish orthography of Revived Cornish
 Description: Kernowek Standard
@@ -45876,6 +46304,12 @@
 Prefix: sl
 %%
 Type: variant
+Subtag: newfound
+Description: Newfoundland English
+Added: 2015-11-25
+Prefix: en-CA
+%%
+Type: variant
 Subtag: njiva
 Description: The Gniva dialect of Resian
 Description: The Njiva dialect of Resian
@@ -45906,6 +46340,12 @@
   dialects of Resian
 %%
 Type: variant
+Subtag: oxendict
+Description: Oxford English Dictionary spelling
+Added: 2015-04-17
+Prefix: en
+%%
+Type: variant
 Subtag: pamaka
 Description: Pamaka dialect
 Added: 2009-09-05
@@ -45980,6 +46420,11 @@
 Comments: English Liverpudlian dialect known as 'Scouse'
 %%
 Type: variant
+Subtag: simple
+Description: Simplified form
+Added: 2015-12-29
+%%
+Type: variant
 Subtag: solba
 Description: The Stolvizza dialect of Resian
 Description: The Solbica dialect of Resian
@@ -45989,6 +46434,14 @@
   local dialects of Resian
 %%
 Type: variant
+Subtag: sotav
+Description: The Sotavento dialect group of Kabuverdianu
+Prefix: kea
+Comments: Sotavento is one of the two main dialect groups of
+  Kabuverdianu.
+Added: 2013-12-10
+%%
+Type: variant
 Subtag: surmiran
 Description: Surmiran idiom of Romansh
 Added: 2010-06-29
@@ -46041,6 +46494,16 @@
 Prefix: sco
 %%
 Type: variant
+Subtag: unifon
+Description: Unifon phonetic alphabet
+Added: 2013-10-02
+Prefix: en
+Prefix: hup
+Prefix: kyh
+Prefix: tol
+Prefix: yur
+%%
+Type: variant
 Subtag: vaidika
 Description: Vedic Sanskrit
 Added: 2010-07-28
@@ -46081,11 +46544,15 @@
 Tag: cel-gaulish
 Description: Gaulish
 Added: 2001-05-25
+Deprecated: 2015-03-29
+Comments: see xcg, xga, xtg
 %%
 Type: grandfathered
 Tag: en-GB-oed
 Description: English, Oxford English Dictionary spelling
 Added: 2003-07-09
+Deprecated: 2015-04-17
+Preferred-Value: en-GB-oxendict
 %%
 Type: grandfathered
 Tag: i-ami
@@ -46110,6 +46577,7 @@
 Tag: i-enochian
 Description: Enochian
 Added: 2002-07-03
+Deprecated: 2015-03-29
 %%
 Type: grandfathered
 Tag: i-hak
@@ -46226,6 +46694,7 @@
 Description: Min, Fuzhou, Hokkien, Amoy, or Taiwanese
 Added: 1999-12-18
 Deprecated: 2009-07-29
+Comments: see cdo, cpx, czo, mnp, nan
 %%
 Type: grandfathered
 Tag: zh-min-nan
--- a/jdk/test/java/util/logging/SimpleFormatterFormat.java	Thu Jun 09 17:28:37 2016 +0000
+++ b/jdk/test/java/util/logging/SimpleFormatterFormat.java	Wed Jul 05 21:49:47 2017 +0200
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2011, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2011, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,7 +23,7 @@
 
 /*
  * @test
- * @bug     6381464
+ * @bug     6381464 8153666
  * @summary Test the custom simple formatter output
  *
  * @run main/othervm SimpleFormatterFormat
@@ -60,13 +60,19 @@
         "test.foo",
         "test.foo",
         "test.bar",
+        "test.bar",
+        "test.bar",
         "test.bar"
     };
     private static String[] messages = new String[] {
         "severe hello world",
         "warning lost connection",
         "info welcome",
-        "warning exception thrown",
+        "warning beware of traps",
+        "warning { {ok7} }",
+        // keep exception logging as last test case to avoid having
+        // to skip the exception stack trace in the output
+        "warning exception thrown"
     };
     private static void writeLogRecords(PrintStream logps) throws Exception {
         try {
@@ -79,8 +85,11 @@
             Logger bar = Logger.getLogger("test.bar");
             bar.finest("Dummy message");
             bar.info(messages[2]);
-            bar.log(Level.WARNING, messages[3], new IllegalArgumentException());
+            bar.log(Level.WARNING, "{0}", new Object[] { messages[3] });
+            bar.log(Level.WARNING, "warning '{' '{'{7}} }", new Object[] {"ok", "ok1", "ok2", "ok3", "ok4", "ok5", "ok6", "ok7", "ok8", "ok9", "ok10"});
 
+            // Keep this one last - as it also prints the exception stack trace...
+            bar.log(Level.WARNING, messages[messages.length-1], new IllegalArgumentException());
         } finally {
             logps.flush();
             logps.close();
@@ -108,7 +117,7 @@
 
                 Matcher m = p.matcher(line);
                 if (!m.matches()) {
-                    throw new RuntimeException("Unexpected output format");
+                    throw new RuntimeException("Unexpected output format: " + line);
                 }
                 if (m.groupCount() != 3) {
                     throw new RuntimeException("Unexpected group count = " +
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/javax/net/ssl/ALPN/SSLServerSocketAlpnTest.java	Wed Jul 05 21:49:47 2017 +0200
@@ -0,0 +1,494 @@
+/*
+ * Copyright (c) 2001, 2016, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+// SunJSSE does not support dynamic system properties, no way to re-use
+// system properties in samevm/agentvm mode.
+
+/*
+ * @test
+ * @bug 8051498 8145849 8158978
+ * @summary JEP 244: TLS Application-Layer Protocol Negotiation Extension
+ * @compile MyX509ExtendedKeyManager.java
+ * @run main/othervm SSLServerSocketAlpnTest h2          h2          h2
+ * @run main/othervm SSLServerSocketAlpnTest h2          h2,http/1.1 h2
+ * @run main/othervm SSLServerSocketAlpnTest h2,http/1.1 h2,http/1.1 h2
+ * @run main/othervm SSLServerSocketAlpnTest http/1.1,h2 h2,http/1.1 http/1.1
+ * @run main/othervm SSLServerSocketAlpnTest h4,h3,h2    h1,h2       h2
+ * @run main/othervm SSLServerSocketAlpnTest EMPTY       h2,http/1.1 NONE
+ * @run main/othervm SSLServerSocketAlpnTest h2          EMPTY       NONE
+ * @run main/othervm SSLServerSocketAlpnTest H2          h2          ERROR
+ * @run main/othervm SSLServerSocketAlpnTest h2          http/1.1    ERROR
+ * @author Brad Wetmore
+ */
+import java.io.*;
+import java.security.KeyStore;
+
+import javax.net.ssl.*;
+
+public class SSLServerSocketAlpnTest {
+
+    /*
+     * =============================================================
+     * Set the various variables needed for the tests, then
+     * specify what tests to run on each side.
+     */
+
+    /*
+     * Should we run the client or server in a separate thread?
+     * Both sides can throw exceptions, but do you have a preference
+     * as to which side should be the main thread.
+     */
+    static boolean separateServerThread = false;
+
+    /*
+     * Where do we find the keystores?
+     */
+    static String pathToStores = "../etc";
+    static String keyStoreFile = "keystore";
+    static String trustStoreFile = "truststore";
+    static String passwd = "passphrase";
+
+    static String keyFilename = System.getProperty("test.src", ".") + "/"
+            + pathToStores + "/" + keyStoreFile;
+    static String trustFilename = System.getProperty("test.src", ".") + "/"
+            + pathToStores + "/" + trustStoreFile;
+
+    /*
+     * SSLContext
+     */
+    SSLContext mySSLContext = null;
+
+    /*
+     * Is the server ready to serve?
+     */
+    volatile static boolean serverReady = false;
+
+    /*
+     * Turn on SSL debugging?
+     */
+    static boolean debug = false;
+
+    static String[] serverAPs;
+    static String[] clientAPs;
+    static String expectedAP;
+
+    /*
+     * If the client or server is doing some kind of object creation
+     * that the other side depends on, and that thread prematurely
+     * exits, you may experience a hang. The test harness will
+     * terminate all hung threads after its timeout has expired,
+     * currently 3 minutes by default, but you might try to be
+     * smart about it....
+     */
+
+    /*
+     * Define the server side of the test.
+     *
+     * If the server prematurely exits, serverReady will be set to true
+     * to avoid infinite hangs.
+     */
+    void doServerSide() throws Exception {
+        SSLServerSocketFactory sslssf = mySSLContext.getServerSocketFactory();
+        SSLServerSocket sslServerSocket
+                = (SSLServerSocket) sslssf.createServerSocket(serverPort);
+        sslServerSocket.setNeedClientAuth(true);
+
+        SSLParameters sslp = sslServerSocket.getSSLParameters();
+
+        // for both client/server to call into X509KM
+        sslp.setNeedClientAuth(true);
+
+        /*
+         * The default ciphersuite ordering from the SSLContext may not
+         * reflect "h2" ciphersuites as being preferred, additionally the
+         * client may not send them in an appropriate order. We could resort
+         * the suite list if so desired.
+         */
+        String[] suites = sslp.getCipherSuites();
+        sslp.setCipherSuites(suites);
+        sslp.setUseCipherSuitesOrder(true); // Set server side order
+
+        // Set the ALPN selection.
+        sslp.setApplicationProtocols(serverAPs);
+        sslServerSocket.setSSLParameters(sslp);
+
+        serverPort = sslServerSocket.getLocalPort();
+
+        /*
+         * Signal Client, we're ready for his connect.
+         */
+        serverReady = true;
+
+        SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();
+
+        if (sslSocket.getHandshakeApplicationProtocol() != null) {
+            throw new Exception ("getHandshakeApplicationProtocol() should "
+                    + "return null before the handshake starts");
+        }
+
+        sslSocket.startHandshake();
+
+        if (sslSocket.getHandshakeApplicationProtocol() != null) {
+            throw new Exception ("getHandshakeApplicationProtocol() should "
+                    + "return null after the handshake is completed");
+        }
+
+        String ap = sslSocket.getApplicationProtocol();
+        System.out.println("Application Protocol: \"" + ap + "\"");
+
+        if (ap == null) {
+            throw new Exception(
+                    "Handshake was completed but null was received");
+        }
+        if (expectedAP.equals("NONE")) {
+            if (!ap.isEmpty()) {
+                throw new Exception("Expected no ALPN value");
+            } else {
+                System.out.println("No ALPN value negotiated, as expected");
+            }
+        } else if (!expectedAP.equals(ap)) {
+            throw new Exception(expectedAP
+                    + " ALPN value not available on negotiated connection");
+        }
+
+        InputStream sslIS = sslSocket.getInputStream();
+        OutputStream sslOS = sslSocket.getOutputStream();
+
+        sslIS.read();
+        sslOS.write(85);
+        sslOS.flush();
+
+        sslSocket.close();
+    }
+
+    /*
+     * Define the client side of the test.
+     *
+     * If the server prematurely exits, serverReady will be set to true
+     * to avoid infinite hangs.
+     */
+    void doClientSide() throws Exception {
+
+        /*
+         * Wait for server to get started.
+         */
+        while (!serverReady) {
+            Thread.sleep(50);
+        }
+
+        SSLSocketFactory sslsf = mySSLContext.getSocketFactory();
+        SSLSocket sslSocket
+                = (SSLSocket) sslsf.createSocket("localhost", serverPort);
+
+        SSLParameters sslp = sslSocket.getSSLParameters();
+
+        /*
+         * The default ciphersuite ordering from the SSLContext may not
+         * reflect "h2" ciphersuites as being preferred, additionally the
+         * client may not send them in an appropriate order. We could resort
+         * the suite list if so desired.
+         */
+        String[] suites = sslp.getCipherSuites();
+        sslp.setCipherSuites(suites);
+        sslp.setUseCipherSuitesOrder(true); // Set server side order
+
+        // Set the ALPN selection.
+        sslp.setApplicationProtocols(clientAPs);
+        sslSocket.setSSLParameters(sslp);
+
+        if (sslSocket.getHandshakeApplicationProtocol() != null) {
+            throw new Exception ("getHandshakeApplicationProtocol() should "
+                    + "return null before the handshake starts");
+        }
+
+        sslSocket.startHandshake();
+
+        if (sslSocket.getHandshakeApplicationProtocol() != null) {
+            throw new Exception ("getHandshakeApplicationProtocol() should "
+                    + "return null after the handshake is completed");
+        }
+
+        /*
+         * Check that the resulting connection meets our defined ALPN
+         * criteria.  If we were connecting to a non-JSSE implementation,
+         * the server might have negotiated something we shouldn't accept.
+         */
+        String ap = sslSocket.getApplicationProtocol();
+        System.out.println("Application Protocol: \"" + ap + "\"");
+
+        if (ap == null) {
+            throw new Exception(
+                    "Handshake was completed but null was received");
+        }
+        if (expectedAP.equals("NONE")) {
+            if (!ap.isEmpty()) {
+                throw new Exception("Expected no ALPN value");
+            } else {
+                System.out.println("No ALPN value negotiated, as expected");
+            }
+        } else if (!expectedAP.equals(ap)) {
+            throw new Exception(expectedAP
+                    + " ALPN value not available on negotiated connection");
+        }
+
+        InputStream sslIS = sslSocket.getInputStream();
+        OutputStream sslOS = sslSocket.getOutputStream();
+
+        sslOS.write(280);
+        sslOS.flush();
+        sslIS.read();
+
+        sslSocket.close();
+    }
+
+    /*
+     * =============================================================
+     * The remainder is just support stuff
+     */
+    // use any free port by default
+    volatile int serverPort = 0;
+
+    volatile Exception serverException = null;
+    volatile Exception clientException = null;
+
+    public static void main(String[] args) throws Exception {
+
+        if (debug) {
+            System.setProperty("javax.net.debug", "all");
+        }
+
+        // Validate parameters
+        if (args.length != 3) {
+            throw new Exception("Invalid number of test parameters");
+        }
+        serverAPs = convert(args[0]);
+        clientAPs = convert(args[1]);
+        expectedAP = args[2];
+
+        /*
+         * Start the tests.
+         */
+        try {
+            new SSLServerSocketAlpnTest();
+        } catch (SSLHandshakeException she) {
+            if (args[2].equals("ERROR")) {
+                System.out.println("Caught the expected exception: " + she);
+            } else {
+                throw she;
+            }
+        }
+
+        System.out.println("Test Passed.");
+    }
+
+    SSLContext getSSLContext(String keyFilename, String trustFilename)
+            throws Exception {
+        SSLContext ctx = SSLContext.getInstance("TLS");
+
+        // Keystores
+        KeyStore keyKS = KeyStore.getInstance("JKS");
+        keyKS.load(new FileInputStream(keyFilename), passwd.toCharArray());
+
+        KeyStore trustKS = KeyStore.getInstance("JKS");
+        trustKS.load(new FileInputStream(trustFilename), passwd.toCharArray());
+
+        // Generate KeyManager and TrustManager
+        KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
+        kmf.init(keyKS, passwd.toCharArray());
+
+        KeyManager[] kms = kmf.getKeyManagers();
+        if (!(kms[0] instanceof X509ExtendedKeyManager)) {
+            throw new Exception("kms[0] not X509ExtendedKeyManager");
+        }
+
+        kms = new KeyManager[] { new MyX509ExtendedKeyManager(
+                (X509ExtendedKeyManager) kms[0], expectedAP) };
+
+        TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
+        tmf.init(trustKS);
+        TrustManager[] tms = tmf.getTrustManagers();
+
+        // initial SSLContext
+        ctx.init(kms, tms, null);
+
+        return ctx;
+    }
+
+    /*
+     * Convert a comma-separated list into an array of strings.
+     */
+    private static String[] convert(String list) {
+        String[] strings;
+
+        if (list.equals("EMPTY")) {
+            return new String[0];
+        }
+
+        if (list.indexOf(',') > 0) {
+            strings = list.split(",");
+        } else {
+            strings = new String[]{ list };
+        }
+
+        return strings;
+    }
+
+    Thread clientThread = null;
+    Thread serverThread = null;
+
+    /*
+     * Primary constructor, used to drive remainder of the test.
+     *
+     * Fork off the other side, then do your work.
+     */
+    SSLServerSocketAlpnTest() throws Exception {
+        Exception startException = null;
+        mySSLContext = getSSLContext(keyFilename, trustFilename);
+        try {
+            if (separateServerThread) {
+                startServer(true);
+                startClient(false);
+            } else {
+                startClient(true);
+                startServer(false);
+            }
+        } catch (Exception e) {
+            startException = e;
+        }
+
+        /*
+         * Wait for other side to close down.
+         */
+        if (separateServerThread) {
+            if (serverThread != null) {
+                serverThread.join();
+            }
+        } else {
+            if (clientThread != null) {
+                clientThread.join();
+            }
+        }
+
+        /*
+         * When we get here, the test is pretty much over.
+         * Which side threw the error?
+         */
+        Exception local;
+        Exception remote;
+
+        if (separateServerThread) {
+            remote = serverException;
+            local = clientException;
+        } else {
+            remote = clientException;
+            local = serverException;
+        }
+
+        Exception exception = null;
+
+        /*
+         * Check various exception conditions.
+         */
+        if ((local != null) && (remote != null)) {
+            // If both failed, return the curthread's exception.
+            local.initCause(remote);
+            exception = local;
+        } else if (local != null) {
+            exception = local;
+        } else if (remote != null) {
+            exception = remote;
+        } else if (startException != null) {
+            exception = startException;
+        }
+
+        /*
+         * If there was an exception *AND* a startException,
+         * output it.
+         */
+        if (exception != null) {
+            if (exception != startException && startException != null) {
+                exception.addSuppressed(startException);
+            }
+            throw exception;
+        }
+
+        // Fall-through: no exception to throw!
+    }
+
+    void startServer(boolean newThread) throws Exception {
+        if (newThread) {
+            serverThread = new Thread() {
+                @Override
+                public void run() {
+                    try {
+                        doServerSide();
+                    } catch (Exception e) {
+                        /*
+                         * Our server thread just died.
+                         *
+                         * Release the client, if not active already...
+                         */
+                        System.err.println("Server died...");
+                        serverReady = true;
+                        serverException = e;
+                    }
+                }
+            };
+            serverThread.start();
+        } else {
+            try {
+                doServerSide();
+            } catch (Exception e) {
+                serverException = e;
+            } finally {
+                serverReady = true;
+            }
+        }
+    }
+
+    void startClient(boolean newThread) throws Exception {
+        if (newThread) {
+            clientThread = new Thread() {
+                @Override
+                public void run() {
+                    try {
+                        doClientSide();
+                    } catch (Exception e) {
+                        /*
+                         * Our client thread just died.
+                         */
+                        System.err.println("Client died...");
+                        clientException = e;
+                    }
+                }
+            };
+            clientThread.start();
+        } else {
+            try {
+                doClientSide();
+            } catch (Exception e) {
+                clientException = e;
+            }
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/sun/net/www/http/ChunkedOutputStream/CheckError.java	Wed Jul 05 21:49:47 2017 +0200
@@ -0,0 +1,131 @@
+/*
+ * Copyright (c) 2004, 2016, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/**
+ * @test
+ * @bug 5054016
+ * @summary get the failure immediately when writing individual chunks over socket fail
+ */
+
+import java.io.BufferedReader;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.io.OutputStream;
+import java.net.HttpURLConnection;
+import java.net.ServerSocket;
+import java.net.Socket;
+import java.net.URL;
+import static java.lang.System.out;
+
+public class CheckError {
+
+    static int BUFFER_SIZE = 8192; // 8k
+    static int TOTAL_BYTES = 1 * 1024 * 1024; // 1M
+
+    public static void main(String[] args) throws Exception {
+
+        HTTPServer server = new HTTPServer();
+        server.start();
+        int port = server.getPort();
+        out.println("Server listening on " + port);
+
+
+        URL url = new URL("http://localhost:" + port);
+        HttpURLConnection conn = (HttpURLConnection)url.openConnection();
+        conn.setRequestMethod("POST");
+        conn.setDoOutput(true);
+        conn.setChunkedStreamingMode(1024);
+
+        out.println("sending " + TOTAL_BYTES + " bytes");
+
+        int byteAtOnce;
+        int sendingBytes = TOTAL_BYTES;
+        byte[] buffer = getBuffer(BUFFER_SIZE);
+        try (OutputStream toServer = conn.getOutputStream()) {
+            while (sendingBytes > 0) {
+                if (sendingBytes > BUFFER_SIZE) {
+                    byteAtOnce = BUFFER_SIZE;
+                } else {
+                    byteAtOnce = sendingBytes;
+                }
+                toServer.write(buffer, 0, byteAtOnce);
+                sendingBytes -= byteAtOnce;
+                out.print((TOTAL_BYTES - sendingBytes) + " was sent. ");
+                toServer.flush();
+                // gives the server thread time to read, and eventually close;
+                Thread.sleep(500);
+            }
+        } catch (IOException expected) {
+            // Expected IOException due to server.close()
+            out.println("PASSED. Caught expected: " + expected);
+            return;
+        }
+
+        // Expected IOException not received. FAIL
+        throw new RuntimeException("Failed: Expected IOException not received");
+    }
+
+    static byte[] getBuffer(int size) {
+        byte[] buffer = new byte[size];
+        for (int i = 0; i < size; i++)
+            buffer[i] = (byte)i;
+        return buffer;
+    }
+
+    static class HTTPServer extends Thread {
+
+        final ServerSocket serverSocket;
+
+        HTTPServer() throws IOException {
+            serverSocket = new ServerSocket(0);
+        }
+
+        int getPort() {
+            return serverSocket.getLocalPort();
+        }
+
+        public void run() {
+            try (Socket client = serverSocket.accept()) {
+
+                InputStream in = client.getInputStream();
+                BufferedReader reader = new BufferedReader(new InputStreamReader(in));
+                String line;
+                do {
+                    line = reader.readLine();
+                    out.println("Server: " + line);
+                } while (line != null && line.length() > 0);
+
+                System.out.println("Server: receiving some data");
+                // just read some data, then close the connection
+                in.read(new byte[1024]);
+
+                in.close();
+                client.close();
+                out.println("Server closed socket");
+            } catch (IOException e) {
+                e.printStackTrace();
+            }
+        }
+    }
+}
--- a/jdk/test/sun/net/www/http/ChunkedOutputStream/checkError.java	Thu Jun 09 17:28:37 2016 +0000
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,252 +0,0 @@
-/*
- * Copyright (c) 2004, 2016, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-/**
- * @test
- * @bug 5054016
- * @key intermittent
- * @run main/othervm/timeout=300 checkError
- * @summary get the failure immediately when writing individual chunks over socket fail
- */
-
-import java.io.*;
-import java.net.*;
-import java.util.StringTokenizer;
-
-
-public class checkError {
-    static final int TEST_PASSED = 95;
-    static final int TEST_FAILED = 97;
-
-    static int testStatus = TEST_PASSED;
-
-    static String serverName = "localhost";
-    static int bufferSize = 8192; // 8k
-    static int totalBytes = 1048576; // 1M
-
-    static int j = 0;
-
-    static public Object threadStarting = new Object();
-    static public Object threadWaiting = new Object();
-
-
-    public static void main(String[] args) throws Exception {
-        HttpURLConnection conn = null;
-        OutputStream toServer = null;
-        byte[] buffer = null;
-        HTTPServer server = null;
-        synchronized(threadWaiting) {
-            System.out.println("HTTP-client>Starting default Http-server");
-            synchronized(threadStarting) {
-                server = new HTTPServer();
-                server.start();
-                try {
-                    System.out.println("waiting server to be start");
-                    threadStarting.wait();
-                } catch (InterruptedException e) {
-                }
-            }
-            int port = server.getPort();
-            URL url = new URL("http://" + serverName + ":" + port);
-            conn = (HttpURLConnection )url.openConnection();
-            conn.setRequestMethod("POST");
-            conn.setDoOutput(true);
-
-            System.out.println("assigning 1024 to the chunk length");
-            conn.setChunkedStreamingMode(1024);
-            conn.connect();
-
-            toServer = conn.getOutputStream();
-            buffer = getThickBuffer(bufferSize);
-            System.out.println("sending " + totalBytes + " bytes");
-        }
-
-        int byteAtOnce = 0;
-        int sendingBytes = totalBytes;
-        try {
-            while (sendingBytes > 0) {
-                if (sendingBytes > bufferSize) {
-                    byteAtOnce = bufferSize;
-                } else {
-                    byteAtOnce = sendingBytes;
-                }
-                toServer.write(buffer, 0, byteAtOnce);
-                sendingBytes -= byteAtOnce;
-                // System.out.println((totalBytes - sendingBytes) + " was sent");
-                toServer.flush();
-            }
-        } catch (OutOfMemoryError e) {
-            e.printStackTrace();
-            System.out.println("***ERR***> UNEXPECTED error: " + e);
-            testStatus = TEST_FAILED;
-            testExit();
-        } catch (IOException e) {
-            // e.printStackTrace();
-            // this is the expected IOException
-            // due to server.close()
-            testStatus = TEST_PASSED;
-            testExit();
-        } finally {
-            toServer.close();
-        }
-
-        // we have not received the expected IOException
-        // test fail
-        testStatus = TEST_FAILED;
-        testExit();
-
-    }