changeset 7591:b69efbb8bf7f

Merge
author asaha
date Wed, 18 Jun 2014 14:07:55 -0700
parents 0139f3cc1a4a da1d67ddba4a
children 6dd0ecea8938
files src/macosx/classes/sun/lwawt/LWWindowPeer.java src/macosx/classes/sun/lwawt/macosx/CMouseInfoPeer.java src/share/classes/com/sun/jmx/remote/util/CacheMap.java test/javax/management/remote/mandatory/util/CacheMapTest.java test/lib/testlibrary/jdk/testlibrary/JdkFinder.java
diffstat 155 files changed, 7467 insertions(+), 1826 deletions(-) [+]
line wrap: on
line diff
--- a/.hgtags	Fri May 30 18:54:16 2014 +0100
+++ b/.hgtags	Wed Jun 18 14:07:55 2014 -0700
@@ -391,6 +391,7 @@
 2ca3e1fa4455ad564228ad6e654498167af2f20d jdk7u55-b02
 c12b3c81366cb067ff4444952209d54bfa387353 jdk7u55-b03
 476d1bddaa32bf440953c3b1814ba38f16886c03 jdk7u55-b04
+7fa6d3ba2cc77cd1e6f24e33f0c39788cb2893b8 jdk7u65-b00
 7fa6d3ba2cc77cd1e6f24e33f0c39788cb2893b8 jdk7u55-b05
 795654fce29c38d4c8504f760d8d8a36248d38ed jdk7u55-b06
 4b2ed892b195e95f7541aaa3b129a2caa5faae1d jdk7u55-b07
@@ -404,6 +405,11 @@
 4a5651c84b1e6cf26dc9b19f00747e5004efba68 jdk7u55-b30
 ffd99c5975217a14609851602c5f5dc005234aba jdk7u55-b14
 88f1bf248cc520e0bf7ef17bc862f87aab958373 jdk7u55-b31
+b83f5194edf23b752fe2c0a9be361455f87196df jdk7u55-b32
+01a4cd03a6c85abb62eb5d1c2b5bf7d2f544c04e jdk7u55-b33
+3f54f8a387c1a908c07106b685183b19a5fc1064 jdk7u55-b34
+2cdc52ec4813abe38b4e52ae9c9f0ff5dcc87faa jdk7u55-b35
+6845d311ff990d422f9376d37e3e82d5d06bff3f jdk7u55-b36
 db5a29c812ee25c34ce9cd97de6e0dae284a4e34 jdk7u60-b00
 def34c4a798678c424786a8f0d0508e90185958d jdk7u60-b01
 ff67c89658525e8903fb870861ed3645befd6bc5 jdk7u60-b02
@@ -421,7 +427,39 @@
 b7fbd9b4febf8961091fdf451d3da477602a8f1d jdk7u60-b14
 04882f9a073e8de153ec7ad32486569fd9a087ec jdk7u60-b15
 41547583c3a035c3924ffedfa8704e58d69e5c50 jdk7u60-b16
+e484202d9a4104840d758a21b2bba1250e766343 jdk7u60-b17
 e484202d9a4104840d758a21b2bba1250e766343 jdk7u60-b18
-e484202d9a4104840d758a21b2bba1250e766343 jdk7u60-b17
+c220d329a78161f79df73048ed55db91f538e3b7 jdk7u65-b01
 7190843ddaf4f3ad158c3071be0f4ca42a5802dc jdk7u60-b19
 8dc56d0f3e860658619eaa57d10fb1a4182d71cd jdk7u60-b30
+feac9624a1e1ffebe09a19ae351d88e3ef98c441 jdk7u60-b31
+fb40615ef352e03ee94c0682a6ca0a0e6a33a70b jdk7u60-b32
+9cfcdeeecfac66004cb5bbb2c5bba5c57e170539 jdk7u60-b33
+a42a3bb22f6991d8f6a30e4f1782ad620c40eb65 jdk7u65-b02
+756071871d61e1ca410c63a3f1c4dabcc51a90df jdk7u65-b03
+bac16c82c14a35d1e9d3c4d0bd317dbbb296f34e jdk7u65-b04
+14b3f82c245fb8d0eeb21dc99ff0b4985571910c jdk7u65-b05
+7d8e5d90789533b5cc22eeb15c19ce1bb8a20573 jdk7u65-b06
+cde691a6989fa875107a3974aa92681d286be6ec jdk7u65-b07
+d5353f8e1e02e12a1262d65ed85183425b0cdf13 jdk7u65-b08
+45913a29c1edd3e63c9c818ffab7aebd4d75fa40 jdk7u65-b09
+3bb943c6ff7dd614cb428501db8c2c655e5f5223 jdk7u65-b10
+b84e98280630be44a87f4336009f61350f3c7dc0 jdk7u65-b11
+61d15f512305655a51c04811006850e4955936bd jdk7u65-b12
+69698344d0a1771ed9162ecad2065829ca1f8994 jdk7u65-b13
+2e6105ddad44866c4cdc1ba06620b48685e34111 jdk7u65-b14
+8cff6ce00a91820b4cb7ef24ed42063c2305127d jdk7u65-b15
+190017413768f02addea8b2c5106157e3c4076c7 jdk7u65-b16
+23e78e36bc39f4f761ac2b0e055c562c3ff204f5 jdk7u65-b17
+9ccfe70cee626ac7831cfa7b7a7eb7a88fe1cd42 jdk7u66-b00
+fc87b55d62fc1e81aaf61ff21175129b8ccc302e jdk7u66-b01
+c67e394e49429565540f04c5c2a5544f750658bb jdk7u66-b09
+257fd79cdef52511db18e1bab8967d94a03920bc jdk7u66-b10
+6f38c929df1b9d6df7760b2eb9bf3e4681a27c56 jdk7u66-b11
+d4f0008cdf6d3ec8e8e210c03e55aaa751647e8d jdk7u66-b12
+24b7c3d0942766af3415dd6125b9b8da059dbccc jdk7u66-b13
+74d01c3385b915490255cd7467a3740aa3dce310 jdk7u66-b14
+07fc91c550da6ba689e3abc9e688edcb73f9c95c jdk7u66-b15
+d4814cafa25f5b076be9e99be2a8c0d98929476d jdk7u66-b16
+69adfb3ccee5373438a6c394646c2c5ab93c89ee jdk7u66-b17
+ee0cedc50d3250edf24e96aecc785580dd61944f jdk7u71-b00
--- a/make/java/net/FILES_c.gmk	Fri May 30 18:54:16 2014 +0100
+++ b/make/java/net/FILES_c.gmk	Wed Jun 18 14:07:55 2014 -0700
@@ -24,6 +24,7 @@
 #
 
 FILES_c = \
+        AbstractPlainDatagramSocketImpl.c \
         DatagramPacket.c \
         InetAddress.c \
         Inet4Address.c \
--- a/make/java/net/mapfile-vers	Fri May 30 18:54:16 2014 +0100
+++ b/make/java/net/mapfile-vers	Wed Jun 18 14:07:55 2014 -0700
@@ -28,6 +28,8 @@
 SUNWprivate_1.1 {
         global:
                 JNI_OnLoad;
+                Java_java_net_AbstractPlainDatagramSocketImpl_init;
+                Java_java_net_AbstractPlainDatagramSocketImpl_dataAvailable;
                 Java_java_net_PlainSocketImpl_socketListen;
                 Java_java_net_PlainDatagramSocketImpl_getTTL;
                 Java_java_net_PlainDatagramSocketImpl_init;
--- a/make/java/util/FILES_properties.gmk	Fri May 30 18:54:16 2014 +0100
+++ b/make/java/util/FILES_properties.gmk	Wed Jun 18 14:07:55 2014 -0700
@@ -107,6 +107,7 @@
         sun/util/resources/CalendarData_pl.properties \
         sun/util/resources/CalendarData_pt.properties \
         sun/util/resources/CalendarData_pt_PT.properties \
+        sun/util/resources/CalendarData_pt_BR.properties \
         sun/util/resources/CalendarData_ro.properties \
         sun/util/resources/CalendarData_ru.properties \
         sun/util/resources/CalendarData_sk.properties \
--- a/make/sun/javazic/tzdata/VERSION	Fri May 30 18:54:16 2014 +0100
+++ b/make/sun/javazic/tzdata/VERSION	Wed Jun 18 14:07:55 2014 -0700
@@ -21,4 +21,4 @@
 # or visit www.oracle.com if you need additional information or have any
 # questions.
 #
-tzdata2014b
+tzdata2014c
--- a/make/sun/javazic/tzdata/africa	Fri May 30 18:54:16 2014 +0100
+++ b/make/sun/javazic/tzdata/africa	Wed Jun 18 14:07:55 2014 -0700
@@ -358,11 +358,54 @@
 # http://www.worldtimezone.com/dst_news/dst_news_egypt02.html
 # </a>
 
+# From Ahmad El-Dardiry (2014-05-07):
+# Egypt is to change back to Daylight system on May 15
+# http://english.ahram.org.eg/NewsContent/1/64/100735/Egypt/Politics-/Egypts-government-to-reapply-daylight-saving-time-.aspx
+
+# From Gunther Vermier (2015-05-13):
+# our Egypt office confirms that the change will be at 15 May "midnight" (24:00)
+
+# From Paul Eggert (2014-05-13):
+# Sarah El Deeb and Lee Keath of AP report that the Egyptian government says
+# the change is because of blackouts in Cairo, even though Ahram Online (cited
+# above) says DST had no affect on electricity consumption.  The AP story says
+# DST will not be observed during Ramadan.  There is no information about when
+# DST will end.  See:
+# http://abcnews.go.com/International/wireStory/el-sissi-pushes-egyptians-line-23614833
+#
+# For now, guess that later transitions will use 2010's rules, and that
+# Egypt will agree with Morocco (see below) about the date Ramadan starts and
+# ends, though (unlike Morocco) it will switch at 00:00 standard time.  In
+# Egypt the spring-forward transitions are removed for 2020-2022, when the
+# guessed spring-forward date falls during the estimated Ramadan, and all
+# transitions removed for 2023-2038, where the estimated Ramadan falls entirely
+# outside the guessed daylight-saving time.  Ramadan intrudes on the guessed
+# DST starting in 2039, but that's beyond our somewhat-arbitrary cutoff.
+
 Rule	Egypt	2008	only	-	Aug	lastThu	23:00s	0	-
 Rule	Egypt	2009	only	-	Aug	20	23:00s	0	-
 Rule	Egypt	2010	only	-	Aug	11	0:00	0	-
 Rule	Egypt	2010	only	-	Sep	10	0:00	1:00	S
 Rule	Egypt	2010	only	-	Sep	lastThu	23:00s	0	-
+Rule	Egypt	2014	only	-	May	15	24:00	1:00	S
+Rule	Egypt	2014	only	-	Jun	29	 0:00s	0	-
+Rule	Egypt	2014	only	-	Jul	29	 0:00s	1:00	S
+Rule	Egypt	2014	max	-	Sep	lastThu	23:00s	0	-
+Rule	Egypt	2015	2019	-	Apr	lastFri	 0:00s	1:00	S
+Rule	Egypt	2015	only	-	Jun	18	 0:00s	0	-
+Rule	Egypt	2015	only	-	Jul	18	 0:00s	1:00	S
+Rule	Egypt	2016	only	-	Jun	 7	 0:00s	0	-
+Rule	Egypt	2016	only	-	Jul	 7	 0:00s	1:00	S
+Rule	Egypt	2017	only	-	May	27	 0:00s	0	-
+Rule	Egypt	2017	only	-	Jun	26	 0:00s	1:00	S
+Rule	Egypt	2018	only	-	May	16	 0:00s	0	-
+Rule	Egypt	2018	only	-	Jun	15	 0:00s	1:00	S
+Rule	Egypt	2019	only	-	May	 6	 0:00s	0	-
+Rule	Egypt	2019	only	-	Jun	 5	 0:00s	1:00	S
+Rule	Egypt	2020	only	-	May	24	 0:00s	1:00	S
+Rule	Egypt	2021	only	-	May	13	 0:00s	1:00	S
+Rule	Egypt	2022	only	-	May	 3	 0:00s	1:00	S
+Rule	Egypt	2023	max	-	Apr	lastFri	 0:00s	1:00	S
 
 # Zone	NAME		GMTOFF	RULES	FORMAT	[UNTIL]
 Zone	Africa/Cairo	2:05:09 -	LMT	1900 Oct
--- a/make/sun/javazic/tzdata/asia	Fri May 30 18:54:16 2014 +0100
+++ b/make/sun/javazic/tzdata/asia	Wed Jun 18 14:07:55 2014 -0700
@@ -1370,22 +1370,6 @@
 # "Jordan will switch to winter time on Friday, October 27".
 #
 
-# From Phil Pizzey (2009-04-02):
-# ...I think I may have spotted an error in the timezone data for
-# Jordan.
-# The current (2009d) asia file shows Jordan going to daylight
-# saving
-# time on the last Thursday in March.
-#
-# Rule  Jordan      2000  max	-  Mar   lastThu     0:00s 1:00  S
-#
-# However timeanddate.com, which I usually find reliable, shows Jordan
-# going to daylight saving time on the last Friday in March since 2002.
-# Please see
-# <a href="http://www.timeanddate.com/worldclock/timezone.html?n=11">
-# http://www.timeanddate.com/worldclock/timezone.html?n=11
-# </a>
-
 # From Steffen Thorsen (2009-04-02):
 # This single one might be good enough, (2009-03-24, Arabic):
 # <a href="http://petra.gov.jo/Artical.aspx?Lng=2&Section=8&Artical=95279">
--- a/make/sun/javazic/tzdata/europe	Fri May 30 18:54:16 2014 +0100
+++ b/make/sun/javazic/tzdata/europe	Wed Jun 18 14:07:55 2014 -0700
@@ -2989,6 +2989,10 @@
 # From Alexander Krivenyshev (2014-03-17):
 # time change at 2:00 (2am) on March 30, 2014
 # http://vz.ru/news/2014/3/17/677464.html
+# From Paul Eggert (2014-03-30):
+# Simferopol and Sevastopol reportedly changed their central town clocks
+# late the previous day, but this appears to have been ceremonial
+# and the discrepancies are small enough to not worry about.
 			2:00	EU	EE%sT	2014 Mar 30 2:00
 			4:00	-	MSK
 
--- a/make/sun/lwawt/FILES_export_macosx.gmk	Fri May 30 18:54:16 2014 +0100
+++ b/make/sun/lwawt/FILES_export_macosx.gmk	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2011, 2014, Oracle and/or its affiliates. All rights reserved.
 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 #
 # This code is free software; you can redistribute it and/or modify it
@@ -141,7 +141,6 @@
         sun/lwawt/macosx/CMenuBar.java \
         sun/lwawt/macosx/CMenuComponent.java \
         sun/lwawt/macosx/CMenuItem.java \
-        sun/lwawt/macosx/CMouseInfoPeer.java \
         sun/lwawt/macosx/CPlatformView.java \
         sun/lwawt/macosx/CPlatformWindow.java \
         sun/lwawt/macosx/CPlatformComponent.java \
--- a/make/sun/security/ec/mapfile-vers	Fri May 30 18:54:16 2014 +0100
+++ b/make/sun/security/ec/mapfile-vers	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2009, 2014, Oracle and/or its affiliates. All rights reserved.
 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 #
 # This code is free software; you can redistribute it and/or modify it
@@ -28,7 +28,6 @@
 SUNWprivate_1.1 {
         global:
                 Java_sun_security_ec_ECKeyPairGenerator_generateECKeyPair;
-                Java_sun_security_ec_ECKeyPairGenerator_getEncodedBytes;
 		Java_sun_security_ec_ECDSASignature_signDigest;
 		Java_sun_security_ec_ECDSASignature_verifySignedDigest;
 		Java_sun_security_ec_ECDHKeyAgreement_deriveKey;
--- a/src/macosx/classes/sun/lwawt/LWWindowPeer.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/macosx/classes/sun/lwawt/LWWindowPeer.java	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2011, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2011, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -89,10 +89,15 @@
 
     private volatile int windowState = Frame.NORMAL;
 
+    // check that the mouse is over the window
+    private volatile boolean isMouseOver = false;
+    // A peer where the last mouse event came to. Used by cursor manager to
+    // find the component under cursor
+    private static volatile LWComponentPeer lastCommonMouseEventPeer = null;
+
     // A peer where the last mouse event came to. Used to generate
-    // MOUSE_ENTERED/EXITED notifications and by cursor manager to
-    // find the component under cursor
-    private static volatile LWComponentPeer lastMouseEventPeer = null;
+    // MOUSE_ENTERED/EXITED notifications
+    private volatile LWComponentPeer lastMouseEventPeer;
 
     // Peers where all dragged/released events should come to,
     // depending on what mouse button is being dragged according to Cocoa
@@ -773,59 +778,62 @@
         Rectangle r = getBounds();
         // findPeerAt() expects parent coordinates
         LWComponentPeer targetPeer = findPeerAt(r.x + x, r.y + y);
-        LWWindowPeer lastWindowPeer =
-            (lastMouseEventPeer != null) ? lastMouseEventPeer.getWindowPeerOrSelf() : null;
-        LWWindowPeer curWindowPeer =
-            (targetPeer != null) ? targetPeer.getWindowPeerOrSelf() : null;
 
         if (id == MouseEvent.MOUSE_EXITED) {
-            // Sometimes we may get MOUSE_EXITED after lastMouseEventPeer is switched
-            // to a peer from another window. So we must first check if this peer is
-            // the same as lastWindowPeer
-            if (lastWindowPeer == this) {
-                if (isEnabled()) {
+            isMouseOver = false;
+            if (lastMouseEventPeer != null) {
+                if (lastMouseEventPeer.isEnabled()) {
                     Point lp = lastMouseEventPeer.windowToLocal(x, y,
-                                                                lastWindowPeer);
+                            this);
                     Component target = lastMouseEventPeer.getTarget();
                     postMouseEnteredExitedEvent(target, MouseEvent.MOUSE_EXITED,
                             when, modifiers, lp,
                             screenX, screenY, clickCount, popupTrigger, button);
                 }
+
+                // Sometimes we may get MOUSE_EXITED after lastCommonMouseEventPeer is switched
+                // to a peer from another window. So we must first check if this peer is
+                // the same as lastWindowPeer
+                if (lastCommonMouseEventPeer != null && lastCommonMouseEventPeer.getWindowPeerOrSelf() == this) {
+                    lastCommonMouseEventPeer = null;
+                }
                 lastMouseEventPeer = null;
             }
-        } else {
-            if (targetPeer != lastMouseEventPeer) {
-                // lastMouseEventPeer may be null if mouse was out of Java windows
-                if (lastMouseEventPeer != null && lastMouseEventPeer.isEnabled()) {
-                    // Sometimes, MOUSE_EXITED is not sent by delegate (or is sent a bit
-                    // later), in which case lastWindowPeer is another window
-                    if (lastWindowPeer != this) {
-                        Point oldp = lastMouseEventPeer.windowToLocal(x, y, lastWindowPeer);
-                        // Additionally translate from this to lastWindowPeer coordinates
-                        Rectangle lr = lastWindowPeer.getBounds();
-                        oldp.x += r.x - lr.x;
-                        oldp.y += r.y - lr.y;
-                        Component target = lastMouseEventPeer.getTarget();
-                        postMouseEnteredExitedEvent(target, MouseEvent.MOUSE_EXITED,
-                                when, modifiers, oldp,
-                                screenX, screenY, clickCount, popupTrigger, button);
-                    } else {
-                        Point oldp = lastMouseEventPeer.windowToLocal(x, y, this);
-                        Component target = lastMouseEventPeer.getTarget();
-                        postMouseEnteredExitedEvent(target, MouseEvent.MOUSE_EXITED,
-                                when, modifiers, oldp,
-                                screenX, screenY, clickCount, popupTrigger, button);
-                    }
-                }
-                lastMouseEventPeer = targetPeer;
-                if (targetPeer != null && targetPeer.isEnabled() && id != MouseEvent.MOUSE_ENTERED) {
-                    Point newp = targetPeer.windowToLocal(x, y, curWindowPeer);
+        } else if (id == MouseEvent.MOUSE_ENTERED) {
+            isMouseOver = true;
+            if (targetPeer != null) {
+                if (targetPeer.isEnabled()) {
+                    Point lp = targetPeer.windowToLocal(x, y, this);
                     Component target = targetPeer.getTarget();
-                    postMouseEnteredExitedEvent(target, MouseEvent.MOUSE_ENTERED,
-                            when, modifiers, newp,
+                    postMouseEnteredExitedEvent(target, MouseEvent.MOUSE_ENTERED, when, modifiers, lp,
                             screenX, screenY, clickCount, popupTrigger, button);
                 }
+                lastCommonMouseEventPeer = targetPeer;
+                lastMouseEventPeer = targetPeer;
             }
+        } else {
+            PlatformWindow topmostPlatformWindow =
+                    platformWindow.getTopmostPlatformWindowUnderMouse();
+
+            LWWindowPeer topmostWindowPeer =
+                    topmostPlatformWindow != null ? topmostPlatformWindow.getPeer() : null;
+
+            // topmostWindowPeer == null condition is added for the backword
+            // compatibility with applets. It can be removed when the
+            // getTopmostPlatformWindowUnderMouse() method will be properly
+            // implemented i CPlatformEmbeddedFrame class
+            if (topmostWindowPeer == this || topmostWindowPeer == null) {
+                generateMouseEnterExitEventsForComponents(when, button, x, y,
+                        screenX, screenY, modifiers, clickCount, popupTrigger,
+                        targetPeer);
+            } else {
+                LWComponentPeer topmostTargetPeer =
+                        topmostWindowPeer != null ? topmostWindowPeer.findPeerAt(r.x + x, r.y + y) : null;
+                topmostWindowPeer.generateMouseEnterExitEventsForComponents(when, button, x, y,
+                        screenX, screenY, modifiers, clickCount, popupTrigger,
+                        topmostTargetPeer);
+            }
+
             // TODO: fill "bdata" member of AWTEvent
 
             int eventButtonMask = (button > 0)? MouseEvent.getMaskForButton(button) : 0;
@@ -875,19 +883,13 @@
                 // mouseClickButtons is updated below, after MOUSE_CLICK is sent
             }
 
-            // check if we receive mouseEvent from outside the window's bounds
-            // it can be either mouseDragged or mouseReleased
-            if (curWindowPeer == null) {
-                //TODO This can happen if this window is invisible. this is correct behavior in this case?
-                curWindowPeer = this;
-            }
             if (targetPeer == null) {
                 //TODO This can happen if this window is invisible. this is correct behavior in this case?
                 targetPeer = this;
             }
 
 
-            Point lp = targetPeer.windowToLocal(x, y, curWindowPeer);
+            Point lp = targetPeer.windowToLocal(x, y, this);
             if (targetPeer.isEnabled()) {
                 if (id == MouseEvent.MOUSE_ENTERED || id == MouseEvent.MOUSE_EXITED) {
                     postMouseEnteredExitedEvent(targetPeer.getTarget(), id,
@@ -918,6 +920,33 @@
         notifyUpdateCursor();
     }
 
+    private void generateMouseEnterExitEventsForComponents(long when,
+            int button, int x, int y, int screenX, int screenY,
+            int modifiers, int clickCount, boolean popupTriger,
+            LWComponentPeer targetPeer) {
+        if (!isMouseOver || targetPeer == lastMouseEventPeer) {
+            return;
+        }
+
+        // Generate Mouse Exit for components
+        if (lastMouseEventPeer != null && lastMouseEventPeer.isEnabled()) {
+            Point oldp = lastMouseEventPeer.windowToLocal(x, y, this);
+            Component target = lastMouseEventPeer.getTarget();
+            postMouseEnteredExitedEvent(target, MouseEvent.MOUSE_EXITED, when, modifiers,
+                    oldp, screenX, screenY, clickCount, popupTriger, button);
+        }
+        lastCommonMouseEventPeer = targetPeer;
+        lastMouseEventPeer = targetPeer;
+
+        // Genrate Mouse Enter for Componetns
+        if (targetPeer != null && targetPeer.isEnabled()) {
+            Point newp = targetPeer.windowToLocal(x, y, this);
+            Component target = targetPeer.getTarget();
+            postMouseEnteredExitedEvent(target, MouseEvent.MOUSE_ENTERED, when, modifiers,
+                    newp, screenX, screenY, clickCount, popupTriger, button);
+        }
+    }
+
     private void postMouseEnteredExitedEvent(
             Component target, int id, long when, int modifiers,
             Point loc, int xAbs, int yAbs,
@@ -1198,11 +1227,11 @@
     }
 
     public static LWWindowPeer getWindowUnderCursor() {
-        return lastMouseEventPeer != null ? lastMouseEventPeer.getWindowPeerOrSelf() : null;
+        return lastCommonMouseEventPeer != null ? lastCommonMouseEventPeer.getWindowPeerOrSelf() : null;
     }
 
     public static LWComponentPeer<?, ?> getPeerUnderCursor() {
-        return lastMouseEventPeer;
+        return lastCommonMouseEventPeer;
     }
 
     /*
--- a/src/macosx/classes/sun/lwawt/PlatformWindow.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/macosx/classes/sun/lwawt/PlatformWindow.java	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2011, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2011, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -118,6 +118,8 @@
 
     public void setAlwaysOnTop(boolean value);
 
+    public PlatformWindow getTopmostPlatformWindowUnderMouse();
+
     public void updateFocusableWindowState();
 
     public boolean rejectFocusRequest(CausedFocusEvent.Cause cause);
--- a/src/macosx/classes/sun/lwawt/macosx/CMouseInfoPeer.java	Fri May 30 18:54:16 2014 +0100
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,45 +0,0 @@
-/*
- * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-package sun.lwawt.macosx;
-
-import java.awt.Window;
-import sun.lwawt.LWMouseInfoPeer;
-import sun.lwawt.LWWindowPeer;
-
-public class CMouseInfoPeer extends LWMouseInfoPeer
-{
-    //If a new window is to appear under the cursor,
-    //we get wrong window.
-    //This is a workaround for macosx.
-    @Override
-    public boolean isWindowUnderMouse(Window w) {
-        if (w == null) {
-            return false;
-        }
-
-        return ((LWWindowPeer)w.getPeer()).getPlatformWindow().isUnderMouse();
-    }
-}
--- a/src/macosx/classes/sun/lwawt/macosx/CPlatformEmbeddedFrame.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/macosx/classes/sun/lwawt/macosx/CPlatformEmbeddedFrame.java	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2011, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2011, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -151,6 +151,11 @@
     @Override
     public void setAlwaysOnTop(boolean value) {}
 
+    // This method should be properly implemented for applets.
+    // It returns null just as a stub.
+    @Override
+    public PlatformWindow getTopmostPlatformWindowUnderMouse() { return null; }
+
     @Override
     public void updateFocusableWindowState() {}
 
--- a/src/macosx/classes/sun/lwawt/macosx/CPlatformWindow.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/macosx/classes/sun/lwawt/macosx/CPlatformWindow.java	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2011, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2011, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -61,8 +61,9 @@
     private static native void nativeSetNSWindowMinimizedIcon(long nsWindowPtr, long nsImage);
     private static native void nativeSetNSWindowRepresentedFilename(long nsWindowPtr, String representedFilename);
     private static native void nativeSetEnabled(long nsWindowPtr, boolean isEnabled);
-    private static native void nativeSynthesizeMouseEnteredExitedEvents(long nsWindowPtr);
+    private static native void nativeSynthesizeMouseEnteredExitedEvents();
     private static native void nativeDispose(long nsWindowPtr);
+    private static native CPlatformWindow nativeGetTopmostPlatformWindowUnderMouse();
 
     // Loger to report issues happened during execution but that do not affect functionality
     private static final PlatformLogger logger = PlatformLogger.getLogger("sun.lwawt.macosx.CPlatformWindow");
@@ -579,7 +580,12 @@
         if (visible) {
             // Apply the extended state as expected in shared code
             if (target instanceof Frame) {
-                switch (((Frame)target).getExtendedState()) {
+                int frameState = ((Frame)target).getExtendedState();
+                if ((frameState & Frame.ICONIFIED) != 0) {
+                    // Treat all state bit masks with ICONIFIED bit as ICONIFIED state.
+                    frameState = Frame.ICONIFIED;
+                }
+                switch (frameState) {
                     case Frame.ICONIFIED:
                         CWrapper.NSWindow.miniaturize(nsWindowPtr);
                         break;
@@ -593,7 +599,7 @@
             }
         }
 
-        nativeSynthesizeMouseEnteredExitedEvents(nsWindowPtr);
+        nativeSynthesizeMouseEnteredExitedEvents();
 
         // Configure stuff #2
         updateFocusabilityForAutoRequestFocus(true);
@@ -738,6 +744,9 @@
         setStyleBits(ALWAYS_ON_TOP, isAlwaysOnTop);
     }
 
+    public PlatformWindow getTopmostPlatformWindowUnderMouse() {
+        return CPlatformWindow.nativeGetTopmostPlatformWindowUnderMouse();
+    }
     @Override
     public void setOpacity(float opacity) {
         CWrapper.NSWindow.setAlphaValue(getNSWindowPtr(), opacity);
@@ -802,6 +811,10 @@
         if (prevWindowState == windowState) return;
 
         final long nsWindowPtr = getNSWindowPtr();
+        if ((windowState & Frame.ICONIFIED) != 0) {
+            // Treat all state bit masks with ICONIFIED bit as ICONIFIED state.
+            windowState = Frame.ICONIFIED;
+        }
         switch (windowState) {
             case Frame.ICONIFIED:
                 if (prevWindowState == Frame.MAXIMIZED_BOTH) {
@@ -830,7 +843,7 @@
                 throw new RuntimeException("Unknown window state: " + windowState);
         }
 
-        nativeSynthesizeMouseEnteredExitedEvents(nsWindowPtr);
+        nativeSynthesizeMouseEnteredExitedEvents();
 
         // NOTE: the SWP.windowState field gets updated to the newWindowState
         //       value when the native notification comes to us
--- a/src/macosx/classes/sun/lwawt/macosx/CViewPlatformEmbeddedFrame.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/macosx/classes/sun/lwawt/macosx/CViewPlatformEmbeddedFrame.java	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -148,6 +148,11 @@
     }
 
     @Override
+    public PlatformWindow getTopmostPlatformWindowUnderMouse() {
+        return null;
+    }
+
+    @Override
     public void updateFocusableWindowState() {
     }
 
--- a/src/macosx/classes/sun/lwawt/macosx/LWCToolkit.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/macosx/classes/sun/lwawt/macosx/LWCToolkit.java	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -300,11 +300,6 @@
     }
 
     @Override
-    protected MouseInfoPeer createMouseInfoPeerImpl() {
-        return new CMouseInfoPeer();
-    }
-
-    @Override
     protected int getScreenHeight() {
         return GraphicsEnvironment.getLocalGraphicsEnvironment()
                 .getDefaultScreenDevice().getDefaultConfiguration().getBounds().height;
--- a/src/macosx/native/sun/awt/AWTView.h	Fri May 30 18:54:16 2014 +0100
+++ b/src/macosx/native/sun/awt/AWTView.h	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2011, 2014 Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -33,8 +33,8 @@
 @private
     jobject m_cPlatformView;
 
-    // Handler for the tracking rect needed for Enter/Exit events management.
-    NSTrackingRectTag rolloverTrackingRectTag;
+    // Handler for the tracking area needed for Enter/Exit events management.
+    NSTrackingArea* rolloverTrackingArea;
 
     // TODO: NSMenu *contextualMenu;
 
@@ -61,7 +61,7 @@
 
 - (id) initWithRect:(NSRect) rect platformView:(jobject)cPlatformView windowLayer:(CALayer*)windowLayer;
 - (void) deliverJavaMouseEvent: (NSEvent *) event;
-- (void) resetTrackingRect;
+- (void) resetTrackingArea;
 - (void) deliverJavaKeyEventHelper: (NSEvent *) event;
 - (jobject) awtComponent:(JNIEnv *)env;
 
--- a/src/macosx/native/sun/awt/AWTView.m	Fri May 30 18:54:16 2014 +0100
+++ b/src/macosx/native/sun/awt/AWTView.m	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2011, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2011, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -82,6 +82,7 @@
     fPAHNeedsToSelect = NO;
 
     mouseIsOver = NO;
+    [self resetTrackingArea];
 
     if (windowLayer != nil) {
         self.cglLayer = windowLayer;
@@ -149,7 +150,7 @@
         [[self window] makeFirstResponder: self];
     }];
     if ([self window] != NULL) {
-        [self resetTrackingRect];
+        [self resetTrackingArea];
     }
 }
 
@@ -380,30 +381,31 @@
     JNFCallVoidMethod(env, m_cPlatformView, jm_deliverMouseEvent, jEvent);
 }
 
+- (void) resetTrackingArea {
+    if (rolloverTrackingArea != nil) {
+        [self removeTrackingArea:rolloverTrackingArea];
+        [rolloverTrackingArea release];
+    }
 
-- (void) clearTrackingRect {
-    if (rolloverTrackingRectTag > 0) {
-        [self removeTrackingRect:rolloverTrackingRectTag];
-        rolloverTrackingRectTag = 0;
-    }
-}
+    int options = (NSTrackingActiveAlways | NSTrackingMouseEnteredAndExited |
+                   NSTrackingMouseMoved | NSTrackingEnabledDuringMouseDrag);
 
-- (void) resetTrackingRect {
-    [self clearTrackingRect];
-    rolloverTrackingRectTag = [self addTrackingRect:[self visibleRect]
-                                              owner:self
-                                           userData:NULL
-                                       assumeInside:NO];
+    rolloverTrackingArea = [[NSTrackingArea alloc] initWithRect:[self visibleRect]
+                                                        options:options
+                                                          owner:self
+                                                       userInfo:nil
+                            ];
+    [self addTrackingArea:rolloverTrackingArea];
 }
 
 - (void)updateTrackingAreas {
     [super updateTrackingAreas];
-    [self resetTrackingRect];
+    [self resetTrackingArea];
 }
 
 - (void) resetCursorRects {
     [super resetCursorRects];
-    [self resetTrackingRect];
+    [self resetTrackingArea];
 }
 
 -(void) deliverJavaKeyEventHelper: (NSEvent *) event {
--- a/src/macosx/native/sun/awt/AWTWindow.m	Fri May 30 18:54:16 2014 +0100
+++ b/src/macosx/native/sun/awt/AWTWindow.m	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2011, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2011, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -314,10 +314,8 @@
     return [window isKindOfClass: [AWTWindow_Panel class]] || [window isKindOfClass: [AWTWindow_Normal class]];
 }
 
-// checks that this window is under the mouse cursor and this point is not overlapped by others windows
-- (BOOL) isTopmostWindowUnderMouse {
-
-    int currentWinID = [self.nsWindow windowNumber];
+// return id for the topmost window under mouse
++ (NSInteger) getTopmostWindowUnderMouseID {
 
     NSRect screenRect = [[NSScreen mainScreen] frame];
     NSPoint nsMouseLocation = [NSEvent mouseLocation];
@@ -327,51 +325,75 @@
 
 
     for (NSDictionary *window in windows) {
-        int layer = [[window objectForKey:(id)kCGWindowLayer] intValue];
+        NSInteger layer = [[window objectForKey:(id)kCGWindowLayer] integerValue];
         if (layer == 0) {
-            int winID = [[window objectForKey:(id)kCGWindowNumber] intValue];
             CGRect rect;
             CGRectMakeWithDictionaryRepresentation((CFDictionaryRef)[window objectForKey:(id)kCGWindowBounds], &rect);
             if (CGRectContainsPoint(rect, cgMouseLocation)) {
-                return currentWinID == winID;
-            } else if (currentWinID == winID) {
-                return NO;
+                return [[window objectForKey:(id)kCGWindowNumber] integerValue];
             }
         }
     }
-    return NO;
+    return -1;
 }
 
-- (void) synthesizeMouseEnteredExitedEvents {
+// checks that this window is under the mouse cursor and this point is not overlapped by other windows
+- (BOOL) isTopmostWindowUnderMouse {
+    return [self.nsWindow windowNumber] == [AWTWindow getTopmostWindowUnderMouseID];
+}
 
-    int eventType = 0;
-    BOOL isUnderMouse = [self isTopmostWindowUnderMouse];
-    BOOL mouseIsOver = [[self.nsWindow contentView] mouseIsOver];
++ (AWTWindow *) getTopmostWindowUnderMouse {
+    NSEnumerator *windowEnumerator = [[NSApp windows] objectEnumerator];
+    NSWindow *window;
 
-    if (isUnderMouse && !mouseIsOver) {
-        eventType = NSMouseEntered;
-    } else if (!isUnderMouse && mouseIsOver) {
-        eventType = NSMouseExited;
-    } else {
-        return;
+    NSInteger topmostWindowUnderMouseID = [AWTWindow getTopmostWindowUnderMouseID];
+
+    while ((window = [windowEnumerator nextObject]) != nil) {
+        if ([window windowNumber] == topmostWindowUnderMouseID) {
+            BOOL isAWTWindow = [AWTWindow isAWTWindow: window];
+            return isAWTWindow ? (AWTWindow *) [window delegate] : nil;
+        }
     }
+    return nil;
+}
+
++ (void) synthesizeMouseEnteredExitedEvents:(NSWindow*)window withType:(NSEventType)eventType {
 
     NSPoint screenLocation = [NSEvent mouseLocation];
-    NSPoint windowLocation = [self.nsWindow convertScreenToBase: screenLocation];
+    NSPoint windowLocation = [window convertScreenToBase: screenLocation];
     int modifierFlags = (eventType == NSMouseEntered) ? NSMouseEnteredMask : NSMouseExitedMask;
 
     NSEvent *mouseEvent = [NSEvent enterExitEventWithType: eventType
                                                  location: windowLocation
                                             modifierFlags: modifierFlags
                                                 timestamp: 0
-                                             windowNumber: [self.nsWindow windowNumber]
+                                             windowNumber: [window windowNumber]
                                                   context: nil
                                               eventNumber: 0
                                            trackingNumber: 0
                                                  userData: nil
                            ];
 
-    [[self.nsWindow contentView] deliverJavaMouseEvent: mouseEvent];
+    [[window contentView] deliverJavaMouseEvent: mouseEvent];
+}
+
++(void) synthesizeMouseEnteredExitedEventsForAllWindows {
+    NSInteger topmostWindowUnderMouseID = [AWTWindow getTopmostWindowUnderMouseID];
+    NSArray *windows = [NSApp windows];
+    NSWindow *window;
+
+    NSEnumerator *windowEnumerator = [windows objectEnumerator];
+    while ((window = [windowEnumerator nextObject]) != nil) {
+        if ([AWTWindow isAWTWindow: window]) {
+            BOOL isUnderMouse = ([window windowNumber] == topmostWindowUnderMouseID);
+            BOOL mouseIsOver = [[window contentView] mouseIsOver];
+            if (isUnderMouse && !mouseIsOver) {
+                [AWTWindow synthesizeMouseEnteredExitedEvents: window withType:NSMouseEntered];
+            } else if (!isUnderMouse && mouseIsOver) {
+                [AWTWindow synthesizeMouseEnteredExitedEvents: window withType:NSMouseExited];
+            }
+        }
+    }
 }
 
 + (NSNumber *) getNSWindowDisplayID_AppKitThread:(NSWindow *)window {
@@ -979,7 +1001,7 @@
         // (this will also re-enable screen updates, which were disabled above)
         // TODO: send PaintEvent
 
-        [window synthesizeMouseEnteredExitedEvents];
+        [AWTWindow synthesizeMouseEnteredExitedEventsForAllWindows];
     }];
 
 JNF_COCOA_EXIT(env);
@@ -1158,19 +1180,40 @@
 
 /*
  * Class:     sun_lwawt_macosx_CPlatformWindow
+ * Method:    nativeGetTopMostWindowUnderMouse
+ * Signature: (J)V
+ */
+JNIEXPORT jobject
+JNICALL Java_sun_lwawt_macosx_CPlatformWindow_nativeGetTopmostPlatformWindowUnderMouse
+(JNIEnv *env, jclass clazz)
+{
+    jobject topmostWindowUnderMouse = nil;
+
+    JNF_COCOA_ENTER(env);
+    AWT_ASSERT_APPKIT_THREAD;
+
+    AWTWindow *awtWindow = [AWTWindow getTopmostWindowUnderMouse];
+    if (awtWindow != nil) {
+        topmostWindowUnderMouse = [awtWindow.javaPlatformWindow jObject];
+    }
+
+    JNF_COCOA_EXIT(env);
+
+    return topmostWindowUnderMouse;
+}
+
+/*
+ * Class:     sun_lwawt_macosx_CPlatformWindow
  * Method:    nativeSynthesizeMouseEnteredExitedEvents
  * Signature: (J)V
  */
 JNIEXPORT void JNICALL Java_sun_lwawt_macosx_CPlatformWindow_nativeSynthesizeMouseEnteredExitedEvents
-(JNIEnv *env, jclass clazz, jlong windowPtr)
+(JNIEnv *env, jclass clazz)
 {
     JNF_COCOA_ENTER(env);
 
-    NSWindow *nsWindow = OBJC(windowPtr);
     [ThreadUtilities performOnMainThreadWaiting:NO block:^(){
-        AWTWindow *window = (AWTWindow*)[nsWindow delegate];
-
-        [window synthesizeMouseEnteredExitedEvents];
+        [AWTWindow synthesizeMouseEnteredExitedEventsForAllWindows];
     }];
 
     JNF_COCOA_EXIT(env);
--- a/src/share/classes/com/sun/crypto/provider/RSACipher.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/com/sun/crypto/provider/RSACipher.java	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2009, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -39,6 +39,8 @@
 
 import sun.security.rsa.*;
 import sun.security.jca.Providers;
+import sun.security.internal.spec.TlsRsaPremasterSecretParameterSpec;
+import sun.security.util.KeyUtil;
 
 /**
  * RSA cipher implementation. Supports RSA en/decryption and signing/verifying
@@ -91,8 +93,8 @@
     // padding object
     private RSAPadding padding;
 
-    // cipher parameter for OAEP padding
-    private OAEPParameterSpec spec = null;
+    // cipher parameter for OAEP padding and TLS RSA premaster secret
+    private AlgorithmParameterSpec spec = null;
 
     // buffer for the data
     private byte[] buffer;
@@ -110,6 +112,9 @@
     // hash algorithm for OAEP
     private String oaepHashAlgorithm = "SHA-1";
 
+    // the source of randomness
+    private SecureRandom random;
+
     public RSACipher() {
         paddingType = PAD_PKCS1;
     }
@@ -175,7 +180,7 @@
 
     // see JCE spec
     protected AlgorithmParameters engineGetParameters() {
-        if (spec != null) {
+        if (spec != null && spec instanceof OAEPParameterSpec) {
             try {
                 AlgorithmParameters params =
                     AlgorithmParameters.getInstance("OAEP", "SunJCE");
@@ -278,8 +283,13 @@
             buffer = new byte[n];
         } else if (paddingType == PAD_PKCS1) {
             if (params != null) {
-                throw new InvalidAlgorithmParameterException
-                ("Parameters not supported");
+                if (!(params instanceof TlsRsaPremasterSecretParameterSpec)) {
+                    throw new InvalidAlgorithmParameterException(
+                            "Parameters not supported");
+                }
+
+                spec = params;
+                this.random = random;   // for TLS RSA premaster secret
             }
             int blockType = (mode <= MODE_DECRYPT) ? RSAPadding.PAD_BLOCKTYPE_2
                                                    : RSAPadding.PAD_BLOCKTYPE_1;
@@ -295,19 +305,18 @@
                 throw new InvalidKeyException
                         ("OAEP cannot be used to sign or verify signatures");
             }
-            OAEPParameterSpec myParams;
             if (params != null) {
                 if (!(params instanceof OAEPParameterSpec)) {
                     throw new InvalidAlgorithmParameterException
                         ("Wrong Parameters for OAEP Padding");
                 }
-                myParams = (OAEPParameterSpec) params;
+                spec = params;
             } else {
-                myParams = new OAEPParameterSpec(oaepHashAlgorithm, "MGF1",
+                spec = new OAEPParameterSpec(oaepHashAlgorithm, "MGF1",
                     MGF1ParameterSpec.SHA1, PSource.PSpecified.DEFAULT);
             }
             padding = RSAPadding.getInstance(RSAPadding.PAD_OAEP_MGF1, n,
-                random, myParams);
+                random, (OAEPParameterSpec)spec);
             if (encrypt) {
                 int k = padding.getMaxDataSize();
                 buffer = new byte[k];
@@ -422,17 +431,40 @@
         if (wrappedKey.length > buffer.length) {
             throw new InvalidKeyException("Key is too long for unwrapping");
         }
+
+        boolean isTlsRsaPremasterSecret =
+                algorithm.equals("TlsRsaPremasterSecret");
+        Exception failover = null;
+        byte[] encoded = null;
+
         update(wrappedKey, 0, wrappedKey.length);
         try {
-            byte[] encoded = doFinal();
-            return ConstructKeys.constructKey(encoded, algorithm, type);
+            encoded = doFinal();
         } catch (BadPaddingException e) {
-            // should not occur
-            throw new InvalidKeyException("Unwrapping failed", e);
+            if (isTlsRsaPremasterSecret) {
+                failover = e;
+            } else {
+                throw new InvalidKeyException("Unwrapping failed", e);
+            }
         } catch (IllegalBlockSizeException e) {
             // should not occur, handled with length check above
             throw new InvalidKeyException("Unwrapping failed", e);
         }
+
+        if (isTlsRsaPremasterSecret) {
+            if (!(spec instanceof TlsRsaPremasterSecretParameterSpec)) {
+                throw new IllegalStateException(
+                        "No TlsRsaPremasterSecretParameterSpec specified");
+            }
+
+            // polish the TLS premaster secret
+            encoded = KeyUtil.checkTlsPreMasterSecretKey(
+                ((TlsRsaPremasterSecretParameterSpec)spec).getClientVersion(),
+                ((TlsRsaPremasterSecretParameterSpec)spec).getServerVersion(),
+                random, encoded, (failover != null));
+        }
+
+        return ConstructKeys.constructKey(encoded, algorithm, type);
     }
 
     // see JCE spec
@@ -440,5 +472,4 @@
         RSAKey rsaKey = RSAKeyFactory.toRSAKey(key);
         return rsaKey.getModulus().bitLength();
     }
-
 }
--- a/src/share/classes/com/sun/crypto/provider/TlsRsaPremasterSecretGenerator.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/com/sun/crypto/provider/TlsRsaPremasterSecretGenerator.java	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -56,7 +56,7 @@
 
     protected void engineInit(AlgorithmParameterSpec params,
             SecureRandom random) throws InvalidAlgorithmParameterException {
-        if (params instanceof TlsRsaPremasterSecretParameterSpec == false) {
+        if (!(params instanceof TlsRsaPremasterSecretParameterSpec)) {
             throw new InvalidAlgorithmParameterException(MSG);
         }
         this.spec = (TlsRsaPremasterSecretParameterSpec)params;
@@ -67,21 +67,20 @@
         throw new InvalidParameterException(MSG);
     }
 
+    // Only can be used in client side to generate TLS RSA premaster secret.
     protected SecretKey engineGenerateKey() {
         if (spec == null) {
             throw new IllegalStateException(
                 "TlsRsaPremasterSecretGenerator must be initialized");
         }
-        byte[] b = spec.getEncodedSecret();
-        if (b == null) {
-            if (random == null) {
-                random = new SecureRandom();
-            }
-            b = new byte[48];
-            random.nextBytes(b);
-            b[0] = (byte)spec.getMajorVersion();
-            b[1] = (byte)spec.getMinorVersion();
+
+        if (random == null) {
+            random = new SecureRandom();
         }
+        byte[] b = new byte[48];
+        random.nextBytes(b);
+        b[0] = (byte)spec.getMajorVersion();
+        b[1] = (byte)spec.getMinorVersion();
 
         return new SecretKeySpec(b, "TlsRsaPremasterSecret");
     }
--- a/src/share/classes/com/sun/jmx/remote/security/SubjectDelegator.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/com/sun/jmx/remote/security/SubjectDelegator.java	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -34,22 +34,14 @@
 
 import javax.management.remote.SubjectDelegationPermission;
 
-import com.sun.jmx.remote.util.CacheMap;
-import java.util.ArrayList;
-import java.util.Collection;
+import java.util.*;
 
 public class SubjectDelegator {
-    private static final int PRINCIPALS_CACHE_SIZE = 10;
-    private static final int ACC_CACHE_SIZE = 10;
-
-    private CacheMap<Subject, Principal[]> principalsCache;
-    private CacheMap<Subject, AccessControlContext> accCache;
-
     /* Return the AccessControlContext appropriate to execute an
        operation on behalf of the delegatedSubject.  If the
        authenticatedAccessControlContext does not have permission to
        delegate to that subject, throw SecurityException.  */
-    public synchronized AccessControlContext
+    public AccessControlContext
         delegatedContext(AccessControlContext authenticatedACC,
                          Subject delegatedSubject,
                          boolean removeCallerContext)
@@ -58,56 +50,14 @@
         if (System.getSecurityManager() != null && authenticatedACC == null) {
             throw new SecurityException("Illegal AccessControlContext: null");
         }
-        if (principalsCache == null || accCache == null) {
-            principalsCache =
-                    new CacheMap<>(PRINCIPALS_CACHE_SIZE);
-            accCache =
-                    new CacheMap<>(ACC_CACHE_SIZE);
-        }
-
-        // Retrieve the principals for the given
-        // delegated subject from the cache
-        //
-        Principal[] delegatedPrincipals = principalsCache.get(delegatedSubject);
-
-        // Convert the set of principals stored in the
-        // delegated subject into an array of principals
-        // and store it in the cache
-        //
-        if (delegatedPrincipals == null) {
-            delegatedPrincipals =
-                delegatedSubject.getPrincipals().toArray(new Principal[0]);
-            principalsCache.put(delegatedSubject, delegatedPrincipals);
-        }
-
-        // Retrieve the access control context for the
-        // given delegated subject from the cache
-        //
-        AccessControlContext delegatedACC = accCache.get(delegatedSubject);
-
-        // Build the access control context to be used
-        // when executing code as the delegated subject
-        // and store it in the cache
-        //
-        if (delegatedACC == null) {
-            if (removeCallerContext) {
-                delegatedACC =
-                    JMXSubjectDomainCombiner.getDomainCombinerContext(
-                                                              delegatedSubject);
-            } else {
-                delegatedACC =
-                    JMXSubjectDomainCombiner.getContext(delegatedSubject);
-            }
-            accCache.put(delegatedSubject, delegatedACC);
-        }
 
         // Check if the subject delegation permission allows the
         // authenticated subject to assume the identity of each
         // principal in the delegated subject
         //
-        final Principal[] dp = delegatedPrincipals;
-        final Collection<Permission> permissions = new ArrayList<>(dp.length);
-        for(Principal p : dp) {
+        Collection<Principal> ps = getSubjectPrincipals(delegatedSubject);
+        final Collection<Permission> permissions = new ArrayList<>(ps.size());
+        for(Principal p : ps) {
             final String pname = p.getClass().getName() + "." + p.getName();
             permissions.add(new SubjectDelegationPermission(pname));
         }
@@ -122,7 +72,15 @@
             };
         AccessController.doPrivileged(action, authenticatedACC);
 
-        return delegatedACC;
+        return getDelegatedAcc(delegatedSubject, removeCallerContext);
+    }
+
+    private AccessControlContext getDelegatedAcc(Subject delegatedSubject, boolean removeCallerContext) {
+        if (removeCallerContext) {
+            return JMXSubjectDomainCombiner.getDomainCombinerContext(delegatedSubject);
+        } else {
+            return JMXSubjectDomainCombiner.getContext(delegatedSubject);
+        }
     }
 
     /**
@@ -137,11 +95,9 @@
     public static synchronized boolean
         checkRemoveCallerContext(Subject subject) {
         try {
-            final Principal[] dp =
-                subject.getPrincipals().toArray(new Principal[0]);
-            for (int i = 0 ; i < dp.length ; i++) {
+            for (Principal p : getSubjectPrincipals(subject)) {
                 final String pname =
-                    dp[i].getClass().getName() + "." + dp[i].getName();
+                    p.getClass().getName() + "." + p.getName();
                 final Permission sdp =
                     new SubjectDelegationPermission(pname);
                 AccessController.checkPermission(sdp);
@@ -151,4 +107,19 @@
         }
         return true;
     }
+
+    /**
+     * Retrieves the {@linkplain Subject} principals
+     * @param subject The subject
+     * @return If the {@code Subject} is immutable it will return the principals directly.
+     *         If the {@code Subject} is mutable it will create an unmodifiable copy.
+     */
+    private static Collection<Principal> getSubjectPrincipals(Subject subject) {
+        if (subject.isReadOnly()) {
+            return subject.getPrincipals();
+        }
+
+        List<Principal> principals = Arrays.asList(subject.getPrincipals().toArray(new Principal[0]));
+        return Collections.unmodifiableList(principals);
+    }
 }
--- a/src/share/classes/com/sun/jmx/remote/util/CacheMap.java	Fri May 30 18:54:16 2014 +0100
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,121 +0,0 @@
-/*
- * Copyright (c) 2003, 2006, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-package com.sun.jmx.remote.util;
-
-import java.lang.ref.SoftReference;
-import java.util.Iterator;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.WeakHashMap;
-
-import com.sun.jmx.mbeanserver.Util;
-
-/**
- * <p>Like WeakHashMap, except that the keys of the <em>n</em> most
- * recently-accessed entries are kept as {@link SoftReference soft
- * references}.  Accessing an element means creating it, or retrieving
- * it with {@link #get(Object) get}.  Because these entries are kept
- * with soft references, they will tend to remain even if their keys
- * are not referenced elsewhere.  But if memory is short, they will
- * be removed.</p>
- */
-public class CacheMap<K, V> extends WeakHashMap<K, V> {
-    /**
-     * <p>Create a <code>CacheMap</code> that can keep up to
-     * <code>nSoftReferences</code> as soft references.</p>
-     *
-     * @param nSoftReferences Maximum number of keys to keep as soft
-     * references.  Access times for {@link #get(Object) get} and
-     * {@link #put(Object, Object) put} have a component that scales
-     * linearly with <code>nSoftReferences</code>, so this value
-     * should not be too great.
-     *
-     * @throws IllegalArgumentException if
-     * <code>nSoftReferences</code> is negative.
-     */
-    public CacheMap(int nSoftReferences) {
-        if (nSoftReferences < 0) {
-            throw new IllegalArgumentException("nSoftReferences = " +
-                                               nSoftReferences);
-        }
-        this.nSoftReferences = nSoftReferences;
-    }
-
-    public V put(K key, V value) {
-        cache(key);
-        return super.put(key, value);
-    }
-
-    public V get(Object key) {
-        cache(Util.<K>cast(key));
-        return super.get(key);
-    }
-
-    /* We don't override remove(Object) or try to do something with
-       the map's iterators to detect removal.  So we may keep useless
-       entries in the soft reference list for keys that have since
-       been removed.  The assumption is that entries are added to the
-       cache but never removed.  But the behavior is not wrong if
-       they are in fact removed -- the caching is just less
-       performant.  */
-
-    private void cache(K key) {
-        Iterator<SoftReference<K>> it = cache.iterator();
-        while (it.hasNext()) {
-            SoftReference<K> sref = it.next();
-            K key1 = sref.get();
-            if (key1 == null)
-                it.remove();
-            else if (key.equals(key1)) {
-                // Move this element to the head of the LRU list
-                it.remove();
-                cache.add(0, sref);
-                return;
-            }
-        }
-
-        int size = cache.size();
-        if (size == nSoftReferences) {
-            if (size == 0)
-                return;  // degenerate case, equivalent to WeakHashMap
-            it.remove();
-        }
-
-        cache.add(0, new SoftReference<K>(key));
-    }
-
-    /* List of soft references for the most-recently referenced keys.
-       The list is in most-recently-used order, i.e. the first element
-       is the most-recently referenced key.  There are never more than
-       nSoftReferences elements of this list.
-
-       If we didn't care about J2SE 1.3 compatibility, we could use
-       LinkedHashSet in conjunction with a subclass of SoftReference
-       whose equals and hashCode reflect the referent.  */
-    private final LinkedList<SoftReference<K>> cache =
-            new LinkedList<SoftReference<K>>();
-    private final int nSoftReferences;
-}
--- a/src/share/classes/com/sun/security/sasl/CramMD5Base.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/com/sun/security/sasl/CramMD5Base.java	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -32,6 +32,7 @@
 import java.security.NoSuchAlgorithmException;
 import java.security.MessageDigest;
 
+import java.util.Arrays;
 import java.util.logging.Logger;
 
 /**
@@ -159,7 +160,7 @@
         MessageDigest md5 = MessageDigest.getInstance("MD5");
 
         /* digest the key if longer than 64 bytes */
-        if (key.length > 64) {
+        if (key.length > MD5_BLOCKSIZE) {
             key = md5.digest(key);
         }
 
@@ -169,13 +170,9 @@
         int i;
 
         /* store key in pads */
-        for (i = 0; i < MD5_BLOCKSIZE; i++) {
-            for ( ; i < key.length; i++) {
-                ipad[i] = key[i];
-                opad[i] = key[i];
-            }
-            ipad[i] = 0x00;
-            opad[i] = 0x00;
+        for (i = 0; i < key.length; i++) {
+            ipad[i] = key[i];
+            opad[i] = key[i];
         }
 
         /* XOR key with pads */
@@ -207,6 +204,11 @@
             }
         }
 
+        Arrays.fill(ipad, (byte)0);
+        Arrays.fill(opad, (byte)0);
+        ipad = null;
+        opad = null;
+
         return (digestString.toString());
     }
 
--- a/src/share/classes/java/awt/Component.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/java/awt/Component.java	Wed Jun 18 14:07:55 2014 -0700
@@ -7922,7 +7922,7 @@
                 res = toFocus.requestFocusInWindow(CausedFocusEvent.Cause.TRAVERSAL_BACKWARD);
             }
         }
-        if (!res) {
+        if (clearOnFailure && !res) {
             if (focusLog.isLoggable(PlatformLogger.FINER)) {
                 focusLog.finer("clear global focus owner");
             }
--- a/src/share/classes/java/awt/KeyboardFocusManager.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/java/awt/KeyboardFocusManager.java	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -248,15 +248,7 @@
     public static void setCurrentKeyboardFocusManager(
         KeyboardFocusManager newManager) throws SecurityException
     {
-        SecurityManager security = System.getSecurityManager();
-        if (security != null) {
-            if (replaceKeyboardFocusManagerPermission == null) {
-                replaceKeyboardFocusManagerPermission =
-                    new AWTPermission("replaceKeyboardFocusManager");
-            }
-            security.
-                checkPermission(replaceKeyboardFocusManagerPermission);
-        }
+        checkReplaceKFMPermission();
 
         KeyboardFocusManager oldManager = null;
 
@@ -508,7 +500,7 @@
      */
     protected Component getGlobalFocusOwner() throws SecurityException {
         synchronized (KeyboardFocusManager.class) {
-            checkCurrentKFMSecurity();
+            checkKFMSecurity();
             return focusOwner;
         }
     }
@@ -543,7 +535,7 @@
 
         if (focusOwner == null || focusOwner.isFocusable()) {
             synchronized (KeyboardFocusManager.class) {
-                checkCurrentKFMSecurity();
+                checkKFMSecurity();
 
                 oldFocusOwner = getFocusOwner();
 
@@ -595,7 +587,7 @@
      */
     public void clearGlobalFocusOwner() {
         synchronized (KeyboardFocusManager.class) {
-            checkCurrentKFMSecurity();
+            checkKFMSecurity();
         }
         if (!GraphicsEnvironment.isHeadless()) {
             // Toolkit must be fully initialized, otherwise
@@ -676,7 +668,7 @@
         throws SecurityException
     {
         synchronized (KeyboardFocusManager.class) {
-            checkCurrentKFMSecurity();
+            checkKFMSecurity();
             return permanentFocusOwner;
         }
     }
@@ -712,7 +704,7 @@
 
         if (permanentFocusOwner == null || permanentFocusOwner.isFocusable()) {
             synchronized (KeyboardFocusManager.class) {
-                checkCurrentKFMSecurity();
+                checkKFMSecurity();
 
                 oldPermanentFocusOwner = getPermanentFocusOwner();
 
@@ -779,7 +771,7 @@
      */
     protected Window getGlobalFocusedWindow() throws SecurityException {
         synchronized (KeyboardFocusManager.class) {
-            checkCurrentKFMSecurity();
+            checkKFMSecurity();
             return focusedWindow;
         }
     }
@@ -811,7 +803,7 @@
 
         if (focusedWindow == null || focusedWindow.isFocusableWindow()) {
             synchronized (KeyboardFocusManager.class) {
-                checkCurrentKFMSecurity();
+                checkKFMSecurity();
 
                 oldFocusedWindow = getFocusedWindow();
 
@@ -879,7 +871,7 @@
      */
     protected Window getGlobalActiveWindow() throws SecurityException {
         synchronized (KeyboardFocusManager.class) {
-            checkCurrentKFMSecurity();
+            checkKFMSecurity();
             return activeWindow;
         }
     }
@@ -909,7 +901,7 @@
     protected void setGlobalActiveWindow(Window activeWindow) {
         Window oldActiveWindow;
         synchronized (KeyboardFocusManager.class) {
-            checkCurrentKFMSecurity();
+            checkKFMSecurity();
 
             oldActiveWindow = getActiveWindow();
             if (focusLog.isLoggable(PlatformLogger.FINER)) {
@@ -1205,7 +1197,7 @@
         throws SecurityException
     {
         synchronized (KeyboardFocusManager.class) {
-            checkCurrentKFMSecurity();
+            checkKFMSecurity();
             return currentFocusCycleRoot;
         }
     }
@@ -1230,7 +1222,7 @@
         Container oldFocusCycleRoot;
 
         synchronized (KeyboardFocusManager.class) {
-            checkCurrentKFMSecurity();
+            checkKFMSecurity();
 
             oldFocusCycleRoot  = getCurrentFocusCycleRoot();
             currentFocusCycleRoot = newFocusCycleRoot;
@@ -2368,7 +2360,8 @@
                 focusLog.finest("Request {0}", String.valueOf(hwFocusRequest));
             }
             if (hwFocusRequest == null &&
-                heavyweight == nativeFocusOwner)
+                heavyweight == nativeFocusOwner &&
+                heavyweight.getContainingWindow() == nativeFocusedWindow)
             {
                 if (descendant == currentFocusOwner) {
                     // Redundant request.
@@ -3050,13 +3043,36 @@
         }
     }
 
-    private void checkCurrentKFMSecurity() {
+    private static void checkReplaceKFMPermission()
+            throws SecurityException
+    {
+        SecurityManager security = System.getSecurityManager();
+        if (security != null) {
+            if (replaceKeyboardFocusManagerPermission == null) {
+                replaceKeyboardFocusManagerPermission =
+                        new AWTPermission("replaceKeyboardFocusManager");
+            }
+            security.
+                    checkPermission(replaceKeyboardFocusManagerPermission);
+        }
+    }
+
+    // Checks if this KeyboardFocusManager instance is the current KFM,
+    // or otherwise checks if the calling thread has "replaceKeyboardFocusManager"
+    // permission. Here's the reasoning to do so:
+    //
+    // A system KFM instance (which is the current KFM by default) may have no
+    // "replaceKFM" permission when a client code is on the call stack beneath,
+    // but still it should be able to execute the methods protected by this check
+    // due to the system KFM is trusted (and so it does like "privileged").
+    //
+    // If this KFM instance is not the current KFM but the client code has all
+    // permissions we can't throw SecurityException because it would contradict
+    // the security concepts. In this case the trusted client code is responsible
+    // for calling the secured methods from KFM instance which is not current.
+    private void checkKFMSecurity() {
         if (this != getCurrentKeyboardFocusManager()) {
-            if (focusLog.isLoggable(PlatformLogger.FINER)) {
-                focusLog.finer("This manager is " + this +
-                               ", current is " + getCurrentKeyboardFocusManager());
-            }
-            throw new SecurityException(notPrivileged);
+            checkReplaceKFMPermission();
         }
     }
 }
--- a/src/share/classes/java/lang/Class.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/java/lang/Class.java	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1994, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1994, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -187,8 +187,8 @@
     @CallerSensitive
     public static Class<?> forName(String className)
                 throws ClassNotFoundException {
-        return forName0(className, true,
-                        ClassLoader.getClassLoader(Reflection.getCallerClass()));
+        Class<?> caller = Reflection.getCallerClass();
+        return forName0(className, true, ClassLoader.getClassLoader(caller), caller);
     }
 
 
@@ -257,22 +257,27 @@
                                    ClassLoader loader)
         throws ClassNotFoundException
     {
-        if (loader == null) {
-            SecurityManager sm = System.getSecurityManager();
-            if (sm != null) {
-                ClassLoader ccl = ClassLoader.getClassLoader(Reflection.getCallerClass());
+        Class<?> caller = null;
+        SecurityManager sm = System.getSecurityManager();
+        if (sm != null) {
+            // Reflective call to get caller class is only needed if a security manager
+            // is present.  Avoid the overhead of making this call otherwise.
+            caller = Reflection.getCallerClass();
+            if (loader == null) {
+                ClassLoader ccl = ClassLoader.getClassLoader(caller);
                 if (ccl != null) {
                     sm.checkPermission(
                         SecurityConstants.GET_CLASSLOADER_PERMISSION);
                 }
             }
         }
-        return forName0(name, initialize, loader);
+        return forName0(name, initialize, loader, caller);
     }
 
-    /** Called after security checks have been made. */
+    /** Called after security check for system loader access checks have been made. */
     private static native Class<?> forName0(String name, boolean initialize,
-                                            ClassLoader loader)
+                                            ClassLoader loader,
+                                            Class<?> caller)
         throws ClassNotFoundException;
 
     /**
@@ -2338,44 +2343,110 @@
     }
 
     /**
+     * Atomic operations support.
+     */
+    private static class Atomic {
+        // initialize Unsafe machinery here, since we need to call Class.class instance method
+        // and have to avoid calling it in the static initializer of the Class class...
+        private static final Unsafe unsafe = Unsafe.getUnsafe();
+        // offset of Class.reflectionData instance field
+        private static final long reflectionDataOffset;
+        // offset of Class.annotationType instance field
+        private static final long annotationTypeOffset;
+
+        static {
+            Field[] fields = Class.class.getDeclaredFields0(false); // bypass caches
+            reflectionDataOffset = objectFieldOffset(fields, "reflectionData");
+            annotationTypeOffset = objectFieldOffset(fields, "annotationType");
+        }
+
+        private static long objectFieldOffset(Field[] fields, String fieldName) {
+            Field field = searchFields(fields, fieldName);
+            if (field == null) {
+                throw new Error("No " + fieldName + " field found in java.lang.Class");
+            }
+            return unsafe.objectFieldOffset(field);
+        }
+
+        static <T> boolean casReflectionData(Class<?> clazz,
+                                             SoftReference<ReflectionData<T>> oldData,
+                                             SoftReference<ReflectionData<T>> newData) {
+            return unsafe.compareAndSwapObject(clazz, reflectionDataOffset, oldData, newData);
+        }
+
+        static <T> boolean casAnnotationType(Class<?> clazz,
+                                             AnnotationType oldType,
+                                             AnnotationType newType) {
+            return unsafe.compareAndSwapObject(clazz, annotationTypeOffset, oldType, newType);
+        }
+    }
+
+    /**
      * Reflection support.
      */
 
     // Caches for certain reflective results
     private static boolean useCaches = true;
-    private volatile transient SoftReference<Field[]> declaredFields;
-    private volatile transient SoftReference<Field[]> publicFields;
-    private volatile transient SoftReference<Method[]> declaredMethods;
-    private volatile transient SoftReference<Method[]> publicMethods;
-    private volatile transient SoftReference<Constructor<T>[]> declaredConstructors;
-    private volatile transient SoftReference<Constructor<T>[]> publicConstructors;
-    // Intermediate results for getFields and getMethods
-    private volatile transient SoftReference<Field[]> declaredPublicFields;
-    private volatile transient SoftReference<Method[]> declaredPublicMethods;
+
+    // reflection data that might get invalidated when JVM TI RedefineClasses() is called
+    static class ReflectionData<T> {
+        volatile Field[] declaredFields;
+        volatile Field[] publicFields;
+        volatile Method[] declaredMethods;
+        volatile Method[] publicMethods;
+        volatile Constructor<T>[] declaredConstructors;
+        volatile Constructor<T>[] publicConstructors;
+        // Intermediate results for getFields and getMethods
+        volatile Field[] declaredPublicFields;
+        volatile Method[] declaredPublicMethods;
+        // Value of classRedefinedCount when we created this ReflectionData instance
+        final int redefinedCount;
+
+        ReflectionData(int redefinedCount) {
+            this.redefinedCount = redefinedCount;
+        }
+    }
+
+    private volatile transient SoftReference<ReflectionData<T>> reflectionData;
 
     // Incremented by the VM on each call to JVM TI RedefineClasses()
     // that redefines this class or a superclass.
     private volatile transient int classRedefinedCount = 0;
 
-    // Value of classRedefinedCount when we last cleared the cached values
-    // that are sensitive to class redefinition.
-    private volatile transient int lastRedefinedCount = 0;
+    // Lazily create and cache ReflectionData
+    private ReflectionData<T> reflectionData() {
+        SoftReference<ReflectionData<T>> reflectionData = this.reflectionData;
+        int classRedefinedCount = this.classRedefinedCount;
+        ReflectionData<T> rd;
+        if (useCaches &&
+            reflectionData != null &&
+            (rd = reflectionData.get()) != null &&
+            rd.redefinedCount == classRedefinedCount) {
+            return rd;
+        }
+        // else no SoftReference or cleared SoftReference or stale ReflectionData
+        // -> create and replace new instance
+        return newReflectionData(reflectionData, classRedefinedCount);
+    }
 
-    // Clears cached values that might possibly have been obsoleted by
-    // a class redefinition.
-    private void clearCachesOnClassRedefinition() {
-        if (lastRedefinedCount != classRedefinedCount) {
-            declaredFields = publicFields = declaredPublicFields = null;
-            declaredMethods = publicMethods = declaredPublicMethods = null;
-            declaredConstructors = publicConstructors = null;
-            annotations = declaredAnnotations = null;
+    private ReflectionData<T> newReflectionData(SoftReference<ReflectionData<T>> oldReflectionData,
+                                                int classRedefinedCount) {
+        if (!useCaches) return null;
 
-            // Use of "volatile" (and synchronization by caller in the case
-            // of annotations) ensures that no thread sees the update to
-            // lastRedefinedCount before seeing the caches cleared.
-            // We do not guard against brief windows during which multiple
-            // threads might redundantly work to fill an empty cache.
-            lastRedefinedCount = classRedefinedCount;
+        while (true) {
+            ReflectionData<T> rd = new ReflectionData<>(classRedefinedCount);
+            // try to CAS it...
+            if (Atomic.casReflectionData(this, oldReflectionData, new SoftReference<>(rd))) {
+                return rd;
+            }
+            // else retry
+            oldReflectionData = this.reflectionData;
+            classRedefinedCount = this.classRedefinedCount;
+            if (oldReflectionData != null &&
+                (rd = oldReflectionData.get()) != null &&
+                rd.redefinedCount == classRedefinedCount) {
+                return rd;
+            }
         }
     }
 
@@ -2403,7 +2474,7 @@
     }
 
     // Annotations handling
-    private native byte[] getRawAnnotations();
+    native byte[] getRawAnnotations();
 
     native ConstantPool getConstantPool();
 
@@ -2418,27 +2489,19 @@
     // via ReflectionFactory.copyField.
     private Field[] privateGetDeclaredFields(boolean publicOnly) {
         checkInitted();
-        Field[] res = null;
-        if (useCaches) {
-            clearCachesOnClassRedefinition();
-            if (publicOnly) {
-                if (declaredPublicFields != null) {
-                    res = declaredPublicFields.get();
-                }
-            } else {
-                if (declaredFields != null) {
-                    res = declaredFields.get();
-                }
-            }
+        Field[] res;
+        ReflectionData<T> rd = reflectionData();
+        if (rd != null) {
+            res = publicOnly ? rd.declaredPublicFields : rd.declaredFields;
             if (res != null) return res;
         }
         // No cached value available; request value from VM
         res = Reflection.filterFields(this, getDeclaredFields0(publicOnly));
-        if (useCaches) {
+        if (rd != null) {
             if (publicOnly) {
-                declaredPublicFields = new SoftReference<>(res);
+                rd.declaredPublicFields = res;
             } else {
-                declaredFields = new SoftReference<>(res);
+                rd.declaredFields = res;
             }
         }
         return res;
@@ -2449,12 +2512,10 @@
     // via ReflectionFactory.copyField.
     private Field[] privateGetPublicFields(Set<Class<?>> traversedInterfaces) {
         checkInitted();
-        Field[] res = null;
-        if (useCaches) {
-            clearCachesOnClassRedefinition();
-            if (publicFields != null) {
-                res = publicFields.get();
-            }
+        Field[] res;
+        ReflectionData<T> rd = reflectionData();
+        if (rd != null) {
+            res = rd.publicFields;
             if (res != null) return res;
         }
 
@@ -2487,8 +2548,8 @@
 
         res = new Field[fields.size()];
         fields.toArray(res);
-        if (useCaches) {
-            publicFields = new SoftReference<>(res);
+        if (rd != null) {
+            rd.publicFields = res;
         }
         return res;
     }
@@ -2511,18 +2572,10 @@
     // instead be copied via ReflectionFactory.copyConstructor.
     private Constructor<T>[] privateGetDeclaredConstructors(boolean publicOnly) {
         checkInitted();
-        Constructor<T>[] res = null;
-        if (useCaches) {
-            clearCachesOnClassRedefinition();
-            if (publicOnly) {
-                if (publicConstructors != null) {
-                    res = publicConstructors.get();
-                }
-            } else {
-                if (declaredConstructors != null) {
-                    res = declaredConstructors.get();
-                }
-            }
+        Constructor<T>[] res;
+        ReflectionData<T> rd = reflectionData();
+        if (rd != null) {
+            res = publicOnly ? rd.publicConstructors : rd.declaredConstructors;
             if (res != null) return res;
         }
         // No cached value available; request value from VM
@@ -2531,11 +2584,11 @@
         } else {
             res = getDeclaredConstructors0(publicOnly);
         }
-        if (useCaches) {
+        if (rd != null) {
             if (publicOnly) {
-                publicConstructors = new SoftReference<>(res);
+                rd.publicConstructors = res;
             } else {
-                declaredConstructors = new SoftReference<>(res);
+                rd.declaredConstructors = res;
             }
         }
         return res;
@@ -2552,27 +2605,19 @@
     // via ReflectionFactory.copyMethod.
     private Method[] privateGetDeclaredMethods(boolean publicOnly) {
         checkInitted();
-        Method[] res = null;
-        if (useCaches) {
-            clearCachesOnClassRedefinition();
-            if (publicOnly) {
-                if (declaredPublicMethods != null) {
-                    res = declaredPublicMethods.get();
-                }
-            } else {
-                if (declaredMethods != null) {
-                    res = declaredMethods.get();
-                }
-            }
+        Method[] res;
+        ReflectionData<T> rd = reflectionData();
+        if (rd != null) {
+            res = publicOnly ? rd.declaredPublicMethods : rd.declaredMethods;
             if (res != null) return res;
         }
         // No cached value available; request value from VM
         res = Reflection.filterMethods(this, getDeclaredMethods0(publicOnly));
-        if (useCaches) {
+        if (rd != null) {
             if (publicOnly) {
-                declaredPublicMethods = new SoftReference<>(res);
+                rd.declaredPublicMethods = res;
             } else {
-                declaredMethods = new SoftReference<>(res);
+                rd.declaredMethods = res;
             }
         }
         return res;
@@ -2674,12 +2719,10 @@
     // via ReflectionFactory.copyMethod.
     private Method[] privateGetPublicMethods() {
         checkInitted();
-        Method[] res = null;
-        if (useCaches) {
-            clearCachesOnClassRedefinition();
-            if (publicMethods != null) {
-                res = publicMethods.get();
-            }
+        Method[] res;
+        ReflectionData<T> rd = reflectionData();
+        if (rd != null) {
+            res = rd.publicMethods;
             if (res != null) return res;
         }
 
@@ -2727,8 +2770,8 @@
         methods.addAllIfNotPresent(inheritedMethods);
         methods.compactAndTrim();
         res = methods.getArray();
-        if (useCaches) {
-            publicMethods = new SoftReference<>(res);
+        if (rd != null) {
+            rd.publicMethods = res;
         }
         return res;
     }
@@ -2738,7 +2781,7 @@
     // Helpers for fetchers of one field, method, or constructor
     //
 
-    private Field searchFields(Field[] fields, String name) {
+    private static Field searchFields(Field[] fields, String name) {
         String internedName = name.intern();
         for (int i = 0; i < fields.length; i++) {
             if (fields[i].getName() == internedName) {
@@ -2756,7 +2799,7 @@
         // of Field objects which have to be created for the common
         // case where the field being requested is declared in the
         // class which is being queried.
-        Field res = null;
+        Field res;
         // Search declared public fields
         if ((res = searchFields(privateGetDeclaredFields(true), name)) != null) {
             return res;
@@ -2808,7 +2851,7 @@
         // number of Method objects which have to be created for the
         // common case where the method being requested is declared in
         // the class which is being queried.
-        Method res = null;
+        Method res;
         // Search declared public methods
         if ((res = searchMethods(privateGetDeclaredMethods(true),
                                  name,
@@ -3209,9 +3252,20 @@
     // Annotations cache
     private transient Map<Class<? extends Annotation>, Annotation> annotations;
     private transient Map<Class<? extends Annotation>, Annotation> declaredAnnotations;
+    // Value of classRedefinedCount when we last cleared the cached annotations and declaredAnnotations fields
+    private  transient int lastAnnotationsRedefinedCount = 0;
+
+    // Clears cached values that might possibly have been obsoleted by
+    // a class redefinition.
+    private void clearAnnotationCachesOnClassRedefinition() {
+        if (lastAnnotationsRedefinedCount != classRedefinedCount) {
+            annotations = declaredAnnotations = null;
+            lastAnnotationsRedefinedCount = classRedefinedCount;
+        }
+    }
 
     private synchronized void initAnnotationsIfNecessary() {
-        clearCachesOnClassRedefinition();
+        clearAnnotationCachesOnClassRedefinition();
         if (annotations != null)
             return;
         declaredAnnotations = AnnotationParser.parseAnnotations(
@@ -3233,10 +3287,11 @@
 
     // Annotation types cache their internal (AnnotationType) form
 
-    private AnnotationType annotationType;
+    @SuppressWarnings("UnusedDeclaration")
+    private volatile transient AnnotationType annotationType;
 
-    void setAnnotationType(AnnotationType type) {
-        annotationType = type;
+    boolean casAnnotationType(AnnotationType oldType, AnnotationType newType) {
+        return Atomic.casAnnotationType(this, oldType, newType);
     }
 
     AnnotationType getAnnotationType() {
--- a/src/share/classes/java/lang/ProcessBuilder.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/java/lang/ProcessBuilder.java	Wed Jun 18 14:07:55 2014 -0700
@@ -1018,6 +1018,12 @@
 
         String dir = directory == null ? null : directory.toString();
 
+        for (int i = 1; i < cmdarray.length; i++) {
+            if (cmdarray[i].indexOf('\u0000') >= 0) {
+                throw new IOException("invalid null character in command");
+            }
+        }
+
         try {
             return ProcessImpl.start(cmdarray,
                                      environment,
--- a/src/share/classes/java/lang/System.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/java/lang/System.java	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1994, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1994, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -1178,12 +1178,15 @@
             public sun.reflect.ConstantPool getConstantPool(Class klass) {
                 return klass.getConstantPool();
             }
-            public void setAnnotationType(Class klass, AnnotationType type) {
-                klass.setAnnotationType(type);
+            public boolean casAnnotationType(Class<?> klass, AnnotationType oldType, AnnotationType newType) {
+                return klass.casAnnotationType(oldType, newType);
             }
             public AnnotationType getAnnotationType(Class klass) {
                 return klass.getAnnotationType();
             }
+            public byte[] getRawClassAnnotations(Class<?> klass) {
+                return klass.getRawAnnotations();
+            }
             public <E extends Enum<E>>
                     E[] getEnumConstantsShared(Class<E> klass) {
                 return klass.getEnumConstantsShared();
--- a/src/share/classes/java/lang/invoke/DirectMethodHandle.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/java/lang/invoke/DirectMethodHandle.java	Wed Jun 18 14:07:55 2014 -0700
@@ -243,12 +243,12 @@
         assert(names.length == nameCursor);
         if (doesAlloc) {
             // names = { argx,y,z,... new C, init method }
-            names[NEW_OBJ] = new Name(NF_allocateInstance, names[DMH_THIS]);
-            names[GET_MEMBER] = new Name(NF_constructorMethod, names[DMH_THIS]);
+            names[NEW_OBJ] = new Name(Lazy.NF_allocateInstance, names[DMH_THIS]);
+            names[GET_MEMBER] = new Name(Lazy.NF_constructorMethod, names[DMH_THIS]);
         } else if (needsInit) {
-            names[GET_MEMBER] = new Name(NF_internalMemberNameEnsureInit, names[DMH_THIS]);
+            names[GET_MEMBER] = new Name(Lazy.NF_internalMemberNameEnsureInit, names[DMH_THIS]);
         } else {
-            names[GET_MEMBER] = new Name(NF_internalMemberName, names[DMH_THIS]);
+            names[GET_MEMBER] = new Name(Lazy.NF_internalMemberName, names[DMH_THIS]);
         }
         Object[] outArgs = Arrays.copyOfRange(names, ARG_BASE, GET_MEMBER+1, Object[].class);
         assert(outArgs[outArgs.length-1] == names[GET_MEMBER]);  // look, shifted args!
@@ -596,18 +596,18 @@
         final int RESULT    = nameCursor-1;  // either the call or the cast
         Name[] names = arguments(nameCursor - ARG_LIMIT, mtype.invokerType());
         if (needsInit)
-            names[INIT_BAR] = new Name(NF_ensureInitialized, names[DMH_THIS]);
+            names[INIT_BAR] = new Name(Lazy.NF_ensureInitialized, names[DMH_THIS]);
         if (needsCast && !isGetter)
-            names[PRE_CAST] = new Name(NF_checkCast, names[DMH_THIS], names[SET_VALUE]);
+            names[PRE_CAST] = new Name(Lazy.NF_checkCast, names[DMH_THIS], names[SET_VALUE]);
         Object[] outArgs = new Object[1 + linkerType.parameterCount()];
         assert(outArgs.length == (isGetter ? 3 : 4));
         outArgs[0] = UNSAFE;
         if (isStatic) {
-            outArgs[1] = names[F_HOLDER]  = new Name(NF_staticBase, names[DMH_THIS]);
-            outArgs[2] = names[F_OFFSET]  = new Name(NF_staticOffset, names[DMH_THIS]);
+            outArgs[1] = names[F_HOLDER]  = new Name(Lazy.NF_staticBase, names[DMH_THIS]);
+            outArgs[2] = names[F_OFFSET]  = new Name(Lazy.NF_staticOffset, names[DMH_THIS]);
         } else {
-            outArgs[1] = names[OBJ_CHECK] = new Name(NF_checkBase, names[OBJ_BASE]);
-            outArgs[2] = names[F_OFFSET]  = new Name(NF_fieldOffset, names[DMH_THIS]);
+            outArgs[1] = names[OBJ_CHECK] = new Name(Lazy.NF_checkBase, names[OBJ_BASE]);
+            outArgs[2] = names[F_OFFSET]  = new Name(Lazy.NF_fieldOffset, names[DMH_THIS]);
         }
         if (!isGetter) {
             outArgs[3] = (needsCast ? names[PRE_CAST] : names[SET_VALUE]);
@@ -615,7 +615,7 @@
         for (Object a : outArgs)  assert(a != null);
         names[LINKER_CALL] = new Name(linker, outArgs);
         if (needsCast && isGetter)
-            names[POST_CAST] = new Name(NF_checkCast, names[DMH_THIS], names[LINKER_CALL]);
+            names[POST_CAST] = new Name(Lazy.NF_checkCast, names[DMH_THIS], names[LINKER_CALL]);
         for (Name n : names)  assert(n != null);
         String fieldOrStatic = (isStatic ? "Static" : "Field");
         String lambdaName = (linkerName + fieldOrStatic);  // significant only for debugging
@@ -624,48 +624,54 @@
         return new LambdaForm(lambdaName, ARG_LIMIT, names, RESULT);
     }
 
-    private static final NamedFunction
-            NF_internalMemberName,
-            NF_internalMemberNameEnsureInit,
-            NF_ensureInitialized,
-            NF_fieldOffset,
-            NF_checkBase,
-            NF_staticBase,
-            NF_staticOffset,
-            NF_checkCast,
-            NF_allocateInstance,
-            NF_constructorMethod;
-    static {
-        try {
-            NamedFunction nfs[] = {
-                NF_internalMemberName = new NamedFunction(DirectMethodHandle.class
-                    .getDeclaredMethod("internalMemberName", Object.class)),
-                NF_internalMemberNameEnsureInit = new NamedFunction(DirectMethodHandle.class
-                    .getDeclaredMethod("internalMemberNameEnsureInit", Object.class)),
-                NF_ensureInitialized = new NamedFunction(DirectMethodHandle.class
-                    .getDeclaredMethod("ensureInitialized", Object.class)),
-                NF_fieldOffset = new NamedFunction(DirectMethodHandle.class
-                    .getDeclaredMethod("fieldOffset", Object.class)),
-                NF_checkBase = new NamedFunction(DirectMethodHandle.class
-                    .getDeclaredMethod("checkBase", Object.class)),
-                NF_staticBase = new NamedFunction(DirectMethodHandle.class
-                    .getDeclaredMethod("staticBase", Object.class)),
-                NF_staticOffset = new NamedFunction(DirectMethodHandle.class
-                    .getDeclaredMethod("staticOffset", Object.class)),
-                NF_checkCast = new NamedFunction(DirectMethodHandle.class
-                    .getDeclaredMethod("checkCast", Object.class, Object.class)),
-                NF_allocateInstance = new NamedFunction(DirectMethodHandle.class
-                    .getDeclaredMethod("allocateInstance", Object.class)),
-                NF_constructorMethod = new NamedFunction(DirectMethodHandle.class
-                    .getDeclaredMethod("constructorMethod", Object.class))
-            };
-            for (NamedFunction nf : nfs) {
-                // Each nf must be statically invocable or we get tied up in our bootstraps.
-                assert(InvokerBytecodeGenerator.isStaticallyInvocable(nf.member)) : nf;
-                nf.resolve();
+    /**
+     * Pre-initialized NamedFunctions for bootstrapping purposes.
+     * Factored in an inner class to delay initialization until first usage.
+     */
+    private static class Lazy {
+        static final NamedFunction
+                NF_internalMemberName,
+                NF_internalMemberNameEnsureInit,
+                NF_ensureInitialized,
+                NF_fieldOffset,
+                NF_checkBase,
+                NF_staticBase,
+                NF_staticOffset,
+                NF_checkCast,
+                NF_allocateInstance,
+                NF_constructorMethod;
+        static {
+            try {
+                NamedFunction nfs[] = {
+                        NF_internalMemberName = new NamedFunction(DirectMethodHandle.class
+                                .getDeclaredMethod("internalMemberName", Object.class)),
+                        NF_internalMemberNameEnsureInit = new NamedFunction(DirectMethodHandle.class
+                                .getDeclaredMethod("internalMemberNameEnsureInit", Object.class)),
+                        NF_ensureInitialized = new NamedFunction(DirectMethodHandle.class
+                                .getDeclaredMethod("ensureInitialized", Object.class)),
+                        NF_fieldOffset = new NamedFunction(DirectMethodHandle.class
+                                .getDeclaredMethod("fieldOffset", Object.class)),
+                        NF_checkBase = new NamedFunction(DirectMethodHandle.class
+                                .getDeclaredMethod("checkBase", Object.class)),
+                        NF_staticBase = new NamedFunction(DirectMethodHandle.class
+                                .getDeclaredMethod("staticBase", Object.class)),
+                        NF_staticOffset = new NamedFunction(DirectMethodHandle.class
+                                .getDeclaredMethod("staticOffset", Object.class)),
+                        NF_checkCast = new NamedFunction(DirectMethodHandle.class
+                                .getDeclaredMethod("checkCast", Object.class, Object.class)),
+                        NF_allocateInstance = new NamedFunction(DirectMethodHandle.class
+                                .getDeclaredMethod("allocateInstance", Object.class)),
+                        NF_constructorMethod = new NamedFunction(DirectMethodHandle.class
+                                .getDeclaredMethod("constructorMethod", Object.class))
+                };
+                for (NamedFunction nf : nfs) {
+                    // Each nf must be statically invocable or we get tied up in our bootstraps.
+                    assert(InvokerBytecodeGenerator.isStaticallyInvocable(nf.member)) : nf;
+                    nf.resolve();
+                }
+            } catch (ReflectiveOperationException ex) {
+                throw newInternalError(ex);
             }
-        } catch (ReflectiveOperationException ex) {
-            throw newInternalError(ex);
         }
     }
 }
--- a/src/share/classes/java/lang/invoke/InvokerBytecodeGenerator.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/java/lang/invoke/InvokerBytecodeGenerator.java	Wed Jun 18 14:07:55 2014 -0700
@@ -613,6 +613,12 @@
             return false;  // inner class of some sort
         if (cls.getClassLoader() != MethodHandle.class.getClassLoader())
             return false;  // not on BCP
+        MethodType mtype = member.getMethodOrFieldType();
+        if (!isStaticallyNameable(mtype.returnType()))
+            return false;
+        for (Class<?> ptype : mtype.parameterArray())
+            if (!isStaticallyNameable(ptype))
+                return false;
         if (!member.isPrivate() && VerifyAccess.isSamePackage(MethodHandle.class, cls))
             return true;   // in java.lang.invoke package
         if (member.isPublic() && isStaticallyNameable(cls))
@@ -655,6 +661,12 @@
             refKind = REF_invokeVirtual;
         }
 
+        if (member.getDeclaringClass().isInterface() && refKind == REF_invokeVirtual) {
+            // Methods from Object declared in an interface can be resolved by JVM to invokevirtual kind.
+            // Need to convert it back to invokeinterface to pass verification and make the invocation works as expected.
+            refKind = REF_invokeInterface;
+        }
+
         // push arguments
         for (int i = 0; i < name.arguments.length; i++) {
             emitPushArgument(name, i);
--- a/src/share/classes/java/lang/invoke/Invokers.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/java/lang/invoke/Invokers.java	Wed Jun 18 14:07:55 2014 -0700
@@ -318,6 +318,7 @@
             //  let mt=TYPEOF(a*:R), tmh=asType(mh, mt);
             //    tmh.invokeBasic(a*)
             outArgs = Arrays.copyOfRange(names, CALL_MH, OUTARG_LIMIT, Object[].class);
+            outArgs[0] = names[CHECK_TYPE];
             outCallType = mtype;
         } else {
             names[CHECK_TYPE] = new Name(NF_checkGenericType, names[CALL_MH], mtypeArg);
--- a/src/share/classes/java/lang/invoke/MethodHandle.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/java/lang/invoke/MethodHandle.java	Wed Jun 18 14:07:55 2014 -0700
@@ -753,6 +753,10 @@
      * to the target method handle.
      * (The array may also be null when zero elements are required.)
      * <p>
+     * If, when the adapter is called, the supplied array argument does
+     * not have the correct number of elements, the adapter will throw
+     * an {@link IllegalArgumentException} instead of invoking the target.
+     * <p>
      * Here are some simple examples of array-spreading method handles:
      * <blockquote><pre>
 MethodHandle equals = publicLookup()
@@ -763,6 +767,12 @@
 MethodHandle eq2 = equals.asSpreader(Object[].class, 2);
 assert( (boolean) eq2.invokeExact(new Object[]{ "me", "me" }));
 assert(!(boolean) eq2.invokeExact(new Object[]{ "me", "thee" }));
+// try to spread from anything but a 2-array:
+for (int n = 0; n <= 10; n++) {
+  Object[] badArityArgs = (n == 2 ? null : new Object[n]);
+  try { assert((boolean) eq2.invokeExact(badArityArgs) && false); }
+  catch (IllegalArgumentException ex) { } // OK
+}
 // spread both arguments from a String array:
 MethodHandle eq2s = equals.asSpreader(String[].class, 2);
 assert( (boolean) eq2s.invokeExact(new String[]{ "me", "me" }));
@@ -1250,8 +1260,6 @@
     /*non-public*/
     MethodHandle viewAsType(MethodType newType) {
         // No actual conversions, just a new view of the same method.
-        if (!type.isViewableAs(newType))
-            throw new InternalError();
         return MethodHandleImpl.makePairwiseConvert(this, newType, 0);
     }
 
--- a/src/share/classes/java/lang/invoke/MethodHandleImpl.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/java/lang/invoke/MethodHandleImpl.java	Wed Jun 18 14:07:55 2014 -0700
@@ -430,7 +430,7 @@
                 // Spread the array.
                 MethodHandle aload = MethodHandles.arrayElementGetter(spreadArgType);
                 Name array = names[argIndex];
-                names[nameCursor++] = new Name(NF_checkSpreadArgument, array, spreadArgCount);
+                names[nameCursor++] = new Name(Lazy.NF_checkSpreadArgument, array, spreadArgCount);
                 for (int j = 0; j < spreadArgCount; i++, j++) {
                     indexes[i] = nameCursor;
                     names[nameCursor++] = new Name(aload, array, j);
@@ -454,14 +454,8 @@
     }
 
     static void checkSpreadArgument(Object av, int n) {
-        // FIXME: regression test for bug 7141637 erroneously expects an NPE, and other tests may expect IAE
-        // but the actual exception raised by an arity mismatch should be WMTE
-        final boolean RAISE_RANDOM_EXCEPTIONS = true;  // FIXME: delete in JSR 292 M1
         if (av == null) {
             if (n == 0)  return;
-            int len;
-            if (RAISE_RANDOM_EXCEPTIONS)
-                len = ((Object[])av).length;  // throw NPE; but delete this after tests are fixed
         } else if (av instanceof Object[]) {
             int len = ((Object[])av).length;
             if (len == n)  return;
@@ -470,19 +464,23 @@
             if (len == n)  return;
         }
         // fall through to error:
-        if (RAISE_RANDOM_EXCEPTIONS)
-            throw newIllegalArgumentException("Array is not of length "+n);
-        throw new WrongMethodTypeException("Array is not of length "+n);
+        throw newIllegalArgumentException("array is not of length "+n);
     }
 
-    private static final NamedFunction NF_checkSpreadArgument;
-    static {
-        try {
-            NF_checkSpreadArgument = new NamedFunction(MethodHandleImpl.class
-                    .getDeclaredMethod("checkSpreadArgument", Object.class, int.class));
-            NF_checkSpreadArgument.resolve();
-        } catch (ReflectiveOperationException ex) {
-            throw newInternalError(ex);
+    /**
+     * Pre-initialized NamedFunctions for bootstrapping purposes.
+     * Factored in an inner class to delay initialization until first usage.
+     */
+    private static class Lazy {
+        static final NamedFunction NF_checkSpreadArgument;
+        static {
+            try {
+                NF_checkSpreadArgument = new NamedFunction(MethodHandleImpl.class
+                        .getDeclaredMethod("checkSpreadArgument", Object.class, int.class));
+                NF_checkSpreadArgument.resolve();
+            } catch (ReflectiveOperationException ex) {
+                throw newInternalError(ex);
+            }
         }
     }
 
--- a/src/share/classes/java/lang/invoke/MethodHandles.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/java/lang/invoke/MethodHandles.java	Wed Jun 18 14:07:55 2014 -0700
@@ -26,12 +26,15 @@
 package java.lang.invoke;
 
 import java.lang.reflect.*;
+
 import sun.invoke.util.ValueConversions;
 import sun.invoke.util.VerifyAccess;
 import sun.invoke.util.Wrapper;
+
 import java.util.List;
 import java.util.ArrayList;
 import java.util.Arrays;
+
 import sun.reflect.CallerSensitive;
 import sun.reflect.Reflection;
 import sun.reflect.misc.ReflectUtil;
@@ -245,6 +248,9 @@
      * In general, the conditions under which a method handle may be
      * looked up for a method {@code M} are exactly equivalent to the conditions
      * under which the lookup class could have compiled and resolved a call to {@code M}.
+     * Where the JVM would raise exceptions like {@code NoSuchMethodError},
+     * a method handle lookup will generally raise a corresponding
+     * checked exception, such as {@code NoSuchMethodException}.
      * And the effect of invoking the method handle resulting from the lookup
      * is exactly equivalent to executing the compiled and resolved call to {@code M}.
      * The same point is true of fields and constructors.
@@ -261,6 +267,12 @@
      * (which will necessarily be a superclass of the lookup class)
      * to the lookup class itself.
      * <p>
+     * The JVM represents constructors and static initializer blocks as internal methods
+     * with special names ({@code "<init>"} and {@code "<clinit>"}).
+     * The internal syntax of invocation instructions allows them to refer to such internal
+     * methods as if they were normal methods, but the JVM verifier rejects them.
+     * A lookup of such an internal method will produce a {@code NoSuchMethodException}.
+     * <p>
      * In some cases, access between nested classes is obtained by the Java compiler by creating
      * an wrapper method to access a private method of another class
      * in the same top-level declaration.
@@ -575,6 +587,15 @@
          * The returned method handle will have
          * {@linkplain MethodHandle#asVarargsCollector variable arity} if and only if
          * the method's variable arity modifier bit ({@code 0x0080}) is set.
+         * <b>Example:</b>
+         * <p><blockquote><pre>{@code
+import static java.lang.invoke.MethodHandles.*;
+import static java.lang.invoke.MethodType.*;
+...
+MethodHandle MH_asList = publicLookup().findStatic(Arrays.class,
+  "asList", methodType(List.class, Object[].class));
+assertEquals("[x, y]", MH_asList.invoke("x", "y").toString());
+         * }</pre></blockquote>
          * @param refc the class from which the method is accessed
          * @param name the name of the method
          * @param type the type of the method
@@ -625,6 +646,34 @@
          * {@link java.lang.invoke.MethodHandles#invoker MethodHandles.invoker}
          * with the same {@code type} argument.
          *
+         * <b>Example:</b>
+         * <p><blockquote><pre>{@code
+import static java.lang.invoke.MethodHandles.*;
+import static java.lang.invoke.MethodType.*;
+...
+MethodHandle MH_concat = publicLookup().findVirtual(String.class,
+  "concat", methodType(String.class, String.class));
+MethodHandle MH_hashCode = publicLookup().findVirtual(Object.class,
+  "hashCode", methodType(int.class));
+MethodHandle MH_hashCode_String = publicLookup().findVirtual(String.class,
+  "hashCode", methodType(int.class));
+assertEquals("xy", (String) MH_concat.invokeExact("x", "y"));
+assertEquals("xy".hashCode(), (int) MH_hashCode.invokeExact((Object)"xy"));
+assertEquals("xy".hashCode(), (int) MH_hashCode_String.invokeExact("xy"));
+// interface method:
+MethodHandle MH_subSequence = publicLookup().findVirtual(CharSequence.class,
+  "subSequence", methodType(CharSequence.class, int.class, int.class));
+assertEquals("def", MH_subSequence.invoke("abcdefghi", 3, 6).toString());
+// constructor "internal method" must be accessed differently:
+MethodType MT_newString = methodType(void.class); //()V for new String()
+try { assertEquals("impossible", lookup()
+        .findVirtual(String.class, "<init>", MT_newString));
+ } catch (NoSuchMethodException ex) { } // OK
+MethodHandle MH_newString = publicLookup()
+  .findConstructor(String.class, MT_newString);
+assertEquals("", (String) MH_newString.invokeExact());
+         * }</pre></blockquote>
+         *
          * @param refc the class or interface from which the method is accessed
          * @param name the name of the method
          * @param type the type of the method, with the receiver argument omitted
@@ -666,12 +715,30 @@
          * If the constructor's class has not yet been initialized, that is done
          * immediately, before the method handle is returned.
          * <p>
-         * Note:  The requested type must have a return type of {@code void}.
-         * This is consistent with the JVM's treatment of constructor type descriptors.
+         * <em>(Note:  The requested type must have a return type of {@code void}.
+         * This is consistent with the JVM's treatment of constructor type descriptors.)</em>
          * <p>
          * The returned method handle will have
          * {@linkplain MethodHandle#asVarargsCollector variable arity} if and only if
          * the constructor's variable arity modifier bit ({@code 0x0080}) is set.
+         * <b>Example:</b>
+         * <p><blockquote><pre>{@code
+import static java.lang.invoke.MethodHandles.*;
+import static java.lang.invoke.MethodType.*;
+...
+MethodHandle MH_newArrayList = publicLookup().findConstructor(
+  ArrayList.class, methodType(void.class, Collection.class));
+Collection orig = Arrays.asList("x", "y");
+Collection copy = (ArrayList) MH_newArrayList.invokeExact(orig);
+assert(orig != copy);
+assertEquals(orig, copy);
+// a variable-arity constructor:
+MethodHandle MH_newProcessBuilder = publicLookup().findConstructor(
+  ProcessBuilder.class, methodType(void.class, String[].class));
+ProcessBuilder pb = (ProcessBuilder)
+  MH_newProcessBuilder.invoke("x", "y", "z");
+assertEquals("[x, y, z]", pb.command().toString());
+         * }</pre></blockquote>
          * @param refc the class or interface from which the method is accessed
          * @param type the type of the method, with the receiver argument omitted, and a void return type
          * @return the desired method handle
@@ -711,6 +778,45 @@
          * The returned method handle will have
          * {@linkplain MethodHandle#asVarargsCollector variable arity} if and only if
          * the method's variable arity modifier bit ({@code 0x0080}) is set.
+         * <p>
+         * <em>(Note:  JVM internal methods named {@code <init>} not visible to this API,
+         * even though the {@code invokespecial} instruction can refer to them
+         * in special circumstances.  Use {@link #findConstructor findConstructor}
+         * to access instance initialization methods in a safe manner.)</em>
+         * <b>Example:</b>
+         * <p><blockquote><pre>{@code
+import static java.lang.invoke.MethodHandles.*;
+import static java.lang.invoke.MethodType.*;
+...
+static class Listie extends ArrayList {
+  public String toString() { return "[wee Listie]"; }
+  static Lookup lookup() { return MethodHandles.lookup(); }
+}
+...
+// no access to constructor via invokeSpecial:
+MethodHandle MH_newListie = Listie.lookup()
+  .findConstructor(Listie.class, methodType(void.class));
+Listie l = (Listie) MH_newListie.invokeExact();
+try { assertEquals("impossible", Listie.lookup().findSpecial(
+        Listie.class, "<init>", methodType(void.class), Listie.class));
+ } catch (NoSuchMethodException ex) { } // OK
+// access to super and self methods via invokeSpecial:
+MethodHandle MH_super = Listie.lookup().findSpecial(
+  ArrayList.class, "toString" , methodType(String.class), Listie.class);
+MethodHandle MH_this = Listie.lookup().findSpecial(
+  Listie.class, "toString" , methodType(String.class), Listie.class);
+MethodHandle MH_duper = Listie.lookup().findSpecial(
+  Object.class, "toString" , methodType(String.class), Listie.class);
+assertEquals("[]", (String) MH_super.invokeExact(l));
+assertEquals(""+l, (String) MH_this.invokeExact(l));
+assertEquals("[]", (String) MH_duper.invokeExact(l)); // ArrayList method
+try { assertEquals("inaccessible", Listie.lookup().findSpecial(
+        String.class, "toString", methodType(String.class), Listie.class));
+ } catch (IllegalAccessException ex) { } // OK
+Listie subl = new Listie() { public String toString() { return "[subclass]"; } };
+assertEquals(""+l, (String) MH_this.invokeExact(subl)); // Listie method
+         * }</pre></blockquote>
+         *
          * @param refc the class or interface from which the method is accessed
          * @param name the name of the method (which must not be "&lt;init&gt;")
          * @param type the type of the method, with the receiver argument omitted
@@ -1014,15 +1120,16 @@
         /// Helper methods, all package-private.
 
         MemberName resolveOrFail(byte refKind, Class<?> refc, String name, Class<?> type) throws NoSuchFieldException, IllegalAccessException {
+            name.getClass(); type.getClass();  // NPE
             checkSymbolicClass(refc);  // do this before attempting to resolve
-            name.getClass(); type.getClass();  // NPE
             return IMPL_NAMES.resolveOrFail(refKind, new MemberName(refc, name, type, refKind), lookupClassOrNull(),
                                             NoSuchFieldException.class);
         }
 
         MemberName resolveOrFail(byte refKind, Class<?> refc, String name, MethodType type) throws NoSuchMethodException, IllegalAccessException {
+            type.getClass();  // NPE
             checkSymbolicClass(refc);  // do this before attempting to resolve
-            name.getClass(); type.getClass();  // NPE
+            checkMethodName(refKind, name);
             return IMPL_NAMES.resolveOrFail(refKind, new MemberName(refc, name, type, refKind), lookupClassOrNull(),
                                             NoSuchMethodException.class);
         }
@@ -1033,6 +1140,12 @@
                 throw new MemberName(refc).makeAccessException("symbolic reference class is not public", this);
         }
 
+        void checkMethodName(byte refKind, String name) throws NoSuchMethodException {
+            if (name.startsWith("<") && refKind != REF_newInvokeSpecial)
+                throw new NoSuchMethodException("illegal method name: "+name);
+        }
+
+
         /**
          * Find my trustable caller class if m is a caller sensitive method.
          * If this lookup object has private access, then the caller class is the lookupClass.
@@ -1155,6 +1268,31 @@
             int allowedModes = this.allowedModes;
             if (allowedModes == TRUSTED)  return;
             int mods = m.getModifiers();
+            if (Modifier.isProtected(mods)) {
+                if (refKind == REF_invokeVirtual &&
+                        m.getDeclaringClass() == Object.class &&
+                        m.getName().equals("clone") &&
+                        refc.isArray()) {
+                    // The JVM does this hack also.
+                    // (See ClassVerifier::verify_invoke_instructions
+                    // and LinkResolver::check_method_accessability.)
+                    // Because the JVM does not allow separate methods on array types,
+                    // there is no separate method for int[].clone.
+                    // All arrays simply inherit Object.clone.
+                    // But for access checking logic, we make Object.clone
+                    // (normally protected) appear to be public.
+                    // Later on, when the DirectMethodHandle is created,
+                    // its leading argument will be restricted to the
+                    // requested array type.
+                    // N.B. The return type is not adjusted, because
+                    // that is *not* the bytecode behavior.
+                    mods ^= Modifier.PROTECTED | Modifier.PUBLIC;
+                }
+                if (refKind == REF_newInvokeSpecial) {
+                    // cannot "new" a protected ctor in a different package
+                    mods ^= Modifier.PROTECTED;
+                }
+            }
             if (Modifier.isFinal(mods) &&
                     MethodHandleNatives.refKindIsSetter(refKind))
                 throw m.makeAccessException("unexpected set of a final field", this);
@@ -1399,6 +1537,9 @@
      * <p>
      * Before invoking its target, the invoker will spread the final array, apply
      * reference casts as necessary, and unbox and widen primitive arguments.
+     * If, when the invoker is called, the supplied array argument does
+     * not have the correct number of elements, the invoker will throw
+     * an {@link IllegalArgumentException} instead of invoking the target.
      * <p>
      * This method is equivalent to the following code (though it may be more efficient):
      * <p><blockquote><pre>
--- a/src/share/classes/java/lang/invoke/MethodType.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/java/lang/invoke/MethodType.java	Wed Jun 18 14:07:55 2014 -0700
@@ -628,7 +628,7 @@
      * @return the parameter types (as an immutable list)
      */
     public List<Class<?>> parameterList() {
-        return Collections.unmodifiableList(Arrays.asList(ptypes));
+        return Collections.unmodifiableList(Arrays.asList(ptypes.clone()));
     }
 
     /*non-public*/ Class<?> lastParameterType() {
--- a/src/share/classes/java/lang/reflect/Proxy.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/java/lang/reflect/Proxy.java	Wed Jun 18 14:07:55 2014 -0700
@@ -396,12 +396,13 @@
                                          Class<?>... interfaces)
         throws IllegalArgumentException
     {
-        SecurityManager sm = System.getSecurityManager();
+        final Class<?>[] intfs = interfaces.clone();
+        final SecurityManager sm = System.getSecurityManager();
         if (sm != null) {
-            checkProxyAccess(Reflection.getCallerClass(), loader, interfaces);
+            checkProxyAccess(Reflection.getCallerClass(), loader, intfs);
         }
 
-        return getProxyClass0(loader, interfaces);
+        return getProxyClass0(loader, intfs);
     }
 
     /*
@@ -725,15 +726,16 @@
             throw new NullPointerException();
         }
 
+        final Class<?>[] intfs = interfaces.clone();
         final SecurityManager sm = System.getSecurityManager();
         if (sm != null) {
-            checkProxyAccess(Reflection.getCallerClass(), loader, interfaces);
+            checkProxyAccess(Reflection.getCallerClass(), loader, intfs);
         }
 
         /*
          * Look up or generate the designated proxy class.
          */
-        Class<?> cl = getProxyClass0(loader, interfaces);
+        Class<?> cl = getProxyClass0(loader, intfs);
 
         /*
          * Invoke its constructor with the designated invocation handler.
--- a/src/share/classes/java/net/AbstractPlainDatagramSocketImpl.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/java/net/AbstractPlainDatagramSocketImpl.java	Wed Jun 18 14:07:55 2014 -0700
@@ -70,6 +70,7 @@
     static {
         java.security.AccessController.doPrivileged(
                   new sun.security.action.LoadLibraryAction("net"));
+        init();
     }
 
     /**
@@ -362,4 +363,7 @@
     protected boolean nativeConnectDisabled() {
         return connectDisabled;
     }
+
+    native int dataAvailable();
+    private static native void init();
 }
--- a/src/share/classes/java/net/DatagramSocket.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/java/net/DatagramSocket.java	Wed Jun 18 14:07:55 2014 -0700
@@ -85,6 +85,17 @@
      */
     boolean oldImpl = false;
 
+    /**
+     * Set when a socket is ST_CONNECTED until we are certain
+     * that any packets which might have been received prior
+     * to calling connect() but not read by the application
+     * have been read. During this time we check the source
+     * address of all packets received to be sure they are from
+     * the connected destination. Other packets are read but
+     * silently dropped.
+     */
+    private boolean explicitFilter = false;
+    private int bytesLeftToFilter;
     /*
      * Connection state:
      * ST_NOT_CONNECTED = socket not connected
@@ -144,6 +155,15 @@
 
                 // socket is now connected by the impl
                 connectState = ST_CONNECTED;
+                // Do we need to filter some packets?
+                int avail = getImpl().dataAvailable();
+                if (avail == -1) {
+                    throw new SocketException();
+                }
+                explicitFilter = avail > 0;
+                if (explicitFilter) {
+                    bytesLeftToFilter = getReceiveBufferSize();
+                }
             } catch (SocketException se) {
 
                 // connection will be emulated by DatagramSocket
@@ -494,6 +514,7 @@
             connectedAddress = null;
             connectedPort = -1;
             connectState = ST_NOT_CONNECTED;
+            explicitFilter = false;
         }
     }
 
@@ -752,10 +773,12 @@
                     } // end of while
                 }
             }
-            if (connectState == ST_CONNECTED_NO_IMPL) {
+            if ((connectState == ST_CONNECTED_NO_IMPL) || explicitFilter) {
                 // We have to do the filtering the old fashioned way since
                 // the native impl doesn't support connect or the connect
-                // via the impl failed.
+                // via the impl failed, or .. "explicitFilter" may be set when
+                // a socket is connected via the impl, for a period of time
+                // when packets from other sources might be queued on socket.
                 boolean stop = false;
                 while (!stop) {
                     InetAddress peekAddress = null;
@@ -774,8 +797,18 @@
                     if ((!connectedAddress.equals(peekAddress)) ||
                         (connectedPort != peekPort)) {
                         // throw the packet away and silently continue
-                        DatagramPacket tmp = new DatagramPacket(new byte[1], 1);
+                        DatagramPacket tmp = new DatagramPacket(
+                                                new byte[1024], 1024);
                         getImpl().receive(tmp);
+                        if (explicitFilter) {
+                            bytesLeftToFilter -= tmp.getLength();
+                            if (bytesLeftToFilter <= 0 ||
+                                getImpl().dataAvailable() <= 0)
+                            {
+                                explicitFilter = false;
+                                stop = true;
+                            }
+                        }
                     } else {
                         stop = true;
                     }
--- a/src/share/classes/java/net/DatagramSocketImpl.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/java/net/DatagramSocketImpl.java	Wed Jun 18 14:07:55 2014 -0700
@@ -47,6 +47,12 @@
      */
     protected FileDescriptor fd;
 
+    int dataAvailable() {
+        // default impl returns zero, which disables the calling
+        // functionality
+        return 0;
+    }
+
     /**
      * Creates a datagram socket.
      * @exception SocketException if there is an error in the
--- a/src/share/classes/java/security/Provider.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/java/security/Provider.java	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -1017,7 +1017,7 @@
      * <p>This class defines the methods {@link #supportsParameter
      * supportsParameter()} and {@link #newInstance newInstance()}
      * which are used by the Java security framework when it searches for
-     * suitable services and instantes them. The valid arguments to those
+     * suitable services and instantiates them. The valid arguments to those
      * methods depend on the type of service. For the service types defined
      * within Java SE, see the
      * <a href="../../../technotes/guides/security/crypto/CryptoSpec.html">
@@ -1207,7 +1207,7 @@
          *
          * @throws InvalidParameterException if the value of
          * constructorParameter is invalid for this type of service.
-         * @throws NoSuchAlgorithmException if instantation failed for
+         * @throws NoSuchAlgorithmException if instantiation failed for
          * any other reason.
          */
         public Object newInstance(Object constructorParameter)
@@ -1235,7 +1235,9 @@
                             + " engines");
                     }
                     Class clazz = getImplClass();
-                    return clazz.newInstance();
+                    Class<?>[] empty = {};
+                    Constructor<?> con = clazz.getConstructor(empty);
+                    return con.newInstance();
                 } else {
                     Class paramClass = cap.getConstructorParameterClass();
                     if (constructorParameter != null) {
@@ -1278,13 +1280,18 @@
                     } else {
                         clazz = cl.loadClass(className);
                     }
+                    if (!Modifier.isPublic(clazz.getModifiers())) {
+                        throw new NoSuchAlgorithmException
+                            ("class configured for " + type + " (provider: " +
+                            provider.getName() + ") is not public.");
+                    }
                     classRef = new WeakReference<Class>(clazz);
                 }
                 return clazz;
             } catch (ClassNotFoundException e) {
                 throw new NoSuchAlgorithmException
                     ("class configured for " + type + "(provider: " +
-                    provider.getName() + ")" + "cannot be found.", e);
+                    provider.getName() + ") cannot be found.", e);
             }
         }
 
@@ -1297,15 +1304,21 @@
                 throws Exception {
             Class clazz = getImplClass();
             if (constructorParameter == null) {
-                Object o = clazz.newInstance();
-                return o;
+                // create instance with public no-arg constructor if it exists
+                try {
+                    Class<?>[] empty = {};
+                    Constructor<?> con = clazz.getConstructor(empty);
+                    return con.newInstance();
+                } catch (NoSuchMethodException e) {
+                    throw new NoSuchAlgorithmException("No public no-arg "
+                        + "constructor found in class " + className);
+                }
             }
             Class argClass = constructorParameter.getClass();
             Constructor[] cons = clazz.getConstructors();
             // find first public constructor that can take the
             // argument as parameter
-            for (int i = 0; i < cons.length; i++) {
-                Constructor con = cons[i];
+            for (Constructor<?> con : cons) {
                 Class[] paramTypes = con.getParameterTypes();
                 if (paramTypes.length != 1) {
                     continue;
@@ -1313,10 +1326,9 @@
                 if (paramTypes[0].isAssignableFrom(argClass) == false) {
                     continue;
                 }
-                Object o = con.newInstance(new Object[] {constructorParameter});
-                return o;
+                return con.newInstance(constructorParameter);
             }
-            throw new NoSuchAlgorithmException("No constructor matching "
+            throw new NoSuchAlgorithmException("No public constructor matching "
                 + argClass.getName() + " found in class " + className);
         }
 
--- a/src/share/classes/java/security/Signature.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/java/security/Signature.java	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -589,6 +589,9 @@
         if (outbuf == null) {
             throw new IllegalArgumentException("No output buffer given");
         }
+        if (offset < 0 || len < 0) {
+            throw new IllegalArgumentException("offset or len is less than 0");
+        }
         if (outbuf.length - offset < len) {
             throw new IllegalArgumentException
                 ("Output buffer too small for specified offset and length");
@@ -657,9 +660,16 @@
     public final boolean verify(byte[] signature, int offset, int length)
         throws SignatureException {
         if (state == VERIFY) {
-            if ((signature == null) || (offset < 0) || (length < 0) ||
-                (length > signature.length - offset)) {
-                throw new IllegalArgumentException("Bad arguments");
+            if (signature == null) {
+                throw new IllegalArgumentException("signature is null");
+            }
+            if (offset < 0 || length < 0) {
+                throw new IllegalArgumentException
+                    ("offset or length is less than 0");
+            }
+            if (signature.length - offset < length) {
+                throw new IllegalArgumentException
+                    ("signature too small for specified offset and length");
             }
 
             return engineVerify(signature, offset, length);
@@ -712,6 +722,16 @@
     public final void update(byte[] data, int off, int len)
             throws SignatureException {
         if (state == SIGN || state == VERIFY) {
+            if (data == null) {
+                throw new IllegalArgumentException("data is null");
+            }
+            if (off < 0 || len < 0) {
+                throw new IllegalArgumentException("off or len is less than 0");
+            }
+            if (data.length - off < len) {
+                throw new IllegalArgumentException
+                    ("data too small for specified offset and length");
+            }
             engineUpdate(data, off, len);
         } else {
             throw new SignatureException("object not initialized for "
--- a/src/share/classes/java/security/cert/CertificateRevokedException.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/java/security/cert/CertificateRevokedException.java	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2007, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -95,7 +95,10 @@
         this.revocationDate = new Date(revocationDate.getTime());
         this.reason = reason;
         this.authority = authority;
-        this.extensions = new HashMap(extensions);
+        // make sure Map only contains correct types
+        this.extensions = Collections.checkedMap(new HashMap<String, Extension>(),
+                                                 String.class, Extension.class);
+        this.extensions.putAll(extensions);
     }
 
     /**
@@ -174,7 +177,8 @@
     public String getMessage() {
         return "Certificate has been revoked, reason: "
                + reason + ", revocation date: " + revocationDate
-               + ", authority: " + authority + ", extensions: " + extensions;
+               + ", authority: " + authority + ", extension OIDs: "
+               + extensions.keySet();
     }
 
     /**
--- a/src/share/classes/java/util/concurrent/atomic/AtomicReferenceFieldUpdater.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/java/util/concurrent/atomic/AtomicReferenceFieldUpdater.java	Wed Jun 18 14:07:55 2014 -0700
@@ -221,6 +221,8 @@
 
             if (vclass != fieldClass)
                 throw new ClassCastException();
+            if (vclass.isPrimitive())
+                throw new IllegalArgumentException("Must be reference type");
 
             if (!Modifier.isVolatile(modifiers))
                 throw new IllegalArgumentException("Must be volatile type");
--- a/src/share/classes/java/util/logging/LogRecord.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/java/util/logging/LogRecord.java	Wed Jun 18 14:07:55 2014 -0700
@@ -510,7 +510,13 @@
         // If necessary, try to regenerate the resource bundle.
         if (resourceBundleName != null) {
             try {
-                resourceBundle = ResourceBundle.getBundle(resourceBundleName);
+                // use system class loader to ensure the ResourceBundle
+                // instance is a different instance than null loader uses
+                final ResourceBundle bundle =
+                        ResourceBundle.getBundle(resourceBundleName,
+                                Locale.getDefault(),
+                                ClassLoader.getSystemClassLoader());
+                resourceBundle = bundle;
             } catch (MissingResourceException ex) {
                 // This is not a good place to throw an exception,
                 // so we simply leave the resourceBundle null.
--- a/src/share/classes/java/util/logging/Logger.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/java/util/logging/Logger.java	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -1526,6 +1526,9 @@
         }
 
         setCallersClassLoaderRef(callersClass);
+        if (isSystemLogger && getCallersClassLoader() != null) {
+            checkPermission();
+        }
         if (findResourceBundle(name, true) == null) {
             // We've failed to find an expected ResourceBundle.
             // unset the caller's ClassLoader since we were unable to find the
@@ -1689,7 +1692,9 @@
         Logger target = this;
         while (target != null) {
             final String rbn = isSystemLogger
-                ? target.resourceBundleName
+                // ancestor of a system logger is expected to be a system logger.
+                // ignore resource bundle name if it's not.
+                ? (target.isSystemLogger ? target.resourceBundleName : null)
                 : target.getResourceBundleName();
             if (rbn != null) {
                 return rbn;
--- a/src/share/classes/javax/crypto/JceSecurity.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/javax/crypto/JceSecurity.java	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2009, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -216,26 +216,28 @@
     private static final Map codeBaseCacheRef = new WeakHashMap();
 
     /*
-     * Retuns the CodeBase for the given class.
+     * Returns the CodeBase for the given class.
      */
     static URL getCodeBase(final Class clazz) {
-        URL url = (URL)codeBaseCacheRef.get(clazz);
-        if (url == null) {
-            url = (URL)AccessController.doPrivileged(new PrivilegedAction() {
-                public Object run() {
-                    ProtectionDomain pd = clazz.getProtectionDomain();
-                    if (pd != null) {
-                        CodeSource cs = pd.getCodeSource();
-                        if (cs != null) {
-                            return cs.getLocation();
+        synchronized (codeBaseCacheRef) {
+            URL url = (URL)codeBaseCacheRef.get(clazz);
+            if (url == null) {
+                url = (URL)AccessController.doPrivileged(new PrivilegedAction() {
+                    public Object run() {
+                        ProtectionDomain pd = clazz.getProtectionDomain();
+                        if (pd != null) {
+                            CodeSource cs = pd.getCodeSource();
+                            if (cs != null) {
+                                return cs.getLocation();
+                            }
                         }
+                        return NULL_URL;
                     }
-                    return NULL_URL;
-                }
-            });
-            codeBaseCacheRef.put(clazz, url);
+                });
+                codeBaseCacheRef.put(clazz, url);
+            }
+            return (url == NULL_URL) ? null : url;
         }
-        return (url == NULL_URL) ? null : url;
     }
 
     private static void setupJurisdictionPolicies() throws Exception {
--- a/src/share/classes/javax/swing/filechooser/FileSystemView.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/javax/swing/filechooser/FileSystemView.java	Wed Jun 18 14:07:55 2014 -0700
@@ -718,7 +718,8 @@
      * @return the Desktop folder.
      */
     public File getHomeDirectory() {
-        return getRoots()[0];
+        File[] roots = getRoots();
+        return (roots.length == 0) ? null : roots[0];
     }
 
     /**
--- a/src/share/classes/sun/awt/AppContext.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/sun/awt/AppContext.java	Wed Jun 18 14:07:55 2014 -0700
@@ -323,6 +323,20 @@
                     while (context == null) {
                         threadGroup = threadGroup.getParent();
                         if (threadGroup == null) {
+                            // We've got up to the root thread group and did not find an AppContext
+                            // Try to get it from the security manager
+                            SecurityManager securityManager = System.getSecurityManager();
+                            if (securityManager != null) {
+                                ThreadGroup smThreadGroup = securityManager.getThreadGroup();
+                                if (smThreadGroup != null) {
+                                    /*
+                                     * If we get this far then it's likely that
+                                     * the ThreadGroup does not actually belong
+                                     * to the applet, so do not cache it.
+                                     */
+                                    return threadGroup2appContext.get(smThreadGroup);
+                                }
+                            }
                             return null;
                         }
                         context = threadGroup2appContext.get(threadGroup);
--- a/src/share/classes/sun/awt/FontConfiguration.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/sun/awt/FontConfiguration.java	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -867,7 +867,7 @@
         return descriptors;
     }
 
-    private FontDescriptor[] buildFontDescriptors(int fontIndex, int styleIndex) {
+    protected FontDescriptor[] buildFontDescriptors(int fontIndex, int styleIndex) {
         String fontName = fontNames[fontIndex];
         String styleName = styleNames[styleIndex];
 
--- a/src/share/classes/sun/awt/image/ByteBandedRaster.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/sun/awt/image/ByteBandedRaster.java	Wed Jun 18 14:07:55 2014 -0700
@@ -755,10 +755,22 @@
                     + scanlineStride);
         }
 
-        for (int i = 0; i < data.length; i++) {
-            if (scanlineStride > data[i].length) {
-                throw new RasterFormatException("Incorrect scanline stride: "
-                    + scanlineStride);
+        if ((long)minX - sampleModelTranslateX < 0 ||
+            (long)minY - sampleModelTranslateY < 0) {
+
+            throw new RasterFormatException("Incorrect origin/translate: (" +
+                    minX + ", " + minY + ") / (" +
+                    sampleModelTranslateX + ", " + sampleModelTranslateY + ")");
+        }
+
+
+        if (height > 1 || minY - sampleModelTranslateY > 0) {
+            // buffer should contain at least one scanline
+            for (int i = 0; i < data.length; i++) {
+                if (scanlineStride > data[i].length) {
+                    throw new RasterFormatException("Incorrect scanline stride: "
+                        + scanlineStride);
+                }
             }
         }
 
--- a/src/share/classes/sun/awt/image/ByteComponentRaster.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/sun/awt/image/ByteComponentRaster.java	Wed Jun 18 14:07:55 2014 -0700
@@ -885,15 +885,31 @@
             }
         }
 
+        if ((long)minX - sampleModelTranslateX < 0 ||
+            (long)minY - sampleModelTranslateY < 0) {
+
+            throw new RasterFormatException("Incorrect origin/translate: (" +
+                    minX + ", " + minY + ") / (" +
+                    sampleModelTranslateX + ", " + sampleModelTranslateY + ")");
+        }
+
         // we can be sure that width and height are greater than 0
         if (scanlineStride < 0 ||
-            scanlineStride > (Integer.MAX_VALUE / height) ||
-            scanlineStride > data.length)
+            scanlineStride > (Integer.MAX_VALUE / height))
         {
             // integer overflow
             throw new RasterFormatException("Incorrect scanline stride: "
                     + scanlineStride);
         }
+
+        if (height > 1 || minY - sampleModelTranslateY > 0) {
+            // buffer should contain at least one scanline
+            if (scanlineStride > data.length) {
+                throw new RasterFormatException("Incorrect scanline stride: "
+                        + scanlineStride);
+            }
+        }
+
         int lastScanOffset = (height - 1) * scanlineStride;
 
         if (pixelStride < 0 ||
--- a/src/share/classes/sun/awt/image/BytePackedRaster.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/sun/awt/image/BytePackedRaster.java	Wed Jun 18 14:07:55 2014 -0700
@@ -1386,17 +1386,32 @@
             throw new RasterFormatException("Invalid raster dimension");
         }
 
+        if ((long)minX - sampleModelTranslateX < 0 ||
+            (long)minY - sampleModelTranslateY < 0) {
+
+            throw new RasterFormatException("Incorrect origin/translate: (" +
+                    minX + ", " + minY + ") / (" +
+                    sampleModelTranslateX + ", " + sampleModelTranslateY + ")");
+        }
+
         if (scanlineStride < 0 ||
-            scanlineStride > (Integer.MAX_VALUE / height) ||
-            scanlineStride > data.length)
+            scanlineStride > (Integer.MAX_VALUE / height))
         {
             throw new RasterFormatException("Invalid scanline stride");
         }
 
-        int lastbit = (dataBitOffset
-                       + (height-1) * scanlineStride * 8
-                       + (width-1) * pixelBitStride
-                       + pixelBitStride - 1);
+        if (height > 1 || minY - sampleModelTranslateY > 0) {
+            // buffer should contain at least one scanline
+            if (scanlineStride > data.length) {
+                throw new RasterFormatException("Incorrect scanline stride: "
+                        + scanlineStride);
+            }
+        }
+
+        long lastbit = (long) dataBitOffset
+                       + (long) (height - 1) * (long) scanlineStride * 8
+                       + (long) (width - 1) * (long) pixelBitStride
+                       + (long) pixelBitStride - 1;
         if (lastbit < 0 || lastbit / 8 >= data.length) {
             throw new RasterFormatException("raster dimensions overflow " +
                                             "array bounds");
--- a/src/share/classes/sun/awt/image/IntegerComponentRaster.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/sun/awt/image/IntegerComponentRaster.java	Wed Jun 18 14:07:55 2014 -0700
@@ -654,15 +654,31 @@
                                             ") must be >= 0");
         }
 
+        if ((long)minX - sampleModelTranslateX < 0 ||
+            (long)minY - sampleModelTranslateY < 0) {
+
+            throw new RasterFormatException("Incorrect origin/translate: (" +
+                    minX + ", " + minY + ") / (" +
+                    sampleModelTranslateX + ", " + sampleModelTranslateY + ")");
+        }
+
         // we can be sure that width and height are greater than 0
         if (scanlineStride < 0 ||
-            scanlineStride > (Integer.MAX_VALUE / height) ||
-            scanlineStride > data.length)
+            scanlineStride > (Integer.MAX_VALUE / height))
         {
             // integer overflow
             throw new RasterFormatException("Incorrect scanline stride: "
                     + scanlineStride);
         }
+
+        if (height > 1 || minY - sampleModelTranslateY > 0) {
+            // buffer should contain at least one scanline
+            if (scanlineStride > data.length) {
+                throw new RasterFormatException("Incorrect scanline stride: "
+                        + scanlineStride);
+            }
+        }
+
         int lastScanOffset = (height - 1) * scanlineStride;
 
         if (pixelStride < 0 ||
--- a/src/share/classes/sun/awt/image/ShortBandedRaster.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/sun/awt/image/ShortBandedRaster.java	Wed Jun 18 14:07:55 2014 -0700
@@ -754,10 +754,21 @@
                     + scanlineStride);
         }
 
-        for (int i = 0; i < data.length; i++) {
-            if (scanlineStride > data[i].length) {
-                throw new RasterFormatException("Incorrect scanline stride: "
-                    + scanlineStride);
+        if ((long)minX - sampleModelTranslateX < 0 ||
+            (long)minY - sampleModelTranslateY < 0) {
+
+            throw new RasterFormatException("Incorrect origin/translate: (" +
+                    minX + ", " + minY + ") / (" +
+                    sampleModelTranslateX + ", " + sampleModelTranslateY + ")");
+        }
+
+        if (height > 1 || minY - sampleModelTranslateY > 0) {
+            // buffer should contain at least one scanline
+            for (int i = 0; i < data.length; i++) {
+                if (scanlineStride > data[i].length) {
+                    throw new RasterFormatException("Incorrect scanline stride: "
+                        + scanlineStride);
+                }
             }
         }
 
--- a/src/share/classes/sun/awt/image/ShortComponentRaster.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/sun/awt/image/ShortComponentRaster.java	Wed Jun 18 14:07:55 2014 -0700
@@ -819,15 +819,31 @@
             }
         }
 
+        if ((long)minX - sampleModelTranslateX < 0 ||
+            (long)minY - sampleModelTranslateY < 0) {
+
+            throw new RasterFormatException("Incorrect origin/translate: (" +
+                    minX + ", " + minY + ") / (" +
+                    sampleModelTranslateX + ", " + sampleModelTranslateY + ")");
+        }
+
         // we can be sure that width and height are greater than 0
         if (scanlineStride < 0 ||
-            scanlineStride > (Integer.MAX_VALUE / height) ||
-            scanlineStride > data.length)
+            scanlineStride > (Integer.MAX_VALUE / height))
         {
             // integer overflow
             throw new RasterFormatException("Incorrect scanline stride: "
                     + scanlineStride);
         }
+
+        if (height > 1 || minY - sampleModelTranslateY > 0) {
+            // buffer should contain at least one scanline
+            if (scanlineStride > data.length) {
+                throw new RasterFormatException("Incorrect scanline stride: "
+                        + scanlineStride);
+            }
+        }
+
         int lastScanOffset = (height - 1) * scanlineStride;
 
         if (pixelStride < 0 ||
--- a/src/share/classes/sun/invoke/util/VerifyAccess.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/sun/invoke/util/VerifyAccess.java	Wed Jun 18 14:07:55 2014 -0700
@@ -89,35 +89,28 @@
         if (allowedModes == 0)  return false;
         assert((allowedModes & PUBLIC) != 0 &&
                (allowedModes & ~(ALL_ACCESS_MODES|PACKAGE_ALLOWED)) == 0);
-        // Usually refc and defc are the same, but if they differ, verify them both.
-        if (refc != defc) {
-            if (!isClassAccessible(refc, lookupClass, allowedModes)) {
-                // Note that defc is verified in the switch below.
-                return false;
-            }
-            if ((mods & (ALL_ACCESS_MODES|STATIC)) == (PROTECTED|STATIC) &&
-                (allowedModes & PROTECTED_OR_PACKAGE_ALLOWED) != 0) {
-                // Apply the special rules for refc here.
-                if (!isRelatedClass(refc, lookupClass))
-                    return isSamePackage(defc, lookupClass);
-                // If refc == defc, the call to isPublicSuperClass will do
-                // the whole job, since in that case refc (as defc) will be
-                // a superclass of the lookup class.
-            }
+        // The symbolic reference class (refc) must always be fully verified.
+        if (!isClassAccessible(refc, lookupClass, allowedModes)) {
+            return false;
         }
+        // Usually refc and defc are the same, but verify defc also in case they differ.
         if (defc == lookupClass &&
             (allowedModes & PRIVATE) != 0)
             return true;        // easy check; all self-access is OK
         switch (mods & ALL_ACCESS_MODES) {
         case PUBLIC:
-            if (refc != defc)  return true;  // already checked above
-            return isClassAccessible(refc, lookupClass, allowedModes);
+            return true;  // already checked above
         case PROTECTED:
             if ((allowedModes & PROTECTED_OR_PACKAGE_ALLOWED) != 0 &&
                 isSamePackage(defc, lookupClass))
                 return true;
+            if ((allowedModes & PROTECTED) == 0)
+                return false;
+            if ((mods & STATIC) != 0 &&
+                !isRelatedClass(refc, lookupClass))
+                return false;
             if ((allowedModes & PROTECTED) != 0 &&
-                isPublicSuperClass(defc, lookupClass))
+                isSuperClass(defc, lookupClass))
                 return true;
             return false;
         case PACKAGE_ONLY:  // That is, zero.  Unmarked member is package-only access.
@@ -139,8 +132,8 @@
                 lookupClass.isAssignableFrom(refc));
     }
 
-    static boolean isPublicSuperClass(Class<?> defc, Class<?> lookupClass) {
-        return isPublic(defc.getModifiers()) && defc.isAssignableFrom(lookupClass);
+    static boolean isSuperClass(Class<?> defc, Class<?> lookupClass) {
+        return defc.isAssignableFrom(lookupClass);
     }
 
     /**
--- a/src/share/classes/sun/misc/JavaLangAccess.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/sun/misc/JavaLangAccess.java	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -35,10 +35,10 @@
     ConstantPool getConstantPool(Class klass);
 
     /**
-     * Set the AnnotationType instance corresponding to this class.
+     * Compare-And-Swap the AnnotationType instance corresponding to this class.
      * (This method only applies to annotation types.)
      */
-    void setAnnotationType(Class klass, AnnotationType annotationType);
+    boolean casAnnotationType(Class<?> klass, AnnotationType oldType, AnnotationType newType);
 
     /**
      * Get the AnnotationType instance corresponding to this class.
@@ -47,6 +47,12 @@
     AnnotationType getAnnotationType(Class klass);
 
     /**
+     * Get the array of bytes that is the class-file representation
+     * of this Class' annotations.
+     */
+    byte[] getRawClassAnnotations(Class<?> klass);
+
+    /**
      * Returns the elements of an enum class or null if the
      * Class object does not represent an enum type;
      * the result is uncloned, cached, and shared by all callers.
--- a/src/share/classes/sun/net/www/http/ChunkedOutputStream.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/sun/net/www/http/ChunkedOutputStream.java	Wed Jun 18 14:07:55 2014 -0700
@@ -125,7 +125,7 @@
         completeHeader = getHeader(preferredChunkDataSize);
 
         /* start with an initial buffer */
-        buf = new byte[preferredChunkDataSize + 32];
+        buf = new byte[preferredChunkGrossSize];
         reset();
     }
 
--- a/src/share/classes/sun/nio/ch/DatagramChannelImpl.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/sun/nio/ch/DatagramChannelImpl.java	Wed Jun 18 14:07:55 2014 -0700
@@ -751,6 +751,26 @@
 
                     // set or refresh local address
                     localAddress = Net.localAddress(fd);
+
+                    // flush any packets already received.
+                    boolean blocking = false;
+                    synchronized (blockingLock()) {
+                        try {
+                            blocking = isBlocking();
+                            // remainder of each packet thrown away
+                            ByteBuffer tmpBuf = ByteBuffer.allocate(1);
+                            if (blocking) {
+                                configureBlocking(false);
+                            }
+                            do {
+                                tmpBuf.clear();
+                            } while (read(tmpBuf) > 0);
+                        } finally {
+                            if (blocking) {
+                                configureBlocking(true);
+                            }
+                        }
+                    }
                 }
             }
         }
--- a/src/share/classes/sun/reflect/annotation/AnnotationInvocationHandler.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/sun/reflect/annotation/AnnotationInvocationHandler.java	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -29,7 +29,6 @@
 import java.lang.reflect.*;
 import java.io.Serializable;
 import java.util.*;
-import java.lang.annotation.*;
 import java.security.AccessController;
 import java.security.PrivilegedAction;
 
@@ -45,6 +44,11 @@
     private final Map<String, Object> memberValues;
 
     AnnotationInvocationHandler(Class<? extends Annotation> type, Map<String, Object> memberValues) {
+        Class<?>[] superInterfaces = type.getInterfaces();
+        if (!type.isAnnotation() ||
+            superInterfaces.length != 1 ||
+            superInterfaces[0] != java.lang.annotation.Annotation.class)
+            throw new AnnotationFormatError("Attempt to create proxy for a non-annotation type.");
         this.type = type;
         this.memberValues = memberValues;
     }
@@ -57,13 +61,17 @@
         if (member.equals("equals") && paramTypes.length == 1 &&
             paramTypes[0] == Object.class)
             return equalsImpl(args[0]);
-        assert paramTypes.length == 0;
-        if (member.equals("toString"))
+        if (paramTypes.length != 0)
+            throw new AssertionError("Too many parameters for an annotation method");
+
+        switch(member) {
+        case "toString":
             return toStringImpl();
-        if (member.equals("hashCode"))
+        case "hashCode":
             return hashCodeImpl();
-        if (member.equals("annotationType"))
+        case "annotationType":
             return type;
+        }
 
         // Handle annotation member accessors
         Object result = memberValues.get(member);
@@ -129,7 +137,7 @@
      * Implementation of dynamicProxy.toString()
      */
     private String toStringImpl() {
-        StringBuffer result = new StringBuffer(128);
+        StringBuilder result = new StringBuilder(128);
         result.append('@');
         result.append(type.getName());
         result.append('(');
@@ -277,6 +285,7 @@
                 new PrivilegedAction<Method[]>() {
                     public Method[] run() {
                         final Method[] mm = type.getDeclaredMethods();
+                        validateAnnotationMethods(mm);
                         AccessibleObject.setAccessible(mm, true);
                         return mm;
                     }
@@ -287,6 +296,93 @@
     private transient volatile Method[] memberMethods = null;
 
     /**
+     * Validates that a method is structurally appropriate for an
+     * annotation type. As of Java SE 7, annotation types cannot
+     * contain static methods and the declared methods of an
+     * annotation type must take zero arguments and there are
+     * restrictions on the return type.
+     */
+    private void validateAnnotationMethods(Method[] memberMethods) {
+        /*
+         * Specification citations below are from JLS
+         * 9.6.1. Annotation Type Elements
+         */
+        boolean valid = true;
+        for(Method method : memberMethods) {
+            /*
+             * "By virtue of the AnnotationTypeElementDeclaration
+             * production, a method declaration in an annotation type
+             * declaration cannot have formal parameters, type
+             * parameters, or a throws clause.
+             *
+             * "By virtue of the AnnotationTypeElementModifier
+             * production, a method declaration in an annotation type
+             * declaration cannot be default or static."
+             */
+            if (method.getModifiers() != (Modifier.PUBLIC | Modifier.ABSTRACT) ||
+                method.getParameterTypes().length != 0 ||
+                method.getExceptionTypes().length != 0) {
+                valid = false;
+                break;
+            }
+
+            /*
+             * "It is a compile-time error if the return type of a
+             * method declared in an annotation type is not one of the
+             * following: a primitive type, String, Class, any
+             * parameterized invocation of Class, an enum type
+             * (section 8.9), an annotation type, or an array type
+             * (chapter 10) whose element type is one of the preceding
+             * types."
+             */
+            Class<?> returnType = method.getReturnType();
+            if (returnType.isArray()) {
+                returnType = returnType.getComponentType();
+                if (returnType.isArray()) { // Only single dimensional arrays
+                    valid = false;
+                    break;
+                }
+            }
+
+            if (!((returnType.isPrimitive() && returnType != void.class) ||
+                  returnType == java.lang.String.class ||
+                  returnType == java.lang.Class.class ||
+                  returnType.isEnum() ||
+                  returnType.isAnnotation())) {
+                valid = false;
+                break;
+            }
+
+            /*
+             * "It is a compile-time error if any method declared in an
+             * annotation type has a signature that is
+             * override-equivalent to that of any public or protected
+             * method declared in class Object or in the interface
+             * java.lang.annotation.Annotation."
+             *
+             * The methods in Object or Annotation meeting the other
+             * criteria (no arguments, contrained return type, etc.)
+             * above are:
+             *
+             * String toString()
+             * int hashCode()
+             * Class<? extends Annotation> annotationType()
+             */
+            String methodName = method.getName();
+            if ((methodName.equals("toString") && returnType == java.lang.String.class) ||
+                (methodName.equals("hashCode") && returnType == int.class) ||
+                (methodName.equals("annotationType") && returnType == java.lang.Class.class)) {
+                valid = false;
+                break;
+            }
+        }
+        if (valid)
+            return;
+        else
+            throw new AnnotationFormatError("Malformed method on an annotation type");
+    }
+
+    /**
      * Implementation of dynamicProxy.hashCode()
      */
     private int hashCodeImpl() {
@@ -330,7 +426,6 @@
         throws java.io.IOException, ClassNotFoundException {
         s.defaultReadObject();
 
-
         // Check to make sure that types have not evolved incompatibly
 
         AnnotationType annotationType = null;
@@ -343,7 +438,6 @@
 
         Map<String, Class<?>> memberTypes = annotationType.memberTypes();
 
-
         // If there are annotation members without values, that
         // situation is handled by the invoke method.
         for (Map.Entry<String, Object> memberValue : memberValues.entrySet()) {
--- a/src/share/classes/sun/reflect/annotation/AnnotationParser.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/sun/reflect/annotation/AnnotationParser.java	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2005, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -67,7 +67,35 @@
             return Collections.emptyMap();
 
         try {
-            return parseAnnotations2(rawAnnotations, constPool, container);
+            return parseAnnotations2(rawAnnotations, constPool, container, null);
+        } catch(BufferUnderflowException e) {
+            throw new AnnotationFormatError("Unexpected end of annotations.");
+        } catch(IllegalArgumentException e) {
+            // Type mismatch in constant pool
+            throw new AnnotationFormatError(e);
+        }
+    }
+
+    /**
+     * Like {@link #parseAnnotations(byte[], sun.reflect.ConstantPool, Class)}
+     * with an additional parameter {@code selectAnnotationClasses} which selects the
+     * annotation types to parse (other than selected are quickly skipped).<p>
+     * This method is only used to parse select meta annotations in the construction
+     * phase of {@link AnnotationType} instances to prevent infinite recursion.
+     *
+     * @param selectAnnotationClasses an array of annotation types to select when parsing
+     */
+    @SafeVarargs
+    static Map<Class<? extends Annotation>, Annotation> parseSelectAnnotations(
+                byte[] rawAnnotations,
+                ConstantPool constPool,
+                Class<?> container,
+                Class<? extends Annotation> ... selectAnnotationClasses) {
+        if (rawAnnotations == null)
+            return Collections.emptyMap();
+
+        try {
+            return parseAnnotations2(rawAnnotations, constPool, container, selectAnnotationClasses);
         } catch(BufferUnderflowException e) {
             throw new AnnotationFormatError("Unexpected end of annotations.");
         } catch(IllegalArgumentException e) {
@@ -79,22 +107,23 @@
     private static Map<Class<? extends Annotation>, Annotation> parseAnnotations2(
                 byte[] rawAnnotations,
                 ConstantPool constPool,
-                Class<?> container) {
+                Class<?> container,
+                Class<? extends Annotation>[] selectAnnotationClasses) {
         Map<Class<? extends Annotation>, Annotation> result =
             new LinkedHashMap<Class<? extends Annotation>, Annotation>();
         ByteBuffer buf = ByteBuffer.wrap(rawAnnotations);
         int numAnnotations = buf.getShort() & 0xFFFF;
         for (int i = 0; i < numAnnotations; i++) {
-            Annotation a = parseAnnotation(buf, constPool, container, false);
+            Annotation a = parseAnnotation2(buf, constPool, container, false, selectAnnotationClasses);
             if (a != null) {
                 Class<? extends Annotation> klass = a.annotationType();
-                AnnotationType type = AnnotationType.getInstance(klass);
-                if (type.retention() == RetentionPolicy.RUNTIME)
-                    if (result.put(klass, a) != null)
+                if (AnnotationType.getInstance(klass).retention() == RetentionPolicy.RUNTIME &&
+                    result.put(klass, a) != null) {
                         throw new AnnotationFormatError(
                             "Duplicate annotation for class: "+klass+": " + a);
             }
         }
+        }
         return result;
     }
 
@@ -191,6 +220,15 @@
                                               ConstantPool constPool,
                                               Class<?> container,
                                               boolean exceptionOnMissingAnnotationClass) {
+       return parseAnnotation2(buf, constPool, container, exceptionOnMissingAnnotationClass, null);
+    }
+
+    @SuppressWarnings("unchecked")
+    private static Annotation parseAnnotation2(ByteBuffer buf,
+                                              ConstantPool constPool,
+                                              Class<?> container,
+                                              boolean exceptionOnMissingAnnotationClass,
+                                              Class<? extends Annotation>[] selectAnnotationClasses) {
         int typeIndex = buf.getShort() & 0xFFFF;
         Class<? extends Annotation> annotationClass = null;
         String sig = "[unknown]";
@@ -216,6 +254,10 @@
             skipAnnotation(buf, false);
             return null;
         }
+        if (selectAnnotationClasses != null && !contains(selectAnnotationClasses, annotationClass)) {
+            skipAnnotation(buf, false);
+            return null;
+        }
         AnnotationType type = null;
         try {
             type = AnnotationType.getInstance(annotationClass);
@@ -791,6 +833,17 @@
             skipMemberValue(buf);
     }
 
+    /**
+     * Searches for given {@code element} in given {@code array} by identity.
+     * Returns {@code true} if found {@code false} if not.
+     */
+    private static boolean contains(Object[] array, Object element) {
+        for (Object e : array)
+            if (e == element)
+                return true;
+        return false;
+    }
+
     /*
      * This method converts the annotation map returned by the parseAnnotations()
      * method to an array.  It is called by Field.getDeclaredAnnotations(),
--- a/src/share/classes/sun/reflect/annotation/AnnotationType.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/sun/reflect/annotation/AnnotationType.java	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -25,6 +25,8 @@
 
 package sun.reflect.annotation;
 
+import sun.misc.JavaLangAccess;
+
 import java.lang.annotation.*;
 import java.lang.reflect.*;
 import java.util.*;
@@ -45,29 +47,28 @@
      * types.  This matches the return value that must be used for a
      * dynamic proxy, allowing for a simple isInstance test.
      */
-    private final Map<String, Class<?>> memberTypes = new HashMap<String,Class<?>>();
+    private final Map<String, Class<?>> memberTypes;
 
     /**
      * Member name -> default value mapping.
      */
-    private final Map<String, Object> memberDefaults =
-        new HashMap<String, Object>();
+    private final Map<String, Object> memberDefaults;
 
     /**
-     * Member name -> Method object mapping. This (and its assoicated
+     * Member name -> Method object mapping. This (and its associated
      * accessor) are used only to generate AnnotationTypeMismatchExceptions.
      */
-    private final Map<String, Method> members = new HashMap<String, Method>();
+    private final Map<String, Method> members;
 
     /**
      * The retention policy for this annotation type.
      */
-    private RetentionPolicy retention = RetentionPolicy.RUNTIME;;
+    private final RetentionPolicy retention;
 
     /**
      * Whether this annotation type is inherited.
      */
-    private boolean inherited = false;
+    private final boolean inherited;
 
     /**
      * Returns an AnnotationType instance for the specified annotation type.
@@ -75,13 +76,20 @@
      * @throw IllegalArgumentException if the specified class object for
      *     does not represent a valid annotation type
      */
-    public static synchronized AnnotationType getInstance(
+    public static AnnotationType getInstance(
         Class<? extends Annotation> annotationClass)
     {
-        AnnotationType result = sun.misc.SharedSecrets.getJavaLangAccess().
-            getAnnotationType(annotationClass);
-        if (result == null)
-            result = new AnnotationType((Class<? extends Annotation>) annotationClass);
+        JavaLangAccess jla = sun.misc.SharedSecrets.getJavaLangAccess();
+        AnnotationType result = jla.getAnnotationType(annotationClass); // volatile read
+        if (result == null) {
+            result = new AnnotationType(annotationClass);
+            // try to CAS the AnnotationType: null -> result
+            if (!jla.casAnnotationType(annotationClass, null, result)) {
+                // somebody was quicker -> read it's result
+                result = jla.getAnnotationType(annotationClass);
+                assert result != null;
+            }
+        }
 
         return result;
     }
@@ -105,6 +113,9 @@
                 }
             });
 
+        memberTypes = new HashMap<String,Class<?>>(methods.length+1, 1.0f);
+        memberDefaults = new HashMap<String, Object>(0);
+        members = new HashMap<String, Method>(methods.length+1, 1.0f);
 
         for (Method method :  methods) {
             if (method.getParameterTypes().length != 0)
@@ -117,20 +128,27 @@
             Object defaultValue = method.getDefaultValue();
             if (defaultValue != null)
                 memberDefaults.put(name, defaultValue);
-
-            members.put(name, method);
         }
 
-        sun.misc.SharedSecrets.getJavaLangAccess().
-            setAnnotationType(annotationClass, this);
-
         // Initialize retention, & inherited fields.  Special treatment
         // of the corresponding annotation types breaks infinite recursion.
         if (annotationClass != Retention.class &&
             annotationClass != Inherited.class) {
-            Retention ret = annotationClass.getAnnotation(Retention.class);
+            JavaLangAccess jla = sun.misc.SharedSecrets.getJavaLangAccess();
+            Map<Class<? extends Annotation>, Annotation> metaAnnotations =
+                AnnotationParser.parseSelectAnnotations(
+                    jla.getRawClassAnnotations(annotationClass),
+                    jla.getConstantPool(annotationClass),
+                    annotationClass,
+                    Retention.class, Inherited.class
+                );
+            Retention ret = (Retention) metaAnnotations.get(Retention.class);
             retention = (ret == null ? RetentionPolicy.CLASS : ret.value());
-            inherited = annotationClass.isAnnotationPresent(Inherited.class);
+            inherited = metaAnnotations.containsKey(Inherited.class);
+        }
+        else {
+            retention = RetentionPolicy.RUNTIME;
+            inherited = false;
         }
     }
 
@@ -205,11 +223,10 @@
      * For debugging.
      */
     public String toString() {
-        StringBuffer s = new StringBuffer("Annotation Type:" + "\n");
-        s.append("   Member types: " + memberTypes + "\n");
-        s.append("   Member defaults: " + memberDefaults + "\n");
-        s.append("   Retention policy: " + retention + "\n");
-        s.append("   Inherited: " + inherited);
-        return s.toString();
+        return "Annotation Type:\n" +
+               "   Member types: " + memberTypes + "\n" +
+               "   Member defaults: " + memberDefaults + "\n" +
+               "   Retention policy: " + retention + "\n" +
+               "   Inherited: " + inherited;
     }
 }
--- a/src/share/classes/sun/security/ec/ECKeyPairGenerator.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/sun/security/ec/ECKeyPairGenerator.java	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -123,19 +123,19 @@
 
         try {
 
-            long[] handles = generateECKeyPair(keySize, encodedParams, seed);
+            Object[] keyBytes = generateECKeyPair(keySize, encodedParams, seed);
 
             // The 'params' object supplied above is equivalent to the native
             // one so there is no need to fetch it.
 
-            // handles[0] points to the native private key
-            BigInteger s = new BigInteger(1, getEncodedBytes(handles[0]));
+            // keyBytes[0] is the encoding of the native private key
+            BigInteger s = new BigInteger(1, (byte[])keyBytes[0]);
 
             PrivateKey privateKey =
                 new ECPrivateKeyImpl(s, (ECParameterSpec)params);
 
-            // handles[1] points to the native public key
-            ECPoint w = ECParameters.decodePoint(getEncodedBytes(handles[1]),
+            // keyBytes[1] is the encoding of the native public key
+            ECPoint w = ECParameters.decodePoint((byte[])keyBytes[1],
                 ((ECParameterSpec)params).getCurve());
             PublicKey publicKey =
                 new ECPublicKeyImpl(w, (ECParameterSpec)params);
@@ -160,14 +160,9 @@
     }
 
     /*
-     * Generates the keypair and returns a 2-element array of handles.
-     * The first handle points to the private key, the second to the public key.
+     * Generates the keypair and returns a 2-element array of encoding bytes.
+     * The first one is for the private key, the second for the public key.
      */
-    private static native long[] generateECKeyPair(int keySize,
+    private static native Object[] generateECKeyPair(int keySize,
         byte[] encodedParams, byte[] seed) throws GeneralSecurityException;
-
-    /*
-     * Extracts the encoded key data using the supplied handle.
-     */
-    private static native byte[] getEncodedBytes(long handle);
 }
--- a/src/share/classes/sun/security/internal/spec/TlsRsaPremasterSecretParameterSpec.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/sun/security/internal/spec/TlsRsaPremasterSecretParameterSpec.java	Wed Jun 18 14:07:55 2014 -0700
@@ -26,11 +26,11 @@
 package sun.security.internal.spec;
 
 import java.security.spec.AlgorithmParameterSpec;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
 
 /**
- * Parameters for SSL/TLS RSA Premaster secret generation.
- * This class is used by SSL/TLS client to initialize KeyGenerators of the
- * type "TlsRsaPremasterSecret".
+ * Parameters for SSL/TLS RSA premaster secret.
  *
  * <p>Instances of this class are immutable.
  *
@@ -43,90 +43,108 @@
 public class TlsRsaPremasterSecretParameterSpec
         implements AlgorithmParameterSpec {
 
-    private final int majorVersion;
-    private final int minorVersion;
-    private final byte[] encodedSecret;
+    /*
+     * The TLS spec says that the version in the RSA premaster secret must
+     * be the maximum version supported by the client (i.e. the version it
+     * requested in its client hello version). However, we (and other
+     * implementations) used to send the active negotiated version. The
+     * system property below allows to toggle the behavior.
+     */
+    private final static String PROP_NAME =
+                                "com.sun.net.ssl.rsaPreMasterSecretFix";
+
+    /*
+     * Default is "false" (old behavior) for compatibility reasons in
+     * SSLv3/TLSv1.  Later protocols (TLSv1.1+) do not use this property.
+     */
+    private final static boolean rsaPreMasterSecretFix =
+            AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
+                public Boolean run() {
+                    String value = System.getProperty(PROP_NAME);
+                    if (value != null && value.equalsIgnoreCase("true")) {
+                        return Boolean.TRUE;
+                    }
+
+                    return Boolean.FALSE;
+                }
+            });
+
+    private final int clientVersion;
+    private final int serverVersion;
 
     /**
      * Constructs a new TlsRsaPremasterSecretParameterSpec.
-     * <P>
-     * The version numbers will be placed inside the premaster secret to
-     * detect version rollbacks attacks as described in the TLS specification.
-     * Note that they do not indicate the protocol version negotiated for
-     * the handshake.
      *
-     * @param majorVersion the major number of the protocol version
-     * @param minorVersion the minor number of the protocol version
+     * @param clientVersion the version of the TLS protocol by which the
+     *        client wishes to communicate during this session
+     * @param serverVersion the negotiated version of the TLS protocol which
+     *        contains the lower of that suggested by the client in the client
+     *        hello and the highest supported by the server.
      *
-     * @throws IllegalArgumentException if minorVersion or majorVersion are
-     *   negative or larger than 255
+     * @throws IllegalArgumentException if clientVersion or serverVersion are
+     *   negative or larger than (2^16 - 1)
      */
-    public TlsRsaPremasterSecretParameterSpec(int majorVersion,
-            int minorVersion) {
-        this.majorVersion =
-            TlsMasterSecretParameterSpec.checkVersion(majorVersion);
-        this.minorVersion =
-            TlsMasterSecretParameterSpec.checkVersion(minorVersion);
-        this.encodedSecret = null;
+    public TlsRsaPremasterSecretParameterSpec(
+            int clientVersion, int serverVersion) {
+
+        this.clientVersion = checkVersion(clientVersion);
+        this.serverVersion = checkVersion(serverVersion);
     }
 
     /**
-     * Constructs a new TlsRsaPremasterSecretParameterSpec.
-     * <P>
-     * The version numbers will be placed inside the premaster secret to
-     * detect version rollbacks attacks as described in the TLS specification.
-     * Note that they do not indicate the protocol version negotiated for
-     * the handshake.
-     * <P>
-     * Usually, the encoded secret key is a random number that acts as
-     * dummy pre_master_secret to avoid vulnerabilities described by
-     * section 7.4.7.1, RFC 5246.
+     * Returns the version of the TLS protocol by which the client wishes to
+     * communicate during this session.
      *
-     * @param majorVersion the major number of the protocol version
-     * @param minorVersion the minor number of the protocol version
-     * @param encodedSecret the encoded secret key
-     *
-     * @throws IllegalArgumentException if minorVersion or majorVersion are
-     *   negative or larger than 255, or encodedSecret is not exactly 48 bytes.
+     * @return the version of the TLS protocol in ClientHello message
      */
-    public TlsRsaPremasterSecretParameterSpec(int majorVersion,
-            int minorVersion, byte[] encodedSecret) {
-        this.majorVersion =
-            TlsMasterSecretParameterSpec.checkVersion(majorVersion);
-        this.minorVersion =
-            TlsMasterSecretParameterSpec.checkVersion(minorVersion);
-
-        if (encodedSecret == null || encodedSecret.length != 48) {
-            throw new IllegalArgumentException(
-                        "Encoded secret is not exactly 48 bytes");
-        }
-        this.encodedSecret = encodedSecret.clone();
+    public int getClientVersion() {
+        return clientVersion;
     }
 
     /**
-     * Returns the major version.
+     * Returns the negotiated version of the TLS protocol which contains the
+     * lower of that suggested by the client in the client hello and the
+     * highest supported by the server.
      *
-     * @return the major version.
+     * @return the negotiated version of the TLS protocol in ServerHello message
      */
-    public int getMajorVersion() {
-        return majorVersion;
+    public int getServerVersion() {
+        return serverVersion;
     }
 
     /**
-     * Returns the minor version.
+     * Returns the major version used in RSA premaster secret.
      *
-     * @return the minor version.
+     * @return the major version used in RSA premaster secret.
      */
-    public int getMinorVersion() {
-        return minorVersion;
+    public int getMajorVersion() {
+        if (rsaPreMasterSecretFix || clientVersion >= 0x0302) {
+                                                        // 0x0302: TLSv1.1
+            return (clientVersion >>> 8) & 0xFF;
+        }
+
+        return (serverVersion >>> 8) & 0xFF;
     }
 
     /**
-     * Returns the encoded secret.
+     * Returns the minor version used in RSA premaster secret.
      *
-     * @return the encoded secret, may be null if no encoded secret.
+     * @return the minor version used in RSA premaster secret.
      */
-    public byte[] getEncodedSecret() {
-        return encodedSecret == null ? null : encodedSecret.clone();
+    public int getMinorVersion() {
+        if (rsaPreMasterSecretFix || clientVersion >= 0x0302) {
+                                                        // 0x0302: TLSv1.1
+            return clientVersion & 0xFF;
+        }
+
+        return serverVersion & 0xFF;
+    }
+
+    private int checkVersion(int version) {
+        if ((version < 0) || (version > 0xFFFF)) {
+            throw new IllegalArgumentException(
+                        "Version must be between 0 and 65,535");
+        }
+        return version;
     }
 }
--- a/src/share/classes/sun/security/pkcs11/P11RSACipher.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/sun/security/pkcs11/P11RSACipher.java	Wed Jun 18 14:07:55 2014 -0700
@@ -37,6 +37,8 @@
 import static sun.security.pkcs11.TemplateManager.*;
 import sun.security.pkcs11.wrapper.*;
 import static sun.security.pkcs11.wrapper.PKCS11Constants.*;
+import sun.security.internal.spec.TlsRsaPremasterSecretParameterSpec;
+import sun.security.util.KeyUtil;
 
 /**
  * RSA Cipher implementation class. We currently only support
@@ -102,6 +104,12 @@
     // maximum output size. this is the length of the key
     private int outputSize;
 
+    // cipher parameter for TLS RSA premaster secret
+    private AlgorithmParameterSpec spec = null;
+
+    // the source of randomness
+    private SecureRandom random;
+
     P11RSACipher(Token token, String algorithm, long mechanism)
             throws PKCS11Exception {
         super();
@@ -165,8 +173,12 @@
             AlgorithmParameterSpec params, SecureRandom random)
             throws InvalidKeyException, InvalidAlgorithmParameterException {
         if (params != null) {
-            throw new InvalidAlgorithmParameterException
-                ("Parameters not supported");
+            if (!(params instanceof TlsRsaPremasterSecretParameterSpec)) {
+                throw new InvalidAlgorithmParameterException(
+                        "Parameters not supported");
+            }
+            spec = params;
+            this.random = random;   // for TLS RSA premaster secret
         }
         implInit(opmode, key);
     }
@@ -176,8 +188,8 @@
             SecureRandom random)
             throws InvalidKeyException, InvalidAlgorithmParameterException {
         if (params != null) {
-            throw new InvalidAlgorithmParameterException
-                ("Parameters not supported");
+            throw new InvalidAlgorithmParameterException(
+                        "Parameters not supported");
         }
         implInit(opmode, key);
     }
@@ -452,21 +464,101 @@
     protected Key engineUnwrap(byte[] wrappedKey, String algorithm,
             int type) throws InvalidKeyException, NoSuchAlgorithmException {
 
-        // XXX implement unwrap using C_Unwrap() for all keys
-        implInit(Cipher.DECRYPT_MODE, p11Key);
-        if (wrappedKey.length > maxInputSize) {
-            throw new InvalidKeyException("Key is too long for unwrapping");
+        boolean isTlsRsaPremasterSecret =
+                algorithm.equals("TlsRsaPremasterSecret");
+        Exception failover = null;
+
+        SecureRandom secureRandom = random;
+        if (secureRandom == null && isTlsRsaPremasterSecret) {
+            secureRandom = new SecureRandom();
         }
-        implUpdate(wrappedKey, 0, wrappedKey.length);
-        try {
-            byte[] encoded = doFinal();
+
+        // Should C_Unwrap be preferred for non-TLS RSA premaster secret?
+        if (token.supportsRawSecretKeyImport()) {
+            // XXX implement unwrap using C_Unwrap() for all keys
+            implInit(Cipher.DECRYPT_MODE, p11Key);
+            if (wrappedKey.length > maxInputSize) {
+                throw new InvalidKeyException("Key is too long for unwrapping");
+            }
+
+            byte[] encoded = null;
+            implUpdate(wrappedKey, 0, wrappedKey.length);
+            try {
+                encoded = doFinal();
+            } catch (BadPaddingException e) {
+                if (isTlsRsaPremasterSecret) {
+                    failover = e;
+                } else {
+                    throw new InvalidKeyException("Unwrapping failed", e);
+                }
+            } catch (IllegalBlockSizeException e) {
+                // should not occur, handled with length check above
+                throw new InvalidKeyException("Unwrapping failed", e);
+            }
+
+            if (isTlsRsaPremasterSecret) {
+                if (!(spec instanceof TlsRsaPremasterSecretParameterSpec)) {
+                    throw new IllegalStateException(
+                            "No TlsRsaPremasterSecretParameterSpec specified");
+                }
+
+                // polish the TLS premaster secret
+                TlsRsaPremasterSecretParameterSpec psps =
+                        (TlsRsaPremasterSecretParameterSpec)spec;
+                encoded = KeyUtil.checkTlsPreMasterSecretKey(
+                        psps.getClientVersion(), psps.getServerVersion(),
+                        secureRandom, encoded, (failover != null));
+            }
+
             return ConstructKeys.constructKey(encoded, algorithm, type);
-        } catch (BadPaddingException e) {
-            // should not occur
-            throw new InvalidKeyException("Unwrapping failed", e);
-        } catch (IllegalBlockSizeException e) {
-            // should not occur, handled with length check above
-            throw new InvalidKeyException("Unwrapping failed", e);
+        } else {
+            Session s = null;
+            SecretKey secretKey = null;
+            try {
+                try {
+                    s = token.getObjSession();
+                    long keyType = CKK_GENERIC_SECRET;
+                    CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
+                            new CK_ATTRIBUTE(CKA_CLASS, CKO_SECRET_KEY),
+                            new CK_ATTRIBUTE(CKA_KEY_TYPE, keyType),
+                        };
+                    attributes = token.getAttributes(
+                            O_IMPORT, CKO_SECRET_KEY, keyType, attributes);
+                    long keyID = token.p11.C_UnwrapKey(s.id(),
+                            new CK_MECHANISM(mechanism), p11Key.keyID,
+                            wrappedKey, attributes);
+                    secretKey = P11Key.secretKey(s, keyID,
+                            algorithm, 48 << 3, attributes);
+                } catch (PKCS11Exception e) {
+                    if (isTlsRsaPremasterSecret) {
+                        failover = e;
+                    } else {
+                        throw new InvalidKeyException("unwrap() failed", e);
+                    }
+                }
+
+                if (isTlsRsaPremasterSecret) {
+                    byte[] replacer = new byte[48];
+                    if (failover == null) {
+                        // Does smart compiler dispose this operation?
+                        secureRandom.nextBytes(replacer);
+                    }
+
+                    TlsRsaPremasterSecretParameterSpec psps =
+                            (TlsRsaPremasterSecretParameterSpec)spec;
+
+                    // Please use the tricky failover and replacer byte array
+                    // as the parameters so that smart compiler won't dispose
+                    // the unused variable .
+                    secretKey = polishPreMasterSecretKey(token, s,
+                            failover, replacer, secretKey,
+                            psps.getClientVersion(), psps.getServerVersion());
+                }
+
+                return secretKey;
+            } finally {
+                token.releaseSession(s);
+            }
         }
     }
 
@@ -475,6 +567,34 @@
         int n = P11KeyFactory.convertKey(token, key, algorithm).length();
         return n;
     }
+
+    private static SecretKey polishPreMasterSecretKey(
+            Token token, Session session,
+            Exception failover, byte[] replacer, SecretKey secretKey,
+            int clientVersion, int serverVersion) {
+
+        if (failover != null) {
+            CK_VERSION version = new CK_VERSION(
+                    (clientVersion >>> 8) & 0xFF, clientVersion & 0xFF);
+            try {
+                CK_ATTRIBUTE[] attributes = token.getAttributes(
+                        O_GENERATE, CKO_SECRET_KEY,
+                        CKK_GENERIC_SECRET, new CK_ATTRIBUTE[0]);
+                long keyID = token.p11.C_GenerateKey(session.id(),
+                    // new CK_MECHANISM(CKM_TLS_PRE_MASTER_KEY_GEN, version),
+                        new CK_MECHANISM(CKM_SSL3_PRE_MASTER_KEY_GEN, version),
+                        attributes);
+                return P11Key.secretKey(session,
+                        keyID, "TlsRsaPremasterSecret", 48 << 3, attributes);
+            } catch (PKCS11Exception e) {
+                throw new ProviderException(
+                        "Could not generate premaster secret", e);
+            }
+        }
+
+        return secretKey;
+    }
+
 }
 
 final class ConstructKeys {
--- a/src/share/classes/sun/security/pkcs11/P11TlsRsaPremasterSecretGenerator.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/sun/security/pkcs11/P11TlsRsaPremasterSecretGenerator.java	Wed Jun 18 14:07:55 2014 -0700
@@ -73,7 +73,7 @@
 
     protected void engineInit(AlgorithmParameterSpec params,
             SecureRandom random) throws InvalidAlgorithmParameterException {
-        if (params instanceof TlsRsaPremasterSecretParameterSpec == false) {
+        if (!(params instanceof TlsRsaPremasterSecretParameterSpec)) {
             throw new InvalidAlgorithmParameterException(MSG);
         }
         this.spec = (TlsRsaPremasterSecretParameterSpec)params;
@@ -83,38 +83,32 @@
         throw new InvalidParameterException(MSG);
     }
 
+    // Only can be used in client side to generate TLS RSA premaster secret.
     protected SecretKey engineGenerateKey() {
         if (spec == null) {
             throw new IllegalStateException
                         ("TlsRsaPremasterSecretGenerator must be initialized");
         }
 
-        byte[] b = spec.getEncodedSecret();
-        if (b == null) {
-            CK_VERSION version = new CK_VERSION(
+        CK_VERSION version = new CK_VERSION(
                         spec.getMajorVersion(), spec.getMinorVersion());
-            Session session = null;
-            try {
-                session = token.getObjSession();
-                CK_ATTRIBUTE[] attributes = token.getAttributes(
-                        O_GENERATE, CKO_SECRET_KEY,
-                        CKK_GENERIC_SECRET, new CK_ATTRIBUTE[0]);
-                long keyID = token.p11.C_GenerateKey(session.id(),
-                        new CK_MECHANISM(mechanism, version), attributes);
-                SecretKey key = P11Key.secretKey(session,
-                        keyID, "TlsRsaPremasterSecret", 48 << 3, attributes);
-                return key;
-            } catch (PKCS11Exception e) {
-                throw new ProviderException(
-                        "Could not generate premaster secret", e);
-            } finally {
-                token.releaseSession(session);
-            }
+        Session session = null;
+        try {
+            session = token.getObjSession();
+            CK_ATTRIBUTE[] attributes = token.getAttributes(
+                    O_GENERATE, CKO_SECRET_KEY,
+                    CKK_GENERIC_SECRET, new CK_ATTRIBUTE[0]);
+            long keyID = token.p11.C_GenerateKey(session.id(),
+                    new CK_MECHANISM(mechanism, version), attributes);
+            SecretKey key = P11Key.secretKey(session,
+                    keyID, "TlsRsaPremasterSecret", 48 << 3, attributes);
+            return key;
+        } catch (PKCS11Exception e) {
+            throw new ProviderException(
+                    "Could not generate premaster secret", e);
+        } finally {
+            token.releaseSession(session);
         }
-
-        // Won't worry, the TlsRsaPremasterSecret will be soon converted to
-        // TlsMasterSecret.
-        return new SecretKeySpec(b, "TlsRsaPremasterSecret");
     }
 
 }
--- a/src/share/classes/sun/security/pkcs11/Token.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/sun/security/pkcs11/Token.java	Wed Jun 18 14:07:55 2014 -0700
@@ -35,6 +35,7 @@
 import sun.security.jca.JCAUtil;
 
 import sun.security.pkcs11.wrapper.*;
+import static sun.security.pkcs11.TemplateManager.*;
 import static sun.security.pkcs11.wrapper.PKCS11Constants.*;
 
 /**
@@ -121,6 +122,9 @@
     private final static CK_MECHANISM_INFO INVALID_MECH =
         new CK_MECHANISM_INFO(0, 0, 0);
 
+    // flag indicating whether the token supports raw secret key material import
+    private Boolean supportsRawSecretKeyImport;
+
     Token(SunPKCS11 provider) throws PKCS11Exception {
         this.provider = provider;
         this.removable = provider.removable;
@@ -159,6 +163,36 @@
         return writeProtected;
     }
 
+    // return whether the token supports raw secret key material import
+    boolean supportsRawSecretKeyImport() {
+        if (supportsRawSecretKeyImport == null) {
+            SecureRandom random = JCAUtil.getSecureRandom();
+            byte[] encoded = new byte[48];
+            random.nextBytes(encoded);
+
+            CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[3];
+            attributes[0] = new CK_ATTRIBUTE(CKA_CLASS, CKO_SECRET_KEY);
+            attributes[1] = new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_GENERIC_SECRET);
+            attributes[2] = new CK_ATTRIBUTE(CKA_VALUE, encoded);
+
+            Session session = null;
+            try {
+                attributes = getAttributes(O_IMPORT,
+                        CKO_SECRET_KEY, CKK_GENERIC_SECRET, attributes);
+                session = getObjSession();
+                long keyID = p11.C_CreateObject(session.id(), attributes);
+
+                supportsRawSecretKeyImport = Boolean.TRUE;
+            } catch (PKCS11Exception e) {
+                supportsRawSecretKeyImport = Boolean.FALSE;
+            } finally {
+                releaseSession(session);
+            }
+        }
+
+        return supportsRawSecretKeyImport;
+    }
+
     // return whether we are logged in
     // uses cached result if current. session is optional and may be null
     boolean isLoggedIn(Session session) throws PKCS11Exception {
--- a/src/share/classes/sun/security/rsa/RSACore.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/sun/security/rsa/RSACore.java	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -50,6 +50,15 @@
  */
 public final class RSACore {
 
+    // globally enable/disable use of blinding
+    private final static boolean ENABLE_BLINDING = true;
+
+    // cache for blinding parameters. Map<BigInteger, BlindingParameters>
+    // use a weak hashmap so that cached values are automatically cleared
+    // when the modulus is GC'ed
+    private final static Map<BigInteger, BlindingParameters>
+                blindingCache = new WeakHashMap<>();
+
     private RSACore() {
         // empty
     }
@@ -100,12 +109,12 @@
         if (key instanceof RSAPrivateCrtKey) {
             return crtCrypt(msg, (RSAPrivateCrtKey)key);
         } else {
-            return crypt(msg, key.getModulus(), key.getPrivateExponent());
+            return priCrypt(msg, key.getModulus(), key.getPrivateExponent());
         }
     }
 
     /**
-     * RSA public key ops and non-CRT private key ops. Simple modPow().
+     * RSA public key ops. Simple modPow().
      */
     private static byte[] crypt(byte[] msg, BigInteger n, BigInteger exp)
             throws BadPaddingException {
@@ -115,22 +124,29 @@
     }
 
     /**
+     * RSA non-CRT private key operations.
+     */
+    private static byte[] priCrypt(byte[] msg, BigInteger n, BigInteger exp)
+            throws BadPaddingException {
+
+        BigInteger c = parseMsg(msg, n);
+        BlindingRandomPair brp = null;
+        BigInteger m;
+        if (ENABLE_BLINDING) {
+            brp = getBlindingRandomPair(null, exp, n);
+            c = c.multiply(brp.u).mod(n);
+            m = c.modPow(exp, n);
+            m = m.multiply(brp.v).mod(n);
+        } else {
+            m = c.modPow(exp, n);
+        }
+
+        return toByteArray(m, getByteLength(n));
+    }
+
+    /**
      * RSA private key operations with CRT. Algorithm and variable naming
      * are taken from PKCS#1 v2.1, section 5.1.2.
-     *
-     * The only difference is the addition of blinding to twart timing attacks.
-     * This is described in the RSA Bulletin#2 (Jan 96) among other places.
-     * This means instead of implementing RSA as
-     *   m = c ^ d mod n (or RSA in CRT variant)
-     * we do
-     *   r  = random(0, n-1)
-     *   c' = c  * r^e  mod n
-     *   m' = c' ^ d    mod n (or RSA in CRT variant)
-     *   m  = m' * r^-1 mod n (where r^-1 is the modular inverse of r mod n)
-     * This works because r^(e*d) * r^-1 = r * r^-1 = 1 (all mod n)
-     *
-     * We do not generate new blinding parameters for each operation but reuse
-     * them BLINDING_MAX_REUSE times (see definition below).
      */
     private static byte[] crtCrypt(byte[] msg, RSAPrivateCrtKey key)
             throws BadPaddingException {
@@ -141,13 +157,13 @@
         BigInteger dP = key.getPrimeExponentP();
         BigInteger dQ = key.getPrimeExponentQ();
         BigInteger qInv = key.getCrtCoefficient();
+        BigInteger e = key.getPublicExponent();
+        BigInteger d = key.getPrivateExponent();
 
-        BlindingParameters params;
+        BlindingRandomPair brp;
         if (ENABLE_BLINDING) {
-            params = getBlindingParameters(key);
-            c = c.multiply(params.re).mod(n);
-        } else {
-            params = null;
+            brp = getBlindingRandomPair(e, d, n);
+            c = c.multiply(brp.u).mod(n);
         }
 
         // m1 = c ^ dP mod p
@@ -165,8 +181,8 @@
         // m = m2 + q * h
         BigInteger m = h.multiply(q).add(m2);
 
-        if (params != null) {
-            m = m.multiply(params.rInv).mod(n);
+        if (ENABLE_BLINDING) {
+            m = m.multiply(brp.v).mod(n);
         }
 
         return toByteArray(m, getByteLength(n));
@@ -208,82 +224,221 @@
         return t;
     }
 
-    // globally enable/disable use of blinding
-    private final static boolean ENABLE_BLINDING = true;
+    /**
+     * Parameters (u,v) for RSA Blinding.  This is described in the RSA
+     * Bulletin#2 (Jan 96) and other places:
+     *
+     *     ftp://ftp.rsa.com/pub/pdfs/bull-2.pdf
+     *
+     * The standard RSA Blinding decryption requires the public key exponent
+     * (e) and modulus (n), and converts ciphertext (c) to plaintext (p).
+     *
+     * Before the modular exponentiation operation, the input message should
+     * be multiplied by (u (mod n)), and afterward the result is corrected
+     * by multiplying with (v (mod n)).  The system should reject messages
+     * equal to (0 (mod n)).  That is:
+     *
+     *     1.  Generate r between 0 and n-1, relatively prime to n.
+     *     2.  Compute x = (c*u) mod n
+     *     3.  Compute y = (x^d) mod n
+     *     4.  Compute p = (y*v) mod n
+     *
+     * The Java APIs allows for either standard RSAPrivateKey or
+     * RSAPrivateCrtKey RSA keys.
+     *
+     * If the public exponent is available to us (e.g. RSAPrivateCrtKey),
+     * choose a random r, then let (u, v):
+     *
+     *     u = r ^ e mod n
+     *     v = r ^ (-1) mod n
+     *
+     * The proof follows:
+     *
+     *     p = (((c * u) ^ d mod n) * v) mod n
+     *       = ((c ^ d) * (u ^ d) * v) mod n
+     *       = ((c ^ d) * (r ^ e) ^ d) * (r ^ (-1))) mod n
+     *       = ((c ^ d) * (r ^ (e * d)) * (r ^ (-1))) mod n
+     *       = ((c ^ d) * (r ^ 1) * (r ^ (-1))) mod n  (see below)
+     *       = (c ^ d) mod n
+     *
+     * because in RSA cryptosystem, d is the multiplicative inverse of e:
+     *
+     *    (r^(e * d)) mod n
+     *       = (r ^ 1) mod n
+     *       = r mod n
+     *
+     * However, if the public exponent is not available (e.g. RSAPrivateKey),
+     * we mitigate the timing issue by using a similar random number blinding
+     * approach using the private key:
+     *
+     *     u = r
+     *     v = ((r ^ (-1)) ^ d) mod n
+     *
+     * This returns the same plaintext because:
+     *
+     *     p = (((c * u) ^ d mod n) * v) mod n
+     *       = ((c ^ d) * (u ^ d) * v) mod n
+     *       = ((c ^ d) * (u ^ d) * ((u ^ (-1)) ^d)) mod n
+     *       = (c ^ d) mod n
+     *
+     * Computing inverses mod n and random number generation is slow, so
+     * it is often not practical to generate a new random (u, v) pair for
+     * each new exponentiation.  The calculation of parameters might even be
+     * subject to timing attacks.  However, (u, v) pairs should not be
+     * reused since they themselves might be compromised by timing attacks,
+     * leaving the private exponent vulnerable.  An efficient solution to
+     * this problem is update u and v before each modular exponentiation
+     * step by computing:
+     *
+     *     u = u ^ 2
+     *     v = v ^ 2
+     *
+     * The total performance cost is small.
+     */
+    private final static class BlindingRandomPair {
+        final BigInteger u;
+        final BigInteger v;
 
-    // maximum number of times that we will use a set of blinding parameters
-    // value suggested by Paul Kocher (quoted by NSS)
-    private final static int BLINDING_MAX_REUSE = 50;
-
-    // cache for blinding parameters. Map<BigInteger, BlindingParameters>
-    // use a weak hashmap so that cached values are automatically cleared
-    // when the modulus is GC'ed
-    private final static Map<BigInteger, BlindingParameters> blindingCache =
-                new WeakHashMap<>();
+        BlindingRandomPair(BigInteger u, BigInteger v) {
+            this.u = u;
+            this.v = v;
+        }
+    }
 
     /**
      * Set of blinding parameters for a given RSA key.
      *
      * The RSA modulus is usually unique, so we index by modulus in
-     * blindingCache. However, to protect against the unlikely case of two
-     * keys sharing the same modulus, we also store the public exponent.
-     * This means we cannot cache blinding parameters for multiple keys that
-     * share the same modulus, but since sharing moduli is fundamentally broken
-     * an insecure, this does not matter.
+     * {@code blindingCache}.  However, to protect against the unlikely
+     * case of two keys sharing the same modulus, we also store the public
+     * or the private exponent.  This means we cannot cache blinding
+     * parameters for multiple keys that share the same modulus, but
+     * since sharing moduli is fundamentally broken and insecure, this
+     * does not matter.
      */
-    private static final class BlindingParameters {
-        // e (RSA public exponent)
-        final BigInteger e;
-        // r ^ e mod n
-        final BigInteger re;
-        // inverse of r mod n
-        final BigInteger rInv;
-        // how many more times this parameter object can be used
-        private volatile int remainingUses;
-        BlindingParameters(BigInteger e, BigInteger re, BigInteger rInv) {
+    private final static class BlindingParameters {
+        private final static BigInteger BIG_TWO = BigInteger.valueOf(2L);
+
+        // RSA public exponent
+        private final BigInteger e;
+
+        // hash code of RSA private exponent
+        private final BigInteger d;
+
+        // r ^ e mod n (CRT), or r mod n (Non-CRT)
+        private BigInteger u;
+
+        // r ^ (-1) mod n (CRT) , or ((r ^ (-1)) ^ d) mod n (Non-CRT)
+        private BigInteger v;
+
+        // e: the public exponent
+        // d: the private exponent
+        // n: the modulus
+        BlindingParameters(BigInteger e, BigInteger d, BigInteger n) {
+            this.u = null;
+            this.v = null;
             this.e = e;
-            this.re = re;
-            this.rInv = rInv;
-            // initialize remaining uses, subtract current use now
-            remainingUses = BLINDING_MAX_REUSE - 1;
+            this.d = d;
+
+            int len = n.bitLength();
+            SecureRandom random = JCAUtil.getSecureRandom();
+            u = new BigInteger(len, random).mod(n);
+            // Although the possibility is very much limited that u is zero
+            // or is not relatively prime to n, we still want to be careful
+            // about the special value.
+            //
+            // Secure random generation is expensive, try to use BigInteger.ONE
+            // this time if this new generated random number is zero or is not
+            // relatively prime to n.  Next time, new generated secure random
+            // number will be used instead.
+            if (u.equals(BigInteger.ZERO)) {
+                u = BigInteger.ONE;     // use 1 this time
+            }
+
+            try {
+                // The call to BigInteger.modInverse() checks that u is
+                // relatively prime to n.  Otherwise, ArithmeticException is
+                // thrown.
+                v = u.modInverse(n);
+            } catch (ArithmeticException ae) {
+                // if u is not relatively prime to n, use 1 this time
+                u = BigInteger.ONE;
+                v = BigInteger.ONE;
+            }
+
+            if (e != null) {
+                u = u.modPow(e, n);   // e: the public exponent
+                                      // u: random ^ e
+                                      // v: random ^ (-1)
+            } else {
+                v = v.modPow(d, n);   // d: the private exponent
+                                      // u: random
+                                      // v: random ^ (-d)
+            }
         }
-        boolean valid(BigInteger e) {
-            int k = remainingUses--;
-            return (k > 0) && this.e.equals(e);
+
+        // return null if need to reset the parameters
+        BlindingRandomPair getBlindingRandomPair(
+                BigInteger e, BigInteger d, BigInteger n) {
+
+            if ((this.e != null && this.e.equals(e)) ||
+                (this.d != null && this.d.equals(d))) {
+
+                BlindingRandomPair brp = null;
+                synchronized (this) {
+                    if (!u.equals(BigInteger.ZERO) &&
+                        !v.equals(BigInteger.ZERO)) {
+
+                        brp = new BlindingRandomPair(u, v);
+                        if (u.compareTo(BigInteger.ONE) <= 0 ||
+                            v.compareTo(BigInteger.ONE) <= 0) {
+
+                            // need to reset the random pair next time
+                            u = BigInteger.ZERO;
+                            v = BigInteger.ZERO;
+                        } else {
+                            u = u.modPow(BIG_TWO, n);
+                            v = v.modPow(BIG_TWO, n);
+                        }
+                    } // Otherwise, need to reset the random pair.
+                }
+                return brp;
+            }
+
+            return null;
         }
     }
 
-    /**
-     * Return valid RSA blinding parameters for the given private key.
-     * Use cached parameters if available. If not, generate new parameters
-     * and cache.
-     */
-    private static BlindingParameters getBlindingParameters
-            (RSAPrivateCrtKey key) {
-        BigInteger modulus = key.getModulus();
-        BigInteger e = key.getPublicExponent();
-        BlindingParameters params;
-        // we release the lock between get() and put()
-        // that means threads might concurrently generate new blinding
-        // parameters for the same modulus. this is only a slight waste
-        // of cycles and seems preferable in terms of scalability
-        // to locking out all threads while generating new parameters
+    private static BlindingRandomPair getBlindingRandomPair(
+            BigInteger e, BigInteger d, BigInteger n) {
+
+        BlindingParameters bps = null;
         synchronized (blindingCache) {
-            params = blindingCache.get(modulus);
+            bps = blindingCache.get(n);
         }
-        if ((params != null) && params.valid(e)) {
-            return params;
+
+        if (bps == null) {
+            bps = new BlindingParameters(e, d, n);
+            synchronized (blindingCache) {
+                if (blindingCache.get(n) == null) {
+                    blindingCache.put(n, bps);
+                }
+            }
         }
-        int len = modulus.bitLength();
-        SecureRandom random = JCAUtil.getSecureRandom();
-        BigInteger r = new BigInteger(len, random).mod(modulus);
-        BigInteger re = r.modPow(e, modulus);
-        BigInteger rInv = r.modInverse(modulus);
-        params = new BlindingParameters(e, re, rInv);
-        synchronized (blindingCache) {
-            blindingCache.put(modulus, params);
+
+        BlindingRandomPair brp = bps.getBlindingRandomPair(e, d, n);
+        if (brp == null) {
+            // need to reset the blinding parameters
+            bps = new BlindingParameters(e, d, n);
+            synchronized (blindingCache) {
+                if (blindingCache.get(n) != null) {
+                    blindingCache.put(n, bps);
+                }
+            }
+            brp = bps.getBlindingRandomPair(e, d, n);
         }
-        return params;
+
+        return brp;
     }
 
 }
--- a/src/share/classes/sun/security/ssl/ClientHandshaker.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/sun/security/ssl/ClientHandshaker.java	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -36,6 +36,8 @@
 
 import java.security.cert.X509Certificate;
 import java.security.cert.CertificateException;
+import java.security.cert.CertificateParsingException;
+import javax.security.auth.x500.X500Principal;
 
 import javax.crypto.SecretKey;
 import javax.crypto.spec.SecretKeySpec;
@@ -93,6 +95,60 @@
             Debug.getBooleanProperty("jsse.enableSNIExtension", true);
 
     /*
+     * Allow unsafe server certificate change?
+     *
+     * Server certificate change during SSL/TLS renegotiation may be considered
+     * unsafe, as described in the Triple Handshake attacks:
+     *
+     *    https://secure-resumption.com/tlsauth.pdf
+     *
+     * Endpoint identification (See
+     * SSLParameters.getEndpointIdentificationAlgorithm()) is a pretty nice
+     * guarantee that the server certificate change in the renegotiation is legal.
+     * However, endpoint identification is only enabled for HTTPS and LDAP
+     * over SSL/TLS by default. It is not enough to protect SSL/TLS
+     * connections other than HTTPS and LDAP.
+     *
+     * The renegotiation indication extension (See RFC 5764) is a pretty
+     * strong guarantee that the endpoints on both client and server sides
+     * are identical on the same connection. However, the Triple Handshake
+     * attacks can bypass this guarantee if there is a session-resumption
+     * handshake between the initial full handshake and the renegotiation
+     * full handshake.
+     *
+     * Server certificate change may be unsafe and should be restricted if
+     * endpoint identification is not enabled and the previous handshake is
+     * a session-resumption abbreviated initial handshake, unless the
+     * identities reproesented by both certificates can be regraded as the
+     * same (See isIdentityEquivalent()).
+     *
+     * Considering the compatibility impact and the actual requirements to
+     * support server certificate change in practice, the system property,
+     * jdk.tls.allowUnsafeServerCertChange, is used to define whether unsafe
+     * server certificate change in renegotiation is allowed or not. The
+     * default value of the system property is "false". To mitigate the
+     * compatibility impact, applications may want to set the system
+     * property to "true" at their own risk.
+     *
+     * If the value of the system property is "false", server certificate
+     * change in renegotiation after a session-resumption abbreviated initial
+     * handshake is restricted (See isIdentityEuivalent()).
+     *
+     * If the system property is set to "truie" explicitly, the restriction on
+     * server certificate change in renegotiation is disabled.
+     */
+    private final static boolean allowUnsafeServerCertChange =
+        Debug.getBooleanProperty("jdk.tls.allowUnsafeServerCertChange", false);
+
+    /*
+     * the reserved server certificate chain in previous handshaking
+     *
+     * The server certificate chain is only reserved if the previous
+     * handshake is a session-resumption abbreviated initial handshake.
+     */
+    private X509Certificate[] reservedServerCerts = null;
+
+    /*
      * Constructors
      */
     ClientHandshaker(SSLSocketImpl socket, SSLContextImpl context,
@@ -551,8 +607,7 @@
                 // we wanted to resume, but the server refused
                 session = null;
                 if (!enableNewSession) {
-                    throw new SSLException
-                        ("New session creation is disabled");
+                    throw new SSLException("New session creation is disabled");
                 }
             }
         }
@@ -563,6 +618,11 @@
             }
 
             setHandshakeSessionSE(session);
+            // Reserve the handshake state if this is a session-resumption
+            // abbreviated initial handshake.
+            if (isInitialHandshake) {
+                session.setAsSessionResumption(true);
+            }
             return;
         }
 
@@ -1035,6 +1095,13 @@
         }
 
         /*
+         * Reset the handshake state if this is not an initial handshake.
+         */
+        if (!isInitialHandshake) {
+            session.setAsSessionResumption(false);
+        }
+
+        /*
          * OK, it verified.  If we're doing the fast handshake, add that
          * "Finished" message to the hash of handshake messages, then send
          * our own change_cipher_spec and Finished message for the server
@@ -1131,8 +1198,22 @@
                 System.out.println("%% No cached client session");
             }
         }
-        if ((session != null) && (session.isRejoinable() == false)) {
-            session = null;
+        if (session != null) {
+            // If unsafe server certificate change is not allowed, reserve
+            // current server certificates if the preious handshake is a
+            // session-resumption abbreviated initial handshake.
+            if (!allowUnsafeServerCertChange && session.isSessionResumption()) {
+                try {
+                    // If existing, peer certificate chain cannot be null.
+                    reservedServerCerts =
+                        (X509Certificate[])session.getPeerCertificates();
+                } catch (SSLPeerUnverifiedException puve) {
+                    // Maybe not certificate-based, ignore the exception.
+                }
+            }
+            if (!session.isRejoinable()) {
+                session = null;
+            }
         }
 
         if (session != null) {
@@ -1303,8 +1384,25 @@
         }
         X509Certificate[] peerCerts = mesg.getCertificateChain();
         if (peerCerts.length == 0) {
-            fatalSE(Alerts.alert_bad_certificate,
-                "empty certificate chain");
+            fatalSE(Alerts.alert_bad_certificate, "empty certificate chain");
+        }
+
+        // Allow server certificate change in client side during renegotiation
+        // after session-resumption abbreviated initial handshake ?
+        //
+        // DO NOT need to check allowUnsafeServerCertChange here. We only
+        // reserve server certificates when allowUnsafeServerCertChange is
+        // false.
+        if (reservedServerCerts != null) {
+            // It is not necessary to check the certificate update if endpoint
+            // identification is enabled.
+            String identityAlg = getEndpointIdentificationAlgorithmSE();
+            if ((identityAlg == null || identityAlg.length() == 0) &&
+                !isIdentityEquivalent(peerCerts[0], reservedServerCerts[0])) {
+                fatalSE(Alerts.alert_bad_certificate,
+                        "server certificate change is restricted" +
+                        "during renegotiation");
+            }
         }
         // ask the trust manager to verify the chain
         X509TrustManager tm = sslContext.getX509TrustManager();
@@ -1342,4 +1440,82 @@
         }
         session.setPeerCertificates(peerCerts);
     }
+
+    /*
+     * Whether the certificates can represent the same identity?
+     *
+     * The certificates can be used to represent the same identity:
+     *     1. If the subject alternative names of IP address are present in
+     *        both certificates, they should be identical; otherwise,
+     *     2. if the subject alternative names of DNS name are present in
+     *        both certificates, they should be identical; otherwise,
+     *     3. if the subject fields are present in both certificates, the
+     *        certificate subjects and issuers should be identical.
+     */
+
+    private static boolean isIdentityEquivalent(X509Certificate thisCert,
+            X509Certificate prevCert) {
+        if (thisCert.equals(prevCert)) {
+            return true;
+        }
+
+        // check the iPAddress field in subjectAltName extension
+        Object thisIPAddress = getSubjectAltName(thisCert, 7);  // 7: iPAddress
+        Object prevIPAddress = getSubjectAltName(prevCert, 7);
+        if (thisIPAddress != null && prevIPAddress!= null) {
+            // only allow the exactly match
+            return Objects.equals(thisIPAddress, prevIPAddress);
+        }
+
+        // check the dNSName field in subjectAltName extension
+        Object thisDNSName = getSubjectAltName(thisCert, 2);    // 2: dNSName
+        Object prevDNSName = getSubjectAltName(prevCert, 2);
+        if (thisDNSName != null && prevDNSName!= null) {
+            // only allow the exactly match
+            return Objects.equals(thisDNSName, prevDNSName);
+        }
+
+        // check the certificate subject and issuer
+        X500Principal thisSubject = thisCert.getSubjectX500Principal();
+        X500Principal prevSubject = prevCert.getSubjectX500Principal();
+        X500Principal thisIssuer = thisCert.getIssuerX500Principal();
+        X500Principal prevIssuer = prevCert.getIssuerX500Principal();
+        if (!thisSubject.getName().isEmpty() &&
+                !prevSubject.getName().isEmpty() &&
+                thisSubject.equals(prevSubject) &&
+                thisIssuer.equals(prevIssuer)) {
+            return true;
+        }
+
+        return false;
+    }
+
+    /*
+     * Returns the subject alternative name of the specified type in the
+     * subjectAltNames extension of a certificate.
+     */
+    private static Object getSubjectAltName(X509Certificate cert, int type) {
+        Collection<List<?>> subjectAltNames;
+
+        try {
+            subjectAltNames = cert.getSubjectAlternativeNames();
+        } catch (CertificateParsingException cpe) {
+            if (debug != null && Debug.isOn("handshake")) {
+                System.out.println(
+                        "Attempt to obtain subjectAltNames extension failed!");
+            }
+            return null;
+        }
+
+        if (subjectAltNames != null) {
+            for (List<?> subjectAltName : subjectAltNames) {
+                int subjectAltNameType = (Integer)subjectAltName.get(0);
+                if (subjectAltNameType == type) {
+                    return subjectAltName.get(1);
+                }
+            }
+        }
+
+        return null;
+    }
 }
--- a/src/share/classes/sun/security/ssl/Handshaker.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/sun/security/ssl/Handshaker.java	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -348,6 +348,16 @@
         }
     }
 
+    String getEndpointIdentificationAlgorithmSE() {
+        SSLParameters paras;
+        if (conn != null) {
+            paras = conn.getSSLParameters();
+        } else {
+            paras = engine.getSSLParameters();
+        }
+        return paras.getEndpointIdentificationAlgorithm();
+    }
+
     private void setVersionSE(ProtocolVersion protocolVersion) {
         if (conn != null) {
             conn.setVersion(protocolVersion);
--- a/src/share/classes/sun/security/ssl/RSAClientKeyExchange.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/sun/security/ssl/RSAClientKeyExchange.java	Wed Jun 18 14:07:55 2014 -0700
@@ -50,23 +50,6 @@
  */
 final class RSAClientKeyExchange extends HandshakeMessage {
 
-    /**
-     * The TLS spec says that the version in the RSA premaster secret must
-     * be the maximum version supported by the client (i.e. the version it
-     * requested in its client hello version). However, we (and other
-     * implementations) used to send the active negotiated version. The
-     * system property below allows to toggle the behavior.
-     */
-    private final static String PROP_NAME =
-                                "com.sun.net.ssl.rsaPreMasterSecretFix";
-
-    /*
-     * Default is "false" (old behavior) for compatibility reasons in
-     * SSLv3/TLSv1.  Later protocols (TLSv1.1+) do not use this property.
-     */
-    private final static boolean rsaPreMasterSecretFix =
-                                Debug.getBooleanProperty(PROP_NAME, false);
-
     /*
      * The following field values were encrypted with the server's public
      * key (or temp key from server key exchange msg) and are presented
@@ -90,22 +73,12 @@
         }
         this.protocolVersion = protocolVersion;
 
-        int major, minor;
-
-        if (rsaPreMasterSecretFix || maxVersion.v >= ProtocolVersion.TLS11.v) {
-            major = maxVersion.major;
-            minor = maxVersion.minor;
-        } else {
-            major = protocolVersion.major;
-            minor = protocolVersion.minor;
-        }
-
         try {
             String s = ((protocolVersion.v >= ProtocolVersion.TLS12.v) ?
                 "SunTls12RsaPremasterSecret" : "SunTlsRsaPremasterSecret");
             KeyGenerator kg = JsseJce.getKeyGenerator(s);
-            kg.init(new TlsRsaPremasterSecretParameterSpec(major, minor),
-                    generator);
+            kg.init(new TlsRsaPremasterSecretParameterSpec(
+                    maxVersion.v, protocolVersion.v), generator);
             preMaster = kg.generateKey();
 
             Cipher cipher = JsseJce.getCipher(JsseJce.CIPHER_RSA_PKCS1);
@@ -140,18 +113,17 @@
             }
         }
 
-        Exception failover = null;
-        byte[] encoded = null;
         try {
             Cipher cipher = JsseJce.getCipher(JsseJce.CIPHER_RSA_PKCS1);
             // Cannot generate key here, please don't use Cipher.UNWRAP_MODE!
-            cipher.init(Cipher.DECRYPT_MODE, privateKey);
-            encoded = cipher.doFinal(encrypted);
-        } catch (BadPaddingException bpe) {
-            failover = bpe;
-            encoded = null;
-        } catch (IllegalBlockSizeException ibse) {
-            // the message it too big to process with RSA
+            cipher.init(Cipher.UNWRAP_MODE, privateKey,
+                    new TlsRsaPremasterSecretParameterSpec(
+                            maxVersion.v, currentVersion.v),
+                    generator);
+            preMaster = (SecretKey)cipher.unwrap(encrypted,
+                                "TlsRsaPremasterSecret", Cipher.SECRET_KEY);
+        } catch (InvalidKeyException ibk) {
+            // the message is too big to process with RSA
             throw new SSLProtocolException(
                 "Unable to process PreMasterSecret, may be too big");
         } catch (Exception e) {
@@ -162,124 +134,6 @@
             }
             throw new RuntimeException("Could not generate dummy secret", e);
         }
-
-        // polish the premaster secret
-        preMaster = polishPreMasterSecretKey(
-                    currentVersion, maxVersion, generator, encoded, failover);
-    }
-
-    /**
-     * To avoid vulnerabilities described by section 7.4.7.1, RFC 5246,
-     * treating incorrectly formatted message blocks and/or mismatched
-     * version numbers in a manner indistinguishable from correctly
-     * formatted RSA blocks.
-     *
-     * RFC 5246 describes the approach as :
-     *
-     *  1. Generate a string R of 48 random bytes
-     *
-     *  2. Decrypt the message to recover the plaintext M
-     *
-     *  3. If the PKCS#1 padding is not correct, or the length of message
-     *     M is not exactly 48 bytes:
-     *        pre_master_secret = R
-     *     else If ClientHello.client_version <= TLS 1.0, and version
-     *     number check is explicitly disabled:
-     *        premaster secret = M
-     *     else If M[0..1] != ClientHello.client_version:
-     *        premaster secret = R
-     *     else:
-     *        premaster secret = M
-     *
-     * Note that #2 has completed before the call of this method.
-     */
-    private SecretKey polishPreMasterSecretKey(ProtocolVersion currentVersion,
-            ProtocolVersion clientHelloVersion, SecureRandom generator,
-            byte[] encoded, Exception failoverException) {
-
-        this.protocolVersion = clientHelloVersion;
-        if (generator == null) {
-            generator = new SecureRandom();
-        }
-        byte[] random = new byte[48];
-        generator.nextBytes(random);
-
-        if (failoverException == null && encoded != null) {
-            // check the length
-            if (encoded.length != 48) {
-                if (debug != null && Debug.isOn("handshake")) {
-                    System.out.println(
-                        "incorrect length of premaster secret: " +
-                        encoded.length);
-                }
-
-                return generatePreMasterSecret(
-                        clientHelloVersion, random, generator);
-            }
-
-            if (clientHelloVersion.major != encoded[0] ||
-                        clientHelloVersion.minor != encoded[1]) {
-
-                if (clientHelloVersion.v <= ProtocolVersion.TLS10.v &&
-                       currentVersion.major == encoded[0] &&
-                       currentVersion.minor == encoded[1]) {
-                    /*
-                     * For compatibility, we maintain the behavior that the
-                     * version in pre_master_secret can be the negotiated
-                     * version for TLS v1.0 and SSL v3.0.
-                     */
-                    this.protocolVersion = currentVersion;
-                } else {
-                    if (debug != null && Debug.isOn("handshake")) {
-                        System.out.println("Mismatching Protocol Versions, " +
-                            "ClientHello.client_version is " +
-                            clientHelloVersion +
-                            ", while PreMasterSecret.client_version is " +
-                            ProtocolVersion.valueOf(encoded[0], encoded[1]));
-                    }
-
-                    encoded = random;
-                }
-            }
-
-            return generatePreMasterSecret(
-                    clientHelloVersion, encoded, generator);
-        }
-
-        if (debug != null && Debug.isOn("handshake") &&
-                    failoverException != null) {
-            System.out.println("Error decrypting premaster secret:");
-            failoverException.printStackTrace(System.out);
-        }
-
-        return generatePreMasterSecret(clientHelloVersion, random, generator);
-    }
-
-    // generate a premaster secret with the specified version number
-    private static SecretKey generatePreMasterSecret(
-            ProtocolVersion version, byte[] encodedSecret,
-            SecureRandom generator) {
-
-        if (debug != null && Debug.isOn("handshake")) {
-            System.out.println("Generating a random fake premaster secret");
-        }
-
-        try {
-            String s = ((version.v >= ProtocolVersion.TLS12.v) ?
-                "SunTls12RsaPremasterSecret" : "SunTlsRsaPremasterSecret");
-            KeyGenerator kg = JsseJce.getKeyGenerator(s);
-            kg.init(new TlsRsaPremasterSecretParameterSpec(
-                    version.major, version.minor, encodedSecret), generator);
-            return kg.generateKey();
-        } catch (InvalidAlgorithmParameterException |
-                NoSuchAlgorithmException iae) {
-            // unlikely to happen, otherwise, must be a provider exception
-            if (debug != null && Debug.isOn("handshake")) {
-                System.out.println("RSA premaster secret generation error:");
-                iae.printStackTrace(System.out);
-            }
-            throw new RuntimeException("Could not generate dummy secret", iae);
-        }
     }
 
     @Override
--- a/src/share/classes/sun/security/ssl/SSLSessionImpl.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/sun/security/ssl/SSLSessionImpl.java	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -117,6 +117,14 @@
     private Principal localPrincipal;
 
     /*
+     * Is the session currently re-established with a session-resumption
+     * abbreviated initial handshake?
+     *
+     * Note that currently we only set this variable in client side.
+     */
+    private boolean isSessionResumption = false;
+
+    /*
      * We count session creations, eventually for statistical data but
      * also since counters make shorter debugging IDs than the big ones
      * we use in the protocol for uniqueness-over-time.
@@ -320,6 +328,22 @@
     }
 
     /**
+     * Return true if the session is currently re-established with a
+     * session-resumption abreviated initial handshake.
+     */
+    boolean isSessionResumption() {
+        return isSessionResumption;
+    }
+
+    /**
+     * Resets whether the session is re-established with a session-resumption
+     * abbreviated initial handshake.
+     */
+    void setAsSessionResumption(boolean flag) {
+        isSessionResumption = flag;
+    }
+
+    /**
      * Returns the name of the cipher suite in use on this session
      */
     public String getCipherSuite() {
--- a/src/share/classes/sun/security/util/KeyUtil.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/sun/security/util/KeyUtil.java	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -32,6 +32,7 @@
 import java.security.interfaces.ECKey;
 import java.security.interfaces.RSAKey;
 import java.security.interfaces.DSAKey;
+import java.security.SecureRandom;
 import java.security.spec.KeySpec;
 import javax.crypto.SecretKey;
 import javax.crypto.interfaces.DHKey;
@@ -157,6 +158,79 @@
     }
 
     /**
+     * Check the format of TLS PreMasterSecret.
+     * <P>
+     * To avoid vulnerabilities described by section 7.4.7.1, RFC 5246,
+     * treating incorrectly formatted message blocks and/or mismatched
+     * version numbers in a manner indistinguishable from correctly
+     * formatted RSA blocks.
+     *
+     * RFC 5246 describes the approach as :
+     *
+     *  1. Generate a string R of 48 random bytes
+     *
+     *  2. Decrypt the message to recover the plaintext M
+     *
+     *  3. If the PKCS#1 padding is not correct, or the length of message
+     *     M is not exactly 48 bytes:
+     *        pre_master_secret = R
+     *     else If ClientHello.client_version <= TLS 1.0, and version
+     *     number check is explicitly disabled:
+     *        premaster secret = M
+     *     else If M[0..1] != ClientHello.client_version:
+     *        premaster secret = R
+     *     else:
+     *        premaster secret = M
+     *
+     * Note that #2 should have completed before the call to this method.
+     *
+     * @param  clientVersion the version of the TLS protocol by which the
+     *         client wishes to communicate during this session
+     * @param  serverVersion the negotiated version of the TLS protocol which
+     *         contains the lower of that suggested by the client in the client
+     *         hello and the highest supported by the server.
+     * @param  encoded the encoded key in its "RAW" encoding format
+     * @param  isFailover whether or not the previous decryption of the
+     *         encrypted PreMasterSecret message run into problem
+     * @return the polished PreMasterSecret key in its "RAW" encoding format
+     */
+    public static byte[] checkTlsPreMasterSecretKey(
+            int clientVersion, int serverVersion, SecureRandom random,
+            byte[] encoded, boolean isFailOver) {
+
+        if (random == null) {
+            random = new SecureRandom();
+        }
+        byte[] replacer = new byte[48];
+        random.nextBytes(replacer);
+
+        if (!isFailOver && (encoded != null)) {
+            // check the length
+            if (encoded.length != 48) {
+                // private, don't need to clone the byte array.
+                return replacer;
+            }
+
+            int encodedVersion =
+                    ((encoded[0] & 0xFF) << 8) | (encoded[1] & 0xFF);
+            if (clientVersion != encodedVersion) {
+                if (clientVersion > 0x0301 ||               // 0x0301: TLSv1
+                       serverVersion != encodedVersion) {
+                    encoded = replacer;
+                }   // Otherwise, For compatibility, we maintain the behavior
+                    // that the version in pre_master_secret can be the
+                    // negotiated version for TLS v1.0 and SSL v3.0.
+            }
+
+            // private, don't need to clone the byte array.
+            return encoded;
+        }
+
+        // private, don't need to clone the byte array.
+        return replacer;
+    }
+
+    /**
      * Returns whether the Diffie-Hellman public key is valid or not.
      *
      * Per RFC 2631 and NIST SP800-56A, the following algorithm is used to
@@ -198,7 +272,16 @@
                     "Diffie-Hellman public key is too large");
         }
 
-        // Don't bother to check against the y^q mod p if safe primes are used.
+        // y^q mod p == 1?
+        // Unable to perform this check as q is unknown in this circumstance.
+
+        // p is expected to be prime.  However, it is too expensive to check
+        // that p is prime.  Instead, in order to mitigate the impact of
+        // non-prime values, we check that y is not a factor of p.
+        BigInteger r = p.remainder(y);
+        if (r.equals(BigInteger.ZERO)) {
+            throw new InvalidKeyException("Invalid Diffie-Hellman parameters");
+        }
     }
 
     /**
--- a/src/share/classes/sun/util/locale/BaseLocale.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/sun/util/locale/BaseLocale.java	Wed Jun 18 14:07:55 2014 -0700
@@ -31,6 +31,7 @@
  */
 
 package sun.util.locale;
+import java.lang.ref.SoftReference;
 
 
 public final class BaseLocale {
@@ -163,11 +164,11 @@
         return h;
     }
 
-    private static final class Key implements Comparable<Key> {
-        private final String lang;
-        private final String scrt;
-        private final String regn;
-        private final String vart;
+    private static final class Key {
+        private final SoftReference<String> lang;
+        private final SoftReference<String> scrt;
+        private final SoftReference<String> regn;
+        private final SoftReference<String> vart;
         private final boolean normalized;
         private final int hash;
 
@@ -179,10 +180,10 @@
             assert language.intern() == language
                    && region.intern() == region;
 
-            lang = language;
-            scrt = "";
-            regn = region;
-            vart = "";
+            lang = new SoftReference(language);
+            scrt = new SoftReference("");
+            regn = new SoftReference(region);
+            vart = new SoftReference("");
             this.normalized = true;
 
             int h = language.hashCode();
@@ -203,40 +204,40 @@
                     String variant, boolean normalized) {
             int h = 0;
             if (language != null) {
-                lang = language;
+                lang = new SoftReference(language);
                 int len = language.length();
                 for (int i = 0; i < len; i++) {
                     h = 31*h + LocaleUtils.toLower(language.charAt(i));
                 }
             } else {
-                lang = "";
+                lang = new SoftReference("");
             }
             if (script != null) {
-                scrt = script;
+                scrt = new SoftReference(script);
                 int len = script.length();
                 for (int i = 0; i < len; i++) {
                     h = 31*h + LocaleUtils.toLower(script.charAt(i));
                 }
             } else {
-                scrt = "";
+                scrt = new SoftReference("");
             }
             if (region != null) {
-                regn = region;
+                regn = new SoftReference(region);
                 int len = region.length();
                 for (int i = 0; i < len; i++) {
                     h = 31*h + LocaleUtils.toLower(region.charAt(i));
                 }
             } else {
-                regn = "";
+                regn = new SoftReference("");
             }
             if (variant != null) {
-                vart = variant;
+                vart = new SoftReference(variant);
                 int len = variant.length();
                 for (int i = 0; i < len; i++) {
                     h = 31*h + variant.charAt(i);
                 }
             } else {
-                vart = "";
+                vart = new SoftReference("");
             }
             hash = h;
             this.normalized = normalized;
@@ -244,28 +245,31 @@
 
         @Override
         public boolean equals(Object obj) {
-            return (this == obj) ||
-                    (obj instanceof Key)
-                    && this.hash == ((Key)obj).hash
-                    && LocaleUtils.caseIgnoreMatch(((Key)obj).lang, this.lang)
-                    && LocaleUtils.caseIgnoreMatch(((Key)obj).scrt, this.scrt)
-                    && LocaleUtils.caseIgnoreMatch(((Key)obj).regn, this.regn)
-                    && ((Key)obj).vart.equals(vart); // variant is case sensitive in JDK!
+            if (this == obj) {
+                return true;
         }
 
-        @Override
-        public int compareTo(Key other) {
-            int res = LocaleUtils.caseIgnoreCompare(this.lang, other.lang);
-            if (res == 0) {
-                res = LocaleUtils.caseIgnoreCompare(this.scrt, other.scrt);
-                if (res == 0) {
-                    res = LocaleUtils.caseIgnoreCompare(this.regn, other.regn);
-                    if (res == 0) {
-                        res = this.vart.compareTo(other.vart);
+            if (obj instanceof Key && this.hash == ((Key)obj).hash) {
+                String tl = this.lang.get();
+                String ol = ((Key)obj).lang.get();
+                if (tl != null && ol != null &&
+                    LocaleUtils.caseIgnoreMatch(ol, tl)) {
+                    String ts = this.scrt.get();
+                    String os = ((Key)obj).scrt.get();
+                    if (ts != null && os != null &&
+                        LocaleUtils.caseIgnoreMatch(os, ts)) {
+                        String tr = this.regn.get();
+                        String or = ((Key)obj).regn.get();
+                        if (tr != null && or != null &&
+                            LocaleUtils.caseIgnoreMatch(or, tr)) {
+                            String tv = this.vart.get();
+                            String ov = ((Key)obj).vart.get();
+                            return (ov != null && ov.equals(tv));
                     }
                 }
             }
-            return res;
+            }
+            return false;
         }
 
         @Override
@@ -278,10 +282,10 @@
                 return key;
             }
 
-            String lang = LocaleUtils.toLowerString(key.lang).intern();
-            String scrt = LocaleUtils.toTitleString(key.scrt).intern();
-            String regn = LocaleUtils.toUpperString(key.regn).intern();
-            String vart = key.vart.intern(); // preserve upper/lower cases
+            String lang = LocaleUtils.toLowerString(key.lang.get()).intern();
+            String scrt = LocaleUtils.toTitleString(key.scrt.get()).intern();
+            String regn = LocaleUtils.toUpperString(key.regn.get()).intern();
+            String vart = key.vart.get().intern(); // preserve upper/lower cases
 
             return new Key(lang, scrt, regn, vart, true);
         }
@@ -294,12 +298,18 @@
 
         @Override
         protected Key normalizeKey(Key key) {
+            assert key.lang.get() != null &&
+                   key.scrt.get() != null &&
+                   key.regn.get() != null &&
+                   key.vart.get() != null;
+
             return Key.normalize(key);
         }
 
         @Override
         protected BaseLocale createObject(Key key) {
-            return new BaseLocale(key.lang, key.scrt, key.regn, key.vart);
+            return new BaseLocale(key.lang.get(), key.scrt.get(),
+                                  key.regn.get(), key.vart.get());
         }
     }
 }
--- a/src/share/classes/sun/util/locale/LocaleObjectCache.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/classes/sun/util/locale/LocaleObjectCache.java	Wed Jun 18 14:07:55 2014 -0700
@@ -57,8 +57,10 @@
             value = entry.get();
         }
         if (value == null) {
+            V newVal = createObject(key);
+            // make sure key is normalized *after* the object creation
+            // so that newVal is assured to be created from a valid key.
             key = normalizeKey(key);
-            V newVal = createObject(key);
             if (key == null || newVal == null) {
                 // subclass must return non-null key/value object
                 return null;
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/share/classes/sun/util/resources/CalendarData_pt_BR.properties	Wed Jun 18 14:07:55 2014 -0700
@@ -0,0 +1,40 @@
+#
+# Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation.  Oracle designates this
+# particular file as subject to the "Classpath" exception as provided
+# by Oracle in the LICENSE file that accompanied this code.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+# or visit www.oracle.com if you need additional information or have any
+# questions.
+#
+
+# (C) Copyright Taligent, Inc. 1996, 1997 - All Rights Reserved
+# (C) Copyright IBM Corp. 1996 - 1999 - All Rights Reserved
+#
+# The original version of this source code and documentation
+# is copyrighted and owned by Taligent, Inc., a wholly-owned
+# subsidiary of IBM. These materials are provided under terms
+# of a License Agreement between Taligent and Sun. This technology
+# is protected by multiple US and International patents.
+#
+# This notice and attribution to Taligent may not be removed.
+# Taligent is a registered trademark of Taligent, Inc.
+
+
+firstDayOfWeek=1
+minimalDaysInFirstWeek=1
--- a/src/share/javavm/export/jvm.h	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/javavm/export/jvm.h	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -384,6 +384,19 @@
 JVM_FindClassFromBootLoader(JNIEnv *env, const char *name);
 
 /*
+ * Find a class from a given class loader.  Throws ClassNotFoundException.
+ *  name:   name of class
+ *  init:   whether initialization is done
+ *  loader: class loader to look up the class. This may not be the same as the caller's
+ *          class loader.
+ *  caller: initiating class. The initiating class may be null when a security
+ *          manager is not installed.
+ */
+JNIEXPORT jclass JNICALL
+JVM_FindClassFromCaller(JNIEnv *env, const char *name, jboolean init,
+                        jobject loader, jclass caller);
+
+/*
  * Find a class from a given class loader. Throw ClassNotFoundException
  * or NoClassDefFoundError depending on the value of the last
  * argument.
--- a/src/share/native/com/sun/java/util/jar/pack/defines.h	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/native/com/sun/java/util/jar/pack/defines.h	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2001, 2009, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2001, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -79,6 +79,7 @@
 #define ERROR_RESOURCE  "Cannot extract resource file"
 #define ERROR_OVERFLOW  "Internal buffer overflow"
 #define ERROR_INTERNAL  "Internal error"
+#define ERROR_INIT      "cannot init class members"
 
 #define LOGFILE_STDOUT "-"
 #define LOGFILE_STDERR ""
--- a/src/share/native/com/sun/java/util/jar/pack/jni.cpp	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/native/com/sun/java/util/jar/pack/jni.cpp	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -56,6 +56,45 @@
 
 #define THROW_IOE(x) JNU_ThrowIOException(env,x)
 
+#define CHECK_EXCEPTION_RETURN_VOID_THROW_IOE(CERVTI_exception, CERVTI_message) \
+    do { \
+        if ((env)->ExceptionOccurred()) { \
+            THROW_IOE(CERVTI_message); \
+            return; \
+        } \
+        if ((CERVTI_exception) == NULL) { \
+                THROW_IOE(CERVTI_message); \
+                return; \
+        } \
+    } while (JNI_FALSE)
+
+
+#define CHECK_EXCEPTION_RETURN_VALUE(CERL_exception, CERL_return_value) \
+    do { \
+        if ((env)->ExceptionOccurred()) { \
+            return CERL_return_value; \
+        } \
+        if ((CERL_exception) == NULL) { \
+            return CERL_return_value; \
+        } \
+    } while (JNI_FALSE)
+
+
+// If these useful macros aren't defined in jni_util.h then define them here
+#ifndef CHECK_NULL_RETURN
+#define CHECK_NULL_RETURN(x, y) \
+    do { \
+        if ((x) == NULL) return (y); \
+    } while (JNI_FALSE)
+#endif
+
+#ifndef CHECK_EXCEPTION_RETURN
+#define CHECK_EXCEPTION_RETURN(env, y) \
+    do { \
+        if ((*env)->ExceptionCheck(env)) return (y); \
+    } while (JNI_FALSE)
+#endif
+
 static jlong read_input_via_jni(unpacker* self,
                                 void* buf, jlong minlen, jlong maxlen);
 
@@ -92,9 +131,11 @@
   vm->GetEnv(&envRaw, JNI_VERSION_1_1);
   JNIEnv* env = (JNIEnv*) envRaw;
   //fprintf(stderr, "get_unpacker() env=%p\n", env);
-  if (env == null)
-    return null;
+  CHECK_NULL_RETURN(env, NULL);
   jobject pObj = env->CallStaticObjectMethod(NIclazz, currentInstMID);
+  // We should check upon the known non-null variable because here we want to check
+  // only for pending exceptions. If pObj is null we'll deal with it later.
+  CHECK_EXCEPTION_RETURN_VALUE(env, NULL);
   //fprintf(stderr, "get_unpacker0() pObj=%p\n", pObj);
   if (pObj != null) {
     // Got pObj and env; now do it the easy way.
@@ -137,20 +178,20 @@
   while( dbg != null) { sleep(10); }
 #endif
   NIclazz = (jclass) env->NewGlobalRef(clazz);
+
   unpackerPtrFID = env->GetFieldID(clazz, "unpackerPtr", "J");
+  CHECK_EXCEPTION_RETURN_VOID_THROW_IOE(unpackerPtrFID, ERROR_INIT);
+
   currentInstMID = env->GetStaticMethodID(clazz, "currentInstance",
                                           "()Ljava/lang/Object;");
+  CHECK_EXCEPTION_RETURN_VOID_THROW_IOE(currentInstMID, ERROR_INIT);
+
   readInputMID = env->GetMethodID(clazz, "readInputFn",
                                   "(Ljava/nio/ByteBuffer;J)J");
+  CHECK_EXCEPTION_RETURN_VOID_THROW_IOE(readInputMID, ERROR_INIT);
+
   getUnpackerPtrMID = env->GetMethodID(clazz, "getUnpackerPtr", "()J");
-
-  if (unpackerPtrFID == null ||
-      currentInstMID == null ||
-      readInputMID == null ||
-      NIclazz == null ||
-      getUnpackerPtrMID == null) {
-    THROW_IOE("cannot init class members");
-  }
+  CHECK_EXCEPTION_RETURN_VOID_THROW_IOE(getUnpackerPtrMID, ERROR_INIT);
 }
 
 JNIEXPORT jlong JNICALL
@@ -160,9 +201,7 @@
   // valid object pointers and env is intact, if not now is good time to bail.
   unpacker* uPtr = get_unpacker();
   //fprintf(stderr, "start(%p) uPtr=%p initializing\n", pObj, uPtr);
-  if (uPtr == null) {
-      return -1;
-  }
+  CHECK_EXCEPTION_RETURN_VALUE(uPtr, -1);
   // redirect our io to the default log file or whatever.
   uPtr->redirect_stdio();
 
@@ -200,6 +239,7 @@
                                          jobjectArray pParts) {
 
   unpacker* uPtr = get_unpacker(env, pObj);
+  CHECK_EXCEPTION_RETURN_VALUE(uPtr, false);
   unpacker::file* filep = uPtr->get_next_file();
 
   if (uPtr->aborting()) {
@@ -207,32 +247,38 @@
     return false;
   }
 
-  if (filep == null) {
-    return false;   // end of the sequence
-  }
+  CHECK_NULL_RETURN(filep, false);
   assert(filep == &uPtr->cur_file);
 
   int pidx = 0, iidx = 0;
   jintArray pIntParts = (jintArray) env->GetObjectArrayElement(pParts, pidx++);
+  CHECK_EXCEPTION_RETURN_VALUE(pIntParts, false);
   jint*     intParts  = env->GetIntArrayElements(pIntParts, null);
   intParts[iidx++] = (jint)( (julong)filep->size >> 32 );
   intParts[iidx++] = (jint)( (julong)filep->size >>  0 );
   intParts[iidx++] = filep->modtime;
   intParts[iidx++] = filep->deflate_hint() ? 1 : 0;
   env->ReleaseIntArrayElements(pIntParts, intParts, JNI_COMMIT);
-
-  env->SetObjectArrayElement(pParts, pidx++, env->NewStringUTF(filep->name));
-
+  jstring filename = env->NewStringUTF(filep->name);
+  CHECK_EXCEPTION_RETURN_VALUE(filename, false);
+  env->SetObjectArrayElement(pParts, pidx++, filename);
+  CHECK_EXCEPTION_RETURN_VALUE(uPtr, false);
   jobject pDataBuf = null;
-  if (filep->data[0].len > 0)
+  if (filep->data[0].len > 0) {
     pDataBuf = env->NewDirectByteBuffer(filep->data[0].ptr,
                                         filep->data[0].len);
+    CHECK_EXCEPTION_RETURN_VALUE(pDataBuf, false);
+  }
   env->SetObjectArrayElement(pParts, pidx++, pDataBuf);
+  CHECK_EXCEPTION_RETURN_VALUE(uPtr, false);
   pDataBuf = null;
-  if (filep->data[1].len > 0)
+  if (filep->data[1].len > 0) {
     pDataBuf = env->NewDirectByteBuffer(filep->data[1].ptr,
                                         filep->data[1].len);
+    CHECK_EXCEPTION_RETURN_VALUE(pDataBuf, false);
+  }
   env->SetObjectArrayElement(pParts, pidx++, pDataBuf);
+  CHECK_EXCEPTION_RETURN_VALUE(uPtr, false);
 
   return true;
 }
@@ -241,6 +287,7 @@
 JNIEXPORT jobject JNICALL
 Java_com_sun_java_util_jar_pack_NativeUnpack_getUnusedInput(JNIEnv *env, jobject pObj) {
   unpacker* uPtr = get_unpacker(env, pObj);
+  CHECK_EXCEPTION_RETURN_VALUE(uPtr, NULL);
   unpacker::file* filep = &uPtr->cur_file;
 
   if (uPtr->aborting()) {
@@ -263,7 +310,7 @@
 JNIEXPORT jlong JNICALL
 Java_com_sun_java_util_jar_pack_NativeUnpack_finish(JNIEnv *env, jobject pObj) {
   unpacker* uPtr = get_unpacker(env, pObj, false);
-  if (uPtr == null)  return 0;
+  CHECK_EXCEPTION_RETURN_VALUE(uPtr, NULL);
   size_t consumed = uPtr->input_consumed();
   free_unpacker(env, pObj, uPtr);
   return consumed;
@@ -274,7 +321,9 @@
                                        jstring pProp, jstring pValue) {
   unpacker*   uPtr  = get_unpacker(env, pObj);
   const char* prop  = env->GetStringUTFChars(pProp, JNI_FALSE);
+  CHECK_EXCEPTION_RETURN_VALUE(prop, false);
   const char* value = env->GetStringUTFChars(pValue, JNI_FALSE);
+  CHECK_EXCEPTION_RETURN_VALUE(value, false);
   jboolean   retval = uPtr->set_option(prop, value);
   env->ReleaseStringUTFChars(pProp,  prop);
   env->ReleaseStringUTFChars(pValue, value);
@@ -286,9 +335,11 @@
                                        jstring pProp) {
 
   unpacker*   uPtr  = get_unpacker(env, pObj);
+  CHECK_EXCEPTION_RETURN_VALUE(uPtr, NULL);
   const char* prop  = env->GetStringUTFChars(pProp, JNI_FALSE);
+  CHECK_EXCEPTION_RETURN_VALUE(prop, NULL);
   const char* value = uPtr->get_option(prop);
+  CHECK_EXCEPTION_RETURN_VALUE(value, NULL);
   env->ReleaseStringUTFChars(pProp, prop);
-  if (value == null)  return null;
   return env->NewStringUTF(value);
 }
--- a/src/share/native/java/lang/Class.c	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/native/java/lang/Class.c	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1994, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1994, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -97,7 +97,7 @@
 
 JNIEXPORT jclass JNICALL
 Java_java_lang_Class_forName0(JNIEnv *env, jclass this, jstring classname,
-                              jboolean initialize, jobject loader)
+                              jboolean initialize, jobject loader, jclass caller)
 {
     char *clname;
     jclass cls = 0;
@@ -135,8 +135,7 @@
         goto done;
     }
 
-    cls = JVM_FindClassFromClassLoader(env, clname, initialize,
-                                       loader, JNI_FALSE);
+    cls = JVM_FindClassFromCaller(env, clname, initialize, loader, caller);
 
  done:
     if (clname != buf) {
--- a/src/share/native/sun/awt/medialib/awt_ImagingLib.c	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/native/sun/awt/medialib/awt_ImagingLib.c	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -373,14 +373,14 @@
 
 
     /* Parse the source image */
-    if ((status = awt_parseImage(env, jsrc, &srcImageP, FALSE)) <= 0) {
+    if (awt_parseImage(env, jsrc, &srcImageP, FALSE) <= 0) {
         /* Can't handle any custom images */
         free(dkern);
         return 0;
     }
 
     /* Parse the destination image */
-    if ((status = awt_parseImage(env, jdst, &dstImageP, FALSE)) <= 0) {
+    if (awt_parseImage(env, jdst, &dstImageP, FALSE) <= 0) {
         /* Can't handle any custom images */
         awt_freeParsedImage(srcImageP, TRUE);
         free(dkern);
@@ -627,7 +627,7 @@
     }
 
     /* Parse the source raster */
-    if ((status = awt_parseRaster(env, jsrc, srcRasterP)) <= 0) {
+    if (awt_parseRaster(env, jsrc, srcRasterP) <= 0) {
         /* Can't handle any custom rasters */
         free(srcRasterP);
         free(dstRasterP);
@@ -636,7 +636,7 @@
     }
 
     /* Parse the destination raster */
-    if ((status = awt_parseRaster(env, jdst, dstRasterP)) <= 0) {
+    if (awt_parseRaster(env, jdst, dstRasterP) <= 0) {
         /* Can't handle any custom images */
         awt_freeParsedRaster(srcRasterP, TRUE);
         free(dstRasterP);
@@ -839,13 +839,13 @@
     (*env)->ReleasePrimitiveArrayCritical(env, jmatrix, matrix, JNI_ABORT);
 
     /* Parse the source image */
-    if ((status = awt_parseImage(env, jsrc, &srcImageP, FALSE)) <= 0) {
+    if (awt_parseImage(env, jsrc, &srcImageP, FALSE) <= 0) {
         /* Can't handle any custom images */
         return 0;
     }
 
     /* Parse the destination image */
-    if ((status = awt_parseImage(env, jdst, &dstImageP, FALSE)) <= 0) {
+    if (awt_parseImage(env, jdst, &dstImageP, FALSE) <= 0) {
         /* Can't handle any custom images */
         awt_freeParsedImage(srcImageP, TRUE);
         return 0;
@@ -1059,7 +1059,7 @@
     (*env)->ReleasePrimitiveArrayCritical(env, jmatrix, matrix, JNI_ABORT);
 
     /* Parse the source raster */
-    if ((status = awt_parseRaster(env, jsrc, srcRasterP)) <= 0) {
+    if (awt_parseRaster(env, jsrc, srcRasterP) <= 0) {
         /* Can't handle any custom rasters */
         free(srcRasterP);
         free(dstRasterP);
@@ -1067,7 +1067,7 @@
     }
 
     /* Parse the destination raster */
-    if ((status = awt_parseRaster(env, jdst, dstRasterP)) <= 0) {
+    if (awt_parseRaster(env, jdst, dstRasterP) <= 0) {
         /* Can't handle any custom images */
         awt_freeParsedRaster(srcRasterP, TRUE);
         free(dstRasterP);
@@ -1305,13 +1305,13 @@
     if (s_timeIt) (*start_timer)(3600);
 
     /* Parse the source image */
-    if ((status = awt_parseImage(env, jsrc, &srcImageP, FALSE)) <= 0) {
+    if (awt_parseImage(env, jsrc, &srcImageP, FALSE) <= 0) {
         /* Can't handle any custom images */
         return 0;
     }
 
     /* Parse the destination image */
-    if ((status = awt_parseImage(env, jdst, &dstImageP, FALSE)) <= 0) {
+    if (awt_parseImage(env, jdst, &dstImageP, FALSE) <= 0) {
         /* Can't handle any custom images */
         awt_freeParsedImage(srcImageP, TRUE);
         return 0;
@@ -1553,14 +1553,14 @@
     }
 
     /* Parse the source raster - reject custom images */
-    if ((status = awt_parseRaster(env, jsrc, srcRasterP)) <= 0) {
+    if (awt_parseRaster(env, jsrc, srcRasterP) <= 0) {
         free(srcRasterP);
         free(dstRasterP);
         return 0;
     }
 
     /* Parse the destination image - reject custom images */
-    if ((status = awt_parseRaster(env, jdst, dstRasterP)) <= 0) {
+    if (awt_parseRaster(env, jdst, dstRasterP) <= 0) {
         awt_freeParsedRaster(srcRasterP, TRUE);
         free(dstRasterP);
         return 0;
--- a/src/share/native/sun/font/freetypeScaler.c	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/native/sun/font/freetypeScaler.c	Wed Jun 18 14:07:55 2014 -0700
@@ -177,18 +177,10 @@
     if (numBytes > FILEDATACACHESIZE) {
         bBuffer = (*env)->NewDirectByteBuffer(env, destBuffer, numBytes);
         if (bBuffer != NULL) {
-            /* Loop until the read succeeds (or EOF).
-             * This should improve robustness in the event of a problem in
-             * the I/O system. If we find that we ever end up spinning here
-             * we are going to have to do some serious work to recover.
-             * Just returning without reading the data will cause a crash.
-             */
-            while (bread == 0) {
-                bread = (*env)->CallIntMethod(env,
-                                              scalerInfo->font2D,
-                                              sunFontIDs.ttReadBlockMID,
-                                              bBuffer, offset, numBytes);
-            }
+            bread = (*env)->CallIntMethod(env,
+                                          scalerInfo->font2D,
+                                          sunFontIDs.ttReadBlockMID,
+                                          bBuffer, offset, numBytes);
             return bread;
         } else {
             /* We probably hit bug bug 4845371. For reasons that
@@ -224,19 +216,10 @@
                  (offset + FILEDATACACHESIZE > scalerInfo->fileSize) ?
                  scalerInfo->fileSize - offset : FILEDATACACHESIZE;
         bBuffer = scalerInfo->directBuffer;
-        /* Loop until all the read succeeds (or EOF).
-         * This should improve robustness in the event of a problem in
-         * the I/O system. If we find that we ever end up spinning here
-         * we are going to have to do some serious work to recover.
-         * Just returning without reading the data will cause a crash.
-         */
-        while (bread == 0) {
-            bread = (*env)->CallIntMethod(env, scalerInfo->font2D,
-                                          sunFontIDs.ttReadBlockMID,
-                                          bBuffer, offset,
-                                          scalerInfo->fontDataLength);
-        }
-
+        bread = (*env)->CallIntMethod(env, scalerInfo->font2D,
+                                      sunFontIDs.ttReadBlockMID,
+                                      bBuffer, offset,
+                                      scalerInfo->fontDataLength);
         memcpy(destBuffer, scalerInfo->fontData, numBytes);
         return numBytes;
     }
--- a/src/share/native/sun/font/layout/ContextualSubstSubtables.cpp	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/native/sun/font/layout/ContextualSubstSubtables.cpp	Wed Jun 18 14:07:55 2014 -0700
@@ -243,12 +243,22 @@
         le_uint16 srSetCount = SWAPW(subRuleSetCount);
 
         if (coverageIndex < srSetCount) {
+            LEReferenceToArrayOf<Offset> subRuleSetTableOffsetArrayRef(base, success,
+                    &subRuleSetTableOffsetArray[coverageIndex], 1);
+            if (LE_FAILURE(success)) {
+                return 0;
+            }
             Offset subRuleSetTableOffset = SWAPW(subRuleSetTableOffsetArray[coverageIndex]);
             LEReferenceTo<SubRuleSetTable>
                  subRuleSetTable(base, success, (const SubRuleSetTable *) ((char *) this + subRuleSetTableOffset));
             le_uint16 subRuleCount = SWAPW(subRuleSetTable->subRuleCount);
             le_int32 position = glyphIterator->getCurrStreamPosition();
 
+            LEReferenceToArrayOf<Offset> subRuleTableOffsetArrayRef(base, success,
+                    subRuleSetTable->subRuleTableOffsetArray, subRuleCount);
+            if (LE_FAILURE(success)) {
+                return 0;
+            }
             for (le_uint16 subRule = 0; subRule < subRuleCount; subRule += 1) {
                 Offset subRuleTableOffset =
                     SWAPW(subRuleSetTable->subRuleTableOffsetArray[subRule]);
@@ -301,13 +311,22 @@
                                                                 glyphIterator->getCurrGlyphID(),
                                                                 success);
 
-        if (setClass < scSetCount && subClassSetTableOffsetArray[setClass] != 0) {
+        if (setClass < scSetCount) {
+            LEReferenceToArrayOf<Offset>
+                 subClassSetTableOffsetArrayRef(base, success, subClassSetTableOffsetArray, setClass);
+            if (LE_FAILURE(success)) { return 0; }
+            if (subClassSetTableOffsetArray[setClass] != 0) {
+
             Offset subClassSetTableOffset = SWAPW(subClassSetTableOffsetArray[setClass]);
             LEReferenceTo<SubClassSetTable>
                  subClassSetTable(base, success, (const SubClassSetTable *) ((char *) this + subClassSetTableOffset));
             le_uint16 subClassRuleCount = SWAPW(subClassSetTable->subClassRuleCount);
             le_int32 position = glyphIterator->getCurrStreamPosition();
-
+                LEReferenceToArrayOf<Offset>
+                    subClassRuleTableOffsetArrayRef(base, success, subClassSetTable->subClassRuleTableOffsetArray, subClassRuleCount);
+                if (LE_FAILURE(success)) {
+                    return 0;
+                }
             for (le_uint16 scRule = 0; scRule < subClassRuleCount; scRule += 1) {
                 Offset subClassRuleTableOffset =
                     SWAPW(subClassSetTable->subClassRuleTableOffsetArray[scRule]);
@@ -331,6 +350,7 @@
                 glyphIterator->setCurrStreamPosition(position);
             }
         }
+        }
 
         // XXX If we get here, the table is mal-formed...
     }
@@ -442,13 +462,22 @@
         le_uint16 srSetCount = SWAPW(chainSubRuleSetCount);
 
         if (coverageIndex < srSetCount) {
+            LEReferenceToArrayOf<Offset>
+                chainSubRuleSetTableOffsetArrayRef(base, success, chainSubRuleSetTableOffsetArray, coverageIndex);
+            if (LE_FAILURE(success)) {
+                return 0;
+            }
             Offset chainSubRuleSetTableOffset = SWAPW(chainSubRuleSetTableOffsetArray[coverageIndex]);
             LEReferenceTo<ChainSubRuleSetTable>
                  chainSubRuleSetTable(base, success, (const ChainSubRuleSetTable *) ((char *) this + chainSubRuleSetTableOffset));
             le_uint16 chainSubRuleCount = SWAPW(chainSubRuleSetTable->chainSubRuleCount);
             le_int32 position = glyphIterator->getCurrStreamPosition();
             GlyphIterator tempIterator(*glyphIterator, emptyFeatureList);
-
+            LEReferenceToArrayOf<Offset>
+                chainSubRuleTableOffsetArrayRef(base, success, chainSubRuleSetTable->chainSubRuleTableOffsetArray, chainSubRuleCount);
+            if (LE_FAILURE(success)) {
+                return 0;
+            }
             for (le_uint16 subRule = 0; subRule < chainSubRuleCount; subRule += 1) {
                 Offset chainSubRuleTableOffset =
                     SWAPW(chainSubRuleSetTable->chainSubRuleTableOffsetArray[subRule]);
@@ -530,6 +559,11 @@
         le_int32 setClass = inputClassDefinitionTable->getGlyphClass(inputClassDefinitionTable,
                                                                      glyphIterator->getCurrGlyphID(),
                                                                      success);
+        LEReferenceToArrayOf<Offset>
+            chainSubClassSetTableOffsetArrayRef(base, success, chainSubClassSetTableOffsetArray, setClass);
+        if (LE_FAILURE(success)) {
+            return 0;
+        }
 
         if (setClass < scSetCount && chainSubClassSetTableOffsetArray[setClass] != 0) {
             Offset chainSubClassSetTableOffset = SWAPW(chainSubClassSetTableOffsetArray[setClass]);
@@ -538,7 +572,11 @@
             le_uint16 chainSubClassRuleCount = SWAPW(chainSubClassSetTable->chainSubClassRuleCount);
             le_int32 position = glyphIterator->getCurrStreamPosition();
             GlyphIterator tempIterator(*glyphIterator, emptyFeatureList);
-
+            LEReferenceToArrayOf<Offset>
+                chainSubClassRuleTableOffsetArrayRef(base, success, chainSubClassSetTable->chainSubClassRuleTableOffsetArray, chainSubClassRuleCount);
+            if (LE_FAILURE(success)) {
+                return 0;
+            }
             for (le_uint16 scRule = 0; scRule < chainSubClassRuleCount; scRule += 1) {
                 Offset chainSubClassRuleTableOffset =
                     SWAPW(chainSubClassSetTable->chainSubClassRuleTableOffsetArray[scRule]);
@@ -603,12 +641,14 @@
     }
 
     le_uint16 backtrkGlyphCount = SWAPW(backtrackGlyphCount);
+    LEReferenceToArrayOf<Offset> backtrackGlyphArrayRef(base, success, backtrackCoverageTableOffsetArray, backtrkGlyphCount);
+    if (LE_FAILURE(success)) {
+        return 0;
+    }
     le_uint16 inputGlyphCount = (le_uint16) SWAPW(backtrackCoverageTableOffsetArray[backtrkGlyphCount]);
     LEReferenceToArrayOf<Offset>   inputCoverageTableOffsetArray(base, success, &backtrackCoverageTableOffsetArray[backtrkGlyphCount + 1], inputGlyphCount+2); // offset
     if (LE_FAILURE(success)) { return 0; }
     const le_uint16 lookaheadGlyphCount = (le_uint16) SWAPW(inputCoverageTableOffsetArray[inputGlyphCount]);
-
-    if( LE_FAILURE(success) ) { return 0; }
     LEReferenceToArrayOf<Offset>   lookaheadCoverageTableOffsetArray(base, success, inputCoverageTableOffsetArray.getAlias(inputGlyphCount + 1, success), lookaheadGlyphCount+2);
 
     if( LE_FAILURE(success) ) { return 0; }
--- a/src/share/native/sun/management/GcInfoBuilder.c	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/native/sun/management/GcInfoBuilder.c	Wed Jun 18 14:07:55 2014 -0700
@@ -190,7 +190,7 @@
 
     if (ext_att_count <= 0) {
         JNU_ThrowIllegalArgumentException(env, "Invalid ext_att_count");
-        return;
+        return 0;
     }
 
     gc_stat.usage_before_gc = usageBeforeGC;
--- a/src/share/native/sun/security/ec/ECC_JNI.cpp	Fri May 30 18:54:16 2014 +0100
+++ b/src/share/native/sun/security/ec/ECC_JNI.cpp	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -62,24 +62,42 @@
     SECITEM_FreeItem(&ecparams->curveOID, B_FALSE);
     if (freeStruct)
         free(ecparams);
+
+}
+
+jbyteArray getEncodedBytes(JNIEnv *env, SECItem *hSECItem)
+{
+    SECItem *s = (SECItem *)hSECItem;
+
+    jbyteArray jEncodedBytes = env->NewByteArray(s->len);
+    if (jEncodedBytes == NULL) {
+        return NULL;
+    }
+    // Copy bytes from a native SECItem buffer to java byte array
+    env->SetByteArrayRegion(jEncodedBytes, 0, s->len, (jbyte *)s->data);
+    if (env->ExceptionCheck()) { //should never happen
+        return NULL;
+    }
+    return jEncodedBytes;
 }
 
 /*
  * Class:     sun_security_ec_ECKeyPairGenerator
  * Method:    generateECKeyPair
- * Signature: (I[B[B)[J
+ * Signature: (I[B[B)[B
  */
-JNIEXPORT jlongArray
+JNIEXPORT jobjectArray
 JNICALL Java_sun_security_ec_ECKeyPairGenerator_generateECKeyPair
   (JNIEnv *env, jclass clazz, jint keySize, jbyteArray encodedParams, jbyteArray seed)
 {
-    ECPrivateKey *privKey;      /* contains both public and private values */
+    ECPrivateKey *privKey = NULL;      /* contains both public and private values */
     ECParams *ecparams = NULL;
     SECKEYECParams params_item;
     jint jSeedLength;
     jbyte* pSeedBuffer = NULL;
-    jlongArray result = NULL;
-    jlong* resultElements = NULL;
+    jobjectArray result = NULL;
+    jclass baCls = NULL;
+    jbyteArray jba;
 
     // Initialize the ECParams struct
     params_item.len = env->GetArrayLength(encodedParams);
@@ -106,61 +124,64 @@
     }
 
     jboolean isCopy;
-    result = env->NewLongArray(2);
-    resultElements = env->GetLongArrayElements(result, &isCopy);
+    baCls = env->FindClass("[B");
+    if (baCls == NULL) {
+        goto cleanup;
+    }
+    result = env->NewObjectArray(2, baCls, NULL);
+    if (result == NULL) {
+        goto cleanup;
+    }
+    jba = getEncodedBytes(env, &(privKey->privateValue));
+    if (jba == NULL) {
+        result = NULL;
+        goto cleanup;
+    }
+    env->SetObjectArrayElement(result, 0, jba); // big integer
+    if (env->ExceptionCheck()) { // should never happen
+        result = NULL;
+        goto cleanup;
+    }
 
-    resultElements[0] = (jlong) &(privKey->privateValue); // private big integer
-    resultElements[1] = (jlong) &(privKey->publicValue); // encoded ec point
-
-    // If the array is a copy then we must write back our changes
-    if (isCopy == JNI_TRUE) {
-        env->ReleaseLongArrayElements(result, resultElements, 0);
+    jba = getEncodedBytes(env, &(privKey->publicValue));
+    if (jba == NULL) {
+        result = NULL;
+        goto cleanup;
+    }
+    env->SetObjectArrayElement(result, 1, jba); // encoded ec point
+    if (env->ExceptionCheck()) { // should never happen
+        result = NULL;
+        goto cleanup;
     }
 
 cleanup:
     {
-        if (params_item.data)
+        if (params_item.data) {
             env->ReleaseByteArrayElements(encodedParams,
                 (jbyte *) params_item.data, JNI_ABORT);
+        }
 
-        if (ecparams)
+        if (ecparams) {
             FreeECParams(ecparams, true);
+        }
 
         if (privKey) {
             FreeECParams(&privKey->ecParams, false);
             SECITEM_FreeItem(&privKey->version, B_FALSE);
-            // Don't free privKey->privateValue and privKey->publicValue
+            SECITEM_FreeItem(&privKey->privateValue, B_FALSE);
+            SECITEM_FreeItem(&privKey->publicValue, B_FALSE);
+            free(privKey);
         }
 
-        if (pSeedBuffer)
+        if (pSeedBuffer) {
             delete [] pSeedBuffer;
+        }
     }
 
     return result;
 }
 
 /*
- * Class:     sun_security_ec_ECKeyPairGenerator
- * Method:    getEncodedBytes
- * Signature: (J)[B
- */
-JNIEXPORT jbyteArray
-JNICALL Java_sun_security_ec_ECKeyPairGenerator_getEncodedBytes
-  (JNIEnv *env, jclass clazz, jlong hSECItem)
-{
-    SECItem *s = (SECItem *)hSECItem;
-    jbyteArray jEncodedBytes = env->NewByteArray(s->len);
-
-    // Copy bytes from a native SECItem buffer to Java byte array
-    env->SetByteArrayRegion(jEncodedBytes, 0, s->len, (jbyte *)s->data);
-
-    // Use B_FALSE to free only the SECItem->data
-    SECITEM_FreeItem(s, B_FALSE);
-
-    return jEncodedBytes;
-}
-
-/*
  * Class:     sun_security_ec_ECDSASignature
  * Method:    signDigest
  * Signature: ([B[B[B[B)[B
@@ -234,21 +255,31 @@
 
 cleanup:
     {
-        if (params_item.data)
+        if (params_item.data) {
             env->ReleaseByteArrayElements(encodedParams,
                 (jbyte *) params_item.data, JNI_ABORT);
+        }
 
-        if (pDigestBuffer)
+        if (privKey.privateValue.data) {
+            env->ReleaseByteArrayElements(privateKey,
+                (jbyte *) privKey.privateValue.data, JNI_ABORT);
+        }
+
+        if (pDigestBuffer) {
             delete [] pDigestBuffer;
+        }
 
-        if (pSignedDigestBuffer)
+        if (pSignedDigestBuffer) {
             delete [] pSignedDigestBuffer;
+        }
 
-        if (pSeedBuffer)
+        if (pSeedBuffer) {
             delete [] pSeedBuffer;
+        }
 
-        if (ecparams)
+        if (ecparams) {
             FreeECParams(ecparams, true);
+        }
     }
 
     return jSignedDigest;
--- a/src/solaris/classes/sun/font/FcFontConfiguration.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/solaris/classes/sun/font/FcFontConfiguration.java	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2008, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2008, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -33,6 +33,7 @@
 import java.net.InetAddress;
 import java.net.UnknownHostException;
 import java.nio.charset.Charset;
+import java.nio.charset.StandardCharsets;
 import java.nio.file.Files;
 import java.util.HashMap;
 import java.util.HashSet;
@@ -173,8 +174,16 @@
     }
 
     @Override
-    public FontDescriptor[] getFontDescriptors(String fontName, int style) {
-        return new FontDescriptor[0];
+    protected FontDescriptor[] buildFontDescriptors(int fontIndex, int styleIndex) {
+        CompositeFontDescriptor[] cfi = get2DCompositeFontInfo();
+        int idx = fontIndex * NUM_STYLES + styleIndex;
+        String[] componentFaceNames = cfi[idx].getComponentFaceNames();
+        FontDescriptor[] ret = new FontDescriptor[componentFaceNames.length];
+        for (int i = 0; i < componentFaceNames.length; i++) {
+            ret[i] = new FontDescriptor(componentFaceNames[i], StandardCharsets.UTF_8.newEncoder(), new int[0]);
+        }
+
+        return ret;
     }
 
     @Override
@@ -250,10 +259,12 @@
                 }
 
                 String[] fileNames = new String[numFonts];
+                String[] faceNames = new String[numFonts];
 
                 int index;
                 for (index = 0; index < fcFonts.length; index++) {
                     fileNames[index] = fcFonts[index].fontFile;
+                    faceNames[index] = fcFonts[index].familyName;
                 }
 
                 if (installedFallbackFontFiles != null) {
@@ -266,7 +277,7 @@
                         = new CompositeFontDescriptor(
                             faceName,
                             1,
-                            null,
+                            faceNames,
                             fileNames,
                             null, null);
             }
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/solaris/native/java/net/AbstractPlainDatagramSocketImpl.c	Wed Jun 18 14:07:55 2014 -0700
@@ -0,0 +1,89 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+#include <sys/types.h>
+#include <sys/socket.h>
+
+#ifdef __solaris__
+#include <unistd.h>
+#include <stropts.h>
+
+#ifndef BSD_COMP
+#define BSD_COMP
+#endif
+
+#endif
+
+#include <sys/ioctl.h>
+
+#include "jvm.h"
+#include "jni_util.h"
+#include "net_util.h"
+
+#include "java_net_AbstractPlainDatagramSocketImpl.h"
+
+static jfieldID IO_fd_fdID;
+
+static jfieldID apdsi_fdID;
+
+
+/*
+ * Class:     java_net_AbstractPlainDatagramSocketImpl
+ * Method:    init
+ * Signature: ()V
+ */
+JNIEXPORT void JNICALL
+Java_java_net_AbstractPlainDatagramSocketImpl_init(JNIEnv *env, jclass cls) {
+
+    apdsi_fdID = (*env)->GetFieldID(env, cls, "fd",
+                                   "Ljava/io/FileDescriptor;");
+    CHECK_NULL(apdsi_fdID);
+
+    IO_fd_fdID = NET_GetFileDescriptorID(env);
+}
+
+/*
+ * Class:     java_net_AbstractPlainDatagramSocketImpl
+ * Method:    dataAvailable
+ * Signature: ()I
+ */
+JNIEXPORT jint JNICALL Java_java_net_AbstractPlainDatagramSocketImpl_dataAvailable
+(JNIEnv *env, jobject this) {
+    int fd, retval;
+
+    jobject fdObj = (*env)->GetObjectField(env, this, apdsi_fdID);
+
+    if (IS_NULL(fdObj)) {
+        JNU_ThrowByName(env, JNU_JAVANETPKG "SocketException",
+                        "Socket closed");
+        return -1;
+    }
+    fd = (*env)->GetIntField(env, fdObj, IO_fd_fdID);
+
+    if (ioctl(fd, FIONREAD, &retval) < 0) {
+        return -1;
+    }
+    return retval;
+}
--- a/src/solaris/native/java/util/FileSystemPreferences.c	Fri May 30 18:54:16 2014 +0100
+++ b/src/solaris/native/java/util/FileSystemPreferences.c	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2001, 2004, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2001, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -38,12 +38,14 @@
 JNIEXPORT jint JNICALL
 Java_java_util_prefs_FileSystemPreferences_chmod(JNIEnv *env,
                        jclass thisclass, jstring java_fname, jint permission) {
-    const char *fname = JNU_GetStringPlatformChars(env, java_fname, JNI_FALSE);
-    int result;
-    result =  chmod(fname, permission);
-    if (result != 0)
-       result = errno;
-    JNU_ReleaseStringPlatformChars(env, java_fname, fname);
+    const char *fname = JNU_GetStringPlatformChars(env, java_fname, NULL);
+    int result = -1;
+    if (fname) {
+        result =  chmod(fname, permission);
+        if (result != 0)
+            result = errno;
+        JNU_ReleaseStringPlatformChars(env, java_fname, fname);
+    }
     return (jint) result;
 }
 
@@ -61,13 +63,16 @@
 JNIEXPORT jintArray JNICALL
 Java_java_util_prefs_FileSystemPreferences_lockFile0(JNIEnv *env,
     jclass thisclass, jstring java_fname, jint permission, jboolean shared) {
-    const char *fname = JNU_GetStringPlatformChars(env, java_fname, JNI_FALSE);
+    const char *fname = JNU_GetStringPlatformChars(env, java_fname, NULL);
     int fd, rc;
     int result[2];
-    jintArray javaResult;
+    jintArray javaResult = NULL;
     int old_umask;
     FLOCK fl;
 
+    if (!fname)
+        return javaResult;
+
     fl.l_whence = SEEK_SET;
     fl.l_len = 0;
     fl.l_start = 0;
@@ -104,7 +109,8 @@
     }
     JNU_ReleaseStringPlatformChars(env, java_fname, fname);
     javaResult = (*env)->NewIntArray(env,2);
-    (*env)->SetIntArrayRegion(env, javaResult, 0, 2, result);
+    if (javaResult)
+        (*env)->SetIntArrayRegion(env, javaResult, 0, 2, result);
     return javaResult;
 }
 
--- a/src/windows/bin/java_md.c	Fri May 30 18:54:16 2014 +0100
+++ b/src/windows/bin/java_md.c	Wed Jun 18 14:07:55 2014 -0700
@@ -1301,6 +1301,14 @@
             /* save path length */
             jrePathLen = JLI_StrLen(libraryPath);
 
+            if (jrePathLen + JLI_StrLen("\\bin\\verify.dll") >= MAXPATHLEN) {
+              /* jre path is too long, the library path will not fit there;
+               * report and abort preloading
+               */
+              JLI_ReportErrorMessage(JRE_ERROR11);
+              break;
+            }
+
             /* load msvcrt 1st */
             LoadMSVCRT();
 
--- a/src/windows/classes/sun/awt/shell/Win32ShellFolder2.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/windows/classes/sun/awt/shell/Win32ShellFolder2.java	Wed Jun 18 14:07:55 2014 -0700
@@ -583,11 +583,18 @@
 
     // Needs to be accessible to Win32ShellFolderManager2
     static String getFileSystemPath(final int csidl) throws IOException, InterruptedException {
-        return invoke(new Callable<String>() {
+        String path = invoke(new Callable<String>() {
             public String call() throws IOException {
                 return getFileSystemPath0(csidl);
             }
         }, IOException.class);
+        if (path != null) {
+            SecurityManager security = System.getSecurityManager();
+            if (security != null) {
+                security.checkRead(path);
+            }
+        }
+        return path;
     }
 
     // NOTE: this method uses COM and must be called on the 'COM thread'. See ComInvoker for the details
--- a/src/windows/classes/sun/awt/shell/Win32ShellFolderManager2.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/windows/classes/sun/awt/shell/Win32ShellFolderManager2.java	Wed Jun 18 14:07:55 2014 -0700
@@ -138,6 +138,8 @@
         if (desktop == null) {
             try {
                 desktop = new Win32ShellFolder2(DESKTOP);
+            } catch (SecurityException e) {
+                // Ignore error
             } catch (IOException e) {
                 // Ignore error
             } catch (InterruptedException e) {
@@ -151,6 +153,8 @@
         if (drives == null) {
             try {
                 drives = new Win32ShellFolder2(DRIVES);
+            } catch (SecurityException e) {
+                // Ignore error
             } catch (IOException e) {
                 // Ignore error
             } catch (InterruptedException e) {
@@ -167,6 +171,8 @@
                 if (path != null) {
                     recent = createShellFolder(getDesktop(), new File(path));
                 }
+            } catch (SecurityException e) {
+                // Ignore error
             } catch (InterruptedException e) {
                 // Ignore error
             } catch (IOException e) {
@@ -180,6 +186,8 @@
         if (network == null) {
             try {
                 network = new Win32ShellFolder2(NETWORK);
+            } catch (SecurityException e) {
+                // Ignore error
             } catch (IOException e) {
                 // Ignore error
             } catch (InterruptedException e) {
@@ -203,6 +211,8 @@
                         personal.setIsPersonal();
                     }
                 }
+            } catch (SecurityException e) {
+                // Ignore error
             } catch (InterruptedException e) {
                 // Ignore error
             } catch (IOException e) {
--- a/src/windows/classes/sun/awt/windows/ThemeReader.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/windows/classes/sun/awt/windows/ThemeReader.java	Wed Jun 18 14:07:55 2014 -0700
@@ -56,18 +56,12 @@
         new ReentrantReadWriteLock();
     private static final Lock readLock = readWriteLock.readLock();
     private static final Lock writeLock = readWriteLock.writeLock();
+    private static volatile boolean valid = false;
 
     static void flush() {
-        writeLock.lock();
-        try {
-            // Close old themes.
-            for (Long value : widgetToTheme.values()) {
-                closeTheme(value.longValue());
-            }
-            widgetToTheme.clear();
-        } finally {
-            writeLock.unlock();
-        }
+        // Could be called on Toolkit thread, so do not try to aquire locks
+        // to avoid deadlock with theme initialization
+        valid = false;
     }
 
     public native static boolean isThemed();
@@ -94,6 +88,24 @@
     // returns theme value
     // this method should be invoked with readLock locked
     private static Long getTheme(String widget) {
+        if (!valid) {
+            readLock.unlock();
+            writeLock.lock();
+            try {
+                if (!valid) {
+                    // Close old themes.
+                    for (Long value : widgetToTheme.values()) {
+                        closeTheme(value);
+                    }
+                    widgetToTheme.clear();
+                    valid = true;
+                }
+            } finally {
+                readLock.lock();
+                writeLock.unlock();
+            }
+        }
+
         // mostly copied from the javadoc for ReentrantReadWriteLock
         Long theme = widgetToTheme.get(widget);
         if (theme == null) {
--- a/src/windows/classes/sun/awt/windows/WToolkit.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/windows/classes/sun/awt/windows/WToolkit.java	Wed Jun 18 14:07:55 2014 -0700
@@ -864,12 +864,18 @@
      * Windows doesn't always send WM_SETTINGCHANGE when it should.
      */
     private void windowsSettingChange() {
-        EventQueue.invokeLater(new Runnable() {
-            @Override
-            public void run() {
-                updateProperties();
-            }
-        });
+        if (AppContext.getAppContext() == null) {
+            // We cannot post the update to any EventQueue. Listeners will
+            // be called on EDTs by DesktopPropertyChangeSupport
+            updateProperties();
+        } else {
+            EventQueue.invokeLater(new Runnable() {
+                @Override
+                public void run() {
+                    updateProperties();
+                }
+            });
+        }
     }
 
     private synchronized void updateProperties() {
--- a/src/windows/classes/sun/awt/windows/WWindowPeer.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/windows/classes/sun/awt/windows/WWindowPeer.java	Wed Jun 18 14:07:55 2014 -0700
@@ -421,6 +421,7 @@
      */
     public static long[] getActiveWindowHandles() {
         AppContext appContext = AppContext.getAppContext();
+        if (appContext == null) return null;
         synchronized (appContext) {
             List<WWindowPeer> l = (List<WWindowPeer>)appContext.get(ACTIVE_WINDOWS_KEY);
             if (l == null) {
--- a/src/windows/classes/sun/security/mscapi/RSACipher.java	Fri May 30 18:54:16 2014 +0100
+++ b/src/windows/classes/sun/security/mscapi/RSACipher.java	Wed Jun 18 14:07:55 2014 -0700
@@ -35,6 +35,8 @@
 import javax.crypto.spec.*;
 
 import sun.security.rsa.RSAKeyFactory;
+import sun.security.internal.spec.TlsRsaPremasterSecretParameterSpec;
+import sun.security.util.KeyUtil;
 
 /**
  * RSA cipher implementation using the Microsoft Crypto API.
@@ -92,9 +94,16 @@
 
     // the public key, if we were initialized using a public key
     private sun.security.mscapi.Key publicKey;
+
     // the private key, if we were initialized using a private key
     private sun.security.mscapi.Key privateKey;
 
+    // cipher parameter for TLS RSA premaster secret
+    private AlgorithmParameterSpec spec = null;
+
+    // the source of randomness
+    private SecureRandom random;
+
     public RSACipher() {
         paddingType = PAD_PKCS1;
     }
@@ -155,8 +164,12 @@
             throws InvalidKeyException, InvalidAlgorithmParameterException {
 
         if (params != null) {
-            throw new InvalidAlgorithmParameterException
-                ("Parameters not supported");
+            if (!(params instanceof TlsRsaPremasterSecretParameterSpec)) {
+                throw new InvalidAlgorithmParameterException(
+                        "Parameters not supported");
+            }
+            spec = params;
+            this.random = random;   // for TLS RSA premaster secret
         }
         init(opmode, key);
     }
@@ -356,39 +369,47 @@
     }
 
     // see JCE spec
-    protected java.security.Key engineUnwrap(byte[] wrappedKey, String algorithm,
+    protected java.security.Key engineUnwrap(byte[] wrappedKey,
+            String algorithm,
             int type) throws InvalidKeyException, NoSuchAlgorithmException {
 
         if (wrappedKey.length > buffer.length) {
             throw new InvalidKeyException("Key is too long for unwrapping");
         }
+
+        boolean isTlsRsaPremasterSecret =
+                algorithm.equals("TlsRsaPremasterSecret");
+        Exception failover = null;
+        byte[] encoded = null;
+
         update(wrappedKey, 0, wrappedKey.length);
-
         try {
-            byte[] encoding = doFinal();
-
-            switch (type) {
-            case Cipher.PUBLIC_KEY:
-                return constructPublicKey(encoding, algorithm);
-
-            case Cipher.PRIVATE_KEY:
-                return constructPrivateKey(encoding, algorithm);
-
-            case Cipher.SECRET_KEY:
-                return constructSecretKey(encoding, algorithm);
-
-            default:
-                throw new InvalidKeyException("Unknown key type " + type);
+            encoded = doFinal();
+        } catch (BadPaddingException e) {
+            if (isTlsRsaPremasterSecret) {
+                failover = e;
+            } else {
+                throw new InvalidKeyException("Unwrapping failed", e);
             }
-
-        } catch (BadPaddingException e) {
-            // should not occur
-            throw new InvalidKeyException("Unwrapping failed", e);
-
         } catch (IllegalBlockSizeException e) {
             // should not occur, handled with length check above
             throw new InvalidKeyException("Unwrapping failed", e);
         }
+
+        if (isTlsRsaPremasterSecret) {
+            if (!(spec instanceof TlsRsaPremasterSecretParameterSpec)) {
+                throw new IllegalStateException(
+                        "No TlsRsaPremasterSecretParameterSpec specified");
+            }
+
+            // polish the TLS premaster secret
+            encoded = KeyUtil.checkTlsPreMasterSecretKey(
+                ((TlsRsaPremasterSecretParameterSpec)spec).getClientVersion(),
+                ((TlsRsaPremasterSecretParameterSpec)spec).getServerVersion(),
+                random, encoded, (failover != null));
+        }
+
+        return constructKey(encoded, algorithm, type);
     }
 
     // see JCE spec
@@ -452,6 +473,22 @@
         return new SecretKeySpec(encodedKey, encodedKeyAlgorithm);
     }
 
+    private static Key constructKey(byte[] encodedKey,
+            String encodedKeyAlgorithm,
+            int keyType) throws InvalidKeyException, NoSuchAlgorithmException {
+
+        switch (keyType) {
+            case Cipher.PUBLIC_KEY:
+                return constructPublicKey(encodedKey, encodedKeyAlgorithm);
+            case Cipher.PRIVATE_KEY:
+                return constructPrivateKey(encodedKey, encodedKeyAlgorithm);
+            case Cipher.SECRET_KEY:
+                return constructSecretKey(encodedKey, encodedKeyAlgorithm);
+            default:
+                throw new InvalidKeyException("Unknown key type " + keyType);
+        }
+    }
+
     /*
      * Encrypt/decrypt a data buffer using Microsoft Crypto API with HCRYPTKEY.
      * It expects and returns ciphertext data in big-endian form.
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/windows/native/java/net/AbstractPlainDatagramSocketImpl.c	Wed Jun 18 14:07:55 2014 -0700
@@ -0,0 +1,80 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+#include <windows.h>
+#include <winsock2.h>
+
+#include "jvm.h"
+#include "jni_util.h"
+#include "net_util.h"
+
+#include "java_net_AbstractPlainDatagramSocketImpl.h"
+
+static jfieldID IO_fd_fdID;
+
+static jfieldID apdsi_fdID;
+
+
+/*
+ * Class:     java_net_AbstractPlainDatagramSocketImpl
+ * Method:    init
+ * Signature: ()V
+ */
+JNIEXPORT void JNICALL
+Java_java_net_AbstractPlainDatagramSocketImpl_init(JNIEnv *env, jclass cls) {
+
+    apdsi_fdID = (*env)->GetFieldID(env, cls, "fd",
+                                   "Ljava/io/FileDescriptor;");
+    CHECK_NULL(apdsi_fdID);
+
+    IO_fd_fdID = NET_GetFileDescriptorID(env);
+    CHECK_NULL(IO_fd_fdID);
+}
+
+/*
+ * Class:     java_net_AbstractPlainDatagramSocketImpl
+ * Method:    dataAvailable
+ * Signature: ()I
+ */
+JNIEXPORT jint JNICALL Java_java_net_AbstractPlainDatagramSocketImpl_dataAvailable
+(JNIEnv *env, jobject this) {
+    SOCKET fd;
+    int  retval;
+
+    jobject fdObj = (*env)->GetObjectField(env, this, apdsi_fdID);
+
+    if (IS_NULL(fdObj)) {
+        JNU_ThrowByName(env, JNU_JAVANETPKG "SocketException",
+                        "Socket closed");
+        return -1;
+    }
+    fd = (SOCKET)(*env)->GetIntField(env, fdObj, IO_fd_fdID);
+
+    if (ioctlsocket(fd, FIONREAD, &retval) < 0) {
+        return -1;
+    }
+    return retval;
+}
+
--- a/src/windows/native/java/net/NetworkInterface_winXP.c	Fri May 30 18:54:16 2014 +0100
+++ b/src/windows/native/java/net/NetworkInterface_winXP.c	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -145,8 +145,12 @@
     ptr = adapterInfo;
     ret = NULL;
     while (ptr != NULL) {
-      // IPv4 interface
-      if (ptr->Ipv6IfIndex == index) {
+      // in theory the IPv4 index and the IPv6 index can be the same
+      // where an interface is enabled for v4 and v6
+      // IfIndex == 0 IPv4 not available on this interface
+      // Ipv6IfIndex == 0 IPv6 not available on this interface
+      if (((ptr->IfIndex != 0)&&(ptr->IfIndex == index)) ||
+          ((ptr->Ipv6IfIndex !=0) && (ptr->Ipv6IfIndex == index))) {
         ret = (IP_ADAPTER_ADDRESSES *) malloc(sizeof(IP_ADAPTER_ADDRESSES));
         memcpy(ret, ptr, sizeof(IP_ADAPTER_ADDRESSES));
       }
@@ -241,7 +245,7 @@
                          * set the index to the IPv6 index and add the
                          * IPv6 addresses
                          */
-                        nif->index = ptr->Ipv6IfIndex;
+                        nif->ipv6Index = ptr->Ipv6IfIndex;
                         c = getAddrsFromAdapter(ptr, &nif->addrs);
                         nif->naddrs += c;
                         break;
@@ -286,6 +290,9 @@
                     strcpy (nif->name, newname);
                     wcscpy ((PWCHAR)nif->displayName, ptr->FriendlyName);
                     nif->dNameIsUnicode = TRUE;
+
+                    // the java.net.NetworkInterface abstraction only has index
+                    // so the Ipv6IfIndex needs to map onto index
                     nif->index = ptr->Ipv6IfIndex;
                     nif->ipv6Index = ptr->Ipv6IfIndex;
                     nif->hasIpv6Address = TRUE;
@@ -442,7 +449,6 @@
     (*env)->SetObjectField(env, netifObj, ni_nameID, name);
     (*env)->SetObjectField(env, netifObj, ni_displayNameID, displayName);
     (*env)->SetIntField(env, netifObj, ni_indexID, ifs->index);
-
     /*
      * Get the IP addresses for this interface if necessary
      * Note that 0 is a valid number of addresses.
--- a/src/windows/native/sun/awt/splashscreen/splashscreen_sys.c	Fri May 30 18:54:16 2014 +0100
+++ b/src/windows/native/sun/awt/splashscreen/splashscreen_sys.c	Wed Jun 18 14:07:55 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -213,6 +213,14 @@
 void
 SplashRedrawWindow(Splash * splash)
 {
+    if (!SplashIsStillLooping(splash)) {
+        KillTimer(splash->hWnd, 0);
+    }
+
+    if (splash->currentFrame < 0) {
+        return;
+    }
+
     SplashUpdateScreenData(splash);
     if (splash->isLayered) {
         BLENDFUNCTION bf;
@@ -303,9 +311,6 @@
             time = 0;
         SetTimer(splash->hWnd, 0, time, NULL);
     }
-    else {
-        KillTimer(splash->hWnd, 0);
-    }
 }
 
 void SplashReconfigureNow(Splash * splash) {
--- a/src/windows/native/sun/windows/awt_Component.cpp	Fri May 30 18:54:16 2014 +0100
+++ b/src/windows/native/sun/windows/awt_Component.cpp	Wed Jun 18 14:07:55 2014 -0700
@@ -1719,9 +1719,11 @@
       case WM_IME_SETCONTEXT:
           // lParam is passed as pointer and it can be modified.
           mr = WmImeSetContext(static_cast<BOOL>(wParam), &lParam);
+          CallProxyDefWindowProc(message, wParam, lParam, retValue, mr);
           break;
       case WM_IME_NOTIFY:
           mr = WmImeNotify(wParam, lParam);
+          CallProxyDefWindowProc(message, wParam, lParam, retValue, mr);
           break;
       case WM_IME_STARTCOMPOSITION:
           mr = WmImeStartComposition();
@@ -4066,7 +4068,7 @@
 {
     if (mr != mrConsume)  {
         HWND proxy = GetProxyFocusOwner();
-        if (proxy != NULL) {
+        if (proxy != NULL && ::IsWindowEnabled(proxy)) {
             retVal = ComCtl32Util::GetInstance().DefWindowProc(NULL, proxy, message, wParam, lParam);
             mr = mrConsume;
         }
--- a/src/windows/native/sun/windows/awt_Frame.cpp	Fri May 30 18:54:16 2014 +0100
+++ b/src/windows/native/sun/windows/awt_Frame.cpp	Wed Jun 18 14:07:55 2014 -0700
@@ -319,6 +319,8 @@
         case WM_IME_STARTCOMPOSITION:
         case WM_IME_ENDCOMPOSITION:
         case WM_IME_COMPOSITION:
+        case WM_IME_SETCONTEXT:
+        case WM_IME_NOTIFY:
         case WM_IME_CONTROL:
         case WM_IME_COMPOSITIONFULL:
         case WM_IME_SELECT:
--- a/test/com/sun/crypto/provider/TLS/TestPremaster.java	Fri May 30 18:54:16 2014 +0100
+++ b/test/com/sun/crypto/provider/TLS/TestPremaster.java	Wed Jun 18 14:07:55 2014 -0700
@@ -33,6 +33,7 @@
 
 import javax.crypto.KeyGenerator;
 import javax.crypto.SecretKey;
+import java.util.Formatter;
 
 import sun.security.internal.spec.TlsRsaPremasterSecretParameterSpec;
 
@@ -52,27 +53,51 @@
             System.out.println("OK: " + e);
         }
 
-        test(kg, 3, 0);
-        test(kg, 3, 1);
-        test(kg, 3, 2);
-        test(kg, 4, 0);
+        int[] protocolVersions = {0x0300, 0x0301, 0x0302, 0x0400};
+        for (int clientVersion : protocolVersions) {
+            for (int serverVersion : protocolVersions) {
+                test(kg, clientVersion, serverVersion);
+                if (serverVersion >= clientVersion) {
+                    break;
+                }
+            }
+        }
 
         System.out.println("Done.");
     }
 
-    private static void test(KeyGenerator kg, int major, int minor)
-            throws Exception {
+    private static void test(KeyGenerator kg,
+            int clientVersion, int serverVersion) throws Exception {
 
-        kg.init(new TlsRsaPremasterSecretParameterSpec(major, minor));
+        System.out.printf(
+                "Testing RSA pre-master secret key generation between " +
+                "client (0x%04X) and server(0x%04X)%n",
+                clientVersion, serverVersion);
+        kg.init(new TlsRsaPremasterSecretParameterSpec(
+                                    clientVersion, serverVersion));
+
         SecretKey key = kg.generateKey();
         byte[] encoded = key.getEncoded();
-        if (encoded.length != 48) {
-            throw new Exception("length: " + encoded.length);
-        }
-        if ((encoded[0] != major) || (encoded[1] != minor)) {
-            throw new Exception("version mismatch: "  + encoded[0] +
-                "." + encoded[1]);
-        }
-        System.out.println("OK: " + major + "." + minor);
+        if (encoded != null) {  // raw key material may be not extractable
+            if (encoded.length != 48) {
+                throw new Exception("length: " + encoded.length);
+            }
+            int v = versionOf(encoded[0], encoded[1]);
+            if (clientVersion != v) {
+                if (serverVersion != v || clientVersion >= 0x0302) {
+                    throw new Exception(String.format(
+                        "version mismatch: (0x%04X) rather than (0x%04X) " +
+                        "is used in pre-master secret", v, clientVersion));
+                }
+                System.out.printf("Use compatible version (0x%04X)%n", v);
+            }
+            System.out.println("Passed, version matches!");
+       } else {
+            System.out.println("Raw key material is not extractable");
+       }
+    }
+
+    private static int versionOf(int major, int minor) {
+        return ((major & 0xFF) << 8) | (minor & 0xFF);
     }
 }
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/awt/Focus/8013611/JDK8013611.java	Wed Jun 18 14:07:55 2014 -0700
@@ -0,0 +1,111 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+  @test
+  @bug      8013611
+  @summary  Tests showing a modal dialog with requesting focus in frame.
+  @author   Anton.Tarasov: area=awt.focus
+  @library  ../../regtesthelpers
+  @build    Util
+  @run      main JDK8013611
+*/
+
+import java.awt.*;
+import java.awt.event.*;
+import javax.swing.*;
+import test.java.awt.regtesthelpers.Util;
+
+import java.awt.*;
+
+public class JDK8013611 extends JFrame {
+    static JTextField textField = new JTextField("text");
+    static JButton button1 = new JButton("button1");
+    static JButton button2 = new JButton("button2");
+    static Robot robot;
+
+    static JDialog dialog;
+    static JButton button3 = new JButton("button3");
+
+    public static void main(String[] args) {
+        robot = Util.createRobot();
+
+        JDK8013611 frame = new JDK8013611();
+        frame.setLayout(new FlowLayout());
+        frame.add(textField);
+        frame.add(button1);
+        frame.add(button2);
+        frame.pack();
+
+        dialog = new JDialog(frame, true);
+        dialog.add(button3);
+        dialog.pack();
+
+        textField.addFocusListener(new FocusAdapter() {
+            @Override
+            public void focusLost(FocusEvent e) {
+                dialog.setVisible(true);
+            }
+        });
+
+        button1.addFocusListener(new FocusAdapter() {
+            @Override
+            public void focusGained(FocusEvent e) {
+                button2.requestFocusInWindow();
+            }
+        });
+
+        frame.setVisible(true);
+
+        frame.test();
+    }
+
+    public void test() {
+        if (!testFocused(textField)) {
+            Util.clickOnComp(textField, robot);
+            if (!testFocused(textField)) {
+                throw new RuntimeException("Error: couldn't focus " + textField);
+            }
+        }
+
+        robot.keyPress(KeyEvent.VK_TAB);
+        robot.delay(50);
+        robot.keyRelease(KeyEvent.VK_TAB);
+
+        if (!testFocused(button3)) {
+            throw new RuntimeException("Test failed: dialog didn't get focus!");
+        }
+
+        System.out.println("Test passed.");
+    }
+
+    boolean testFocused(Component c) {
+        for (int i=0; i<10; i++) {
+            if (KeyboardFocusManager.getCurrentKeyboardFocusManager().getFocusOwner() == c) {
+                return true;
+            }
+            Util.waitForIdle(robot);
+        }
+        return false;
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/awt/Focus/DialogTraversFocusBackTest/DialogTraversFocusBackTest.java	Wed Jun 18 14:07:55 2014 -0700
@@ -0,0 +1,94 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/* @test
+    @bug 8031075
+    @summary Regression: focus disappears with shift+tab on dialogue having a focus component
+    @author mcherkas
+    @run main DialogTraversFocusBackTest
+*/
+
+import sun.awt.SunToolkit;
+
+import javax.swing.*;
+import java.awt.*;
+import java.awt.event.KeyEvent;
+
+public class DialogTraversFocusBackTest {
+
+    private static Robot robot;
+    private volatile static JButton button;
+    private static Component currentFocusOwner;
+
+    public static void main(String[] args) throws Exception {
+        initUI();
+        sync();
+        initRobot();
+        runScript();
+        sync();
+        validate();
+    }
+
+    public static void sync() {
+        SunToolkit toolkit = (SunToolkit) Toolkit.getDefaultToolkit();
+        toolkit.realSync();
+    }
+
+    private static void validate() throws Exception {
+        currentFocusOwner = FocusManager.getCurrentKeyboardFocusManager().getFocusOwner();
+        if(currentFocusOwner
+            != button) {
+             throw new Exception("Test failed! Wrong focus owner: " +
+                     String.valueOf(currentFocusOwner) + "\n but must be: " +
+                    button);
+        }
+    }
+
+    private static void runScript() {
+        robot.keyPress(KeyEvent.VK_SHIFT);
+        robot.keyPress(KeyEvent.VK_TAB);
+        robot.keyRelease(KeyEvent.VK_TAB);
+        robot.keyRelease(KeyEvent.VK_SHIFT);
+
+    }
+
+    private static void initRobot() throws AWTException {
+        robot = new Robot();
+        robot.setAutoDelay(100);
+
+    }
+
+    private static void initUI() throws Exception {
+        SwingUtilities.invokeAndWait( new Runnable() {
+            @Override
+            public void run() {
+                JDialog dialog = new JDialog((Frame)null, "Test Dialog");
+                button = new JButton("Button 1");
+                dialog.add(button);
+                dialog.pack();
+                dialog.setVisible(true);
+            }
+        });
+
+    }
+}
--- a/test/java/awt/Frame/7024749/bug7024749.java	Fri May 30 18:54:16 2014 +0100
+++ b/test/java/awt/Frame/7024749/bug7024749.java	Wed Jun 18 14:07:55 2014 -0700
@@ -23,7 +23,7 @@
 
 /*
  * @test
- * @bug 7024749 7184326
+ * @bug 7024749 7184326 8019990
  * @summary JDK7 b131---a crash in: Java_sun_awt_windows_ThemeReader_isGetThemeTransitionDurationDefined+0x75
  * @library ../../regtesthelpers
  * @build Util
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/awt/Frame/ExceptionOnSetExtendedStateTest/ExceptionOnSetExtendedStateTest.java	Wed Jun 18 14:07:55 2014 -0700
@@ -0,0 +1,104 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/* @test
+   @bug 8032078
+   @summary Frame.setExtendedState throws RuntimeException, if
+            windowState=ICONIFIED|MAXIMIZED_BOTH, on OS X
+   @author Anton Litvinov
+*/
+
+import java.awt.*;
+
+import sun.awt.SunToolkit;
+
+public class ExceptionOnSetExtendedStateTest {
+    private static final int[] frameStates = { Frame.NORMAL, Frame.ICONIFIED, Frame.MAXIMIZED_BOTH };
+    private static final SunToolkit toolkit = (SunToolkit)Toolkit.getDefaultToolkit();
+
+    private static boolean validatePlatform() {
+        String osName = System.getProperty("os.name");
+        if (osName == null) {
+            throw new RuntimeException("Name of the current OS could not be retrieved.");
+        }
+        return osName.startsWith("Mac");
+    }
+
+    private static void testStateChange(int oldState, int newState, boolean decoratedFrame) {
+        System.out.println(String.format(
+            "testStateChange: oldState='%d', newState='%d', decoratedFrame='%b'",
+            oldState, newState, decoratedFrame));
+
+        Frame frame = new Frame("ExceptionOnSetExtendedStateTest");
+        frame.setSize(200, 200);
+        frame.setUndecorated(!decoratedFrame);
+        frame.setVisible(true);
+        toolkit.realSync();
+
+        frame.setExtendedState(oldState);
+        sleep(1000);
+        frame.setExtendedState(newState);
+
+        boolean stateWasNotChanged = true;
+        int currentState = 0;
+        for (int i = 0; (i < 3) && stateWasNotChanged; i++) {
+            sleep(1000);
+            currentState = frame.getExtendedState();
+            if ((currentState == newState) ||
+                (((newState & Frame.ICONIFIED) != 0) && ((currentState & Frame.ICONIFIED) != 0))) {
+                stateWasNotChanged = false;
+            }
+        }
+        frame.dispose();
+
+        if (stateWasNotChanged) {
+            throw new RuntimeException(String.format(
+                "Frame state was not changed. currentState='%d'", currentState));
+        }
+    }
+
+    private static void sleep(int millis) {
+        try {
+            Thread.sleep(millis);
+        } catch (Exception e) {
+            e.printStackTrace();
+        }
+    }
+
+    public static void main(String[] args) {
+        if (!validatePlatform()) {
+            System.out.println("This test is only for OS X.");
+            return;
+        }
+
+        // Verify that changing states of decorated/undecorated frame to/from supported states
+        // and the state bit mask ICONIFIED | MAXIMIZED_BOTH does not raise RuntimeException.
+        for (int i = 0; i < frameStates.length; i++) {
+            testStateChange(frameStates[i], Frame.ICONIFIED | Frame.MAXIMIZED_BOTH, true);
+            testStateChange(frameStates[i], Frame.ICONIFIED | Frame.MAXIMIZED_BOTH, false);
+            testStateChange(Frame.ICONIFIED | Frame.MAXIMIZED_BOTH, frameStates[i], true);
+            // Uncomment the line below, when 8026143 is ported to JDK 7.
+            //testStateChange(Frame.ICONIFIED | Frame.MAXIMIZED_BOTH, frameStates[i], false);
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/awt/Mouse/EnterExitEvents/DragWindowTest.java	Wed Jun 18 14:07:55 2014 -0700
@@ -0,0 +1,219 @@
+/*
+ * Copyright (c) 2005, 2006, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 7154048
+ * @summary Window created under a mouse does not receive mouse enter event.
+ * Mouse Entered/Exited events are wrongly generated during dragging the window
+ * from one component to another
+ * @library ../../regtesthelpers
+ * @build Util
+ * @author alexandr.scherbatiy area=awt.event
+ * @run main DragWindowTest
+ */
+
+import java.awt.*;
+import java.awt.event.*;
+import javax.swing.*;
+
+import java.util.concurrent.*;
+import sun.awt.SunToolkit;
+
+import test.java.awt.regtesthelpers.Util;
+
+public class DragWindowTest {
+
+    private static volatile int dragWindowMouseEnteredCount = 0;
+    private static volatile int dragWindowMouseReleasedCount = 0;
+    private static volatile int buttonMouseEnteredCount = 0;
+    private static volatile int labelMouseReleasedCount = 0;
+    private static MyDragWindow dragWindow;
+    private static JLabel label;
+    private static JButton button;
+
+    public static void main(String[] args) throws Exception {
+
+        SunToolkit toolkit = (SunToolkit) Toolkit.getDefaultToolkit();
+        Robot robot = new Robot();
+        robot.setAutoDelay(50);
+
+        SwingUtilities.invokeAndWait(new Runnable() {
+
+            @Override
+            public void run() {
+                createAndShowGUI();
+            }
+        });
+
+        toolkit.realSync();
+
+        Point pointToClick = Util.invokeOnEDT(new Callable<Point>() {
+
+            @Override
+            public Point call() throws Exception {
+                return getCenterPoint(label);
+            }
+        });
+
+
+        robot.mouseMove(pointToClick.x, pointToClick.y);
+        robot.mousePress(InputEvent.BUTTON1_MASK);
+        toolkit.realSync();
+
+        if (dragWindowMouseEnteredCount != 1) {
+            throw new RuntimeException("No MouseEntered event on Drag Window!");
+        }
+
+        Point pointToDrag = Util.invokeOnEDT(new Callable<Point>() {
+
+            @Override
+            public Point call() throws Exception {
+                button.addMouseListener(new ButtonMouseListener());
+                return getCenterPoint(button);
+            }
+        });
+
+        robot.mouseMove(pointToDrag.x, pointToDrag.y);
+        toolkit.realSync();
+
+        if (buttonMouseEnteredCount != 0) {
+            throw new RuntimeException("Extra MouseEntered event on button!");
+        }
+
+        robot.mouseRelease(InputEvent.BUTTON1_MASK);
+        toolkit.realSync();
+
+        if (labelMouseReleasedCount != 1) {
+            throw new RuntimeException("No MouseReleased event on label!");
+        }
+
+    }
+
+    private static Point getCenterPoint(Component comp) {
+        Point p = comp.getLocationOnScreen();
+        Rectangle rect = comp.getBounds();
+        return new Point(p.x + rect.width / 2, p.y + rect.height / 2);
+    }
+
+    private static void createAndShowGUI() {
+
+        JFrame frame = new JFrame("Main Frame");
+        frame.setSize(300, 200);
+        frame.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);
+
+        label = new JLabel("Label");
+
+        LabelMouseListener listener = new LabelMouseListener(frame);
+        label.addMouseListener(listener);
+        label.addMouseMotionListener(listener);
+
+        button = new JButton("Button");
+        Panel panel = new Panel(new BorderLayout());
+
+        panel.add(label, BorderLayout.NORTH);
+        panel.add(button, BorderLayout.CENTER);
+
+        frame.getContentPane().add(panel);
+        frame.setVisible(true);
+
+    }
+
+    private static Point getAbsoluteLocation(MouseEvent e) {
+        return new Point(e.getXOnScreen(), e.getYOnScreen());
+    }
+
+    static class MyDragWindow extends Window {
+
+        static int d = 30;
+
+        public MyDragWindow(Window parent, Point location) {
+            super(parent);
+            setSize(150, 150);
+            setVisible(true);
+            JPanel panel = new JPanel();
+            add(panel);
+            setLocation(location.x - d, location.y - d);
+            addMouseListener(new DragWindowMouseListener());
+        }
+
+        void dragTo(Point point) {
+            setLocation(point.x - d, point.y - d);
+        }
+    }
+
+    static class LabelMouseListener extends MouseAdapter {
+
+        Point origin;
+        Window parent;
+
+        public LabelMouseListener(Window parent) {
+            this.parent = parent;
+        }
+
+        @Override
+        public void mousePressed(MouseEvent e) {
+            if (dragWindow == null) {
+                dragWindow = new MyDragWindow(parent, getAbsoluteLocation(e));
+            } else {
+                dragWindow.setVisible(true);
+                dragWindow.dragTo(getAbsoluteLocation(e));
+            }
+        }
+
+        @Override
+        public void mouseReleased(MouseEvent e) {
+            labelMouseReleasedCount++;
+            if (dragWindow != null) {
+                dragWindow.setVisible(false);
+            }
+        }
+
+        public void mouseDragged(MouseEvent e) {
+            if (dragWindow != null) {
+                dragWindow.dragTo(getAbsoluteLocation(e));
+            }
+        }
+    }
+
+    static class DragWindowMouseListener extends MouseAdapter {
+
+        @Override
+        public void mouseEntered(MouseEvent e) {
+            dragWindowMouseEnteredCount++;
+        }
+
+        @Override
+        public void mouseReleased(MouseEvent e) {
+            dragWindowMouseReleasedCount++;
+        }
+    }
+
+    static class ButtonMouseListener extends MouseAdapter {
+
+        @Override
+        public void mouseEntered(MouseEvent e) {
+            buttonMouseEnteredCount++;
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/awt/Mouse/GetMousePositionTest/GetMousePositionWithOverlay.java	Wed Jun 18 14:07:55 2014 -0700
@@ -0,0 +1,108 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import test.java.awt.regtesthelpers.Util;
+
+import javax.swing.*;
+import java.awt.*;
+import java.util.concurrent.atomic.AtomicReference;
+
+/**
+ * @test
+ * @bug 8012026
+ * @summary Component.getMousePosition() does not work in an applet on MacOS
+ * @author Petr Pchelko
+ * @library ../../regtesthelpers
+ * @build Util
+ * @compile GetMousePositionWithOverlay.java
+ * @run main/othervm GetMousePositionWithOverlay
+ */
+
+public class GetMousePositionWithOverlay {
+
+    static Frame backFrame;
+    static Frame frontFrame;
+
+    public static void main(String[] args) throws Throwable {
+        try {
+            SwingUtilities.invokeAndWait(new Runnable() {
+                @Override
+                public void run() {
+                    constructTestUI();
+                }
+            });
+            Util.waitForIdle(null);
+
+            Robot r = new Robot();
+            Util.pointOnComp(frontFrame, r);
+            Util.waitForIdle(null);
+
+            Point pos = getMousePosition(backFrame);
+            if (pos != null) {
+                throw new RuntimeException("Test failed. Mouse position should be null but was" + pos);
+            }
+
+            pos = getMousePosition(frontFrame);
+            if (pos == null) {
+                throw new RuntimeException("Test failed. Mouse position should not be null");
+            }
+
+            r.mouseMove(189, 189);
+            Util.waitForIdle(null);
+
+            pos = getMousePosition(backFrame);
+            if (pos == null) {
+                throw new RuntimeException("Test failed. Mouse position should not be null");
+            }
+        } finally {
+            SwingUtilities.invokeLater(new Runnable() {
+                @Override
+                public void run() {
+                    backFrame.dispose();
+                    frontFrame.dispose();
+                }
+            });
+        }
+    }
+
+    private static Point getMousePosition(final Component component) throws Exception {
+        final AtomicReference<Point> pos = new AtomicReference<Point>();
+        SwingUtilities.invokeAndWait(new Runnable() {
+            @Override
+            public void run() {
+                pos.set(component.getMousePosition());
+            }
+        });
+        return pos.get();
+    }
+
+    private static void constructTestUI() {
+        backFrame = new Frame();
+        backFrame.setBounds(100, 100, 100, 100);
+        backFrame.setVisible(true);
+
+        frontFrame = new Frame();
+        frontFrame.setBounds(120, 120, 60, 60);
+        frontFrame.setVisible(true);
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/awt/Mouse/GetMousePositionTest/GetMousePositionWithPopup.java	Wed Jun 18 14:07:55 2014 -0700
@@ -0,0 +1,111 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import test.java.awt.regtesthelpers.Util;
+
+import javax.swing.*;
+import java.awt.*;
+import java.awt.event.MouseEvent;
+import java.awt.event.MouseMotionAdapter;
+
+/**
+ * @test
+ * @bug 8012026
+ * @summary Component.getMousePosition() does not work in an applet on MacOS
+ * @author Petr Pchelko
+ * @library ../../regtesthelpers
+ * @build Util
+ * @compile GetMousePositionWithPopup.java
+ * @run main/othervm GetMousePositionWithPopup
+ */
+
+public class GetMousePositionWithPopup {
+
+    private static Frame frame1;
+    private static Frame frame2;
+
+    public static void main(String[] args) throws Exception {
+        try {
+        Robot r = Util.createRobot();
+        r.mouseMove(0, 0);
+        Util.waitForIdle(null);
+
+        SwingUtilities.invokeAndWait(new Runnable() {
+            @Override
+            public void run() {
+                constructTestUI();
+            }
+        });
+
+        Util.waitForIdle(null);
+        r.mouseMove(149, 149);
+        Util.waitForIdle(null);
+        r.mouseMove(150, 150);
+        Util.waitForIdle(null);
+
+        } finally {
+            SwingUtilities.invokeLater(new Runnable() {
+                @Override
+                public void run() {
+                    frame1.dispose();
+                    frame2.dispose();
+                }
+            });
+        }
+    }
+
+    private static void constructTestUI() {
+        frame1 = new Frame();
+        frame1.setBounds(100, 100, 100, 100);
+        frame1.addMouseMotionListener(new MouseMotionAdapter() {
+
+            private boolean shown = false;
+
+            @Override
+            public void mouseMoved(MouseEvent e) {
+                if (shown) {
+                    return;
+                }
+
+                shown = true;
+
+                frame2 = new Frame();
+                frame2.setBounds(120, 120, 120, 120);
+                frame2.setVisible(true);
+
+                Point positionInFrame2 = frame2.getMousePosition();
+                if (positionInFrame2.x != 30 || positionInFrame2.y != 30) {
+                    throw new RuntimeException("Wrong position reported. Should be [30, 30] but was [" +
+                            positionInFrame2.x + ", " + positionInFrame2.y + "]");
+                }
+
+                Point positionInFrame1 = frame1.getMousePosition();
+                if (positionInFrame1 != null) {
+                    throw new RuntimeException("Wrong position reported. Should be null");
+                }
+
+            }
+        });
+        frame1.setVisible(true);
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/lang/annotation/AnnotationType/AnnotationTypeDeadlockTest.java	Wed Jun 18 14:07:55 2014 -0700
@@ -0,0 +1,101 @@
+/*
+ * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 7122142
+ * @summary Test deadlock situation when recursive annotations are parsed
+ */
+
+import java.lang.annotation.Retention;
+import java.lang.management.ManagementFactory;
+import java.lang.management.ThreadInfo;
+import java.lang.management.ThreadMXBean;
+import java.util.concurrent.CountDownLatch;
+import java.util.concurrent.atomic.AtomicInteger;
+
+import static java.lang.annotation.RetentionPolicy.RUNTIME;
+
+public class AnnotationTypeDeadlockTest {
+
+    @Retention(RUNTIME)
+    @AnnB
+    public @interface AnnA {
+    }
+
+    @Retention(RUNTIME)
+    @AnnA
+    public @interface AnnB {
+    }
+
+    static class Task extends Thread {
+        final CountDownLatch prepareLatch;
+        final AtomicInteger goLatch;
+        final Class<?> clazz;
+
+        Task(CountDownLatch prepareLatch, AtomicInteger goLatch, Class<?> clazz) {
+            super(clazz.getSimpleName());
+            setDaemon(true); // in case it deadlocks
+            this.prepareLatch = prepareLatch;
+            this.goLatch = goLatch;
+            this.clazz = clazz;
+        }
+
+        @Override
+        public void run() {
+            prepareLatch.countDown();  // notify we are prepared
+            while (goLatch.get() > 0); // spin-wait before go
+            clazz.getDeclaredAnnotations();
+        }
+    }
+
+    public static void main(String[] args) throws Exception {
+        CountDownLatch prepareLatch = new CountDownLatch(2);
+        AtomicInteger goLatch = new AtomicInteger(1);
+        Task taskA = new Task(prepareLatch, goLatch, AnnA.class);
+        Task taskB = new Task(prepareLatch, goLatch, AnnB.class);
+        taskA.start();
+        taskB.start();
+        // wait until both threads start-up
+        prepareLatch.await();
+        // let them go
+        goLatch.set(0);
+        // obtain ThreadMXBean
+        ThreadMXBean threadBean = ManagementFactory.getThreadMXBean();
+        // wait for threads to finish or dead-lock
+        while (taskA.isAlive() || taskB.isAlive()) {
+            // attempt to join threads
+            taskA.join(500L);
+            taskB.join(500L);
+            // detect dead-lock
+            long[] deadlockedIds = threadBean.findMonitorDeadlockedThreads();
+            if (deadlockedIds != null && deadlockedIds.length > 0) {
+                StringBuilder sb = new StringBuilder("deadlock detected:\n\n");
+                for (ThreadInfo ti : threadBean.getThreadInfo(deadlockedIds, Integer.MAX_VALUE)) {
+                    sb.append(ti);
+                }
+                throw new IllegalStateException(sb.toString());
+            }
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/lang/annotation/AnnotationType/AnnotationTypeRuntimeAssumptionTest.java	Wed Jun 18 14:07:55 2014 -0700
@@ -0,0 +1,187 @@
+/*
+ * Copyright (c) 2013, 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 7122142
+ * @summary Test consistent parsing of ex-RUNTIME annotations that
+ *          were changed and separately compiled to have CLASS retention
+ */
+
+import sun.misc.IOUtils;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.lang.annotation.Annotation;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+
+import static java.lang.annotation.RetentionPolicy.CLASS;
+import static java.lang.annotation.RetentionPolicy.RUNTIME;
+
+/**
+ * This test simulates a situation where there are two mutually recursive
+ * {@link RetentionPolicy#RUNTIME RUNTIME} annotations {@link AnnA_v1 AnnA_v1}
+ * and {@link AnnB AnnB} and then the first is changed to have
+ * {@link RetentionPolicy#CLASS CLASS} retention and separately compiled.
+ * When {@link AnnA_v1 AnnA_v1} annotation is looked-up on {@link AnnB AnnB}
+ * it still appears to have {@link RetentionPolicy#RUNTIME RUNTIME} retention.
+ */
+public class AnnotationTypeRuntimeAssumptionTest {
+
+    @Retention(RUNTIME)
+    @AnnB
+    public @interface AnnA_v1 {
+    }
+
+    // An alternative version of AnnA_v1 with CLASS retention instead.
+    // Used to simulate separate compilation (see AltClassLoader below).
+    @Retention(CLASS)
+    @AnnB
+    public @interface AnnA_v2 {
+    }
+
+    @Retention(RUNTIME)
+    @AnnA_v1
+    public @interface AnnB {
+    }
+
+    @AnnA_v1
+    public static class TestTask implements Runnable {
+        @Override
+        public void run() {
+            AnnA_v1 ann1 = getDeclaredAnnotation(TestTask.class, AnnA_v1.class);
+            if (ann1 != null) {
+                throw new IllegalStateException(
+                    "@" + ann1.annotationType().getSimpleName() +
+                    " found on: " + TestTask.class.getName() +
+                    " should not be visible at runtime");
+            }
+            AnnA_v1 ann2 = getDeclaredAnnotation(AnnB.class, AnnA_v1.class);
+            if (ann2 != null) {
+                throw new IllegalStateException(
+                    "@" + ann2.annotationType().getSimpleName() +
+                    " found on: " + AnnB.class.getName() +
+                    " should not be visible at runtime");
+            }
+        }
+
+        private static <A extends Annotation> A getDeclaredAnnotation(Class<?> clazz, Class<A> annotationClass) {
+            for (Annotation ann : clazz.getDeclaredAnnotations()) {
+                if (ann.annotationType() == annotationClass) {
+                    return annotationClass.cast(ann);
+                }
+            }
+            return null;
+        }
+    }
+
+    public static void main(String[] args) throws Exception {
+        ClassLoader altLoader = new AltClassLoader(
+            AnnotationTypeRuntimeAssumptionTest.class.getClassLoader());
+
+        Runnable altTask = (Runnable) Class.forName(
+            TestTask.class.getName(),
+            true,
+            altLoader).newInstance();
+
+        altTask.run();
+    }
+
+    /**
+     * A ClassLoader implementation that loads alternative implementations of
+     * classes. If class name ends with "_v1" it locates instead a class with
+     * name ending with "_v2" and loads that class instead.
+     */
+    static class AltClassLoader extends ClassLoader {
+        AltClassLoader(ClassLoader parent) {
+            super(parent);
+        }
+
+        @Override
+        protected Class<?> loadClass(String name, boolean resolve)
+                throws ClassNotFoundException {
+            if (name.indexOf('.') < 0) { // root package is our class
+                synchronized (getClassLoadingLock(name)) {
+                    // First, check if the class has already been loaded
+                    Class<?> c = findLoadedClass(name);
+                    if (c == null) {
+                        c = findClass(name);
+                    }
+                    if (resolve) {
+                        resolveClass(c);
+                    }
+                    return c;
+                }
+            }
+            else { // not our class
+                return super.loadClass(name, resolve);
+            }
+        }
+
+        @Override
+        protected Class<?> findClass(String name)
+                throws ClassNotFoundException {
+            // special class name -> replace it with alternative name
+            if (name.endsWith("_v1")) {
+                String altName = name.substring(0, name.length() - 3) + "_v2";
+                String altPath = altName.replace('.', '/').concat(".class");
+                try (InputStream is = getResourceAsStream(altPath)) {
+                    if (is != null) {
+                        byte[] bytes = IOUtils.readFully(is, -1, true);
+                        // patch class bytes to contain original name
+                        for (int i = 0; i < bytes.length - 2; i++) {
+                            if (bytes[i] == '_' &&
+                                bytes[i + 1] == 'v' &&
+                                bytes[i + 2] == '2') {
+                                bytes[i + 2] = '1';
+                            }
+                        }
+                        return defineClass(name, bytes, 0, bytes.length);
+                    }
+                    else {
+                        throw new ClassNotFoundException(name);
+                    }
+                }
+                catch (IOException e) {
+                    throw new ClassNotFoundException(name, e);
+                }
+            }
+            else { // not special class name -> just load the class
+                String path = name.replace('.', '/').concat(".class");
+                try (InputStream is = getResourceAsStream(path)) {
+                    if (is != null) {
+                        byte[] bytes = IOUtils.readFully(is, -1, true);
+                        return defineClass(name, bytes, 0, bytes.length);
+                    }
+                    else {
+                        throw new ClassNotFoundException(name);
+                    }
+                }
+                catch (IOException e) {
+                    throw new ClassNotFoundException(name, e);
+                }
+            }
+        }
+    }
+}
--- a/test/java/lang/invoke/JavaDocExamplesTest.java	Fri May 30 18:54:16 2014 +0100
+++ b/test/java/lang/invoke/JavaDocExamplesTest.java	Wed Jun 18 14:07:55 2014 -0700
@@ -64,7 +64,11 @@
         new JavaDocExamplesTest().run();
     }
     public void run() throws Throwable {
+        testMisc();
+        testFindStatic();
+        testFindConstructor();
         testFindVirtual();
+        testFindSpecial();
         testPermuteArguments();
         testDropArguments();
         testFilterArguments();
@@ -110,7 +114,8 @@
 
 {}
 
-    @Test public void testFindVirtual() throws Throwable {
+    @Test public void testMisc() throws Throwable {
+// Extra tests, not from javadoc:
 {}
 MethodHandle CONCAT_3 = LOOKUP.findVirtual(String.class,
   "concat", methodType(String.class, String.class));
@@ -125,6 +130,92 @@
 {}
     }
 
+    @Test public void testFindStatic() throws Throwable {
+{}
+MethodHandle MH_asList = publicLookup().findStatic(Arrays.class,
+  "asList", methodType(List.class, Object[].class));
+assertEquals("[x, y]", MH_asList.invoke("x", "y").toString());
+{}
+    }
+
+    @Test public void testFindVirtual() throws Throwable {
+{}
+MethodHandle MH_concat = publicLookup().findVirtual(String.class,
+  "concat", methodType(String.class, String.class));
+MethodHandle MH_hashCode = publicLookup().findVirtual(Object.class,
+  "hashCode", methodType(int.class));
+MethodHandle MH_hashCode_String = publicLookup().findVirtual(String.class,
+  "hashCode", methodType(int.class));
+assertEquals("xy", (String) MH_concat.invokeExact("x", "y"));
+assertEquals("xy".hashCode(), (int) MH_hashCode.invokeExact((Object)"xy"));
+assertEquals("xy".hashCode(), (int) MH_hashCode_String.invokeExact("xy"));
+// interface method:
+MethodHandle MH_subSequence = publicLookup().findVirtual(CharSequence.class,
+  "subSequence", methodType(CharSequence.class, int.class, int.class));
+assertEquals("def", MH_subSequence.invoke("abcdefghi", 3, 6).toString());
+// constructor "internal method" must be accessed differently:
+MethodType MT_newString = methodType(void.class); //()V for new String()
+try { assertEquals("impossible", lookup()
+        .findVirtual(String.class, "<init>", MT_newString));
+ } catch (NoSuchMethodException ex) { } // OK
+MethodHandle MH_newString = publicLookup()
+  .findConstructor(String.class, MT_newString);
+assertEquals("", (String) MH_newString.invokeExact());
+{}
+    }
+
+    @Test public void testFindConstructor() throws Throwable {
+{}
+MethodHandle MH_newArrayList = publicLookup().findConstructor(
+  ArrayList.class, methodType(void.class, Collection.class));
+Collection orig = Arrays.asList("x", "y");
+Collection copy = (ArrayList) MH_newArrayList.invokeExact(orig);
+assert(orig != copy);
+assertEquals(orig, copy);
+// a variable-arity constructor:
+MethodHandle MH_newProcessBuilder = publicLookup().findConstructor(
+  ProcessBuilder.class, methodType(void.class, String[].class));
+ProcessBuilder pb = (ProcessBuilder)
+  MH_newProcessBuilder.invoke("x", "y", "z");
+assertEquals("[x, y, z]", pb.command().toString());
+{}
+    }
+
+// for testFindSpecial
+{}
+static class Listie extends ArrayList {
+  public String toString() { return "[wee Listie]"; }
+  static Lookup lookup() { return MethodHandles.lookup(); }
+}
+{}
+
+    @Test public void testFindSpecial() throws Throwable {
+{}
+// no access to constructor via invokeSpecial:
+MethodHandle MH_newListie = Listie.lookup()
+  .findConstructor(Listie.class, methodType(void.class));
+Listie l = (Listie) MH_newListie.invokeExact();
+try { assertEquals("impossible", Listie.lookup().findSpecial(
+        Listie.class, "<init>", methodType(void.class), Listie.class));
+ } catch (NoSuchMethodException ex) { } // OK
+// access to super and self methods via invokeSpecial:
+MethodHandle MH_super = Listie.lookup().findSpecial(
+  ArrayList.class, "toString" , methodType(String.class), Listie.class);
+MethodHandle MH_this = Listie.lookup().findSpecial(
+  Listie.class, "toString" , methodType(String.class), Listie.class);
+MethodHandle MH_duper = Listie.lookup().findSpecial(
+  Object.class, "toString" , methodType(String.class), Listie.class);
+assertEquals("[]", (String) MH_super.invokeExact(l));
+assertEquals(""+l, (String) MH_this.invokeExact(l));
+assertEquals("[]", (String) MH_duper.invokeExact(l)); // ArrayList method
+try { assertEquals("inaccessible", Listie.lookup().findSpecial(
+        String.class, "toString", methodType(String.class), Listie.class));
+ } catch (IllegalAccessException ex) { } // OK
+Listie subl = new Listie() { public String toString() { return "[subclass]"; } };
+assertEquals(""+l, (String) MH_this.invokeExact(subl)); // Listie method
+{}
+    }
+
     @Test public void testPermuteArguments() throws Throwable {
         {{
 {} /// JAVADOC
@@ -275,6 +366,12 @@
 MethodHandle eq2 = equals.asSpreader(Object[].class, 2);
 assert( (boolean) eq2.invokeExact(new Object[]{ "me", "me" }));
 assert(!(boolean) eq2.invokeExact(new Object[]{ "me", "thee" }));
+// try to spread from anything but a 2-array:
+for (int n = 0; n <= 10; n++) {
+  Object[] badArityArgs = (n == 2 ? null : new Object[n]);
+  try { assert((boolean) eq2.invokeExact(badArityArgs) && false); }
+  catch (IllegalArgumentException ex) { } // OK
+}
 // spread both arguments from a String array:
 MethodHandle eq2s = equals.asSpreader(String[].class, 2);
 assert( (boolean) eq2s.invokeExact(new String[]{ "me", "me" }));
--- a/test/java/lang/invoke/MethodHandlesTest.java	Fri May 30 18:54:16 2014 +0100
+++ b/test/java/lang/invoke/MethodHandlesTest.java	Wed Jun 18 14:07:55 2014 -0700
@@ -140,7 +140,7 @@
         Object actual   = calledLog.get(calledLog.size() - 1);
         if (expected.equals(actual) && verbosity < 9)  return;
         System.out.println("assertCalled "+name+":");
-        System.out.println("expected:   "+expected);
+        System.out.println("expected:   "+deepToString(expected));
         System.out.println("actual:     "+actual);
         System.out.println("ex. types:  "+getClasses(expected));
         System.out.println("act. types: "+getClasses(actual));
@@ -148,7 +148,25 @@
     }
     static void printCalled(MethodHandle target, String name, Object... args) {
         if (verbosity >= 3)
-            System.out.println("calling MH="+target+" to "+name+Arrays.toString(args));
+            System.out.println("calling MH="+target+" to "+name+deepToString(args));
+    }
+    static String deepToString(Object x) {
+        if (x == null)  return "null";
+        if (x instanceof Collection)
+            x = ((Collection)x).toArray();
+        if (x instanceof Object[]) {
+            Object[] ax = (Object[]) x;
+            ax = Arrays.copyOf(ax, ax.length, Object[].class);
+            for (int i = 0; i < ax.length; i++)
+                ax[i] = deepToString(ax[i]);
+            x = Arrays.deepToString(ax);
+        }
+        if (x.getClass().isArray())
+            try {
+                x = Arrays.class.getMethod("toString", x.getClass()).invoke(null, x);
+            } catch (ReflectiveOperationException ex) { throw new Error(ex); }
+        assert(!(x instanceof Object[]));
+        return x.toString();
     }
 
     static Object castToWrapper(Object value, Class<?> dst) {
@@ -230,6 +248,12 @@
                     { param = c; break; }
             }
         }
+        if (param.isArray()) {
+            Class<?> ctype = param.getComponentType();
+            Object arg = Array.newInstance(ctype, 2);
+            Array.set(arg, 0, randomArg(ctype));
+            return arg;
+        }
         if (param.isInterface() && param.isAssignableFrom(List.class))
             return Arrays.asList("#"+nextArg());
         if (param.isInterface() || param.isAssignableFrom(String.class))
@@ -363,6 +387,7 @@
         protected Example(String name) { this.name = name; }
         @SuppressWarnings("LeakingThisInConstructor")
         protected Example(int x) { this(); called("protected <init>", this, x); }
+        //Example(Void x) { does not exist; lookup elicts NoSuchMethodException }
         @Override public String toString() { return name; }
 
         public void            v0()     { called("v0", this); }
@@ -463,6 +488,9 @@
         return lookup.in(defc);
     }
 
+    /** Is findVirtual (etc.) of "<init>" supposed to elicit a NoSuchMethodException? */
+    final static boolean INIT_REF_CAUSES_NSME = true;
+
     @Test
     public void testFindStatic() throws Throwable {
         if (CAN_SKIP_WORKING)  return;
@@ -483,6 +511,8 @@
         testFindStatic(Example.class, Object.class, "s7", float.class, double.class);
 
         testFindStatic(false, PRIVATE, Example.class, void.class, "bogus");
+        testFindStatic(false, PRIVATE, Example.class, void.class, "<init>", int.class);
+        testFindStatic(false, PRIVATE, Example.class, void.class, "<init>", Void.class);
         testFindStatic(false, PRIVATE, Example.class, void.class, "v0");
     }
 
@@ -505,11 +535,12 @@
             target = maybeMoveIn(lookup, defc).findStatic(defc, methodName, type);
         } catch (ReflectiveOperationException ex) {
             noAccess = ex;
+            assertExceptionClass(
+                (name.contains("bogus") || INIT_REF_CAUSES_NSME && name.contains("<init>"))
+                ?   NoSuchMethodException.class
+                :   IllegalAccessException.class,
+                noAccess);
             if (verbosity >= 5)  ex.printStackTrace(System.out);
-            if (name.contains("bogus"))
-                assertTrue(noAccess instanceof NoSuchMethodException);
-            else
-                assertTrue(noAccess instanceof IllegalAccessException);
         }
         if (verbosity >= 3)
             System.out.println("findStatic "+lookup+": "+defc.getName()+"."+name+"/"+type+" => "+target
@@ -527,6 +558,13 @@
             System.out.print(':');
     }
 
+    static void assertExceptionClass(Class<? extends Throwable> expected,
+                                     Throwable actual) {
+        if (expected.isInstance(actual))  return;
+        actual.printStackTrace();
+        assertEquals(expected, actual.getClass());
+    }
+
     static final boolean DEBUG_METHOD_HANDLE_NAMES = Boolean.getBoolean("java.lang.invoke.MethodHandle.DEBUG_NAMES");
 
     // rough check of name string
@@ -556,6 +594,8 @@
         testFindVirtual(PubExample.class, void.class, "Pub/pro_v0");
 
         testFindVirtual(false, PRIVATE, Example.class, Example.class, void.class, "bogus");
+        testFindVirtual(false, PRIVATE, Example.class, Example.class, void.class, "<init>", int.class);
+        testFindVirtual(false, PRIVATE, Example.class, Example.class, void.class, "<init>", Void.class);
         testFindVirtual(false, PRIVATE, Example.class, Example.class, void.class, "s0");
 
         // test dispatch
@@ -568,6 +608,16 @@
         testFindVirtual(IntExample.Impl.class, IntExample.class, void.class, "Int/v0");
     }
 
+    @Test
+    public void testFindVirtualClone() throws Throwable {
+        // test some ad hoc system methods
+        testFindVirtual(false, PUBLIC, Object.class, Object.class, "clone");
+        testFindVirtual(true, PUBLIC, Object[].class, Object.class, "clone");
+        testFindVirtual(true, PUBLIC, int[].class, Object.class, "clone");
+        for (Class<?> cls : new Class<?>[]{ boolean[].class, long[].class, float[].class, char[].class })
+            testFindVirtual(true, PUBLIC, cls, Object.class, "clone");
+    }
+
     void testFindVirtual(Class<?> defc, Class<?> ret, String name, Class<?>... params) throws Throwable {
         Class<?> rcvc = defc;
         testFindVirtual(rcvc, defc, ret, name, params);
@@ -580,6 +630,9 @@
     void testFindVirtual(Lookup lookup, Class<?> rcvc, Class<?> defc, Class<?> ret, String name, Class<?>... params) throws Throwable {
         testFindVirtual(true, lookup, rcvc, defc, ret, name, params);
     }
+    void testFindVirtual(boolean positive, Lookup lookup, Class<?> defc, Class<?> ret, String name, Class<?>... params) throws Throwable {
+        testFindVirtual(positive, lookup, defc, defc, ret, name, params);
+    }
     void testFindVirtual(boolean positive, Lookup lookup, Class<?> rcvc, Class<?> defc, Class<?> ret, String name, Class<?>... params) throws Throwable {
         countTest(positive);
         String methodName = name.substring(1 + name.indexOf('/'));  // foo/bar => foo
@@ -591,11 +644,12 @@
             target = maybeMoveIn(lookup, defc).findVirtual(defc, methodName, type);
         } catch (ReflectiveOperationException ex) {
             noAccess = ex;
+            assertExceptionClass(
+                (name.contains("bogus") || INIT_REF_CAUSES_NSME && name.contains("<init>"))
+                ?   NoSuchMethodException.class
+                :   IllegalAccessException.class,
+                noAccess);
             if (verbosity >= 5)  ex.printStackTrace(System.out);
-            if (name.contains("bogus"))
-                assertTrue(noAccess instanceof NoSuchMethodException);
-            else
-                assertTrue(noAccess instanceof IllegalAccessException);
         }
         if (verbosity >= 3)
             System.out.println("findVirtual "+lookup+": "+defc.getName()+"."+name+"/"+type+" => "+target
@@ -618,8 +672,21 @@
         Object[] argsWithSelf = randomArgs(paramsWithSelf);
         if (selfc.isAssignableFrom(rcvc) && rcvc != selfc)  argsWithSelf[0] = randomArg(rcvc);
         printCalled(target, name, argsWithSelf);
-        target.invokeWithArguments(argsWithSelf);
-        assertCalled(name, argsWithSelf);
+        Object res = target.invokeWithArguments(argsWithSelf);
+        if (Example.class.isAssignableFrom(defc) || IntExample.class.isAssignableFrom(defc)) {
+            assertCalled(name, argsWithSelf);
+        } else if (name.equals("clone")) {
+            // Ad hoc method call outside Example.  For Object[].clone.
+            printCalled(target, name, argsWithSelf);
+            assertEquals(MethodType.methodType(Object.class, rcvc), target.type());
+            Object orig = argsWithSelf[0];
+            assertEquals(orig.getClass(), res.getClass());
+            if (res instanceof Object[])
+                assertArrayEquals((Object[])res, (Object[])argsWithSelf[0]);
+            assert(Arrays.deepEquals(new Object[]{res}, new Object[]{argsWithSelf[0]}));
+        } else {
+            assert(false) : Arrays.asList(positive, lookup, rcvc, defc, ret, name, deepToString(params));
+        }
         if (verbosity >= 1)
             System.out.print(':');
     }
@@ -632,11 +699,11 @@
         testFindSpecial(SubExample.class, Example.class, void.class, "pkg_v0");
         testFindSpecial(RemoteExample.class, PubExample.class, void.class, "Pub/pro_v0");
         // Do some negative testing:
-        testFindSpecial(false, EXAMPLE, SubExample.class, Example.class, void.class, "bogus");
-        testFindSpecial(false, PRIVATE, SubExample.class, Example.class, void.class, "bogus");
         for (Lookup lookup : new Lookup[]{ PRIVATE, EXAMPLE, PACKAGE, PUBLIC }) {
             testFindSpecial(false, lookup, Object.class, Example.class, void.class, "v0");
+            testFindSpecial(false, lookup, SubExample.class, Example.class, void.class, "bogus");
             testFindSpecial(false, lookup, SubExample.class, Example.class, void.class, "<init>", int.class);
+            testFindSpecial(false, lookup, SubExample.class, Example.class, void.class, "<init>", Void.class);
             testFindSpecial(false, lookup, SubExample.class, Example.class, void.class, "s0");
         }
     }
@@ -662,19 +729,25 @@
         countTest(positive);
         String methodName = name.substring(1 + name.indexOf('/'));  // foo/bar => foo
         MethodType type = MethodType.methodType(ret, params);
+        Lookup specialLookup = maybeMoveIn(lookup, specialCaller);
+        boolean specialAccessOK = (specialLookup.lookupClass() == specialCaller &&
+                                   (specialLookup.lookupModes() & Lookup.PRIVATE) != 0);
         MethodHandle target = null;
         Exception noAccess = null;
         try {
             if (verbosity >= 4)  System.out.println("lookup via "+lookup+" of "+defc+" "+name+type);
-            if (verbosity >= 5)  System.out.println("  lookup => "+maybeMoveIn(lookup, specialCaller));
-            target = maybeMoveIn(lookup, specialCaller).findSpecial(defc, methodName, type, specialCaller);
+            if (verbosity >= 5)  System.out.println("  lookup => "+specialLookup);
+            target = specialLookup.findSpecial(defc, methodName, type, specialCaller);
         } catch (ReflectiveOperationException ex) {
             noAccess = ex;
+            assertExceptionClass(
+                (!specialAccessOK)  // this check should happen first
+                ?   IllegalAccessException.class
+                : (name.contains("bogus") || INIT_REF_CAUSES_NSME && name.contains("<init>"))
+                ?   NoSuchMethodException.class
+                : IllegalAccessException.class,
+                noAccess);
             if (verbosity >= 5)  ex.printStackTrace(System.out);
-            if (name.contains("bogus"))
-                assertTrue(noAccess instanceof NoSuchMethodException);
-            else
-                assertTrue(noAccess instanceof IllegalAccessException);
         }
         if (verbosity >= 3)
             System.out.println("findSpecial from "+specialCaller.getName()+" to "+defc.getName()+"."+name+"/"+type+" => "+target
@@ -719,7 +792,7 @@
             target = lookup.findConstructor(defc, type);
         } catch (ReflectiveOperationException ex) {
             noAccess = ex;
-            assertTrue(noAccess instanceof IllegalAccessException);
+            assertTrue(noAccess.getClass().getName(), noAccess instanceof IllegalAccessException);
         }
         if (verbosity >= 3)
             System.out.println("findConstructor "+defc.getName()+".<init>/"+type+" => "+target
@@ -750,6 +823,8 @@
         testBind(Example.class, Object.class, "v2", int.class, Object.class);
         testBind(Example.class, Object.class, "v2", int.class, int.class);
         testBind(false, PRIVATE, Example.class, void.class, "bogus");
+        testBind(false, PRIVATE, Example.class, void.class, "<init>", int.class);
+        testBind(false, PRIVATE, Example.class, void.class, "<init>", Void.class);
         testBind(SubExample.class, void.class, "Sub/v0");
         testBind(SubExample.class, void.class, "Sub/pkg_v0");
         testBind(IntExample.Impl.class, void.class, "Int/v0");
@@ -773,11 +848,12 @@
             target = maybeMoveIn(lookup, defc).bind(receiver, methodName, type);
         } catch (ReflectiveOperationException ex) {
             noAccess = ex;
+            assertExceptionClass(
+                (name.contains("bogus") || INIT_REF_CAUSES_NSME && name.contains("<init>"))
+                ?   NoSuchMethodException.class
+                :   IllegalAccessException.class,
+                noAccess);
             if (verbosity >= 5)  ex.printStackTrace(System.out);
-            if (name.contains("bogus"))
-                assertTrue(noAccess instanceof NoSuchMethodException);
-            else
-                assertTrue(noAccess instanceof IllegalAccessException);
         }
         if (verbosity >= 3)
             System.out.println("bind "+receiver+"."+name+"/"+type+" => "+target
@@ -840,6 +916,10 @@
         countTest(positive);
         String methodName = name.substring(1 + name.indexOf('/'));  // foo/bar => foo
         MethodType type = MethodType.methodType(ret, params);
+        Lookup specialLookup = (specialCaller != null ? maybeMoveIn(lookup, specialCaller) : null);
+        boolean specialAccessOK = (specialCaller != null &&
+                                   specialLookup.lookupClass() == specialCaller &&
+                                   (specialLookup.lookupModes() & Lookup.PRIVATE) != 0);
         Method rmethod = defc.getDeclaredMethod(methodName, params);
         MethodHandle target = null;
         Exception noAccess = null;
@@ -848,16 +928,15 @@
         try {
             if (verbosity >= 4)  System.out.println("lookup via "+lookup+" of "+defc+" "+name+type);
             if (isSpecial)
-                target = maybeMoveIn(lookup, specialCaller).unreflectSpecial(rmethod, specialCaller);
+                target = specialLookup.unreflectSpecial(rmethod, specialCaller);
             else
                 target = maybeMoveIn(lookup, defc).unreflect(rmethod);
         } catch (ReflectiveOperationException ex) {
             noAccess = ex;
+            assertExceptionClass(
+                IllegalAccessException.class,  // NSME is impossible, since it was already reflected
+                noAccess);
             if (verbosity >= 5)  ex.printStackTrace(System.out);
-            if (name.contains("bogus"))
-                assertTrue(noAccess instanceof NoSuchMethodException);
-            else
-                assertTrue(noAccess instanceof IllegalAccessException);
         }
         if (verbosity >= 3)
             System.out.println("unreflect"+(isSpecial?"Special":"")+" "+defc.getName()+"."+name+"/"+type
@@ -1091,11 +1170,12 @@
         } catch (ReflectiveOperationException ex) {
             mh = null;
             noAccess = ex;
+            assertExceptionClass(
+                (fname.contains("bogus"))
+                ?   NoSuchFieldException.class
+                :   IllegalAccessException.class,
+                noAccess);
             if (verbosity >= 5)  ex.printStackTrace(System.out);
-            if (fname.contains("bogus"))
-                assertTrue(noAccess instanceof NoSuchFieldException);
-            else
-                assertTrue(noAccess instanceof IllegalAccessException);
         }
         if (verbosity >= 3)
             System.out.println("find"+(isStatic?"Static":"")+(isGetter?"Getter":"Setter")+" "+fclass.getName()+"."+fname+"/"+ftype
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/lang/invoke/ObjectMethodInInterfaceTest.java	Wed Jun 18 14:07:55 2014 -0700
@@ -0,0 +1,46 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/* @test
+ * @bug 8031502
+ * @summary JSR292: IncompatibleClassChangeError in LambdaForm for CharSequence.toString() method handle type converter
+ * @compile ObjectMethodInInterfaceTest.java
+ * @run main/othervm -Djava.lang.invoke.MethodHandle.COMPILE_THRESHOLD=0 test.java.lang.invoke.ObjectMethodInInterfaceTest
+ */
+package test.java.lang.invoke;
+
+import java.lang.invoke.MethodHandle;
+import java.lang.invoke.MethodHandles;
+import java.lang.invoke.MethodType;
+
+public class ObjectMethodInInterfaceTest {
+    public static void main(String[] args) throws Throwable {
+        MethodHandle mh = MethodHandles.lookup().findVirtual(CharSequence.class, "toString", MethodType.methodType(String.class));
+        MethodType mt = MethodType.methodType(Object.class, CharSequence.class);
+        mh = mh.asType(mt);
+
+        Object res = mh.invokeExact((CharSequence)"123");
+
+        System.out.println("TEST PASSED");
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/lang/invoke/ProtectedMemberDifferentPackage/Test.java	Wed Jun 18 14:07:55 2014 -0700
@@ -0,0 +1,33 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ *
+ */
+
+/**
+ * @test
+ * @bug 8032585 8033278
+ * @summary JSR292: IllegalAccessError when attempting to invoke protected method from different package
+ *
+ * @compile p1/T2.java p2/T3.java
+ * @run main/othervm p2.T3
+ */
+public class Test {}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/lang/invoke/ProtectedMemberDifferentPackage/p1/T2.java	Wed Jun 18 14:07:55 2014 -0700
@@ -0,0 +1,127 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ *
+ */
+package p1;
+
+import p2.T3;
+
+import java.lang.invoke.MethodHandle;
+import java.lang.invoke.MethodHandles;
+import java.lang.invoke.MethodHandles.Lookup;
+import java.lang.invoke.MethodType;
+import java.util.concurrent.Callable;
+
+class T1 {
+    protected        void m1() {}
+    protected static void m2() {}
+}
+
+public class T2 extends T1 {
+    public static void main(String[] args) throws Throwable {
+        final Lookup LOOKUP = T3.lookup();
+        Class<IllegalAccessException> IAE = IllegalAccessException.class;
+
+        assertFailure(IAE, new Callable<Integer>() {
+                               public Integer call() throws Exception {
+                                   LOOKUP.findVirtual(T1.class, "m1", MethodType.methodType(void.class));
+                                   return null;
+                               }
+                           }
+                     );
+        assertFailure(IAE, new Callable<Integer>() {
+                               public Integer call() throws Exception {
+                                   LOOKUP.findStatic(T1.class, "m2", MethodType.methodType(void.class));
+                                   return null;
+                               }
+                           }
+                     );
+
+        assertSuccess(new Callable<Integer>() {
+                               public Integer call() throws Exception {
+                                   LOOKUP.findVirtual(T2.class, "m1", MethodType.methodType(void.class));
+                                   return null;
+                               }
+                           }
+                     );
+        assertSuccess(new Callable<Integer>() {
+                               public Integer call() throws Exception {
+                                   LOOKUP.findVirtual(T3.class, "m1", MethodType.methodType(void.class));
+                                   return null;
+                               }
+                           }
+                     );
+
+        assertSuccess(new Callable<Integer>() {
+                               public Integer call() throws Exception {
+                                   LOOKUP.findStatic(T2.class, "m2", MethodType.methodType(void.class));
+                                   return null;
+                               }
+                           }
+                     );
+        assertSuccess(new Callable<Integer>() {
+                               public Integer call() throws Exception {
+                                   LOOKUP.findStatic(T3.class, "m2", MethodType.methodType(void.class));
+                                   return null;
+                               }
+                           }
+                     );
+
+        assertFailure(IAE, new Callable<Integer>() {
+                               public Integer call() throws Exception {
+                                   LOOKUP.unreflect(T1.class.getDeclaredMethod("m1"));
+                                   return null;
+                               }
+                           }
+                     );
+        assertFailure(IAE, new Callable<Integer>() {
+                               public Integer call() throws Exception {
+                                   LOOKUP.unreflect(T1.class.getDeclaredMethod("m2"));
+                                   return null;
+                               }
+                           }
+                     );
+
+        System.out.println("TEST PASSED");
+    }
+
+    public static void assertFailure(Class<? extends Throwable> expectedError, Callable r) {
+        try {
+            r.call();
+        } catch(Throwable e) {
+            if (expectedError.isAssignableFrom(e.getClass())) {
+                return; // expected error
+            } else {
+                throw new Error("Unexpected error type: "+e.getClass()+"; expected type: "+expectedError, e);
+            }
+        }
+        throw new Error("No error");
+    }
+
+    public static void assertSuccess(Callable r) {
+        try {
+            r.call();
+        } catch(Throwable e) {
+            throw new Error("Unexpected error", e);
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/lang/invoke/ProtectedMemberDifferentPackage/p2/T3.java	Wed Jun 18 14:07:55 2014 -0700
@@ -0,0 +1,32 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ *
+ */
+package p2;
+
+import p1.T2;
+
+import java.lang.invoke.MethodHandles;
+
+public class T3 extends T2 {
+    public static MethodHandles.Lookup lookup() { return MethodHandles.lookup(); }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/net/NetworkInterface/UniqueMacAddressesTest.java	Wed Jun 18 14:07:55 2014 -0700
@@ -0,0 +1,129 @@
+/*
+ * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.net.InetAddress;
+import java.net.NetworkInterface;
+import java.net.SocketException;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Enumeration;
+import java.util.List;
+
+
+/*
+ * @test
+ * @bug 8021372
+ * @summary Tests that the MAC addresses returned by NetworkInterface.getNetworkInterfaces are unique for each adapter.
+ *
+ */
+public class UniqueMacAddressesTest {
+
+    public static void main(String[] args) throws Exception {
+        new UniqueMacAddressesTest().execute();
+        System.out.println("UniqueMacAddressesTest: OK");
+    }
+
+    public UniqueMacAddressesTest() {
+        System.out.println("UniqueMacAddressesTest: start ");
+    }
+
+    public void execute() throws Exception {
+        Enumeration<NetworkInterface> networkInterfaces;
+        boolean areMacAddressesUnique = false;
+        List<NetworkInterface> networkInterfaceList = new ArrayList<NetworkInterface>();
+            networkInterfaces = NetworkInterface.getNetworkInterfaces();
+
+        // build a list of NetworkInterface objects to test MAC address
+        // uniqueness
+        createNetworkInterfaceList(networkInterfaces, networkInterfaceList);
+        areMacAddressesUnique = checkMacAddressesAreUnique(networkInterfaceList);
+        if (!areMacAddressesUnique) {
+            throw new RuntimeException("mac address uniqueness test failed");
+        }
+    }
+
+    private boolean checkMacAddressesAreUnique (
+            List<NetworkInterface> networkInterfaces) throws Exception {
+        boolean uniqueMacAddresses = true;
+        for (NetworkInterface networkInterface : networkInterfaces) {
+            for (NetworkInterface comparisonNetIf : networkInterfaces) {
+                System.out.println("Comparing netif "
+                        + networkInterface.getName() + " and netif "
+                        + comparisonNetIf.getName());
+                if (testMacAddressesEqual(networkInterface, comparisonNetIf)) {
+                    uniqueMacAddresses = false;
+                    break;
+                }
+            }
+            if (uniqueMacAddresses != true)
+                break;
+        }
+        return uniqueMacAddresses;
+    }
+
+    private boolean testMacAddressesEqual(NetworkInterface netIf1,
+            NetworkInterface netIf2) throws Exception {
+
+        byte[] rawMacAddress1 = null;
+        byte[] rawMacAddress2 = null;
+        boolean macAddressesEqual = false;
+        if (!netIf1.getName().equals(netIf2.getName())) {
+            System.out.println("compare hardware addresses "
+                +  createMacAddressString(netIf1) + " and " + createMacAddressString(netIf2));
+            rawMacAddress1 = netIf1.getHardwareAddress();
+            rawMacAddress2 = netIf2.getHardwareAddress();
+            macAddressesEqual = Arrays.equals(rawMacAddress1, rawMacAddress2);
+        } else {
+            // same interface
+            macAddressesEqual = false;
+        }
+        return macAddressesEqual;
+    }
+
+    private String createMacAddressString (NetworkInterface netIf) throws Exception {
+        byte[] macAddr = netIf.getHardwareAddress();
+        StringBuilder sb =  new StringBuilder();
+        if (macAddr != null) {
+            for (int i = 0; i < macAddr.length; i++) {
+                sb.append(String.format("%02X%s", macAddr[i],
+                        (i < macAddr.length - 1) ? "-" : ""));
+            }
+        }
+        return sb.toString();
+    }
+
+    private void createNetworkInterfaceList(Enumeration<NetworkInterface> nis,
+            List<NetworkInterface> networkInterfaceList) throws Exception {
+        byte[] macAddr = null;
+        NetworkInterface netIf = null;
+        while (nis.hasMoreElements()) {
+            netIf = (NetworkInterface) nis.nextElement();
+            macAddr = netIf.getHardwareAddress();
+            if (macAddr != null) {
+                System.out
+                        .println("Adding NetworkInterface " + netIf.getName());
+                networkInterfaceList.add(netIf);
+            }
+        }
+    }
+}
--- a/test/java/nio/channels/Selector/ByteServer.java	Fri May 30 18:54:16 2014 +0100
+++ b/test/java/nio/channels/Selector/ByteServer.java	Wed Jun 18 14:07:55 2014 -0700
@@ -22,52 +22,54 @@
  */
 
 /**
- *
- * Utility class for tests. A simple server, which waits for a connection,
- * writes out n bytes and waits.
+ * Utility class for tests. A simple "in-thread" server to accept connections
+ * and write bytes.
  * @author kladko
  */
 
 import java.net.Socket;
 import java.net.ServerSocket;
+import java.net.SocketAddress;
+import java.net.InetSocketAddress;
+import java.io.IOException;
+import java.io.Closeable;
 
-public class ByteServer {
+public class ByteServer implements Closeable {
 
-    public static final String LOCALHOST = "localhost";
-    private int bytecount;
-    private Socket  socket;
-    private ServerSocket  serversocket;
-    private Thread serverthread;
-    volatile Exception savedException;
+    private final ServerSocket ss;
+    private Socket s;
 
-    public ByteServer(int bytecount) throws Exception{
-        this.bytecount = bytecount;
-        serversocket = new ServerSocket(0);
+    ByteServer() throws IOException {
+        this.ss = new ServerSocket(0);
     }
 
-    public int port() {
-        return serversocket.getLocalPort();
+    SocketAddress address() {
+        return new InetSocketAddress(ss.getInetAddress(), ss.getLocalPort());
     }
 
-    public void start() {
-        serverthread = new Thread() {
-            public void run() {
-                try {
-                    socket = serversocket.accept();
-                    socket.getOutputStream().write(new byte[bytecount]);
-                    socket.getOutputStream().flush();
-                } catch (Exception e) {
-                    System.err.println("Exception in ByteServer: " + e);
-                    System.exit(1);
-                }
-            }
-        };
-        serverthread.start();
+    void acceptConnection() throws IOException {
+        if (s != null)
+            throw new IllegalStateException("already connected");
+        this.s = ss.accept();
     }
 
-    public void exit() throws Exception {
-        serverthread.join();
-        socket.close();
-        serversocket.close();
+    void closeConnection() throws IOException {
+        Socket s = this.s;
+        if (s != null) {
+            this.s = null;
+            s.close();
+        }
+    }
+
+    void write(int count) throws IOException {
+        if (s == null)
+            throw new IllegalStateException("no connection");
+        s.getOutputStream().write(new byte[count]);
+    }
+
+    public void close() throws IOException {
+        if (s != null)
+            s.close();
+        ss.close();
     }
 }
--- a/test/java/nio/channels/Selector/ReadAfterConnect.java	Fri May 30 18:54:16 2014 +0100
+++ b/test/java/nio/channels/Selector/ReadAfterConnect.java	Wed Jun 18 14:07:55 2014 -0700
@@ -27,27 +27,25 @@
  * @author kladko
  */
 
-import java.net.*;
-import java.nio.*;
-import java.nio.channels.*;
+import java.nio.channels.Selector;
+import java.nio.channels.SelectionKey;
+import java.nio.channels.SocketChannel;
 
 public class ReadAfterConnect {
+    public static void main(String[] argv) throws Exception {
+        try (ByteServer server = new ByteServer();
+             SocketChannel sc = SocketChannel.open(server.address())) {
 
-    public static void main(String[] argv) throws Exception {
-        ByteServer server = new ByteServer(0); // server: accept connection and do nothing
-        server.start();
-        InetSocketAddress isa = new InetSocketAddress(
-                InetAddress.getByName(ByteServer.LOCALHOST), server.port());
-        Selector sel = Selector.open();
-        SocketChannel sc = SocketChannel.open();
-        sc.connect(isa);
-        sc.configureBlocking(false);
-        sc.register(sel, SelectionKey.OP_READ);
-        // Previously channel would get selected here, although there is nothing to read
-        if (sel.selectNow() != 0)
-            throw new Exception("Select returned nonzero value");
-        sc.close();
-        server.exit();
+            server.acceptConnection();
+
+            try (Selector sel = Selector.open()) {
+                sc.configureBlocking(false);
+                sc.register(sel, SelectionKey.OP_READ);
+                // Previously channel would get selected here, although there is nothing to read
+                if (sel.selectNow() != 0)
+                    throw new Exception("Select returned nonzero value");
+            }
+        }
     }
 
 }
--- a/test/java/nio/channels/Selector/SelectAfterRead.java	Fri May 30 18:54:16 2014 +0100
+++ b/test/java/nio/channels/Selector/SelectAfterRead.java	Wed Jun 18 14:07:55 2014 -0700
@@ -28,60 +28,62 @@
  * @author kladko
  */
 
-import java.net.*;
-import java.nio.*;
-import java.nio.channels.*;
+import java.nio.ByteBuffer;
+import java.nio.channels.Selector;
+import java.nio.channels.SelectionKey;
+import java.nio.channels.SocketChannel;
 
 public class SelectAfterRead {
 
-    final static int TIMEOUT = 1000;
+    private static final int TIMEOUT = 1000;
 
     public static void main(String[] argv) throws Exception {
-        InetAddress lh = InetAddress.getByName(ByteServer.LOCALHOST);
 
         // server: accept connection and write one byte
-        ByteServer server = new ByteServer(1);
-        server.start();
-        Selector sel = Selector.open();
-        SocketChannel sc = SocketChannel.open();
-        sc.connect(new InetSocketAddress(lh, server.port()));
-        sc.read(ByteBuffer.allocate(1));
-        sc.configureBlocking(false);
-        sc.register(sel, SelectionKey.OP_READ);
-        // previously on Windows select would select channel here, although there was
-        // nothing to read
-        if (sel.selectNow() != 0)
-            throw new Exception("Select returned nonzero value");
-        sc.close();
-        sel.close();
-        server.exit();
+        try (ByteServer server = new ByteServer();
+             SocketChannel sc = SocketChannel.open(server.address())) {
+
+            server.acceptConnection();
+            server.write(1);
+
+            try (Selector sel = Selector.open()) {
+                sc.read(ByteBuffer.allocate(1));
+                sc.configureBlocking(false);
+                sc.register(sel, SelectionKey.OP_READ);
+                // previously on Windows select would select channel here, although there was
+                // nothing to read
+                if (sel.selectNow() != 0)
+                    throw new Exception("Select returned nonzero value");
+            }
+        }
 
         // Now we will test a two reads combination
         // server: accept connection and write two bytes
-        server = new ByteServer(2);
-        server.start();
-        sc = SocketChannel.open();
-        sc.connect(new InetSocketAddress(lh, server.port()));
-        sc.configureBlocking(false);
-        sel = Selector.open();
-        sc.register(sel, SelectionKey.OP_READ);
-        if (sel.select(TIMEOUT) != 1)
-            throw new Exception("One selected key expected");
-        sel.selectedKeys().clear();
-        // previously on Windows a channel would get selected only once
-        if (sel.selectNow() != 1)
-            throw new Exception("One selected key expected");
-        // Previously on Windows two consequent reads would cause select()
-        // to select a channel, although there was nothing remaining to
-        // read in the channel
-        if (sc.read(ByteBuffer.allocate(1)) != 1)
-            throw new Exception("One byte expected");
-        if (sc.read(ByteBuffer.allocate(1)) != 1)
-            throw new Exception("One byte expected");
-        if (sel.selectNow() != 0)
-            throw new Exception("Select returned nonzero value");
-        sc.close();
-        sel.close();
-        server.exit();
+        try (ByteServer server = new ByteServer();
+             SocketChannel sc = SocketChannel.open(server.address())) {
+
+            server.acceptConnection();
+            server.write(2);
+
+            try (Selector sel = Selector.open()) {
+                sc.configureBlocking(false);
+                sc.register(sel, SelectionKey.OP_READ);
+                if (sel.select(TIMEOUT) != 1)
+                    throw new Exception("One selected key expected");
+                sel.selectedKeys().clear();
+                // previously on Windows a channel would get selected only once
+                if (sel.selectNow() != 1)
+                    throw new Exception("One selected key expected");
+                // Previously on Windows two consequent reads would cause select()
+                // to select a channel, although there was nothing remaining to
+                // read in the channel
+                if (sc.read(ByteBuffer.allocate(1)) != 1)
+                    throw new Exception("One byte expected");
+                if (sc.read(ByteBuffer.allocate(1)) != 1)
+                    throw new Exception("One byte expected");
+                if (sel.selectNow() != 0)
+                    throw new Exception("Select returned nonzero value");
+            }
+        }
     }
 }
--- a/test/java/nio/channels/Selector/SelectWrite.java	Fri May 30 18:54:16 2014 +0100
+++ b/test/java/nio/channels/Selector/SelectWrite.java	Wed Jun 18 14:07:55 2014 -0700
@@ -22,36 +22,33 @@
  */
 
 /* @test
-   @bug 4645302
-   @summary Socket with OP_WRITE would get selected only once
-   @author kladko
+ * @bug 4645302
+ * @summary Socket with OP_WRITE would get selected only once
+ * @author kladko
  */
 
-import java.net.*;
-import java.nio.*;
-import java.nio.channels.*;
-
+import java.nio.channels.Selector;
+import java.nio.channels.SelectionKey;
+import java.nio.channels.SocketChannel;
 
 public class SelectWrite {
 
     public static void main(String[] argv) throws Exception {
-        ByteServer server = new ByteServer(0);
-        // server: accept connection and do nothing
-        server.start();
-        InetSocketAddress isa = new InetSocketAddress(
-                InetAddress.getByName(ByteServer.LOCALHOST), server.port());
-        Selector sel = Selector.open();
-        SocketChannel sc = SocketChannel.open();
-        sc.connect(isa);
-        sc.configureBlocking(false);
-        sc.register(sel, SelectionKey.OP_WRITE);
-        sel.select();
-        sel.selectedKeys().clear();
-        if (sel.select() == 0) {
-            throw new Exception("Select returned zero");
+        try (ByteServer server = new ByteServer();
+             SocketChannel sc = SocketChannel.open(server.address())) {
+
+            server.acceptConnection();
+
+            try (Selector sel = Selector.open()) {
+                sc.configureBlocking(false);
+                sc.register(sel, SelectionKey.OP_WRITE);
+                sel.select();
+                sel.selectedKeys().clear();
+                if (sel.select() == 0) {
+                    throw new Exception("Select returned zero");
+                }
+            }
         }
-        sc.close();
-        sel.close();
     }
 
 }
--- a/test/javax/management/remote/mandatory/util/CacheMapTest.java	Fri May 30 18:54:16 2014 +0100
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,110 +0,0 @@
-/*
- * Copyright (c) 2003, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *