changeset 11331:93148bc60f51 jdk8u72-b06

Merge
author asaha
date Wed, 28 Oct 2015 10:47:33 -0700
parents 39baa472e20c 3d4191a41843
children 5bab7361c6a3
files .hgtags
diffstat 39 files changed, 569 insertions(+), 268 deletions(-) [+]
line wrap: on
line diff
--- a/.hgtags	Mon Oct 26 13:17:30 2015 -0700
+++ b/.hgtags	Wed Oct 28 10:47:33 2015 -0700
@@ -358,6 +358,7 @@
 ced84cf3eebc69f7e04b0098d85dcb3a6b872586 jdk8u31-b31
 46338075c4262057099e57638e0758817052da0d jdk8u31-b32
 a1c3099e1b90230435e890ca56adc8a5aa5149ff jdk8u31-b33
+35dfb86684554685d6efd2fc7fd5eb9b7d4545c5 jdk8u31-b34
 e6ed015afbbf3459ba3297e270b4f3170e989c80 jdk8u40-b00
 6e223d48080ef40f4ec11ecbcd19b4a20813b9eb jdk8u40-b01
 4797cd0713b44b009525f1276d571ade7e24f3f5 jdk8u40-b02
@@ -429,6 +430,8 @@
 192bda44c0c463104c96058bb815a546b282ca43 jdk8u51-b15
 ee86422973691bb7efae58d201e5a382ea0bb150 jdk8u51-b16
 f94ea276f608b22d78281d70361092ba4864038e jdk8u51-b31
+887dde3afb3bb233958775de22eafb3328af6437 jdk8u51-b32
+dc7b827522bc3a804f7e8951cc27414f19a7c427 jdk8u51-b33
 5c31204d19e5976f025026db3d5c17331e8c44db jdk8u60-b00
 c46daef6edb5385d11876ed40f292a4b62e96867 jdk8u60-b01
 c10fd784956cc7099657181029ac3e790267b678 jdk8u60-b02
@@ -457,6 +460,8 @@
 c8cfbe57bcd5042d2fef42dcef14d73dd4bdc416 jdk8u60-b25
 0d6a8a9b26a37678b420ff540b5a622c3f4fd44c jdk8u60-b26
 afbc08ea922bf6e5e14d2eea24a2f94f37627ea7 jdk8u60-b27
+1450696a76c667e6f189d026408182a002b93fa7 jdk8u60-b31
+fe24fa1e6d995390df6491975352a15634981b35 jdk8u60-b32
 286b9a885fcc6245fdf2b20697473ec3b35f2538 jdk8u65-b00
 80a796d0db958f49a4b0713818227eda8e5efbb9 jdk8u65-b01
 77d48e6d111faec236c8678997ae4311151cfee4 jdk8u65-b02
@@ -489,6 +494,14 @@
 ea602badedd0cd0c352c072220a884e8f1335e33 jdk8u66-b15
 5ceafca6a734e13d51319df6afd40678d68f9851 jdk8u66-b16
 e6d562c0f079dfd1e21c3734b2dca16f4b2e2494 jdk8u66-b17
+f712dceafb546ea5833aeea507b5736e7e45f1ae jdk8u66-b31
+9a2747ef337bdee71bc8225dea77eb403cca1179 jdk8u71-b00
+e8b5e10a19d66a77d04f12d4677e6fec66f79651 jdk8u71-b01
+25d689a73bc037e1710f95f6d4acf0671d22047d jdk8u71-b02
+ab54163c8610f6238a1d5f1f67cbd19ba13d08a0 jdk8u71-b03
+5ea62bb625b6b8f828098884d13eb2e3114a7c97 jdk8u71-b04
+1a9ced1852957b65e0c156602c3101aff17274fb jdk8u71-b05
+be9d91d310a02c2974d2bdabc31d8a6df8ad596e jdk8u71-b06
 be5faa9c77042f202106c18f4e8ea211137b4a3b jdk8u72-b00
 5ad1e9e8e8417f80c91d7e0f1f44cdf89b34ead3 jdk8u72-b01
 ab0c1040414d038ccbcfcc8ceb1ccf2f44ead8e4 jdk8u72-b02
--- a/src/macosx/classes/sun/lwawt/macosx/CPrinterJob.java	Mon Oct 26 13:17:30 2015 -0700
+++ b/src/macosx/classes/sun/lwawt/macosx/CPrinterJob.java	Wed Oct 28 10:47:33 2015 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2011, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2011, 2015, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -234,6 +234,11 @@
         // this will not work if the user clicks on the "Preview" button
         // However if the printer is a StreamPrintService, its the right path.
         PrintService psvc = getPrintService();
+
+        if (psvc == null) {
+            throw new PrinterException("No print service found.");
+        }
+
         if (psvc instanceof StreamPrintService) {
             spoolToService(psvc, attributes);
             return;
@@ -775,4 +780,4 @@
                 (float) (paper.getImageableHeight() / dpi),
                 MediaPrintableArea.INCH);
     }
-}
\ No newline at end of file
+}
--- a/src/share/classes/com/sun/crypto/provider/PBES2Core.java	Mon Oct 26 13:17:30 2015 -0700
+++ b/src/share/classes/com/sun/crypto/provider/PBES2Core.java	Wed Oct 28 10:47:33 2015 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2012, 2015, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -263,7 +263,7 @@
             passwdChars[i] = (char) (passwdBytes[i] & 0x7f);
 
         PBEKeySpec pbeSpec =
-            new PBEKeySpec(passwdChars, salt, iCount, blkSize * 8);
+            new PBEKeySpec(passwdChars, salt, iCount, keyLength);
             // password char[] was cloned in PBEKeySpec constructor,
             // so we can zero it out here
         java.util.Arrays.fill(passwdChars, ' ');
--- a/src/share/classes/com/sun/crypto/provider/TlsRsaPremasterSecretGenerator.java	Mon Oct 26 13:17:30 2015 -0700
+++ b/src/share/classes/com/sun/crypto/provider/TlsRsaPremasterSecretGenerator.java	Wed Oct 28 10:47:33 2015 -0700
@@ -74,11 +74,14 @@
                 "TlsRsaPremasterSecretGenerator must be initialized");
         }
 
-        if (random == null) {
-            random = new SecureRandom();
+        byte[] b = spec.getEncodedSecret();
+        if (b == null) {
+            if (random == null) {
+                random = new SecureRandom();
+            }
+            b = new byte[48];
+            random.nextBytes(b);
         }
-        byte[] b = new byte[48];
-        random.nextBytes(b);
         b[0] = (byte)spec.getMajorVersion();
         b[1] = (byte)spec.getMinorVersion();
 
--- a/src/share/classes/java/net/URL.java	Mon Oct 26 13:17:30 2015 -0700
+++ b/src/share/classes/java/net/URL.java	Wed Oct 28 10:47:33 2015 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1995, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1995, 2015, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -27,6 +27,10 @@
 
 import java.io.IOException;
 import java.io.InputStream;
+import java.io.InvalidObjectException;
+import java.io.ObjectStreamException;
+import java.io.ObjectStreamField;
+import java.io.ObjectInputStream.GetField;
 import java.util.Hashtable;
 import java.util.StringTokenizer;
 import sun.security.util.SecurityConstants;
@@ -135,6 +139,7 @@
  */
 public final class URL implements java.io.Serializable {
 
+    static final String BUILTIN_HANDLERS_PREFIX = "sun.net.www.protocol";
     static final long serialVersionUID = -7627629688361524110L;
 
     /**
@@ -219,6 +224,8 @@
      */
     private int hashCode = -1;
 
+    private transient UrlDeserializedState tempState;
+
     /**
      * Creates a {@code URL} object from the specified
      * {@code protocol}, {@code host}, {@code port}
@@ -1220,6 +1227,31 @@
     }
 
     /**
+     * @serialField    protocol String
+     *
+     * @serialField    host String
+     *
+     * @serialField    port int
+     *
+     * @serialField    authority String
+     *
+     * @serialField    file String
+     *
+     * @serialField    ref String
+     *
+     * @serialField    hashCode int
+     *
+     */
+    private static final ObjectStreamField[] serialPersistentFields = {
+        new ObjectStreamField("protocol", String.class),
+        new ObjectStreamField("host", String.class),
+        new ObjectStreamField("port", int.class),
+        new ObjectStreamField("authority", String.class),
+        new ObjectStreamField("file", String.class),
+        new ObjectStreamField("ref", String.class),
+        new ObjectStreamField("hashCode", int.class), };
+
+    /**
      * WriteObject is called to save the state of the URL to an
      * ObjectOutputStream. The handler is not saved since it is
      * specific to this system.
@@ -1241,16 +1273,67 @@
      * stream handler.
      */
     private synchronized void readObject(java.io.ObjectInputStream s)
-         throws IOException, ClassNotFoundException
-    {
-        s.defaultReadObject();  // read the fields
-        if ((handler = getURLStreamHandler(protocol)) == null) {
+            throws IOException, ClassNotFoundException {
+        GetField gf = s.readFields();
+        String protocol = (String)gf.get("protocol", null);
+        if (getURLStreamHandler(protocol) == null) {
             throw new IOException("unknown protocol: " + protocol);
         }
+        String host = (String)gf.get("host", null);
+        int port = gf.get("port", -1);
+        String authority = (String)gf.get("authority", null);
+        String file = (String)gf.get("file", null);
+        String ref = (String)gf.get("ref", null);
+        int hashCode = gf.get("hashCode", -1);
+        if (authority == null
+                && ((host != null && host.length() > 0) || port != -1)) {
+            if (host == null)
+                host = "";
+            authority = (port == -1) ? host : host + ":" + port;
+        }
+        tempState = new UrlDeserializedState(protocol, host, port, authority,
+               file, ref, hashCode);
+    }
+
+    /**
+     * Replaces the de-serialized object with an URL object.
+     *
+     * @return a newly created object from the deserialzed state.
+     *
+     * @throws ObjectStreamException if a new object replacing this
+     * object could not be created
+     */
+
+   private Object readResolve() throws ObjectStreamException {
+
+        URLStreamHandler handler = null;
+        // already been checked in readObject
+        handler = getURLStreamHandler(tempState.getProtocol());
+
+        URL replacementURL = null;
+        if (isBuiltinStreamHandler(handler.getClass().getName())) {
+            replacementURL = fabricateNewURL();
+        } else {
+            replacementURL = setDeserializedFields(handler);
+        }
+        return replacementURL;
+    }
+
+    private URL setDeserializedFields(URLStreamHandler handler) {
+        URL replacementURL;
+        String userInfo = null;
+        String protocol = tempState.getProtocol();
+        String host = tempState.getHost();
+        int port = tempState.getPort();
+        String authority = tempState.getAuthority();
+        String file = tempState.getFile();
+        String ref = tempState.getRef();
+        int hashCode = tempState.getHashCode();
+
 
         // Construct authority part
-        if (authority == null &&
-            ((host != null && host.length() > 0) || port != -1)) {
+        if (authority == null
+            && ((host != null && host.length() > 0) || port != -1)) {
             if (host == null)
                 host = "";
             authority = (port == -1) ? host : host + ":" + port;
@@ -1269,8 +1352,8 @@
         }
 
         // Construct path and query part
-        path = null;
-        query = null;
+        String path = null;
+        String query = null;
         if (file != null) {
             // Fix: only do this if hierarchical?
             int q = file.lastIndexOf('?');
@@ -1280,6 +1363,67 @@
             } else
                 path = file;
         }
+
+        if (port == -1) {
+            port = 0;
+        }
+        // Set the object fields.
+        this.protocol = protocol;
+        this.host = host;
+        this.port = port;
+        this.file = file;
+        this.authority = authority;
+        this.ref = ref;
+        this.hashCode = hashCode;
+        this.handler = handler;
+        this.query = query;
+        this.path = path;
+        this.userInfo = userInfo;
+        replacementURL = this;
+        return replacementURL;
+    }
+
+    private URL fabricateNewURL()
+                throws InvalidObjectException {
+        // create URL string from deserialized object
+        URL replacementURL = null;
+        String urlString = tempState.reconstituteUrlString();
+
+        try {
+            replacementURL = new URL(urlString);
+        } catch (MalformedURLException mEx) {
+            resetState();
+            InvalidObjectException invoEx = new InvalidObjectException(
+                    "Malformed URL: " + urlString);
+            invoEx.initCause(mEx);
+            throw invoEx;
+        }
+        replacementURL.setSerializedHashCode(tempState.getHashCode());
+        resetState();
+        return replacementURL;
+    }
+
+    private boolean isBuiltinStreamHandler(String handlerClassName) {
+        return (handlerClassName.startsWith(BUILTIN_HANDLERS_PREFIX));
+    }
+
+    private void resetState() {
+        this.protocol = null;
+        this.host = null;
+        this.port = -1;
+        this.file = null;
+        this.authority = null;
+        this.ref = null;
+        this.hashCode = -1;
+        this.handler = null;
+        this.query = null;
+        this.path = null;
+        this.userInfo = null;
+        this.tempState = null;
+    }
+
+    private void setSerializedHashCode(int hc) {
+        this.hashCode = hc;
     }
 }
 
@@ -1311,3 +1455,82 @@
         return ref;
     }
 }
+
+final class UrlDeserializedState {
+    private final String protocol;
+    private final String host;
+    private final int port;
+    private final String authority;
+    private final String file;
+    private final String ref;
+    private final int hashCode;
+
+    public UrlDeserializedState(String protocol,
+                                String host, int port,
+                                String authority, String file,
+                                String ref, int hashCode) {
+        this.protocol = protocol;
+        this.host = host;
+        this.port = port;
+        this.authority = authority;
+        this.file = file;
+        this.ref = ref;
+        this.hashCode = hashCode;
+    }
+
+    String getProtocol() {
+        return protocol;
+    }
+
+    String getHost() {
+        return host;
+    }
+
+    String getAuthority () {
+        return authority;
+    }
+
+    int getPort() {
+        return port;
+    }
+
+    String getFile () {
+        return file;
+    }
+
+    String getRef () {
+        return ref;
+    }
+
+    int getHashCode () {
+        return hashCode;
+    }
+
+    String reconstituteUrlString() {
+
+        // pre-compute length of StringBuilder
+        int len = protocol.length() + 1;
+        if (authority != null && authority.length() > 0)
+            len += 2 + authority.length();
+        if (file != null) {
+            len += file.length();
+        }
+        if (ref != null)
+            len += 1 + ref.length();
+        StringBuilder result = new StringBuilder(len);
+        result.append(protocol);
+        result.append(":");
+        if (authority != null && authority.length() > 0) {
+            result.append("//");
+            result.append(authority);
+        }
+        if (file != null) {
+            result.append(file);
+        }
+        if (ref != null) {
+            result.append("#");
+            result.append(ref);
+        }
+        return result.toString();
+    }
+}
--- a/src/share/classes/javax/management/remote/rmi/RMIConnectionImpl.java	Mon Oct 26 13:17:30 2015 -0700
+++ b/src/share/classes/javax/management/remote/rmi/RMIConnectionImpl.java	Wed Oct 28 10:47:33 2015 -0700
@@ -361,7 +361,6 @@
                              "connectionId=" + connectionId
                              +", className=" + className
                              +", name=" + name
-                             +", params=" + objects(values)
                              +", signature=" + strings(signature));
 
             return (ObjectInstance)
@@ -427,7 +426,6 @@
                  +", className=" + className
                  +", name=" + name
                  +", loaderName=" + loaderName
-                 +", params=" + objects(values)
                  +", signature=" + strings(signature));
 
             return (ObjectInstance)
@@ -719,7 +717,7 @@
             if (debug) logger.debug("setAttribute",
                              "connectionId=" + connectionId
                              +", name="+name
-                             +", attribute="+attr);
+                             +", attribute name="+attr.getName());
 
             doPrivilegedOperation(
               SET_ATTRIBUTE,
@@ -770,7 +768,7 @@
             if (debug) logger.debug("setAttributes",
                              "connectionId=" + connectionId
                              +", name="+name
-                             +", attributes="+attrlist);
+                             +", attribute names="+RMIConnector.getAttributesNames(attrlist));
 
             return (AttributeList)
                 doPrivilegedOperation(
@@ -825,7 +823,6 @@
                              "connectionId=" + connectionId
                              +", name="+name
                              +", operationName="+operationName
-                             +", params="+objects(values)
                              +", signature="+strings(signature));
 
             return
--- a/src/share/classes/javax/management/remote/rmi/RMIConnector.java	Mon Oct 26 13:17:30 2015 -0700
+++ b/src/share/classes/javax/management/remote/rmi/RMIConnector.java	Wed Oct 28 10:47:33 2015 -0700
@@ -41,7 +41,6 @@
 import java.io.ObjectInputStream;
 import java.io.ObjectStreamClass;
 import java.io.Serializable;
-import java.io.WriteAbortedException;
 import java.lang.ref.WeakReference;
 import java.lang.reflect.Constructor;
 import java.lang.reflect.InvocationHandler;
@@ -70,6 +69,7 @@
 import java.util.Properties;
 import java.util.Set;
 import java.util.WeakHashMap;
+import java.util.stream.Collectors;
 import javax.management.Attribute;
 import javax.management.AttributeList;
 import javax.management.AttributeNotFoundException;
@@ -712,9 +712,7 @@
             if (logger.debugOn())
                 logger.debug("createMBean(String,ObjectName,Object[],String[])",
                         "className=" + className + ", name="
-                        + name + ", params="
-                        + objects(params) + ", signature="
-                        + strings(signature));
+                        + name + ", signature=" + strings(signature));
 
             final MarshalledObject<Object[]> sParams =
                     new MarshalledObject<Object[]>(params);
@@ -753,8 +751,7 @@
             if (logger.debugOn()) logger.debug(
                     "createMBean(String,ObjectName,ObjectName,Object[],String[])",
                     "className=" + className + ", name=" + name + ", loaderName="
-                    + loaderName + ", params=" + objects(params)
-                    + ", signature=" + strings(signature));
+                    + loaderName + ", signature=" + strings(signature));
 
             final MarshalledObject<Object[]> sParams =
                     new MarshalledObject<Object[]>(params);
@@ -954,8 +951,8 @@
                 IOException {
 
             if (logger.debugOn()) logger.debug("setAttribute",
-                    "name=" + name + ", attribute="
-                    + attribute);
+                    "name=" + name + ", attribute name="
+                    + attribute.getName());
 
             final MarshalledObject<Attribute> sAttribute =
                     new MarshalledObject<Attribute>(attribute);
@@ -977,9 +974,11 @@
                 ReflectionException,
                 IOException {
 
-            if (logger.debugOn()) logger.debug("setAttributes",
-                    "name=" + name + ", attributes="
-                    + attributes);
+            if (logger.debugOn()) {
+                logger.debug("setAttributes",
+                    "name=" + name + ", attribute names="
+                    + getAttributesNames(attributes));
+            }
 
             final MarshalledObject<AttributeList> sAttributes =
                     new MarshalledObject<AttributeList>(attributes);
@@ -1012,7 +1011,6 @@
             if (logger.debugOn()) logger.debug("invoke",
                     "name=" + name
                     + ", operationName=" + operationName
-                    + ", params=" + objects(params)
                     + ", signature=" + strings(signature));
 
             final MarshalledObject<Object[]> sParams =
@@ -2636,4 +2634,12 @@
     private static String strings(final String[] strs) {
         return objects(strs);
     }
+
+    static String getAttributesNames(AttributeList attributes) {
+        return attributes != null ?
+                attributes.asList().stream()
+                        .map(Attribute::getName)
+                        .collect(Collectors.joining("[", ", ", "]"))
+                : "[]";
+    }
 }
--- a/src/share/classes/sun/management/GarbageCollectorImpl.java	Mon Oct 26 13:17:30 2015 -0700
+++ b/src/share/classes/sun/management/GarbageCollectorImpl.java	Wed Oct 28 10:47:33 2015 -0700
@@ -102,17 +102,13 @@
         GarbageCollectionNotificationInfo.GARBAGE_COLLECTION_NOTIFICATION
     };
 
-    private MBeanNotificationInfo[] notifInfo = null;
+    @Override
     public MBeanNotificationInfo[] getNotificationInfo() {
-        synchronized (this) {
-            if (notifInfo == null) {
-                 notifInfo = new MBeanNotificationInfo[1];
-                 notifInfo[0] = new MBeanNotificationInfo(gcNotifTypes,
-                                                          notifName,
-                                                          "GC Notification");
-            }
-        }
-        return notifInfo;
+        return new MBeanNotificationInfo[]{
+            new MBeanNotificationInfo(gcNotifTypes,
+            notifName,
+            "GC Notification")
+        };
     }
 
     private static long seqNumber = 0;
--- a/src/share/classes/sun/management/MemoryImpl.java	Mon Oct 26 13:17:30 2015 -0700
+++ b/src/share/classes/sun/management/MemoryImpl.java	Wed Oct 28 10:47:33 2015 -0700
@@ -115,17 +115,10 @@
         "Memory usage exceeds collection usage threshold"
     };
 
-    private MBeanNotificationInfo[] notifInfo = null;
     public MBeanNotificationInfo[] getNotificationInfo() {
-        synchronized (this) {
-            if (notifInfo == null) {
-                 notifInfo = new MBeanNotificationInfo[1];
-                 notifInfo[0] = new MBeanNotificationInfo(notifTypes,
-                                                          notifName,
-                                                          "Memory Notification");
-            }
-        }
-        return notifInfo;
+        return new MBeanNotificationInfo[] {
+            new MBeanNotificationInfo(notifTypes, notifName, "Memory Notification")
+        };
     }
 
     private static String getNotifMsg(String notifType) {
--- a/src/share/classes/sun/security/internal/spec/TlsRsaPremasterSecretParameterSpec.java	Mon Oct 26 13:17:30 2015 -0700
+++ b/src/share/classes/sun/security/internal/spec/TlsRsaPremasterSecretParameterSpec.java	Wed Oct 28 10:47:33 2015 -0700
@@ -43,6 +43,8 @@
 public class TlsRsaPremasterSecretParameterSpec
         implements AlgorithmParameterSpec {
 
+    private final byte[] encodedSecret;
+
     /*
      * The TLS spec says that the version in the RSA premaster secret must
      * be the maximum version supported by the client (i.e. the version it
@@ -89,6 +91,33 @@
 
         this.clientVersion = checkVersion(clientVersion);
         this.serverVersion = checkVersion(serverVersion);
+        this.encodedSecret = null;
+    }
+
+    /**
+     * Constructs a new TlsRsaPremasterSecretParameterSpec.
+     *
+     * @param clientVersion the version of the TLS protocol by which the
+     *        client wishes to communicate during this session
+     * @param serverVersion the negotiated version of the TLS protocol which
+     *        contains the lower of that suggested by the client in the client
+     *        hello and the highest supported by the server.
+     * @param encodedSecret the encoded secret key
+     *
+     * @throws IllegalArgumentException if clientVersion or serverVersion are
+     *   negative or larger than (2^16 - 1) or if encodedSecret is not
+     *   exactly 48 bytes
+     */
+    public TlsRsaPremasterSecretParameterSpec(
+            int clientVersion, int serverVersion, byte[] encodedSecret) {
+
+        this.clientVersion = checkVersion(clientVersion);
+        this.serverVersion = checkVersion(serverVersion);
+        if (encodedSecret == null || encodedSecret.length != 48) {
+            throw new IllegalArgumentException(
+                        "Encoded secret is not exactly 48 bytes");
+        }
+        this.encodedSecret = encodedSecret.clone();
     }
 
     /**
@@ -147,4 +176,13 @@
         }
         return version;
     }
+
+    /**
+     * Returns the encoded secret.
+     *
+     * @return the encoded secret, may be null if no encoded secret.
+     */
+    public byte[] getEncodedSecret() {
+        return encodedSecret == null ? null : encodedSecret.clone();
+    }
 }
--- a/src/share/classes/sun/security/jca/JCAUtil.java	Mon Oct 26 13:17:30 2015 -0700
+++ b/src/share/classes/sun/security/jca/JCAUtil.java	Wed Oct 28 10:47:33 2015 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2015, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -41,12 +41,6 @@
         // no instantiation
     }
 
-    // lock to use for synchronization
-    private static final Object LOCK = JCAUtil.class;
-
-    // cached SecureRandom instance
-    private static volatile SecureRandom secureRandom;
-
     // size of the temporary arrays we use. Should fit into the CPU's 1st
     // level cache and could be adjusted based on the platform
     private final static int ARRAY_SIZE = 4096;
@@ -60,26 +54,19 @@
         return Math.min(ARRAY_SIZE, totalSize);
     }
 
+    // cached SecureRandom instance
+    private static class CachedSecureRandomHolder {
+        public static SecureRandom instance = new SecureRandom();
+    }
+
     /**
-     * Get a SecureRandom instance. This method should me used by JDK
+     * Get a SecureRandom instance. This method should be used by JDK
      * internal code in favor of calling "new SecureRandom()". That needs to
      * iterate through the provider table to find the default SecureRandom
      * implementation, which is fairly inefficient.
      */
     public static SecureRandom getSecureRandom() {
-        // we use double checked locking to minimize synchronization
-        // works because we use a volatile reference
-        SecureRandom r = secureRandom;
-        if (r == null) {
-            synchronized (LOCK) {
-                r = secureRandom;
-                if (r == null) {
-                    r = new SecureRandom();
-                    secureRandom = r;
-                }
-            }
-        }
-        return r;
+        return CachedSecureRandomHolder.instance;
     }
 
 }
--- a/src/share/classes/sun/security/pkcs11/P11Cipher.java	Mon Oct 26 13:17:30 2015 -0700
+++ b/src/share/classes/sun/security/pkcs11/P11Cipher.java	Wed Oct 28 10:47:33 2015 -0700
@@ -35,6 +35,7 @@
 import javax.crypto.spec.*;
 
 import sun.nio.ch.DirectBuffer;
+import sun.security.jca.JCAUtil;
 import sun.security.pkcs11.wrapper.*;
 import static sun.security.pkcs11.wrapper.PKCS11Constants.*;
 
@@ -379,7 +380,7 @@
                 }
                 // generate random IV
                 if (random == null) {
-                    random = new SecureRandom();
+                    random = JCAUtil.getSecureRandom();
                 }
                 iv = new byte[blockSize];
                 random.nextBytes(iv);
--- a/src/share/classes/sun/security/pkcs11/P11RSACipher.java	Mon Oct 26 13:17:30 2015 -0700
+++ b/src/share/classes/sun/security/pkcs11/P11RSACipher.java	Wed Oct 28 10:47:33 2015 -0700
@@ -468,49 +468,49 @@
                 algorithm.equals("TlsRsaPremasterSecret");
         Exception failover = null;
 
-        SecureRandom secureRandom = random;
-        if (secureRandom == null && isTlsRsaPremasterSecret) {
-            secureRandom = new SecureRandom();
-        }
-
         // Should C_Unwrap be preferred for non-TLS RSA premaster secret?
         if (token.supportsRawSecretKeyImport()) {
             // XXX implement unwrap using C_Unwrap() for all keys
             implInit(Cipher.DECRYPT_MODE, p11Key);
-            if (wrappedKey.length > maxInputSize) {
-                throw new InvalidKeyException("Key is too long for unwrapping");
-            }
+            try {
+                if (wrappedKey.length > maxInputSize) {
+                    throw new InvalidKeyException("Key is too long for unwrapping");
+                }
 
-            byte[] encoded = null;
-            implUpdate(wrappedKey, 0, wrappedKey.length);
-            try {
-                encoded = doFinal();
-            } catch (BadPaddingException e) {
-                if (isTlsRsaPremasterSecret) {
-                    failover = e;
-                } else {
+                byte[] encoded = null;
+                implUpdate(wrappedKey, 0, wrappedKey.length);
+                try {
+                    encoded = doFinal();
+                } catch (BadPaddingException e) {
+                    if (isTlsRsaPremasterSecret) {
+                        failover = e;
+                    } else {
+                        throw new InvalidKeyException("Unwrapping failed", e);
+                    }
+                } catch (IllegalBlockSizeException e) {
+                    // should not occur, handled with length check above
                     throw new InvalidKeyException("Unwrapping failed", e);
                 }
-            } catch (IllegalBlockSizeException e) {
-                // should not occur, handled with length check above
-                throw new InvalidKeyException("Unwrapping failed", e);
-            }
 
-            if (isTlsRsaPremasterSecret) {
-                if (!(spec instanceof TlsRsaPremasterSecretParameterSpec)) {
-                    throw new IllegalStateException(
-                            "No TlsRsaPremasterSecretParameterSpec specified");
+                if (isTlsRsaPremasterSecret) {
+                    if (!(spec instanceof TlsRsaPremasterSecretParameterSpec)) {
+                        throw new IllegalStateException(
+                                "No TlsRsaPremasterSecretParameterSpec specified");
+                    }
+
+                    // polish the TLS premaster secret
+                    TlsRsaPremasterSecretParameterSpec psps =
+                            (TlsRsaPremasterSecretParameterSpec)spec;
+                    encoded = KeyUtil.checkTlsPreMasterSecretKey(
+                            psps.getClientVersion(), psps.getServerVersion(),
+                            random, encoded, (failover != null));
                 }
 
-                // polish the TLS premaster secret
-                TlsRsaPremasterSecretParameterSpec psps =
-                        (TlsRsaPremasterSecretParameterSpec)spec;
-                encoded = KeyUtil.checkTlsPreMasterSecretKey(
-                        psps.getClientVersion(), psps.getServerVersion(),
-                        secureRandom, encoded, (failover != null));
+                return ConstructKeys.constructKey(encoded, algorithm, type);
+            } finally {
+                // Restore original mode
+                implInit(Cipher.UNWRAP_MODE, p11Key);
             }
-
-            return ConstructKeys.constructKey(encoded, algorithm, type);
         } else {
             Session s = null;
             SecretKey secretKey = null;
@@ -538,20 +538,13 @@
                 }
 
                 if (isTlsRsaPremasterSecret) {
-                    byte[] replacer = new byte[48];
-                    if (failover == null) {
-                        // Does smart compiler dispose this operation?
-                        secureRandom.nextBytes(replacer);
-                    }
-
                     TlsRsaPremasterSecretParameterSpec psps =
                             (TlsRsaPremasterSecretParameterSpec)spec;
 
-                    // Please use the tricky failover and replacer byte array
-                    // as the parameters so that smart compiler won't dispose
-                    // the unused variable .
+                    // Please use the tricky failover as the parameter so that
+                    // smart compiler won't dispose the unused variable.
                     secretKey = polishPreMasterSecretKey(token, s,
-                            failover, replacer, secretKey,
+                            failover, secretKey,
                             psps.getClientVersion(), psps.getServerVersion());
                 }
 
@@ -570,29 +563,27 @@
 
     private static SecretKey polishPreMasterSecretKey(
             Token token, Session session,
-            Exception failover, byte[] replacer, SecretKey secretKey,
+            Exception failover, SecretKey unwrappedKey,
             int clientVersion, int serverVersion) {
 
-        if (failover != null) {
-            CK_VERSION version = new CK_VERSION(
-                    (clientVersion >>> 8) & 0xFF, clientVersion & 0xFF);
-            try {
-                CK_ATTRIBUTE[] attributes = token.getAttributes(
-                        O_GENERATE, CKO_SECRET_KEY,
-                        CKK_GENERIC_SECRET, new CK_ATTRIBUTE[0]);
-                long keyID = token.p11.C_GenerateKey(session.id(),
-                    // new CK_MECHANISM(CKM_TLS_PRE_MASTER_KEY_GEN, version),
-                        new CK_MECHANISM(CKM_SSL3_PRE_MASTER_KEY_GEN, version),
-                        attributes);
-                return P11Key.secretKey(session,
-                        keyID, "TlsRsaPremasterSecret", 48 << 3, attributes);
-            } catch (PKCS11Exception e) {
-                throw new ProviderException(
-                        "Could not generate premaster secret", e);
-            }
+        SecretKey newKey;
+        CK_VERSION version = new CK_VERSION(
+                (clientVersion >>> 8) & 0xFF, clientVersion & 0xFF);
+        try {
+            CK_ATTRIBUTE[] attributes = token.getAttributes(
+                    O_GENERATE, CKO_SECRET_KEY,
+                    CKK_GENERIC_SECRET, new CK_ATTRIBUTE[0]);
+            long keyID = token.p11.C_GenerateKey(session.id(),
+                    new CK_MECHANISM(CKM_SSL3_PRE_MASTER_KEY_GEN, version),
+                    attributes);
+            newKey = P11Key.secretKey(session,
+                    keyID, "TlsRsaPremasterSecret", 48 << 3, attributes);
+        } catch (PKCS11Exception e) {
+            throw new ProviderException(
+                    "Could not generate premaster secret", e);
         }
 
-        return secretKey;
+        return (failover == null) ? unwrappedKey : newKey;
     }
 
 }
--- a/src/share/classes/sun/security/ssl/RSAClientKeyExchange.java	Mon Oct 26 13:17:30 2015 -0700
+++ b/src/share/classes/sun/security/ssl/RSAClientKeyExchange.java	Wed Oct 28 10:47:33 2015 -0700
@@ -111,14 +111,34 @@
             }
         }
 
+        byte[] encoded = null;
         try {
             Cipher cipher = JsseJce.getCipher(JsseJce.CIPHER_RSA_PKCS1);
-            cipher.init(Cipher.UNWRAP_MODE, privateKey,
-                    new TlsRsaPremasterSecretParameterSpec(
-                            maxVersion.v, currentVersion.v),
-                    generator);
-            preMaster = (SecretKey)cipher.unwrap(encrypted,
-                                "TlsRsaPremasterSecret", Cipher.SECRET_KEY);
+            boolean needFailover = !KeyUtil.isOracleJCEProvider(
+                    cipher.getProvider().getName());
+            if (needFailover) {
+                cipher.init(Cipher.DECRYPT_MODE, privateKey);
+                boolean failed = false;
+                try {
+                    encoded = cipher.doFinal(encrypted);
+                } catch (BadPaddingException bpe) {
+                    // Note: encoded == null
+                    failed = true;
+                }
+                encoded = KeyUtil.checkTlsPreMasterSecretKey(
+                                maxVersion.v, currentVersion.v,
+                                generator, encoded, failed);
+                preMaster = generatePreMasterSecret(
+                                maxVersion.v, currentVersion.v,
+                                encoded, generator);
+            } else {
+                cipher.init(Cipher.UNWRAP_MODE, privateKey,
+                        new TlsRsaPremasterSecretParameterSpec(
+                                maxVersion.v, currentVersion.v),
+                        generator);
+                preMaster = (SecretKey)cipher.unwrap(encrypted,
+                        "TlsRsaPremasterSecret", Cipher.SECRET_KEY);
+            }
         } catch (InvalidKeyException ibk) {
             // the message is too big to process with RSA
             throw new SSLProtocolException(
@@ -133,6 +153,35 @@
         }
     }
 
+    // generate a premaster secret with the specified version number
+    @SuppressWarnings("deprecation")
+    private static SecretKey generatePreMasterSecret(
+            int clientVersion, int serverVersion,
+            byte[] encodedSecret, SecureRandom generator) {
+
+        if (debug != null && Debug.isOn("handshake")) {
+            System.out.println("Generating a premaster secret");
+        }
+
+        try {
+            String s = ((clientVersion >= ProtocolVersion.TLS12.v) ?
+                "SunTls12RsaPremasterSecret" : "SunTlsRsaPremasterSecret");
+            KeyGenerator kg = JsseJce.getKeyGenerator(s);
+            kg.init(new TlsRsaPremasterSecretParameterSpec(
+                    clientVersion, serverVersion, encodedSecret),
+                    generator);
+            return kg.generateKey();
+        } catch (InvalidAlgorithmParameterException |
+                NoSuchAlgorithmException iae) {
+            // unlikely to happen, otherwise, must be a provider exception
+            if (debug != null && Debug.isOn("handshake")) {
+                System.out.println("RSA premaster secret generation error:");
+                iae.printStackTrace(System.out);
+            }
+            throw new RuntimeException("Could not generate premaster secret", iae);
+        }
+    }
+
     @Override
     int messageType() {
         return ht_client_key_exchange;
--- a/src/share/classes/sun/security/util/KeyUtil.java	Mon Oct 26 13:17:30 2015 -0700
+++ b/src/share/classes/sun/security/util/KeyUtil.java	Wed Oct 28 10:47:33 2015 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2012, 2015, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -41,6 +41,8 @@
 import javax.crypto.spec.DHPublicKeySpec;
 import java.math.BigInteger;
 
+import sun.security.jca.JCAUtil;
+
 /**
  * A utility class to get key length, valiate keys, etc.
  */
@@ -144,8 +146,6 @@
 
     /**
      * Returns whether the specified provider is Oracle provider or not.
-     * <P>
-     * Note that this method is only apply to SunJCE and SunPKCS11 at present.
      *
      * @param  providerName
      *         the provider name
@@ -153,8 +153,11 @@
      *         {@code providerName} is Oracle provider
      */
     public static final boolean isOracleJCEProvider(String providerName) {
-        return providerName != null && (providerName.equals("SunJCE") ||
-                                        providerName.startsWith("SunPKCS11"));
+        return providerName != null &&
+                (providerName.equals("SunJCE") ||
+                    providerName.equals("SunMSCAPI") ||
+                    providerName.equals("OracleUcrypto") ||
+                    providerName.startsWith("SunPKCS11"));
     }
 
     /**
@@ -199,7 +202,7 @@
             byte[] encoded, boolean isFailOver) {
 
         if (random == null) {
-            random = new SecureRandom();
+            random = JCAUtil.getSecureRandom();
         }
         byte[] replacer = new byte[48];
         random.nextBytes(replacer);
--- a/src/share/classes/sun/security/x509/AlgorithmId.java	Mon Oct 26 13:17:30 2015 -0700
+++ b/src/share/classes/sun/security/x509/AlgorithmId.java	Wed Oct 28 10:47:33 2015 -0700
@@ -588,7 +588,7 @@
             }
 
             if (oidTable == null) {
-                oidTable = new HashMap<String,ObjectIdentifier>(1);
+                oidTable = Collections.<String,ObjectIdentifier>emptyMap();
             }
             initOidTable = true;
         }
--- a/src/share/classes/sun/security/x509/CRLDistributionPointsExtension.java	Mon Oct 26 13:17:30 2015 -0700
+++ b/src/share/classes/sun/security/x509/CRLDistributionPointsExtension.java	Wed Oct 28 10:47:33 2015 -0700
@@ -29,6 +29,7 @@
 import java.io.OutputStream;
 
 import java.util.*;
+import java.util.Collections;
 
 import sun.security.util.DerOutputStream;
 import sun.security.util.DerValue;
@@ -255,11 +256,12 @@
      */
     public void delete(String name) throws IOException {
         if (name.equalsIgnoreCase(POINTS)) {
-            distributionPoints = new ArrayList<DistributionPoint>();
+            distributionPoints =
+                    Collections.<DistributionPoint>emptyList();
         } else {
             throw new IOException("Attribute name [" + name +
-                                "] not recognized by " +
-                                "CertAttrSet:" + extensionName + ".");
+                                  "] not recognized by " +
+                                  "CertAttrSet:" + extensionName + '.');
         }
         encodeThis();
     }
--- a/src/share/classes/sun/security/x509/CRLNumberExtension.java	Mon Oct 26 13:17:30 2015 -0700
+++ b/src/share/classes/sun/security/x509/CRLNumberExtension.java	Wed Oct 28 10:47:33 2015 -0700
@@ -157,11 +157,10 @@
      */
     public BigInteger get(String name) throws IOException {
         if (name.equalsIgnoreCase(NUMBER)) {
-            if (crlNumber == null) return null;
-            else return crlNumber;
+            return crlNumber;
         } else {
-          throw new IOException("Attribute name not recognized by"
-                                + " CertAttrSet:" + extensionName + ".");
+            throw new IOException("Attribute name not recognized by" +
+                                  " CertAttrSet:" + extensionName + '.');
         }
     }
 
--- a/src/share/classes/sun/security/x509/DNSName.java	Mon Oct 26 13:17:30 2015 -0700
+++ b/src/share/classes/sun/security/x509/DNSName.java	Wed Oct 28 10:47:33 2015 -0700
@@ -232,15 +232,15 @@
      * @throws UnsupportedOperationException if not supported for this name type
      */
     public int subtreeDepth() throws UnsupportedOperationException {
-        String subtree=name;
-        int i=1;
+        // subtree depth is always at least 1
+        int sum = 1;
 
-        /* count dots */
-        for (; subtree.lastIndexOf('.') >= 0; i++) {
-            subtree=subtree.substring(0,subtree.lastIndexOf('.'));
+        // count dots
+        for (int i = name.indexOf('.'); i >= 0; i = name.indexOf('.', i + 1)) {
+            ++sum;
         }
 
-        return i;
+        return sum;
     }
 
 }
--- a/src/share/classes/sun/security/x509/EDIPartyName.java	Mon Oct 26 13:17:30 2015 -0700
+++ b/src/share/classes/sun/security/x509/EDIPartyName.java	Wed Oct 28 10:47:33 2015 -0700
@@ -197,7 +197,7 @@
      */
     public int hashCode() {
         if (myhash == -1) {
-            myhash = 37 + party.hashCode();
+            myhash = 37 + (party == null ? 1 : party.hashCode());
             if (assigner != null) {
                 myhash = 37 * myhash + assigner.hashCode();
             }
--- a/src/share/classes/sun/security/x509/GeneralSubtrees.java	Mon Oct 26 13:17:30 2015 -0700
+++ b/src/share/classes/sun/security/x509/GeneralSubtrees.java	Wed Oct 28 10:47:33 2015 -0700
@@ -191,7 +191,7 @@
         // the list: if any subsequent entry matches or widens entry n,
         // remove entry n. If any subsequent entries narrow entry n, remove
         // the subsequent entries.
-        for (int i = 0; i < size(); i++) {
+        for (int i = 0; i < (size() - 1); i++) {
             GeneralNameInterface current = getGeneralNameInterface(i);
             boolean remove1 = false;
 
--- a/src/share/classes/sun/security/x509/IPAddressName.java	Mon Oct 26 13:17:30 2015 -0700
+++ b/src/share/classes/sun/security/x509/IPAddressName.java	Wed Oct 28 10:47:33 2015 -0700
@@ -197,8 +197,10 @@
 
             // append a mask corresponding to the num of prefix bits specified
             int prefixLen = Integer.parseInt(name.substring(slashNdx+1));
-            if (prefixLen > 128)
-                throw new IOException("IPv6Address prefix is longer than 128");
+            if (prefixLen < 0 || prefixLen > 128) {
+                throw new IOException("IPv6Address prefix length (" +
+                        prefixLen + ") in out of valid range [0,128]");
+            }
 
             // create new bit array initialized to zeros
             BitArray bitArray = new BitArray(MASKSIZE * 8);
@@ -317,7 +319,8 @@
         if (!(obj instanceof IPAddressName))
             return false;
 
-        byte[] other = ((IPAddressName)obj).getBytes();
+        IPAddressName otherName = (IPAddressName)obj;
+        byte[] other = otherName.address;
 
         if (other.length != address.length)
             return false;
@@ -326,12 +329,10 @@
             // Two subnet addresses
             // Mask each and compare masked values
             int maskLen = address.length/2;
-            byte[] maskedThis = new byte[maskLen];
-            byte[] maskedOther = new byte[maskLen];
             for (int i=0; i < maskLen; i++) {
-                maskedThis[i] = (byte)(address[i] & address[i+maskLen]);
-                maskedOther[i] = (byte)(other[i] & other[i+maskLen]);
-                if (maskedThis[i] != maskedOther[i]) {
+                byte maskedThis = (byte)(address[i] & address[i+maskLen]);
+                byte maskedOther = (byte)(other[i] & other[i+maskLen]);
+                if (maskedThis != maskedOther) {
                     return false;
                 }
             }
@@ -400,7 +401,8 @@
         else if (((IPAddressName)inputName).equals(this))
             constraintType = NAME_MATCH;
         else {
-            byte[] otherAddress = ((IPAddressName)inputName).getBytes();
+            IPAddressName otherName = (IPAddressName)inputName;
+            byte[] otherAddress = otherName.address;
             if (otherAddress.length == 4 && address.length == 4)
                 // Two host addresses
                 constraintType = NAME_SAME_TYPE;
--- a/src/share/classes/sun/security/x509/IssuingDistributionPointExtension.java	Mon Oct 26 13:17:30 2015 -0700
+++ b/src/share/classes/sun/security/x509/IssuingDistributionPointExtension.java	Wed Oct 28 10:47:33 2015 -0700
@@ -261,6 +261,7 @@
                 throw new IOException(
                     "Attribute value should be of type ReasonFlags.");
             }
+            revocationReasons = (ReasonFlags)obj;
 
         } else if (name.equalsIgnoreCase(INDIRECT_CRL)) {
             if (!(obj instanceof Boolean)) {
@@ -290,7 +291,6 @@
             }
             hasOnlyAttributeCerts = ((Boolean)obj).booleanValue();
 
-
         } else {
             throw new IOException("Attribute name [" + name +
                 "] not recognized by " +
--- a/src/share/classes/sun/security/x509/KeyIdentifier.java	Mon Oct 26 13:17:30 2015 -0700
+++ b/src/share/classes/sun/security/x509/KeyIdentifier.java	Wed Oct 28 10:47:33 2015 -0700
@@ -148,7 +148,7 @@
             return true;
         if (!(other instanceof KeyIdentifier))
             return false;
-        return java.util.Arrays.equals(octetString,
-                                       ((KeyIdentifier)other).getIdentifier());
+        byte[] otherString = ((KeyIdentifier)other).octetString;
+        return java.util.Arrays.equals(octetString, otherString);
     }
 }
--- a/src/share/classes/sun/security/x509/PolicyMappingsExtension.java	Mon Oct 26 13:17:30 2015 -0700
+++ b/src/share/classes/sun/security/x509/PolicyMappingsExtension.java	Wed Oct 28 10:47:33 2015 -0700
@@ -102,7 +102,7 @@
     public PolicyMappingsExtension() {
         extensionId = PKIXExtensions.KeyUsage_Id;
         critical = false;
-        maps = new ArrayList<CertificatePolicyMap>();
+        maps = Collections.<CertificatePolicyMap>emptyList();
     }
 
     /**
--- a/src/share/classes/sun/security/x509/PrivateKeyUsageExtension.java	Mon Oct 26 13:17:30 2015 -0700
+++ b/src/share/classes/sun/security/x509/PrivateKeyUsageExtension.java	Wed Oct 28 10:47:33 2015 -0700
@@ -33,6 +33,7 @@
 import java.security.cert.CertificateNotYetValidException;
 import java.util.Date;
 import java.util.Enumeration;
+import java.util.Objects;
 
 import sun.security.util.*;
 
@@ -206,16 +207,17 @@
      */
     public void valid(Date now)
     throws CertificateNotYetValidException, CertificateExpiredException {
+        Objects.requireNonNull(now);
         /*
          * we use the internal Dates rather than the passed in Date
          * because someone could override the Date methods after()
          * and before() to do something entirely different.
          */
-        if (notBefore.after(now)) {
+        if (notBefore != null && notBefore.after(now)) {
             throw new CertificateNotYetValidException("NotBefore: " +
                                                       notBefore.toString());
         }
-        if (notAfter.before(now)) {
+        if (notAfter != null && notAfter.before(now)) {
             throw new CertificateExpiredException("NotAfter: " +
                                                   notAfter.toString());
         }
--- a/src/share/classes/sun/security/x509/RDN.java	Mon Oct 26 13:17:30 2015 -0700
+++ b/src/share/classes/sun/security/x509/RDN.java	Wed Oct 28 10:47:33 2015 -0700
@@ -27,6 +27,8 @@
 
 import java.io.IOException;
 import java.io.StringReader;
+import java.util.Arrays;
+import java.util.StringJoiner;
 import java.util.*;
 
 import sun.security.util.*;
@@ -442,31 +444,19 @@
                                assertion[0].toRFC2253String(oidMap);
         }
 
-        StringBuilder relname = new StringBuilder();
-        if (!canonical) {
-            for (int i = 0; i < assertion.length; i++) {
-                if (i > 0) {
-                    relname.append('+');
-                }
-                relname.append(assertion[i].toRFC2253String(oidMap));
-            }
-        } else {
+        AVA[] toOutput = assertion;
+        if (canonical) {
             // order the string type AVA's alphabetically,
             // followed by the oid type AVA's numerically
-            List<AVA> avaList = new ArrayList<AVA>(assertion.length);
-            for (int i = 0; i < assertion.length; i++) {
-                avaList.add(assertion[i]);
-            }
-            java.util.Collections.sort(avaList, AVAComparator.getInstance());
-
-            for (int i = 0; i < avaList.size(); i++) {
-                if (i > 0) {
-                    relname.append('+');
-                }
-                relname.append(avaList.get(i).toRFC2253CanonicalString());
-            }
+            toOutput = assertion.clone();
+            Arrays.sort(toOutput, AVAComparator.getInstance());
         }
-        return relname.toString();
+        StringJoiner sj = new StringJoiner("+");
+        for (AVA ava : toOutput) {
+            sj.add(canonical ? ava.toRFC2253CanonicalString()
+                             : ava.toRFC2253String(oidMap));
+        }
+        return sj.toString();
     }
 
 }
--- a/src/share/classes/sun/security/x509/SubjectInfoAccessExtension.java	Mon Oct 26 13:17:30 2015 -0700
+++ b/src/share/classes/sun/security/x509/SubjectInfoAccessExtension.java	Wed Oct 28 10:47:33 2015 -0700
@@ -28,6 +28,7 @@
 import java.io.IOException;
 import java.io.OutputStream;
 
+import java.util.Collections;
 import java.util.*;
 
 import sun.security.util.DerOutputStream;
@@ -200,7 +201,8 @@
      */
     public void delete(String name) throws IOException {
         if (name.equalsIgnoreCase(DESCRIPTIONS)) {
-            accessDescriptions = new ArrayList<AccessDescription>();
+            accessDescriptions =
+                Collections.<AccessDescription>emptyList();
         } else {
             throw new IOException("Attribute name [" + name +
                                 "] not recognized by " +
--- a/src/share/classes/sun/security/x509/URIName.java	Mon Oct 26 13:17:30 2015 -0700
+++ b/src/share/classes/sun/security/x509/URIName.java	Wed Oct 28 10:47:33 2015 -0700
@@ -165,7 +165,7 @@
             String host = uri.getSchemeSpecificPart();
             try {
                 DNSName hostDNS;
-                if (host.charAt(0) == '.') {
+                if (host.startsWith(".")) {
                     hostDNS = new DNSName(host.substring(1));
                 } else {
                     hostDNS = new DNSName(host);
--- a/src/share/classes/sun/security/x509/X500Name.java	Mon Oct 26 13:17:30 2015 -0700
+++ b/src/share/classes/sun/security/x509/X500Name.java	Wed Oct 28 10:47:33 2015 -0700
@@ -346,6 +346,8 @@
             for (int i = 0; i < names.length; i++) {
                 list.addAll(names[i].avas());
             }
+            list = Collections.unmodifiableList(list);
+            allAvaList = list;
         }
         return list;
     }
@@ -364,9 +366,6 @@
      */
     public boolean isEmpty() {
         int n = names.length;
-        if (n == 0) {
-            return true;
-        }
         for (int i = 0; i < n; i++) {
             if (names[i].assertion.length != 0) {
                 return false;
@@ -1109,12 +1108,8 @@
      * and speed recognition of common X.500 attributes.
      */
     static ObjectIdentifier intern(ObjectIdentifier oid) {
-        ObjectIdentifier interned = internedOIDs.get(oid);
-        if (interned != null) {
-            return interned;
-        }
-        internedOIDs.put(oid, oid);
-        return oid;
+        ObjectIdentifier interned = internedOIDs.putIfAbsent(oid, oid);
+        return (interned == null) ? oid : interned;
     }
 
     private static final Map<ObjectIdentifier,ObjectIdentifier> internedOIDs
--- a/src/share/classes/sun/security/x509/X509AttributeName.java	Mon Oct 26 13:17:30 2015 -0700
+++ b/src/share/classes/sun/security/x509/X509AttributeName.java	Wed Oct 28 10:47:33 2015 -0700
@@ -47,7 +47,7 @@
      */
     public X509AttributeName(String name) {
         int i = name.indexOf(SEPARATOR);
-        if (i == (-1)) {
+        if (i < 0) {
             prefix = name;
         } else {
             prefix = name.substring(0, i);
--- a/src/share/classes/sun/security/x509/X509CRLImpl.java	Mon Oct 26 13:17:30 2015 -0700
+++ b/src/share/classes/sun/security/x509/X509CRLImpl.java	Wed Oct 28 10:47:33 2015 -0700
@@ -742,9 +742,7 @@
     public byte[] getTBSCertList() throws CRLException {
         if (tbsCertList == null)
             throw new CRLException("Uninitialized CRL");
-        byte[] dup = new byte[tbsCertList.length];
-        System.arraycopy(tbsCertList, 0, dup, 0, dup.length);
-        return dup;
+        return tbsCertList.clone();
     }
 
     /**
@@ -755,9 +753,7 @@
     public byte[] getSignature() {
         if (signature == null)
             return null;
-        byte[] dup = new byte[signature.length];
-        System.arraycopy(signature, 0, dup, 0, dup.length);
-        return dup;
+        return signature.clone();
     }
 
     /**
--- a/src/share/classes/sun/security/x509/X509CertImpl.java	Mon Oct 26 13:17:30 2015 -0700
+++ b/src/share/classes/sun/security/x509/X509CertImpl.java	Wed Oct 28 10:47:33 2015 -0700
@@ -1008,9 +1008,7 @@
     public byte[] getSignature() {
         if (signature == null)
             return null;
-        byte[] dup = new byte[signature.length];
-        System.arraycopy(signature, 0, dup, 0, dup.length);
-        return dup;
+        return signature.clone();
     }
 
     /**
--- a/src/share/native/sun/awt/image/jpeg/jpegdecoder.c	Mon Oct 26 13:17:30 2015 -0700
+++ b/src/share/native/sun/awt/image/jpeg/jpegdecoder.c	Wed Oct 28 10:47:33 2015 -0700
@@ -180,6 +180,7 @@
       int               *ip;
       unsigned char     *bp;
   } outbuf;
+  size_t outbufSize;
   jobject hOutputBuffer;
 };
 
@@ -235,6 +236,7 @@
         assert(src->outbuf.ip == 0);
         src->outbuf.ip = (int *)(*env)->GetPrimitiveArrayCritical
             (env, src->hOutputBuffer, 0);
+        src->outbufSize = (*env)->GetArrayLength(env, src->hOutputBuffer);
         if (src->outbuf.ip == 0) {
             RELEASE_ARRAYS(env, src);
             return 0;
@@ -677,8 +679,8 @@
                                               cinfo.output_scanline - 1);
           } else {
               if (hasalpha) {
-                  ip = jsrc.outbuf.ip + cinfo.image_width;
-                  bp = jsrc.outbuf.bp + cinfo.image_width * 4;
+                  ip = jsrc.outbuf.ip + jsrc.outbufSize;
+                  bp = jsrc.outbuf.bp + jsrc.outbufSize * 4;
                   while (ip > jsrc.outbuf.ip) {
                       pixel = (*--bp) << 24;
                       pixel |= (*--bp);
@@ -687,8 +689,8 @@
                       *--ip = pixel;
                   }
               } else {
-                  ip = jsrc.outbuf.ip + cinfo.image_width;
-                  bp = jsrc.outbuf.bp + cinfo.image_width * 3;
+                  ip = jsrc.outbuf.ip + jsrc.outbufSize;
+                  bp = jsrc.outbuf.bp + jsrc.outbufSize * 3;
                   while (ip > jsrc.outbuf.ip) {
                       pixel = (*--bp);
                       pixel |= (*--bp) << 8;
--- a/src/share/native/sun/font/layout/ContextualSubstSubtables.cpp	Mon Oct 26 13:17:30 2015 -0700
+++ b/src/share/native/sun/font/layout/ContextualSubstSubtables.cpp	Wed Oct 28 10:47:33 2015 -0700
@@ -243,14 +243,14 @@
         le_uint16 srSetCount = SWAPW(subRuleSetCount);
 
         if (coverageIndex < srSetCount) {
-            LEReferenceToArrayOf<Offset> subRuleSetTableOffsetArrayRef(base, success,
-                    &subRuleSetTableOffsetArray[coverageIndex], 1);
+            LEReferenceToArrayOf<Offset>
+                subRuleSetTableOffsetArrayRef(base, success, subRuleSetTableOffsetArray, srSetCount);
             if (LE_FAILURE(success)) {
                 return 0;
             }
             Offset subRuleSetTableOffset = SWAPW(subRuleSetTableOffsetArray[coverageIndex]);
-            LEReferenceTo<SubRuleSetTable>
-                 subRuleSetTable(base, success, (const SubRuleSetTable *) ((char *) this + subRuleSetTableOffset));
+            LEReferenceTo<SubRuleSetTable> subRuleSetTable(base, success, subRuleSetTableOffset);
+            if (LE_FAILURE(success)) { return 0; }
             le_uint16 subRuleCount = SWAPW(subRuleSetTable->subRuleCount);
             le_int32 position = glyphIterator->getCurrStreamPosition();
 
@@ -264,6 +264,7 @@
                     SWAPW(subRuleSetTable->subRuleTableOffsetArray[subRule]);
                 LEReferenceTo<SubRuleTable>
                      subRuleTable(subRuleSetTable, success, subRuleTableOffset);
+                if (LE_FAILURE(success)) { return 0; }
                 le_uint16 matchCount = SWAPW(subRuleTable->glyphCount) - 1;
                 le_uint16 substCount = SWAPW(subRuleTable->substCount);
                 LEReferenceToArrayOf<TTGlyphID> inputGlyphArray(base, success, subRuleTable->inputGlyphArray, matchCount+2);
@@ -304,8 +305,8 @@
     }
 
     if (coverageIndex >= 0) {
-        LEReferenceTo<ClassDefinitionTable> classDefinitionTable(base, success,
-                                                                 (const ClassDefinitionTable *) ((char *) this + SWAPW(classDefTableOffset)));
+        LEReferenceTo<ClassDefinitionTable> classDefinitionTable(base, success, SWAPW(classDefTableOffset));
+        if (LE_FAILURE(success)) { return 0; }
         le_uint16 scSetCount = SWAPW(subClassSetCount);
         le_int32 setClass = classDefinitionTable->getGlyphClass(classDefinitionTable,
                                                                 glyphIterator->getCurrGlyphID(),
@@ -313,44 +314,45 @@
 
         if (setClass < scSetCount) {
             LEReferenceToArrayOf<Offset>
-                 subClassSetTableOffsetArrayRef(base, success, subClassSetTableOffsetArray, setClass);
+                subClassSetTableOffsetArrayRef(base, success, subClassSetTableOffsetArray, scSetCount);
             if (LE_FAILURE(success)) { return 0; }
             if (subClassSetTableOffsetArray[setClass] != 0) {
 
-            Offset subClassSetTableOffset = SWAPW(subClassSetTableOffsetArray[setClass]);
-            LEReferenceTo<SubClassSetTable>
-                 subClassSetTable(base, success, (const SubClassSetTable *) ((char *) this + subClassSetTableOffset));
-            le_uint16 subClassRuleCount = SWAPW(subClassSetTable->subClassRuleCount);
-            le_int32 position = glyphIterator->getCurrStreamPosition();
+                Offset subClassSetTableOffset = SWAPW(subClassSetTableOffsetArray[setClass]);
+                LEReferenceTo<SubClassSetTable> subClassSetTable(base, success, subClassSetTableOffset);
+                if (LE_FAILURE(success)) { return 0; }
+                le_uint16 subClassRuleCount = SWAPW(subClassSetTable->subClassRuleCount);
+                le_int32 position = glyphIterator->getCurrStreamPosition();
                 LEReferenceToArrayOf<Offset>
                     subClassRuleTableOffsetArrayRef(base, success, subClassSetTable->subClassRuleTableOffsetArray, subClassRuleCount);
                 if (LE_FAILURE(success)) {
                     return 0;
                 }
-            for (le_uint16 scRule = 0; scRule < subClassRuleCount; scRule += 1) {
-                Offset subClassRuleTableOffset =
-                    SWAPW(subClassSetTable->subClassRuleTableOffsetArray[scRule]);
-                LEReferenceTo<SubClassRuleTable>
-                     subClassRuleTable(subClassSetTable, success, subClassRuleTableOffset);
-                le_uint16 matchCount = SWAPW(subClassRuleTable->glyphCount) - 1;
-                le_uint16 substCount = SWAPW(subClassRuleTable->substCount);
+                for (le_uint16 scRule = 0; scRule < subClassRuleCount; scRule += 1) {
+                    Offset subClassRuleTableOffset =
+                        SWAPW(subClassSetTable->subClassRuleTableOffsetArray[scRule]);
+                    LEReferenceTo<SubClassRuleTable>
+                        subClassRuleTable(subClassSetTable, success, subClassRuleTableOffset);
+                    if (LE_FAILURE(success)) { return 0; }
+                    le_uint16 matchCount = SWAPW(subClassRuleTable->glyphCount) - 1;
+                    le_uint16 substCount = SWAPW(subClassRuleTable->substCount);
 
-                LEReferenceToArrayOf<le_uint16> classArray(base, success, subClassRuleTable->classArray, matchCount+1);
+                    LEReferenceToArrayOf<le_uint16> classArray(base, success, subClassRuleTable->classArray, matchCount+1);
 
-                if (LE_FAILURE(success)) { return 0; }
-                if (matchGlyphClasses(classArray, matchCount, glyphIterator, classDefinitionTable, success)) {
-                    LEReferenceToArrayOf<SubstitutionLookupRecord>
-                      substLookupRecordArray(base, success, (const SubstitutionLookupRecord *) &subClassRuleTable->classArray[matchCount], substCount);
+                    if (LE_FAILURE(success)) { return 0; }
+                    if (matchGlyphClasses(classArray, matchCount, glyphIterator, classDefinitionTable, success)) {
+                        LEReferenceToArrayOf<SubstitutionLookupRecord>
+                          substLookupRecordArray(base, success, (const SubstitutionLookupRecord *) &subClassRuleTable->classArray[matchCount], substCount);
 
-                    applySubstitutionLookups(lookupProcessor, substLookupRecordArray, substCount, glyphIterator, fontInstance, position, success);
+                        applySubstitutionLookups(lookupProcessor, substLookupRecordArray, substCount, glyphIterator, fontInstance, position, success);
 
-                    return matchCount + 1;
+                        return matchCount + 1;
+                    }
+
+                    glyphIterator->setCurrStreamPosition(position);
                 }
-
-                glyphIterator->setCurrStreamPosition(position);
             }
         }
-        }
 
         // XXX If we get here, the table is mal-formed...
     }
@@ -463,13 +465,13 @@
 
         if (coverageIndex < srSetCount) {
             LEReferenceToArrayOf<Offset>
-                chainSubRuleSetTableOffsetArrayRef(base, success, chainSubRuleSetTableOffsetArray, coverageIndex);
+                chainSubRuleSetTableOffsetArrayRef(base, success, chainSubRuleSetTableOffsetArray, srSetCount);
             if (LE_FAILURE(success)) {
                 return 0;
             }
             Offset chainSubRuleSetTableOffset = SWAPW(chainSubRuleSetTableOffsetArray[coverageIndex]);
-            LEReferenceTo<ChainSubRuleSetTable>
-                 chainSubRuleSetTable(base, success, (const ChainSubRuleSetTable *) ((char *) this + chainSubRuleSetTableOffset));
+            LEReferenceTo<ChainSubRuleSetTable> chainSubRuleSetTable(base, success, chainSubRuleSetTableOffset);
+            if (LE_FAILURE(success)) { return 0; }
             le_uint16 chainSubRuleCount = SWAPW(chainSubRuleSetTable->chainSubRuleCount);
             le_int32 position = glyphIterator->getCurrStreamPosition();
             GlyphIterator tempIterator(*glyphIterator, emptyFeatureList);
@@ -550,17 +552,17 @@
 
     if (coverageIndex >= 0) {
         LEReferenceTo<ClassDefinitionTable>
-             backtrackClassDefinitionTable(base, success, (const ClassDefinitionTable *) ((char *) this + SWAPW(backtrackClassDefTableOffset)));
+             backtrackClassDefinitionTable(base, success, SWAPW(backtrackClassDefTableOffset));
         LEReferenceTo<ClassDefinitionTable>
-             inputClassDefinitionTable(base, success, (const ClassDefinitionTable *) ((char *) this + SWAPW(inputClassDefTableOffset)));
+             inputClassDefinitionTable(base, success, SWAPW(inputClassDefTableOffset));
         LEReferenceTo<ClassDefinitionTable>
-             lookaheadClassDefinitionTable(base, success, (const ClassDefinitionTable *) ((char *) this + SWAPW(lookaheadClassDefTableOffset)));
+             lookaheadClassDefinitionTable(base, success, SWAPW(lookaheadClassDefTableOffset));
         le_uint16 scSetCount = SWAPW(chainSubClassSetCount);
         le_int32 setClass = inputClassDefinitionTable->getGlyphClass(inputClassDefinitionTable,
                                                                      glyphIterator->getCurrGlyphID(),
                                                                      success);
         LEReferenceToArrayOf<Offset>
-            chainSubClassSetTableOffsetArrayRef(base, success, chainSubClassSetTableOffsetArray, setClass);
+            chainSubClassSetTableOffsetArrayRef(base, success, chainSubClassSetTableOffsetArray, scSetCount);
         if (LE_FAILURE(success)) {
             return 0;
         }
@@ -568,7 +570,8 @@
         if (setClass < scSetCount && chainSubClassSetTableOffsetArray[setClass] != 0) {
             Offset chainSubClassSetTableOffset = SWAPW(chainSubClassSetTableOffsetArray[setClass]);
             LEReferenceTo<ChainSubClassSetTable>
-                 chainSubClassSetTable(base, success, (const ChainSubClassSetTable *) ((char *) this + chainSubClassSetTableOffset));
+                 chainSubClassSetTable(base, success, chainSubClassSetTableOffset);
+            if (LE_FAILURE(success)) { return 0; }
             le_uint16 chainSubClassRuleCount = SWAPW(chainSubClassSetTable->chainSubClassRuleCount);
             le_int32 position = glyphIterator->getCurrStreamPosition();
             GlyphIterator tempIterator(*glyphIterator, emptyFeatureList);
@@ -582,6 +585,7 @@
                     SWAPW(chainSubClassSetTable->chainSubClassRuleTableOffsetArray[scRule]);
                 LEReferenceTo<ChainSubClassRuleTable>
                      chainSubClassRuleTable(chainSubClassSetTable, success, chainSubClassRuleTableOffset);
+                if (LE_FAILURE(success)) { return 0; }
                 le_uint16 backtrackGlyphCount = SWAPW(chainSubClassRuleTable->backtrackGlyphCount);
                 LEReferenceToArrayOf<le_uint16>   backtrackClassArray(base, success, chainSubClassRuleTable->backtrackClassArray, backtrackGlyphCount);
                 if( LE_FAILURE(success) ) { return 0; }
--- a/src/share/native/sun/font/layout/CursiveAttachmentSubtables.cpp	Mon Oct 26 13:17:30 2015 -0700
+++ b/src/share/native/sun/font/layout/CursiveAttachmentSubtables.cpp	Wed Oct 28 10:47:33 2015 -0700
@@ -46,7 +46,7 @@
     le_uint16 eeCount       = SWAPW(entryExitCount);
 
     LEReferenceToArrayOf<EntryExitRecord>
-        entryExitRecordsArrayRef(base, success, entryExitRecords, coverageIndex);
+        entryExitRecordsArrayRef(base, success, entryExitRecords, eeCount);
 
     if (coverageIndex < 0 || coverageIndex >= eeCount || LE_FAILURE(success)) {
         glyphIterator->setCursiveGlyph();
--- a/src/share/native/sun/font/layout/Features.cpp	Mon Oct 26 13:17:30 2015 -0700
+++ b/src/share/native/sun/font/layout/Features.cpp	Wed Oct 28 10:47:33 2015 -0700
@@ -41,7 +41,7 @@
 LEReferenceTo<FeatureTable> FeatureListTable::getFeatureTable(const LETableReference &base, le_uint16 featureIndex, LETag *featureTag, LEErrorCode &success) const
 {
     LEReferenceToArrayOf<FeatureRecord>
-        featureRecordArrayRef(base, success, featureRecordArray, featureIndex+1);
+        featureRecordArrayRef(base, success, featureRecordArray, SWAPW(featureCount));
 
   if (featureIndex >= SWAPW(featureCount) || LE_FAILURE(success)) {
     return LEReferenceTo<FeatureTable>();
--- a/src/share/native/sun/font/layout/MarkToBasePosnSubtables.cpp	Mon Oct 26 13:17:30 2015 -0700
+++ b/src/share/native/sun/font/layout/MarkToBasePosnSubtables.cpp	Wed Oct 28 10:47:33 2015 -0700
@@ -93,7 +93,7 @@
     }
     LEReferenceTo<BaseRecord> baseRecord(base, success, &baseArray->baseRecordArray[baseCoverage * mcCount]);
     if( LE_FAILURE(success) ) { return 0; }
-    LEReferenceToArrayOf<Offset> baseAnchorTableOffsetArray(base, success, &(baseRecord->baseAnchorTableOffsetArray[0]), markClass+1);
+    LEReferenceToArrayOf<Offset> baseAnchorTableOffsetArray(base, success, &(baseRecord->baseAnchorTableOffsetArray[0]), mcCount);
 
     if( LE_FAILURE(success) ) { return 0; }
     Offset anchorTableOffset = SWAPW(baseRecord->baseAnchorTableOffsetArray[markClass]);
--- a/src/share/native/sun/font/layout/MarkToLigaturePosnSubtables.cpp	Mon Oct 26 13:17:30 2015 -0700
+++ b/src/share/native/sun/font/layout/MarkToLigaturePosnSubtables.cpp	Wed Oct 28 10:47:33 2015 -0700
@@ -83,6 +83,7 @@
     LEGlyphID ligatureGlyph = findLigatureGlyph(&ligatureIterator);
     le_int32 ligatureCoverage = getBaseCoverage(base, (LEGlyphID) ligatureGlyph, success);
     LEReferenceTo<LigatureArray> ligatureArray(base, success, SWAPW(baseArrayOffset));
+    if (LE_FAILURE(success)) { return 0; }
     le_uint16 ligatureCount = SWAPW(ligatureArray->ligatureCount);
 
     if (ligatureCoverage < 0 || ligatureCoverage >= ligatureCount) {
@@ -95,6 +96,7 @@
     le_int32 markPosition = glyphIterator->getCurrStreamPosition();
     Offset ligatureAttachOffset = SWAPW(ligatureArray->ligatureAttachTableOffsetArray[ligatureCoverage]);
     LEReferenceTo<LigatureAttachTable> ligatureAttachTable(ligatureArray, success, ligatureAttachOffset);
+    if (LE_FAILURE(success)) { return 0; }
     le_int32 componentCount = SWAPW(ligatureAttachTable->componentCount);
     le_int32 component = ligatureIterator.getMarkComponent(markPosition);
 
@@ -104,10 +106,12 @@
     }
 
     LEReferenceTo<ComponentRecord> componentRecord(base, success, &ligatureAttachTable->componentRecordArray[component * mcCount]);
-    LEReferenceToArrayOf<Offset> ligatureAnchorTableOffsetArray(base, success, &(componentRecord->ligatureAnchorTableOffsetArray[0]), markClass+1);
+    if (LE_FAILURE(success)) { return 0; }
+    LEReferenceToArrayOf<Offset> ligatureAnchorTableOffsetArray(base, success, &(componentRecord->ligatureAnchorTableOffsetArray[0]), mcCount);
     if( LE_FAILURE(success) ) { return 0; }
     Offset anchorTableOffset = SWAPW(componentRecord->ligatureAnchorTableOffsetArray[markClass]);
     LEReferenceTo<AnchorTable> anchorTable(ligatureAttachTable, success, anchorTableOffset);
+    if (LE_FAILURE(success)) { return 0; }
     LEPoint ligatureAnchor, markAdvance, pixels;
 
     anchorTable->getAnchor(anchorTable, ligatureGlyph, fontInstance, ligatureAnchor, success);