changeset 14754:965aca494570

Merge
author amurillo
date Tue, 14 Jun 2016 10:22:07 -0700
parents e55180358346 d6a1ad87842f
children 591fb6f93c40
files src/jdk.crypto.ucrypto/solaris/native/libj2ucrypto/sys_old/crypto/common.h src/jdk.crypto.ucrypto/solaris/native/libj2ucrypto/sys_old/crypto/spi.h test/java/security/Security/ClassLoaderDeadlock/CreateSerialized.java test/java/security/Security/ClassLoaderDeadlock/Deadlock2.java test/java/security/Security/ClassLoaderDeadlock/Deadlock2.sh test/sun/net/www/http/ChunkedOutputStream/checkError.java
diffstat 64 files changed, 847 insertions(+), 2278 deletions(-) [+]
line wrap: on
line diff
--- a/src/java.base/macosx/classes/module-info.java.extra	Fri Jun 10 15:13:40 2016 -0700
+++ b/src/java.base/macosx/classes/module-info.java.extra	Tue Jun 14 10:22:07 2016 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -24,4 +24,3 @@
  */
 
 exports jdk.internal.loader to java.desktop;
-provides java.security.Provider with apple.security.AppleProvider;
--- a/src/java.base/share/classes/java/lang/Class.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/src/java.base/share/classes/java/lang/Class.java	Tue Jun 14 10:22:07 2016 -0700
@@ -480,6 +480,24 @@
      * any exception thrown by the constructor in a (checked) {@link
      * java.lang.reflect.InvocationTargetException}.
      *
+     * <p>The call
+     *
+     * <pre>{@code
+     * clazz.newInstance()
+     * }</pre>
+     *
+     * can be replaced by
+     *
+     * <pre>{@code
+     * clazz.getConstructor().newInstance()
+     * }</pre>
+     *
+     * The latter sequence of calls is inferred to be able to throw
+     * the additional exception types {@link
+     * InvocationTargetException} and {@link
+     * NoSuchMethodException}. Both of these exception types are
+     * subclasses of {@link ReflectiveOperationException}.
+     *
      * @return  a newly allocated instance of the class represented by this
      *          object.
      * @throws  IllegalAccessException  if the class or its nullary
--- a/src/java.base/share/classes/java/lang/module/ModuleDescriptor.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/src/java.base/share/classes/java/lang/module/ModuleDescriptor.java	Tue Jun 14 10:22:07 2016 -0700
@@ -790,10 +790,10 @@
     private final String osName;
     private final String osArch;
     private final String osVersion;
-    private final Set<String> conceals;
     private final Set<String> packages;
     private final ModuleHashes hashes;
 
+
     private ModuleDescriptor(String name,
                              boolean automatic,
                              boolean synthetic,
@@ -806,7 +806,7 @@
                              String osName,
                              String osArch,
                              String osVersion,
-                             Set<String> conceals,
+                             Set<String> packages,
                              ModuleHashes hashes)
     {
 
@@ -836,10 +836,7 @@
         this.osVersion = osVersion;
         this.hashes = hashes;
 
-        assert !exports.keySet().stream().anyMatch(conceals::contains)
-            : "Module " + name + ": Package sets overlap";
-        this.conceals = emptyOrUnmodifiableSet(conceals);
-        this.packages = computePackages(this.exports, this.conceals);
+        this.packages = emptyOrUnmodifiableSet(packages);
     }
 
     /**
@@ -862,8 +859,9 @@
         this.osVersion = md.osVersion;
         this.hashes = null; // need to ignore
 
-        this.packages = emptyOrUnmodifiableSet(pkgs);
-        this.conceals = computeConcealedPackages(this.exports, this.packages);
+        Set<String> packages = new HashSet<>(md.packages);
+        packages.addAll(pkgs);
+        this.packages = emptyOrUnmodifiableSet(packages);
     }
 
     /**
@@ -882,7 +880,6 @@
                      String osName,
                      String osArch,
                      String osVersion,
-                     Set<String> conceals,
                      Set<String> packages,
                      ModuleHashes hashes) {
         this.name = name;
@@ -892,7 +889,6 @@
         this.exports = Collections.unmodifiableSet(exports);
         this.uses = Collections.unmodifiableSet(uses);
         this.provides = Collections.unmodifiableMap(provides);
-        this.conceals = Collections.unmodifiableSet(conceals);
         this.packages = Collections.unmodifiableSet(packages);
 
         this.version = version;
@@ -1055,7 +1051,9 @@
      * @return A possibly-empty unmodifiable set of the concealed packages
      */
     public Set<String> conceals() {
-        return conceals;
+        Set<String> conceals = new HashSet<>(packages);
+        exports.stream().map(Exports::source).forEach(conceals::remove);
+        return emptyOrUnmodifiableSet(conceals);
     }
 
     /**
@@ -1605,6 +1603,8 @@
         public ModuleDescriptor build() {
             assert name != null;
 
+            Set<String> packages = new HashSet<>(conceals);
+            packages.addAll(exportedPackages());
             return new ModuleDescriptor(name,
                                         automatic,
                                         synthetic,
@@ -1617,7 +1617,7 @@
                                         osName,
                                         osArch,
                                         osVersion,
-                                        conceals,
+                                        packages,
                                         hashes);
         }
 
@@ -1692,7 +1692,7 @@
                 && Objects.equals(osName, that.osName)
                 && Objects.equals(osArch, that.osArch)
                 && Objects.equals(osVersion, that.osVersion)
-                && Objects.equals(conceals, that.conceals)
+                && Objects.equals(packages, that.packages)
                 && Objects.equals(hashes, that.hashes));
     }
 
@@ -1723,7 +1723,7 @@
             hc = hc * 43 + Objects.hashCode(osName);
             hc = hc * 43 + Objects.hashCode(osArch);
             hc = hc * 43 + Objects.hashCode(osVersion);
-            hc = hc * 43 + Objects.hashCode(conceals);
+            hc = hc * 43 + Objects.hashCode(packages);
             hc = hc * 43 + Objects.hashCode(hashes);
             if (hc == 0)
                 hc = -1;
@@ -1879,37 +1879,6 @@
         return ModuleInfo.read(bb, null);
     }
 
-
-    /**
-     * Computes the set of packages from exports and concealed packages.
-     * It returns the concealed packages set if there is no exported package.
-     */
-    private static Set<String> computePackages(Set<Exports> exports,
-                                               Set<String> conceals)
-    {
-        if (exports.isEmpty())
-            return conceals;
-
-        Set<String> pkgs = new HashSet<>(conceals);
-        exports.stream().map(Exports::source).forEach(pkgs::add);
-        return emptyOrUnmodifiableSet(pkgs);
-    }
-
-    /**
-     * Computes the set of concealed packages from exports and all packages.
-     * It returns the packages set if there are no exported packages.
-     */
-    private static Set<String> computeConcealedPackages(Set<Exports> exports,
-                                                        Set<String> pkgs)
-    {
-        if (exports.isEmpty())
-            return pkgs;
-
-        Set<String> conceals = new HashSet<>(pkgs);
-        exports.stream().map(Exports::source).forEach(conceals::remove);
-        return emptyOrUnmodifiableSet(conceals);
-    }
-
     private static <K,V> Map<K,V> emptyOrUnmodifiableMap(Map<K,V> map) {
         if (map.isEmpty()) {
             return Collections.emptyMap();
@@ -1975,14 +1944,14 @@
                                                             boolean automatic,
                                                             boolean synthetic,
                                                             Set<Requires> requires,
-                                                            Set<String> uses, Set<Exports> exports,
+                                                            Set<String> uses,
+                                                            Set<Exports> exports,
                                                             Map<String, Provides> provides,
                                                             Version version,
                                                             String mainClass,
                                                             String osName,
                                                             String osArch,
                                                             String osVersion,
-                                                            Set<String> conceals,
                                                             Set<String> packages,
                                                             ModuleHashes hashes) {
                     return new ModuleDescriptor(name,
@@ -1997,7 +1966,6 @@
                                                 osName,
                                                 osArch,
                                                 osVersion,
-                                                conceals,
                                                 packages,
                                                 hashes);
                 }
--- a/src/java.base/share/classes/java/lang/reflect/Method.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/src/java.base/share/classes/java/lang/reflect/Method.java	Tue Jun 14 10:22:07 2016 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -30,6 +30,8 @@
 import jdk.internal.reflect.CallerSensitive;
 import jdk.internal.reflect.MethodAccessor;
 import jdk.internal.reflect.Reflection;
+import sun.reflect.annotation.ExceptionProxy;
+import sun.reflect.annotation.TypeNotPresentExceptionProxy;
 import sun.reflect.generics.repository.MethodRepository;
 import sun.reflect.generics.factory.CoreReflectionFactory;
 import sun.reflect.generics.factory.GenericsFactory;
@@ -641,8 +643,13 @@
             SharedSecrets.getJavaLangAccess().
                 getConstantPool(getDeclaringClass()),
             getDeclaringClass());
-        if (result instanceof sun.reflect.annotation.ExceptionProxy)
+        if (result instanceof ExceptionProxy) {
+            if (result instanceof TypeNotPresentExceptionProxy) {
+                TypeNotPresentExceptionProxy proxy = (TypeNotPresentExceptionProxy)result;
+                throw new TypeNotPresentException(proxy.typeName(), proxy.getCause());
+            }
             throw new AnnotationFormatError("Invalid default: " + this);
+        }
         return result;
     }
 
--- a/src/java.base/share/classes/java/security/DrbgParameters.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/src/java.base/share/classes/java/security/DrbgParameters.java	Tue Jun 14 10:22:07 2016 -0700
@@ -383,6 +383,10 @@
 
         private Instantiation(int strength, Capability capability,
                               byte[] personalizationString) {
+            if (strength < -1) {
+                throw new IllegalArgumentException(
+                        "Illegal security strength: " + strength);
+            }
             this.strength = strength;
             this.capability = capability;
             this.personalizationString = (personalizationString == null) ?
@@ -446,6 +450,10 @@
 
         private NextBytes(int strength, boolean predictionResistance,
                           byte[] additionalInput) {
+            if (strength < -1) {
+                throw new IllegalArgumentException(
+                        "Illegal security strength: " + strength);
+            }
             this.strength = strength;
             this.predictionResistance = predictionResistance;
             this.additionalInput = (additionalInput == null) ?
@@ -502,6 +510,7 @@
      *                              byte array will be copied.
      * @return a new {@code Instantiation} object
      * @throws NullPointerException if {@code capability} is {@code null}
+     * @throws IllegalArgumentException if {@code strength} is less than -1
      */
     public static Instantiation instantiation(int strength,
                                               Capability capability,
@@ -518,6 +527,7 @@
      * @param predictionResistance prediction resistance requested
      * @param additionalInput additional input, can be {@code null}.
      *                        The content of this byte array will be copied.
+     * @throws IllegalArgumentException if {@code strength} is less than -1
      * @return a new {@code NextBytes} object
      */
     public static NextBytes nextBytes(int strength,
--- a/src/java.base/share/classes/jdk/internal/misc/JavaLangModuleAccess.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/src/java.base/share/classes/jdk/internal/misc/JavaLangModuleAccess.java	Tue Jun 14 10:22:07 2016 -0700
@@ -99,7 +99,6 @@
                                          String osName,
                                          String osArch,
                                          String osVersion,
-                                         Set<String> conceals,
                                          Set<String> packages,
                                          ModuleHashes hashes);
 
--- a/src/java.base/share/classes/jdk/internal/module/Builder.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/src/java.base/share/classes/jdk/internal/module/Builder.java	Tue Jun 14 10:22:07 2016 -0700
@@ -66,8 +66,7 @@
     final Set<Requires> requires;
     final Set<Exports> exports;
     final Map<String, Provides> provides;
-    final Set<String> conceals;
-    final int numPackages;
+    Set<String> packages;
     Set<String> uses;
     Version version;
     String mainClass;
@@ -78,14 +77,12 @@
     Map<String, String> hashes;
 
     Builder(String name, int reqs, int exports,
-            int provides, int conceals, int packages) {
+            int provides, int packages) {
         this.name = name;
         this.requires = reqs > 0 ? new HashSet<>(reqs) : Collections.emptySet();
         this.exports  = exports > 0 ? new HashSet<>(exports) : Collections.emptySet();
         this.provides = provides > 0 ? new HashMap<>(provides) : Collections.emptyMap();
-        this.conceals = conceals > 0 ? new HashSet<>(conceals) : Collections.emptySet();
         this.uses = Collections.emptySet();
-        this.numPackages = packages;
     }
 
     /**
@@ -169,18 +166,10 @@
     }
 
     /**
-     * Adds a set of (possible empty) concealed packages.
+     * Adds a set of (possible empty) packages.
      */
-    public Builder conceals(Set<String> packages) {
-        conceals.addAll(packages);
-        return this;
-    }
-
-    /**
-     * Adds a concealed package.
-     */
-    public Builder conceals(String pn) {
-        conceals.add(pn);
+    public Builder packages(Set<String> packages) {
+        this.packages = packages;
         return this;
     }
 
@@ -273,22 +262,6 @@
     }
 
     /**
-     * Returns the set of packages that is the union of the exported and
-     * concealed packages.
-     */
-    private Set<String> computePackages(Set<Exports> exports, Set<String> conceals) {
-        if (exports.isEmpty())
-            return conceals;
-
-        Set<String> pkgs = new HashSet<>(numPackages);
-        pkgs.addAll(conceals);
-        for (Exports e : exports) {
-            pkgs.add(e.source());
-        }
-        return pkgs;
-    }
-
-    /**
      * Builds a {@code ModuleDescriptor} from the components.
      */
     public ModuleDescriptor build() {
@@ -309,8 +282,7 @@
                                         osName,
                                         osArch,
                                         osVersion,
-                                        conceals,
-                                        computePackages(exports, conceals),
+                                        packages,
                                         moduleHashes);
     }
 }
--- a/src/java.base/share/classes/sun/reflect/annotation/TypeNotPresentExceptionProxy.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/src/java.base/share/classes/sun/reflect/annotation/TypeNotPresentExceptionProxy.java	Tue Jun 14 10:22:07 2016 -0700
@@ -46,6 +46,14 @@
         return new TypeNotPresentException(typeName, cause);
     }
 
+    public String typeName() {
+        return typeName;
+    }
+
+    public Throwable getCause() {
+        return cause;
+    }
+
     @Override
     public String toString() {
         return typeName + ".class /* Warning: type not present! */";
--- a/src/java.base/share/classes/sun/security/provider/SHA3.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/src/java.base/share/classes/sun/security/provider/SHA3.java	Tue Jun 14 10:22:07 2016 -0700
@@ -61,14 +61,14 @@
         0x8000000000008080L, 0x80000001L, 0x8000000080008008L,
     };
 
-    private byte[] state;
+    private byte[] state = new byte[WIDTH];
+    private final long[] lanes = new long[DM*DM];
 
     /**
      * Creates a new SHA-3 object.
      */
     SHA3(String name, int digestLength) {
         super(name, digestLength, (WIDTH - (2 * digestLength)));
-        implReset();
     }
 
     /**
@@ -79,7 +79,7 @@
         for (int i = 0; i < buffer.length; i++) {
             state[i] ^= b[ofs++];
         }
-        state = keccak(state);
+        keccak();
     }
 
     /**
@@ -95,7 +95,7 @@
         for (int i = 0; i < buffer.length; i++) {
             state[i] ^= buffer[i];
         }
-        state = keccak(state);
+        keccak();
         System.arraycopy(state, 0, out, ofs, engineGetDigestLength());
     }
 
@@ -103,15 +103,8 @@
      * Resets the internal state to start a new hash.
      */
     void implReset() {
-        state = new byte[WIDTH];
-    }
-
-    /**
-     * Utility function for circular shift the specified long
-     * value to the left for n bits.
-     */
-    private static long circularShiftLeft(long lane, int n) {
-        return ((lane << n) | (lane >>> (64 - n)));
+        Arrays.fill(state, (byte)0);
+        Arrays.fill(lanes, 0L);
     }
 
     /**
@@ -132,115 +125,119 @@
     }
 
     /**
-     * Utility function for transforming the specified state from
-     * the byte array format into array of lanes as defined in
-     * section 3.1.2.
+     * Utility function for transforming the specified byte array 's'
+     * into array of lanes 'm' as defined in section 3.1.2.
      */
-    private static long[][] bytes2Lanes(byte[] s) {
-        if (s.length != WIDTH) {
-            throw new ProviderException("Error: incorrect input size " +
-                s.length);
+    private static void bytes2Lanes(byte[] s, long[] m) {
+        int sOfs = 0;
+        // Conversion traverses along x-axis before y-axis
+        for (int y = 0; y < DM; y++, sOfs += 40) {
+            b2lLittle(s, sOfs, m, DM*y, 40);
         }
-        // The conversion traverses along x-axis before y-axis. So, y is the
-        // first dimension and x is the second dimension.
-        long[][] s2 = new long[DM][DM];
-        int sOfs = 0;
-        for (int y = 0; y < DM; y++, sOfs += 40) {
-            b2lLittle(s, sOfs, s2[y], 0, 40);
-        }
-        return s2;
     }
 
     /**
-     * Utility function for transforming the specified arrays of
-     * lanes into a byte array as defined in section 3.1.3.
+     * Utility function for transforming the specified array of
+     * lanes 'm' into a byte array 's' as defined in section 3.1.3.
      */
-    private static byte[] lanes2Bytes(long[][] m) {
-        byte[] s = new byte[WIDTH];
+    private static void lanes2Bytes(long[] m, byte[] s) {
         int sOfs = 0;
-        // The conversion traverses along x-axis before y-axis. So, y is the
-        // first dimension and x is the second dimension.
+        // Conversion traverses along x-axis before y-axis
         for (int y = 0; y < DM; y++, sOfs += 40) {
-            l2bLittle(m[y], 0, s, sOfs, 40);
+            l2bLittle(m, DM*y, s, sOfs, 40);
         }
-        return s;
     }
 
     /**
      * Step mapping Theta as defined in section 3.2.1 .
      */
-    private static long[][] smTheta(long[][] a) {
-        long[] c = new long[DM];
-        for (int i = 0; i < DM; i++) {
-            c[i] = a[0][i]^a[1][i]^a[2][i]^a[3][i]^a[4][i];
-        }
-        long[] d = new long[DM];
-        for (int i = 0; i < DM; i++) {
-            long c1 = c[(i + 4) % DM];
-            // left shift and wrap the leftmost bit into the rightmost bit
-            long c2 = circularShiftLeft(c[(i + 1) % DM], 1);
-            d[i] = c1^c2;
-        }
-        for (int y = 0; y < DM; y++) {
-            for (int x = 0; x < DM; x++) {
-                a[y][x] ^= d[x];
-            }
+    private static long[] smTheta(long[] a) {
+        long c0 = a[0]^a[5]^a[10]^a[15]^a[20];
+        long c1 = a[1]^a[6]^a[11]^a[16]^a[21];
+        long c2 = a[2]^a[7]^a[12]^a[17]^a[22];
+        long c3 = a[3]^a[8]^a[13]^a[18]^a[23];
+        long c4 = a[4]^a[9]^a[14]^a[19]^a[24];
+        long d0 = c4 ^ Long.rotateLeft(c1, 1);
+        long d1 = c0 ^ Long.rotateLeft(c2, 1);
+        long d2 = c1 ^ Long.rotateLeft(c3, 1);
+        long d3 = c2 ^ Long.rotateLeft(c4, 1);
+        long d4 = c3 ^ Long.rotateLeft(c0, 1);
+        for (int y = 0; y < a.length; y += DM) {
+            a[y] ^= d0;
+            a[y+1] ^= d1;
+            a[y+2] ^= d2;
+            a[y+3] ^= d3;
+            a[y+4] ^= d4;
         }
         return a;
     }
 
     /**
-     * Step mapping Rho as defined in section 3.2.2.
+     * Merged Step mapping Rho (section 3.2.2) and Pi (section 3.2.3).
+     * for performance. Optimization is achieved by precalculating
+     * shift constants for the following loop
+     *   int xNext, yNext;
+     *   for (int t = 0, x = 1, y = 0; t <= 23; t++, x = xNext, y = yNext) {
+     *        int numberOfShift = ((t + 1)*(t + 2)/2) % 64;
+     *        a[y][x] = Long.rotateLeft(a[y][x], numberOfShift);
+     *        xNext = y;
+     *        yNext = (2 * x + 3 * y) % DM;
+     *   }
+     * and with inplace permutation.
      */
-    private static long[][] smRho(long[][] a) {
-        long[][] a2 = new long[DM][DM];
-        a2[0][0] = a[0][0];
-        int xNext, yNext;
-        for (int t = 0, x = 1, y = 0; t <= 23; t++, x = xNext, y = yNext) {
-            int numberOfShift = ((t + 1)*(t + 2)/2) % 64;
-            a2[y][x] = circularShiftLeft(a[y][x], numberOfShift);
-            xNext = y;
-            yNext = (2 * x + 3 * y) % DM;
-        }
-        return a2;
-    }
-
-    /**
-     * Step mapping Pi as defined in section 3.2.3.
-     */
-    private static long[][] smPi(long[][] a) {
-        long[][] a2 = new long[DM][DM];
-        for (int y = 0; y < DM; y++) {
-            for (int x = 0; x < DM; x++) {
-                a2[y][x] = a[x][(x + 3 * y) % DM];
-            }
-        }
-        return a2;
+    private static long[] smPiRho(long[] a) {
+        long tmp = Long.rotateLeft(a[10], 3);
+        a[10] = Long.rotateLeft(a[1], 1);
+        a[1] = Long.rotateLeft(a[6], 44);
+        a[6] = Long.rotateLeft(a[9], 20);
+        a[9] = Long.rotateLeft(a[22], 61);
+        a[22] = Long.rotateLeft(a[14], 39);
+        a[14] = Long.rotateLeft(a[20], 18);
+        a[20] = Long.rotateLeft(a[2], 62);
+        a[2] = Long.rotateLeft(a[12], 43);
+        a[12] = Long.rotateLeft(a[13], 25);
+        a[13] = Long.rotateLeft(a[19], 8);
+        a[19] = Long.rotateLeft(a[23], 56);
+        a[23] = Long.rotateLeft(a[15], 41);
+        a[15] = Long.rotateLeft(a[4], 27);
+        a[4] = Long.rotateLeft(a[24], 14);
+        a[24] = Long.rotateLeft(a[21], 2);
+        a[21] = Long.rotateLeft(a[8], 55);
+        a[8] = Long.rotateLeft(a[16], 45);
+        a[16] = Long.rotateLeft(a[5], 36);
+        a[5] = Long.rotateLeft(a[3], 28);
+        a[3] = Long.rotateLeft(a[18], 21);
+        a[18] = Long.rotateLeft(a[17], 15);
+        a[17] = Long.rotateLeft(a[11], 10);
+        a[11] = Long.rotateLeft(a[7], 6);
+        a[7] = tmp;
+        return a;
     }
 
     /**
      * Step mapping Chi as defined in section 3.2.4.
      */
-    private static long[][] smChi(long[][] a) {
-        long[][] a2 = new long[DM][DM];
-        for (int y = 0; y < DM; y++) {
-            for (int x = 0; x < DM; x++) {
-                a2[y][x] = a[y][x] ^
-                    ((a[y][(x + 1) % DM] ^ 0xFFFFFFFFFFFFFFFFL) &
-                     a[y][(x + 2) % DM]);
-            }
+    private static long[] smChi(long[] a) {
+        for (int y = 0; y < a.length; y+=DM) {
+            long ay0 = a[y];
+            long ay1 = a[y+1];
+            long ay2 = a[y+2];
+            long ay3 = a[y+3];
+            long ay4 = a[y+4];
+            a[y] = ay0 ^ ((~ay1) & ay2);
+            a[y+1] = ay1 ^ ((~ay2) & ay3);
+            a[y+2] = ay2 ^ ((~ay3) & ay4);
+            a[y+3] = ay3 ^ ((~ay4) & ay0);
+            a[y+4] = ay4 ^ ((~ay0) & ay1);
         }
-        return a2;
+        return a;
     }
 
     /**
      * Step mapping Iota as defined in section 3.2.5.
-     *
-     * @return the processed state array
-     * @param state the state array to be processed
      */
-    private static long[][] smIota(long[][] a, int rndIndex) {
-        a[0][0] ^= RC_CONSTANTS[rndIndex];
+    private static long[] smIota(long[] a, int rndIndex) {
+        a[0] ^= RC_CONSTANTS[rndIndex];
         return a;
     }
 
@@ -248,12 +245,15 @@
      * The function Keccak as defined in section 5.2 with
      * rate r = 1600 and capacity c = (digest length x 2).
      */
-    private static byte[] keccak(byte[] state) {
-        long[][] lanes = bytes2Lanes(state);
+    private void keccak() {
+        // convert the 200-byte state into 25 lanes
+        bytes2Lanes(state, lanes);
+        // process the lanes through step mappings
         for (int ir = 0; ir < NR; ir++) {
-            lanes = smIota(smChi(smPi(smRho(smTheta(lanes)))), ir);
+            smIota(smChi(smPiRho(smTheta(lanes))), ir);
         }
-        return lanes2Bytes(lanes);
+        // convert the resulting 25 lanes back into 200-byte state
+        lanes2Bytes(lanes, state);
     }
 
     public Object clone() throws CloneNotSupportedException {
--- a/src/java.base/share/classes/sun/util/locale/LocaleMatcher.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/src/java.base/share/classes/sun/util/locale/LocaleMatcher.java	Tue Jun 14 10:22:07 2016 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2012, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -228,7 +228,8 @@
                     rangeForRegex = rangeForRegex.substring(0, index);
 
                     // if range ends with an extension key, truncate it.
-                    if (rangeForRegex.lastIndexOf('-') == rangeForRegex.length()-2) {
+                    index = rangeForRegex.lastIndexOf('-');
+                    if (index >= 0 && index == rangeForRegex.length()-2) {
                         rangeForRegex =
                             rangeForRegex.substring(0, rangeForRegex.length()-2);
                     }
--- a/src/java.base/share/conf/security/java.security	Fri Jun 10 15:13:40 2016 -0700
+++ b/src/java.base/share/conf/security/java.security	Tue Jun 14 10:22:07 2016 -0700
@@ -33,9 +33,9 @@
 #
 # Each provider must implement a subclass of the Provider class.
 # To register a provider in this master security properties file,
-# specify the Provider subclass name and priority in the format
+# specify the provider and priority in the format
 #
-#    security.provider.<n>=<className>
+#    security.provider.<n>=<provName | className>
 #
 # This declares a provider, and specifies its preference
 # order n. The preference order is the order in which providers are
@@ -43,20 +43,15 @@
 # requested). The order is 1-based; 1 is the most preferred, followed
 # by 2, and so on.
 #
+# <provName> must specify the name of the Provider as passed to its super
+# class java.security.Provider constructor. This is for providers loaded
+# through the ServiceLoader mechanism.
+#
 # <className> must specify the subclass of the Provider class whose
 # constructor sets the values of various properties that are required
 # for the Java Security API to look up the algorithms or other
-# facilities implemented by the provider.
-#
-# There must be at least one provider specification in java.security.
-# There is a default provider that comes standard with the JDK. It
-# is called the "SUN" provider, and its Provider subclass
-# named Sun appears in the sun.security.provider package. Thus, the
-# "SUN" provider is registered via the following:
-#
-#    security.provider.1=sun.security.provider.Sun
-#
-# (The number 1 is used for the default provider.)
+# facilities implemented by the provider. This is for providers loaded
+# through classpath.
 #
 # Note: Providers can be dynamically registered instead by calls to
 # either the addProvider or insertProviderAt method in the Security
--- a/src/java.base/unix/native/libnet/NetworkInterface.c	Fri Jun 10 15:13:40 2016 -0700
+++ b/src/java.base/unix/native/libnet/NetworkInterface.c	Tue Jun 14 10:22:07 2016 -0700
@@ -135,7 +135,8 @@
 #endif
 
 static netif  *addif(JNIEnv *env, int sock, const char *if_name, netif *ifs,
-                     struct sockaddr *ifr_addrP, int family, short prefix);
+                     struct sockaddr *ifr_addrP, struct sockaddr *ifr_broadaddrP,
+                     struct sockaddr *ifr_subnetaddrP, int family, short prefix);
 static void    freeif(netif *ifs);
 
 static int     openSocket(JNIEnv *env, int proto);
@@ -145,6 +146,7 @@
 static struct  sockaddr *getBroadcast(JNIEnv *env, int sock, const char *name,
                                       struct sockaddr *brdcast_store);
 static short   getSubnet(JNIEnv *env, int sock, const char *ifname);
+static short   computeMaskFromAddress(struct sockaddr *ifr_subnetaddrP);
 static int     getIndex(int sock, const char *ifname);
 
 static int     getFlags(int sock, const char *ifname, int *flags);
@@ -864,7 +866,8 @@
 }
 
 netif *addif(JNIEnv *env, int sock, const char *if_name, netif *ifs,
-             struct sockaddr *ifr_addrP, int family, short prefix)
+             struct sockaddr *ifr_addrP, struct sockaddr *ifr_broadaddrP,
+             struct sockaddr *ifr_subnetaddrP, int family, short prefix)
 {
     netif *currif = ifs, *parent;
     netaddr *addrP;
@@ -912,19 +915,30 @@
     addrP->mask = prefix;
     addrP->next = 0;
     if (family == AF_INET) {
-       // Deal with broadcast addr & subnet mask
-       struct sockaddr *brdcast_to =
-              (struct sockaddr *) ((char *)addrP + sizeof(netaddr) + addr_size);
-       addrP->brdcast = getBroadcast(env, sock, name, brdcast_to);
-       if ((*env)->ExceptionCheck(env) == JNI_TRUE) {
-           return ifs;
-       }
-       if ((mask = getSubnet(env, sock, name)) != -1) {
-           addrP->mask = mask;
-       } else if((*env)->ExceptionCheck(env)) {
-           return ifs;
-       }
-     }
+        // Deal with broadcast addr & subnet mask
+        if (ifr_broadaddrP != NULL) {  // just set it, if already known
+            addrP->brdcast =
+                (struct sockaddr *)((char *)addrP + sizeof(netaddr) + addr_size);
+            memcpy(addrP->brdcast, ifr_broadaddrP, addr_size);
+        } else {  // otherwise look it up
+            struct sockaddr *brdcast_to =
+                (struct sockaddr *)((char *)addrP + sizeof(netaddr) + addr_size);
+            addrP->brdcast = getBroadcast(env, sock, name, brdcast_to);
+            if ((*env)->ExceptionCheck(env) == JNI_TRUE) {
+                return ifs;
+            }
+        }
+
+        if (ifr_subnetaddrP != NULL) {  // just compute the mask, if already known
+            addrP->mask = computeMaskFromAddress(ifr_subnetaddrP);
+        } else {   // otherwise look it up
+            if ((mask = getSubnet(env, sock, name)) != -1) {
+                addrP->mask = mask;
+            } else if((*env)->ExceptionCheck(env)) {
+                return ifs;
+            }
+        }
+    }
 
     // Deal with virtual interface with colon notation e.g. eth0:1
     name_colonP = strchr(name, ':');
@@ -1023,6 +1037,20 @@
     return ifs;
 }
 
+static short computeMaskFromAddress(struct sockaddr *ifr_subnetaddrP) {
+    short ret = 0;
+    unsigned int mask;
+
+    mask = ntohl(((struct sockaddr_in*)ifr_subnetaddrP)->sin_addr.s_addr);
+
+    while (mask) {
+       mask <<= 1;
+       ret++;
+    }
+
+    return ret;
+}
+
 /*
  * Opens a socket for further ioct calls. proto is one of AF_INET or AF_INET6.
  */
@@ -1122,13 +1150,43 @@
 
     // Iterate through each interface
     ifreqP = ifc.ifc_req;
+    struct sockaddr addr, broadaddr, netmask;
     for (i = 0; i < ifc.ifc_len / sizeof(struct ifreq); i++, ifreqP++) {
+        struct sockaddr* broadaddrP = NULL;
+        struct sockaddr* subnetaddrP = NULL;
+
+        // Ignore non IPv4 Interfaces
+        if ((struct sockaddr *)&(ifreqP->ifr_addr) != NULL &&
+            ((struct sockaddr *)&(ifreqP->ifr_addr))->sa_family != AF_INET) {
+            continue;
+        }
+
+        memcpy(&addr, &(ifreqP->ifr_addr), sizeof(struct sockaddr));
+
+        // set broadaddrP, if applicable
+        if ((ifreqP->ifr_flags & IFF_POINTOPOINT) == 0 &&
+            ifreqP->ifr_flags & IFF_BROADCAST) {
+
+            if (ioctl(sock, SIOCGIFBRDADDR, ifreqP) == 0) {
+                memcpy(&broadaddr, &(ifreqP->ifr_broadaddr), sizeof(struct sockaddr));
+                broadaddrP = &broadaddr;
+            }
+            // restore the address, for subsequent calls
+            memcpy(&(ifreqP->ifr_addr), &addr, sizeof(struct sockaddr));
+        }
+
+        if (ioctl(sock, SIOCGIFNETMASK, ifreqP) == 0) {
 #if defined(_AIX)
-        if (ifreqP->ifr_addr.sa_family != AF_INET) continue;
+            memcpy(&netmask, &(ifreqP->ifr_addr), sizeof(struct sockaddr));
+#else
+            memcpy(&netmask, &(ifreqP->ifr_netmask), sizeof(struct sockaddr));
 #endif
+            subnetaddrP = &netmask;
+        }
+
         // Add to the list
         ifs = addif(env, sock, ifreqP->ifr_name, ifs,
-                    (struct sockaddr *)&(ifreqP->ifr_addr), AF_INET, 0);
+                    &addr, broadaddrP, subnetaddrP, AF_INET, 0);
 
         // If an exception occurred then free the list
         if ((*env)->ExceptionOccurred(env)) {
@@ -1177,7 +1235,7 @@
             addr.sin6_scope_id = if_idx;
 
             ifs = addif(env, sock, devname, ifs, (struct sockaddr *)&addr,
-                        AF_INET6, (short)prefix);
+                        NULL, NULL, AF_INET6, (short)prefix);
 
             // If an exception occurred then return the list as is.
             if ((*env)->ExceptionOccurred(env)) {
@@ -1261,7 +1319,8 @@
 
         // Add to the list
         ifs = addif(env, sock, ifreqP->ifr_name, ifs,
-                    (struct sockaddr *)&(ifreqP->ifr_addr), AF_INET6, 0);
+                    (struct sockaddr *)&(ifreqP->ifr_addr),
+                    NULL, NULL, AF_INET6, 0);
 
         // If an exception occurred then free the list
         if ((*env)->ExceptionOccurred(env)) {
@@ -1346,14 +1405,7 @@
         return -1;
     }
 
-    mask = ntohl(((struct sockaddr_in*)&(if2.ifr_addr))->sin_addr.s_addr);
-    ret = 0;
-    while (mask) {
-       mask <<= 1;
-       ret++;
-    }
-
-    return ret;
+    return computeMaskFromAddress(&(if2.ifr_addr));
 }
 
 /*
@@ -1595,8 +1647,8 @@
 
         // add to the list
         ifs = addif(env, sock,ifr->lifr_name, ifs,
-                    (struct sockaddr *)&(ifr->lifr_addr), family,
-                    (short)ifr->lifr_addrlen);
+                    (struct sockaddr *)&(ifr->lifr_addr),
+                    NULL, NULL, family, (short)ifr->lifr_addrlen);
 
         // If an exception occurred we return immediately
         if ((*env)->ExceptionOccurred(env)) {
@@ -1674,15 +1726,7 @@
         return -1;
     }
 
-    mask = ntohl(((struct sockaddr_in*)&(if2.lifr_addr))->sin_addr.s_addr);
-    ret = 0;
-
-    while (mask) {
-       mask <<= 1;
-       ret++;
-    }
-
-    return ret;
+    return computeMaskFromAddress(&(if2.lifr_addr));
 }
 
 
@@ -1889,13 +1933,21 @@
     }
 
     for (ifa = origifa; ifa != NULL; ifa = ifa->ifa_next) {
+        struct sockaddr* ifa_broadaddr = NULL;
 
         // Skip non-AF_INET entries.
         if (ifa->ifa_addr == NULL || ifa->ifa_addr->sa_family != AF_INET)
             continue;
 
+        // set ifa_broadaddr, if there is one
+        if ((ifa->ifa_flags & IFF_POINTOPOINT) == 0 &&
+            ifa->ifa_flags & IFF_BROADCAST) {
+            ifa_broadaddr = ifa->ifa_broadaddr;
+        }
+
         // Add to the list.
-        ifs = addif(env, sock, ifa->ifa_name, ifs, ifa->ifa_addr, AF_INET, 0);
+        ifs = addif(env, sock, ifa->ifa_name, ifs, ifa->ifa_addr,
+                    ifa_broadaddr, ifa->ifa_netmask, AF_INET, 0);
 
         // If an exception occurred then free the list.
         if ((*env)->ExceptionOccurred(env)) {
@@ -1971,8 +2023,9 @@
 
         // Add to the list.
         sin6 = (struct sockaddr_in6 *)&ifr6.ifr_addr;
-        ifs = addif(env, sock, ifa->ifa_name, ifs, ifa->ifa_addr, AF_INET6,
-            (short)prefix(&sin6->sin6_addr, sizeof(struct in6_addr)));
+        ifs = addif(env, sock, ifa->ifa_name, ifs, ifa->ifa_addr, NULL, NULL,
+                    AF_INET6,
+                    (short)prefix(&sin6->sin6_addr, sizeof(struct in6_addr)));
 
         // If an exception occurred then free the list.
         if ((*env)->ExceptionOccurred(env)) {
@@ -2059,14 +2112,7 @@
         return -1;
     }
 
-    mask = ntohl(((struct sockaddr_in*)&(if2.ifr_addr))->sin_addr.s_addr);
-    ret = 0;
-    while (mask) {
-       mask <<= 1;
-       ret++;
-    }
-
-    return ret;
+    return computeMaskFromAddress(&(if2.ifr_addr));
 }
 
 /*
--- a/src/java.desktop/macosx/classes/com/apple/eawt/Application.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/src/java.desktop/macosx/classes/com/apple/eawt/Application.java	Tue Jun 14 10:22:07 2016 -0700
@@ -372,7 +372,6 @@
      * Acceptable values are from 0 to 100, any other disables progress indication.
      *
      * @param value progress value
-     * @since 1.9
      */
     public void setDockIconProgress(final int value) {
         iconHandler.setDockIconProgress(value);
--- a/src/java.httpclient/share/classes/sun/net/httpclient/hpack/HeaderTable.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/src/java.httpclient/share/classes/sun/net/httpclient/hpack/HeaderTable.java	Tue Jun 14 10:22:07 2016 -0700
@@ -310,14 +310,14 @@
 
         @Override
         public int hashCode() {
-            return 31 * (name.hashCode()) + value.hashCode();
+            return 31 * name.hashCode() + value.hashCode();
         }
     }
 
     //
-    // In order to be able to find an index of an entry with the given contents
-    // in the dynamic table an effective inverse mapping is needed. Here's a
-    // simple idea behind such a mapping.
+    // To quickly find an index of an entry in the dynamic table with the given
+    // contents an effective inverse mapping is needed. Here's a simple idea
+    // behind such a mapping.
     //
     // # The problem:
     //
@@ -325,21 +325,21 @@
     //
     //     get: index -> x
     //
-    // What we also want is an O(1) reverse lookup:
+    // What we want is an O(1) reverse lookup:
     //
     //     indexOf: x -> index
     //
     // # Solution:
     //
-    // Let's store an inverse mapping as a Map<X, Integer>. This have a problem
-    // that when a new element is added to the queue all indexes in the map
-    // becomes invalid. Namely, each i becomes shifted by 1 to the right:
+    // Let's store an inverse mapping in a Map<x, Integer>. This have a problem
+    // that when a new element is added to the queue, all indexes in the map
+    // become invalid. Namely, the new element is assigned with an index of 1,
+    // and each index i, i > 1 becomes shifted by 1 to the left:
     //
-    //     i -> i + 1
+    //     1, 1, 2, 3, ... , n-1, n
     //
-    // And the new element is assigned with an index of 1. This would seem to
-    // require a pass through the map incrementing all indexes (map values) by
-    // 1, which is O(n).
+    // Re-establishing the invariant would seem to require a pass through the
+    // map incrementing all indexes (map values) by 1, which is O(n).
     //
     // The good news is we can do much better then this!
     //
@@ -373,7 +373,7 @@
     //
     // Where 'recalibrate()' goes through the table doing this:
     //
-    //  value -= counter
+    //     value -= counter
     //
     // That's given, of course, the size of the table itself is less than
     // Long.MAX_VALUE :-)
--- a/src/java.logging/share/classes/java/util/logging/Formatter.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/src/java.logging/share/classes/java/util/logging/Formatter.java	Tue Jun 14 10:22:07 2016 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -101,23 +101,23 @@
      * formatting.
      * <ul>
      * <li>If there are no parameters, no formatter is used.
-     * <li>Otherwise, if the string contains "{0" then
-     *     java.text.MessageFormat  is used to format the string.
+     * <li>Otherwise, if the string contains "{{@literal<digit>}"
+     *     where {@literal <digit>} is in [0-9],
+     *     java.text.MessageFormat is used to format the string.
      * <li>Otherwise no formatting is performed.
      * </ul>
      *
      * @param  record  the log record containing the raw message
      * @return   a localized and formatted message
      */
-    public synchronized String formatMessage(LogRecord record) {
+    public String formatMessage(LogRecord record) {
         String format = record.getMessage();
         java.util.ResourceBundle catalog = record.getResourceBundle();
         if (catalog != null) {
             try {
-                format = catalog.getString(record.getMessage());
+                format = catalog.getString(format);
             } catch (java.util.MissingResourceException ex) {
                 // Drop through.  Use record message as format
-                format = record.getMessage();
             }
         }
         // Do the formatting.
@@ -130,11 +130,16 @@
             // Is it a java.text style format?
             // Ideally we could match with
             // Pattern.compile("\\{\\d").matcher(format).find())
-            // However the cost is 14% higher, so we cheaply check for
-            // 1 of the first 4 parameters
-            if (format.indexOf("{0") >= 0 || format.indexOf("{1") >=0 ||
-                        format.indexOf("{2") >=0|| format.indexOf("{3") >=0) {
-                return java.text.MessageFormat.format(format, parameters);
+            // However the cost is 14% higher, so we cheaply use indexOf
+            // and charAt to look for that pattern.
+            int index = -1;
+            int fence = format.length() - 1;
+            while ((index = format.indexOf('{', index+1)) > -1) {
+                if (index >= fence) break;
+                char digit = format.charAt(index+1);
+                if (digit >= '0' & digit <= '9') {
+                   return java.text.MessageFormat.format(format, parameters);
+                }
             }
             return format;
 
--- a/src/java.logging/share/classes/java/util/logging/SimpleFormatter.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/src/java.logging/share/classes/java/util/logging/SimpleFormatter.java	Tue Jun 14 10:22:07 2016 -0700
@@ -153,7 +153,7 @@
      * @return a formatted log record
      */
     @Override
-    public synchronized String format(LogRecord record) {
+    public String format(LogRecord record) {
         ZonedDateTime zdt = ZonedDateTime.ofInstant(
                 record.getInstant(), ZoneId.systemDefault());
         String source;
--- a/src/java.prefs/macosx/classes/java/util/prefs/MacOSXPreferences.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/src/java.prefs/macosx/classes/java/util/prefs/MacOSXPreferences.java	Tue Jun 14 10:22:07 2016 -0700
@@ -44,27 +44,39 @@
     private final String path;
 
     // User root and system root nodes
-    private static MacOSXPreferences userRoot = null;
-    private static MacOSXPreferences systemRoot = null;
+    private static volatile MacOSXPreferences userRoot;
+    private static volatile MacOSXPreferences systemRoot;
 
 
     // Returns user root node, creating it if necessary.
     // Called by MacOSXPreferencesFactory
-    static synchronized Preferences getUserRoot() {
-        if (userRoot == null) {
-            userRoot = new MacOSXPreferences(true);
+    static Preferences getUserRoot() {
+        MacOSXPreferences root = userRoot;
+        if (root == null) {
+            synchronized (MacOSXPreferences.class) {
+                root = userRoot;
+                if (root == null) {
+                    userRoot = root = new MacOSXPreferences(true);
+                }
+            }
         }
-        return userRoot;
+        return root;
     }
 
 
     // Returns system root node, creating it if necessary.
     // Called by MacOSXPreferencesFactory
-    static synchronized Preferences getSystemRoot() {
-        if (systemRoot == null) {
-            systemRoot = new MacOSXPreferences(false);
+    static Preferences getSystemRoot() {
+        MacOSXPreferences root = systemRoot;
+        if (root == null) {
+            synchronized (MacOSXPreferences.class) {
+                root = systemRoot;
+                if (root == null) {
+                    systemRoot = root = new MacOSXPreferences(false);
+                }
+            }
         }
-        return systemRoot;
+        return root;
     }
 
 
--- a/src/java.prefs/unix/classes/java/util/prefs/FileSystemPreferences.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/src/java.prefs/unix/classes/java/util/prefs/FileSystemPreferences.java	Tue Jun 14 10:22:07 2016 -0700
@@ -94,14 +94,20 @@
    /**
      * The user root.
      */
-    static Preferences userRoot = null;
+    private static volatile Preferences userRoot;
 
-    static synchronized Preferences getUserRoot() {
-        if (userRoot == null) {
-            setupUserRoot();
-            userRoot = new FileSystemPreferences(true);
+    static Preferences getUserRoot() {
+        Preferences root = userRoot;
+        if (root == null) {
+            synchronized (FileSystemPreferences.class) {
+                root = userRoot;
+                if (root == null) {
+                    setupUserRoot();
+                    userRoot = root = new FileSystemPreferences(true);
+                }
+            }
         }
-        return userRoot;
+        return root;
     }
 
     private static void setupUserRoot() {
@@ -155,14 +161,20 @@
     /**
      * The system root.
      */
-    static Preferences systemRoot;
+    private static volatile Preferences systemRoot;
 
-    static synchronized Preferences getSystemRoot() {
-        if (systemRoot == null) {
-            setupSystemRoot();
-            systemRoot = new FileSystemPreferences(false);
+    static Preferences getSystemRoot() {
+        Preferences root = systemRoot;
+        if (root == null) {
+            synchronized (FileSystemPreferences.class) {
+                root = systemRoot;
+                if (root == null) {
+                    setupSystemRoot();
+                    systemRoot = root = new FileSystemPreferences(false);
+                }
+            }
         }
-        return systemRoot;
+        return root;
     }
 
     private static void setupSystemRoot() {
--- a/src/java.prefs/windows/classes/java/util/prefs/WindowsPreferences.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/src/java.prefs/windows/classes/java/util/prefs/WindowsPreferences.java	Tue Jun 14 10:22:07 2016 -0700
@@ -91,14 +91,40 @@
     /**
      * User root node.
      */
-    static final Preferences userRoot =
-         new WindowsPreferences(USER_ROOT_NATIVE_HANDLE, WINDOWS_ROOT_PATH);
+    private static volatile Preferences userRoot;
+
+    static Preferences getUserRoot() {
+        Preferences root = userRoot;
+        if (root == null) {
+            synchronized (WindowsPreferences.class) {
+                root = userRoot;
+                if (root == null) {
+                    root = new WindowsPreferences(USER_ROOT_NATIVE_HANDLE, WINDOWS_ROOT_PATH);
+                    userRoot = root;
+                }
+            }
+        }
+        return root;
+    }
 
     /**
      * System root node.
      */
-    static final Preferences systemRoot =
-        new WindowsPreferences(SYSTEM_ROOT_NATIVE_HANDLE, WINDOWS_ROOT_PATH);
+    private static volatile Preferences systemRoot;
+
+    static Preferences getSystemRoot() {
+        Preferences root = systemRoot;
+        if (root == null) {
+            synchronized (WindowsPreferences.class) {
+                root = systemRoot;
+                if (root == null) {
+                    root = new WindowsPreferences(SYSTEM_ROOT_NATIVE_HANDLE, WINDOWS_ROOT_PATH);
+                    systemRoot = root;
+                }
+            }
+        }
+        return root;
+    }
 
     /*  Windows error codes. */
     private static final int ERROR_SUCCESS = 0;
--- a/src/java.prefs/windows/classes/java/util/prefs/WindowsPreferencesFactory.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/src/java.prefs/windows/classes/java/util/prefs/WindowsPreferencesFactory.java	Tue Jun 14 10:22:07 2016 -0700
@@ -39,13 +39,13 @@
      * Returns WindowsPreferences.userRoot
      */
     public Preferences userRoot() {
-        return WindowsPreferences.userRoot;
+        return WindowsPreferences.getUserRoot();
     }
 
     /**
      * Returns WindowsPreferences.systemRoot
      */
     public Preferences systemRoot() {
-        return WindowsPreferences.systemRoot;
+        return WindowsPreferences.getSystemRoot();
     }
 }
--- a/src/jdk.crypto.ucrypto/solaris/native/libj2ucrypto/nativeCrypto.c	Fri Jun 10 15:13:40 2016 -0700
+++ b/src/jdk.crypto.ucrypto/solaris/native/libj2ucrypto/nativeCrypto.c	Tue Jun 14 10:22:07 2016 -0700
@@ -28,7 +28,6 @@
 #include <strings.h>
 #include <jni.h>
 #include "jni_util.h"
-#include <libsoftcrypto.h>
 #include "nativeCrypto.h"
 #include "nativeFunc.h"
 
--- a/src/jdk.crypto.ucrypto/solaris/native/libj2ucrypto/nativeCrypto.h	Fri Jun 10 15:13:40 2016 -0700
+++ b/src/jdk.crypto.ucrypto/solaris/native/libj2ucrypto/nativeCrypto.h	Tue Jun 14 10:22:07 2016 -0700
@@ -23,12 +23,38 @@
  * questions.
  */
 
+#include <libsoftcrypto.h> // redirects to libucrypto.h starting 11.3
+
 #ifndef _Included_com_oracle_security_ucrypto_NativeCrypto
 #define _Included_com_oracle_security_ucrypto_NativeCrypto
 #ifdef __cplusplus
 extern "C" {
 #endif
 
+// used by nativeCrypto.c
+#ifdef _LIBUCRYPTO_H // workaround for Solaris bug; see 8157627
+#define CK_AES_CTR_PARAMS    crypto_ctr_params_t
+#define ulCounterBits    ct_ctr_bits
+#define cb        ct_cb
+
+#define CK_AES_CCM_PARAMS    crypto_ccm_params_t
+#define ulMACSize    cc_mac_size
+#define ulNonceSize    cc_nonce_size
+#define ulAuthDataSize    cc_auth_data_size
+#define ulDataSize    cc_data_size
+#define nonce        cc_nonce
+#define authData    cc_auth_data
+
+#define CK_AES_GCM_PARAMS    crypto_gcm_params_t
+#define pIv        gc_iv
+#define ulIvLen        gc_iv_len
+#define ulIvBits    gc_iv_bits
+#define pAAD        gc_aad
+#define ulAADLen    gc_aad_len
+#define ulTagBits    gc_tag_bits
+#endif
+
+// used by nativeCryptoMD.c
 #undef com_oracle_security_ucrypto_NativeDigestMD_MECH_MD5
 #define com_oracle_security_ucrypto_NativeDigestMD_MECH_MD5 1L
 #undef com_oracle_security_ucrypto_NativeDigestMD_MECH_SHA1
--- a/src/jdk.crypto.ucrypto/solaris/native/libj2ucrypto/nativeCryptoMD.c	Fri Jun 10 15:13:40 2016 -0700
+++ b/src/jdk.crypto.ucrypto/solaris/native/libj2ucrypto/nativeCryptoMD.c	Tue Jun 14 10:22:07 2016 -0700
@@ -28,7 +28,6 @@
 #include <strings.h>
 #include <jni.h>
 #include "jni_util.h"
-#include <libsoftcrypto.h>
 #include "nativeCrypto.h"
 #include "nativeFunc.h"
 
--- a/src/jdk.crypto.ucrypto/solaris/native/libj2ucrypto/nativeFunc.h	Fri Jun 10 15:13:40 2016 -0700
+++ b/src/jdk.crypto.ucrypto/solaris/native/libj2ucrypto/nativeFunc.h	Tue Jun 14 10:22:07 2016 -0700
@@ -28,7 +28,7 @@
 #include <md5.h>
 #include <sha1.h>
 #include <sha2.h>
-#include <libsoftcrypto.h>
+#include <libsoftcrypto.h> // redirects to libucrypto.h starting 11.3
 
 jboolean* loadNative();
 
--- a/src/jdk.crypto.ucrypto/solaris/native/libj2ucrypto/sys_old/crypto/common.h	Fri Jun 10 15:13:40 2016 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,637 +0,0 @@
-/*
- * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-#ifndef _SYS_CRYPTO_COMMON_H
-#define _SYS_CRYPTO_COMMON_H
-
-/*
- * Header file for the common data structures of the cryptographic framework
- */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#include <sys/types.h>
-#include <sys/uio.h>
-#include <sys/stream.h>
-#include <sys/mutex.h>
-#include <sys/condvar.h>
-
-/* Convenience defines/macros */
-
-#define CRYPTO_ARG_INPLACE(input, output)    \
-    if ((output) == NULL)        \
-        (output) = (input);
-
-#ifdef _KERNEL
-
-#include <sys/kmem.h>
-#define CRYPTO_KMFLAG(x)        crypto_kmflag((x))
-#define CRYPTO_ALLOC(sz, kmflag)        kmem_alloc((sz), (kmflag))
-#define CRYPTO_ZALLOC(sz, kmflag)        kmem_zalloc((sz), (kmflag))
-#define CRYPTO_FREE(ptr, sz)        kmem_free((ptr), (sz))
-#define CRYPTO_ZFREE(ptr, sz)        if (ptr != NULL) { \
-                                         bzero((ptr), (sz)), \
-                                         kmem_free((ptr), (sz)); \
-                                     }
-
-#else /* _KERNEL */
-
-#include <malloc.h>
-#define    CRYPTO_KMFLAG(x)        (0)
-#define    CRYPTO_ALLOC(sz, kmflag)        malloc((sz))
-#define    CRYPTO_ZALLOC(sz, kmflag)        calloc(1, (sz))
-#define    CRYPTO_FREE(ptr, sz)        free((ptr))
-#define    CRYPTO_ZFREE(ptr, sz)        if (ptr != NULL) { \
-                                         bzero((ptr), (sz)), \
-                                         free((ptr)); \
-                                     }
-
-#endif /* _KERNEL */
-
-/* Cryptographic Mechanisms */
-
-#define    CRYPTO_MAX_MECH_NAME 32
-typedef char crypto_mech_name_t[CRYPTO_MAX_MECH_NAME];
-
-typedef uint64_t crypto_mech_type_t;
-
-typedef struct crypto_mechanism {
-    crypto_mech_type_t    cm_type;    /* mechanism type */
-    caddr_t            cm_param;    /* mech. parameter */
-    size_t            cm_param_len;    /* mech. parameter len */
-} crypto_mechanism_t;
-
-#ifdef  _SYSCALL32
-
-typedef struct crypto_mechanism32 {
-    crypto_mech_type_t    cm_type;    /* mechanism type */
-    caddr32_t        cm_param;    /* mech. parameter */
-    size32_t        cm_param_len;   /* mech. parameter len */
-} crypto_mechanism32_t;
-
-#endif  /* _SYSCALL32 */
-
-#ifdef _KERNEL
-/* CK_AES_CTR_PARAMS provides parameters to the CKM_AES_CTR mechanism */
-typedef struct CK_AES_CTR_PARAMS {
-    ulong_t    ulCounterBits;
-    uint8_t cb[16];
-} CK_AES_CTR_PARAMS;
-#endif
-
-/* CK_AES_CCM_PARAMS provides parameters to the CKM_AES_CCM mechanism */
-typedef struct CK_AES_CCM_PARAMS {
-    ulong_t ulMACSize;
-    ulong_t ulNonceSize;
-    ulong_t ulAuthDataSize;
-    ulong_t ulDataSize; /* used for plaintext or ciphertext */
-    uchar_t *nonce;
-    uchar_t *authData;
-} CK_AES_CCM_PARAMS;
-
-/* CK_AES_GCM_PARAMS provides parameters to the CKM_AES_GCM mechanism */
-typedef struct CK_AES_GCM_PARAMS {
-    uchar_t *pIv;
-    ulong_t ulIvLen;
-    ulong_t ulIvBits;
-    uchar_t *pAAD;
-    ulong_t ulAADLen;
-    ulong_t ulTagBits;
-} CK_AES_GCM_PARAMS;
-
-/* CK_AES_GMAC_PARAMS provides parameters to the CKM_AES_GMAC mechanism */
-typedef struct CK_AES_GMAC_PARAMS {
-    uchar_t *pIv;
-    uchar_t *pAAD;
-    ulong_t ulAADLen;
-} CK_AES_GMAC_PARAMS;
-
-#ifdef _KERNEL
-/*
- * CK_ECDH1_DERIVE_PARAMS provides the parameters to the
- * CKM_ECDH1_KEY_DERIVE mechanism
- */
-typedef struct CK_ECDH1_DERIVE_PARAMS {
-    ulong_t        kdf;
-    ulong_t        ulSharedDataLen;
-    uchar_t        *pSharedData;
-    ulong_t        ulPublicDataLen;
-    uchar_t        *pPublicData;
-} CK_ECDH1_DERIVE_PARAMS;
-#endif
-
-#ifdef _KERNEL
-#ifdef  _SYSCALL32
-
-/* needed for 32-bit applications running on 64-bit kernels */
-typedef struct CK_AES_CTR_PARAMS32 {
-    uint32_t ulCounterBits;
-    uint8_t cb[16];
-} CK_AES_CTR_PARAMS32;
-
-/* needed for 32-bit applications running on 64-bit kernels */
-typedef struct CK_AES_CCM_PARAMS32 {
-    uint32_t ulMACSize;
-    uint32_t ulNonceSize;
-    uint32_t ulAuthDataSize;
-    uint32_t ulDataSize;
-    caddr32_t nonce;
-    caddr32_t authData;
-} CK_AES_CCM_PARAMS32;
-
-/* needed for 32-bit applications running on 64-bit kernels */
-typedef struct CK_AES_GCM_PARAMS32 {
-    caddr32_t pIv;
-    uint32_t ulIvLen;
-    uint32_t ulIvBits;
-    caddr32_t pAAD;
-    uint32_t ulAADLen;
-    uint32_t ulTagBits;
-} CK_AES_GCM_PARAMS32;
-
-/* needed for 32-bit applications running on 64-bit kernels */
-typedef struct CK_AES_GMAC_PARAMS32 {
-    caddr32_t pIv;
-    caddr32_t pAAD;
-    uint32_t ulAADLen;
-} CK_AES_GMAC_PARAMS32;
-
-typedef struct CK_ECDH1_DERIVE_PARAMS32 {
-    uint32_t    kdf;
-    uint32_t    ulSharedDataLen;
-    caddr32_t    pSharedData;
-    uint32_t    ulPublicDataLen;
-    caddr32_t    pPublicData;
-} CK_ECDH1_DERIVE_PARAMS32;
-
-#endif  /* _SYSCALL32 */
-#endif /* _KERNEL */
-
-/*
- * The measurement unit bit flag for a mechanism's minimum or maximum key size.
- * The unit are mechanism dependent.  It can be in bits or in bytes.
- */
-typedef uint32_t crypto_keysize_unit_t;
-
-/*
- * The following bit flags are valid in cm_mech_flags field in
- * the crypto_mech_info_t structure of the SPI.
- *
- * Only the first two bit flags are valid in mi_keysize_unit
- * field in the crypto_mechanism_info_t structure of the API.
- */
-#define    CRYPTO_KEYSIZE_UNIT_IN_BITS    0x00000001
-#define    CRYPTO_KEYSIZE_UNIT_IN_BYTES    0x00000002
-#define    CRYPTO_CAN_SHARE_OPSTATE    0x00000004 /* supports sharing */
-
-
-/* Mechanisms supported out-of-the-box */
-#define    SUN_CKM_MD4            "CKM_MD4"
-#define    SUN_CKM_MD5            "CKM_MD5"
-#define    SUN_CKM_MD5_HMAC        "CKM_MD5_HMAC"
-#define    SUN_CKM_MD5_HMAC_GENERAL    "CKM_MD5_HMAC_GENERAL"
-#define    SUN_CKM_SHA1            "CKM_SHA_1"
-#define    SUN_CKM_SHA1_HMAC        "CKM_SHA_1_HMAC"
-#define    SUN_CKM_SHA1_HMAC_GENERAL    "CKM_SHA_1_HMAC_GENERAL"
-#define    SUN_CKM_SHA256            "CKM_SHA256"
-#define    SUN_CKM_SHA256_HMAC        "CKM_SHA256_HMAC"
-#define    SUN_CKM_SHA256_HMAC_GENERAL    "CKM_SHA256_HMAC_GENERAL"
-#define    SUN_CKM_SHA384            "CKM_SHA384"
-#define    SUN_CKM_SHA384_HMAC        "CKM_SHA384_HMAC"
-#define    SUN_CKM_SHA384_HMAC_GENERAL    "CKM_SHA384_HMAC_GENERAL"
-#define    SUN_CKM_SHA512            "CKM_SHA512"
-#define    SUN_CKM_SHA512_HMAC        "CKM_SHA512_HMAC"
-#define    SUN_CKM_SHA512_HMAC_GENERAL    "CKM_SHA512_HMAC_GENERAL"
-#define    SUN_CKM_DES_CBC            "CKM_DES_CBC"
-#define    SUN_CKM_DES3_CBC        "CKM_DES3_CBC"
-#define    SUN_CKM_DES_ECB            "CKM_DES_ECB"
-#define    SUN_CKM_DES3_ECB        "CKM_DES3_ECB"
-#define    SUN_CKM_BLOWFISH_CBC        "CKM_BLOWFISH_CBC"
-#define    SUN_CKM_BLOWFISH_ECB        "CKM_BLOWFISH_ECB"
-#define    SUN_CKM_AES_CBC            "CKM_AES_CBC"
-#define    SUN_CKM_AES_ECB            "CKM_AES_ECB"
-#define    SUN_CKM_AES_CTR            "CKM_AES_CTR"
-#define    SUN_CKM_AES_CCM            "CKM_AES_CCM"
-#define    SUN_CKM_AES_GCM            "CKM_AES_GCM"
-#define    SUN_CKM_AES_GMAC        "CKM_AES_GMAC"
-#define    SUN_CKM_AES_CFB128        "CKM_AES_CFB128"
-#define    SUN_CKM_RC4            "CKM_RC4"
-#define    SUN_CKM_RSA_PKCS        "CKM_RSA_PKCS"
-#define    SUN_CKM_RSA_X_509        "CKM_RSA_X_509"
-#define    SUN_CKM_MD5_RSA_PKCS        "CKM_MD5_RSA_PKCS"
-#define    SUN_CKM_SHA1_RSA_PKCS        "CKM_SHA1_RSA_PKCS"
-#define    SUN_CKM_SHA256_RSA_PKCS        "CKM_SHA256_RSA_PKCS"
-#define    SUN_CKM_SHA384_RSA_PKCS        "CKM_SHA384_RSA_PKCS"
-#define    SUN_CKM_SHA512_RSA_PKCS        "CKM_SHA512_RSA_PKCS"
-#define    SUN_CKM_EC_KEY_PAIR_GEN        "CKM_EC_KEY_PAIR_GEN"
-#define    SUN_CKM_ECDH1_DERIVE        "CKM_ECDH1_DERIVE"
-#define    SUN_CKM_ECDSA_SHA1        "CKM_ECDSA_SHA1"
-#define    SUN_CKM_ECDSA            "CKM_ECDSA"
-
-/* Shared operation context format for CKM_RC4 */
-typedef struct {
-#if defined(__amd64)
-    uint32_t    i, j;
-    uint32_t    arr[256];
-    uint32_t    flag;
-#else
-    uchar_t        arr[256];
-    uchar_t        i, j;
-#endif /* __amd64 */
-    uint64_t    pad;        /* For 64-bit alignment */
-} arcfour_state_t;
-
-/* Data arguments of cryptographic operations */
-
-typedef enum crypto_data_format {
-    CRYPTO_DATA_RAW = 1,
-    CRYPTO_DATA_UIO,
-    CRYPTO_DATA_MBLK
-} crypto_data_format_t;
-
-typedef struct crypto_data {
-    crypto_data_format_t    cd_format;    /* Format identifier    */
-    off_t            cd_offset;    /* Offset from the beginning */
-    size_t            cd_length;    /* # of bytes in use */
-    caddr_t            cd_miscdata;    /* ancillary data */
-    union {
-        /* Raw format */
-        iovec_t cdu_raw;        /* Pointer and length        */
-
-        /* uio scatter-gather format */
-        uio_t    *cdu_uio;
-
-        /* mblk scatter-gather format */
-        mblk_t    *cdu_mp;        /* The mblk chain */
-
-    } cdu;    /* Crypto Data Union */
-} crypto_data_t;
-
-#define    cd_raw        cdu.cdu_raw
-#define    cd_uio        cdu.cdu_uio
-#define    cd_mp        cdu.cdu_mp
-
-#define    CRYPTO_SET_RAW_DATA(var, str, len)    \
-    (var).cd_format = CRYPTO_DATA_RAW;    \
-    (var).cd_offset = 0;            \
-    (var).cd_length = (len);        \
-    (var).cd_miscdata = NULL;        \
-    (var).cd_raw.iov_base = (caddr_t)(str);    \
-    (var).cd_raw.iov_len = (len);
-
-#define    CRYPTO_DATA_IS_USERSPACE(buf) \
-    ((buf->cd_format == CRYPTO_DATA_UIO && \
-    buf->cd_uio->uio_segflg == UIO_USERSPACE))
-
-typedef struct crypto_dual_data {
-    crypto_data_t        dd_data;    /* The data */
-    off_t            dd_offset2;    /* Used by dual operation */
-    size_t            dd_len2;    /* # of bytes to take    */
-} crypto_dual_data_t;
-
-#define    dd_format    dd_data.cd_format
-#define    dd_offset1    dd_data.cd_offset
-#define    dd_len1        dd_data.cd_length
-#define    dd_miscdata    dd_data.cd_miscdata
-#define    dd_raw        dd_data.cd_raw
-#define    dd_uio        dd_data.cd_uio
-#define    dd_mp        dd_data.cd_mp
-
-/* The keys, and their contents */
-
-typedef enum {
-    CRYPTO_KEY_RAW = 1,    /* ck_data is a cleartext key */
-    CRYPTO_KEY_REFERENCE,    /* ck_obj_id is an opaque reference */
-    CRYPTO_KEY_ATTR_LIST    /* ck_attrs is a list of object attributes */
-} crypto_key_format_t;
-
-typedef uint64_t crypto_attr_type_t;
-
-/* Attribute types to use for passing a RSA public key or a private key. */
-#define    SUN_CKA_MODULUS            0x00000120
-#define    SUN_CKA_MODULUS_BITS        0x00000121
-#define    SUN_CKA_PUBLIC_EXPONENT        0x00000122
-#define    SUN_CKA_PRIVATE_EXPONENT    0x00000123
-#define    SUN_CKA_PRIME_1            0x00000124
-#define    SUN_CKA_PRIME_2            0x00000125
-#define    SUN_CKA_EXPONENT_1        0x00000126
-#define    SUN_CKA_EXPONENT_2        0x00000127
-#define    SUN_CKA_COEFFICIENT        0x00000128
-#define    SUN_CKA_PRIME            0x00000130
-#define    SUN_CKA_SUBPRIME        0x00000131
-#define    SUN_CKA_BASE            0x00000132
-
-#define    CKK_EC            0x00000003
-#define    CKK_GENERIC_SECRET    0x00000010
-#define    CKK_RC4            0x00000012
-#define    CKK_AES            0x0000001F
-#define    CKK_DES            0x00000013
-#define    CKK_DES2        0x00000014
-#define    CKK_DES3        0x00000015
-
-#define    CKO_PUBLIC_KEY        0x00000002
-#define    CKO_PRIVATE_KEY        0x00000003
-#define    CKA_CLASS        0x00000000
-#define    CKA_VALUE        0x00000011
-#define    CKA_KEY_TYPE        0x00000100
-#define    CKA_VALUE_LEN        0x00000161
-#define    CKA_EC_PARAMS        0x00000180
-#define    CKA_EC_POINT        0x00000181
-
-typedef uint32_t    crypto_object_id_t;
-
-typedef struct crypto_object_attribute {
-    crypto_attr_type_t    oa_type;    /* attribute type */
-    caddr_t            oa_value;    /* attribute value */
-    ssize_t            oa_value_len;    /* length of attribute value */
-} crypto_object_attribute_t;
-
-typedef struct crypto_key {
-    crypto_key_format_t    ck_format;    /* format identifier */
-    union {
-        /* for CRYPTO_KEY_RAW ck_format */
-        struct {
-            uint_t    cku_v_length;    /* # of bits in ck_data   */
-            void    *cku_v_data;    /* ptr to key value */
-        } cku_key_value;
-
-        /* for CRYPTO_KEY_REFERENCE ck_format */
-        crypto_object_id_t cku_key_id;    /* reference to object key */
-
-        /* for CRYPTO_KEY_ATTR_LIST ck_format */
-        struct {
-            uint_t cku_a_count;    /* number of attributes */
-            crypto_object_attribute_t *cku_a_oattr;
-        } cku_key_attrs;
-    } cku_data;                /* Crypto Key union */
-} crypto_key_t;
-
-#ifdef  _SYSCALL32
-
-typedef struct crypto_object_attribute32 {
-    uint64_t    oa_type;    /* attribute type */
-    caddr32_t    oa_value;    /* attribute value */
-    ssize32_t    oa_value_len;    /* length of attribute value */
-} crypto_object_attribute32_t;
-
-typedef struct crypto_key32 {
-    crypto_key_format_t    ck_format;    /* format identifier */
-    union {
-        /* for CRYPTO_KEY_RAW ck_format */
-        struct {
-            uint32_t cku_v_length;    /* # of bytes in ck_data */
-            caddr32_t cku_v_data;    /* ptr to key value */
-        } cku_key_value;
-
-        /* for CRYPTO_KEY_REFERENCE ck_format */
-        crypto_object_id_t cku_key_id; /* reference to object key */
-
-        /* for CRYPTO_KEY_ATTR_LIST ck_format */
-        struct {
-            uint32_t cku_a_count;    /* number of attributes */
-            caddr32_t cku_a_oattr;
-        } cku_key_attrs;
-    } cku_data;                /* Crypto Key union */
-} crypto_key32_t;
-
-#endif  /* _SYSCALL32 */
-
-#define    ck_data        cku_data.cku_key_value.cku_v_data
-#define    ck_length    cku_data.cku_key_value.cku_v_length
-#define    ck_obj_id    cku_data.cku_key_id
-#define    ck_count    cku_data.cku_key_attrs.cku_a_count
-#define    ck_attrs    cku_data.cku_key_attrs.cku_a_oattr
-
-/*
- * Raw key lengths are expressed in number of bits.
- * The following macro returns the minimum number of
- * bytes that can contain the specified number of bits.
- * Round up without overflowing the integer type.
- */
-#define    CRYPTO_BITS2BYTES(n) ((n) == 0 ? 0 : (((n) - 1) >> 3) + 1)
-#define    CRYPTO_BYTES2BITS(n) ((n) << 3)
-
-/* Providers */
-
-typedef enum {
-    CRYPTO_HW_PROVIDER = 0,
-    CRYPTO_SW_PROVIDER,
-    CRYPTO_LOGICAL_PROVIDER
-} crypto_provider_type_t;
-
-typedef uint32_t     crypto_provider_id_t;
-#define    KCF_PROVID_INVALID    ((uint32_t)-1)
-
-typedef struct crypto_provider_entry {
-    crypto_provider_id_t    pe_provider_id;
-    uint_t            pe_mechanism_count;
-} crypto_provider_entry_t;
-
-typedef struct crypto_dev_list_entry {
-    char            le_dev_name[MAXNAMELEN];
-    uint_t            le_dev_instance;
-    uint_t            le_mechanism_count;
-} crypto_dev_list_entry_t;
-
-/* User type for authentication ioctls and SPI entry points */
-
-typedef enum crypto_user_type {
-    CRYPTO_SO = 0,
-    CRYPTO_USER
-} crypto_user_type_t;
-
-/* Version for provider management ioctls and SPI entry points */
-
-typedef struct crypto_version {
-    uchar_t    cv_major;
-    uchar_t    cv_minor;
-} crypto_version_t;
-
-/* session data structure opaque to the consumer */
-typedef void *crypto_session_t;
-
-/* provider data structure opaque to the consumer */
-typedef void *crypto_provider_t;
-
-/* Limits used by both consumers and providers */
-#define    CRYPTO_EXT_SIZE_LABEL        32
-#define    CRYPTO_EXT_SIZE_MANUF        32
-#define    CRYPTO_EXT_SIZE_MODEL        16
-#define    CRYPTO_EXT_SIZE_SERIAL        16
-#define    CRYPTO_EXT_SIZE_TIME        16
-
-typedef struct crypto_provider_ext_info {
-    uchar_t            ei_label[CRYPTO_EXT_SIZE_LABEL];
-    uchar_t            ei_manufacturerID[CRYPTO_EXT_SIZE_MANUF];
-    uchar_t            ei_model[CRYPTO_EXT_SIZE_MODEL];
-    uchar_t            ei_serial_number[CRYPTO_EXT_SIZE_SERIAL];
-    ulong_t            ei_flags;
-    ulong_t            ei_max_session_count;
-    ulong_t            ei_max_pin_len;
-    ulong_t            ei_min_pin_len;
-    ulong_t            ei_total_public_memory;
-    ulong_t            ei_free_public_memory;
-    ulong_t            ei_total_private_memory;
-    ulong_t            ei_free_private_memory;
-    crypto_version_t    ei_hardware_version;
-    crypto_version_t    ei_firmware_version;
-    uchar_t            ei_time[CRYPTO_EXT_SIZE_TIME];
-    int            ei_hash_max_input_len;
-    int            ei_hmac_max_input_len;
-} crypto_provider_ext_info_t;
-
-typedef uint_t        crypto_session_id_t;
-
-typedef enum cmd_type {
-    COPY_FROM_DATA,
-    COPY_TO_DATA,
-    COMPARE_TO_DATA,
-    MD5_DIGEST_DATA,
-    SHA1_DIGEST_DATA,
-    SHA2_DIGEST_DATA,
-    GHASH_DATA
-} cmd_type_t;
-
-#define    CRYPTO_DO_UPDATE    0x01
-#define    CRYPTO_DO_FINAL        0x02
-#define    CRYPTO_DO_MD5        0x04
-#define    CRYPTO_DO_SHA1        0x08
-#define    CRYPTO_DO_SIGN        0x10
-#define    CRYPTO_DO_VERIFY    0x20
-#define    CRYPTO_DO_SHA2        0x40
-
-#define    PROVIDER_OWNS_KEY_SCHEDULE    0x00000001
-
-/*
- * Common cryptographic status and error codes.
- */
-#define    CRYPTO_SUCCESS                0x00000000
-#define    CRYPTO_CANCEL                0x00000001
-#define    CRYPTO_HOST_MEMORY            0x00000002
-#define    CRYPTO_GENERAL_ERROR            0x00000003
-#define    CRYPTO_FAILED                0x00000004
-#define    CRYPTO_ARGUMENTS_BAD            0x00000005
-#define    CRYPTO_ATTRIBUTE_READ_ONLY        0x00000006
-#define    CRYPTO_ATTRIBUTE_SENSITIVE        0x00000007
-#define    CRYPTO_ATTRIBUTE_TYPE_INVALID        0x00000008
-#define    CRYPTO_ATTRIBUTE_VALUE_INVALID        0x00000009
-#define    CRYPTO_CANCELED                0x0000000A
-#define    CRYPTO_DATA_INVALID            0x0000000B
-#define    CRYPTO_DATA_LEN_RANGE            0x0000000C
-#define    CRYPTO_DEVICE_ERROR            0x0000000D
-#define    CRYPTO_DEVICE_MEMORY            0x0000000E
-#define    CRYPTO_DEVICE_REMOVED            0x0000000F
-#define    CRYPTO_ENCRYPTED_DATA_INVALID        0x00000010
-#define    CRYPTO_ENCRYPTED_DATA_LEN_RANGE        0x00000011
-#define    CRYPTO_KEY_HANDLE_INVALID        0x00000012
-#define    CRYPTO_KEY_SIZE_RANGE            0x00000013
-#define    CRYPTO_KEY_TYPE_INCONSISTENT        0x00000014
-#define    CRYPTO_KEY_NOT_NEEDED            0x00000015
-#define    CRYPTO_KEY_CHANGED            0x00000016
-#define    CRYPTO_KEY_NEEDED            0x00000017
-#define    CRYPTO_KEY_INDIGESTIBLE            0x00000018
-#define    CRYPTO_KEY_FUNCTION_NOT_PERMITTED    0x00000019
-#define    CRYPTO_KEY_NOT_WRAPPABLE        0x0000001A
-#define    CRYPTO_KEY_UNEXTRACTABLE        0x0000001B
-#define    CRYPTO_MECHANISM_INVALID        0x0000001C
-#define    CRYPTO_MECHANISM_PARAM_INVALID        0x0000001D
-#define    CRYPTO_OBJECT_HANDLE_INVALID        0x0000001E
-#define    CRYPTO_OPERATION_IS_ACTIVE        0x0000001F
-#define    CRYPTO_OPERATION_NOT_INITIALIZED    0x00000020
-#define    CRYPTO_PIN_INCORRECT            0x00000021
-#define    CRYPTO_PIN_INVALID            0x00000022
-#define    CRYPTO_PIN_LEN_RANGE            0x00000023
-#define    CRYPTO_PIN_EXPIRED            0x00000024
-#define    CRYPTO_PIN_LOCKED            0x00000025
-#define    CRYPTO_SESSION_CLOSED            0x00000026
-#define    CRYPTO_SESSION_COUNT            0x00000027
-#define    CRYPTO_SESSION_HANDLE_INVALID        0x00000028
-#define    CRYPTO_SESSION_READ_ONLY        0x00000029
-#define    CRYPTO_SESSION_EXISTS            0x0000002A
-#define    CRYPTO_SESSION_READ_ONLY_EXISTS        0x0000002B
-#define    CRYPTO_SESSION_READ_WRITE_SO_EXISTS    0x0000002C
-#define    CRYPTO_SIGNATURE_INVALID        0x0000002D
-#define    CRYPTO_SIGNATURE_LEN_RANGE        0x0000002E
-#define    CRYPTO_TEMPLATE_INCOMPLETE        0x0000002F
-#define    CRYPTO_TEMPLATE_INCONSISTENT        0x00000030
-#define    CRYPTO_UNWRAPPING_KEY_HANDLE_INVALID    0x00000031
-#define    CRYPTO_UNWRAPPING_KEY_SIZE_RANGE    0x00000032
-#define    CRYPTO_UNWRAPPING_KEY_TYPE_INCONSISTENT    0x00000033
-#define    CRYPTO_USER_ALREADY_LOGGED_IN        0x00000034
-#define    CRYPTO_USER_NOT_LOGGED_IN        0x00000035
-#define    CRYPTO_USER_PIN_NOT_INITIALIZED        0x00000036
-#define    CRYPTO_USER_TYPE_INVALID        0x00000037
-#define    CRYPTO_USER_ANOTHER_ALREADY_LOGGED_IN    0x00000038
-#define    CRYPTO_USER_TOO_MANY_TYPES        0x00000039
-#define    CRYPTO_WRAPPED_KEY_INVALID        0x0000003A
-#define    CRYPTO_WRAPPED_KEY_LEN_RANGE        0x0000003B
-#define    CRYPTO_WRAPPING_KEY_HANDLE_INVALID    0x0000003C
-#define    CRYPTO_WRAPPING_KEY_SIZE_RANGE        0x0000003D
-#define    CRYPTO_WRAPPING_KEY_TYPE_INCONSISTENT    0x0000003E
-#define    CRYPTO_RANDOM_SEED_NOT_SUPPORTED    0x0000003F
-#define    CRYPTO_RANDOM_NO_RNG            0x00000040
-#define    CRYPTO_DOMAIN_PARAMS_INVALID        0x00000041
-#define    CRYPTO_BUFFER_TOO_SMALL            0x00000042
-#define    CRYPTO_INFORMATION_SENSITIVE        0x00000043
-#define    CRYPTO_NOT_SUPPORTED            0x00000044
-
-#define    CRYPTO_QUEUED                0x00000045
-#define    CRYPTO_BUFFER_TOO_BIG            0x00000046
-#define    CRYPTO_INVALID_CONTEXT            0x00000047
-#define    CRYPTO_INVALID_MAC            0x00000048
-#define    CRYPTO_MECH_NOT_SUPPORTED        0x00000049
-#define    CRYPTO_INCONSISTENT_ATTRIBUTE        0x0000004A
-#define    CRYPTO_NO_PERMISSION            0x0000004B
-#define    CRYPTO_INVALID_PROVIDER_ID        0x0000004C
-#define    CRYPTO_VERSION_MISMATCH            0x0000004D
-#define    CRYPTO_BUSY                0x0000004E
-#define    CRYPTO_UNKNOWN_PROVIDER            0x0000004F
-#define    CRYPTO_MODVERIFICATION_FAILED        0x00000050
-#define    CRYPTO_OLD_CTX_TEMPLATE            0x00000051
-#define    CRYPTO_WEAK_KEY                0x00000052
-#define    CRYPTO_FIPS140_ERROR            0x00000053
-/*
- * Don't forget to update CRYPTO_LAST_ERROR and the error_number_table[]
- * in kernelUtil.c when new error code is added.
- */
-#define    CRYPTO_LAST_ERROR            0x00000053
-
-/*
- * Special values that can be used to indicate that information is unavailable
- * or that there is not practical limit. These values can be used
- * by fields of the SPI crypto_provider_ext_info(9S) structure.
- * The value of CRYPTO_UNAVAILABLE_INFO should be the same as
- * CK_UNAVAILABLE_INFO in the PKCS#11 spec.
- */
-#define    CRYPTO_UNAVAILABLE_INFO        ((ulong_t)(-1))
-#define    CRYPTO_EFFECTIVELY_INFINITE    0x0
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* _SYS_CRYPTO_COMMON_H */
--- a/src/jdk.crypto.ucrypto/solaris/native/libj2ucrypto/sys_old/crypto/spi.h	Fri Jun 10 15:13:40 2016 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,791 +0,0 @@
-/*
- * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-#ifndef _SYS_CRYPTO_SPI_H
-#define    _SYS_CRYPTO_SPI_H
-
-/*
- * CSPI: Cryptographic Service Provider Interface.
- */
-
-#include <sys/types.h>
-#include <sys/crypto/common.h>
-
-#ifdef    __cplusplus
-extern "C" {
-#endif
-
-#ifdef    _KERNEL
-#include <sys/dditypes.h>
-#include <sys/ddi.h>
-#include <sys/kmem.h>
-
-#define    CRYPTO_SPI_VERSION_1    1
-#define    CRYPTO_SPI_VERSION_2    2
-#define    CRYPTO_SPI_VERSION_3    3
-#define    CRYPTO_SPI_VERSION_4    4
-#define    CRYPTO_SPI_VERSION_5    5
-
-#define    CRYPTO_OPS_OFFSET(f)        offsetof(crypto_ops_t, co_##f)
-#define    CRYPTO_PROVIDER_OFFSET(f)    \
-    offsetof(crypto_provider_management_ops_t, f)
-#define    CRYPTO_OBJECT_OFFSET(f)        offsetof(crypto_object_ops_t, f)
-#define    CRYPTO_SESSION_OFFSET(f)    offsetof(crypto_session_ops_t, f)
-
-#endif
-
-/*
- * Provider-private handle. This handle is specified by a provider
- * when it registers by means of the pi_provider_handle field of
- * the crypto_provider_info structure, and passed to the provider
- * when its entry points are invoked.
- */
-typedef void *crypto_provider_handle_t;
-
-/*
- * Context templates can be used to by software providers to pre-process
- * keying material, such as key schedules. They are allocated by
- * a software provider create_ctx_template(9E) entry point, and passed
- * as argument to initialization and atomic provider entry points.
- */
-typedef void *crypto_spi_ctx_template_t;
-
-/*
- * Request handles are used by the kernel to identify an asynchronous
- * request being processed by a provider. It is passed by the kernel
- * to a hardware provider when submitting a request, and must be
- * specified by a provider when calling crypto_op_notification(9F)
- */
-typedef void *crypto_req_handle_t;
-
-/*
- * The context structure is passed from kcf to a provider in kernel and
- * internally in libsoftcrypto between ucrypto and the algorithm.
- * It contains the information needed to process a multi-part or
- * single part operation. The context structure is not used
- * by atomic operations.
- *
- * Parameters needed to perform a cryptographic operation, such
- * as keys, mechanisms, input and output buffers, are passed
- * as separate arguments to Provider routines.
- */
-typedef struct crypto_ctx {
-    crypto_provider_handle_t cc_provider;
-    crypto_session_id_t    cc_session;
-    void            *cc_provider_private;    /* owned by provider */
-    void            *cc_framework_private;    /* owned by framework */
-    uint32_t        cc_flags;        /* flags */
-    void            *cc_opstate;        /* state */
-} crypto_ctx_t;
-
-#ifdef    _KERNEL
-
-/* Values for cc_flags field */
-#define    CRYPTO_INIT_OPSTATE    0x00000001 /* allocate and init cc_opstate */
-#define    CRYPTO_USE_OPSTATE    0x00000002 /* .. start using it as context */
-
-/*
- * Extended provider information.
- */
-
-/*
- * valid values for ei_flags field of extended info structure
- * They match the RSA Security, Inc PKCS#11 tokenInfo flags.
- */
-#define    CRYPTO_EXTF_RNG                    0x00000001
-#define    CRYPTO_EXTF_WRITE_PROTECTED            0x00000002
-#define    CRYPTO_EXTF_LOGIN_REQUIRED            0x00000004
-#define    CRYPTO_EXTF_USER_PIN_INITIALIZED        0x00000008
-#define    CRYPTO_EXTF_CLOCK_ON_TOKEN            0x00000040
-#define    CRYPTO_EXTF_PROTECTED_AUTHENTICATION_PATH    0x00000100
-#define    CRYPTO_EXTF_DUAL_CRYPTO_OPERATIONS        0x00000200
-#define    CRYPTO_EXTF_TOKEN_INITIALIZED            0x00000400
-#define    CRYPTO_EXTF_USER_PIN_COUNT_LOW            0x00010000
-#define    CRYPTO_EXTF_USER_PIN_FINAL_TRY            0x00020000
-#define    CRYPTO_EXTF_USER_PIN_LOCKED            0x00040000
-#define    CRYPTO_EXTF_USER_PIN_TO_BE_CHANGED        0x00080000
-#define    CRYPTO_EXTF_SO_PIN_COUNT_LOW            0x00100000
-#define    CRYPTO_EXTF_SO_PIN_FINAL_TRY            0x00200000
-#define    CRYPTO_EXTF_SO_PIN_LOCKED            0x00400000
-#define    CRYPTO_EXTF_SO_PIN_TO_BE_CHANGED        0x00800000
-
-/*
- * The crypto_control_ops structure contains pointers to control
- * operations for cryptographic providers.  It is passed through
- * the crypto_ops(9S) structure when providers register with the
- * kernel using crypto_register_provider(9F).
- */
-typedef struct crypto_control_ops {
-    void (*provider_status)(crypto_provider_handle_t, uint_t *);
-} crypto_control_ops_t;
-
-/*
- * The crypto_ctx_ops structure contains points to context and context
- * templates management operations for cryptographic providers. It is
- * passed through the crypto_ops(9S) structure when providers register
- * with the kernel using crypto_register_provider(9F).
- */
-typedef struct crypto_ctx_ops {
-    int (*create_ctx_template)(crypto_provider_handle_t,
-        crypto_mechanism_t *, crypto_key_t *,
-        crypto_spi_ctx_template_t *, size_t *, crypto_req_handle_t);
-    int (*free_context)(crypto_ctx_t *);
-} crypto_ctx_ops_t;
-
-/*
- * The crypto_digest_ops structure contains pointers to digest
- * operations for cryptographic providers.  It is passed through
- * the crypto_ops(9S) structure when providers register with the
- * kernel using crypto_register_provider(9F).
- */
-typedef struct crypto_digest_ops {
-    int (*digest_init)(crypto_ctx_t *, crypto_mechanism_t *,
-        crypto_req_handle_t);
-    int (*digest)(crypto_ctx_t *, crypto_data_t *, crypto_data_t *,
-        crypto_req_handle_t);
-    int (*digest_update)(crypto_ctx_t *, crypto_data_t *,
-        crypto_req_handle_t);
-    int (*digest_key)(crypto_ctx_t *, crypto_key_t *, crypto_req_handle_t);
-    int (*digest_final)(crypto_ctx_t *, crypto_data_t *,
-        crypto_req_handle_t);
-    int (*digest_atomic)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_mechanism_t *, crypto_data_t *,
-        crypto_data_t *, crypto_req_handle_t);
-} crypto_digest_ops_t;
-
-/*
- * The crypto_cipher_ops structure contains pointers to encryption
- * and decryption operations for cryptographic providers.  It is
- * passed through the crypto_ops(9S) structure when providers register
- * with the kernel using crypto_register_provider(9F).
- */
-typedef struct crypto_cipher_ops {
-    int (*encrypt_init)(crypto_ctx_t *,
-        crypto_mechanism_t *, crypto_key_t *,
-        crypto_spi_ctx_template_t, crypto_req_handle_t);
-    int (*encrypt)(crypto_ctx_t *,
-        crypto_data_t *, crypto_data_t *, crypto_req_handle_t);
-    int (*encrypt_update)(crypto_ctx_t *,
-        crypto_data_t *, crypto_data_t *, crypto_req_handle_t);
-    int (*encrypt_final)(crypto_ctx_t *,
-        crypto_data_t *, crypto_req_handle_t);
-    int (*encrypt_atomic)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_mechanism_t *, crypto_key_t *, crypto_data_t *,
-        crypto_data_t *, crypto_spi_ctx_template_t, crypto_req_handle_t);
-
-    int (*decrypt_init)(crypto_ctx_t *,
-        crypto_mechanism_t *, crypto_key_t *,
-        crypto_spi_ctx_template_t, crypto_req_handle_t);
-    int (*decrypt)(crypto_ctx_t *,
-        crypto_data_t *, crypto_data_t *, crypto_req_handle_t);
-    int (*decrypt_update)(crypto_ctx_t *,
-        crypto_data_t *, crypto_data_t *, crypto_req_handle_t);
-    int (*decrypt_final)(crypto_ctx_t *,
-        crypto_data_t *, crypto_req_handle_t);
-    int (*decrypt_atomic)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_mechanism_t *, crypto_key_t *, crypto_data_t *,
-        crypto_data_t *, crypto_spi_ctx_template_t, crypto_req_handle_t);
-} crypto_cipher_ops_t;
-
-/*
- * The crypto_mac_ops structure contains pointers to MAC
- * operations for cryptographic providers.  It is passed through
- * the crypto_ops(9S) structure when providers register with the
- * kernel using crypto_register_provider(9F).
- */
-typedef struct crypto_mac_ops {
-    int (*mac_init)(crypto_ctx_t *,
-        crypto_mechanism_t *, crypto_key_t *,
-        crypto_spi_ctx_template_t, crypto_req_handle_t);
-    int (*mac)(crypto_ctx_t *,
-        crypto_data_t *, crypto_data_t *, crypto_req_handle_t);
-    int (*mac_update)(crypto_ctx_t *,
-        crypto_data_t *, crypto_req_handle_t);
-    int (*mac_final)(crypto_ctx_t *,
-        crypto_data_t *, crypto_req_handle_t);
-    int (*mac_atomic)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_mechanism_t *, crypto_key_t *, crypto_data_t *,
-        crypto_data_t *, crypto_spi_ctx_template_t,
-        crypto_req_handle_t);
-    int (*mac_verify_atomic)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_mechanism_t *, crypto_key_t *, crypto_data_t *,
-        crypto_data_t *, crypto_spi_ctx_template_t,
-        crypto_req_handle_t);
-} crypto_mac_ops_t;
-
-/*
- * The crypto_sign_ops structure contains pointers to signing
- * operations for cryptographic providers.  It is passed through
- * the crypto_ops(9S) structure when providers register with the
- * kernel using crypto_register_provider(9F).
- */
-typedef struct crypto_sign_ops {
-    int (*sign_init)(crypto_ctx_t *,
-        crypto_mechanism_t *, crypto_key_t *, crypto_spi_ctx_template_t,
-        crypto_req_handle_t);
-    int (*sign)(crypto_ctx_t *,
-        crypto_data_t *, crypto_data_t *, crypto_req_handle_t);
-    int (*sign_update)(crypto_ctx_t *,
-        crypto_data_t *, crypto_req_handle_t);
-    int (*sign_final)(crypto_ctx_t *,
-        crypto_data_t *, crypto_req_handle_t);
-    int (*sign_atomic)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_mechanism_t *, crypto_key_t *, crypto_data_t *,
-        crypto_data_t *, crypto_spi_ctx_template_t,
-        crypto_req_handle_t);
-    int (*sign_recover_init)(crypto_ctx_t *, crypto_mechanism_t *,
-        crypto_key_t *, crypto_spi_ctx_template_t,
-        crypto_req_handle_t);
-    int (*sign_recover)(crypto_ctx_t *,
-        crypto_data_t *, crypto_data_t *, crypto_req_handle_t);
-    int (*sign_recover_atomic)(crypto_provider_handle_t,
-        crypto_session_id_t, crypto_mechanism_t *, crypto_key_t *,
-        crypto_data_t *, crypto_data_t *, crypto_spi_ctx_template_t,
-        crypto_req_handle_t);
-} crypto_sign_ops_t;
-
-/*
- * The crypto_verify_ops structure contains pointers to verify
- * operations for cryptographic providers.  It is passed through
- * the crypto_ops(9S) structure when providers register with the
- * kernel using crypto_register_provider(9F).
- */
-typedef struct crypto_verify_ops {
-    int (*verify_init)(crypto_ctx_t *,
-        crypto_mechanism_t *, crypto_key_t *, crypto_spi_ctx_template_t,
-        crypto_req_handle_t);
-    int (*verify)(crypto_ctx_t *,
-        crypto_data_t *, crypto_data_t *, crypto_req_handle_t);
-    int (*verify_update)(crypto_ctx_t *,
-        crypto_data_t *, crypto_req_handle_t);
-    int (*verify_final)(crypto_ctx_t *,
-        crypto_data_t *, crypto_req_handle_t);
-    int (*verify_atomic)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_mechanism_t *, crypto_key_t *, crypto_data_t *,
-        crypto_data_t *, crypto_spi_ctx_template_t,
-        crypto_req_handle_t);
-    int (*verify_recover_init)(crypto_ctx_t *, crypto_mechanism_t *,
-        crypto_key_t *, crypto_spi_ctx_template_t,
-        crypto_req_handle_t);
-    int (*verify_recover)(crypto_ctx_t *,
-        crypto_data_t *, crypto_data_t *, crypto_req_handle_t);
-    int (*verify_recover_atomic)(crypto_provider_handle_t,
-        crypto_session_id_t, crypto_mechanism_t *, crypto_key_t *,
-        crypto_data_t *, crypto_data_t *, crypto_spi_ctx_template_t,
-        crypto_req_handle_t);
-} crypto_verify_ops_t;
-
-/*
- * The crypto_dual_ops structure contains pointers to dual
- * cipher and sign/verify operations for cryptographic providers.
- * It is passed through the crypto_ops(9S) structure when
- * providers register with the kernel using
- * crypto_register_provider(9F).
- */
-typedef struct crypto_dual_ops {
-    int (*digest_encrypt_update)(
-        crypto_ctx_t *, crypto_ctx_t *, crypto_data_t *,
-        crypto_data_t *, crypto_req_handle_t);
-    int (*decrypt_digest_update)(
-        crypto_ctx_t *, crypto_ctx_t *, crypto_data_t *,
-        crypto_data_t *, crypto_req_handle_t);
-    int (*sign_encrypt_update)(
-        crypto_ctx_t *, crypto_ctx_t *, crypto_data_t *,
-        crypto_data_t *, crypto_req_handle_t);
-    int (*decrypt_verify_update)(
-        crypto_ctx_t *, crypto_ctx_t *, crypto_data_t *,
-        crypto_data_t *, crypto_req_handle_t);
-} crypto_dual_ops_t;
-
-/*
- * The crypto_dual_cipher_mac_ops structure contains pointers to dual
- * cipher and MAC operations for cryptographic providers.
- * It is passed through the crypto_ops(9S) structure when
- * providers register with the kernel using
- * crypto_register_provider(9F).
- */
-typedef struct crypto_dual_cipher_mac_ops {
-    int (*encrypt_mac_init)(crypto_ctx_t *,
-        crypto_mechanism_t *, crypto_key_t *, crypto_mechanism_t *,
-        crypto_key_t *, crypto_spi_ctx_template_t,
-        crypto_spi_ctx_template_t, crypto_req_handle_t);
-    int (*encrypt_mac)(crypto_ctx_t *,
-        crypto_data_t *, crypto_dual_data_t *, crypto_data_t *,
-        crypto_req_handle_t);
-    int (*encrypt_mac_update)(crypto_ctx_t *,
-        crypto_data_t *, crypto_dual_data_t *, crypto_req_handle_t);
-    int (*encrypt_mac_final)(crypto_ctx_t *,
-        crypto_dual_data_t *, crypto_data_t *, crypto_req_handle_t);
-    int (*encrypt_mac_atomic)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_mechanism_t *, crypto_key_t *, crypto_mechanism_t *,
-        crypto_key_t *, crypto_data_t *, crypto_dual_data_t *,
-        crypto_data_t *, crypto_spi_ctx_template_t,
-        crypto_spi_ctx_template_t, crypto_req_handle_t);
-
-    int (*mac_decrypt_init)(crypto_ctx_t *,
-        crypto_mechanism_t *, crypto_key_t *, crypto_mechanism_t *,
-        crypto_key_t *, crypto_spi_ctx_template_t,
-        crypto_spi_ctx_template_t, crypto_req_handle_t);
-    int (*mac_decrypt)(crypto_ctx_t *,
-        crypto_dual_data_t *, crypto_data_t *, crypto_data_t *,
-        crypto_req_handle_t);
-    int (*mac_decrypt_update)(crypto_ctx_t *,
-        crypto_dual_data_t *, crypto_data_t *, crypto_req_handle_t);
-    int (*mac_decrypt_final)(crypto_ctx_t *,
-        crypto_data_t *, crypto_data_t *, crypto_req_handle_t);
-    int (*mac_decrypt_atomic)(crypto_provider_handle_t,
-        crypto_session_id_t, crypto_mechanism_t *, crypto_key_t *,
-        crypto_mechanism_t *, crypto_key_t *, crypto_dual_data_t *,
-        crypto_data_t *, crypto_data_t *, crypto_spi_ctx_template_t,
-        crypto_spi_ctx_template_t, crypto_req_handle_t);
-    int (*mac_verify_decrypt_atomic)(crypto_provider_handle_t,
-        crypto_session_id_t, crypto_mechanism_t *, crypto_key_t *,
-        crypto_mechanism_t *, crypto_key_t *, crypto_dual_data_t *,
-        crypto_data_t *, crypto_data_t *, crypto_spi_ctx_template_t,
-        crypto_spi_ctx_template_t, crypto_req_handle_t);
-} crypto_dual_cipher_mac_ops_t;
-
-/*
- * The crypto_random_number_ops structure contains pointers to random
- * number operations for cryptographic providers.  It is passed through
- * the crypto_ops(9S) structure when providers register with the
- * kernel using crypto_register_provider(9F).
- */
-typedef struct crypto_random_number_ops {
-    int (*seed_random)(crypto_provider_handle_t, crypto_session_id_t,
-        uchar_t *, size_t, uint_t, uint32_t, crypto_req_handle_t);
-    int (*generate_random)(crypto_provider_handle_t, crypto_session_id_t,
-        uchar_t *, size_t, crypto_req_handle_t);
-} crypto_random_number_ops_t;
-
-/*
- * Flag values for seed_random.
- */
-#define    CRYPTO_SEED_NOW        0x00000001
-
-/*
- * The crypto_session_ops structure contains pointers to session
- * operations for cryptographic providers.  It is passed through
- * the crypto_ops(9S) structure when providers register with the
- * kernel using crypto_register_provider(9F).
- */
-typedef struct crypto_session_ops {
-    int (*session_open)(crypto_provider_handle_t, crypto_session_id_t *,
-        crypto_req_handle_t);
-    int (*session_close)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_req_handle_t);
-    int (*session_login)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_user_type_t, char *, size_t, crypto_req_handle_t);
-    int (*session_logout)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_req_handle_t);
-} crypto_session_ops_t;
-
-/*
- * The crypto_object_ops structure contains pointers to object
- * operations for cryptographic providers.  It is passed through
- * the crypto_ops(9S) structure when providers register with the
- * kernel using crypto_register_provider(9F).
- */
-typedef struct crypto_object_ops {
-    int (*object_create)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_object_attribute_t *, uint_t, crypto_object_id_t *,
-        crypto_req_handle_t);
-    int (*object_copy)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_object_id_t, crypto_object_attribute_t *, uint_t,
-        crypto_object_id_t *, crypto_req_handle_t);
-    int (*object_destroy)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_object_id_t, crypto_req_handle_t);
-    int (*object_get_size)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_object_id_t, size_t *, crypto_req_handle_t);
-    int (*object_get_attribute_value)(crypto_provider_handle_t,
-        crypto_session_id_t, crypto_object_id_t,
-        crypto_object_attribute_t *, uint_t, crypto_req_handle_t);
-    int (*object_set_attribute_value)(crypto_provider_handle_t,
-        crypto_session_id_t, crypto_object_id_t,
-        crypto_object_attribute_t *,  uint_t, crypto_req_handle_t);
-    int (*object_find_init)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_object_attribute_t *, uint_t, void **,
-        crypto_req_handle_t);
-    int (*object_find)(crypto_provider_handle_t, void *,
-        crypto_object_id_t *, uint_t, uint_t *, crypto_req_handle_t);
-    int (*object_find_final)(crypto_provider_handle_t, void *,
-        crypto_req_handle_t);
-} crypto_object_ops_t;
-
-/*
- * The crypto_key_ops structure contains pointers to key
- * operations for cryptographic providers.  It is passed through
- * the crypto_ops(9S) structure when providers register with the
- * kernel using crypto_register_provider(9F).
- */
-typedef struct crypto_key_ops {
-    int (*key_generate)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_mechanism_t *, crypto_object_attribute_t *, uint_t,
-        crypto_object_id_t *, crypto_req_handle_t);
-    int (*key_generate_pair)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_mechanism_t *, crypto_object_attribute_t *, uint_t,
-        crypto_object_attribute_t *, uint_t, crypto_object_id_t *,
-        crypto_object_id_t *, crypto_req_handle_t);
-    int (*key_wrap)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_mechanism_t *, crypto_key_t *, crypto_object_id_t *,
-        uchar_t *, size_t *, crypto_req_handle_t);
-    int (*key_unwrap)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_mechanism_t *, crypto_key_t *, uchar_t *, size_t *,
-        crypto_object_attribute_t *, uint_t,
-        crypto_object_id_t *, crypto_req_handle_t);
-    int (*key_derive)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_mechanism_t *, crypto_key_t *, crypto_object_attribute_t *,
-        uint_t, crypto_object_id_t *, crypto_req_handle_t);
-    int (*key_check)(crypto_provider_handle_t, crypto_mechanism_t *,
-        crypto_key_t *);
-} crypto_key_ops_t;
-
-/*
- * The crypto_provider_management_ops structure contains pointers
- * to management operations for cryptographic providers.  It is passed
- * through the crypto_ops(9S) structure when providers register with the
- * kernel using crypto_register_provider(9F).
- */
-typedef struct crypto_provider_management_ops {
-    int (*ext_info)(crypto_provider_handle_t,
-        crypto_provider_ext_info_t *, crypto_req_handle_t);
-    int (*init_token)(crypto_provider_handle_t, char *, size_t,
-        char *, crypto_req_handle_t);
-    int (*init_pin)(crypto_provider_handle_t, crypto_session_id_t,
-        char *, size_t, crypto_req_handle_t);
-    int (*set_pin)(crypto_provider_handle_t, crypto_session_id_t,
-        char *, size_t, char *, size_t, crypto_req_handle_t);
-} crypto_provider_management_ops_t;
-
-typedef struct crypto_mech_ops {
-    int (*copyin_mechanism)(crypto_provider_handle_t,
-        crypto_mechanism_t *, crypto_mechanism_t *, int *, int);
-    int (*copyout_mechanism)(crypto_provider_handle_t,
-        crypto_mechanism_t *, crypto_mechanism_t *, int *, int);
-    int (*free_mechanism)(crypto_provider_handle_t, crypto_mechanism_t *);
-} crypto_mech_ops_t;
-
-typedef struct crypto_nostore_key_ops {
-    int (*nostore_key_generate)(crypto_provider_handle_t,
-        crypto_session_id_t, crypto_mechanism_t *,
-        crypto_object_attribute_t *, uint_t, crypto_object_attribute_t *,
-        uint_t, crypto_req_handle_t);
-    int (*nostore_key_generate_pair)(crypto_provider_handle_t,
-        crypto_session_id_t, crypto_mechanism_t *,
-        crypto_object_attribute_t *, uint_t, crypto_object_attribute_t *,
-        uint_t, crypto_object_attribute_t *, uint_t,
-        crypto_object_attribute_t *, uint_t, crypto_req_handle_t);
-    int (*nostore_key_derive)(crypto_provider_handle_t, crypto_session_id_t,
-        crypto_mechanism_t *, crypto_key_t *, crypto_object_attribute_t *,
-        uint_t, crypto_object_attribute_t *, uint_t, crypto_req_handle_t);
-} crypto_nostore_key_ops_t;
-
-/*
- * crypto_fips140_ops provides a function for FIPS 140 Power-On Self Test for
- * those providers that are part of the Cryptographic Framework bounday.  See
- * crypto_fips140_ops(9s) for details.
- */
-typedef struct crypto_fips140_ops {
-    void (*fips140_post)(int *);
-} crypto_fips140_ops_t;
-
-/*
- * The crypto_ops(9S) structure contains the structures containing
- * the pointers to functions implemented by cryptographic providers.
- * It is specified as part of the crypto_provider_info(9S)
- * supplied by a provider when it registers with the kernel
- * by calling crypto_register_provider(9F).
- */
-typedef struct crypto_ops_v1 {
-    crypto_control_ops_t            *co_control_ops;
-    crypto_digest_ops_t            *co_digest_ops;
-    crypto_cipher_ops_t            *co_cipher_ops;
-    crypto_mac_ops_t            *co_mac_ops;
-    crypto_sign_ops_t            *co_sign_ops;
-    crypto_verify_ops_t            *co_verify_ops;
-    crypto_dual_ops_t            *co_dual_ops;
-    crypto_dual_cipher_mac_ops_t        *co_dual_cipher_mac_ops;
-    crypto_random_number_ops_t        *co_random_ops;
-    crypto_session_ops_t            *co_session_ops;
-    crypto_object_ops_t            *co_object_ops;
-    crypto_key_ops_t            *co_key_ops;
-    crypto_provider_management_ops_t    *co_provider_ops;
-    crypto_ctx_ops_t            *co_ctx_ops;
-} crypto_ops_v1_t;
-
-typedef struct crypto_ops_v2 {
-    crypto_ops_v1_t                v1_ops;
-    crypto_mech_ops_t            *co_mech_ops;
-} crypto_ops_v2_t;
-
-typedef struct crypto_ops_v3 {
-    crypto_ops_v2_t                v2_ops;
-    crypto_nostore_key_ops_t        *co_nostore_key_ops;
-} crypto_ops_v3_t;
-
-typedef struct crypto_ops_v4 {
-    crypto_ops_v3_t                v3_ops;
-    crypto_fips140_ops_t            *co_fips140_ops;
-} crypto_ops_v4_t;
-
-typedef struct crypto_ops_v5 {
-    crypto_ops_v4_t                v4_ops;
-    boolean_t                co_uio_userspace_ok;
-} crypto_ops_v5_t;
-
-typedef struct crypto_ops {
-    union {
-        crypto_ops_v5_t    cou_v5;
-        crypto_ops_v4_t    cou_v4;
-        crypto_ops_v3_t    cou_v3;
-        crypto_ops_v2_t    cou_v2;
-        crypto_ops_v1_t    cou_v1;
-    } cou;
-} crypto_ops_t;
-
-#define    co_control_ops            cou.cou_v1.co_control_ops
-#define    co_digest_ops            cou.cou_v1.co_digest_ops
-#define    co_cipher_ops            cou.cou_v1.co_cipher_ops
-#define    co_mac_ops            cou.cou_v1.co_mac_ops
-#define    co_sign_ops            cou.cou_v1.co_sign_ops
-#define    co_verify_ops            cou.cou_v1.co_verify_ops
-#define    co_dual_ops            cou.cou_v1.co_dual_ops
-#define    co_dual_cipher_mac_ops        cou.cou_v1.co_dual_cipher_mac_ops
-#define    co_random_ops            cou.cou_v1.co_random_ops
-#define    co_session_ops            cou.cou_v1.co_session_ops
-#define    co_object_ops            cou.cou_v1.co_object_ops
-#define    co_key_ops            cou.cou_v1.co_key_ops
-#define    co_provider_ops            cou.cou_v1.co_provider_ops
-#define    co_ctx_ops            cou.cou_v1.co_ctx_ops
-#define    co_mech_ops            cou.cou_v2.co_mech_ops
-#define    co_nostore_key_ops        cou.cou_v3.co_nostore_key_ops
-#define    co_fips140_ops            cou.cou_v4.co_fips140_ops
-#define    co_uio_userspace_ok        cou.cou_v5.co_uio_userspace_ok
-
-/*
- * Provider device specification passed during registration.
- *
- * Software providers set the pi_provider_type field of provider_info_t
- * to CRYPTO_SW_PROVIDER, and set the pd_sw field of
- * crypto_provider_dev_t to the address of their modlinkage.
- *
- * Hardware providers set the pi_provider_type field of provider_info_t
- * to CRYPTO_HW_PROVIDER, and set the pd_hw field of
- * crypto_provider_dev_t to the dev_info structure corresponding
- * to the device instance being registered.
- *
- * Logical providers set the pi_provider_type field of provider_info_t
- * to CRYPTO_LOGICAL_PROVIDER, and set the pd_hw field of
- * crypto_provider_dev_t to the dev_info structure corresponding
- * to the device instance being registered.
- */
-
-typedef union crypto_provider_dev {
-    struct modlinkage    *pd_sw; /* for CRYPTO_SW_PROVIDER */
-    dev_info_t        *pd_hw; /* for CRYPTO_HW_PROVIDER */
-} crypto_provider_dev_t;
-
-/*
- * The mechanism info structure crypto_mech_info_t contains a function group
- * bit mask cm_func_group_mask. This field, of type crypto_func_group_t,
- * specifies the provider entry point that can be used a particular
- * mechanism. The function group mask is a combination of the following values.
- */
-
-typedef uint32_t crypto_func_group_t;
-
-#endif /* _KERNEL */
-
-#define    CRYPTO_FG_ENCRYPT        0x00000001 /* encrypt_init() */
-#define    CRYPTO_FG_DECRYPT        0x00000002 /* decrypt_init() */
-#define    CRYPTO_FG_DIGEST        0x00000004 /* digest_init() */
-#define    CRYPTO_FG_SIGN            0x00000008 /* sign_init() */
-#define    CRYPTO_FG_SIGN_RECOVER        0x00000010 /* sign_recover_init() */
-#define    CRYPTO_FG_VERIFY        0x00000020 /* verify_init() */
-#define    CRYPTO_FG_VERIFY_RECOVER    0x00000040 /* verify_recover_init() */
-#define    CRYPTO_FG_GENERATE        0x00000080 /* key_generate() */
-#define    CRYPTO_FG_GENERATE_KEY_PAIR    0x00000100 /* key_generate_pair() */
-#define    CRYPTO_FG_WRAP            0x00000200 /* key_wrap() */
-#define    CRYPTO_FG_UNWRAP        0x00000400 /* key_unwrap() */
-#define    CRYPTO_FG_DERIVE        0x00000800 /* key_derive() */
-#define    CRYPTO_FG_MAC            0x00001000 /* mac_init() */
-#define    CRYPTO_FG_ENCRYPT_MAC        0x00002000 /* encrypt_mac_init() */
-#define    CRYPTO_FG_MAC_DECRYPT        0x00004000 /* decrypt_mac_init() */
-#define    CRYPTO_FG_ENCRYPT_ATOMIC    0x00008000 /* encrypt_atomic() */
-#define    CRYPTO_FG_DECRYPT_ATOMIC    0x00010000 /* decrypt_atomic() */
-#define    CRYPTO_FG_MAC_ATOMIC        0x00020000 /* mac_atomic() */
-#define    CRYPTO_FG_DIGEST_ATOMIC        0x00040000 /* digest_atomic() */
-#define    CRYPTO_FG_SIGN_ATOMIC        0x00080000 /* sign_atomic() */
-#define    CRYPTO_FG_SIGN_RECOVER_ATOMIC   0x00100000 /* sign_recover_atomic() */
-#define    CRYPTO_FG_VERIFY_ATOMIC        0x00200000 /* verify_atomic() */
-#define    CRYPTO_FG_VERIFY_RECOVER_ATOMIC    0x00400000 /* verify_recover_atomic() */
-#define    CRYPTO_FG_ENCRYPT_MAC_ATOMIC    0x00800000 /* encrypt_mac_atomic() */
-#define    CRYPTO_FG_MAC_DECRYPT_ATOMIC    0x01000000 /* mac_decrypt_atomic() */
-#define    CRYPTO_FG_RESERVED        0x80000000
-
-/*
- * Maximum length of the pi_provider_description field of the
- * crypto_provider_info structure.
- */
-#define    CRYPTO_PROVIDER_DESCR_MAX_LEN    64
-
-#ifdef _KERNEL
-
-/* Bit mask for all the simple operations */
-#define    CRYPTO_FG_SIMPLEOP_MASK    (CRYPTO_FG_ENCRYPT | CRYPTO_FG_DECRYPT | \
-    CRYPTO_FG_DIGEST | CRYPTO_FG_SIGN | CRYPTO_FG_VERIFY | CRYPTO_FG_MAC | \
-    CRYPTO_FG_ENCRYPT_ATOMIC | CRYPTO_FG_DECRYPT_ATOMIC |        \
-    CRYPTO_FG_MAC_ATOMIC | CRYPTO_FG_DIGEST_ATOMIC | CRYPTO_FG_SIGN_ATOMIC | \
-    CRYPTO_FG_VERIFY_ATOMIC)
-
-/* Bit mask for all the dual operations */
-#define    CRYPTO_FG_MAC_CIPHER_MASK    (CRYPTO_FG_ENCRYPT_MAC |    \
-    CRYPTO_FG_MAC_DECRYPT | CRYPTO_FG_ENCRYPT_MAC_ATOMIC |         \
-    CRYPTO_FG_MAC_DECRYPT_ATOMIC)
-
-/* Add other combos to CRYPTO_FG_DUAL_MASK */
-#define    CRYPTO_FG_DUAL_MASK    CRYPTO_FG_MAC_CIPHER_MASK
-
-/*
- * The crypto_mech_info structure specifies one of the mechanisms
- * supported by a cryptographic provider. The pi_mechanisms field of
- * the crypto_provider_info structure contains a pointer to an array
- * of crypto_mech_info's.
- */
-typedef struct crypto_mech_info {
-    crypto_mech_name_t    cm_mech_name;
-    crypto_mech_type_t    cm_mech_number;
-    crypto_func_group_t    cm_func_group_mask;
-    ssize_t            cm_min_key_length;
-    ssize_t            cm_max_key_length;
-    uint32_t        cm_mech_flags;
-} crypto_mech_info_t;
-
-/* Alias the old name to the new name for compatibility. */
-#define    cm_keysize_unit    cm_mech_flags
-
-/*
- * crypto_kcf_provider_handle_t is a handle allocated by the kernel.
- * It is returned after the provider registers with
- * crypto_register_provider(), and must be specified by the provider
- * when calling crypto_unregister_provider(), and
- * crypto_provider_notification().
- */
-typedef uint_t crypto_kcf_provider_handle_t;
-
-/*
- * Provider information. Passed as argument to crypto_register_provider(9F).
- * Describes the provider and its capabilities. Multiple providers can
- * register for the same device instance. In this case, the same
- * pi_provider_dev must be specified with a different pi_provider_handle.
- */
-typedef struct crypto_provider_info_v1 {
-    uint_t                pi_interface_version;
-    char                *pi_provider_description;
-    crypto_provider_type_t        pi_provider_type;
-    crypto_provider_dev_t        pi_provider_dev;
-    crypto_provider_handle_t    pi_provider_handle;
-    crypto_ops_t            *pi_ops_vector;
-    uint_t                pi_mech_list_count;
-    crypto_mech_info_t        *pi_mechanisms;
-    uint_t                pi_logical_provider_count;
-    crypto_kcf_provider_handle_t    *pi_logical_providers;
-} crypto_provider_info_v1_t;
-
-typedef struct crypto_provider_info_v2 {
-    crypto_provider_info_v1_t    v1_info;
-    uint_t                pi_flags;
-} crypto_provider_info_v2_t;
-
-typedef struct crypto_provider_info {
-    union {
-        crypto_provider_info_v2_t piu_v2;
-        crypto_provider_info_v1_t piu_v1;
-    } piu;
-} crypto_provider_info_t;
-
-#define    pi_interface_version        piu.piu_v1.pi_interface_version
-#define    pi_provider_description        piu.piu_v1.pi_provider_description
-#define    pi_provider_type        piu.piu_v1.pi_provider_type
-#define    pi_provider_dev            piu.piu_v1.pi_provider_dev
-#define    pi_provider_handle        piu.piu_v1.pi_provider_handle
-#define    pi_ops_vector            piu.piu_v1.pi_ops_vector
-#define    pi_mech_list_count        piu.piu_v1.pi_mech_list_count
-#define    pi_mechanisms            piu.piu_v1.pi_mechanisms
-#define    pi_logical_provider_count    piu.piu_v1.pi_logical_provider_count
-#define    pi_logical_providers        piu.piu_v1.pi_logical_providers
-#define    pi_flags            piu.piu_v2.pi_flags
-
-/* hidden providers can only be accessed via a logical provider */
-#define    CRYPTO_HIDE_PROVIDER        0x00000001
-/*
- * provider can not do multi-part digest (updates) and has a limit
- * on maximum input data that it can digest. The provider sets
- * this value in crypto_provider_ext_info_t by implementing
- * the ext_info entry point in the co_provider_ops vector.
- */
-#define    CRYPTO_HASH_NO_UPDATE        0x00000002
-/*
- * provider can not do multi-part HMAC (updates) and has a limit
- * on maximum input data that it can hmac. The provider sets
- * this value in crypto_provider_ext_info_t by implementing
- * the ext_info entry point in the co_provider_ops vector.
- */
-#define    CRYPTO_HMAC_NO_UPDATE        0x00000008
-
-/* provider can handle the request without returning a CRYPTO_QUEUED */
-#define    CRYPTO_SYNCHRONOUS        0x00000004
-
-#define    CRYPTO_PIFLAGS_RESERVED2    0x40000000
-#define    CRYPTO_PIFLAGS_RESERVED1    0x80000000
-
-/*
- * Provider status passed by a provider to crypto_provider_notification(9F)
- * and returned by the provider_stauts(9E) entry point.
- */
-#define    CRYPTO_PROVIDER_READY        0
-#define    CRYPTO_PROVIDER_BUSY        1
-#define    CRYPTO_PROVIDER_FAILED        2
-
-/*
- * Functions exported by Solaris to cryptographic providers. Providers
- * call these functions to register and unregister, notify the kernel
- * of state changes, and notify the kernel when a asynchronous request
- * completed.
- */
-extern int crypto_register_provider(crypto_provider_info_t *,
-        crypto_kcf_provider_handle_t *);
-extern int crypto_unregister_provider(crypto_kcf_provider_handle_t);
-extern void crypto_provider_notification(crypto_kcf_provider_handle_t, uint_t);
-extern void crypto_op_notification(crypto_req_handle_t, int);
-extern int crypto_kmflag(crypto_req_handle_t);
-
-#endif    /* _KERNEL */
-
-#ifdef    __cplusplus
-}
-#endif
-
-#endif    /* _SYS_CRYPTO_SPI_H */
--- a/src/jdk.jlink/share/classes/jdk/tools/jlink/internal/plugins/SystemModuleDescriptorPlugin.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/src/jdk.jlink/share/classes/jdk/tools/jlink/internal/plugins/SystemModuleDescriptorPlugin.java	Tue Jun 14 10:22:07 2016 -0700
@@ -448,29 +448,27 @@
             }
 
             void newBuilder(String name, int reqs, int exports, int provides,
-                            int conceals, int packages) {
+                            int packages) {
                 mv.visitTypeInsn(NEW, MODULE_DESCRIPTOR_BUILDER);
                 mv.visitInsn(DUP);
                 mv.visitLdcInsn(name);
                 pushInt(initialCapacity(reqs));
                 pushInt(initialCapacity(exports));
                 pushInt(initialCapacity(provides));
-                pushInt(initialCapacity(conceals));
                 pushInt(initialCapacity(packages));
                 mv.visitMethodInsn(INVOKESPECIAL, MODULE_DESCRIPTOR_BUILDER,
-                                   "<init>", "(Ljava/lang/String;IIIII)V", false);
+                                   "<init>", "(Ljava/lang/String;IIII)V", false);
                 mv.visitVarInsn(ASTORE, BUILDER_VAR);
                 mv.visitVarInsn(ALOAD, BUILDER_VAR);
             }
 
             /*
              * Returns the set of concealed packages from ModuleDescriptor, if present
-             * or compute it if the module oes not have ConcealedPackages attribute
+             * or compute it if the module does not have ConcealedPackages attribute
              */
             Set<String> conceals() {
                 Set<String> conceals = md.conceals();
-                if (md.conceals().isEmpty() &&
-                        (md.exports().size() + md.conceals().size()) != packages.size()) {
+                if (conceals.isEmpty() && md.exports().size() != packages.size()) {
                     Set<String> exports = md.exports().stream()
                                             .map(Exports::source)
                                             .collect(Collectors.toSet());
@@ -492,8 +490,7 @@
                 newBuilder(md.name(), md.requires().size(),
                            md.exports().size(),
                            md.provides().size(),
-                           conceals().size(),
-                           conceals().size() + md.exports().size());
+                           packages.size());
 
                 // requires
                 for (ModuleDescriptor.Requires req : md.requires()) {
@@ -528,10 +525,8 @@
                     provides(p.service(), p.providers());
                 }
 
-                // concealed packages
-                for (String pn : conceals()) {
-                    conceals(pn);
-                }
+                // all packages
+                packages(packages);
 
                 // version
                 md.version().ifPresent(this::version);
@@ -675,11 +670,13 @@
             /*
              * Invoke Builder.conceals(String pn)
              */
-            void conceals(String pn) {
+            void packages(Set<String> packages) {
                 mv.visitVarInsn(ALOAD, BUILDER_VAR);
-                mv.visitLdcInsn(pn);
+                int varIndex = new StringSetBuilder(packages).build();
+                assert varIndex == STRING_SET_VAR;
+                mv.visitVarInsn(ALOAD, varIndex);
                 mv.visitMethodInsn(INVOKEVIRTUAL, MODULE_DESCRIPTOR_BUILDER,
-                                   "conceals", STRING_SIG, false);
+                                   "packages", SET_SIG, false);
                 mv.visitInsn(POP);
             }
 
@@ -761,7 +758,7 @@
                 if (localVarIndex == 0) {
                     // if non-empty and more than one set reference this builder,
                     // emit to a unique local
-                    index = refCount == 1 ? STRING_SET_VAR
+                    index = refCount <= 1 ? STRING_SET_VAR
                                           : nextLocalVar++;
                     if (index < MAX_LOCAL_VARS) {
                         localVarIndex = index;
--- a/test/Makefile	Fri Jun 10 15:13:40 2016 -0700
+++ b/test/Makefile	Tue Jun 14 10:22:07 2016 -0700
@@ -316,8 +316,9 @@
 # Always turn on assertions
 JTREG_ASSERT_OPTION = -ea -esa
 JTREG_BASIC_OPTIONS += $(JTREG_ASSERT_OPTION)
-# Report details on all failed or error tests, times too
-JTREG_BASIC_OPTIONS += -v:fail,error,time
+# jtreg verbosity setting
+JTREG_VERBOSE ?= fail,error,time
+JTREG_BASIC_OPTIONS += $(if $(JTREG_VERBOSE),-v:$(JTREG_VERBOSE))
 # Retain all files for failing tests
 JTREG_BASIC_OPTIONS += -retain:fail,error
 # Ignore tests are not run and completely silent about it
--- a/test/ProblemList.txt	Fri Jun 10 15:13:40 2016 -0700
+++ b/test/ProblemList.txt	Tue Jun 14 10:22:07 2016 -0700
@@ -167,8 +167,6 @@
 
 java/net/DatagramSocket/SendDatagramToBadAddress.java           7143960 macosx-all
 
-sun/net/www/http/ChunkedOutputStream/checkError.java            8041924 linux-all
-
 ############################################################################
 
 # jdk_nio
@@ -211,15 +209,10 @@
 
 sun/security/krb5/auto/Unreachable.java                         7164518 macosx-all no PortUnreachableException on Mac
 
-java/security/KeyPairGenerator/SolarisShortDSA.java             7041639 solaris-all
-sun/security/tools/keytool/standard.sh                          7041639 solaris-all
-
 sun/security/tools/keytool/ListKeychainStore.sh                 8156889 macosx-all
 
 sun/security/mscapi/ShortRSAKey1024.sh                          8153948 windows-all
 
-java/security/Security/ClassLoaderDeadlock/Deadlock2.sh         8062758 generic-all
-
 sun/security/tools/jarsigner/warnings/BadKeyUsageTest.java      8026393 generic-all
 
 sun/security/pkcs11/Cipher/ReinitCipher.java                    8077138,8023434 windows-all
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/lang/annotation/Missing/MissingDefault.java	Tue Jun 14 10:22:07 2016 -0700
@@ -0,0 +1,34 @@
+/*
+ * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.lang.annotation.Retention;
+import static java.lang.annotation.RetentionPolicy.*;
+
+/**
+ * Annotation type with a default value whose class will be missing
+ * when MissingTest is run.
+ */
+@Retention(RUNTIME)
+public @interface MissingDefault {
+    Class<?> value() default Missing.class;
+}
--- a/test/java/lang/annotation/Missing/MissingTest.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/test/java/lang/annotation/Missing/MissingTest.java	Tue Jun 14 10:22:07 2016 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,15 +23,16 @@
 
 /*
  * @test
- * @bug 6322301
+ * @bug 6322301 5041778
  * @summary Verify when missing annotation classes cause exceptions
  * @author Joseph D. Darcy
- * @compile MissingTest.java A.java B.java C.java D.java Marker.java Missing.java MissingWrapper.java
+ * @compile MissingTest.java A.java B.java C.java D.java Marker.java Missing.java MissingWrapper.java MissingDefault.java
  * @clean Missing
  * @run main MissingTest
  */
 
 import java.lang.reflect.*;
+import java.lang.annotation.*;
 
 /**
  * This test verifies that a missing annotation class leads to the
@@ -112,7 +113,20 @@
         }
     }
 
-    public static void main(String argv[]) throws Exception {
+    private static void testMethodGetDefaultValue(Class<?> clazz) throws Exception{
+        Method m = clazz.getMethod("value", (Class<?>[])null);
+
+        try {
+            System.out.println(m.getDefaultValue());
+            throw new RuntimeException("Expected exception not thrown");
+        } catch (TypeNotPresentException tnpe) {
+            ; // Expected
+        } catch (AnnotationFormatError afe) {
+            throw new RuntimeException(afe);
+        }
+    }
+
+    public static void main(String... args) throws Exception {
         // Class A has a directly applied annotation whose class is
         // missing.
         testAnnotation(A.class, false);
@@ -131,5 +145,7 @@
         // includes to an annotation class that is missing.
         testParameterAnnotation(D.class.getDeclaredMethod("method1", Object.class),
                                 true);
+        // The MissingDefault annotation type has a default value of the Missing class.
+        testMethodGetDefaultValue(MissingDefault.class);
     }
 }
--- a/test/java/net/Authenticator/B4769350.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/test/java/net/Authenticator/B4769350.java	Tue Jun 14 10:22:07 2016 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2002, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2002, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -24,6 +24,7 @@
 /**
  * @test
  * @bug 4769350 8017779
+ * @modules jdk.httpserver
  * @run main/othervm B4769350 server
  * @run main/othervm B4769350 proxy
  * @summary proxy authentication username and password caching only works in serial case
--- a/test/java/net/Authenticator/Deadlock.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/test/java/net/Authenticator/Deadlock.java	Tue Jun 14 10:22:07 2016 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2010, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -24,6 +24,7 @@
 /**
  * @test
  * @bug 6648001
+ * @modules jdk.httpserver
  * @run main/othervm/timeout=20 -ea:sun.net.www.protocol.http.AuthenticationInfo -Dhttp.auth.serializeRequests=true Deadlock
  * @summary  cancelling HTTP authentication causes deadlock
  */
--- a/test/java/net/CookieHandler/EmptyCookieHeader.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/test/java/net/CookieHandler/EmptyCookieHeader.java	Tue Jun 14 10:22:07 2016 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2013, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -24,6 +24,7 @@
 /*
  * @test
  * @bug 8015799
+ * @modules jdk.httpserver
  * @summary HttpURLConnection.getHeaderFields() throws IllegalArgumentException
  */
 
--- a/test/java/net/CookieHandler/LocalHostCookie.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/test/java/net/CookieHandler/LocalHostCookie.java	Tue Jun 14 10:22:07 2016 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2013, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -33,6 +33,7 @@
 /*
  * @test
  * @bug 7169142
+ * @modules jdk.httpserver
  * @summary CookieHandler does not work with localhost
  * @run main/othervm LocalHostCookie
  */
--- a/test/java/net/HttpCookie/IllegalCookieNameTest.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/test/java/net/HttpCookie/IllegalCookieNameTest.java	Tue Jun 14 10:22:07 2016 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2012, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,6 +23,7 @@
 
 /* @test
  * @bug 7183292
+ * @modules jdk.httpserver
  */
 import java.net.*;
 import java.util.*;
--- a/test/java/net/ResponseCache/Test.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/test/java/net/ResponseCache/Test.java	Tue Jun 14 10:22:07 2016 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2012, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -24,6 +24,7 @@
 /* @test
  * @summary Fixed a potential NullPointerException when setting a ResponseCache that returns a null CacheRequest
  * @bug 4837267
+ * @modules jdk.httpserver
  * @author Michael McMahon
  */
 
--- a/test/java/net/ResponseCache/Test2.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/test/java/net/ResponseCache/Test2.java	Tue Jun 14 10:22:07 2016 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2014, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -25,6 +25,7 @@
  * @test
  * @bug 8042622
  * @summary Check for CRL results in IllegalArgumentException "white space not allowed"
+ * @modules jdk.httpserver
  * @run main/othervm Test2
  */
 
--- a/test/java/net/SetFactoryPermission/SetFactoryPermission.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/test/java/net/SetFactoryPermission/SetFactoryPermission.java	Tue Jun 14 10:22:07 2016 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2014, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -26,6 +26,7 @@
  * @test
  * @bug 8048052
  * @summary Test a series of methods which requires "setFactory" runtime permission
+ * @modules java.rmi
  * @run main SetFactoryPermission success
  * @run main/othervm/policy=policy.fail SetFactoryPermission fail
  * @run main/othervm/policy=policy.success SetFactoryPermission success
--- a/test/java/net/Socks/SocksIPv6Test.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/test/java/net/Socks/SocksIPv6Test.java	Tue Jun 14 10:22:07 2016 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2013, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2013, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,6 +23,7 @@
 
 /* @test
  * @bug 7100957
+ * @modules jdk.httpserver
  * @summary Java doesn't correctly handle the SOCKS protocol when used over IPv6.
  * @run testng SocksIPv6Test
  */
--- a/test/java/net/URLClassLoader/ClassLoad.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/test/java/net/URLClassLoader/ClassLoad.java	Tue Jun 14 10:22:07 2016 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -24,6 +24,7 @@
 /**
  * @test
  * @bug 4151665
+ * @modules jdk.httpserver
  * @summary Test for FileNotFoundException when loading bogus class
  */
 
--- a/test/java/net/URLClassLoader/closetest/CloseTest.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/test/java/net/URLClassLoader/closetest/CloseTest.java	Tue Jun 14 10:22:07 2016 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2009, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -24,6 +24,7 @@
 /**
  * @test
  * @bug 4167874
+ * @modules jdk.httpserver
  * @library ../../../../com/sun/net/httpserver
  * @library /lib/testlibrary
  * @build FileServerHandler jdk.testlibrary.FileUtils
--- a/test/java/net/URLPermission/URLTest.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/test/java/net/URLPermission/URLTest.java	Tue Jun 14 10:22:07 2016 -0700
@@ -27,6 +27,7 @@
  *
  * @test
  * @bug 8010464
+ * @modules jdk.httpserver
  * @key intermittent
  * @library /lib/testlibrary/
  * @build jdk.testlibrary.SimpleSSLContext
--- a/test/java/net/httpclient/APIErrors.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/test/java/net/httpclient/APIErrors.java	Tue Jun 14 10:22:07 2016 -0700
@@ -24,6 +24,8 @@
 /**
  * @test
  * @bug 8087112
+ * @modules java.httpclient
+ *          jdk.httpserver
  * @library /lib/testlibrary/
  * @build jdk.testlibrary.SimpleSSLContext ProxyServer
  * @build TestKit
--- a/test/java/net/httpclient/BasicAuthTest.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/test/java/net/httpclient/BasicAuthTest.java	Tue Jun 14 10:22:07 2016 -0700
@@ -25,6 +25,8 @@
 /**
  * @test
  * @bug 8087112
+ * @modules java.httpclient
+ *          jdk.httpserver
  * @run main/othervm BasicAuthTest
  * @summary Basic Authentication Test
  */
--- a/test/java/net/httpclient/ImmutableHeaders.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/test/java/net/httpclient/ImmutableHeaders.java	Tue Jun 14 10:22:07 2016 -0700
@@ -25,6 +25,8 @@
 /**
  * @test
  * @bug 8087112
+ * @modules java.httpclient
+ *          jdk.httpserver
  * @run main/othervm ImmutableHeaders
  * @summary ImmutableHeaders
  */
--- a/test/java/net/httpclient/ManyRequests.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/test/java/net/httpclient/ManyRequests.java	Tue Jun 14 10:22:07 2016 -0700
@@ -24,6 +24,8 @@
 /**
  * @test
  * @bug 8087112
+ * @modules java.httpclient
+ *          jdk.httpserver
  * @library /lib/testlibrary/ /
  * @build jdk.testlibrary.SimpleSSLContext EchoHandler
  * @compile ../../../com/sun/net/httpserver/LogFilter.java
--- a/test/java/net/httpclient/RequestBodyTest.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/test/java/net/httpclient/RequestBodyTest.java	Tue Jun 14 10:22:07 2016 -0700
@@ -23,6 +23,8 @@
 
 /**
  * @test @bug 8087112
+ * @modules java.httpclient
+ *          jdk.httpserver
  * @library /lib/testlibrary/ /
  * @compile ../../../com/sun/net/httpserver/LogFilter.java
  * @compile ../../../com/sun/net/httpserver/FileServerHandler.java
--- a/test/java/net/httpclient/SmokeTest.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/test/java/net/httpclient/SmokeTest.java	Tue Jun 14 10:22:07 2016 -0700
@@ -24,6 +24,8 @@
 /**
  * @test
  * @bug 8087112
+ * @modules java.httpclient
+ *          jdk.httpserver
  * @library /lib/testlibrary/ /
  * @build jdk.testlibrary.SimpleSSLContext ProxyServer EchoHandler
  * @compile ../../../com/sun/net/httpserver/LogFilter.java
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/net/httpclient/TEST.properties	Tue Jun 14 10:22:07 2016 -0700
@@ -0,0 +1,1 @@
+modules = java.httpclient
--- a/test/java/net/httpclient/http2/java.httpclient/sun/net/httpclient/hpack/HeaderTableTest.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/test/java/net/httpclient/http2/java.httpclient/sun/net/httpclient/hpack/HeaderTableTest.java	Tue Jun 14 10:22:07 2016 -0700
@@ -28,6 +28,7 @@
 import java.nio.charset.StandardCharsets;
 import java.util.Collections;
 import java.util.HashMap;
+import java.util.Locale;
 import java.util.Map;
 import java.util.Random;
 import java.util.regex.Matcher;
@@ -35,7 +36,10 @@
 
 import static java.lang.String.format;
 import static org.testng.Assert.assertEquals;
-import static sun.net.httpclient.hpack.TestHelper.*;
+import static sun.net.httpclient.hpack.TestHelper.assertExceptionMessageContains;
+import static sun.net.httpclient.hpack.TestHelper.assertThrows;
+import static sun.net.httpclient.hpack.TestHelper.assertVoidThrows;
+import static sun.net.httpclient.hpack.TestHelper.newRandom;
 
 public class HeaderTableTest {
 
@@ -317,10 +321,24 @@
 
     @Test
     public void testToString() {
+        testToString0();
+    }
+
+    @Test
+    public void testToStringDifferentLocale() {
+        Locale.setDefault(Locale.FRENCH);
+        String s = format("%.1f", 3.1);
+        assertEquals("3,1", s); // assumption of the test, otherwise the test is useless
+        testToString0();
+    }
+
+    private void testToString0() {
         HeaderTable table = new HeaderTable(0);
         {
             table.setMaxSize(2048);
-            assertEquals("entries: 0; used 0/2048 (0.0%)", table.toString());
+            String expected =
+                    format("entries: %d; used %s/%s (%.1f%%)", 0, 0, 2048, 0.0);
+            assertEquals(expected, table.toString());
         }
 
         {
@@ -335,7 +353,8 @@
             int used = name.length() + value.length() + 32;
             double ratio = used * 100.0 / size;
 
-            String expected = format("entries: 1; used %s/%s (%.1f%%)", used, size, ratio);
+            String expected =
+                    format("entries: 1; used %s/%s (%.1f%%)", used, size, ratio);
             assertEquals(expected, s);
         }
 
@@ -344,7 +363,9 @@
             table.put(":method", "");
             table.put(":status", "");
             String s = table.toString();
-            assertEquals("entries: 2; used 78/78 (100.0%)", s);
+            String expected =
+                    format("entries: %d; used %s/%s (%.1f%%)", 2, 78, 78, 100.0);
+            assertEquals(expected, s);
         }
     }
 
--- a/test/java/net/httpclient/security/Security.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/test/java/net/httpclient/security/Security.java	Tue Jun 14 10:22:07 2016 -0700
@@ -25,6 +25,8 @@
 /**
  * @test
  * @bug 8087112
+ * @modules java.httpclient
+ *          jdk.httpserver
  * @library /lib/testlibrary/
  * @build jdk.testlibrary.SimpleSSLContext
  * @compile ../../../../com/sun/net/httpserver/LogFilter.java
--- a/test/java/net/spi/URLStreamHandlerProvider/Basic.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/test/java/net/spi/URLStreamHandlerProvider/Basic.java	Tue Jun 14 10:22:07 2016 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -45,6 +45,7 @@
 /*
  * @test
  * @bug 8064924
+ * @modules java.compiler
  * @summary Basic test for URLStreamHandlerProvider
  * @library /lib/testlibrary
  * @build jdk.testlibrary.FileUtils jdk.testlibrary.JDKToolFinder
--- a/test/java/security/Provider/DefaultProviderList.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/test/java/security/Provider/DefaultProviderList.java	Tue Jun 14 10:22:07 2016 -0700
@@ -23,7 +23,7 @@
 
 /**
  * @test
- * @bug 7191662 8157469
+ * @bug 7191662 8157469 8157489
  * @summary Ensure non-java.base providers can be found by ServiceLoader
  * @author Valerie Peng
  */
@@ -33,6 +33,7 @@
 import java.util.Arrays;
 import java.util.Iterator;
 import java.util.ServiceLoader;
+import java.lang.reflect.Module;
 
 public class DefaultProviderList {
 
@@ -43,37 +44,54 @@
 
         ServiceLoader<Provider> sl = ServiceLoader.load(Provider.class);
         boolean failed = false;
+
+        Module baseMod = Object.class.getModule();
+
+        // Test#1: check that all non-base security providers can be found
+        // through ServiceLoader
         for (Provider p : defaultProvs) {
             String pName = p.getName();
-            // only providers outside java.base are loaded by ServiceLoader
-            if (pName.equals("SUN") || pName.equals("SunRsaSign") ||
-                pName.equals("SunJCE") || pName.equals("SunJSSE") ||
-                pName.equals("Apple")) {
-                System.out.println("Skip test for provider " + pName);
-                continue;
-            }
-            String pClassName = p.getClass().getName();
-            // Should be able to find each one through ServiceLoader
-            Iterator<Provider> provIter = sl.iterator();
-            boolean found = false;
-            while (provIter.hasNext()) {
-                Provider pFromSL = provIter.next();
-                if (pFromSL.getClass().getName().equals(pClassName)) {
-                    found = true;
-                    break;
+            Class pClass = p.getClass();
+
+            if (pClass.getModule() != baseMod) {
+                String pClassName = pClass.getName();
+                Iterator<Provider> provIter = sl.iterator();
+                boolean found = false;
+                while (provIter.hasNext()) {
+                    Provider pFromSL = provIter.next();
+
+                    // check for match by class name because PKCS11 provider
+                    // will have a different name after being configured.
+                    if (pFromSL.getClass().getName().equals(pClassName)) {
+                        found = true;
+                        System.out.println("SL found provider " + pName);
+                        break;
+                    }
+                }
+                if (!found) {
+                    failed = true;
+                    System.out.println("Error: SL cannot find provider " +
+                        pName);
                 }
             }
-            System.out.println("Found " + p.getName() + " = " + found);
-            if (!found) {
+        }
+
+        // Test#2: check that all security providers found through ServiceLoader
+        // are not from base module
+        Iterator<Provider> provIter = sl.iterator();
+        while (provIter.hasNext()) {
+            Provider pFromSL = provIter.next();
+            if (pFromSL.getClass().getModule() == baseMod) {
                 failed = true;
-                System.out.println("Error: no provider class " + pClassName +
-                    " found");
+                System.out.println("Error: base provider " +
+                    pFromSL.getName() + " loaded by SL");
             }
         }
+
         if (!failed) {
             System.out.println("Test Passed");
         } else {
-            throw new Exception("One or more provider not loaded by SL");
+            throw new Exception("One or more tests failed");
         }
     }
 }
--- a/test/java/security/SecureRandom/ApiTest.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/test/java/security/SecureRandom/ApiTest.java	Tue Jun 14 10:22:07 2016 -0700
@@ -105,7 +105,7 @@
 
     private static void runForEachAlg(String mech, String alg)
             throws Exception {
-        for (int strength : new int[]{Integer.MIN_VALUE, -1, 0, 1, 223, 224,
+        for (int strength : new int[]{-1, 0, 1, 223, 224,
             192, 255, 256}) {
             for (Capability cp : Capability.values()) {
                 for (byte[] pr : new byte[][]{null, new byte[]{},
--- a/test/java/security/SecureRandom/DrbgParametersSpec.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/test/java/security/SecureRandom/DrbgParametersSpec.java	Tue Jun 14 10:22:07 2016 -0700
@@ -22,7 +22,7 @@
  */
 
 /* @test
- * @bug 8051408
+ * @bug 8051408 8158534
  * @summary Make sure DrbgParameters coded as specified
  * @library /test/lib/share/classes
  */
@@ -68,6 +68,9 @@
         ins = DrbgParameters.instantiation(-1, NONE, null);
         Asserts.assertNull(ins.getPersonalizationString());
 
+        iae(() -> DrbgParameters.instantiation(-2, NONE, null));
+        npe(() -> DrbgParameters.instantiation(-1, null, null));
+
         // NextBytes
         p = "NextBytes".getBytes();
         DrbgParameters.NextBytes nb = DrbgParameters
@@ -85,6 +88,8 @@
         np2 = nb.getAdditionalInput();
         Asserts.assertTrue(Arrays.equals(np1, np2));
 
+        iae(() -> DrbgParameters.nextBytes(-2, false, null));
+
         // Reseed
         p = "Reseed".getBytes();
         DrbgParameters.Reseed rs = DrbgParameters
@@ -101,4 +106,29 @@
         np2 = rs.getAdditionalInput();
         Asserts.assertTrue(Arrays.equals(np1, np2));
     }
+
+    static void iae(RunnableWithException r) throws Exception {
+        checkException(r, IllegalArgumentException.class);
+    }
+
+    static void npe(RunnableWithException r) throws Exception {
+        checkException(r, NullPointerException.class);
+    }
+
+    interface RunnableWithException {
+        void run() throws Exception;
+    }
+
+    static void checkException(RunnableWithException r, Class ex)
+            throws Exception {
+        try {
+            r.run();
+        } catch (Exception e) {
+            if (ex.isAssignableFrom(e.getClass())) {
+                return;
+            }
+            throw e;
+        }
+        throw new Exception("No exception thrown");
+    }
 }
--- a/test/java/security/Security/ClassLoaderDeadlock/CreateSerialized.java	Fri Jun 10 15:13:40 2016 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,35 +0,0 @@
-/*
- * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-import java.io.*;
-import sun.misc.*;
-
-public class CreateSerialized {
-    public static void main(String[] args) throws Exception {
-        Object o = new com.sun.crypto.provider.SunJCE();
-
-        FileOutputStream fos = new FileOutputStream("object.tmp");
-        ObjectOutputStream objectOutputStream = new ObjectOutputStream(fos);
-        objectOutputStream.writeObject(o);
-        fos.close();
-    }
-}
--- a/test/java/security/Security/ClassLoaderDeadlock/Deadlock2.java	Fri Jun 10 15:13:40 2016 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,70 +0,0 @@
-/*
- * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-import java.io.*;
-import javax.xml.parsers.DocumentBuilderFactory;
-import java.security.*;
-
-public class Deadlock2 {
-    public static void main(String[] args) throws Exception {
-        File file = new File("object.tmp");
-        final byte[] bytes = new byte[(int) file.length()];
-        FileInputStream fileInputStream = new FileInputStream(file);
-        int read = fileInputStream.read(bytes);
-        if (read != file.length()) {
-            throw new Exception("Didn't read all");
-        }
-        Thread.sleep(1000);
-
-        Runnable xmlRunnable = new Runnable() {
-                public void run() {
-                    try {
-                        DocumentBuilderFactory.newInstance();
-                    } catch (Exception e) {
-                        e.printStackTrace();
-                    }
-                }
-            };
-
-        Runnable readObjectRunnable = new Runnable() {
-                public void run() {
-                    try {
-                        ObjectInputStream objectInputStream =
-                            new ObjectInputStream(new ByteArrayInputStream(bytes));
-                        Object o = objectInputStream.readObject();
-                        System.out.println(o.getClass());
-                    } catch (Exception e) {
-                        e.printStackTrace();
-                    }
-                }
-            };
-
-        Thread thread1 = new Thread(readObjectRunnable, "Read Object");
-        Thread thread2 = new Thread(xmlRunnable, "XML");
-
-        thread1.start();
-        thread2.start();
-
-        thread1.join();
-        thread2.join();
-    }
-}
--- a/test/java/security/Security/ClassLoaderDeadlock/Deadlock2.sh	Fri Jun 10 15:13:40 2016 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,115 +0,0 @@
-#!/bin/sh
-
-#
-# Copyright (c) 2009, 2012, Oracle and/or its affiliates. All rights reserved.
-# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
-#
-# This code is free software; you can redistribute it and/or modify it
-# under the terms of the GNU General Public License version 2 only, as
-# published by the Free Software Foundation.
-#
-# This code is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
-# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
-# version 2 for more details (a copy is included in the LICENSE file that
-# accompanied this code).
-#
-# You should have received a copy of the GNU General Public License version
-# 2 along with this work; if not, write to the Free Software Foundation,
-# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
-#
-# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
-# or visit www.oracle.com if you need additional information or have any
-# questions.
-#
-
-
-# @test
-# @bug 6440846
-# @summary make sure we do not deadlock between ExtClassLoader and AppClassLoader
-# @author Valerie Peng
-# @run shell/timeout=20 Deadlock2.sh
-
-# set a few environment variables so that the shell-script can run stand-alone
-# in the source directory
-
-if [ "${TESTSRC}" = "" ] ; then
-   TESTSRC="."
-fi
-
-if [ "${TESTCLASSES}" = "" ] ; then
-   TESTCLASSES="."
-fi
-
-if [ "${TESTJAVA}" = "" ] ; then
-   echo "TESTJAVA not set.  Test cannot execute."
-   echo "FAILED!!!"
-   exit 1
-fi
-
-if [ "${COMPILEJAVA}" = "" ]; then
-   COMPILEJAVA="${TESTJAVA}"
-fi
-
-# set platform-dependent variables
-OS=`uname -s`
-case "$OS" in
-  SunOS )
-    PATHSEP=":"
-    FILESEP="/"
-    ;;
-  Linux )
-    PATHSEP=":"
-    FILESEP="/"
-    ;;
-  CYGWIN* )
-    PATHSEP=";"
-    FILESEP="/"
-    ;;
-  Darwin )
-    PATHSEP=":"
-    FILESEP="/"
-    ;;
-  AIX )
-    PATHSEP=":"
-    FILESEP="/"
-    ;;
-  Windows* )
-    PATHSEP=";"
-    FILESEP="\\"
-    ;;
-  * )
-    echo "Unrecognized system!"
-    exit 1;
-    ;;
-esac
-
-# remove old class files
-cd ${TESTCLASSES}
-if [ -d testlib ] ; then
-    rm -rf testlib
-fi
-mkdir testlib
-
-# compile and package the test program
-${COMPILEJAVA}${FILESEP}bin${FILESEP}javac ${TESTJAVACOPTS} ${TESTTOOLVMOPTS} \
-    -d ${TESTCLASSES} \
-    ${TESTSRC}${FILESEP}CreateSerialized.java \
-    ${TESTSRC}${FILESEP}Deadlock2.java
-
-${COMPILEJAVA}${FILESEP}bin${FILESEP}jar ${TESTTOOLVMOPTS} \
-    -cvf testlib${FILESEP}Deadlock2.jar \
-    Deadlock2*.class
-
-rm Deadlock2*.class
-
-# create serialized object and run the test
-${TESTJAVA}${FILESEP}bin${FILESEP}java ${TESTVMOPTS} CreateSerialized
-${TESTJAVA}${FILESEP}bin${FILESEP}java ${TESTVMOPTS} \
-    -Djava.ext.dirs=${TESTCLASSES}${FILESEP}testlib${PATHSEP}${TESTJAVA}${FILESEP}lib${FILESEP}ext Deadlock2
-STATUS=$?
-
-# clean up
-rm object.tmp CreateSerialized.class
-rm -rf testlib
-exit ${STATUS}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/util/Locale/Bug8135061.java	Tue Jun 14 10:22:07 2016 -0700
@@ -0,0 +1,81 @@
+/*
+ * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 8135061
+ * @summary Checks that the Locale.lookup executes properly without throwing
+ *          any exception for some specific language ranges
+ * @run main Bug8135061
+ */
+
+import java.util.Collection;
+import java.util.Collections;
+import java.util.List;
+import java.util.Locale;
+import java.util.Locale.LanguageRange;
+
+public class Bug8135061 {
+
+    public static void main(String[] args) {
+
+        /* lookup should run without throwing any exception and
+         * return null as the language range does not match with the language
+         * tag
+         */
+        List<LanguageRange> ranges = LanguageRange.parse("nv");
+        Collection<Locale> locales = Collections.singleton(Locale.ENGLISH);
+
+        try {
+            Locale match = Locale.lookup(ranges, locales);
+            if (match != null) {
+                throw new RuntimeException("Locale.lookup returned non-null: "
+                        + match);
+            }
+        } catch (Exception ex) {
+            throw new RuntimeException("[Locale.lookup failed on language"
+                    + " range: " + ranges + " and language tags "
+                    + locales + "]", ex);
+        }
+
+        /* lookup should run without throwing any exception and
+         * return "nv" as the matching tag
+         */
+        ranges = LanguageRange.parse("i-navajo");
+        locales = Collections.singleton(new Locale("nv"));
+
+        try {
+            Locale match = Locale.lookup(ranges, locales);
+            if (!match.toLanguageTag().equals("nv")) {
+                throw new RuntimeException("Locale.lookup returned unexpected"
+                        + " result: " + match);
+            }
+        } catch (Exception ex) {
+            throw new RuntimeException("[Locale.lookup failed on language"
+                    + " range: " + ranges + " and language tags "
+                    + locales + "]", ex);
+        }
+
+    }
+
+}
--- a/test/java/util/logging/SimpleFormatterFormat.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/test/java/util/logging/SimpleFormatterFormat.java	Tue Jun 14 10:22:07 2016 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2011, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2011, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,7 +23,7 @@
 
 /*
  * @test
- * @bug     6381464
+ * @bug     6381464 8153666
  * @summary Test the custom simple formatter output
  *
  * @run main/othervm SimpleFormatterFormat
@@ -60,13 +60,19 @@
         "test.foo",
         "test.foo",
         "test.bar",
+        "test.bar",
+        "test.bar",
         "test.bar"
     };
     private static String[] messages = new String[] {
         "severe hello world",
         "warning lost connection",
         "info welcome",
-        "warning exception thrown",
+        "warning beware of traps",
+        "warning { {ok7} }",
+        // keep exception logging as last test case to avoid having
+        // to skip the exception stack trace in the output
+        "warning exception thrown"
     };
     private static void writeLogRecords(PrintStream logps) throws Exception {
         try {
@@ -79,8 +85,11 @@
             Logger bar = Logger.getLogger("test.bar");
             bar.finest("Dummy message");
             bar.info(messages[2]);
-            bar.log(Level.WARNING, messages[3], new IllegalArgumentException());
+            bar.log(Level.WARNING, "{0}", new Object[] { messages[3] });
+            bar.log(Level.WARNING, "warning '{' '{'{7}} }", new Object[] {"ok", "ok1", "ok2", "ok3", "ok4", "ok5", "ok6", "ok7", "ok8", "ok9", "ok10"});
 
+            // Keep this one last - as it also prints the exception stack trace...
+            bar.log(Level.WARNING, messages[messages.length-1], new IllegalArgumentException());
         } finally {
             logps.flush();
             logps.close();
@@ -108,7 +117,7 @@
 
                 Matcher m = p.matcher(line);
                 if (!m.matches()) {
-                    throw new RuntimeException("Unexpected output format");
+                    throw new RuntimeException("Unexpected output format: " + line);
                 }
                 if (m.groupCount() != 3) {
                     throw new RuntimeException("Unexpected group count = " +
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/net/www/http/ChunkedOutputStream/CheckError.java	Tue Jun 14 10:22:07 2016 -0700
@@ -0,0 +1,131 @@
+/*
+ * Copyright (c) 2004, 2016, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/**
+ * @test
+ * @bug 5054016
+ * @summary get the failure immediately when writing individual chunks over socket fail
+ */
+
+import java.io.BufferedReader;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.io.OutputStream;
+import java.net.HttpURLConnection;
+import java.net.ServerSocket;
+import java.net.Socket;
+import java.net.URL;
+import static java.lang.System.out;
+
+public class CheckError {
+
+    static int BUFFER_SIZE = 8192; // 8k
+    static int TOTAL_BYTES = 1 * 1024 * 1024; // 1M
+
+    public static void main(String[] args) throws Exception {
+
+        HTTPServer server = new HTTPServer();
+        server.start();
+        int port = server.getPort();
+        out.println("Server listening on " + port);
+
+
+        URL url = new URL("http://localhost:" + port);
+        HttpURLConnection conn = (HttpURLConnection)url.openConnection();
+        conn.setRequestMethod("POST");
+        conn.setDoOutput(true);
+        conn.setChunkedStreamingMode(1024);
+
+        out.println("sending " + TOTAL_BYTES + " bytes");
+
+        int byteAtOnce;
+        int sendingBytes = TOTAL_BYTES;
+        byte[] buffer = getBuffer(BUFFER_SIZE);
+        try (OutputStream toServer = conn.getOutputStream()) {
+            while (sendingBytes > 0) {
+                if (sendingBytes > BUFFER_SIZE) {
+                    byteAtOnce = BUFFER_SIZE;
+                } else {
+                    byteAtOnce = sendingBytes;
+                }
+                toServer.write(buffer, 0, byteAtOnce);
+                sendingBytes -= byteAtOnce;
+                out.print((TOTAL_BYTES - sendingBytes) + " was sent. ");
+                toServer.flush();
+                // gives the server thread time to read, and eventually close;
+                Thread.sleep(500);
+            }
+        } catch (IOException expected) {
+            // Expected IOException due to server.close()
+            out.println("PASSED. Caught expected: " + expected);
+            return;
+        }
+
+        // Expected IOException not received. FAIL
+        throw new RuntimeException("Failed: Expected IOException not received");
+    }
+
+    static byte[] getBuffer(int size) {
+        byte[] buffer = new byte[size];
+        for (int i = 0; i < size; i++)
+            buffer[i] = (byte)i;
+        return buffer;
+    }
+
+    static class HTTPServer extends Thread {
+
+        final ServerSocket serverSocket;
+
+        HTTPServer() throws IOException {
+            serverSocket = new ServerSocket(0);
+        }
+
+        int getPort() {
+            return serverSocket.getLocalPort();
+        }
+
+        public void run() {
+            try (Socket client = serverSocket.accept()) {
+
+                InputStream in = client.getInputStream();
+                BufferedReader reader = new BufferedReader(new InputStreamReader(in));
+                String line;
+                do {
+                    line = reader.readLine();
+                    out.println("Server: " + line);
+                } while (line != null && line.length() > 0);
+
+                System.out.println("Server: receiving some data");
+                // just read some data, then close the connection
+                in.read(new byte[1024]);
+
+                in.close();
+                client.close();
+                out.println("Server closed socket");
+            } catch (IOException e) {
+                e.printStackTrace();
+            }
+        }
+    }
+}
--- a/test/sun/net/www/http/ChunkedOutputStream/checkError.java	Fri Jun 10 15:13:40 2016 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,252 +0,0 @@
-/*
- * Copyright (c) 2004, 2016, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-/**
- * @test
- * @bug 5054016
- * @key intermittent
- * @run main/othervm/timeout=300 checkError
- * @summary get the failure immediately when writing individual chunks over socket fail
- */
-
-import java.io.*;
-import java.net.*;
-import java.util.StringTokenizer;
-
-
-public class checkError {
-    static final int TEST_PASSED = 95;
-    static final int TEST_FAILED = 97;
-
-    static int testStatus = TEST_PASSED;
-
-    static String serverName = "localhost";
-    static int bufferSize = 8192; // 8k
-    static int totalBytes = 1048576; // 1M
-
-    static int j = 0;
-
-    static public Object threadStarting = new Object();
-    static public Object threadWaiting = new Object();
-
-
-    public static void main(String[] args) throws Exception {
-        HttpURLConnection conn = null;
-        OutputStream toServer = null;
-        byte[] buffer = null;
-        HTTPServer server = null;
-        synchronized(threadWaiting) {
-            System.out.println("HTTP-client>Starting default Http-server");
-            synchronized(threadStarting) {
-                server = new HTTPServer();
-                server.start();
-                try {
-                    System.out.println("waiting server to be start");
-                    threadStarting.wait();
-                } catch (InterruptedException e) {
-                }
-            }
-            int port = server.getPort();
-            URL url = new URL("http://" + serverName + ":" + port);
-            conn = (HttpURLConnection )url.openConnection();
-            conn.setRequestMethod("POST");
-            conn.setDoOutput(true);
-
-            System.out.println("assigning 1024 to the chunk length");
-            conn.setChunkedStreamingMode(1024);
-            conn.connect();
-
-            toServer = conn.getOutputStream();
-            buffer = getThickBuffer(bufferSize);
-            System.out.println("sending " + totalBytes + " bytes");
-        }
-
-        int byteAtOnce = 0;
-        int sendingBytes = totalBytes;
-        try {
-            while (sendingBytes > 0) {
-                if (sendingBytes > bufferSize) {
-                    byteAtOnce = bufferSize;
-                } else {
-                    byteAtOnce = sendingBytes;
-                }
-                toServer.write(buffer, 0, byteAtOnce);
-                sendingBytes -= byteAtOnce;
-                // System.out.println((totalBytes - sendingBytes) + " was sent");
-                toServer.flush();
-            }
-        } catch (OutOfMemoryError e) {
-            e.printStackTrace();
-            System.out.println("***ERR***> UNEXPECTED error: " + e);
-            testStatus = TEST_FAILED;
-            testExit();
-        } catch (IOException e) {
-            // e.printStackTrace();
-            // this is the expected IOException
-            // due to server.close()
-            testStatus = TEST_PASSED;
-            testExit();
-        } finally {
-            toServer.close();
-        }
-
-        // we have not received the expected IOException
-        // test fail
-        testStatus = TEST_FAILED;
-        testExit();
-
-    }
-
-    static void testExit() {
-        if (testStatus == TEST_FAILED) {
-            throw new RuntimeException("Test Failed: haven't received the expected IOException");
-        } else {
-            System.out.println("TEST PASSED");
-        }
-        System.exit(testStatus);
-    }
-
-    static byte[] getThickBuffer(int size) {
-
-        byte[] buffer = new byte[size];
-
-        for (int i = 0; i < size; i++) {
-            if (j > 9)
-                j = 0;
-            String s = Integer.toString(j);
-            buffer[i] = (byte )s.charAt(0);
-            j++;
-        }
-
-        return buffer;
-    }
-}
-
-
-class HTTPServer extends Thread {
-
-    static volatile boolean isCompleted;
-
-    Socket client;
-    ServerSocket serverSocket;
-
-    int getPort() {
-        return serverSocket.getLocalPort();
-    }
-
-    public void run() {
-
-        synchronized(checkError.threadStarting) {
-
-            try {
-                serverSocket = new ServerSocket(0, 100);
-            } catch (Exception e) {
-                e.printStackTrace();
-                checkError.testStatus = checkError.TEST_FAILED;
-                return;
-            }
-            checkError.threadStarting.notify();
-        }
-
-        try {
-            client = serverSocket.accept();
-        } catch (Exception e) {
-            e.printStackTrace();
-            checkError.testStatus = checkError.TEST_FAILED;
-            return;
-        }
-
-        System.out.println("Server started");
-
-        BufferedReader in = null;
-        PrintStream out = null;
-        InputStreamReader reader = null;
-        String version = null;
-        String line;
-        String method;
-
-        synchronized(checkError.threadWaiting) {
-            try {
-                reader = new InputStreamReader(client.getInputStream());
-                in = new BufferedReader(reader);
-                line = in.readLine();
-
-            } catch (Exception e) {
-                e.printStackTrace();
-                checkError.testStatus = checkError.TEST_FAILED;
-                return;
-            }
-            StringTokenizer st = new StringTokenizer(line);
-            method = st.nextToken();
-            String fileName = st.nextToken();
-
-            // save version for replies
-            if (st.hasMoreTokens()) version = st.nextToken();
-
-            System.out.println("HTTP version: " + version);
-
-        }
-
-        try {
-
-            while (line != null && line.length() > 0) {
-                line = in.readLine();
-                System.out.println(line);
-            }
-        } catch (IOException e) {
-            e.printStackTrace();
-            checkError.testStatus = checkError.TEST_FAILED;
-            return;
-        }
-
-        if (method.equals("POST")) {
-            System.out.println("receiving data");
-            byte[] buf = new byte[1024];
-            try {
-                //reading bytes until chunk whose size is zero,
-                // see 19.4.6 Introduction of Transfer-Encoding in RFC2616
-                int count = 0;
-                while (count <=5) {
-                    count++;
-                    in.readLine();
-                }
-
-                System.out.println("Server socket is closed");
-                in.close();
-                client.close();
-                serverSocket.close();
-
-            } catch (IOException e) {
-                e.printStackTrace();
-                checkError.testStatus = checkError.TEST_FAILED;
-                return;
-            } catch (OutOfMemoryError e) {
-                e.printStackTrace();
-                checkError.testStatus = checkError.TEST_FAILED;
-                return;
-            }
-
-        }
-    }
-
-}
--- a/test/sun/security/ec/TestEC.java	Fri Jun 10 15:13:40 2016 -0700
+++ b/test/sun/security/ec/TestEC.java	Tue Jun 14 10:22:07 2016 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2009, 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -59,12 +59,21 @@
 
 public class TestEC {
 
+    /*
+     * Turn on SSL debugging
+     */
+    private static final boolean debug = true;
+
     public static void main(String[] args) throws Exception {
         // reset security properties to make sure that the algorithms
         // and keys used in this test are not disabled.
         Security.setProperty("jdk.tls.disabledAlgorithms", "");
         Security.setProperty("jdk.certpath.disabledAlgorithms", "");
 
+        if (debug) {
+            System.setProperty("javax.net.debug", "all");
+        }
+
         ProvidersSnapshot snapshot = ProvidersSnapshot.create();
         try {
             main0(args);