Re: RFR: 8351565: Implement JEP 502: Stable Values (Preview) [v6]

A @Stable field does not need to be volatile. Avoiding volatile is one of the uses for @Stable. That said, @Stable is not as foolproof as volatile. It’s more dangerous, and cheaper. You have to do a release store to a stable variable. That’s what the VM does for you automatically for a final, an

Re: RFR: 8351565: Implement JEP 502: Stable Values (Preview)

On 13 Mar 2025, at 4:20, Per Minborg wrote: > … >> Reentrancy into here seems really buggy, I would endorse disallowing it >> >> instead. In that case, a `ReentrantLock` seems better than the native >> monitor as we can cheaply check `lock.isHeldByCurrentThread()` > > StableValueImpl was careful

Re: RFR: 8351565: Implement JEP 502: Stable Values (Preview)

> Are deeper cycles of concern? I was thinking of this: There are a couple of ways existing java.util code handles self-cycles. The deepToString method handles them at all levels, so it is robust. But it is tricky and expensive. (Look at the variable named “dejaVu”.) If you grep for /"(this / i

Re: RFR: 8339280: jarsigner -verify performs cross-checking between CEN and LOC [v3]

> The jarsigner -verify command currently performs verification by reading from > JarFile to navigate the central directory (CEN) headers. It is now enhanced > to include cross-validation of entries between JarFile (CEN-based) and > JarInputStream (stream-based) representations of the JAR. It em

Re: RFR: 8303770: Remove Baltimore root certificate expiring in May 2025

On Tue, 11 Mar 2025 17:28:17 GMT, Rajan Halade wrote: > Removed "_CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE_" > root certificate expiring in May 2025 from cacerts truststore. No code > signing certificates were issued from CA. > > The release-note is at > [JDK-8351686](ht

Re: RFR: 8341775: Duplicate manifest files are removed by jarsigner after signing [v14]

> JDK-8341775: In the case where there is a *single* META-INF directory but > potentially *multiple* manifest files of different cases, print a warning > before selecting the first one and ignoring the rest (the current behavior > should be maintained). Kevin Driver has updated the pull request

Re: RFR: 8351565: Implement JEP 502: Stable Values (Preview)

On Mon, 10 Mar 2025 19:45:53 GMT, Chen Liang wrote: >> Implement JEP 502. >> >> The PR passes tier1-tier3 tests. > > src/hotspot/share/ci/ciField.cpp line 255: > >> 253: static bool trust_final_non_static_fields_of_type(Symbol* signature) { >> 254: return signature == vmSymbols::java_lang_Sta

Re: RFR: 8350582: Correct the parsing of the ssl value in javax.net.debug [v2]

On Thu, 27 Feb 2025 20:21:28 GMT, Sean Coffey wrote: >> Breaking the parent JDK-8044609 JBS issue into sub tasks. >> >> This patch addresses the main issue which is that `javax.net.debug=ssl ` >> option is completely broken since TLSv1.3 support was introduced. This >> patch should be easier

Re: RFR: 8349492: Update sun/security/pkcs12/KeytoolOpensslInteropTest.java to use a recent Openssl version [v6]

On Fri, 7 Mar 2025 12:43:34 GMT, Fernando Guallini wrote: >> This updates the OpenSSL version that is used by test >> `sun/security/pkcs12/KeytoolOpensslInteropTest.java` to the current LTS >> version (3.0 series). >> There are some differences between the 1.1.x and the current OpenSSL versio

Re: RFR: 8339280: jarsigner -verify performs cross-checking between CEN and LOC

On Tue, 4 Mar 2025 08:54:06 GMT, Alan Bateman wrote: >> The jarsigner -verify command currently performs verification by reading >> from JarFile to navigate the central directory (CEN) headers. It is now >> enhanced to include cross-validation of entries between JarFile (CEN-based) >> and JarI

RFR: 8348986: Improve coverage of enhanced exception messages

Hi, Enhanced exception messages are designed to hide sensitive information such as hostnames, IP addresses from exception message strings, unless the enhanced mode for the specific category has been explicitly enabled. Enhanced exceptions were first introduced in 8204233 in JDK 11 and update

Re: RFR: 8345940: Migrate security-related resources from Java classes to properties files [v9]

On Mon, 10 Mar 2025 17:57:42 GMT, Artur Barashev wrote: >> These resources files are in Java classes. If converted to properties files, >> the localized versions can use UTF-8 encoding directly. >> >> ./src/java.base/share/classes/sun/security/tools/keytool/Resources.java >> ./src/java.base/sha

Re: RFR: 8351565: Implement JEP 502: Stable Values (Preview)

On Tue, 11 Mar 2025 13:22:20 GMT, Luca Kellermann wrote: >> Implement JEP 502. >> >> The PR passes tier1-tier3 tests. > > src/java.base/share/classes/java/lang/StableValue.java line 344: > >> 342: * {@linkplain java.lang.ref##reachability reachable} stable values >> will hold their set >> 343

Re: RFR: 8350964: Add an ArtifactResolver.fetch(clazz) method [v3]

On Wed, 12 Mar 2025 15:29:36 GMT, Matthew Donovan wrote: >> In this PR, I created a new method, `ArtifactResolver.fetchOne()`, to >> consolidate duplicate code across tests. > > Matthew Donovan has updated the pull request incrementally with one > additional commit since the last revision: > >

Re: RFR: 8341775: Duplicate manifest files are removed by jarsigner after signing [v15]

On Fri, 14 Mar 2025 15:55:51 GMT, Kevin Driver wrote: >> JDK-8341775: In the case where there is a *single* META-INF directory but >> potentially *multiple* manifest files of different cases, print a warning >> before selecting the first one and ignoring the rest (the current behavior >> shoul

Re: RFR: 8341775: Duplicate manifest files are removed by jarsigner after signing [v15]

> JDK-8341775: In the case where there is a *single* META-INF directory but > potentially *multiple* manifest files of different cases, print a warning > before selecting the first one and ignoring the rest (the current behavior > should be maintained). Kevin Driver has updated the pull request

Re: RFR: 8346129: Simplify EdDSA & XDH curve name usage [v4]

On Fri, 7 Mar 2025 22:03:56 GMT, Anthony Scarpino wrote: >> test/jdk/sun/security/util/AlgorithmConstraints/DisabledAlgorithmPermits.java >> line 86: >> >>> 84: Arrays.asList( >>> 85: new TestCase("EdDSA", false), >>> 86: new TestCase("Ed2

Re: RFR: 8341775: Duplicate manifest files are removed by jarsigner after signing [v18]

On Fri, 14 Mar 2025 16:32:24 GMT, Kevin Driver wrote: >> JDK-8341775: In the case where there is a *single* META-INF directory but >> potentially *multiple* manifest files of different cases, print a warning >> before selecting the first one and ignoring the rest (the current behavior >> shoul

Re: RFR: 8351034: Add AVX-512 intrinsics for ML-DSA [v4]

On Wed, 5 Mar 2025 13:10:34 GMT, Ferenc Rakoczi wrote: >> By using the AVX-512 vector registers the speed of the computation of the >> ML-DSA algorithms (key generation, document signing, signature verification) >> can be approximately doubled. > > Ferenc Rakoczi has updated the pull request in

Re: RFR: 8341775: Duplicate manifest files are removed by jarsigner after signing [v17]

> JDK-8341775: In the case where there is a *single* META-INF directory but > potentially *multiple* manifest files of different cases, print a warning > before selecting the first one and ignoring the rest (the current behavior > should be maintained). Kevin Driver has updated the pull request

Re: RFR: 8351970: Retire JavaLangAccess::exit

On Fri, 14 Mar 2025 18:31:38 GMT, Roger Riggs wrote: > Cleanup the single use of JavaLangAccess.exit() it is no longer necessary; > System.exit() can be called directly. Looks fine. - Marked as reviewed by rgiulietti (Reviewer). PR Review: https://git.openjdk.org/jdk/pull/24066#p

Re: RFR: 8328914: Document the java.security.debug property in javadoc [v13]

On Thu, 6 Mar 2025 00:01:17 GMT, Koushik Muthukrishnan Thirupattur wrote: >> java.security.debug is a widely used debug system property for JDK security >> libs. It's time to capture details about this property via javadoc. >> >> > src="https://github.com/user-attachments/assets/3b2e0827-899e-