Hi Rory, I have been (slowly) working my way through the currently open issues and I found time time today to investigate this one: https://bz.apache.org/bugzilla/show_bug.cgi?id=63802
That led me to this OpenJDK bug: https://bugs.openjdk.java.net/browse/JDK-8238279 I have spent some time looking at this and I can confirm that the OpenJDK bug is present in the latest OpenJDK 8. The issue looks to have been forgotten about. Is there anything you can do to get the right people to have a look at it? There is a simple to use reproduction case provided and if the bugs triggers it has very serious consequences for Tomcat. It would be really good to get a fix for this in Java 8. Thanks, Mark On 30/11/2020 14:02, Rory O'Donnell wrote: > Thanks for the feedback Martin! > > On 30/11/2020 09:37, Martin Grigorov wrote: >> Hi Rory, >> >> Apache Tomcat's build and tests pass with JDK 16 b26 on Ubuntu 20.04.1 >> (x86_64 & aarch64)! >> >> Regards, >> Martin >> >> On Fri, Nov 27, 2020 at 1:15 PM Rory O'Donnell >> <rory.odonn...@oracle.com <mailto:rory.odonn...@oracle.com>> wrote: >> >> Hi Mark, >> >> OpenJDK 16 Early Access build 26**is now available at >> http://jdk.java.net/16 >> >> <https://urldefense.com/v3/__http://jdk.java.net/16__;!!GqivPVa7Brio!M4EgIFbSTB2Ht6bPl0cv86IT2O3uiW_VkCI3Zm_GgnhSvLYSiUf9GTDwfYPA7UXpQ9Y$> >> >> >> * These early-access , open-source builds are provided under the >> o GNU General Public License, version 2, with the Classpath >> Exception <http://openjdk.java.net/legal/gplv2+ce.html >> <http://openjdk.java.net/legal/gplv2+ce.html>>. >> >> * Schedule: *JDK 16 Rampdown Phase One Starts on 2020/12/10 [1] * >> >> * Features [1]: Most recent Integrations: >> o Integrated JEP 389: Foreign Linker API (Incubator) >> <https://openjdk.java.net/jeps/389 >> <https://openjdk.java.net/jeps/389>> with this release. >> + JEP 389 introduces an API that offers statically-typed, >> pure-Java access to native code. >> + This API, together with the JEP 383 >> <https://openjdk.java.net/jeps/383 >> <https://openjdk.java.net/jeps/383>>, will considerably >> simplify the otherwise error-prone process of binding >> to a >> native library. >> >> ** >> >> * Release Notes [2] >> >> * Changes in recent builds that maybe of interest: >> o Build 26 >> + JDK-8202343: *Disable TLS 1.0 and 1.1* >> + JDK-8251317:**Support for CLDR version 38** >> + JDK-8212879: Make JVMTI TagMap table concurrent >> + JDK-8236926: Concurrently uncommit memory in G1 >> + JDK-8243559: Removed Root Certificates with 1024-bit Keys >> + JDK-8253459: Argument index of zero or unrepresentable by >> int throws IllegalFormatException >> + JDK-8256643: Terminally deprecate ThreadGroup stop, >> destroy, >> isDestroyed, setDaemon and isDaemon >> o Build 25 >> + JDK-8247781: Day period support added to java.time >> formats >> + JDK-8202471: (ann) Cannot read type annotations on >> generic >> receiver type's type variables *[**Reported by >> ByteBuddy]* >> + JDK-8255947: [macos] Signed macOS jpackage app doesn't >> filter spurious '-psn' argument *[**Reported by JOSM]* >> + JDK-8256063: Module::getPackages returns the set of >> package >> names in this module >> >> * JDK 16 - topics of interest >> o Inside Java Episode 7 “The Vector API” with John Rose and >> Paul >> Sandoz >> + https://inside.java/2020/11/17/podcast-007/ >> >> <https://urldefense.com/v3/__https://inside.java/2020/11/17/podcast-007/__;!!GqivPVa7Brio!M4EgIFbSTB2Ht6bPl0cv86IT2O3uiW_VkCI3Zm_GgnhSvLYSiUf9GTDwfYPAWp3gGRk$> >> >> <https://inside.java/2020/11/17/podcast-007/ >> >> <https://urldefense.com/v3/__https://inside.java/2020/11/17/podcast-007/__;!!GqivPVa7Brio!M4EgIFbSTB2Ht6bPl0cv86IT2O3uiW_VkCI3Zm_GgnhSvLYSiUf9GTDwfYPAWp3gGRk$>> >> >> o Biased locking Obsoletion update >> + >> https://inside.java/2020/11/17/biased-locking-obsoletion/ >> >> <https://urldefense.com/v3/__https://inside.java/2020/11/17/biased-locking-obsoletion/__;!!GqivPVa7Brio!M4EgIFbSTB2Ht6bPl0cv86IT2O3uiW_VkCI3Zm_GgnhSvLYSiUf9GTDwfYPAxzCxL3M$> >> >> >> <https://inside.java/2020/11/17/biased-locking-obsoletion/ >> >> <https://urldefense.com/v3/__https://inside.java/2020/11/17/biased-locking-obsoletion/__;!!GqivPVa7Brio!M4EgIFbSTB2Ht6bPl0cv86IT2O3uiW_VkCI3Zm_GgnhSvLYSiUf9GTDwfYPAxzCxL3M$>> >> >> * Project Loom with Ron Pressler >> o https://inside.java/2020/11/24/podcast-008/ >> >> <https://urldefense.com/v3/__https://inside.java/2020/11/24/podcast-008/__;!!GqivPVa7Brio!M4EgIFbSTB2Ht6bPl0cv86IT2O3uiW_VkCI3Zm_GgnhSvLYSiUf9GTDwfYPA0dsi5SU$> >> >> * Update on 64-bit ARM Support for Oracle OpenJDK and Oracle JDK >> o https://inside.java/2020/11/12/arm-support-update/ >> >> <https://urldefense.com/v3/__https://inside.java/2020/11/12/arm-support-update/__;!!GqivPVa7Brio!M4EgIFbSTB2Ht6bPl0cv86IT2O3uiW_VkCI3Zm_GgnhSvLYSiUf9GTDwfYPAfaLo-TE$> >> >> <https://inside.java/2020/11/12/arm-support-update/ >> >> <https://urldefense.com/v3/__https://inside.java/2020/11/12/arm-support-update/__;!!GqivPVa7Brio!M4EgIFbSTB2Ht6bPl0cv86IT2O3uiW_VkCI3Zm_GgnhSvLYSiUf9GTDwfYPAfaLo-TE$>> >> >> >> Project Lanai Early-Access: EA 7 Build 16-lanai+3-278 >> <http://jdk.java.net/lanai/ >> >> <https://urldefense.com/v3/__http://jdk.java.net/lanai/__;!!GqivPVa7Brio!M4EgIFbSTB2Ht6bPl0cv86IT2O3uiW_VkCI3Zm_GgnhSvLYSiUf9GTDwfYPAWQSEiWc$>> >> >> (2020/11/17) >> >> * These early-access builds are provided under the GNU General >> Public >> License, version 2, with the Classpath Exception >> <http://openjdk.java.net/legal/gplv2+ce.html >> <http://openjdk.java.net/legal/gplv2+ce.html>> >> * These EA builds are produced for the purpose of gathering >> feedback. >> Use for any other purpose is at your own risk. >> * Please send feedback via e-mail to lanai-...@openjdk.java.net >> <mailto:lanai-...@openjdk.java.net> >> <mailto:lanai-...@openjdk.java.net >> <mailto:lanai-...@openjdk.java.net>>. To send e-mail to this address >> you must first subscribe to the mailing list >> <https://mail.openjdk.java.net/mailman/listinfo/lanai-dev >> <https://mail.openjdk.java.net/mailman/listinfo/lanai-dev>>. >> >> The Java Cryptographic Roadmap has been updated [3]: >> >> * Distrust TLS 1.0 and TLS 1.1 by default >> o TLS protocol versions 1.0 and 1.1 are no longer considered >> secure and have been superseded by more secure and modern >> versions (TLS 1.2 and 1.3). This change has been >> integrated with >> JDK 16 Early Access build 26. >> * Upgrade of default algorithms used to encrypt PKCS12 keystores >> o The new algorithms are based on AES-256 and SHA-256 and are >> stronger than the old algorithms which were based on RC2, >> DESede, and SHA-1.This change is already included in JDK 16 >> Early Access build 23. >> >> RgdsRory >> >> [1] https://openjdk.java.net/projects/jdk/16/ >> <https://openjdk.java.net/projects/jdk/16/> >> [2] https://jdk.java.net/16/release-notes >> >> <https://urldefense.com/v3/__https://jdk.java.net/16/release-notes__;!!GqivPVa7Brio!M4EgIFbSTB2Ht6bPl0cv86IT2O3uiW_VkCI3Zm_GgnhSvLYSiUf9GTDwfYPA8Rb9xDs$> >> >> [3] https://www.java.com/en/jre-jdk-cryptoroadmap.html >> >> <https://urldefense.com/v3/__https://www.java.com/en/jre-jdk-cryptoroadmap.html__;!!GqivPVa7Brio!M4EgIFbSTB2Ht6bPl0cv86IT2O3uiW_VkCI3Zm_GgnhSvLYSiUf9GTDwfYPA_J5bbAA$> >> >> >> -- Rgds, Rory O'Donnell >> Quality Engineering Manager >> Oracle EMEA, Dublin, Ireland >> > --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
