Re: JDK 16 Early Access build 26 is now available

[Rory O'Donnell]

Hi Marc,

Let me see what we can do.

Rgds,Rory

On 30/11/2020 14:47, Mark Thomas wrote:

Hi Rory,

I have been (slowly) working my way through the currently open issues
and I found time time today to investigate this one:
https://urldefense.com/v3/__https://bz.apache.org/bugzilla/show_bug.cgi?id=63802__;!!GqivPVa7Brio!PccppzFjCMGwBbQzCDnWyF3kpvqgDVQZjxTwZ9Q1KyRdhCuJv1k7BsAkR2ME3DDHE2Y$

That led me to this OpenJDK bug:
https://bugs.openjdk.java.net/browse/JDK-8238279

I have spent some time looking at this and I can confirm that the
OpenJDK bug is present in the latest OpenJDK 8.

The issue looks to have been forgotten about. Is there anything you can
do to get the right people to have a look at it? There is a simple to
use reproduction case provided and if the bugs triggers it has very
serious consequences for Tomcat.

It would be really good to get a fix for this in Java 8.

Thanks,

Mark


On 30/11/2020 14:02, Rory O'Donnell wrote:

Thanks for the feedback Martin!

On 30/11/2020 09:37, Martin Grigorov wrote:

Hi Rory,

Apache Tomcat's build and tests pass with JDK 16 b26 on Ubuntu 20.04.1
(x86_64 & aarch64)!

Regards,
Martin

On Fri, Nov 27, 2020 at 1:15 PM Rory O'Donnell
<rory.odonn...@oracle.com <mailto:rory.odonn...@oracle.com>> wrote:

     Hi Mark,

     OpenJDK 16 Early Access build 26**is now available at
     
https://urldefense.com/v3/__http://jdk.java.net/16__;!!GqivPVa7Brio!PccppzFjCMGwBbQzCDnWyF3kpvqgDVQZjxTwZ9Q1KyRdhCuJv1k7BsAkR2MEZ3Rcy6Y$

<https://urldefense.com/v3/__http://jdk.java.net/16__;!!GqivPVa7Brio!M4EgIFbSTB2Ht6bPl0cv86IT2O3uiW_VkCI3Zm_GgnhSvLYSiUf9GTDwfYPA7UXpQ9Y$>

       * These early-access , open-source builds are provided under the
           o GNU General Public License, version 2, with the Classpath
             Exception <http://openjdk.java.net/legal/gplv2+ce.html
     <http://openjdk.java.net/legal/gplv2+ce.html>>.

       * Schedule: *JDK 16 Rampdown Phase One Starts on 2020/12/10 [1] *

       * Features [1]: Most recent Integrations:
           o Integrated JEP 389: Foreign Linker API (Incubator)
             <https://openjdk.java.net/jeps/389
     <https://openjdk.java.net/jeps/389>> with this release.
               + JEP 389 introduces an API that offers statically-typed,
                 pure-Java access to native code.
               + This API, together with the JEP 383
                 <https://openjdk.java.net/jeps/383
     <https://openjdk.java.net/jeps/383>>, will considerably
                 simplify the otherwise error-prone process of binding
to a
                 native library.

     **

       * Release Notes [2]

       * Changes in recent builds that maybe of interest:
           o Build 26
               + JDK-8202343: *Disable TLS 1.0 and 1.1*
               + JDK-8251317:**Support for CLDR version 38**
               + JDK-8212879: Make JVMTI TagMap table concurrent
               + JDK-8236926: Concurrently uncommit memory in G1
               + JDK-8243559: Removed Root Certificates with 1024-bit Keys
               + JDK-8253459: Argument index of zero or unrepresentable by
                 int throws IllegalFormatException
               + JDK-8256643: Terminally deprecate ThreadGroup stop,
     destroy,
                 isDestroyed, setDaemon and isDaemon
           o Build 25
               + JDK-8247781: Day period support added to java.time
formats
               + JDK-8202471: (ann) Cannot read type annotations on
generic
                 receiver type's type variables *[**Reported by
ByteBuddy]*
               + JDK-8255947: [macos] Signed macOS jpackage app doesn't
                 filter spurious '-psn' argument *[**Reported by JOSM]*
               + JDK-8256063: Module::getPackages returns the set of
     package
                 names in this module

       * JDK 16 - topics of interest
           o Inside Java Episode 7 “The Vector API” with John Rose and
Paul
             Sandoz
               + 
https://urldefense.com/v3/__https://inside.java/2020/11/17/podcast-007/__;!!GqivPVa7Brio!PccppzFjCMGwBbQzCDnWyF3kpvqgDVQZjxTwZ9Q1KyRdhCuJv1k7BsAkR2MEtW5xauw$

<https://urldefense.com/v3/__https://inside.java/2020/11/17/podcast-007/__;!!GqivPVa7Brio!M4EgIFbSTB2Ht6bPl0cv86IT2O3uiW_VkCI3Zm_GgnhSvLYSiUf9GTDwfYPAWp3gGRk$>

                 
<https://urldefense.com/v3/__https://inside.java/2020/11/17/podcast-007/__;!!GqivPVa7Brio!PccppzFjCMGwBbQzCDnWyF3kpvqgDVQZjxTwZ9Q1KyRdhCuJv1k7BsAkR2MEtW5xauw$

<https://urldefense.com/v3/__https://inside.java/2020/11/17/podcast-007/__;!!GqivPVa7Brio!M4EgIFbSTB2Ht6bPl0cv86IT2O3uiW_VkCI3Zm_GgnhSvLYSiUf9GTDwfYPAWp3gGRk$>>

           o Biased locking Obsoletion update
               +
     
https://urldefense.com/v3/__https://inside.java/2020/11/17/biased-locking-obsoletion/__;!!GqivPVa7Brio!PccppzFjCMGwBbQzCDnWyF3kpvqgDVQZjxTwZ9Q1KyRdhCuJv1k7BsAkR2MEBDg8oxo$

<https://urldefense.com/v3/__https://inside.java/2020/11/17/biased-locking-obsoletion/__;!!GqivPVa7Brio!M4EgIFbSTB2Ht6bPl0cv86IT2O3uiW_VkCI3Zm_GgnhSvLYSiUf9GTDwfYPAxzCxL3M$>

    <https://urldefense.com/v3/__https://inside.java/2020/11/17/biased-locking-obsoletion/__;!!GqivPVa7Brio!PccppzFjCMGwBbQzCDnWyF3kpvqgDVQZjxTwZ9Q1KyRdhCuJv1k7BsAkR2MEBDg8oxo$ <https://urldefense.com/v3/__https://inside.java/2020/11/17/biased-locking-obsoletion/__;!!GqivPVa7Brio!M4EgIFbSTB2Ht6bPl0cv86IT2O3uiW_VkCI3Zm_GgnhSvLYSiUf9GTDwfYPAxzCxL3M$>>

       * Project Loom with Ron Pressler
           o 
https://urldefense.com/v3/__https://inside.java/2020/11/24/podcast-008/__;!!GqivPVa7Brio!PccppzFjCMGwBbQzCDnWyF3kpvqgDVQZjxTwZ9Q1KyRdhCuJv1k7BsAkR2MEQv2Azfo$

<https://urldefense.com/v3/__https://inside.java/2020/11/24/podcast-008/__;!!GqivPVa7Brio!M4EgIFbSTB2Ht6bPl0cv86IT2O3uiW_VkCI3Zm_GgnhSvLYSiUf9GTDwfYPA0dsi5SU$>

       * Update on 64-bit ARM Support for Oracle OpenJDK and Oracle JDK
           o 
https://urldefense.com/v3/__https://inside.java/2020/11/12/arm-support-update/__;!!GqivPVa7Brio!PccppzFjCMGwBbQzCDnWyF3kpvqgDVQZjxTwZ9Q1KyRdhCuJv1k7BsAkR2MEwYMr9uA$

<https://urldefense.com/v3/__https://inside.java/2020/11/12/arm-support-update/__;!!GqivPVa7Brio!M4EgIFbSTB2Ht6bPl0cv86IT2O3uiW_VkCI3Zm_GgnhSvLYSiUf9GTDwfYPAfaLo-TE$>

             
<https://urldefense.com/v3/__https://inside.java/2020/11/12/arm-support-update/__;!!GqivPVa7Brio!PccppzFjCMGwBbQzCDnWyF3kpvqgDVQZjxTwZ9Q1KyRdhCuJv1k7BsAkR2MEwYMr9uA$

<https://urldefense.com/v3/__https://inside.java/2020/11/12/arm-support-update/__;!!GqivPVa7Brio!M4EgIFbSTB2Ht6bPl0cv86IT2O3uiW_VkCI3Zm_GgnhSvLYSiUf9GTDwfYPAfaLo-TE$>>

     Project Lanai Early-Access: EA 7 Build 16-lanai+3-278
     
<https://urldefense.com/v3/__http://jdk.java.net/lanai/__;!!GqivPVa7Brio!PccppzFjCMGwBbQzCDnWyF3kpvqgDVQZjxTwZ9Q1KyRdhCuJv1k7BsAkR2MEB1z57Go$

<https://urldefense.com/v3/__http://jdk.java.net/lanai/__;!!GqivPVa7Brio!M4EgIFbSTB2Ht6bPl0cv86IT2O3uiW_VkCI3Zm_GgnhSvLYSiUf9GTDwfYPAWQSEiWc$>>

     (2020/11/17)

       * These early-access builds are provided under the GNU General
     Public
         License, version 2, with the Classpath Exception
         <http://openjdk.java.net/legal/gplv2+ce.html
     <http://openjdk.java.net/legal/gplv2+ce.html>>
       * These EA builds are produced for the purpose of gathering
     feedback.
         Use for any other purpose is at your own risk.
       * Please send feedback via e-mail to lanai-...@openjdk.java.net
     <mailto:lanai-...@openjdk.java.net>
         <mailto:lanai-...@openjdk.java.net
     <mailto:lanai-...@openjdk.java.net>>. To send e-mail to this address
         you must first subscribe to the mailing list
         <https://mail.openjdk.java.net/mailman/listinfo/lanai-dev
     <https://mail.openjdk.java.net/mailman/listinfo/lanai-dev>>.

     The Java Cryptographic Roadmap has been updated [3]:

       * Distrust TLS 1.0 and TLS 1.1 by default
           o TLS protocol versions 1.0 and 1.1 are no longer considered
             secure and have been superseded by more secure and modern
             versions (TLS 1.2 and 1.3). This change has been
     integrated with
             JDK 16 Early Access build 26.
       * Upgrade of default algorithms used to encrypt PKCS12 keystores
           o The new algorithms are based on AES-256 and SHA-256 and are
             stronger than the old algorithms which were based on RC2,
             DESede, and SHA-1.This change is already included in JDK 16
             Early Access build 23.

     RgdsRory

     [1] https://openjdk.java.net/projects/jdk/16/
     <https://openjdk.java.net/projects/jdk/16/>
     [2] 
https://urldefense.com/v3/__https://jdk.java.net/16/release-notes__;!!GqivPVa7Brio!PccppzFjCMGwBbQzCDnWyF3kpvqgDVQZjxTwZ9Q1KyRdhCuJv1k7BsAkR2MEpKSuM9s$

<https://urldefense.com/v3/__https://jdk.java.net/16/release-notes__;!!GqivPVa7Brio!M4EgIFbSTB2Ht6bPl0cv86IT2O3uiW_VkCI3Zm_GgnhSvLYSiUf9GTDwfYPA8Rb9xDs$>

     [3] 
https://urldefense.com/v3/__https://www.java.com/en/jre-jdk-cryptoroadmap.html__;!!GqivPVa7Brio!PccppzFjCMGwBbQzCDnWyF3kpvqgDVQZjxTwZ9Q1KyRdhCuJv1k7BsAkR2MEAhryTUg$

<https://urldefense.com/v3/__https://www.java.com/en/jre-jdk-cryptoroadmap.html__;!!GqivPVa7Brio!M4EgIFbSTB2Ht6bPl0cv86IT2O3uiW_VkCI3Zm_GgnhSvLYSiUf9GTDwfYPA_J5bbAA$>

     --     Rgds, Rory O'Donnell
     Quality Engineering Manager
     Oracle EMEA, Dublin, Ireland

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

--
Rgds, Rory O'Donnell
Quality Engineering Manager
Oracle EMEA, Dublin, Ireland


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org