Building IcedTea
================

For convenience we've provided make targets that automatically
download, extract and patch the source code from the IcedTea forest
(http://hg.openjdk.java.net/icedtea/jdk7/).

The build requirements are as follows:

A bootstrap JDK, either IcedTea7 or IcedTea8
CUPS
libX11 (xproto, libX11, libXext, libXtst, libXi, libXt, libXinerama, libXrender, libXcomposite, libXau, libXdmcp)
Freetype2
patch
sed
tar
sha256sum (from coreutils)
wget
alsa
xalan
xerces
glib2-devel 
gtk2-devel
libXinerama-devel
giflib-devel
libpng-devel
libjpeg-devel >= 6b
zlib-devel
libffi (for --enable-zero or on archs other than x86/x86_64/sparc)
LLVM 2.5 or later (for --enable-shark)
systemtap-sdl-devel >= 0.9.5 (Java method tracing requires systemtap >= 0.9.9)

See ./configure --help if you need to override the defaults.

To bootstrap IcedTea with ecj and a GNU Classpath-based JDK:
./autogen.sh
./configure 
make

To build IcedTea with an older version of IcedTea, use:
./autogen.sh
./configure --disable-bootstrap 
make

The following locations are checked for a JDK:
    * /usr/lib/jvm/icedtea-8
    * /usr/lib/jvm/java-1.8.0-openjdk
    * /usr/lib/jvm/java-1.8.0-openjdk.x86_64
    * /usr/lib64/jvm/java-1.8.0-openjdk
    * /usr/lib/jvm/java-1.8.0
    * /usr/lib/jvm/icedtea-7
    * /usr/lib/jvm/icedtea7
    * /usr/lib/jvm/java-1.7.0-openjdk
    * /usr/lib/jvm/java-1.7.0-openjdk.x86_64
    * /usr/lib64/jvm/java-1.7.0-openjdk
    * /usr/lib/jvm/java-1.7.0
in the order given above.

If bootstrapping is enabled, the following JDK locations are appended to the above list:
   * /usr/lib/jvm/cacao

Finally, the following generic locations are checked as a last resort:
    * /usr/lib/jvm/java-openjdk
    * /usr/lib/jvm/openjdk
    * /usr/lib/jvm/java-icedtea
    * /etc/alternatives/java_sdk_openjdk

There is currently no install target.  IcedTea ends up in
openjdk.build when the build completes.

Most targets in IcedTea create stamp files in the stamps directory to
determine what and when dependencies were compiled.  Each target has a
corresponding clean-x target which removes the output and the stamp
file, allowing it to be rebuilt.  For example, stamps/rt.stamp (alias
rt) builds the bootstrap classes needed in the bootstrap build and
clean-rt removes the classes and the stamp file.

Build Modification Options
==========================

The build process may be modified by passing the following options
to configure:

* --prefix: The final install location of the j2sdk-image.
* --disable-docs: Don't build the Javadoc documentation.
* --disable-bootstrap: Perform a quick (no bootstrap) build using an installed
  copy of IcedTea6 or IcedTea7.  If a directory is not specified, a check against
  the list presented above is performed.
* --enable-warnings: Produce warnings from the Java compiler during the build.
* --with-openjdk-src-dir: Copy the specified OpenJDK tree, rather than
  downloading and extracting a tarball.
* --disable-optimizations: Build with -O0.
* --enable-hg: Checkout the OpenJDK tree from Mercurial, rather than
  downloading and extracting a tarball.
* --enable-system-lcms: Build using the system installation of LCMS2, not
  the version in-tree.
* --with-gcj: Compile ecj to native code with gcj prior to building.
* --with-parallel-jobs: Run the specified number of parallel jobs when
  building HotSpot and the JDK.  If this option is passed without an
  argument, the number of online processors plus one is used.
* --with-pkgversion=PKG: Include the specified distro package information in
  the output of java -version.
* --with-jdk-home: Use the specified JDK to bootstrap.  If this option is
  not specified, a check against the list presented above is performed.
* --with-java: Specify the location of a 'java' binary.  By default, the path
  is checked for gij and java.
* --with-ecj: Specify the location of a 'ecj' binary.  By default, the path
  is checked for ecj, ecj-3.1, ecj-3.2 and ecj-3.3.
* --with-javac: Specify the location of a 'javac' binary.  By default, the path
  is checked for javac.
* --with-jar: Specify the location of a 'jar' binary.  By default, the path
  is checked for gjar and jar.
* --with-javah: Specify the location of a 'javah' binary.  By default, the path
  is checked for gjavah and javah.
* --with-rmic: Specify the location of a 'rmic' binary.  By default, the path
  is checked for grmic and rmic.
* --with-native2ascii:  Specify the location of a 'native2ascii' binary.  By default,
  ${SYSTEM_JDK_DIR}/bin/native2ascii is used.  If this is absent, then the path
  is checked for native2ascii and gnative2ascii.
* --with-ecj-jar: Specify the location of an ecj JAR file.  By default, the
  following paths are checked:
    - /usr/share/java/eclipse-ecj.jar
    - /usr/share/java/ecj.jar
    - /usr/share/eclipse-ecj-3.{2,3,4,5}/lib/ecj.jar
* --with-openjdk-src-zip: Specify the location of the OpenJDK tarball to avoid downloading.
* --with-openjdk-checksum: Specify a SHA256 checksum for the supplied source zip. Alternatively,
  --with-openjdk-checksum without an argument (the default) uses the expected upstream SHA256
  checksum, while --without-openjdk-checksum doesn't check the tarball specified by
  --with-openjdk-src-zip at all. This option allows a locally modified version of the source
  tarball to be used instead of the standard versions.
* --with-hotspot-src-zip: Specify the location of the HotSpot tarball to avoid downloading.
* --with-hotspot-checksum: Specify a SHA256 checksum for the supplied source zip. Alternatively,
  --with-hotspot-checksum without an argument (the default) uses the expected upstream SHA256
  checksum, while --without-hotspot-checksum doesn't check the tarball specified by
  --with-hotspot-src-zip at all. This option allows a locally modified version of the source
  tarball to be used instead of the standard versions.
* --with-corba-src-zip: Specify the location of the CORBA tarball to avoid downloading.
* --with-corba-checksum: Specify a SHA256 checksum for the supplied source zip. Alternatively,
  --with-corba-checksum without an argument (the default) uses the expected upstream SHA256
  checksum, while --without-corba-checksum doesn't check the tarball specified by
  --with-corba-src-zip at all. This option allows a locally modified version of the source
  tarball to be used instead of the standard versions.
* --with-jaxp-src-zip: Specify the location of the JAXP tarball to avoid downloading.
* --with-jaxp-checksum: Specify a SHA256 checksum for the supplied source zip. Alternatively,
  --with-jaxp-checksum without an argument (the default) uses the expected upstream SHA256
  checksum, while --without-jaxp-checksum doesn't check the tarball specified by
  --with-jaxp-src-zip at all. This option allows a locally modified version of the source
  tarball to be used instead of the standard versions.
* --with-jaxws-src-zip: Specify the location of the JAXWS tarball to avoid downloading.
* --with-jaxws-checksum: Specify a SHA256 checksum for the supplied source zip. Alternatively,
  --with-jaxws-checksum without an argument (the default) uses the expected upstream SHA256
  checksum, while --without-jaxws-checksum doesn't check the tarball specified by
  --with-jaxws-src-zip at all. This option allows a locally modified version of the source
  tarball to be used instead of the standard versions.
* --with-jdk-src-zip: Specify the location of the JDK tarball to avoid downloading.
* --with-jdk-checksum: Specify a SHA256 checksum for the supplied source zip. Alternatively,
  --with-jdk-checksum without an argument (the default) uses the expected upstream SHA256
  checksum, while --without-jdk-checksum doesn't check the tarball specified by
  --with-jdk-src-zip at all. This option allows a locally modified version of the source
  tarball to be used instead of the standard versions.
* --with-langtools-src-zip: Specify the location of the langtools tarball to avoid downloading.
* --with-langtools-checksum: Specify a SHA256 checksum for the supplied source zip. Alternatively,
  --with-langtools-checksum without an argument (the default) uses the expected upstream SHA256
  checksum, while --without-langtools-checksum doesn't check the tarball specified by
  --with-langtools-src-zip at all. This option allows a locally modified version of the source
  tarball to be used instead of the standard versions.
* --with-nashorn-src-zip: Specify the location of the Nashorn tarball to avoid downloading.
* --with-nashorn-checksum: Specify a SHA256 checksum for the supplied source zip. Alternatively,
  --with-nashorn-checksum without an argument (the default) uses the expected upstream SHA256
  checksum, while --without-nashorn-checksum doesn't check the tarball specified by
  --with-nashorn-src-zip at all. This option allows a locally modified version of the source
  tarball to be used instead of the standard versions.
* --with-alt-jar: Use the specified jar binary in the second stage rather than the one just built.
* --with-cacao-home: Specify the location of an installed CACAO to use rather than downloading
  and building one.
* --with-cacao-src-zip: Specify the location of a CACAO tarball to avoid downloading.
* --with-cacao-checksum: Specify a SHA256 checksum for the supplied source zip. Alternatively,
  --with-cacao-checksum without an argument (the default) uses the expected upstream SHA256
  checksum, while --without-cacao-checksum doesn't check the tarball specified by
  --with-cacao-src-zip at all. This option allows a locally modified version of the source
  tarball to be used instead of the standard versions.
* --with-cacao-src-dir: Specify the location of a CACAO source tree to avoid downloading.
* --with-jamvm-src-zip: Specify the location of a JamVM tarball to avoid downloading.
* --with-jamvm-checksum: Specify a SHA256 checksum for the supplied source zip. Alternatively,
  --with-jamvm-checksum without an argument (the default) uses the expected upstream SHA256
  checksum, while --without-jamvm-checksum doesn't check the tarball specified by
  --with-jamvm-src-zip at all. This option allows a locally modified version of the source
  tarball to be used instead of the standard versions.
* --with-hg-revision: Specify a Mercurial revision to use (as opposed to tip) with the --enable-hg option.
* --with-llvm-config: Specify the location of the llvm-config binary.
* --with-version-suffix: Appends the given text to the JDK version output.
* --with-cacerts-file: Specify the location of a cacerts file, defaulting to
  ${SYSTEM_JDK_DIR}/jre/lib/security/cacerts

Other options may be supplied which enable or disable new features.
These are documented fully in the relevant section below.

* --disable-tests: Disable the running of all JTReg tests.
* --disable-hotspot-tests: Disable the running of the HotSpot JTReg suite.
* --disable-langtools-tests: Disable the running of the langtools JTReg suite.
* --disable-jdk-tests: Disable the running of the jdk JTreg suite.
* --disable-systemtap-tests: Disable the running of the SystemTap test suite.
* --disable-xrender: Don't include the XRender pipeline.
* --enable-systemtap: Include support for tracing using systemtap.
* --enable-nss: Enable the NSS security provider.
* --enable-cacao: Replace HotSpot with the CACAO VM.
* --enable-jamvm: Replace HotSpot with JamVM.
* --enable-shark: Build the Shark LLVM-based JIT.
* --enable-zero: Build the zero assembler port on x86/x86_64/sparc platforms.
* --with-hotspot-build: The HotSpot to use, defaulting to 'original' i.e. hs14 as bundled with OpenJDK.
* --with-additional-vms=vm-list: Additional VMs to build using the system described
  below.
* --with-curves: Define the number of curves to support for elliptic curve cryptography

Testing
=======

IcedTea7 includes support for running the test suite included with
OpenJDK, using the in-tree copy of JTReg.  Invoking 'make check' will
cause the HotSpot, JDK and langtools test suites to be run.  The
individual test suites may be run using the check-hotspot, check-jdk
and check-langtools targets respectively.  The --disable-tests option
can be used to turn off all tests, and the
--disable-{hotspot,langtools,jdk}-tests options can be used to turn
off individual suites.  This is useful when using 'make distcheck'
as a way of avoiding running the extensive JDK test suite which
takes several hours.

Xrender Support
===============

IcedTea7 includes support for an Xrender-based rendering pipeline
developed by Clemens Eisserer (http://linuxhippy.blogspot.com/).  This
is compiled by default, and can be disabled using --disable-xrender.
To actually use the pipeline, the sun.java2d.xrender property needs to
be set to true, e.g.  by passing the -Dsun.java2d.xrender=True option
to java.

SystemTap
=========

IcedTea7 includes work to allow the existing DTrace probes included in
OpenJDK to be used with SystemTap.  This requires version 0.9.5 or later (0.9.9
or later if you want Java method tracing).  The tapset needs to know
the final install location of the JDK, so the --with-abs-install-dir option
should also be used to specify this.  If not set, it defaults to the
in-tree location of openjdk.build/j2sdk-image and requires
manual changes to tapset/hotspot.stp to work from elsewhere. For
example, if you plan to install the resulting build in
/usr/lib/jvm/java-1.6.0-openjdk, then you should specify
--with-abs-install-dir=/usr/lib/jvm/java-1.6.0-openjdk.

The NSS PKCS11 Security Provider and Elliptic Curve Cryptography
================================================================

OpenJDK includes an NSS-based security provider in the form of
sun.security.pkcs11.SunPKCS11.  However, as this needs to know the
location of the NSS installation it should use, it is not enabled
in normal OpenJDK builds.  As IcedTea can detect NSS using configure,
it can simplify the process of enabling this provider by generating
a configuration file for the NSS provider.  If --enable-nss is specified,
this configuration will be turned on in lib/security/java.security.
This can also be done manually at a later date.

The PKCS11 option was originally added as it was the only way that
elliptic curve cryptography support could be provided. From OpenJDK 7
onwards, there is another provider, SunEC, which uses the in-tree
SunEC native library. This is enabled by default, so there is no
longer a need to enable the SunPKCS11 provider simply to obtain
elliptic curve cryptography support.

CACAO
=====

IcedTea7 can use CACAO as the virtual machine, as opposed to HotSpot.
One advantage of this is that CACAO has a JIT implementation for
more platforms than HotSpot, including ppc, ppc64, arm and mips.
When --enable-cacao is specified, CACAO will be downloaded and built,
followed by the JDK portion of OpenJDK resulting in a CACAO+OpenJDK
image in openjdk.build/j2sdk-image.  The --with-cacao-home
option can be used to specify the use of an existing CACAO install
instead, and --with-cacao-src-zip/dir options exist to allow the use
of a pre-downloaded zip or source tree respectively.

JamVM
=====

IcedTea6 can use JamVM as the virtual machine, as opposed to HotSpot.
When --enable-jamvm is specified, JamVM will be downloaded and built,
followed by the JDK portion of OpenJDK resulting in a JamVM+OpenJDK
image in openjdk.build/j2sdk-image.  The --with-jamvm-src-zip option
exists to allow the use of a pre-downloaded zip.

Zero & Shark
============

IcedTea7 includes a zero assembler port of HotSpot, which avoids
architecture-specific code as much as possible, allowing an
interpreter to be built and run on most platforms (albeit very
slowly).  As HotSpot only includes JITs for x86, x86_64 and SPARC, the
zero assembler port is automatically enabled on all other
architectures.  On x86, x86_64 and SPARC, it may be built using
--enable-zero.

To overcome the performance issues inherent in zero, a LLVM-based JIT
called Shark has been developed.  This performs Just-In-Time compilation
on any architecture supported by LLVM.  To enable it, pass the option
--enable-shark to configure.  Please note that Shark is still in
development and builds are still likely to fail at present.

Support for Different Versions of HotSpot
=========================================

IcedTea allows the version of HotSpot provided with the upstream build
drop to be replaced with another.  Support for this is provided by the
--with-hotspot-build option which causes IcedTea to probe the
hotspot.map file for an entry with the given build name.  The
hotspot.map file maps the name to a changeset from a given repository
URL.  During the build, it downloads HotSpot from
${URL}/archive/${CHANGESET}.tar.gz and the resulting file is verified
using the MD5 sum stored in hotspot.map.

New build selections may be provided by providing further mappings in
the hotspot.map file.  The name can be anything
e.g. 'shiny_new_hotspot'.  This is simply used to map the argument to
--with-hotspot-build to the values in the file and to apply
appropriate patches (see patches/hotspot, $HSBUILD is available in
Makefile.am for obtaining the build name).  The special value
'original' is used for patches/hotspot/original to denote those for
the upstream HotSpot; this value does not appear in hotspot.map.  

The changeset and URL should refer to a valid HotSpot tree when used
as above.  The required values can be obtained from a local checkout
or by using the web interface.  The simplest way to calculate the MD5
sum is to download the tarball and then run the 'md5sum' application
on it.  The resulting value should be added to hotspot.map.

As with the OpenJDK build tarballs, the location of an alternate zip
can be specified using --with-hotspot-src-zip.  This skips the
download stage and just verifies that the zip's MD5 sum matches that
of the requested build.

Currently, IcedTea7 only supports the 'original' HotSpot provided as
part of the upstream IcedTea forest.

Building Additional Virtual Machines
====================================

Although IcedTea can be built multiple times to use a different virtual
machine, additional VMs can be built without building the other components
multiple times.

On architectures where hotspot is available, use
   --with-additional-vms=cacao,zero  (or shark instead of zero)
on architectures where only zero (or shark) is available, use
   --with-additional-vms=cacao
to build the additional VMs.  It's not possible to build cacao as the
default VM, and zero as additional VM.
To build zero as the default VM and shark as an additional VM, use
   --enable-zero --with-additional-vms=shark

The additional VMs are available by calling the java with the option
`-cacao', `-zero' or `-shark', or by calling the java tools with
`-J-<vm name>'. If the build was configured with '--enable-shark',
use `-Xint' to just use the zero VM.

Please note that using this feature does not do as extensive testing
of the VM as would enabling it in the default full bootstrap mode,
which compiles IcedTea and then recompiles it using the just-built
image.

Elliptic Curve Cryptography Support
===================================

As some distributors may not wish to include the full set of elliptic
curves supported by OpenJDK, we currently provide two reduced sets of
curves, available via the --with-curves option:

1. NIST

This includes the three NIST curves, NIST P-{256,384,521}
For this, specify --with-curves=nist or --with-curves=3.

2. NIST+

This includes the three curves from option one, along with secp256k1.
For this, specify --with-curves=nist+ or --with-curves=4

3. All curves
Leave the OpenJDK sources as is and provide all curves.
For this, specify --with-curves=all or simply --with-curves.

The current default is option 2 (NIST+), as used in the Fedora and Red
Hat Enterprise Linux OpenJDK packages.

For compatibility with the old --enable-non-nss-curves option,
--with-curves or --with-curves=yes will be interpreted like
--enable-non-nss-curves as desiring all curves (option three).
Similarly, --without-curves will be interpreted as
--disable-non-nss-curves would, providing the default set.

We currently don't support the more obvious interpretation of
--without-curves in supporting no elliptic curve cryptography, as this
would severely hampered real world usage of the resulting JDK.