Mercurial > hg > release > icedtea7-2.0
view NEWS @ 2452:dd5dc6567d11
JamVM: Is self-hosting.
2011-07-08 Xerxes R?nby <xerxes@zafena.se>
JamVM: Is self-hosting.
* patches/jamvm/remove-sun.misc.Perf-debug-code.patch: New patch.
* Makefile.am:
(ICEDTEA_PATCHES): Apply new patch when building JamVM.
* HACKING: Updated.
* NEWS: Updated.
| author | Xerxes R?nby <xerxes@zafena.se> |
|---|---|
| date | Fri, 08 Jul 2011 10:51:52 +0200 |
| parents | 61e88e07618c |
| children | 05b8c708dced |
line wrap: on
line source
Key: SX - http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=X PRX - http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=X RHX - https://bugzilla.redhat.com/show_bug.cgi?id=X DX - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=X GX - http://bugs.gentoo.org/show_bug.cgi?id=X CAX - http://server.complang.tuwien.ac.at/cgi-bin/bugzilla/show_bug.cgi?id=X CVE-XXXX-YYYY: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY New in release 2.0 (2011-XX-XX): * JamVM - JamVM is self-hosting. - Make classlib init functions consistent + warnings. - Correctly implement sun.misc.Unsafe freeMemory(). - Move lazy-loading to init function. - Fix various warnings with -Wall. - PrintThreadsDump needs "self" as argument. - CopyMemory, etc. handle negative or truncation in length. - Extra sun.misc.Unsafe functions. - Ignore options for jtreg tests. - Enable shutdownVM to be called with OpenJDK classlib. - Initial implementation of JVM_FindClassFromBootLoader. - Fix callJNIMethod on i386 with -fomit-frame-pointer. - Fix backwards cache conflict resolution code. - Unify command line options parsing. - Remove debug printf. - Fix leak of native thread structure. - Consistent naming for classlib functions. - Add extra includes to get rid off compiler warning. - Rework OpenJDK storage of native thread structure. - Implement remaining OpenJDK Array reflection interface. New in release 1.14 (2011-05-25): * NetX and the plugin moved to the IcedTea-Web project with a separate release cycle. * Builds using system LCMS by default. * Added out-of-the-box JamVM support using --enable-jamvm * Allow building of JamVM beside the default VM by using --with-additional-vms=jamvm * Allow the location of the JamVM source zip to be specified using --with-jamvm-src-zip * JamVM builds can bootstrap and are self-hosting. * Bug fixes - PR616, PR99: Don't statically link libstdc++ - PR640: JamVM fails to build - Unrecognised option: -XX:ThreadStackSize. - PR714: Forwardport replace-hotspot support from IcedTea6. - PR103: Usage of native2ascii during bootstrap - PR543: zero fails to build on icedtea7 trunk 20100907 - PR715: Port updated macros from IcedTea6 to 7 - PR732: Use xsltproc for bootstrap xslt in place of Xerces/Xalan * JamVM - Ignore all unknown options. - Handle overflow in getPhysicalMemory(). - Base default min and max heap size on physical memory. - Fix reflective array access. - Handle O_DELETE in JVM_Open. - Minor performance improvement on ARM. - First set of changes to support JamVM/OpenJDK on MacOS X. - Minor memory leak (missing free). - Handle integer overflow on i386/amd64. - On ARM, force interpreter to be built in ARM mode. - MIPS: 64-bit and interpreter inlining by default. - Trivial implementation of stubs for MIPS. * CACAO - Threadlist & threadobject improvements. - Ignore all unknown options, but report them. - Fixes build for newer gcc (at least 4.4) on PPC64, breaks older gcc. - CA123: LD_LIBRARY_PATH and java.library.path. - CA143: don't hang with invalid locale. - CA144: aligned patchers on x86_64. - CA148: support for LCMP bytecode. - CA152: Calling Policy.setPolicy with a new Policy object has no effect on the DefaultSecurityManager. - CA156: uncaughtExceptionHandler doesn't work with OpenJDK 6 b21. - CA157: ARM SMP Assertion thinlock failed. * Zero/Shark - Match Shark in icedtea6, makes OSR work by removing vestigal check. - LLVM 2.7 non-product fixes. - Correct suffix for the llvm.atomic.cmp.swap intrinsic. New in release 1.13 (2010-07-29) * Updated to OpenJDK7 milestone 7/b89. * Removed VisualVM support; now hosted at http://icedtea.classpath.org/hg/visualvm. * Removed old plugin. * Bumped to CACAO 1.1.0 pre-release snapshot. * libjpeg7 & libpng 1.4 supported. * Latest security updates and hardening patches: - (CVE-2010-0837): JAR "unpack200" must verify input parameters (6902299) - (CVE-2010-0845): No ClassCastException for HashAttributeSet constructors if run with -Xcomp (6894807) - (CVE-2010-0838): CMM readMabCurveData Buffer Overflow Vulnerability (6899653) - (CVE-2010-0082): Loader-constraint table allows arrays instead of only the base-classes (6626217) - (CVE-2010-0095): Subclasses of InetAddress may incorrectly interpret network addresses (6893954) - (CVE-2010-0085): File TOCTOU deserialization vulnerability (6736390) - (CVE-2010-0091): Unsigned applet can retrieve the dragged information before drop action occurs (6887703) - (CVE-2010-0088): Inflater/Deflater clone issues (6745393) - (CVE-2010-0084): Policy/PolicyFile leak dynamic ProtectionDomains. (6633872) - (CVE-2010-0092): AtomicReferenceArray causes SIGSEGV -> SEGV_MAPERR error (6888149) - (CVE-2010-0094): Deserialization of RMIConnectionImpl objects should enforce stricter checks (6893947) - (CVE-2010-0093): System.arraycopy unable to reference elements beyond Integer.MAX_VALUE bytes (6892265) - (CVE-2010-0840): Applet Trusted Methods Chaining Privilege Escalation Vulnerability (6904691) - (CVE-2010-0848): AWT Library Invalid Index Vulnerability (6914823) - (CVE-2010-0847): ImagingLib arbitrary code execution vulnerability (6914866) - (CVE-2009-3555): TLS: MITM attacks via session renegotiation - 6639665: ThreadGroup finalizer allows creation of false root ThreadGroups - 6898622: ObjectIdentifer.equals is not capable of detecting incorrectly encoded CommonName OIDs - 6910590: Application can modify command array in ProcessBuilder - 6909597: JPEGImageReader stepX Integer Overflow Vulnerability - 6932480: Crash in CompilerThread/Parser. Unloaded array klass? - (CVE-2010-2783, RH616895): IcedTea 'Extended JNLP Services' arbitrary file access - (CVE-2010-2548, RH616893): IcedTea Incomplete property access check for unsigned applications * Bug fixes - PR179: Rhino bootclasspath issue - PR512: Extract jaxws getdtdtype patch to boot tree instead of main tree. - PR521: Don't hardlink the copy of generated. - S6963870: NPE in CompoundBorder.getInsets() - S6967533: Epoch bug: ExceptionInInitializerError on systems with uninitialized clock - S6944361: Missing CKR_ values in PKCS11Exception * SystemTap - Added JNI call tracing using systemtap version 1.0+ when configuring with --enable-systemtap. See tapset/hotspot_jni.stp. - Add support for Zero build on Hitachi SH. - Removed the old plugin, replaced by the NPPlugin. - PR476: Enable building SystemTap support on GCC 4.5. - Fix hotspot tapset object_alloc size variable. - Workaround RH613824: Missing and wrong hotspot.* probepoint arguments * Zero/Shark - Formatting changes and other fixes to match upstream - PR428: Shark on ARM precompiled header incls - Update Shark for LLVM r95390 API change. - S6927165: Zero S/390 fixes (from upstream) - Implemented Shark host CPU feature autotuner using LLVM 2.7 APIs. - Add s390 support to TCK setup helper script - Strip stupid options that llvm-config supplies - Update Shark for LLVM r94686 API change. - S6914622, S6909153, S6913869 upstream Zero fixes. - Fixed Shark sharkCompiler mattr memory corruption bug when using llvm 2.7. - PR525: Shark made not entrant deopt sigsegv regression after bump to b20 and hs17. - PR shark/483: Fix miscompilation of sun.misc.Unsafe::getByte. - PR icedtea/324, icedtea/481: Fix Shark VM crash. - Update Shark for LLVM 2.8 API change r100304 - Shark calling static jni methods jclass argument fix. - PR484: Shark jit code block "0xcdcdcdcd" zombie wipeout Sigsegv crash - Backport new frame anchor and stack overflow code for Zero and Shark - Fix stack leak in Shark - PR494: Shark fails to catch Exception using catch (Throwable e) * NPPlugin fixes - PR446: Use JDK_UPDATE_VERSION to set the jpi version. - Re-designed frame embedding code so that the applet is dynamically packed into given handle. This increases stability and breaks reliance on the assumption that the browser will always provide a handle in a certain sequence. - Encode new lines, carriage returns, and other special characters before sending them to Java side (de-coding code is already in effect on Java side). - Centralised and increased timeouts to give slow-loading applets enough time to load. - Fix security permissions related to get/set property, based on specifications. - Added support for JSObject.finalize() - Liveconnect message processing design changes. - Message protocol overhaul to fix race conditions - PR166: Create FIFO pies in temp dir instead of ~/.icedteaplugin - Profiled memory usage and implemented proper cleanup for C++ side. - Update debug output string and function/structure names to change 'GCJ' references to ITNP/IcedTea NP Plugin - PR461: plugin working for NSS enabled builds with firefox including a private NSS copy - Removed unncessary debug and trace output - PR474: Patch from Paulo Cesar Pereira de Andrade, incrementing malloc size to account for NULL terminator. - RH524387: javax.net.ssl.SSLKeyException: RSA premaster secret error - Set context classloader for all threads in an applet's threadgroup - PR436: Close all applet threads on exit - PR480: NPPlugin with NoScript extension. - PR488: Question mark changing into underscore in URL. - RH592553: Fix bug causing 100% CPU usage. - Don't generate a random pointer from a pthread_t in the debug output. - Add ForbiddenTargetException for legacy support. - Use variadic macro for plugin debug message printing. - Don't link the plugin with libxul libraries. - Fix race conditions in plugin initialization code that were causing hangs. - RH506730: BankID (Norwegian common online banking authentication system) applet fails to load. - PR491: pass java_{code,codebase,archive} parameters to Java. - Adds javawebstart.version property and give user permission to read that property. * NetX: - Make path sanitization consistent; use a blacklisting approach. - Make the SingleInstanceServer thread a daemon thread. - Handle JNLP files which use native libraries but do not indicate it - Allow JNLP classloaders to share native libraries - Added encoding support - Do not use Look and Feel related methods for setting up security dialogs - Error out when unsigned jnlp applications request permissions * PulseAudio: - Add missing .c file to PulseAudio build - Eliminate spurious exception throwing. New in release 1.12 (2009-11-17) - Updated to OpenJDK7 milestone 5; includes: - From Project Coin: - 6860965: Support for binary literals (e.g. 2 can be written 0b10) - 6860965: Support for underscored literals (e.g. 123456 can be written 123_456) - 6827009: Support for strings in switch statements (e.g. case "a") - 6840638: Improved inferencing with generics, e.g. Map<String,Integer> map = new HashMap<>(); - jsr166y from http://gee.cs.oswego.edu/dl/concurrency-interest/: - 6865571: Add a lightweight task framework known as ForkJoin - 6445158: Phaser - an improved CyclicBarrier - 6865579: Add TransferQueue/LinkedTransferQueue - The Zero assembler port - JIBX is no longer required to build Nimbus. - Many bug fixes - Latest security updates: - (CVE-2009-3728) ICC_Profile file existence detection information leak (6631533) - (CVE-2009-3885) BMP parsing DoS with UNC ICC links (6632445) - (CVE-2009-3881) resurrected classloaders can still have children (6636650) - (CVE-2009-3882) Numerous static security flaws in Swing (findbugs) (6657026) - (CVE-2009-3883) Mutable statics in Windows PL&F (findbugs) (6657138) - (CVE-2009-3880) UI logging information leakage (6664512) - (CVE-2009-3879) GraphicsConfiguration information leak (6822057) - (CVE-2009-3884) zoneinfo file existence information leak (6824265) - (CVE-2009-2409) deprecate MD2 in SSL cert validation (Kaminsky) (6861062) - (CVE-2009-3873) JPEG Image Writer quantization problem (6862968) - (CVE-2009-3875) MessageDigest.isEqual introduces timing attack vulnerabilities (6863503) - (CVE-2009-3876, CVE-2009-3877) OpenJDK ASN.1/DER input stream parser denial of service (6864911) - (CVE-2009-3869) JRE AWT setDifflCM stack overflow (6872357) - (CVE-2009-3874) ImageI/O JPEG heap overflow (6874643 - (CVE-2009-3871) JRE AWT setBytePixels heap overflow (6872358) - The NSS crypto. provider may be turned on with --enable-nss if the NSS libraries and headers are available via pkg-config. - Makefile reorganisation: * icedtea-ecj is now icedtea-boot and patches/ecj is now patches/boot. * The icedtea-against-icedtea target is now icedtea-stage2. The icedtea-against-ecj target is now icedtea-stage1. * The Java code for the plugin is now built by the liveconnect.stamp and liveconnect-dist.stamp targets rather than hijacking the OpenJDK build. - Upgraded to VisualVM 1.2.1 New in release 1.11 (2009-08-06) - Updated to OpenJDK7 b66 (Milestone 4), including JSR 308: Annotations on Java types. - Updates/bug fixes for netx, Shark and the web plugin. - Zero is now provided in the upstream forest rather than in-tree. - The options - --with-openjdk - --with-icedtea - --with-openjdk-home - --with-icedtea-home - --with-gcj-jdk have been removed. The JDK is now specified by --with-jdk-home and whether or not do a full bootstrap or not is now decided by --disable-bootstrap (the default is yes). This is in preparation for making the two stages independent of the JDK used, but some artefacts still remain in this release; the supported behaviour is still the use of gcj jdk for a full bootstrap and icedtea for a quick build. - Added java method tracing using systemtap version 0.9.9+. - Added latest security fixes. New in release 1.10 (2009-05-29) - Updated to OpenJDK7 b59 build via IcedTea forest. Now includes SCTP and Nimbus Swing look and feel. - Static trace support through systemtap. When given the configure option --enable-systemtap IcedTea will build hotspot with the dtrace static markers enabled and install an hotspot tapset that can be used to dynamically trace execution of java applications at runtime. See the tapset/hotspot.stp file for documentation of the various trace points and arguments available. - Allow building of other virtual machines besides the default VM. Additional virtual machines on architectures where hotspot is available are cacao and zero (or shark), and cacao, where zero (or shark) is available. It's not possible to build cacao as the default VM, and zero as additional VM. - New options --enable-nimbus and --enable-nimbus-generation. The default is that the first is on but the second is off, so Nimbus is built but without needing to generate the files using JIBX (http://jibx.sourceforge.net/). - VisualVM updated to 1.1.1. - Many build fixes, notably to make netx/the plugin work. IcedTea7 now avoids the binary plug mechanism in favour of using the same method as CORBA, JAXP, JAXWS and langtools to import the plugin/netx code. - Several web browser plugin and javaws support fixes: - Fixed security handling to prevent access denials when there is a site specific exception in the policy file - Allow extensions (chrome) to run Java code with full permissions - Added non-trusted SSL support to WebStart (javaws) - Added proxy support - Other improvements that were breaking specific sites (tag parser fix, nested jar support, etc.) - Added JVM Console (used by http://chrispederick.com/work/web-developer/) - Experimental new plugin enabled by --enable-npplugin. - Original plugin is now enabled by --enable-plugin, not --enable-liveconnect. - LCMS security fixes. - Many build improvements. - Many zero/shark jtreg fixes. - Other bug fixes. New in release 1.9 (2009-03-20) - Security fixes for: CVE-2008-5360 - Temporary files have guessable file names. CVE-2008-5350 - Allows to list files within the user home directory. CVE-2008-5348 - Denial-Of-Service in kerberos authentication. CVE-2008-5359 - Buffer overflow in image processing. CVE-2008-5351 - UTF-8 decoder accepts non-shortest form sequences. CVE-2008-5356 - Font processing vulnerability. CVE-2008-5353 - Calendar object deserialization allows privilege escalation. CVE-2008-5354 - Privilege escalation in command line applications. CVE-2008-5357 - Truetype Font processing vulnerability. CVE-2008-5352 - Jar200 Decompression buffer overflow. CVE-2008-5358 - Buffer Overflow in GIF image processing. - Updated to OpenJDK7 b50 build. - XRender pipeline support: Java2D are noticably faster and running over a remote X connection feels like it is all local. Build by default (disable with --disable-xrender). Runtime enabled by running java -Dsun.java2d.xrender=True (default is to use the old X renderer for now). - IcedTeaPlugin now supports HTTPS sites and adds a user prompt for untrusted https certificates. - Use the ALSA 'default' device. Makes Java play nicer with PulseAudio. - VisualVM integration updated to 1.1.1 - Gervill soft synthesizer integration updated to latest CVS version. - Integrated jtreg upgraded to 4_0-src-b02-15_oct_2008. - make check runs much faster now. jtreg -samevm support has been integrated into the langtools and jdk subsystems. Please package the test/jtreg-summary.log file with your distribution package so end users can compare the test results. - Shark (--enable-shark) now builds on 64 bit platforms, but is a pre-alpha technology preview and not recommended for use. - Better support for bootstrapping with different jar programs (supporting -J options). - If --with-pkgversion isn't given the short mercurial rev node version will be used. Package distributors are encouraged to build packages with --with-pkgversion to uniquely identify their distribution version number when java -version is run to help distribution specific bug reporting. - Various freetype font, pisces renderer and awt X window size fixes to fix visual anomalies. - Build fixes for gcc 4.3 and 4.4-pre-release. - Added support for building against a specific openjdk src dir or hg revision (--with-openjdk-src-dir or --with-hg-revision). - Many other Plugin, Zero, Shark and PulseAudio bug fixes. - Build clean up. - Updated to CACAO 0.99.4. New in release 1.8 (2008-11-20) IcedTea is based on the hard work of a lot of people that contributed to IcedTea6 and OpenJDK. The following noteworthy changes were added in this release: - Updated to b39 build. - Support for external projects (closures, caciocavallo, cvmi, bsd, nio2). Note that these are based on Mercurial repositories so may require local changes for a working build due to noticeable differences between the repository and the reference OpenJDK b39 build. At the time of release, NIO2 was buildable out of the box. - Fixed to use new sound service, Gervill. - Many Netx fixes and now built by default. - LiveConnect support replaces gcjwebplugin. - Implemented JavaScript->Java security. - PulseAudio integrated (--enable-pulse-java) - VisualVM tool integrated (--enable-visualvm). - Added out-of-the-box CACAO support (--with-cacao). - Added the experimental Shark JIT for Zero. - Cleaned up crypto support, all algorithms and key sizes are fully supported now without any (regional) restrictions. No more need for separate crypto policy jars. - Integration of Mozilla Rhino javascript support for javax.script. (See http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=179 when you want to enable non-system-installed versions of Rhino). - Add support for Zero builds on alpha, arm, mips, mipsel, m68k, s390. - Various build fixes. - Several bug and security fixes. - Plugin including LiveConnect support built as default. - Various bugs fixed: renderer patch, version string updated, chinese fonts filename fix for Fedora etc. - More progress on Shark and Cacao. - Several plugin bug fixes. - Several build fixes. New in release 1.7 (2008-06-02) IcedTea is based on the hard work of a lot of people that contributed to IcedTea6 and OpenJDK. The following noteworthy changes were added in this release: - Paul Hohensee published a GNU/Linux hotspot Sparc port and Matthias Klose integrated it into IcedTea. - Keith Seiths and Andrew Haley made fixes to the awt color package so that it now provides the lcms library with PYCC and LINEAR_RGB ICC profiles, fixing several applications that did complex color transformations. - Karl Helgason wrote a midi software synthesizer called Gervill that is now integrated in IcedTea so that javax.sound.midi support works now. Mark Wielaard integrated it and made some fixes so that it works better with javax.sound.sampled. - Jonathan Gibbons released a free version of jtreg, which was imported into IcedTea by Mark Wielaard so that a make check now runs all the functional unit tests integrated into OpenJDK. - Joshua Sumali made lots of fixes to the javaws/netx support. Including improved security, namely catching Socket permissions during runtime, implementing the remaining JNLP services api (PrintService and JNLPRandomAccessFile), and applet focusing bug fixes, so now netx plays nice with gcjwebplugin. - Kelly O'Hair resolved the license issues with the (j)hat tool which is now integrated. - Lillian Angel and Tom Fitzsimmons added several .desktop files for the various tools included for better GNU/Linux desktop integration. - Thomas Fitzsimmons rewrote the cacert support to resolve issues with applications like Glashfish and Eclipse which access the keystore directly. - Lillian Angel made lots of bug fixes to the packaging and integration support, include improving the font support. - IcedTea6 1.2 and IcedTea[7] 1.7 are completely synced up again thanks to Andrew John Hughes. - Andrew also did all the work to make sure IcedTea[7] is now based on OpenJDK7 b26 as released by Xiomara Jayasena. - Thomas Fitzsimmons rewrote the certificate keystore support. - Christian Thalinger made various cacao integration fixes. New in release 1.6 (2008-02-13) - Zero-assembler implemented. - Netx support added. Still a work-in-progress. - Updated to build with gcc 4.3. - Many bug fixes. New in release 1.5 (2008-01-03) - ppc/ppc64 support. - ecj bootstrapping re-implemented. - Updated to OpenJDK b24 build (now uses mercurial). - System libraries (libpng, libjpeg, zlib, giflib) are used instead of OpenJDK's implementations. - Several bug fixes. New in release 1.4 (2007-10-12) * Updated to OpenJDK b21 build (README and INSTALL updated accordingly). * Now using SSL/Crypto support included in b21, OpenSSL certs still read directly. * TZdata fix: uses System's timezone data. * Memory issue fix: maximum PermGen space set to 128M and MaxHeap to 512M. * Xinerama fix: uses system installed library instead. * DebugInfo fix: generates full debuginfo, regardless of optimization. * Fixed JConsole crash. * Several other bug fixes. New in release 1.3 (2007-08-29) * Updated to OpenJDK b18 build. * Web browser plugin support using gcjwebplugin. * Now using Font supported included in b18. * Graphics fixes. * SSL/Crypto fixes. * Refactored build process. New in release 1.2 (2007-08-01) * Updated to OpenJDK b16 build. * Freetype font support fully replacing the encumbered libt2k. * Path widening imported from GNU Classpath. * Window decorations on x86_64 fixed. * Bug fixes in various graphics classes. * Anti-aliasing support explicitly disabled (instead of crashing). * OpenSSL certs read directly * Various crypto bug fixes. New in release 1.1 (2007-07-12) * Color management and raster fixes for compatibility with LittleCMS. * Debuginfo is always generated. * Initial work to satisfy libt2k requirement with Freetype. * The GNU Crypto security providers have been imported from GNU Classpath. * IcedTls security provider.