[RFR] jdk8u272-b10/jdk8u272-ga
Andrew Hughes
gnu.andrew at redhat.com
Wed Oct 21 15:23:36 UTC 2020
On 08:32 Wed 21 Oct , Aleksey Shipilev wrote:
> On 10/21/20 7:40 AM, Andrew Hughes wrote:
> > Here are the jdk8u272-b10 changes (the security patches) for the jdk8u
> > repository:
> >
> > Webrevs: https://cr.openjdk.java.net/~andrew/openjdk8/8u272/
>
> Minor things:
>
> *) src/share/native/sun/awt/image/jpeg/jdhuff.c
> src/share/native/sun/awt/image/jpeg/jdinput.c
> src/share/native/sun/awt/image/jpeg/jdmarker.c
> src/share/native/sun/awt/image/jpeg/jpeglib.h
>
> ...seem weirdly empty. They are intended to be that way, right?
>
JDK-8248574 adds the changes and then JDK-8253019 reverts them and adds
a new fix. I assume it's a revised fix, but I've asked Martin to double check.
> *) In src/share/classes/java/io/ObjectInputStream.java, blocks like these:
>
> @@ -1894,6 +1923,11 @@
> }
> } catch (ClassNotFoundException ex) {
> resolveEx = ex;
> + } catch (OutOfMemoryError memerr) {
> + IOException ex = new InvalidObjectException("Proxy interface limit exceeded: " +
> + Arrays.toString(ifaces));
> + ex.initCause(memerr);
> + throw ex;
> }
>
> ...look way too optimistic to me. If that's a real OOME, then allocations
> in this block would highly likely to fail themselves. If that's a fake
> OOMEs, then they are thrown where?
>
> I assume it is a fake OOME: I see the changeset (8249927: Specify limits of
> jdk.serialProxyInterfaceLimit), which seems to imply this. But, there is no
> "jdk.serialProxyInterfaceLimit" in sight in the patch or in existing source.
>
> > Ok to push?
>
> Yes, but the nits above need to be worked out, I think.
>
Sounds like this will resolved. I'll push now.
> --
> Thanks,
> -Aleksey
>
--
Andrew :)
Senior Free Java Software Engineer
OpenJDK Package Owner
Red Hat, Inc. (http://www.redhat.com)
PGP Key: ed25519/0xCFDA0F9B35964222 (hkp://keys.gnupg.net)
Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222
More information about the jdk8u-dev
mailing list