Merge branch 'c8' into a8-portable

.gitignore

@@ -1,2 +1,2 @@
-SOURCES/shenandoah8u422-b05.tar.xz
+SOURCES/shenandoah8u432-b06.tar.xz
 SOURCES/tapsets-icedtea-3.15.0.tar.xz

.java-1.8.0-openjdk.metadata

@@ -1,2 +1,2 @@
-e2828a59a56b737f58f33dc21f654e92bdfc085e SOURCES/shenandoah8u422-b05.tar.xz
+af2d3b85c48ecc8c22188ac687e6160658ef6aca SOURCES/shenandoah8u432-b06.tar.xz
 7ae2cba67467825b2c2a5fec7aea041865023002 SOURCES/tapsets-icedtea-3.15.0.tar.xz

SOURCES/NEWS

@@ -3,6 +3,287 @@ Key:
 JDK-X  - https://bugs.openjdk.java.net/browse/JDK-X
 CVE-XXXX-YYYY: https://cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY
 
+New in release OpenJDK 8u432 (2024-10-15):
+===========================================
+Live versions of these release notes can be found at:
+  * https://bit.ly/openjdk8u432
+
+* CVEs
+  - CVE-2024-21208
+  - CVE-2024-21210
+  - CVE-2024-21217
+  - CVE-2024-21235
+* Security fixes
+  - JDK-8290367, JDK-8332643: Update default value and extend the scope of com.sun.jndi.ldap.object.trustSerialData system property
+  - JDK-8313626, JDK-8307769: C2 crash due to unexpected exception control flow
+  - JDK-8328286: Enhance HTTP client
+  - JDK-8328544: Improve handling of vectorization
+  - JDK-8328726: Better Kerberos support
+  - JDK-8331446: Improve deserialization support
+  - JDK-8332644: Improve graph optimizations
+  - JDK-8335713: Enhance vectorization analysis
+* Other changes
+  - JDK-4660158: TTY: NumberFormatException while trying to set values by 'set' command
+  - JDK-6544871: java/awt/event/KeyEvent/KeyTyped/CtrlASCII.html fails from jdk b09 on windows.
+  - JDK-7188098: TEST_BUG: closed/javax/sound/midi/Synthesizer/Receiver/bug6186488.java fails
+  - JDK-8021775: compiler/8009761/Test8009761.java  "Failed: init recursive calls: 51. After deopt 50"
+  - JDK-8030204: com/sun/jdi/JdbExprTest.sh: Required output "Can\\'t convert 2147483648 to int" not found
+  - JDK-8030795: java/nio/file/Files/probeContentType/ForceLoad.java failing with ServiceConfigurationError without jtreg -agentvm option
+  - JDK-8035395: sun/management/jmxremote/startstop/JMXStartStopTest.java fails intermittently: Port already in use
+  - JDK-8075511: Enable -Woverloaded-virtual C++ warning for HotSpot build
+  - JDK-8137329: [windows] Build broken on VS2010 after  "8046148: JEP 158: Unified JVM Logging"
+  - JDK-8145919: sun/management/jmxremote/bootstrap/RmiSslBootstrapTest failed with Connection failed for no credentials
+  - JDK-8152207: Perform array bound checks while getting a length of bytecode instructions
+  - JDK-8193682: Infinite loop in ZipOutputStream.close()
+  - JDK-8196770: Add JNDI test com/sun/jndi/ldap/blits/AddTests/AddNewEntry.java
+  - JDK-8221903: PIT: javax/swing/RepaintManager/IconifyTest/IconifyTest.java fails on ubuntu18.04
+  - JDK-8233364: Fix undefined behavior in Canonicalizer::do_ShiftOp
+  - JDK-8238274: (sctp) JDK-7118373 is not fixed for SctpChannel
+  - JDK-8251188: Update LDAP tests not to use wildcard addresses
+  - JDK-8264328: Broken license in javax/swing/JComboBox/8072767/bug8072767.java
+  - JDK-8266248: Compilation failure in PLATFORM_API_MacOSX_MidiUtils.c with Xcode 12.5
+  - JDK-8278794: Infinite loop in DeflaterOutputStream.finish()
+  - JDK-8279164: Disable TLS_ECDH_* cipher suites
+  - JDK-8281096: Flags introduced by configure script are not passed to ADLC build
+  - JDK-8284771: java/util/zip/CloseInflaterDeflaterTest.java failed with "AssertionError: Expected IOException to be thrown, but nothing was thrown"
+  - JDK-8298887: On the latest macOS+XCode the Robot API may report wrong colors
+  - JDK-8299677: Formatter.format might take a long time to format an integer or floating-point
+  - JDK-8305400: ISO 4217 Amendment 175 Update
+  - JDK-8305931: jdk/jfr/jcmd/TestJcmdDumpPathToGCRoots.java failed with "Expected chains but found none"
+  - JDK-8307779: Relax the java.awt.Robot specification
+  - JDK-8309138: Fix container tests for jdks with symlinked conf dir
+  - JDK-8311666: Disabled tests in test/jdk/sun/java2d/marlin
+  - JDK-8315117: Update Zlib Data Compression Library to Version 1.3
+  - JDK-8315863: [GHA] Update checkout action to use v4
+  - JDK-8316328: Test jdk/jfr/event/oldobject/TestSanityDefault.java times out for some heap sizes
+  - JDK-8318039: GHA: Bump macOS and Xcode versions
+  - JDK-8318951: Additional negative value check in JPEG decoding
+  - JDK-8320964: sun/tools/native2ascii/Native2AsciiTests.sh fails on Japanese
+  - JDK-8321480: ISO 4217 Amendment 176 Update
+  - JDK-8324632: Update Zlib Data Compression Library to Version 1.3.1
+  - JDK-8324723: GHA: Upgrade some actions to avoid deprecated Node 16
+  - JDK-8326351: Update the Zlib version in open/src/java.base/share/legal/zlib.md to 1.3.1
+  - JDK-8326521: JFR: CompilerPhase event test fails on windows 32 bit
+  - JDK-8326529: JFR: Test for CompilerCompile events fails due to time out
+  - JDK-8327007: javax/swing/JSpinner/8008657/bug8008657.java fails
+  - JDK-8330415: Update system property for Java SE specification maintenance version
+  - JDK-8331730: [8u] GHA: update sysroot for cross builds to Debian bullseye
+  - JDK-8333126: Bump update version of OpenJDK: 8u432
+  - JDK-8333669: [8u] GHA: Dead VS2010 download link
+  - JDK-8333724: Problem list security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#teliasonerarootcav1
+  - JDK-8334653: ISO 4217 Amendment 177 Update
+  - JDK-8334905: [8u] The test java/awt/Mixing/AWT_Mixing/JButtonOverlapping.java started to fail after 8159690
+  - JDK-8335851: [8u] Test JMXStartStopTest.java fails after JDK-8334415
+  - JDK-8335894: [8u] Fix SupplementalJapaneseEraTest.java for jdks with symlinked conf dir
+  - JDK-8336928: GHA: Bundle artifacts removal broken
+  - JDK-8337110: [8u] TestNoEagerReclaimOfHumongousRegions.java should be in gc/g1 directory
+  - JDK-8337312: [8u] Windows x86 VS2010 build broken by JDK-8320097
+  - JDK-8337664: Distrust TLS server certificates issued after Oct 2024 and anchored by Entrust Root CAs
+  - JDK-8338144: [8u] Remove duplicate license files
+  - JDK-8341057: Add 2 SSL.com TLS roots
+  - JDK-8341059: Change Entrust TLS distrust date to November 12, 2024
+
+Notes on individual issues:
+===========================
+
+security-libs/javax.net.ssl:
+
+JDK-8279164: Disable TLS_ECDH_* cipher suites
+=============================================
+The TLS_ECDH cipher suites do not preserve forward secrecy and are
+rarely used in practice. With this release, they are disabled by
+adding "ECDH" to the `jdk.tls.disabledAlgorithms` security property in
+the `java.security` configuration file. Attempts to use these suites
+with this release will result in a `SSLHandshakeException` being
+thrown. Note that ECDH cipher suites which use RC4 were already
+disabled prior to this change.
+
+Users can, *at their own risk*, remove this restriction by modifying
+the `java.security` configuration file (or override it by using the
+`java.security.properties` system property) so "ECDH" is no longer
+listed in the `jdk.tls.disabledAlgorithms` security property.
+
+This change has no effect on TLS_ECDHE cipher suites, which remain
+enabled by default.
+
+JDK-8337664: Distrust TLS server certificates issued after Oct 2024 and anchored by Entrust Root CAs
+JDK-8341059: Change Entrust TLS distrust date to November 12, 2024
+====================================================================================================
+In accordance with similar plans recently announced by Google and
+Mozilla, the JDK will not trust Transport Layer Security (TLS)
+certificates issued after the 11th of November 2024 which are anchored
+by Entrust root certificates.  This includes certificates branded as
+AffirmTrust, which are managed by Entrust.
+
+Certificates issued on or before November 11th, 2024 will continue to
+be trusted until they expire.
+
+If a server's certificate chain is anchored by an affected
+certificate, attempts to negotiate a TLS session will fail with an
+Exception that indicates the trust anchor is not trusted. For example,
+
+"TLS server certificate issued after 2024-11-11 and anchored by a
+distrusted legacy Entrust root CA: CN=Entrust.net Certification
+Authority (2048), OU=(c) 1999 Entrust.net Limited,
+OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.),
+O=Entrust.net"
+
+To check whether a certificate in a JDK keystore is affected by this
+change, you can the `keytool` utility:
+
+keytool -v -list -alias <your_server_alias> -keystore <your_keystore_filename>
+
+If any of the certificates in the chain are affected by this change,
+then you will need to update the certificate or contact the
+organisation responsible for managing the certificate.
+
+These restrictions apply to the following Entrust root certificates
+included in the JDK:
+
+Alias name: entrustevca [jdk]
+CN=Entrust Root Certification Authority
+OU=(c) 2006 Entrust, Inc.
+OU=www.entrust.net/CPS is incorporated by reference
+O=Entrust, Inc.
+C=US
+SHA256: 73:C1:76:43:4F:1B:C6:D5:AD:F4:5B:0E:76:E7:27:28:7C:8D:E5:76:16:C1:E6:E6:14:1A:2B:2C:BC:7D:8E:4C
+
+Alias name: entrustrootcaec1 [jdk]
+CN=Entrust Root Certification Authority - EC1
+OU=(c) 2012 Entrust, Inc. - for authorized use only
+OU=See www.entrust.net/legal-terms
+O=Entrust, Inc.
+C=US
+SHA256: 02:ED:0E:B2:8C:14:DA:45:16:5C:56:67:91:70:0D:64:51:D7:FB:56:F0:B2:AB:1D:3B:8E:B0:70:E5:6E:DF:F5
+
+Alias name: entrustrootcag2 [jdk]
+CN=Entrust Root Certification Authority - G2
+OU=(c) 2009 Entrust, Inc. - for authorized use only
+OU=See www.entrust.net/legal-terms
+O=Entrust, Inc.
+C=US
+SHA256: 43:DF:57:74:B0:3E:7F:EF:5F:E4:0D:93:1A:7B:ED:F1:BB:2E:6B:42:73:8C:4E:6D:38:41:10:3D:3A:A7:F3:39
+
+Alias name: entrustrootcag4 [jdk]
+CN=Entrust Root Certification Authority - G4
+OU=(c) 2015 Entrust, Inc. - for authorized use only
+OU=See www.entrust.net/legal-terms
+O=Entrust, Inc.
+C=US
+SHA256: DB:35:17:D1:F6:73:2A:2D:5A:B9:7C:53:3E:C7:07:79:EE:32:70:A6:2F:B4:AC:42:38:37:24:60:E6:F0:1E:88
+
+Alias name: entrust2048ca [jdk]
+CN=Entrust.net Certification Authority (2048)
+OU=(c) 1999 Entrust.net Limited
+OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)
+O=Entrust.net
+SHA256: 6D:C4:71:72:E0:1C:BC:B0:BF:62:58:0D:89:5F:E2:B8:AC:9A:D4:F8:73:80:1E:0C:10:B9:C8:37:D2:1E:B1:77
+
+Alias name: affirmtrustcommercialca [jdk]
+CN=AffirmTrust Commercial
+O=AffirmTrust
+C=US
+SHA256: 03:76:AB:1D:54:C5:F9:80:3C:E4:B2:E2:01:A0:EE:7E:EF:7B:57:B6:36:E8:A9:3C:9B:8D:48:60:C9:6F:5F:A7
+
+Alias name: affirmtrustnetworkingca [jdk]
+CN=AffirmTrust Networking
+O=AffirmTrust
+C=US
+SHA256: 0A:81:EC:5A:92:97:77:F1:45:90:4A:F3:8D:5D:50:9F:66:B5:E2:C5:8F:CD:B5:31:05:8B:0E:17:F3:F0B4:1B
+
+Alias name: affirmtrustpremiumca [jdk]
+CN=AffirmTrust Premium
+O=AffirmTrust
+C=US
+SHA256: 70:A7:3F:7F:37:6B:60:07:42:48:90:45:34:B1:14:82:D5:BF:0E:69:8E:CC:49:8D:F5:25:77:EB:F2:E9:3B:9A
+
+Alias name: affirmtrustpremiumeccca [jdk]
+CN=AffirmTrust Premium ECC
+O=AffirmTrust
+C=US
+SHA256: BD:71:FD:F6:DA:97:E4:CF:62:D1:64:7A:DD:25:81:B0:7D:79:AD:F8:39:7E:B4:EC:BA:9C:5E:84:88:82:14:23
+
+Users can, *at their own risk*, remove this restriction by modifying
+the `java.security` configuration file (or override it by using the
+`java.security.properties` system property) so "ENTRUST_TLS" is no
+longer listed in the `jdk.security.caDistrustPolicies` security
+property.
+
+security-libs/java.security:
+
+JDK-8341057: Add 2 SSL.com TLS roots
+====================================
+The following root certificates have been added to the cacerts
+truststore:
+
+Name: SSL.com
+Alias Name: ssltlsrootecc2022
+Distinguished Name: CN=SSL.com TLS ECC Root CA 2022, O=SSL Corporation, C=US
+
+Name: SSL.com
+Alias Name: ssltlsrootrsa2022
+Distinguished Name: CN=SSL.com TLS RSA Root CA 2022, O=SSL Corporation, C=US
+
+client-libs:
+
+JDK-8307779: Relax the java.awt.Robot specification
+===================================================
+This release of OpenJDK 8 updates to the latest maintenance release of
+the Java 8 specification. This relaxes the specification of three
+methods in the `java.awt.Robot` class - `mouseMove(int,int)`,
+`getPixelColor(int,int)` and `createScreenCapture(Rectangle)` - to
+allow these methods to fail when the desktop environment does not
+permit moving the mouse pointer or capturing screen content.
+
+core-libs/javax.naming:
+
+JDK-8290367, JDK-8332643: Update default value and extend the scope of com.sun.jndi.ldap.object.trustSerialData system property
+===============================================================================================================================
+With this OpenJDK release, the JDK implementation of the LDAP provider
+no longer supports the deserialisation of Java objects by
+default. This is achieved by the system property
+`com.sun.jndi.ldap.object.trustSerialData` being set to `false` by
+default.
+
+Note that this release also increases the scope of the
+`com.sun.jndi.ldap.object.trustSerialData` to cover the reconstruction
+of RMI remote objects from the `javaRemoteLocation` LDAP attribute.
+
+The result of this change is that transparent deserialisation of Java
+objects will require an explicit opt-in. Applications that wish to
+reconstruct Java objects and RMI stubs from LDAP attributes will need
+to set the `com.sun.jndi.ldap.object.trustSerialData` to `true`.
+
+core-libs/java.net:
+
+JDK-8328286: Enhance HTTP client
+================================
+This OpenJDK release limits the maximum header field size accepted by
+the HTTP client within the JDK for all supported versions of the HTTP
+protocol. The header field size is computed as the sum of the size of
+the uncompressed header name, the size of the uncompressed header
+value and a overhead of 32 bytes for each field section line. If a
+peer sends a field section that exceeds this limit, a
+`java.net.ProtocolException` will be raised.
+
+This release also introduces a new system property,
+`jdk.http.maxHeaderSize`. This property can be used to alter the
+maximum header field size (in bytes) or disable it by setting the
+value to zero or a negative value. The default value is 393,216 bytes
+or 384kB.
+
+core-libs/java.util.jar:
+
+JDK-8193682: Infinite loop in ZipOutputStream.close()
+=====================================================
+In previous releases, the `DeflaterOutputStream.close()`,
+`GZIPOutputStream.finish()` and `ZipOutputStream.closeEntry()` methods
+did not close the associated default JDK compressor when an exception
+was thrown during closure.  With this release, the default compressor
+is closed before propogating the Throwable up the stack. In the case
+of `ZipOutputStream`, this only happens when the exception is not a
+`ZipException`.
+
 New in release OpenJDK 8u422 (2024-07-16):
 ===========================================
 Live versions of these release notes can be found at:

SOURCES/java-1.8.0-openjdk-portable.specfile

@@ -270,7 +270,7 @@
 # Define version of OpenJDK 8 used
 %global project openjdk
 %global repo shenandoah-jdk8u
-%global openjdk_revision 8u422-b05
+%global openjdk_revision 8u432-b06
 %global shenandoah_revision shenandoah%{openjdk_revision}
 # Define IcedTea version used for SystemTap tapsets and desktop file
 %global icedteaver      3.15.0
@@ -548,8 +548,6 @@ Patch539: pr2888-rh2055274-support_system_cacerts-%{cacertsver}.patch
 Patch541: rh1684077-openjdk_should_depend_on_pcsc-lite-libs_instead_of_pcsc-lite-devel.patch
 # RH1750419: Enable build of speculative store bypass hardened alt-java (CVE-2018-3639)
 Patch600: rh1750419-redhat_alt_java.patch
-# JDK-8281098, PR3836: Extra compiler flags not passed to adlc build
-Patch112: jdk8281098-pr3836-pass_compiler_flags_to_adlc.patch
 
 #############################################
 #
@@ -596,6 +594,8 @@ Patch204: jdk8042159-allow_using_system_installed_lcms2-jdk.patch
 Patch581: jdk8257794-remove_broken_assert.patch
 # JDK-8186464, RH1433262: ZipFile cannot read some InfoZip ZIP64 zip files
 Patch12: jdk8186464-rh1433262-zip64_failure.patch
+# JDK-8328999, RH2251025 - Update GIFlib to 5.2.2 (PR#571)
+Patch13: jdk8328999-update_giflib_5.2.2.patch
 
 #############################################
 #
@@ -644,6 +644,8 @@ BuildRequires: autoconf
 BuildRequires: automake
 BuildRequires: alsa-lib-devel
 BuildRequires: binutils
+# cacerts build requirement.
+BuildRequires: ca-certificates
 BuildRequires: cups-devel
 BuildRequires: desktop-file-utils
 # elfutils only are OK for build without AOT
@@ -651,8 +653,13 @@ BuildRequires: elfutils-devel
 BuildRequires: file
 BuildRequires: fontconfig-devel
 BuildRequires: freetype-devel
+# Earlier versions have a bug in tree vectorization on PPC
+BuildRequires: gcc >= 4.8.3-8
 BuildRequires: gcc-c++
 BuildRequires: gdb
+BuildRequires: make
+# Require a boot JDK which doesn't fail due to RH1482244
+BuildRequires: java-%{buildjdkver}-openjdk-devel >= 1.7.0.151-2.6.11.3
 BuildRequires: libxslt
 BuildRequires: libX11-devel
 BuildRequires: libXext-devel
@@ -663,25 +670,17 @@ BuildRequires: libXt-devel
 BuildRequires: libXtst-devel
 # Requirement for setting up nss.cfg and nss.fips.cfg
 BuildRequires: nss-devel
-# Commented out for portable RHEL7 doesn't have this
-# Requirement for system security property test
-#BuildRequires: crypto-policies
 BuildRequires: pkgconfig
 BuildRequires: xorg-x11-proto-devel
 BuildRequires: tar
 BuildRequires: unzip
 BuildRequires: zip
-# Require a boot JDK which doesn't fail due to RH1482244
-BuildRequires: java-%{buildjdkver}-openjdk-devel >= 1.7.0.151-2.6.11.3
+
 # Zero-assembler build requirement
 %ifarch %{zero_arches}
 BuildRequires: libffi-devel
 %endif
-# Earlier versions have a bug in tree vectorization on PPC
-BuildRequires: gcc >= 4.8.3-8
 
-# cacerts build requirement.
-BuildRequires: ca-certificates
 %if %{with_systemtap}
 BuildRequires: systemtap-sdt-devel
 %endif
@@ -694,7 +693,7 @@ BuildRequires: libpng-devel
 BuildRequires: zlib-devel
 %else
 # Version in jdk/src/share/native/sun/awt/giflib/gif_lib.h
-Provides: bundled(giflib) = 5.2.1
+Provides: bundled(giflib) = 5.2.2
 # Version in jdk/src/share/native/sun/java2d/cmm/lcms/lcms2.h
 Provides: bundled(lcms2) = 2.11.0
 # Version in jdk/src/share/native/sun/awt/image/jpeg/jpeglib.h
@@ -702,7 +701,7 @@ Provides: bundled(libjpeg) = 6b
 # Version in jdk/src/share/native/sun/awt/libpng/png.h
 Provides: bundled(libpng) = 1.6.39
 # Version in jdk/src/share/native/java/util/zip/zlib/zlib.h
-Provides: bundled(zlib) = 1.2.13
+Provides: bundled(zlib) = 1.3.1
 # We link statically against libstdc++ to increase portability
 BuildRequires: libstdc++-static
 %endif
@@ -861,7 +860,9 @@ sh %{SOURCE12}
 # AArch64 fixes
 
 # x86 fixes
-%patch -P105
+pushd %{top_level_dir_name}
+%patch -P105 -p1
+popd
 
 # Upstreamable fixes
 %patch -P512
@@ -869,12 +870,12 @@ sh %{SOURCE12}
 %patch -P528
 %patch -P571
 %patch -P574
-%patch -P112
 %patch -P581
 %patch -P541
 %patch -P12
 pushd %{top_level_dir_name}
 %patch -P502 -p1
+%patch -P13 -p1
 popd
 
 pushd %{top_level_dir_name}
@@ -1539,6 +1540,26 @@ done
 %endif
 
 %changelog
+* Fri Oct 11 2024 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.432.b06-1
+- Update to shenandoah-jdk8u432-b06 (GA)
+- Update release notes for shenandoah-8u432-b06.
+- Switch to GA mode.
+- ** This tarball is embargoed until 2024-10-15 @ 1pm PT. **
+
+* Thu Oct 10 2024 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.432.b05-0.1.ea
+- Update to shenandoah-jdk8u432-b05 (EA)
+- Update release notes for shenandoah-8u432-b05.
+- Switch to EA mode.
+- Drop JDK-828109{6,7,8}/PR3836 patch following integration of upstream version
+- Regenerate JDK-8199936/PR3533 patch following JDK-828109{6,7,8} integration
+- Bump version of bundled zlib to 1.3.1 following JDK-8324632
+- Add build dependency on make
+- Reorganise build dependencies to retain alphabetical order for unconditional deps
+- Include backport of JDK-8328999 to update giflib to 5.2.2
+- Bump version of bundled giflib to 5.2.2 following JDK-8328999
+- Add build scripts to repository to ease remembering all CentOS & RHEL targets and options
+- Resolves: OPENJDK-3348
+
 * Wed Jul 10 2024 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.422.b05-1.1
 - Update to shenandoah-jdk8u422-b05 (GA)
 - Update release notes for shenandoah-8u422-b05.

SOURCES/jdk8199936-pr3533-enable_mstackrealign_on_x86_linux_as_well_as_x86_mac_os_x.patch

@@ -7,10 +7,11 @@
 PR3533: HotSpot generates code with unaligned stack, crashes on SSE operations
 Summary: Enable -mstackrealign on x86 Linux as well as x86 Mac OS X
 
-diff --git openjdk.orig///common/autoconf/flags.m4 openjdk///common/autoconf/flags.m4
---- openjdk.orig///common/autoconf/flags.m4
-+++ openjdk///common/autoconf/flags.m4
-@@ -402,6 +402,21 @@
+diff --git a/common/autoconf/flags.m4 b/common/autoconf/flags.m4
+index 113bf367e2..bed030e8d1 100644
+--- a/common/autoconf/flags.m4
++++ b/common/autoconf/flags.m4
+@@ -451,6 +451,21 @@ AC_DEFUN_ONCE([FLAGS_SETUP_COMPILER_FLAGS_FOR_JDK],
      AC_SUBST($2CXXSTD_CXXFLAG)
    fi
  
@@ -32,23 +33,32 @@ diff --git openjdk.orig///common/autoconf/flags.m4 openjdk///common/autoconf/fla
    if test "x$CFLAGS" != "x${ADDED_CFLAGS}"; then
      AC_MSG_WARN([Ignoring CFLAGS($CFLAGS) found in environment. Use --with-extra-cflags])
    fi
-diff --git openjdk.orig///common/autoconf/hotspot-spec.gmk.in openjdk///common/autoconf/hotspot-spec.gmk.in
---- openjdk.orig///common/autoconf/hotspot-spec.gmk.in
-+++ openjdk///common/autoconf/hotspot-spec.gmk.in
-@@ -112,7 +112,8 @@
- RC:=@HOTSPOT_RC@
- 
- EXTRA_CFLAGS=@LEGACY_EXTRA_CFLAGS@ $(NO_DELETE_NULL_POINTER_CHECKS_CFLAG) \
--				   $(NO_LIFETIME_DSE_CFLAG) $(CXXSTD_CXXFLAG)
-+				   $(NO_LIFETIME_DSE_CFLAG) $(CXXSTD_CXXFLAG) \
-+				   $(REALIGN_CFLAG)
- EXTRA_CXXFLAGS=@LEGACY_EXTRA_CXXFLAGS@
- EXTRA_LDFLAGS=@LEGACY_EXTRA_LDFLAGS@
- EXTRA_ASFLAGS=@LEGACY_EXTRA_ASFLAGS@
-diff --git openjdk.orig///common/autoconf/spec.gmk.in openjdk///common/autoconf/spec.gmk.in
---- openjdk.orig///common/autoconf/spec.gmk.in
-+++ openjdk///common/autoconf/spec.gmk.in
-@@ -366,6 +366,7 @@
+diff --git a/common/autoconf/hotspot-spec.gmk.in b/common/autoconf/hotspot-spec.gmk.in
+index 3f86751d2b..f8a271383f 100644
+--- a/common/autoconf/hotspot-spec.gmk.in
++++ b/common/autoconf/hotspot-spec.gmk.in
+@@ -114,13 +114,14 @@ RC:=@HOTSPOT_RC@
+ # Retain EXTRA_{CFLAGS,CXXFLAGS,LDFLAGS,ASFLAGS} for the target flags to
+ # maintain compatibility with the existing Makefiles
+ EXTRA_CFLAGS=@LEGACY_TARGET_CFLAGS@ $(NO_DELETE_NULL_POINTER_CHECKS_CFLAG) \
+-				    $(NO_LIFETIME_DSE_CFLAG) $(CXXSTD_CXXFLAG)
++                                   $(NO_LIFETIME_DSE_CFLAG) $(CXXSTD_CXXFLAG) \
++                                   $(REALIGN_CFLAG)
+ EXTRA_CXXFLAGS=@LEGACY_TARGET_CXXFLAGS@
+ EXTRA_LDFLAGS=@LEGACY_TARGET_LDFLAGS@
+ EXTRA_ASFLAGS=@LEGACY_TARGET_ASFLAGS@
+ # Define an equivalent set for the host flags (i.e. without sysroot options)
+ HOST_CFLAGS=@LEGACY_HOST_CFLAGS@ $(NO_DELETE_NULL_POINTER_CHECKS_CFLAG) \
+-				 $(NO_LIFETIME_DSE_CFLAG) $(CXXSTD_CXXFLAG)
++                                 $(NO_LIFETIME_DSE_CFLAG) $(CXXSTD_CXXFLAG)
+ HOST_CXXFLAGS=@LEGACY_HOST_CXXFLAGS@
+ HOST_LDFLAGS=@LEGACY_HOST_LDFLAGS@
+ HOST_ASFLAGS=@LEGACY_HOST_ASFLAGS@
+diff --git a/common/autoconf/spec.gmk.in b/common/autoconf/spec.gmk.in
+index 9573bb2cbd..fe7efc130c 100644
+--- a/common/autoconf/spec.gmk.in
++++ b/common/autoconf/spec.gmk.in
+@@ -366,6 +366,7 @@ CXXFLAGS_JDKEXE:=@CXXFLAGS_JDKEXE@
  
  NO_DELETE_NULL_POINTER_CHECKS_CFLAG=@NO_DELETE_NULL_POINTER_CHECKS_CFLAG@
  NO_LIFETIME_DSE_CFLAG=@NO_LIFETIME_DSE_CFLAG@

SOURCES/jdk8281098-pr3836-pass_compiler_flags_to_adlc.patch

@@ -1,67 +0,0 @@
-# HG changeset patch
-# User Andrew John Hughes <gnu_andrew@member.fsf.org>
-# Date 1620365804 -3600
-#      Fri May 07 06:36:44 2021 +0100
-# Node ID 39b62f35eca823b4c9a98bc1dc0cb9acb87360f8
-# Parent  723b59ed1afe878c5cd35f080399c8ceec4f776b
-PR3836: Extra compiler flags not passed to adlc build
-
-diff --git openjdk.orig/hotspot/make/aix/makefiles/adlc.make openjdk/hotspot/make/aix/makefiles/adlc.make
---- openjdk.orig/hotspot/make/aix/makefiles/adlc.make
-+++ openjdk/hotspot/make/aix/makefiles/adlc.make
-@@ -69,6 +69,11 @@
- CFLAGS_WARN = -w
- CFLAGS += $(CFLAGS_WARN)
- 
-+# Extra flags from gnumake's invocation or environment
-+CFLAGS += $(EXTRA_CFLAGS)
-+LFLAGS += $(EXTRA_CFLAGS) $(EXTRA_LDFLAGS)
-+ASFLAGS += $(EXTRA_ASFLAGS)
-+
- OBJECTNAMES = \
- 	adlparse.o \
- 	archDesc.o \
-diff --git openjdk.orig/hotspot/make/bsd/makefiles/adlc.make openjdk/hotspot/make/bsd/makefiles/adlc.make
---- openjdk.orig/hotspot/make/bsd/makefiles/adlc.make
-+++ openjdk/hotspot/make/bsd/makefiles/adlc.make
-@@ -71,6 +71,11 @@
- endif
- CFLAGS += $(CFLAGS_WARN)
- 
-+# Extra flags from gnumake's invocation or environment
-+CFLAGS += $(EXTRA_CFLAGS)
-+LFLAGS += $(EXTRA_CFLAGS) $(EXTRA_LDFLAGS)
-+ASFLAGS += $(EXTRA_ASFLAGS)
-+
- OBJECTNAMES = \
- 	adlparse.o \
- 	archDesc.o \
-diff --git openjdk.orig/hotspot/make/linux/makefiles/adlc.make openjdk/hotspot/make/linux/makefiles/adlc.make
---- openjdk.orig/hotspot/make/linux/makefiles/adlc.make
-+++ openjdk/hotspot/make/linux/makefiles/adlc.make
-@@ -69,6 +69,11 @@
- CFLAGS_WARN = $(WARNINGS_ARE_ERRORS)
- CFLAGS += $(CFLAGS_WARN)
- 
-+# Extra flags from gnumake's invocation or environment
-+CFLAGS += $(EXTRA_CFLAGS)
-+LFLAGS += $(EXTRA_CFLAGS) $(EXTRA_LDFLAGS)
-+ASFLAGS += $(EXTRA_ASFLAGS)
-+
- OBJECTNAMES = \
- 	adlparse.o \
- 	archDesc.o \
-diff --git openjdk.orig/hotspot/make/solaris/makefiles/adlc.make openjdk/hotspot/make/solaris/makefiles/adlc.make
---- openjdk.orig/hotspot/make/solaris/makefiles/adlc.make
-+++ openjdk/hotspot/make/solaris/makefiles/adlc.make
-@@ -85,6 +85,10 @@
- endif
- CFLAGS += $(CFLAGS_WARN)
- 
-+# Extra flags from gnumake's invocation or environment
-+CFLAGS += $(EXTRA_CFLAGS)
-+ASFLAGS += $(EXTRA_ASFLAGS)
-+
- ifeq ("${Platform_compiler}", "sparcWorks")
- # Enable the following CFLAGS addition if you need to compare the
- # built ELF objects.