GoeLin
diff --git a/‎.github/workflows/main.yml‎
Lines changed: 0 additions & 54 deletions b/‎.github/workflows/main.yml‎
Lines changed: 0 additions & 54 deletions
diff --git a/‎make/autoconf/flags-cflags.m4‎
Lines changed: 2 additions & 2 deletions b/‎make/autoconf/flags-cflags.m4‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎src/hotspot/os/windows/os_windows.cpp‎
Lines changed: 2 additions & 2 deletions b/‎src/hotspot/os/windows/os_windows.cpp‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎src/hotspot/share/c1/c1_Canonicalizer.hpp‎
Lines changed: 1 addition & 5 deletions b/‎src/hotspot/share/c1/c1_Canonicalizer.hpp‎
Lines changed: 1 addition & 5 deletions
diff --git a/‎src/hotspot/share/classfile/stackMapTable.cpp‎
Lines changed: 9 additions & 1 deletion b/‎src/hotspot/share/classfile/stackMapTable.cpp‎
Lines changed: 9 additions & 1 deletion
diff --git a/‎src/hotspot/share/classfile/stackMapTable.hpp‎
Lines changed: 1 addition & 1 deletion b/‎src/hotspot/share/classfile/stackMapTable.hpp‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/hotspot/share/classfile/verifier.cpp‎
Lines changed: 19 additions & 16 deletions b/‎src/hotspot/share/classfile/verifier.cpp‎
Lines changed: 19 additions & 16 deletions
diff --git a/‎src/hotspot/share/interpreter/bytecodeStream.hpp‎
Lines changed: 17 additions & 2 deletions b/‎src/hotspot/share/interpreter/bytecodeStream.hpp‎
Lines changed: 17 additions & 2 deletions
diff --git a/‎src/hotspot/share/memory/guardedMemory.hpp‎
Lines changed: 12 additions & 6 deletions b/‎src/hotspot/share/memory/guardedMemory.hpp‎
Lines changed: 12 additions & 6 deletions
diff --git a/‎src/java.base/share/classes/java/net/InMemoryCookieStore.java‎
Lines changed: 10 additions & 8 deletions b/‎src/java.base/share/classes/java/net/InMemoryCookieStore.java‎
Lines changed: 10 additions & 8 deletions
@@ -293,17 +293,6 @@ jobs:
       bootjdk-platform: linux-x64
       runs-on: ubuntu-22.04
 
-  test-macos-x64:
-    name: macos-x64
-    needs:
-      - build-macos-x64
-    uses: ./.github/workflows/test.yml
-    with:
-      platform: macos-x64
-      bootjdk-platform: macos-x64
-      runs-on: macos-13
-      xcode-toolset-version: '14.3.1'
-
   test-macos-aarch64:
     name: macos-aarch64
     needs:
@@ -325,46 +314,3 @@ jobs:
       bootjdk-platform: windows-x64
       runs-on: windows-2025
 
-  # Remove bundles so they are not misconstrued as binary distributions from the JDK project
-  remove-bundles:
-    name: 'Remove bundle artifacts'
-    runs-on: ubuntu-22.04
-    if: always()
-    needs:
-      - build-linux-x64
-      - build-linux-x86-hs
-      - build-linux-x64-hs-nopch
-      - build-linux-x64-hs-zero
-      - build-linux-x64-hs-minimal
-      - build-linux-x64-hs-optimized
-      - build-linux-cross-compile
-      - build-macos-x64
-      - build-macos-aarch64
-      - build-windows-x64
-      - build-windows-aarch64
-      - test-linux-x64
-      - test-macos-x64
-      - test-macos-aarch64
-      - test-windows-x64
-
-    steps:
-      - name: 'Remove bundle artifacts'
-        run: |
-          # Find and remove all bundle artifacts
-          # See: https://docs.github.com/en/rest/actions/artifacts?apiVersion=2022-11-28
-          ALL_ARTIFACT_IDS="$(curl -sL \
-              -H 'Accept: application/vnd.github+json' \
-              -H 'Authorization: Bearer ${{ github.token }}' \
-              -H 'X-GitHub-Api-Version: 2022-11-28' \
-              '${{ github.api_url }}/repos/${{ github.repository }}/actions/runs/${{ github.run_id }}/artifacts?per_page=100')"
-          BUNDLE_ARTIFACT_IDS="$(echo "$ALL_ARTIFACT_IDS" | jq -r -c '.artifacts | map(select(.name|startswith("bundles-"))) | .[].id')"
-          for id in $BUNDLE_ARTIFACT_IDS; do
-            echo "Removing $id"
-            curl -sL \
-                -X DELETE \
-                -H 'Accept: application/vnd.github+json' \
-                -H 'Authorization: Bearer ${{ github.token }}' \
-                -H 'X-GitHub-Api-Version: 2022-11-28' \
-                "${{ github.api_url }}/repos/${{ github.repository }}/actions/artifacts/$id" \
-            || echo "Failed to remove bundle"
-          done
@@ -544,8 +544,8 @@ AC_DEFUN([FLAGS_SETUP_CFLAGS_HELPER],
     TOOLCHAIN_CFLAGS_JVM="-qtbtable=full -qtune=balanced \
         -qalias=noansi -qstrict -qtls=default -qnortti -qnoeh -qignerrno -qstackprotect"
   elif test "x$TOOLCHAIN_TYPE" = xmicrosoft; then
-    TOOLCHAIN_CFLAGS_JVM="-nologo -MD -MP"
-    TOOLCHAIN_CFLAGS_JDK="-nologo -MD -Zc:wchar_t-"
+    TOOLCHAIN_CFLAGS_JVM="-nologo -MD -Zc:strictStrings -MP"
+    TOOLCHAIN_CFLAGS_JDK="-nologo -MD -Zc:strictStrings -Zc:wchar_t-"
   fi
 
   # CFLAGS C language level for JDK sources (hotspot only uses C++)
 
@@ -4547,7 +4547,7 @@ static errno_t get_full_path(LPCWSTR unicode_path, LPWSTR* full_path) {
   return ERROR_SUCCESS;
 }
 
-static void set_path_prefix(char* buf, LPWSTR* prefix, int* prefix_off, bool* needs_fullpath) {
+static void set_path_prefix(char* buf, LPCWSTR* prefix, int* prefix_off, bool* needs_fullpath) {
   *prefix_off = 0;
   *needs_fullpath = true;
 
@@ -4583,7 +4583,7 @@ static wchar_t* wide_abs_unc_path(char const* path, errno_t & err, int additiona
   strncpy(buf, path, buf_len);
   os::native_path(buf);
 
-  LPWSTR prefix = NULL;
+  LPCWSTR prefix = NULL;
   int prefix_off = 0;
   bool needs_fullpath = true;
   set_path_prefix(buf, &prefix, &prefix_off, &needs_fullpath);
 
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2019, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2023, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -40,10 +40,6 @@ class Canonicalizer: InstructionVisitor {
   void set_constant(jlong x)                     { set_canonical(new Constant(new LongConstant(x))); }
   void set_constant(jfloat x)                    { set_canonical(new Constant(new FloatConstant(x))); }
   void set_constant(jdouble x)                   { set_canonical(new Constant(new DoubleConstant(x))); }
-#ifdef _WINDOWS
-  // jint is defined as long in jni_md.h, so convert from int to jint
-  void set_constant(int x)                       { set_constant((jint)x); }
-#endif
   void move_const_to_right(Op2* x);
   void do_Op2(Op2* x);
   void do_UnsafeRawOp(UnsafeRawOp* x);
 
@@ -122,8 +122,16 @@ bool StackMapTable::match_stackmap(
 }
 
 void StackMapTable::check_jump_target(
-    StackMapFrame* frame, int32_t target, TRAPS) const {
+    StackMapFrame* frame, int bci, int offset, TRAPS) const {
   ErrorContext ctx;
+  // Jump targets must be within the method and the method size is limited. See JVMS 4.11
+  int min_offset = -1 * max_method_code_size;
+  if (offset < min_offset || offset > max_method_code_size) {
+    frame->verifier()->verify_error(ErrorContext::bad_stackmap(bci, frame),
+        "Illegal target of jump or branch (bci %d + offset %d)", bci, offset);
+    return;
+  }
+  int target = bci + offset;
   bool match = match_stackmap(
     frame, target, true, false, &ctx, CHECK_VERIFY(frame->verifier()));
   if (!match || (target < 0 || target >= _code_length)) {
 
@@ -69,7 +69,7 @@ class StackMapTable : public StackObj {
 
   // Check jump instructions. Make sure there are no uninitialized
   // instances on backward branch.
-  void check_jump_target(StackMapFrame* frame, int32_t target, TRAPS) const;
+  void check_jump_target(StackMapFrame* frame, int bci, int offset, TRAPS) const;
 
   // The following methods are only used inside this class.
 
 
@@ -792,7 +792,6 @@ void ClassVerifier::verify_method(const methodHandle& m, TRAPS) {
     // Merge with the next instruction
     {
       u2 index;
-      int target;
       VerificationType type, type2;
       VerificationType atype;
 
@@ -1608,9 +1607,8 @@ void ClassVerifier::verify_method(const methodHandle& m, TRAPS) {
         case Bytecodes::_ifle:
           current_frame.pop_stack(
             VerificationType::integer_type(), CHECK_VERIFY(this));
-          target = bcs.dest();
           stackmap_table.check_jump_target(
-            &current_frame, target, CHECK_VERIFY(this));
+            &current_frame, bcs.bci(), bcs.get_offset_s2(), CHECK_VERIFY(this));
           no_control_flow = false; break;
         case Bytecodes::_if_acmpeq :
         case Bytecodes::_if_acmpne :
@@ -1621,19 +1619,16 @@ void ClassVerifier::verify_method(const methodHandle& m, TRAPS) {
         case Bytecodes::_ifnonnull :
           current_frame.pop_stack(
             VerificationType::reference_check(), CHECK_VERIFY(this));
-          target = bcs.dest();
           stackmap_table.check_jump_target
-            (&current_frame, target, CHECK_VERIFY(this));
+            (&current_frame, bcs.bci(), bcs.get_offset_s2(), CHECK_VERIFY(this));
           no_control_flow = false; break;
         case Bytecodes::_goto :
-          target = bcs.dest();
           stackmap_table.check_jump_target(
-            &current_frame, target, CHECK_VERIFY(this));
+            &current_frame, bcs.bci(), bcs.get_offset_s2(), CHECK_VERIFY(this));
           no_control_flow = true; break;
         case Bytecodes::_goto_w :
-          target = bcs.dest_w();
           stackmap_table.check_jump_target(
-            &current_frame, target, CHECK_VERIFY(this));
+            &current_frame, bcs.bci(), bcs.get_offset_s4(), CHECK_VERIFY(this));
           no_control_flow = true; break;
         case Bytecodes::_tableswitch :
         case Bytecodes::_lookupswitch :
@@ -2283,15 +2278,14 @@ void ClassVerifier::verify_switch(
       }
     }
   }
-  int target = bci + default_offset;
-  stackmap_table->check_jump_target(current_frame, target, CHECK_VERIFY(this));
+  stackmap_table->check_jump_target(current_frame, bci, default_offset, CHECK_VERIFY(this));
   for (int i = 0; i < keys; i++) {
     // Because check_jump_target() may safepoint, the bytecode could have
     // moved, which means 'aligned_bcp' is no good and needs to be recalculated.
     aligned_bcp = align_up(bcs->bcp() + 1, jintSize);
-    target = bci + (jint)Bytes::get_Java_u4(aligned_bcp+(3+i*delta)*jintSize);
+    int offset = (jint)Bytes::get_Java_u4(aligned_bcp+(3+i*delta)*jintSize);
     stackmap_table->check_jump_target(
-      current_frame, target, CHECK_VERIFY(this));
+      current_frame, bci, offset, CHECK_VERIFY(this));
   }
   NOT_PRODUCT(aligned_bcp = NULL);  // no longer valid at this point
 }
@@ -2550,8 +2544,13 @@ bool ClassVerifier::ends_in_athrow(u4 start_bc_offset) {
         break;
 
       case Bytecodes::_goto:
-      case Bytecodes::_goto_w:
-        target = (opcode == Bytecodes::_goto ? bcs.dest() : bcs.dest_w());
+      case Bytecodes::_goto_w: {
+        int offset = (opcode == Bytecodes::_goto ? bcs.get_offset_s2() : bcs.get_offset_s4());
+        int min_offset = -1 * max_method_code_size;
+        // Check offset for overflow
+        if (offset < min_offset || offset > max_method_code_size) return false;
+
+        target = bci + offset;
         if (visited_branches->contains(bci)) {
           if (bci_stack->is_empty()) {
             if (handler_stack->is_empty()) {
@@ -2572,6 +2571,7 @@ bool ClassVerifier::ends_in_athrow(u4 start_bc_offset) {
           visited_branches->append(bci);
         }
         break;
+        }
 
       // Check that all switch alternatives end in 'athrow' bytecodes. Since it
       // is  difficult to determine where each switch alternative ends, parse
@@ -2608,7 +2608,10 @@ bool ClassVerifier::ends_in_athrow(u4 start_bc_offset) {
 
           // Push the switch alternatives onto the stack.
           for (int i = 0; i < keys; i++) {
-            u4 target = bci + (jint)Bytes::get_Java_u4(aligned_bcp+(3+i*delta)*jintSize);
+            int min_offset = -1 * max_method_code_size;
+            int offset = (jint)Bytes::get_Java_u4(aligned_bcp+(3+i*delta)*jintSize);
+            if (offset < min_offset || offset > max_method_code_size) return false;
+            u4 target = bci + offset;
             if (target > code_length) return false;
             bci_stack->push(target);
           }
 
@@ -100,8 +100,23 @@ class BaseBytecodeStream: StackObj {
   void            set_next_bci(int bci)          { assert(0 <= bci && bci <= method()->code_size(), "illegal bci"); _next_bci = bci; }
 
   // Bytecode-specific attributes
-  int             dest() const                   { return bci() + bytecode().get_offset_s2(raw_code()); }
-  int             dest_w() const                 { return bci() + bytecode().get_offset_s4(raw_code()); }
+  int get_offset_s2() const { return bytecode().get_offset_s2(raw_code()); }
+  int get_offset_s4() const { return bytecode().get_offset_s4(raw_code()); }
+
+  // These methods are not safe to use before or during verification as they may
+  // have large offsets and cause overflows
+  int dest() const {
+    int min_offset = -1 * max_method_code_size;
+    int offset = bytecode().get_offset_s2(raw_code());
+    guarantee(offset >= min_offset && offset <= max_method_code_size, "must be");
+    return bci() + offset;
+  }
+  int dest_w() const {
+    int min_offset = -1 * max_method_code_size;
+    int offset = bytecode().get_offset_s4(raw_code());
+    guarantee(offset >= min_offset && offset <= max_method_code_size, "must be");
+    return bci() + offset;
+  }
 
   // One-byte indices.
   int             get_index_u1() const           { assert_raw_index_size(1); return *(jubyte*)(bcp()+1); }
 
@@ -42,16 +42,19 @@
  * |Offset             | Content              | Description    |
  * |------------------------------------------------------------
  * |base_addr          | 0xABABABABABABABAB   | Head guard     |
- * |+16                | <size_t:user_size>   | User data size |
- * |+sizeof(uintptr_t) | <tag>                | Tag word       |
- * |+sizeof(uintptr_t) | <tag2>               | Tag word       |
+ * |+GUARD_SIZE        | <size_t:user_size>   | User data size |
+ * |+sizeof(size_t)    | <tag>                | Tag word       |
+ * |+sizeof(void*)     | <tag2>               | Tag word       |
+ * |+sizeof(void*)     | <pad bytes>          | Padding        |
  * |+sizeof(void*)     | 0xF1 <user_data> (   | User data      |
  * |+user_size         | 0xABABABABABABABAB   | Tail guard     |
  * -------------------------------------------------------------
  *
  * Where:
  *  - guard padding uses "badResourceValue" (0xAB)
  *  - tag word and tag2 word are general purpose
+ *  - padding is inserted as-needed by the compiler to ensure
+ *    the user data is aligned on a 16-byte boundary
  *  - user data
  *    -- initially padded with "uninitBlockPad" (0xF1),
  *    -- to "freeBlockPad" (0xBA), when freed
@@ -132,12 +135,15 @@ class GuardedMemory : StackObj { // Wrapper on stack
 
   /**
    * Header guard and size
+   *
+   * NB: the size and placement of the GuardHeader must be such that the
+   * user-ptr is maximally aligned i.e. 16-byte alignment for x86 ABI for
+   * stack alignment and use of vector (xmm) instructions. We use alignas
+   * to achieve this.
    */
-  class GuardHeader : Guard {
+  class alignas(16) GuardHeader : Guard {
     friend class GuardedMemory;
    protected:
-    // Take care in modifying fields here, will effect alignment
-    // e.g. x86 ABI 16 byte stack alignment
     union {
       uintptr_t __unused_full_word1;
       size_t _user_size;
 
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2025, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -25,10 +25,6 @@
 
 package java.net;
 
-import java.net.URI;
-import java.net.CookieStore;
-import java.net.HttpCookie;
-import java.net.URISyntaxException;
 import java.util.List;
 import java.util.Map;
 import java.util.ArrayList;
@@ -72,6 +68,7 @@ public InMemoryCookieStore() {
     /**
      * Add one cookie into cookie store.
      */
+    @Override
     public void add(URI uri, HttpCookie cookie) {
         // pre-condition : argument can't be null
         if (cookie == null) {
@@ -109,6 +106,7 @@ public void add(URI uri, HttpCookie cookie) {
      *  3) not expired.
      * See RFC 2965 sec. 3.3.4 for more detail.
      */
+    @Override
     public List<HttpCookie> get(URI uri) {
         // argument can't be null
         if (uri == null) {
@@ -127,12 +125,13 @@ public List<HttpCookie> get(URI uri) {
             lock.unlock();
         }
 
-        return cookies;
+        return Collections.unmodifiableList(cookies);
     }
 
     /**
      * Get all cookies in cookie store, except those have expired
      */
+    @Override
     public List<HttpCookie> getCookies() {
         List<HttpCookie> rt;
 
@@ -156,6 +155,7 @@ public List<HttpCookie> getCookies() {
      * Get all URIs, which are associated with at least one cookie
      * of this cookie store.
      */
+    @Override
     public List<URI> getURIs() {
         List<URI> uris = new ArrayList<>();
 
@@ -165,7 +165,7 @@ public List<URI> getURIs() {
             while (it.hasNext()) {
                 URI uri = it.next();
                 List<HttpCookie> cookies = uriIndex.get(uri);
-                if (cookies == null || cookies.size() == 0) {
+                if (cookies == null || cookies.isEmpty()) {
                     // no cookies list or an empty list associated with
                     // this uri entry, delete it
                     it.remove();
@@ -176,13 +176,14 @@ public List<URI> getURIs() {
             lock.unlock();
         }
 
-        return uris;
+        return Collections.unmodifiableList(uris);
     }
 
 
     /**
      * Remove a cookie from store
      */
+    @Override
     public boolean remove(URI uri, HttpCookie ck) {
         // argument can't be null
         if (ck == null) {
@@ -204,6 +205,7 @@ public boolean remove(URI uri, HttpCookie ck) {
     /**
      * Remove all cookies in this cookie store.
      */
+    @Override
     public boolean removeAll() {
         lock.lock();
         try {