java

JDK 18.0.2 Release Notes

Java™ SE Development Kit 18, Patch 18.0.2.1 (JDK 18.0.2.1)

August 18, 2022

The full version string for this update release is 18.0.2.1+1 (where "+" means "build"). The version number is 18.0.2.1.

 

IANA TZ Data 2022a

For more information, refer to Timezone Data Versions in the JRE Software.

 

Security Baselines

The security baselines are unchanged from the release of JDK 18.0.2.

JRE Family Version JRE Security Baseline (Full Version String)
18 18.0.2+9
17 17.0.4+11
11 11.0.16+11
8 8u341-b10
7 7u351-b07

Keeping the JDK up to Date

Oracle recommends that the JDK is updated with each Critical Patch Update. In order to determine if a release is the latest, the Security Baseline page can be used to determine which is the latest version for each release family.

Critical patch updates, which contain security vulnerability fixes, are announced one year in advance on Critical Patch Updates, Security Alerts and Bulletins. It is not recommended that this JDK (version 18.0.2.1) be used after the next critical patch update scheduled for October 18, 2022.

Oracle recommends that all JDK 18 users, even those that have already updated to 18.0.2, uptake the 18.0.2.1 patch release.

 

Changes

hotspot/compiler
 C2 Compilation Errors Unpredictably Crashes JVM

Fixes a regression in the C2 JIT compiler which caused the Java Runtime to crash unpredictably.


Java™ SE Development Kit 18.0.2 (JDK 18.0.2)

July 19, 2022

The full version string for this update release is 18.0.2+9 (where "+" means "build"). The version number is 18.0.2.

 

IANA TZ Data 2022a

For more information, refer to Timezone Data Versions in the JRE Software.

 

Security Baselines

The security baselines for the Java Runtime Environment (JRE) at the time of the release of JDK 18.0.2 are specified in the following table:

JRE Family Version JRE Security Baseline (Full Version String)
18 18.0.2+9
17 17.0.4+11
11 11.0.16+11
8 8u341-b10
7 7u351-b07

 

Keeping the JDK up to Date

Oracle recommends that the JDK is updated with each Critical Patch Update. In order to determine if a release is the latest, the Security Baseline page can be used to determine which is the latest version for each release family.

Critical patch updates, which contain security vulnerability fixes, are announced one year in advance on Critical Patch Updates, Security Alerts and Bulletins. It is not recommended that this JDK (version 18.0.2) be used after the next critical patch update scheduled for October 18, 2022.

 

Removed Features and Options

security-libs/javax.security
 Remove the Alternate ThreadLocal Implementation of the Subject::current and Subject::callAs APIs

The “jdk.security.auth.subject.useTL” system property and the alternate ThreadLocal implementation of the Subject::current and Subject::callAs APIs have been removed. The default implementation of these APIs is still supported.

See JDK-8282676 (not public)

Other Notes

core-libs/java.net
 java.net.InetAddress Updated to Reject Ambiguous IPv4 Address Literals

The java.net.InetAddress class has been updated to strictly accept IPv4 address literals in decimal quad notation. The InetAddress class methods are updated to throw an java.net.UnknownHostException for invalid IPv4 address literals. To disable this check, the new "jdk.net.allowAmbiguousIPAddressLiterals" system property can be set to "true".

See JDK-8277608 (not public)
hotspot/runtime
 CPU Shares Ignored When Computing Active Processor Count

Previous JDK releases used an incorrect interpretation of the Linux cgroups parameter "cpu.shares". This might cause the JVM to use fewer CPUs than available, leading to an under utilization of CPU resources when the JVM is used inside a container.

Starting from this JDK release, by default, the JVM no longer considers "cpu.shares" when deciding the number of threads to be used by the various thread pools. The -XX:+UseContainerCpuShares command-line option can be used to revert to the previous behavior. This option is deprecated and may be removed in a future JDK release.

tools/javac
 Lambda Deserialization Fails for Object Method References on Interfaces

Deserialization of serialized method references to Object methods, which was using an interface as the type on which the method is invoked, can now be deserialized again. Note the classfiles need to be recompiled to allow the deserialization.

 

Bug Fixes

The following table lists the bug fixes included in the JDK 18.0.2 release:

# JBS Component Subcomponent Summary
1JDK-8285686client-libs2dUpdate FreeType to 2.12.0
2JDK-8283217client-libs2dLeak FcObjectSet in getFontConfigLocations() in fontpath.c
3JDK-8284023client-libsjava.awtjava.sun.awt.X11GraphicsDevice.getDoubleBufferVisuals() leaks XdbeScreenVisualInfo
4JDK-8284033client-libsjava.awtLeak XVisualInfo in getAllConfigs in awt_GraphicsEnv.c
5JDK-8278065core-libsjava.io:serializationRefactor subclassAudits to use ClassValue
6JDK-8285517core-libsjava.langSystem.getenv() returns unexpected value if environment variable has non ASCII character
7JDK-8281168core-libsjava.lang.invokeMicro-optimize VarForm.getMemberName for interpreter
8JDK-8282444core-libsjava.lang.moduleModule finder incorrectly assumes default file system path-separator character
9JDK-8287162core-libsjava.nio(zipfs) Performance regression related to support for POSIX file permissions
10JDK-8286594core-libsjava.nio(zipfs) Mention paths with dot elements in ZipException and cleanups
11JDK-8285515core-libsjava.nio(dc) DatagramChannel.disconnect fails with "Invalid argument" on macOS 12.4
12JDK-8282929core-libsjava.textLocalized monetary symbols are not reflected in `toLocalizedPattern` return value
13JDK-8281615core-svcdebuggerDeadlock caused by jdwp agent
14JDK-8284094core-svcdebuggerMemory leak in invoker_completeInvokeRequest()
15JDK-8279219hotspotcompiler[REDO] C2 crash when allocating array of size too large
16JDK-8284848hotspotcompilerC2: Compiler blackhole arguments should be treated as globally escaping
17JDK-8280799hotspotcompilerС2: assert(false) failed: cyclic dependency prevents range check elimination
18JDK-8283451hotspotcompilerC2: assert(_base == Long) failed: Not a Long
19JDK-8282592hotspotcompilerC2: assert(false) failed: graph should be schedulable
20JDK-8282590hotspotcompilerC2: assert(addp->is_AddP() && addp->outcnt() > 0) failed: Don't process dead nodes
21JDK-8282312hotspotcompilerMinor corrections to evbroadcasti32x4 intrinsic on x86
22JDK-8282194hotspotcompilerC1: Missing side effects of dynamic constant linkage
23JDK-8281811hotspotcompilerassert(_base == Tuple) failed: Not a Tuple after JDK-8280799
24JDK-8256368hotspotcompilerAvoid repeated upcalls into Java to re-resolve MH/VH linkers/invokers
25JDK-8283641hotspotcompilerLarge value for CompileThresholdScaling causes assert
26JDK-8283408hotspotcompilerFix a C2 crash when filling arrays with unsafe
27JDK-8280867hotspotcompilerCpuid1Ecx feature parsing is incorrect for AMD CPUs
28JDK-8280600hotspotcompilerC2: assert(!had_error) failed: bad dominance
29JDK-8279668hotspotcompilerx86: AVX2 versions of vpxor should be asserted
30JDK-8275337hotspotcompilerC1: assert(false) failed: live_in set of first block must be empty
31JDK-8280901hotspotcompilerMethodHandle::linkToNative stub is missing w/ -Xint
32JDK-8282874hotspotcompilerBad performance on gather/scatter API caused by different IntSpecies of indexMap
33JDK-8281266hotspotcompiler[JVMCI] MetaUtil.toInternalName() doesn't handle hidden classes correctly
34JDK-8279822hotspotcompilerCI: Constant pool entries in error state are not supported
35JDK-8282231hotspotcompilerx86-32: runtime call to SharedRuntime::ldiv corrupts registers
36JDK-8283555hotspotgcG1: Concurrent mark accesses uninitialized BOT of closed archive regions
37JDK-8284532hotspotjfrMemory leak in BitSet::BitMapFragmentTable in JFR leak profiler
38JDK-8284549hotspotjfrJFR: FieldTable leaks FieldInfoTable member
39JDK-8280476hotspotruntime[macOS] : hotspot arm64 bug exposed by latest clang
40JDK-8282295hotspotruntimeSymbolPropertyEntry::set_method_type fails with assert
41JDK-8283469hotspotruntimeDon't use memset to initialize members in FileMapInfo and fix memory leak
42JDK-8281274hotspotruntimedeal with ActiveProcessorCount in os::Linux::print_container_info
43JDK-8283379hotspotruntimeMemory leak in FileHeaderHelper
44JDK-8281181hotspotruntimeDo not use CPU Shares to compute active processor count
45JDK-8283022security-libsjavax.cryptocom/sun/crypto/provider/Cipher/AEAD/GCMBufferTest.java failing with -Xcomp after 8273297
46JDK-8274524security-libsjavax.net.sslSSLSocket.close() hangs if it is called during the ssl handshake
47JDK-8286444toolsjavacjavac errors after JDK-8251329 are not helpful enough to find root cause
48JDK-8282080toolsjavacLambda deserialization fails for Object method references on interfaces
49JDK-8286855toolsjavacjavac error on invalid jar should only print filename