JDK21 jdk_security3_0_FAILED sun/security/pkcs11/KeyStore/CertChainRemoval.java PKCS11Exception: CKR_GENERAL_ERROR

[JasonFengJ9]

Failure link

From an internal build(rhel8x86-rtp-rt2-1):

08:24:53  openjdk version "21-internal" 2023-09-19
08:24:53  OpenJDK Runtime Environment (build 21-internal-adhoc.jenkins.BuildJDK21x86-64linuxPersonal)
08:24:53  Eclipse OpenJ9 VM (build master-163a51495d5, JRE 21 Linux amd64-64-Bit Compressed References 20230624_7 (JIT enabled, AOT enabled)
08:24:53  OpenJ9   - 163a51495d5
08:24:53  OMR      - 59b55e30960
08:24:53  JCL      - e76b3946ed5 based on jdk-21+27)

Rerun in Grinder - Change TARGET to run only the failed test targets.

Optional info

Failure output (captured from console output)

09:12:57  variation: Mode150
09:12:57  JVM_OPTIONS:  -XX:+UseCompressedOops 

09:25:23  TEST: sun/security/pkcs11/KeyStore/CertChainRemoval.java

09:25:23  STDOUT:
09:25:23  config CertChainRemoval.setUp(): success
09:25:23  Beginning test run CertChainRemoval...
09:25:23  Cannot resolve artifact, please check if JIB jar is present in classpath.
09:25:23  nssLibDir: /usr/lib64/
09:25:23  Running test with provider SunPKCS11-nss (security manager disabled) ...
09:25:23  Starting with: 
09:25:23  Entry# 1 = ca1
09:25:23  Entry# 2 = root
09:25:23  Entry# 3 = pk1
09:25:23  ========
09:25:23  Initial PKCS11 KeyStore: 
09:25:23  ========
09:25:23  Add pk1, ca1 and root, then delete pk1
09:25:23  test CertChainRemoval.test(): failure
09:25:23  java.security.KeyStoreException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_GENERAL_ERROR
09:25:23  	at jdk.crypto.cryptoki/sun.security.pkcs11.P11KeyStore.engineSetEntry(P11KeyStore.java:1121)
09:25:23  	at jdk.crypto.cryptoki/sun.security.pkcs11.P11KeyStore.engineSetKeyEntry(P11KeyStore.java:462)
09:25:23  	at java.base/java.security.KeyStore.setKeyEntry(KeyStore.java:1192)
09:25:23  	at CertChainRemoval.main(CertChainRemoval.java:141)
09:25:23  	at PKCS11Test.premain(PKCS11Test.java:178)
09:25:23  	at PKCS11Test.testNSS(PKCS11Test.java:554)
09:25:23  	at PKCS11Test.main(PKCS11Test.java:214)
09:25:23  	at PKCS11Test.main(PKCS11Test.java:190)
09:25:23  	at CertChainRemoval.test(CertChainRemoval.java:77)
09:25:23  	at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
09:25:23  	at java.base/java.lang.reflect.Method.invoke(Method.java:580)
09:25:23  	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:132)
09:25:23  	at org.testng.internal.TestInvoker.invokeMethod(TestInvoker.java:599)
09:25:23  	at org.testng.internal.TestInvoker.invokeTestMethod(TestInvoker.java:174)
09:25:23  	at org.testng.internal.MethodRunner.runInSequence(MethodRunner.java:46)
09:25:23  	at org.testng.internal.TestInvoker$MethodInvocationAgent.invoke(TestInvoker.java:822)
09:25:23  	at org.testng.internal.TestInvoker.invokeTestMethods(TestInvoker.java:147)
09:25:23  	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:146)
09:25:23  	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:128)
09:25:23  	at java.base/java.util.ArrayList.forEach(ArrayList.java:1593)
09:25:23  	at org.testng.TestRunner.privateRun(TestRunner.java:764)
09:25:23  	at org.testng.TestRunner.run(TestRunner.java:585)
09:25:23  	at org.testng.SuiteRunner.runTest(SuiteRunner.java:384)
09:25:23  	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:378)
09:25:23  	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:337)
09:25:23  	at org.testng.SuiteRunner.run(SuiteRunner.java:286)
09:25:23  	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:53)
09:25:23  	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:96)
09:25:23  	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1218)
09:25:23  	at org.testng.TestNG.runSuitesLocally(TestNG.java:1140)
09:25:23  	at org.testng.TestNG.runSuites(TestNG.java:1069)
09:25:23  	at org.testng.TestNG.run(TestNG.java:1037)
09:25:23  	at com.sun.javatest.regtest.agent.TestNGRunner.main(TestNGRunner.java:102)
09:25:23  	at com.sun.javatest.regtest.agent.TestNGRunner.main(TestNGRunner.java:58)
09:25:23  	at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
09:25:23  	at java.base/java.lang.reflect.Method.invoke(Method.java:580)
09:25:23  	at com.sun.javatest.regtest.agent.MainWrapper$MainTask.run(MainWrapper.java:138)
09:25:23  	at java.base/java.lang.Thread.run(Thread.java:1595)
09:25:23  Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_GENERAL_ERROR
09:25:23  	at jdk.crypto.cryptoki/sun.security.pkcs11.wrapper.PKCS11$InnerPKCS11.C_CreateObject(PKCS11.java:197)
09:25:23  	at jdk.crypto.cryptoki/sun.security.pkcs11.P11KeyStore.storeCert(P11KeyStore.java:1576)
09:25:23  	at jdk.crypto.cryptoki/sun.security.pkcs11.P11KeyStore.storeChain(P11KeyStore.java:1591)
09:25:23  	at jdk.crypto.cryptoki/sun.security.pkcs11.P11KeyStore.storePkey(P11KeyStore.java:1814)
09:25:23  	at jdk.crypto.cryptoki/sun.security.pkcs11.P11KeyStore.engineSetEntry(P11KeyStore.java:1117)
09:25:23  	... 37 more
09:25:23  
09:25:23  ===============================================
09:25:23  sun/security/pkcs11/KeyStore/CertChainRemoval.java
09:25:23  Total tests run: 1, Passes: 0, Failures: 1, Skips: 0
09:25:23  ===============================================

09:25:23  TEST RESULT: Failed. Execution failed: `main' threw exception: java.lang.Exception: failures: 1
09:25:23  --------------------------------------------------
09:53:23  Test results: passed: 901; failed: 1
09:53:37  Report written to /home/jenkins/workspace/Test_openjdk21_j9_extended.openjdk_x86-64_linux_Personal/aqa-tests/TKG/output_16876095876025/jdk_security3_0/report/html/report.html
09:53:37  Results written to /home/jenkins/workspace/Test_openjdk21_j9_extended.openjdk_x86-64_linux_Personal/aqa-tests/TKG/output_16876095876025/jdk_security3_0/work
09:53:37  Error: Some tests failed or other problems occurred.
09:53:37  -----------------------------------
09:53:37  jdk_security3_0_FAILED

50x internal grinder

[pshipton]

All the grinder appear to be failing the same way. Does it also fail on Adoptium?

[JasonFengJ9]

15x grinder w/ hotspot - all failed w/ PKCS11Exception: CKR_ATTRIBUTE_READ_ONLY.

22:29:11  STDOUT:
22:29:11  config CertChainRemoval.setUp(): success
22:29:11  Beginning test run CertChainRemoval...
22:29:11  Cannot resolve artifact, please check if JIB jar is present in classpath.
22:29:11  nssLibDir: /usr/lib64/
22:29:11  Running test with provider SunPKCS11-nss (security manager disabled) ...
22:29:11  Starting with: 
22:29:11  Entry# 1 = ca1
22:29:11  Entry# 2 = root
22:29:11  Entry# 3 = pk1
22:29:11  ========
22:29:11  Initial PKCS11 KeyStore: 
22:29:11  ========
22:29:11  Add pk1, ca1 and root, then delete pk1
22:29:11  test CertChainRemoval.test(): failure
22:29:11  java.security.KeyStoreException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_ATTRIBUTE_READ_ONLY
22:29:11  	at jdk.crypto.cryptoki/sun.security.pkcs11.P11KeyStore.engineSetEntry(P11KeyStore.java:1121)
22:29:11  	at jdk.crypto.cryptoki/sun.security.pkcs11.P11KeyStore.engineSetKeyEntry(P11KeyStore.java:462)
22:29:11  	at java.base/java.security.KeyStore.setKeyEntry(KeyStore.java:1192)
22:29:11  	at CertChainRemoval.main(CertChainRemoval.java:141)
22:29:11  	at PKCS11Test.premain(PKCS11Test.java:178)
22:29:11  	at PKCS11Test.testNSS(PKCS11Test.java:554)
22:29:11  	at PKCS11Test.main(PKCS11Test.java:214)
22:29:11  	at PKCS11Test.main(PKCS11Test.java:190)
22:29:11  	at CertChainRemoval.test(CertChainRemoval.java:77)
22:29:11  	at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
22:29:11  	at java.base/java.lang.reflect.Method.invoke(Method.java:580)
22:29:11  	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:132)
22:29:11  	at org.testng.internal.TestInvoker.invokeMethod(TestInvoker.java:599)
22:29:11  	at org.testng.internal.TestInvoker.invokeTestMethod(TestInvoker.java:174)
22:29:11  	at org.testng.internal.MethodRunner.runInSequence(MethodRunner.java:46)
22:29:11  	at org.testng.internal.TestInvoker$MethodInvocationAgent.invoke(TestInvoker.java:822)
22:29:11  	at org.testng.internal.TestInvoker.invokeTestMethods(TestInvoker.java:147)
22:29:11  	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:146)
22:29:11  	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:128)
22:29:11  	at java.base/java.util.ArrayList.forEach(ArrayList.java:1593)
22:29:11  	at org.testng.TestRunner.privateRun(TestRunner.java:764)
22:29:11  	at org.testng.TestRunner.run(TestRunner.java:585)
22:29:11  	at org.testng.SuiteRunner.runTest(SuiteRunner.java:384)
22:29:11  	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:378)
22:29:11  	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:337)
22:29:11  	at org.testng.SuiteRunner.run(SuiteRunner.java:286)
22:29:11  	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:53)
22:29:11  	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:96)
22:29:11  	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1218)
22:29:11  	at org.testng.TestNG.runSuitesLocally(TestNG.java:1140)
22:29:11  	at org.testng.TestNG.runSuites(TestNG.java:1069)
22:29:11  	at org.testng.TestNG.run(TestNG.java:1037)
22:29:11  	at com.sun.javatest.regtest.agent.TestNGRunner.main(TestNGRunner.java:102)
22:29:11  	at com.sun.javatest.regtest.agent.TestNGRunner.main(TestNGRunner.java:58)
22:29:11  	at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
22:29:11  	at java.base/java.lang.reflect.Method.invoke(Method.java:580)
22:29:11  	at com.sun.javatest.regtest.agent.MainWrapper$MainTask.run(MainWrapper.java:138)
22:29:11  	at java.base/java.lang.Thread.run(Thread.java:1583)
22:29:11  Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_ATTRIBUTE_READ_ONLY
22:29:11  	at jdk.crypto.cryptoki/sun.security.pkcs11.wrapper.PKCS11.C_CreateObject(Native Method)
22:29:11  	at jdk.crypto.cryptoki/sun.security.pkcs11.P11KeyStore.storeCert(P11KeyStore.java:1576)
22:29:11  	at jdk.crypto.cryptoki/sun.security.pkcs11.P11KeyStore.storeChain(P11KeyStore.java:1591)
22:29:11  	at jdk.crypto.cryptoki/sun.security.pkcs11.P11KeyStore.storePkey(P11KeyStore.java:1814)
22:29:11  	at jdk.crypto.cryptoki/sun.security.pkcs11.P11KeyStore.engineSetEntry(P11KeyStore.java:1117)
22:29:11  	... 37 more
22:29:11  
22:29:11  ===============================================
22:29:11  sun/security/pkcs11/KeyStore/CertChainRemoval.java
22:29:11  Total tests run: 1, Passes: 0, Failures: 1, Skips: 0
22:29:11  ===============================================

[pshipton]

@jasonkatonica fyi

[pshipton]

We should check if this still fails on the latest builds. We updated to the initial release candidate Aug 14.

[JasonFengJ9]

Still seen in a latest run - JDK21 x86-64_linux
ubu22x86-svl-rt11-1

12:29:47  openjdk version "21-internal" 2023-09-19
12:29:47  OpenJDK Runtime Environment (build 21-internal-adhoc.jenkins.BuildJDK21x86-64linuxPersonal)
12:29:47  Eclipse OpenJ9 VM (build master-ea0d545d82a, JRE 21 Linux amd64-64-Bit Compressed References 20230814_56 (JIT enabled, AOT enabled)
12:29:47  OpenJ9   - ea0d545d82a
12:29:47  OMR      - 43a2b1d3416
12:29:47  JCL      - 87ec21cbc99 based on jdk-21+33)

13:53:56  variation: Mode150
13:53:56  JVM_OPTIONS:  -XX:+UseCompressedOops 

14:18:21  TEST: sun/security/pkcs11/KeyStore/CertChainRemoval.java

14:18:21  test CertChainRemoval.test(): failure
14:18:21  java.security.KeyStoreException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_GENERAL_ERROR
14:18:21  	at jdk.crypto.cryptoki/sun.security.pkcs11.P11KeyStore.engineSetEntry(P11KeyStore.java:1121)
14:18:21  	at jdk.crypto.cryptoki/sun.security.pkcs11.P11KeyStore.engineSetKeyEntry(P11KeyStore.java:462)
14:18:21  	at java.base/java.security.KeyStore.setKeyEntry(KeyStore.java:1192)
14:18:21  	at CertChainRemoval.main(CertChainRemoval.java:141)
14:18:21  	at PKCS11Test.premain(PKCS11Test.java:178)
14:18:21  	at PKCS11Test.testNSS(PKCS11Test.java:554)
14:18:21  	at PKCS11Test.main(PKCS11Test.java:214)
14:18:21  	at PKCS11Test.main(PKCS11Test.java:190)
14:18:21  	at CertChainRemoval.test(CertChainRemoval.java:77)
14:18:21  	at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
14:18:21  	at java.base/java.lang.reflect.Method.invoke(Method.java:580)
14:18:21  	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:132)
14:18:21  	at org.testng.internal.TestInvoker.invokeMethod(TestInvoker.java:599)
14:18:21  	at org.testng.internal.TestInvoker.invokeTestMethod(TestInvoker.java:174)
14:18:21  	at org.testng.internal.MethodRunner.runInSequence(MethodRunner.java:46)
14:18:21  	at org.testng.internal.TestInvoker$MethodInvocationAgent.invoke(TestInvoker.java:822)
14:18:21  	at org.testng.internal.TestInvoker.invokeTestMethods(TestInvoker.java:147)
14:18:21  	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:146)
14:18:21  	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:128)
14:18:21  	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
14:18:21  	at org.testng.TestRunner.privateRun(TestRunner.java:764)
14:18:21  	at org.testng.TestRunner.run(TestRunner.java:585)
14:18:21  	at org.testng.SuiteRunner.runTest(SuiteRunner.java:384)
14:18:21  	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:378)
14:18:21  	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:337)
14:18:21  	at org.testng.SuiteRunner.run(SuiteRunner.java:286)
14:18:21  	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:53)
14:18:21  	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:96)
14:18:21  	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1218)
14:18:21  	at org.testng.TestNG.runSuitesLocally(TestNG.java:1140)
14:18:21  	at org.testng.TestNG.runSuites(TestNG.java:1069)
14:18:21  	at org.testng.TestNG.run(TestNG.java:1037)
14:18:21  	at com.sun.javatest.regtest.agent.TestNGRunner.main(TestNGRunner.java:102)
14:18:21  	at com.sun.javatest.regtest.agent.TestNGRunner.main(TestNGRunner.java:58)
14:18:21  	at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
14:18:21  	at java.base/java.lang.reflect.Method.invoke(Method.java:580)
14:18:21  	at com.sun.javatest.regtest.agent.MainWrapper$MainTask.run(MainWrapper.java:138)
14:18:21  	at java.base/java.lang.Thread.run(Thread.java:1595)
14:18:21  Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_GENERAL_ERROR
14:18:21  	at jdk.crypto.cryptoki/sun.security.pkcs11.wrapper.PKCS11$InnerPKCS11.C_CreateObject(PKCS11.java:197)
14:18:21  	at jdk.crypto.cryptoki/sun.security.pkcs11.P11KeyStore.storeCert(P11KeyStore.java:1576)
14:18:21  	at jdk.crypto.cryptoki/sun.security.pkcs11.P11KeyStore.storeChain(P11KeyStore.java:1591)
14:18:21  	at jdk.crypto.cryptoki/sun.security.pkcs11.P11KeyStore.storePkey(P11KeyStore.java:1814)
14:18:21  	at jdk.crypto.cryptoki/sun.security.pkcs11.P11KeyStore.engineSetEntry(P11KeyStore.java:1117)
14:18:21  	... 37 more
14:18:21  
14:18:21  ===============================================
14:18:21  sun/security/pkcs11/KeyStore/CertChainRemoval.java
14:18:21  Total tests run: 1, Passes: 0, Failures: 1, Skips: 0

14:18:21  TEST RESULT: Failed. Execution failed: `main' threw exception: java.lang.Exception: failures: 1
14:18:21  --------------------------------------------------
15:14:42  Test results: passed: 902; failed: 1
15:14:54  Report written to /home/jenkins/workspace/Test_openjdk21_j9_extended.openjdk_x86-64_linux_Personal/aqa-tests/TKG/output_16920306894918/jdk_security3_0/report/html/report.html
15:14:54  Results written to /home/jenkins/workspace/Test_openjdk21_j9_extended.openjdk_x86-64_linux_Personal/aqa-tests/TKG/output_16920306894918/jdk_security3_0/work
15:14:54  Error: Some tests failed or other problems occurred.
15:14:54  -----------------------------------
15:14:54  jdk_security3_0_FAILED

hotspot failed as well 3x grinder
rhel8x86-rt1-1, cent8x86-rtp-rt7-1, cent9x86-svl-rt4-1

10:35:57  openjdk version "21-beta" 2023-09-19
10:35:57  OpenJDK Runtime Environment Temurin-21+34-202308082331 (build 21-beta+34-202308082331)
10:35:57  OpenJDK 64-Bit Server VM Temurin-21+34-202308082331 (build 21-beta+34-202308082331, mixed mode, sharing)

[pshipton]

@jasonkatonica any ideas about this one, do you think we have a machine setup issue?

[jasonkatonica]

The error CKR_ATTRIBUTE_READ_ONLY can be expected if running on a FIPS machine since the NSS database is read only. Perhaps the CKR_GENERAL_ERROR could indicate this too since in the stack it is attempting to insert a certificate into the PKCS11 database ( NSS ). Could it be that NSS, or another PKCS11 setup, is not on this machine? Non fips tests I would expect to work with a read / write database when not in fips mode.

[pshipton]

I added the internal machine names, which are also available in the grinders (while they remain). There were a number of machines used and they all failed. Can you pls look at one of these to see if NSS or another PKCS11 is installed? Or let me know how to check (it doesn't seem obvious). I also wonder if the account we are using to run testing needs special privilege to write?

ubu22x86-svl-rt11-1, rhel8x86-rt1-1, cent8x86-rtp-rt7-1, cent9x86-svl-rt4-1

[jasonkatonica]

On rhel the NSS database is typically installed at /etc/pki/nssdb and the nss libraries are installed with dnf install nss.

The test itself can be coded to use any library and or nss database location. The test CertChainRemoval.java on line 72 is using a custom configuration file which points to the file p11-nss.txt , from there i am unsure what values it actually specifies for the location of the nssdb and library for configdir= and library = since it is doing substitution.

I did check out the machine ubu22x86-svl-rt11-1 and it does have nss installed as seen here:

jenkins@ubu22x86-svl-rt11-1:~$ apt list --installed | grep libnss3

WARNING: apt does not have a stable CLI interface. Use with caution in scripts.

libnss3/jammy-updates,jammy-security,now 2:3.68.2-0ubuntu1.2 amd64 [installed,automatic]

I could not however find any nssdb file on this system, I would assume we need this for this test to pass. The doc here seems to indicate on Ubuntu that we should expect the nssdb to be located in ~/.pki/nssdb but this directory did not exist. It might be possible to try to create the nssdb using the instructions Bootstrapping the NSS database in the NSS doc to see if the test ends up picking up the nss database that was created. I didnt have the permission to try to run these commands to see what happens:

sudo apt install libnss3-tools
mkdir -p ~/.pki/nssdb
certutil -d ~/.pki/nssdb -N

I also agree that the permissions to the nssdb file would need to allow for the jenkins user to read and write the file for this to work.

[taoliult]

Checking on this issue, will update shortly.

[taoliult]

Test case tried to add the following "pk1", "ca1" and "root" private keys and their certs. Failed when adding "ca1", line at "p11ks.setKeyEntry("ca1", caPrivKey, null, ca1Chain);".

        System.out.println("Add pk1, ca1 and root, then delete pk1");
        p11ks.setKeyEntry("pk1", pk1PrivKey, null, pk1Chain);
        p11ks.setKeyEntry("ca1", caPrivKey, null, ca1Chain);
        p11ks.setKeyEntry("root", rootPrivKey, null, rootChain);
        p11ks.deleteEntry("pk1");

I commented the code of adding "ca1", then the other two, "pk1" and "root" can be added success without any issue. So, the issue happened on the key "ca1" and its cert.

Right now, I am adding the debug output in PKCS11.java to print out all the CK Attribute when adding the key and cert. Since the failure error is due to "PKCS11Exception: CKR_ATTRIBUTE_READ_ONLY".

[taoliult]

This issue is due to a NSS behavior change in newer NSS releases. And there is a defect, link below, opened in OpenJDK to updates the PKCS11 KeyStore impl to work with the NSS behavior change.

https://bugs.openjdk.org/browse/JDK-8309214
openjdk/jdk21u@c849fa5

So, a question, do we will pick up the codes fix from OpenJDK repo, or we have to manually apply this code change?

And, since it is not an issue introduced by us, so I don't think it is a blocker issue.

[pshipton]

It appears the OpenJDK fix is part of 20.0.1 which OpenJ9 will pick up in Oct before any OpenJ9 jdk21 release.

[pshipton]

@JasonFengJ9 once we have builds testing 20.0.1 (i.e. tonight) pls confirm if this is resolved.

[JasonFengJ9]

Passed in latest run

05:57:41  java version "21.0.1-beta" 2023-10-17
05:57:41  IBM Semeru Runtime Certified Edition 21.0.1+12-202310260910 (build 21.0.1-beta+12-202310260910)
05:57:41  Eclipse OpenJ9 VM 21.0.1+12-202310260910 (build master-66e3fd1da, JRE 21 Linux amd64-64-Bit Compressed References 20231026_22 (JIT enabled, AOT enabled)
05:57:41  OpenJ9   - 66e3fd1da
05:57:41  OMR      - 071c0c25b
05:57:41  JCL      - c06eaf638 based on jdk-21.0.1+12)