RELEASE NOTES: JDK openjdk8u222

Notes generated: Wed Sep 01 01:13:23 CEST 2021

JEPs

None.

RELEASE NOTES

security-libs/javax.net.ssl

Issue Description
JDK-8210985

Default SSL Session Cache Size Updated to 20480


The default SSL session cache size has been updated to 20480 in this JDK release


hotspot/runtime

Issue Description
JDK-7102541

os::set_native_thread_name() cleanups


On platforms that support the concept of a thread name on their native threads, the java.lang.Thread.setName() method will also set that native thread name. However, this will only occur when called by the current thread, and only for threads started through the java.lang.Thread class (not for native threads that have attached via JNI). The presence of a native thread name can be useful for debugging and monitoring purposes. Some platforms may limit the native thread name to a length much shorter than that used by the java.lang.Thread, which may result in some threads having the same native name.


client-libs/javax.swing

Issue Description
JDK-8218479

GTK+ 3.20 and Later Unsupported by Swing


Due to incompatible changes in the GTK+ 3 library versions 3.20 and later, the Swing GTK Look and Feel does not render some UI components when using this library. Therefore Linux installations with versions of GTK+ 3.20 and above are not supported for use by the Swing GTK Look And Feel in this release. Affected applications on such configurations should specify the system property -Djdk.gtk.version=2.2 to request GTK2+ based rendering instead.


JDK-8218469

GTK+ 3.20 and Later Unsupported by Swing


Due to incompatible changes in the GTK+ 3 library versions 3.20 and later, the Swing GTK Look and Feel does not render some UI components when using this library. Therefore Linux installations with versions of GTK+ 3.20 and above are not supported for use by the Swing GTK Look And Feel in this release.


GTK+ 3.20 and Later Unsupported by Swing


Due to incompatible changes in the GTK+ 3 library versions 3.20 and later, the Swing GTK Look and Feel does not render some UI components when using this library. Therefore Linux installations with versions of GTK+ 3.20 and above are not supported for use by the Swing GTK Look And Feel in this release. Affected applications on such configurations should specify the system property -Djdk.gtk.version=2.2 to request GTK2+ based rendering instead.


GTK+ 3.20 and Later Unsupported by Swing


Due to incompatible changes in the GTK+ 3 library versions 3.20 and later, the Swing GTK Look and Feel does not render some UI components when using this library. Therefore Linux installations with versions of GTK+ 3.20 and above are not supported for use by the Swing GTK Look And Feel in this release. Affected applications on such configurations should specify the system property -Djdk.gtk.version=2.2 to request GTK2+ based rendering instead.


JDK-8218473

GTK+ 3.20 and Later Unsupported by Swing


Due to incompatible changes in the GTK+ 3 library versions 3.20 and later, the Swing GTK Look and Feel does not render some UI components when using this library. Therefore Linux installations with versions of GTK+ 3.20 and above are not supported for use by the Swing GTK Look And Feel in this release. Affected applications on such configurations should specify the system property -Djdk.gtk.version=2.2 to request GTK2+ based rendering instead.


JDK-8218470

GTK+ 3.20 and Later Unsupported by Swing


Due to incompatible changes in the GTK+ 3 library versions 3.20 and later, the Swing GTK Look and Feel does not render some UI components when using this library. Therefore Linux installations with versions of GTK+ 3.20 and above are not supported for use by the Swing GTK Look And Feel in this release. Affected applications on such configurations should specify the system property -Djdk.gtk.version=2.2 to request GTK2+ based rendering instead.


JDK-8218472

GTK+ 3.20 and Later Unsupported by Swing


Due to incompatible changes in the GTK+ 3 library versions 3.20 and later, the Swing GTK Look and Feel does not render some UI components when using this library. Therefore Linux installations with versions of GTK+ 3.20 and above are not supported for use by the Swing GTK Look And Feel in this release. Affected applications on such configurations should specify the system property -Djdk.gtk.version=2.2 to request GTK2+ based rendering instead.


security-libs/java.security

Issue Description
JDK-8195793

Removal of GTE CyberTrust Global Root


The GTE CyberTrust Global Root certificate is expired and has been removed from the cacerts keystore: + alias name "gtecybertrustglobalca [jdk]"

Distinguished Name: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US


JDK-8210432

Added Additional TeliaSonera Root Certificate


The following root certificate have been added to the OpenJDK cacerts truststore: + TeliaSonera + teliasonerarootcav1

DN: CN=TeliaSonera Root CA v1, O=TeliaSonera

JDK-8196141

Added GoDaddy Root Certificates


The following root certificates have been added to the OpenJDK cacerts truststore: + GoDaddy + godaddyrootg2ca

DN: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., 
       CN=Go Daddy Root Certificate Authority - G2
  • godaddyclass2ca

    DN: C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority

  • starfieldclass2ca

    DN: C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority

  • starfieldrootg2ca

    DN: C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Root Certificate Authority - G2


JDK-8222137

Removal of T-Systems Deutsche Telekom Root CA 2 Certificate


The T-Systems Deutsche Telekom Root CA 2 certificate has expired and was removed from the cacerts keystore: + alias name "deutschetelekomrootca2 [jdk]"

Distinguished Name: CN=Deutsche Telekom Root CA 2, OU=T-TeleSec Trust Center, O=Deutsche Telekom AG, C=DE


JDK-8209506

Added Google Trust Services GlobalSign Root Certificates


The following root certificates have been added to the OpenJDK cacerts truststore: + Google + globalsigneccrootcar4

DN: CN=GlobalSign, O=GlobalSign, OU=GlobalSign ECC Root CA - R4
  • globalsignr2ca

    DN: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2


JDK-8223499

Removal of Two DocuSign Root CA Certificates


Two DocuSign root CA certificates have expired and were removed from the cacerts keystore: + alias name "certplusclass2primaryca [jdk]"

Distinguished Name: CN=Class 2 Primary CA, O=Certplus, C=FR

  • alias name "certplusclass3pprimaryca [jdk]"

    Distinguished Name: CN=Class 3P Primary CA, O=Certplus, C=FR


JDK-8199779

Added T-Systems, GlobalSign and Starfield Services Root Certificates


The following root certificates have been added to the OpenJDK cacerts truststore: + T-Systems + deutschetelekomrootca2

DN: CN=Deutsche Telekom Root CA 2, OU=T-TeleSec Trust Center, O=Deutsche Telekom AG, C=DE
  • ttelesecglobalrootclass3ca

    DN: CN=T-TeleSec GlobalRoot Class 3, OU=T-Systems Trust Center, O=T-Systems Enterprise Services GmbH, C=DE

  • ttelesecglobalrootclass2ca DN: CN=T-TeleSec GlobalRoot Class 2, OU=T-Systems Trust Center, O=T-Systems Enterprise Services GmbH, C=DE

  • Amazon

  • starfieldservicesrootg2ca

    DN: CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US

  • GlobalSign

  • globalsignca

    DN: CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE

  • globalsignr3ca

    DN: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3

  • globalsigneccrootcar5

    DN: CN=GlobalSign, O=GlobalSign, OU=GlobalSign ECC Root CA - R5


JDK-8195774

Added Entrust Root Certificates


The following root certificates have been added to the OpenJDK cacerts truststore: + Entrust + entrustrootcaec1

DN: C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, 
       OU=(c) 2012 Entrust, Inc. - for authorized use only,
       CN=Entrust Root Certification Authority - EC1
  • entrust2048ca

    DN: O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)

  • entrustrootcag2

    DN: C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2009 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - G2

  • entrustevca

    DN: C=US, O=Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, OU=(c) 2006 Entrust, Inc., CN=Entrust Root Certification Authority

  • affirmtrustnetworkingca

    DN: C=US, O=AffirmTrust, CN=AffirmTrust Networking

  • affirmtrustpremiumca

    DN: C=US, O=AffirmTrust, CN=AffirmTrust Premium

  • affirmtrustcommercialca

    DN: C=US, O=AffirmTrust, CN=AffirmTrust Commercial

  • affirmtrustpremiumeccca

    DN: C=US, O=AffirmTrust, CN=AffirmTrust Premium ECC


JDK-8189131

TLS does not work by default on OpenJDK 9


The OpenJDK 9 binary for Linux x64 contains an empty `cacerts` keystore. This prevents TLS connections from being established because there are no Trusted Root Certificate Authorities installed. You may see an exception like the following: 

javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty

As a workaround, users can set the javax.net.ssl.trustStore System Property to use a different keystore. For example, the ca-certificates package on Oracle Linux 7 contains the set of Root CA certificates chosen by the Mozilla Foundation for use with the Internet PKI. This package installs a trust store at /etc/pki/java/cacerts, which can be used by OpenJDK 9.

Only the OpenJDK 64 bit Linux download is impacted. This issue does not apply to any Oracle JRE/JDK download.

Progress on open-sourcing the Oracle JDK Root CAs can be tracked through the issue JDK-8189131.


JEP 319 Root Certificates


Provides a default set of root Certification Authority (CA) certificates in the JDK.

The cacerts keystore of the OpenJDK 9 binary for Linux x64 has been populated by JEP 319: Root Certificates [1] with a set of root certificates issued by the CAs of Oracle's Java SE Root CA Program. This addresses the problem of the empty cacerts keystore in the OpenJDK 9 binary for Linux x64. The empty cacerts keystore had prevented TLS connections from being established because Trusted Root Certificate Authorities were not installed. As a workaround for OpenJDK 9 binaries, users had to set the javax.net.ssl.trustStore System Property to use a different keystore.

[1] https://bugs.java.com/viewbug.do?bugid=JDK-8191486


JDK-8222136

Removal of Two Comodo Root CA Certificates


Two Comodo root CA certificates have expired and were removed from the cacerts keystore: + alias name "utnuserfirstclientauthemailca [jdk]"

Distinguished Name: CN=UTN-USERFirst-Client Authentication and Email, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US

  • alias name "utnuserfirsthardwareca [jdk]"

    Distinguished Name: CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US


JDK-8216577

Added GlobalSign R6 Root Certificate


The following root certificate has been added to the cacerts truststore: ``` + GlobalSign + globalsignrootcar6

DN: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R6

```


FIXED ISSUES

client-libs

Priority Bug Summary
P3 JDK-8214252 Expanded & Collapsed nodes of a JTree look the same on GTK3
P3 JDK-8055705 Rename UnixPrintServiceLookup and Win32PrintServiceLookup as a platform neutral class name

client-libs/2d

Priority Bug Summary
P2 JDK-8218020 Fix version number in mesa.md 3rd party legal file
P3 JDK-8221263 [TEST_BUG] RemotePrinterStatusRefresh test is hard to use
P3 JDK-8212202 [Windows] Exception if no printers are installed.
P3 JDK-8217263 Automate DashOffset test
P3 JDK-8204929 Fonts with embedded bitmaps are not always rotated
P3 JDK-8221412 lookupPrintServices() does not always update the list of Windows remote printers
P3 JDK-8225065 Revert 8221166 (8u backport of 8048782)
P3 JDK-8153732 Windows remote printer changes do not reflect in lookupPrintServices()
P4 JDK-8048782 OpenJDK: PiscesCache : xmax/ymax rounding up can cause RasterFormatException

client-libs/java.awt

Priority Bug Summary
P1 JDK-8197546 Fix for 8171000 breaks Solaris + Linux builds
P2 JDK-8220495 Update GIFlib library to the 5.1.8
P3 JDK-8214765 All TrayIcon MessageType icons does not show up with gtk3 option set
P3 JDK-8210886 Remove references in xwindows.md to non-existent files.
P3 JDK-8214109 XToolkit is not correctly displayed color on 16-bit high color setting
P4 JDK-8019816 [TEST_BUG][macosx] closed/java/awt/BasicStroke/DashZeroWidth.java not on EDT
P4 JDK-8213213 Remove src/java.desktop/unix/classes/sun/awt/X11/keysym2ucs.h
P4 JDK-8171000 Robot.createScreenCapture() crashes in wayland mode

client-libs/java.awt:i18n

Priority Bug Summary
P4 JDK-8213183 InputMethod cannot be used after its restarting

client-libs/javax.accessibility

Priority Bug Summary
P3 JDK-8202768 [macos] Appkit thread slows when any Window Manager active

client-libs/javax.imageio

Priority Bug Summary
P2 JDK-8191073 JpegImageReader throws IndexOutOfBoundsException when trying to read image data from tables-only image
P3 JDK-8044289 In ImageIO.write() and ImageIO.read() null stream is not handled properly.

client-libs/javax.swing

Priority Bug Summary
P2 JDK-8218473 JOptionPane display issue with GTKLookAndFeel
P2 JDK-8218472 JProgressBar display issue with GTKLookAndFeel
P2 JDK-8218470 JScrollBar display issue with GTKLookAndFeel
P2 JDK-8218469 JSlider display issue with slider for GTKLookAndFeel
P2 JDK-8218479 JTextPane display issue with GTKLookAndFeel
P2 JDK-8203627 Swing applications with JRadioButton and JCheckbox fail to render correctly when using GTK3 and the GTK L&F
P3 JDK-8218674 HTML Tooltip with "img src=" on component doesn't show
P3 JDK-8220349 The fix done for JDK-8214253 have caused issues in JTree behaviour
P3 JDK-8214112 The whole text in target JPasswordField image are not selected.
P3 JDK-8214111 There is no icon in all JOptionPane target image
P3 JDK-8214253 Tooltip is transparent rather than having a black background

core-libs

Priority Bug Summary
P3 JDK-8135248 Add utility methods to check indexes and ranges

core-libs/java.lang.invoke

Priority Bug Summary
P4 JDK-8206955 MethodHandleProxies.asInterfaceInstance does not support default methods

core-libs/java.net

Priority Bug Summary
P3 JDK-8196775 java/net/Socket/asyncClose/Race.java failed intermittently on Windows with ConnectException: Connection refused
P4 JDK-8025209 Intermittent test failure java/net/Socket/asyncClose/AsyncClose.java
P4 JDK-8143097 java/net/ipv6tests/UdpTest.java fails intermittently with "checkTime failed: got 1998 expected 4000"
P4 JDK-8151226 Mark UdpTest.java as intermittently failing
P4 JDK-7100957 SOCKS proxying does not work with IPv6 connections
P4 JDK-8031666 TEST_BUG: java/net/ipv6tests/UdpTest.java failed because of SocketTimeoutException

core-libs/java.nio

Priority Bug Summary
P3 JDK-8157287 java/nio/file/FileStore/Basic.java failed with "java.nio.file.AccessDeniedException : /zones/zoneone/root "
P4 JDK-8176237 (fs) java/nio/file/FileStore/Basic.java should conditionally check FileStores
P4 JDK-8173910 (fs) java/nio/file/FileSystem/Basic.java should conditionally check FileStores
P4 JDK-8073078 java/nio/file/FileStore/Basic.java sensitive to NFS configuration
P4 JDK-8030690 TEST_BUG java/nio/Buffer/Chars.java fails intermittently
P4 JDK-8031113 TEST_BUG: java/nio/channels/AsynchronousChannelGroup/Basic.java fails intermittently
P4 JDK-8031563 TEST_BUG: java/nio/channels/Selector/ChangingInterests.java failed once

core-libs/java.nio.charsets

Priority Bug Summary
P4 JDK-8022879 TEST_BUG: sun/nio/cs/MalformedSurrogates.java fails intermittently

core-libs/java.time

Priority Bug Summary
P3 JDK-8224560 (tz) Upgrade time-zone data to tzdata2019a
P3 JDK-8225580 tzdata2018i integration causes test failures on jdk-13
P4 JDK-8215982 (tz) Upgrade time-zone data to tzdata2018i
P4 JDK-8214770 java/time/test/java/time/format/TestNonIsoFormatter.java failed in non-english locales.

core-libs/java.util

Priority Bug Summary
P3 JDK-8146458 Improve exception reporting for Objects.checkIndex/checkFromToIndex/checkFromIndexSize
P3 JDK-8155794 Move Objects.checkIndex BiFunction accepting methods to an internal package
P3 JDK-8142493 Utility methods to check indexes and ranges doesn't specify behavior when function produces null

core-libs/java.util.stream

Priority Bug Summary
P3 JDK-8075939 Stream.flatMap() causes breaking of short-circuiting of terminal operations
P4 JDK-8190974 Parallel stream execution within a custom ForkJoinPool should obey the parallelism
P4 JDK-8154387 Parallel unordered Stream.limit() tries to collect 128 elements even if limit is less

core-libs/java.util:i18n

Priority Bug Summary
P2 JDK-8210153 localized currency symbol of VES
P2 JDK-8195478 sun/text/resources/LocaleDataTest.java fails with java.lang.Exception
P2 JDK-8214935 Upgrade IANA LSR data
P3 JDK-8157792 After Integrating tzdata2016d the test/sun/util/calendar/zi/TestZoneInfo310.java fails for "Asia/Oral" and "Asia/Qyzylorda" Timezones
P3 JDK-8193552 ISO 4217 Amendment #165 Update
P3 JDK-8202026 ISO 4217 Amendment #166 Update
P3 JDK-8204269 ISO 4217 Amendment #167 Update
P3 JDK-8208746 ISO 4217 Amendment #168 Update
P3 JDK-8209775 ISO 4217 Amendment #169 Update
P3 JDK-8218781 Localized names for Japanese Era Reiwa in COMPAT provider
P3 JDK-8177472 Remove hard-coded IANA Subtag Registry map in LocaleEquivalentMap.java
P3 JDK-8187946 Support ISO 4217 Amendments 163 and 164
P3 JDK-8040211 Update LSR datafile for BCP 47
P4 JDK-8191404 Upgrading JDK with latest available LSR data from IANA.

hotspot/compiler

Priority Bug Summary
P2 JDK-8213825 assert(false) failed: Non-balanced monitor enter/exit! Likely JNI locking
P2 JDK-8223537 testlibrary_tests/ctw/ClassesListTest.java fails with Agent timeout frequently
P3 JDK-8059575 JEP-JDK-8043304: Test task: Tiered Compilation level transition tests
P3 JDK-8222670 pathological case of JIT recompilation and code cache bloat
P3 JDK-8209951 Problematic sparc intrinsic: com.sun.crypto.provider.CipherBlockChaining
P3 JDK-8202414 Unsafe write after primitive array creation may result in array length change
P4 JDK-8166684 PPC64: implement intrinsic code with vector instructions for Unsafe.copyMemory()
P4 JDK-8158232 PPC64: improve byte, int and long array copy stubs by using VSX instructions

hotspot/gc

Priority Bug Summary
P2 JDK-8176100 [REDO][REDO] G1 Needs pre barrier on dereference of weak JNI handles
P2 JDK-8225716 G1 GC: Undefined behaviour in G1BlockOffsetTablePart::block_at_or_preceding
P3 JDK-8150013 ParNew: Prune nmethods scavengable list
P4 JDK-8223664 Add jtreg tests for 8223528, backport to jdk8u of 8176100
P4 JDK-8064786 Fix debug build after 8062808: Turn on the -Wreturn-type warning
P4 JDK-8151539 Remove duplicate AlwaysTrueClosures

hotspot/runtime

Priority Bug Summary
P3 JDK-8151322 Implement os::set_native_thread_name() on Solaris
P3 JDK-8220718 Missing ResourceMark in nmethod::metadata_do
P3 JDK-7102541 RFE: os::set_native_thread_name() cleanups
P4 JDK-8154156 PPC64: improve array copy stubs by using vector instructions
P4 JDK-8185969 PPC64: Improve VSR support to use up to 64 registers
P4 JDK-8217315 Proper units should print more significant digits
P5 JDK-8223883 Fix jni.cpp copyright date after 8223528

hotspot/svc

Priority Bug Summary
P2 JDK-8134030 test/serviceability/dcmd/gc/HeapDumpTest fails to verify the dump
P4 JDK-8144332 HSDB could not terminate when close button is pushed.

hotspot/svc-agent

Priority Bug Summary
P3 JDK-8202884 SA: Attach/detach might fail on Linux if debugee application create/destroy threads during attaching

infrastructure/build

Priority Bug Summary
P3 JDK-8192854 FONTCONFIG_CFLAGS missing from spec.gmk.in
P3 JDK-8221789 make reconfigure broken (jdk8u only)
P4 JDK-8210416 [linux] Poor StrictMath performance due to non-optimized compilation
P4 JDK-8210425 [x86] sharedRuntimeTrig/sharedRuntimeTrans compiled without optimization
P4 JDK-8222965 Backport of JDK-8129988 broke the build
P4 JDK-8223219 Backport of JDK-8199552 to OpenJDK 8 leads to duplicate -fstack-protector flags, overriding --with-extra-cflags
P4 JDK-8222975 Fix 'release' file to reflect actual repo checkin used to compile JDK

security-libs/java.security

Priority Bug Summary
P2 JDK-8210432 Add additional TeliaSonera root certificate
P2 JDK-8216577 Add GlobalSign's R6 Root certificate
P2 JDK-8209506 Add Google Trust Services GlobalSign root certificates
P2 JDK-8189131 Open-source the Oracle JDK Root Certificates
P3 JDK-8195774 Add Entrust root certificates
P3 JDK-8196141 Add GoDaddy root certificates
P3 JDK-8199779 Add T-Systems, GlobalSign and Starfield services root certificates
P3 JDK-8222133 Add temporary exceptions for root certs that are due to expire soon
P3 JDK-8195793 Remove GTE CyberTrust Global Root
P3 JDK-8222137 Remove T-Systems root CA certificate
P3 JDK-8222136 Remove two Comodo root CA certificates that are expiring
P3 JDK-8223499 Remove two DocuSign root certificates that are expiring
P3 JDK-8204923 Restore Symantec root verisignclass2g2ca
P3 JDK-8137231 sun/security/rsa/SpecTest.java timeout with Agent error: java.lang.Exception
P3 JDK-8202651 Test ComodoCA.java fails
P4 JDK-8223555 Cleanups in cacerts tests
P4 JDK-8151225 Mark SpecTest.java as intermittently failing
P4 JDK-8156035 Remove intermittent key from sun/security/rsa/SpecTest.java

security-libs/javax.crypto

Priority Bug Summary
P3 JDK-8203228 Branch-free output conversion for X25519 and X448
P3 JDK-8179098 Crypto AES/ECB encryption/decryption performance regression (introduced in jdk9b73)
P3 JDK-8181594 Efficient and constant-time modular arithmetic
P3 JDK-8182999 SunEC throws ProviderException on invalid curves
P4 JDK-8208648 ECC Field Arithmetic Enhancements
P4 JDK-8208698 Improved ECC Implementation
P4 JDK-8201317 X25519/X448 code improvements

security-libs/javax.net.ssl

Priority Bug Summary
P3 JDK-8210985 Update the default SSL session cache size to 20480

tools/javac

Priority Bug Summary
P3 JDK-8218152 [javac] fails and exits with no error if a bad annotation processor provided

tools/launcher

Priority Bug Summary
P3 JDK-8205916 [test] Fix jdk/tools/launcher/RunpathTest to handle both, RPATH and RUNPATH

xml/javax.xml.transform

Priority Bug Summary
P4 JDK-8207760 SAXException: Invalid UTF-16 surrogate detected: d83c ?

xml/jaxp

Priority Bug Summary
P3 JDK-8193830 Xalan Update: Xalan Java 2.7.2