--- old/src/java.base/share/classes/sun/invoke/util/VerifyAccess.java	2018-02-11 21:06:09.155060581 -0500
+++ new/src/java.base/share/classes/sun/invoke/util/VerifyAccess.java	2018-02-11 21:06:07.678975605 -0500
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2008, 2017, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2008, 2018, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -44,7 +44,6 @@
     private static final int PACKAGE_ALLOWED = java.lang.invoke.MethodHandles.Lookup.PACKAGE;
     private static final int PROTECTED_OR_PACKAGE_ALLOWED = (PACKAGE_ALLOWED|PROTECTED);
     private static final int ALL_ACCESS_MODES = (PUBLIC|PRIVATE|PROTECTED|PACKAGE_ONLY);
-    private static final boolean ALLOW_NESTMATE_ACCESS = false;
 
     /**
      * Evaluate the JVM linkage rules for access to the given method
@@ -62,23 +61,29 @@
      * the defining class should be passed for both arguments ({@code defc == refc}).
      * <h3>JVM Specification, 5.4.4 "Access Control"</h3>
      * A field or method R is accessible to a class or interface D if
-     * and only if any of the following conditions is true:<ul>
-     * <li>R is public.
+     * and only if any of the following is true:
+     * <ul>
+     * <li>R is public.</li>
      * <li>R is protected and is declared in a class C, and D is either
-     *     a subclass of C or C itself.  Furthermore, if R is not
-     *     static, then the symbolic reference to R must contain a
-     *     symbolic reference to a class T, such that T is either a
-     *     subclass of D, a superclass of D or D itself.
-     * <li>R is either protected or has default access (that is,
-     *     neither public nor protected nor private), and is declared
-     *     by a class in the same runtime package as D.
-     * <li>R is private and is declared in D.
+     *     a subclass of C or C itself. Furthermore, if R is not static,
+     *     then the symbolic reference to R must contain a symbolic
+     *     reference to a class T, such that T is either a subclass of D,
+     *     a superclass of D, or D itself.
+     *     <p>During verification, it was also required that, even if T is
+     *     a superclass of D, the target reference of a protected instance
+     *     field access or method invocation must be an instance of D or a
+     *     subclass of D (4.10.1.8).</p></li>
+     * <li>R is either protected or has default access (that is, neither
+     *     public nor protected nor private), and is declared by a class
+     *     in the same run-time package as D.</li>
+     * <li>R is private and is declared in D by a class or interface
+     *     belonging to the same nest as D.</li>
      * </ul>
-     * This discussion of access control omits a related restriction
-     * on the target of a protected field access or method invocation
-     * (the target must be of class D or a subtype of D). That
-     * requirement is checked as part of the verification process
-     * (5.4.1); it is not part of link-time access control.
+     * If a referenced field or method is not accessible, access checking
+     * throws an IllegalAccessError. If an exception is thrown while
+     * attempting to determine the nest host of a class or interface,
+     * access checking fails for the same reason.
+     *
      * @param refc the class used in the symbolic reference to the proposed member
      * @param defc the class in which the proposed member is actually defined
      * @param mods modifier flags for the proposed member
@@ -98,9 +103,10 @@
             return false;
         }
         // Usually refc and defc are the same, but verify defc also in case they differ.
-        if (defc == lookupClass &&
+        if (defc == lookupClass  &&
             (allowedModes & PRIVATE) != 0)
-            return true;        // easy check; all self-access is OK
+            return true;        // easy check; all self-access is OK with a private lookup
+
         switch (mods & ALL_ACCESS_MODES) {
         case PUBLIC:
             return true;  // already checked above
@@ -126,14 +132,20 @@
             return ((allowedModes & PACKAGE_ALLOWED) != 0 &&
                     isSamePackage(defc, lookupClass));
         case PRIVATE:
-            // Loosened rules for privates follows access rules for inner classes.
-            return (ALLOW_NESTMATE_ACCESS &&
-                    (allowedModes & PRIVATE) != 0 &&
-                    isSamePackageMember(defc, lookupClass));
+            // Rules for privates follows access rules for nestmates.
+            boolean canAccess = ((allowedModes & PRIVATE) != 0 &&
+                                 Reflection.areNestMates(defc, lookupClass));
+            // FIX ME: Sanity check refc == defc. Either remove or convert to
+            // plain assert before integration.
+            myassert((canAccess && refc == defc) || !canAccess);
+            return canAccess;
         default:
             throw new IllegalArgumentException("bad modifiers: "+Modifier.toString(mods));
         }
     }
+    static void myassert(boolean cond) {
+        if (!cond) throw new Error("Assertion failed");
+    }
 
     static boolean isRelatedClass(Class<?> refc, Class<?> lookupClass) {
         return (refc == lookupClass ||