HBASE-27594 [JDK17] SecurityManager is deprecated since JDK17 #6932
+423
−374
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
This is a simple attempt to get rid of System.setSecurityManager / System.getSecurityManager usages in hbase so that it makes our path to future JDK upgrades easier! Lets see what CI says. |
NihalJain
commented
Apr 24, 2025
| @@ -131,6 +131,13 @@ | |||
|
|
|||
| <!-- Make the @SuppressWarnings annotations available to Checkstyle --> | |||
| <module name="SuppressWarningsHolder"/> | |||
|
|
|||
| <!-- Custom check to detect System.exit calls --> | |||
There was a problem hiding this comment.
Just FYI: added this checkstyle rule to raise checkstyle an issue if anyone tries to directly use System.exit
NihalJain
commented
Apr 24, 2025
hbase-common/src/test/java/org/apache/hadoop/hbase/SystemExitRule.java
Outdated
Show resolved
Hide resolved
NihalJain
commented
Apr 24, 2025
| @@ -59,6 +61,36 @@ public void testHBaseConfTool() { | |||
| } | |||
| } | |||
|
|
|||
| @Test | |||
| public void testHBaseConfToolError() { | |||
There was a problem hiding this comment.
added a new test to check for failure scenario, should i drop this?
NihalJain
commented
Apr 24, 2025
| @Override | ||
| public void checkExit(int status) throws SecurityException { | ||
| exitCode = status; | ||
| public void exit(int status) throws SecurityException { |
There was a problem hiding this comment.
Should we still throw a SecurityException?
NihalJain
commented
Apr 24, 2025
| }; | ||
| }; | ||
| } | ||
|
|
||
| // Exiting the JVM is not allowed in tests and this exception is thrown instead | ||
| // when it is done | ||
| public static class SystemExitInTestException extends SecurityException { |
There was a problem hiding this comment.
Should we still throw SecurityException?
NihalJain
commented
Apr 24, 2025
| public class ExitHandler { | ||
| private static ExitHandler instance = new ExitHandler(); | ||
|
|
||
| public static ExitHandler getInstance() { |
There was a problem hiding this comment.
should I wrap into Double-Checked Locking. seems overkill for this use case. WDYT?
There was a problem hiding this comment.
Some kind of semaphore to ensure that only one thread in a JVM holds a test instance ?
That would also require releasing each test ExitHandler instance explicitily.
NihalJain
commented
Apr 24, 2025
| return instance; | ||
| } | ||
|
|
||
| public static void setInstance(ExitHandler handler) { |
There was a problem hiding this comment.
should i let this be called from only tests?
There was a problem hiding this comment.
Pull Request Overview
This PR replaces calls to System.exit with a custom ExitHandler to prevent the JVM from terminating during tests and to eliminate deprecated SecurityManager usage.
- Replaces all System.exit calls with ExitHandler.getInstance().exit in production and test code
- Removes TestSecurityManager to further reduce deprecated security manager usage
- Updates SystemExitRule to leverage ExitHandler for controlled exit behavior
Reviewed Changes
Copilot reviewed 113 out of 114 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| hbase-examples/src/main/java/org/apache/hadoop/hbase/mapreduce/SampleUploader.java | Replaces System.exit with ExitHandler.getInstance().exit |
| hbase-examples/src/main/java/org/apache/hadoop/hbase/mapreduce/IndexBuilder.java | Replaces System.exit with ExitHandler.getInstance().exit in main and error handling |
| hbase-endpoint/src/main/java/org/apache/hadoop/hbase/coprocessor/Export.java | Updates exit call to use ExitHandler |
| hbase-diagnostics/src/main/java/org/apache/hadoop/hbase/wal/WALPerformanceEvaluation.java | Replaces System.exit with ExitHandler.getInstance().exit in usage and main |
| hbase-diagnostics/src/main/java/org/apache/hadoop/hbase/master/balancer/LoadBalancerPerformanceEvaluation.java | Replaces System.exit with ExitHandler.getInstance().exit |
| hbase-diagnostics/src/main/java/org/apache/hadoop/hbase/ScanPerformanceEvaluation.java | Replaces System.exit with ExitHandler.getInstance().exit in main |
| hbase-diagnostics/src/main/java/org/apache/hadoop/hbase/PerformanceEvaluation.java | Replaces System.exit with ExitHandler.getInstance().exit in error usage and main |
| hbase-compression/hbase-compression-zstd/src/test/java/org/apache/hadoop/hbase/io/compress/zstd/TestZstdDictionary.java | Replaces System.exit with ExitHandler.getInstance().exit in test usage |
| hbase-common/src/test/java/org/apache/hadoop/hbase/TestSystemExitInTest.java | Uses ExitHandler.getInstance().exit instead of System.exit |
| hbase-common/src/test/java/org/apache/hadoop/hbase/SystemExitRule.java | Updates rule to use ExitHandler for controlled test exits |
| hbase-common/src/main/java/org/apache/hadoop/hbase/util/Random64.java | Replaces System.exit with ExitHandler.getInstance().exit on conflict detection |
| hbase-common/src/main/java/org/apache/hadoop/hbase/util/JenkinsHash.java | Replaces System.exit with ExitHandler.getInstance().exit on usage errors |
| hbase-common/src/main/java/org/apache/hadoop/hbase/util/ExitHandler.java | Introduces custom ExitHandler class to centralize exit functionality |
| hbase-common/src/main/java/org/apache/hadoop/hbase/util/AbstractHBaseTool.java | Replaces System.exit with ExitHandler.getInstance().exit before termination |
| hbase-client/src/test/java/org/apache/hadoop/hbase/ipc/TestCellBlockBuilder.java | Updates test exit usage to use ExitHandler.getInstance().exit |
| hbase-backup/src/main/java/org/apache/hadoop/hbase/backup/mapreduce/MapReduceHFileSplitterJob.java | Replaces System.exit with ExitHandler.getInstance().exit in main |
| hbase-backup/src/main/java/org/apache/hadoop/hbase/backup/RestoreDriver.java | Replaces System.exit with ExitHandler.getInstance().exit in main |
| hbase-backup/src/main/java/org/apache/hadoop/hbase/backup/BackupDriver.java | Replaces System.exit with ExitHandler.getInstance().exit in main |
Files not reviewed (1)
- hbase-checkstyle/src/main/resources/hbase/checkstyle.xml: Language not supported
|
Built code locally, started a standalone hbase cluster and verified exit codes for Screenshot: |
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
|
Failures are not related. Ran the test locally, it passed. 
|
|
🎊 +1 overall
This message was automatically generated. |
|
🎊 +1 overall
This message was automatically generated. |
|
Two general comments: The description is too generic. SecurityManager is used in other places, mainly via HAdoop/UGI, which this patch does not fix. My other questions regarding JVM re-use in tests: |
|
What if there are System.exit calls in the libraries we used? Like hadoop? |
|
Hadoop uses similar ExitHandler mechanism(s). But you're right in that Hadoop should expose this functionality in a standard manner so that we can set this in our tests for Hadoop jobs. Unfortunately I'm not aware of a universal solution. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
ExitHandlerto wrapSystem.exitcalls, preventing JVM termination during tests and throwing an exception instead.System.exitcalls withExitHandler.getInstance().exit.TestSecurityManagerto reduce deprecated security manager usage.SystemExitRuleto useExitHandlerfor controlled exit behavior.System.setSecurityManager/System.getSecurityManagerusages in HBase so that it makes our path to future JDK upgrades easierSystem.setSecurityManagerandSystem.getSecurityManagercalls.