Skip to content

8343467: Remove unnecessary @SuppressWarnings annotations (security) #21844

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 12 commits into from
Closed

8343467: Remove unnecessary @SuppressWarnings annotations (security) #21844

wants to merge 12 commits into from

Conversation

@archiecobbs
Copy link
Contributor

@archiecobbs archiecobbs commented Nov 1, 2024
edited by openjdk bot
Loading

Please review this patch which removes unnecessary @SuppressWarnings annotations.

Progress

  • Change must be properly reviewed (1 review required, with at least 1 Reviewer)
  • Change must not contain extraneous whitespace
  • Commit message must refer to an issue

Issue

  • JDK-8343467: Remove unnecessary @SuppressWarnings annotations (security) (Sub-task - P5)

Reviewers

Reviewing

Using git

Checkout this PR locally:
$ git fetch https://git.openjdk.org/jdk.git pull/21844/head:pull/21844
$ git checkout pull/21844

Update a local copy of the PR:
$ git checkout pull/21844
$ git pull https://git.openjdk.org/jdk.git pull/21844/head

Using Skara CLI tools

Checkout this PR locally:
$ git pr checkout 21844

View PR using the GUI difftool:
$ git pr show -t 21844

Using diff file

Download this PR as a diff file:
https://git.openjdk.org/jdk/pull/21844.diff

Using Webrev

Link to Webrev Comment

@bridgekeeper
Copy link

bridgekeeper bot commented Nov 1, 2024

👋 Welcome back acobbs! A progress list of the required criteria for merging this PR into master will be added to the body of your pull request. There are additional pull request commands available for use with this pull request.

@openjdk
Copy link

openjdk bot commented Nov 1, 2024
edited
Loading

@archiecobbs This change now passes all automated pre-integration checks.

ℹ️ This project also has non-automated pre-integration requirements. Please see the file CONTRIBUTING.md for details.

After integration, the commit message for the final commit will be:

8343467: Remove unnecessary @SuppressWarnings annotations (security)

Reviewed-by: mullan

You can use pull request commands such as /summary, /contributor and /issue to adjust it as needed.

At the time when this comment was updated there had been 78 new commits pushed to the master branch:

  • 2ce53e8: 8345970: pthread_getcpuclockid related crashes in shenandoah tests
  • 266e3d0: 8345590: AIX 'make all' fails after JDK-8339480
  • 1d2ccae: 8345569: [ubsan] adjustments to filemap.cpp and virtualspace.cpp for macOS aarch64
  • a9a5f7c: 8345323: Parallel GC does not handle UseLargePages and UseNUMA gracefully
  • 367c304: 8346059: [ASAN] awt_LoadLibrary.c reported compile warning ignoring return value of function by clang17
  • 31ceec7: 8346055: javax/swing/text/StyledEditorKit/4506788/bug4506788.java fails in ubuntu22.04
  • 09c29d1: 8346069: Add missing Classpath exception statements
  • 28e49e9: 8345505: Fix -Wzero-as-null-pointer-constant warnings in zero code
  • db9eab3: 8311542: Consolidate the native stack printing code
  • 18e0b34: 8344137: Update XML Security for Java to 3.0.5
  • ... and 68 more: https://git.openjdk.org/jdk/compare/cc628a133e471e7edf07831ff386f0eaf57e9bff...master

As there are no conflicts, your changes will automatically be rebased on top of these commits when integrating. If you prefer to avoid this automatic rebasing, please check the documentation for the /integrate command for further details.

➡️ To integrate this PR with the above commit message to the master branch, type /integrate in a new comment.

@openjdk openjdk bot added the rfr Pull request is ready for review label Nov 1, 2024
@openjdk
Copy link

openjdk bot commented Nov 1, 2024

@archiecobbs The following label will be automatically applied to this pull request:

  • security

When this pull request is ready to be reviewed, an "RFR" email will be sent to the corresponding mailing list. If you would like to change these labels, use the /label pull request command.

@openjdk openjdk bot added the security security-dev@openjdk.org label Nov 1, 2024
@mlbridge
Copy link

mlbridge bot commented Nov 1, 2024
edited
Loading

Webrevs

@seanjmullan
Copy link
Member

seanjmullan commented Nov 4, 2024

The files under src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/ and src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom come from 3rd party source code where these warnings are still emitted. Please do not incorporate these changes since it would cause the JDK code to diverge.

@archiecobbs
Copy link
Contributor Author

archiecobbs commented Nov 4, 2024

The files under src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/ and src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom come from 3rd party source code where these warnings are still emitted. Please do not incorporate these changes since it would cause the JDK code to diverge.

@seanjmullan - thanks for the heads-up. Those files should be reverted in dc5340d.

@seanjmullan
Copy link
Member

seanjmullan commented Nov 4, 2024

Thanks. Can you also explain why the unchecked and serial warning suppressions are no longer needed?

@archiecobbs
Copy link
Contributor Author

archiecobbs commented Nov 4, 2024

Can you also explain why the unchecked and serial warning suppressions are no longer needed?

Yes and no...

The annoying answer would be: because they no longer suppress any warnings :)

But I think what you're really asking is: how & why they were put there in the first place? And how over time did they somehow became no longer necessary?

That's a great question, but I don't have any answers because these changes were generated from an automated analysis.

@seanjmullan
Copy link
Member

seanjmullan commented Nov 5, 2024

But I think what you're really asking is: how & why they were put there in the first place? And how over time did they somehow became no longer necessary?

Yes.

That's a great question, but I don't have any answers because these changes were generated from an automated analysis.

Can we find this out? It would be really useful to explain why the warnings are no longer an issue.

@archiecobbs
Copy link
Contributor Author

archiecobbs commented Nov 5, 2024

Can we find this out? It would be really useful to explain why the warnings are no longer an issue.

I haven't checked exhaustively, but all of the ones I've checked appear to be due to either (a) the warning was never needed, or (b) a subsequent refinement of the warning itself which made the code no longer qualify as "warnable".

For an example of (a) see commit 8fb70c7 which added @SuppressWarnings("unchecked") for a cast to type Key, even though Key is not a generic type and so the cast was never unchecked in the first place.

For an example of (b), see commit b431c69 which added @SuppressWarnings("serial") because an anonymous class did not declare serialVersionUID, but then later the warning was was changed to no longer trigger in that situation by JDK-7152104, but the annotation was not removed as part of that commit.

I guess the only other possibility is that the warning stopped working at some point due to a bug, but I haven't seen any examples of that.

@openjdk
Copy link

openjdk bot commented Nov 13, 2024

@archiecobbs this pull request can not be integrated into master due to one or more merge conflicts. To resolve these merge conflicts and update this pull request you can run the following commands in the local repository for your personal fork:

git checkout SuppressWarningsCleanup-security
git fetch https://git.openjdk.org/jdk.git master
git merge FETCH_HEAD
# resolve conflicts and follow the instructions given by git merge
git commit -m "Merge master"
git push

@openjdk openjdk bot added the merge-conflict Pull request has merge conflict with target branch label Nov 13, 2024
@openjdk openjdk bot removed the merge-conflict Pull request has merge conflict with target branch label Nov 13, 2024
@bridgekeeper
Copy link

bridgekeeper bot commented Dec 3, 2024

@archiecobbs This pull request has been inactive for more than 4 weeks and will be automatically closed if another 4 weeks passes without any activity. To avoid this, simply add a new comment to the pull request. Feel free to ask for assistance if you need help with progressing this pull request towards integration!

@archiecobbs
Copy link
Contributor Author

archiecobbs commented Dec 3, 2024

/pingbot

@openjdk
Copy link

openjdk bot commented Dec 3, 2024

@archiecobbs Unknown command pingbot - for a list of valid commands use /help.

seanjmullan
seanjmullan approved these changes Dec 13, 2024
View reviewed changes
Copy link
Member

@seanjmullan seanjmullan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The bug needs an appropriate noreg label (I suggest noreg-cleanup). Otherwise, looks good to me.

@openjdk openjdk bot added the ready Pull request is ready to be integrated label Dec 13, 2024
@archiecobbs
Copy link
Contributor Author

archiecobbs commented Dec 13, 2024

The bug needs an appropriate noreg label (I suggest noreg-cleanup). Otherwise, looks good to me.

Ah yes, thanks. I've added noreg-cleanup. Thanks for the review.

@archiecobbs
Copy link
Contributor Author

archiecobbs commented Dec 13, 2024

/integrate

@openjdk
Copy link

openjdk bot commented Dec 13, 2024

Going to push as commit 4b21fb9.
Since your change was applied there have been 81 commits pushed to the master branch:

  • e7fc0eb: 8345987: java.management has two Util.newObjectName methods (remove one)
  • f647d4d: 8345936: Call ClassLoader.getResourceAsByteArray only for multi-release jar
  • cfa04d3: 8346051: MemoryTest fails when Shenandoah's generational mode is enabled
  • 2ce53e8: 8345970: pthread_getcpuclockid related crashes in shenandoah tests
  • 266e3d0: 8345590: AIX 'make all' fails after JDK-8339480
  • 1d2ccae: 8345569: [ubsan] adjustments to filemap.cpp and virtualspace.cpp for macOS aarch64
  • a9a5f7c: 8345323: Parallel GC does not handle UseLargePages and UseNUMA gracefully
  • 367c304: 8346059: [ASAN] awt_LoadLibrary.c reported compile warning ignoring return value of function by clang17
  • 31ceec7: 8346055: javax/swing/text/StyledEditorKit/4506788/bug4506788.java fails in ubuntu22.04
  • 09c29d1: 8346069: Add missing Classpath exception statements
  • ... and 71 more: https://git.openjdk.org/jdk/compare/cc628a133e471e7edf07831ff386f0eaf57e9bff...master

Your commit was automatically rebased without conflicts.

@openjdk openjdk bot added the integrated Pull request has been integrated label Dec 13, 2024
@openjdk openjdk bot closed this Dec 13, 2024
@openjdk openjdk bot removed ready Pull request is ready to be integrated rfr Pull request is ready for review labels Dec 13, 2024
@openjdk
Copy link

openjdk bot commented Dec 13, 2024

@archiecobbs Pushed as commit 4b21fb9.

💡 You may see a message that your pull request was closed with unmerged commits. This can be safely ignored.

@archiecobbs archiecobbs mentioned this pull request Sep 16, 2025
Open
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@seanjmullan seanjmullan seanjmullan approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

integrated Pull request has been integrated security security-dev@openjdk.org

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@archiecobbs @seanjmullan