Strengthen Java-Thread-Affinity native integration, documentation, and quality gates #192
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
peter-lawrey
changed the title
Security enhancements: - Enable strict compiler flags (-Werror, -Wextra, -Wconversion) - Add stack protection and buffer overflow detection - Implement proper object file compilation with security flags Version tracking: - Embed PROJECT_VERSION from Maven into native library - Add getVersion0() native method and VERSION constant - Log native library version on load Error handling improvements: - Enhance exception safety in JNI layer - Add proper unused parameter handling - Fix platform-specific conditional compilation Bug fixes: - Fix unused function warning with conditional compilation - Remove duplicate JNI_OnLoad definitions - Fix syntax error in MacOSX.c - Make MacOSX.c compilation conditional on Darwin platform Testing: - Add 27 comprehensive tests for new functionality - Test version tracking, library loading, and error handling - Verify thread safety and memory safety - Total test count increased from 70 to 97 tests All tests pass (97/97), build verified with mvn clean verify. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
…ing; remove deprecated JNA version check
peter-lawrey
changed the title
james-mcsherry
approved these changes
Nov 28, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR hardens the Java-Thread-Affinity module across native code, affinity selection, and timing paths, while adding explicit architecture docs and quality profiles. It also introduces shared
AGENTS.mdguidance for AI and human contributors, and a Claude-specific helper file.Functional changes
Affinity selection and JNA fallback
Refactored
Affinityinitialiser to:NullAffinityon failure.isJNAAvailable()check that reflects the actual JNA presence and version.getAffinity()always returns a valid implementation (falls back toNullAffinityif needed).Native JNI affinity and timer behaviour
Hardened
NativeAffinityJNI layer:getVersion0()and surfaced it asNativeAffinity.VERSION, initialised at class-load time and logged when the native library is present.UnsupportedOperationException/RuntimeExceptionvia JNI, including error handling forsched_setaffinityfailures and unsupported platforms.JNI_OnLoadreturningJNI_VERSION_1_8to make version negotiation explicit.Strengthened
JNIClock:estimateFrequencyloop to always invokerdtsc0()during spin, avoiding the JIT optimising away calls.rdtsc0as astatic nativemethod.Native build pipeline
Reworked
affinity/src/main/c/Makefile:VERSIONandJAVA_HOMEparameters (wired from Mavenexec-maven-plugin) and propagate them via-DPROJECT_VERSIONforgetVersion0().CFLAGS/CXXFLAGS(optimisation, warnings, stack protector, FORTIFY, PIE).libCEInternals.so.sprintftosnprintf.cleantarget that removes both the library and object files.Locking and inter-process coordination
Updated
FileLockBasedLockChecker:getInstance()to return a fresh instance, avoiding long-lived shared state in tests.Tightened
LockCheckhelper methods (storePid,isLockFree) by making thesynchronizedflag placement conventional and explicit.JNA-based affinity helpers
Enriched
LinuxHelper,LinuxJNAAffinity,PosixJNAAffinity,WindowsJNAAffinity,OSXJNAAffinity,SolarisJNAAffinity,Utilities, andVersionHelperwith class-level Javadoc capturing:Normalised
ThreadLocalnaming (THREAD_ID→threadId) to better reflect intent and avoid Checkstyle noise.Ensured
LinuxJNAAffinityandPosixJNAAffinityhandle missing native helpers gracefully (do not throw from static initialisers, rely onLOADEDflags).Ticker and affinity APIs
Documented
BootClassPath,LockInventory, ticker packages, and affinity packages withpackage-info.java:net.openhft.affinityandnet.openhft.tickernow describe purpose, scope, and usage patterns (thread pinning, low-jitter time sources).impl,lockchecker,main,ticker.impl) are explicitly marked as implementation/support code.Adjusted
MicroJitterSamplerbusy-wait loop to use an emptywhilebody without a trailing semicolon in the same line, clarifying intent.Tests and safety nets
Added/updated tests to cover new behaviour:
AffinitySelectionAndFallbackTestandAffinityJnaUnavailableSimulationTestverify default selection on Linux and fallback toNullAffinitywhen JNA is genuinely absent.LinuxAffinityParityTestexercises JNI vs JNA affinity parity on Linux, validating that masks intersect correctly when set via either path.JNIClockBasicBehaviourTestand updatedJNIClockTestvalidate tick changes, monotonic nanoTime behaviour, concurrent access, and tolerance bounds compared toSystem.nanoTime.NativeAffinityEdgeCaseTest,NativeAffinityErrorHandlingTest,NativeAffinityLibraryLoadingTest,NativeAffinityVersionTest, andNativeAffinityVersionIntegrationTestcover:Updated existing tests:
AffinityThreadFactoryMainandAffinityThreadFactoryTestnow useExecutorService#executewith proper interruption handling.LinuxJNAAffinityTestmethod naming aligned with standard Java test naming (linuxJna).LockCheckTestandMultiProcessAffinityTestupdated to use explicit UTF-8 encoding for lock files and avoid unnecessary locals.BaseAffinityTestnow uses afinalTemporaryFolderrule to match JUnit best practices.Added an OSGi test package
net.openhft.affinity.osgiwithpackage-info.javadescribing its role in verifying bundle packaging and service exposure.Docs and guidance
Introduced root-level
AGENTS.md:mvn -q verify), PR etiquette, security checklist, Nine-Box requirement taxonomy, ADR format, and AsciiDoc conventions.Added
affinity/AGENTS.mdto inherit repository rules and add module-specific guidelines (affinity purpose, build commands, quality gates, and platform guardrails).Added
CLAUDE.mdwith:Architecture and requirements docs
Added
affinity/src/main/docs/decision-log.adoccapturing key architectural choices:/proc/cpuinfo-based topology parsing.isolcpususage for jitter reduction.Added
affinity/src/main/docs/project-requirements.adoc:AFF-FN-*,AFF-NF-P-*,AFF-OPS-*,AFF-TEST-*,AFF-DOC-*, etc.).Miscellaneous functional tweaks
FileLockBasedLockChecker.getInstance()now returns a new instance to improve test isolation.AffinityThreadFactoryMainandAffinityThreadFactoryTestslightly adjusted execution patterns but preserve behaviour.LockChecker/LockReferenceformatting cleaned up while preserving API.Non-functional / quality changes
Quality profiles and static analysis
Introduced a
qualityMaven profile in:pom.xml.affinity/pom.xml.affinity-test/pom.xml.Each
qualityprofile:chronicle-quality-rulesand a pinned Checkstyle core (10.26.1), including tests.chronicle-quality-rulesinclude/exclude filters,effort=Max,threshold=Low, andincludeTests=true, bound toprocess-test-classes.Documented in
TODO.mdthat affinity and affinity-test are now Checkstyle/SpotBugs-clean on Java 21 under the shared Chronicle configuration.BOM and dependency alignment
affinity-testnow importsnet.openhft:third-party-bom:3.27ea7.affinitymodule continues to track3.27ea2(unchanged in this diff) but now passesVERSIONdown to the native build.Docs front-matter and AsciiDoc consistency
Added common header attributes to:
LICENSE.adocandREADME.adoc::toc:,:lang: en-GB,:source-highlighter: rouge.Marked code sections in
README.adocwithopts=novalidatewhere appropriate to avoid spurious AsciiDoc validation warnings.Standardised AsciiDoc formatting guidance in
AGENTS.mdand ensured the new docs follow the same rules (automatic section numbering, no manual prefixes, correct list indentation).Repository TODO and compliance traceability
Introduced a repository-scoped
TODO.mdthat:ARCH_TODO.md,TODO_INDEX.md,ADOC_TODO.md, and ISO 9001 / ISO 27001 checklists.TODO_STATUS.md.Security and robustness improvements
Native code:
Java:
NullAffinityfallback when JNA or native paths are not available.AGENTS.mdnow includes a security checklist reminding reviewers to assess validation, authorisation, resource exhaustion, timing, and secrets handling on every PR.Notes for reviewers
Behavioural scope
Affinity semantics are preserved by design: JNA remains the default for affinity control, JNI remains opt-in via
NativeAffinity, andNullAffinityis the safety net when native support is missing.The main behaviour changes are:
Risk / impact
Risk is primarily around native integration on Linux/macOS; the new tests and error-handling paths are intended to reduce this by:
NullAffinityif anything goes wrong in initialisation.