JDK-8265137 : java.util.Random suddenly has new public methods nowhere documented
- Type: Bug
- Component: core-libs
- Sub-Component: java.util
- Affected Version: 17
- Priority: P3
- Status: Resolved
- Resolution: Fixed
- OS: generic
- CPU: generic
- Submitted: 2021-04-13
- Updated: 2024-04-30
- Resolved: 2021-05-04
The Version table provides details related to the release that this issue/RFE will be addressed.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
| JDK 17 |
|---|
17 b21Fixed  |
Related Reports
|
CSR :
|
|
|
Duplicate :
|
|
|
Relates :
|
|
|
Relates :
|
|
|
Relates :
|
Description
while investigating some issues with build 17 of openJDK in combination with the forbiddenapis Maven/Gradle plugin I noticed that starting with JDK 17 b17 java.util.Random now extends some internal class of some jdk.internal package (jdk.internal.util.random.RandomSupport.AbstractSpliteratorGenerator). This is not really great, but shows what the module system can do. Tools owners (like forbiddenapis) have to work around that until full module system support is there.
But the extension of class jdk.internal.util.random.RandomSupport.AbstractSpliteratorGenerator brings some other problems: As the class is in another package, it implements some public methods (with some intro comment "Required by AbstractSpliteratorGenerator" - so implementor knows that's something strange): https://github.com/openjdk/jdk/blob/a0ec2cb289463969509fe508836e3faf789f46d8/src/java.base/share/classes/java/util/Random.java#L618-L626
Those methods are marked by the Javadoc tag @hidden. So they are nowhere documented and are implementation details. But those methods are still visible as public methods and also shown by IDE tools during autocomplete!
The following code compiles!!!:
import java.util.Random;
public class RandomTest {
public static void main(String... args) {
new Random().makeLongsSpliterator(0L, 10L, 1L, 5L);
}
}
This should not be possible, as makeLongsSpliterator is nowhere documented, so code may accidentally use it.
I have not looked at the other implementations like SecureRandom and others, but I suspect they have the same problem.
IMHO, the code should not extend this internal abstract class and instead use a private implementation of the the abstract class and just delegate to it. It should also declare "implements RandomGenerator" directly. Reading the code is too confusing!
The current class design with extending classes hidden in other modules and implementing partially hiden methods is not a good thing, so please fix this!
Comments
|