Exit Strategy: using exceptions instead of inline invocation of exit/halt

The current practice is to directly invoke halt/exit right after the line that intends to terminate the execution. In the case of System.exit this could cause deadlocks if the thread invoking System.exit is holding a lock that will be requested by the shutdown hook threads that will be started by System.exit. An example is reported by aozeritsky in KAFKA-3924. This would also makes testing more difficult as it would require mocking static methods of System and Runtime classes, which is not natively supported in Java.

One alternative suggested here would be to throw some dedicated exceptions that will eventually invoke exit/halt:

it would be great to move away from executing `System.exit` inline in favour of throwing an exception (two examples, but maybe we can find better names: FatalExitException and FatalHaltException) that is caught by some central code that then does the `System.exit` or `Runtime.getRuntime.halt`. This helps in a couple of ways:

(1) Avoids issues with locks being held as in this issue
(2) It makes it possible to abstract the action, which is very useful in tests. At the moment, we can't easily test for these conditions as they cause the whole test harness to exit. Worse, these conditions are sometimes triggered in the tests and it's unclear why.
(3) We can have more consistent logging around these actions and possibly extended logging for tests