Originally posted by Weasel
View Post
Announcement
Collapse
No announcement yet.
OpenJDK Java's Native Wayland Support Progressing
Collapse
X
-
-
Originally posted by mdedetrich View PostMassive facepalm. People have done benchmarks on this, generally if you are concerned about performance of bounds checking on arrays you need to become a better programmer.
If you insert automatic checks even where they are not needed you need to become a better programmer.
Originally posted by mdedetrich View PostSoftware that has shit security is not quality software by definition.
1) Software with no bounds checks in some parts where input must be validated: security issue, but can be fixed.
2) Software with automatic bounds checks everywhere, even when input is known to be good (for example because it was fucking validated by a parent function already): hopeless, will FOREVER remain shit quality code with redundancy.
3) Software with proper bounds checks only where validation is required: quality software.
(1) can be fixed. (2) is a lost cause, it will forever remain shit. (3) is what everyone should aim for, of course.
Leave a comment:
-
Originally posted by Weasel View PostAnother reason Rust sucks but not so much since you can turn it off at least...
Originally posted by Weasel View PostSoftware quality > security.
Originally posted by Weasel View PostAdding pointless checks, especially when it's not even the proper place for them, is just disgusting. Checks should be added to validate untrusted input, but if you automatically add them everywhere, you'll have disgusting code generated in places it shouldn't be, by design.Last edited by mdedetrich; 28 September 2022, 01:31 PM.
Leave a comment:
-
Originally posted by mdedetrich View PostOh come on, seriously stop it. This is so little of a bottleneck that even Rust, by default, does a bounds check every time an array is accessed. It can be turned off, but its highly recommend not to do so because it opens the floodgate for security issues (which is ironically the reason why Java does it). And this is Rust we are talking about, which has libraries that compete in terms of performance/memory usage with C/C++.
Originally posted by mdedetrich View PostSo many times a single time a C developer thinks they are "smart" by micro-optimizing their code and not doing a bounds check, only to find out a decade later that some high level CVE security exploit is discovered.
Adding pointless checks, especially when it's not even the proper place for them, is just disgusting. Checks should be added to validate untrusted input, but if you automatically add them everywhere, you'll have disgusting code generated in places it shouldn't be, by design.
Leave a comment:
-
Originally posted by caligula View Post
FWIW those small design decisions by the Java team make all sorts of code slower by default. Did you know that Java, in general, cannot even guarantee access to array elements without doing bounds checks every time
So many times a single C developer thinks they are "smart" by micro-optimizing their code and not doing a bounds check, only to find out a decade later that some high level CVE security exploit is discovered.Last edited by mdedetrich; 28 September 2022, 12:03 PM.
Leave a comment:
-
Originally posted by Vorpal View Post
Fortunately I don't need to. I have modern beefy computers. As long as the program runs well enough I don't care.
- Likes 3
Leave a comment:
-
Originally posted by caligula View Post
Both Java and Electron based IDEs ship with a VM of their own. Jetbrains isn't even compatible with the standard OpenJDK, thus there's a need for a custom VM.
Leave a comment:
-
Originally posted by caligula View PostPlease try to run IDEA on some Pentium 3/4 class machine to edit plain text files. Then compare with Geany or Code::blocks.Last edited by Vorpal; 26 September 2022, 11:58 AM. Reason: So many typos fixed. Stupid phone auto correction.
- Likes 1
Leave a comment:
-
Originally posted by mdedetrich View PostGenerally speaking in any language you can create perverse situations where a compiler doesn't optimize certain code, even in C/C++
What you say is also correct - despite having these inefficiencies it's still possible to write your code in a more efficient way if you know what you're doing. Also I'm not referring to CLion, but the IntelliJ products in general. The GUI is a bit sluggish. Just compare with something like Code::blocks or some old Tcl/Tk application. It has very much to do with basic handling of event dispatch, reactive GUI elements, generation of short-lived bogus garbage objects. E.g. some toolkits create a new Object every time you move the mouse. For every mickey. That's a huge amount of objects on modern systems with 300 dpi screens and 20000 dpi pointing devices. Some other GUI toolkits are able to immediately reuse the storage. Sure Java has an efficient memory pool for those objects, but it's still a bit slower and generates extra work. Like I said these inefficiencies are extremely tiny, but when your app has millions of lines of code, and all coding conventions are a bit sloppy (wrt performance), the slowness starts to accumulate. It's much easier to notice if you're willing to use those tools on older hardware. Again I'm not talking about parsing code or Intellisense. Please try to run IDEA on some Pentium 3/4 class machine to edit plain text files. Then compare with Geany or Code::blocks.
Leave a comment:
Leave a comment: