Update to Java for Mac OS X released

Anyone else been having sporadic “invalid memory address” errors since this update? (I think the error message is actually slightly different, but I forgot to cut and paste it last time I hit it) I’m getting them maybe one out of a hundred runs on some analysis stuff I’m doing, and it’s happening with different apps and applets, so I don’t think it’s my fault in any way (I’m not getting an exception, we’re talking a full crash, no logs or anything, just an error message and the program shuts down).

That’s a Really Bad Thing, especially since the code that causes it is very innocuous, just pure Java number crunching stuff (create an array, fill it with numbers, do some math, print some results). If Apple has borked memory management in this update, then the problem goes a lot deeper than just an occasional crash, there are probably some serious security holes just begging to be exploited - one of the most important things about Java is the fact that the JVM shouldn’t screw this stuff up, and it makes me very nervous to see an implementation that occasionally does.

Perfect example of why it’s a real terrible idea for Apple to handle its own JVM implementation…

One thing is that Apple reverted to their quartz renderer from Sun’s software-only one. This may be the reason for some of the issues (or at least, differences in behavior). To verify, disable quartz renderer -Dapple.awt.graphics.UseQuartz=false .

Dmitri

There is a lot of discussion on the java-dev list at Apple along the lines of “How broken is your app with this update?” Apparently a significant number of people are having issues. Though I don’t recall reading about a hard crash like that. Please report it using Apple’s bug reporter.

Great - just what I needed. My only sales pipeline nerfed in a moment by Apple.
I really need OpenJDK for OSX. Who can help me?

Cas

Cas, have you ever considered trying Unity for your games? Seems like it would work just as well.

Unity needs to be bought, plus it’s totally different than using Java. Sure it’s a great engine (I used it at my company for a few months, no complaints here), but I really don’t think it should be compared to Java itself. They’re completely different. That’s like saying to Cas, “Have you ever thought of using the Unreal Engine for your games?”

How would that help you though? Will you bundle the runtime with your apps?

SoyLatte was the OS X port done by Landon Fuller… the work done on it has been rolled into the OpenJDK code base as I understand it.

http://landonf.bikemonkey.org/code/java/SoyLatte_Meets_OpenJDK.20080819.html

I haven’t had time to look into it… of course expecting the update from Apple to be a bit higher quality. (I’m not currently having any particular issues with it… but their are definitely things that need to be addressed. It’s too bad because at the end of the day users will probably blame Java and not Apple.)

Yep, I’d bundle it with my games. Or at least, the 2mb or so of it that I use.

Cas

more good news on the apple java applet stuff http://blogs.sun.com/javafx/entry/new_security_warning_for_mac

Motherfucker. >:(

Mac OS X is becoming just like Vista, giving me worthless security dialogs for practically everything. “This is a document you downloaded from the internet. Are you sure you want to open it?”

These things save 1 user for every 99 users that get inconvenienced by it. Plus as a power user with two external HD backups that are never both plugged in at once and who doesn’t download random stuff when it could be harmful, I will [i]never[/i find any security pop-ups anywhere useful. So why am I burdened?

WHYYYYYYYYYY?!?!?!??!?!?!?!?! :’(

Well the dialog is just telling the truth. Allowing unrestricted access is very dangerous (and in many cases it’s requested because you want just some little thing and unfortunately you must require full unrestricted access…). Sun should actually use the already present fine-grained Java Security system for applets/webstart and special things like JavaFX should be handled differently.

The dialogs on Mac aren’t quite as bad as Windows… at least you only have one click to say, “yeah, that’s what I want”

I like that it does this actually. Specially if you download something and forget about it for a while and then try to run it. The warning is still there until you say ok that one time… then the warning is gone forever for that file. it’s not so bad.

What we REALLY need is reasonably priced signing certificates. The OS should require that ALL code is signed. Then it is a matter of trusting the entire publisher just once.

But code signing is done by a bunch of rip-off artists. The very idea that you need different “kinds” of certificates to sign code versus use SSL on your site, versus whatever – that’s just the signing authorities being greedy weasels. Why when you go to verisign are you asked if you will be signing code for Java or Windows Authenticode, or Adobe AIR, etc? It’s all the same damn it! A simple asymmetric crypto key pair… They bury this in the fine print… “For ease of use, VeriSign recommends buying a code signing certificate for each developer platform. You could use a code signing certificate for one platform to sign code for others. However, …”

And they charge $499! It would be over priced at $49… and it’s only good for a year! Money grubbing weasel scum… They are like banks, insurance companies, and telcos… I hate them all!

BTW, I came to this thread to mention the new developer preview that was made available today… Mac is actually AHEAD of Sun at the moment.

That was really fast (for Apple especially) to get something available to address the regressions that some were experiencing. And it has the added bonus of being a VERY recent version of Java.

Have you seen that new mac dialogs? Now those are killer scary, much less chance a user will accept them then they would the current dialogs on windows/linux.

Ah cool, hopefully it really has java plugin2 this time.

thx for the update.

[quote]TW, I came to this thread to mention the new developer preview that was made available today… Mac is actually AHEAD of Sun at the moment.
[/quote]
Just wondering where you saw this? I can’t find it.

It was announced on the java-dev email list that Apple runs.

http://lists.apple.com/archives/Java-dev/2009/Jul/msg00076.html

That is the dialog for a certificate that could not be verified - it’s supposed to be scary! So long as a verified certificate presents a more reasonable dialog, I’m fine with that one being as it is.

Yes that means that self-signed certificates are going to yeild dialogs that are scary…, since anyone (virus writer, etc.) could produce such a cerificate there isn’t much that can be done about it. If you are self-signing code you will likely have to provide a bit of a “ReadMe” on your web page to explain the dialog and what it means - possibly even providing instuctions for importing you key as a trusted source. You could even provide a double-clickable .jar file that would import your key.

I honestly think it makes more sense for a imilar scary warning to occur with ALL unsigned software, regardless of the language or platform it is written for. That would force the issue of educating the average user.

That’s why I think it should have been completely delegated to the host OS in the first place.

Cas

Non-trivial to do when from the host OS’ perspective all java software looks like java.exe or javaws.exe – say you trust it once and then ALL java programs could be trusted! I think Sun was forced to implement this themselves, even if the OS did have a similar system in place - like Mac OS X and the “you downloaded this from that scary interweb thingy,do you trust it?” warning. I suppose if the OS did that for opening .JNLP files it might suffice - but you would still be missing the authentication (“we verified it came from X, do you trust X?”, “Do you want ot trust everything from X from now on?”, etc.)… heck maybe it does, I can’t remember.