Category Archives: Java/Java EE

[kcdc 2025] 82 bugs i collected in a year you won’t believe made it to production

Posted on by
Reply

Speaker: Francois Martin

For more see the table of contents

General

  • Collected 382 bugs over 2 years

Bugs

  • Shows places where the accent mark in his name was handled incorrectly
  • Lorem ipsum on website instead of text
  • Ship date 12/31/69 – default time in a different timezone so converted
  • Get it before gone – 0 available
  • All items in pull down are “Object”
  • “null” displayed instead of value
  • Undefined/NaN instead of number
  • Emails missing
  • Everything in English and terms and conditions link in French
  • Dark mode changes background but not text so black on black
  • Viewing 42 of 38
  • 18 of 0 products found
  • Merge first and middle name into first name
  • Clicking + goes from 0 to 1 to 2 to 0 to 3.00000000000000004
  • AI bug – said thought looking for something unrelated
  • Lack to HTML entity decoding
  • Character encoding issues
  • @fmartin_ fails validation. It wasn’t the underscore, Couldn’t get it to be valid even without.
  • Lack of responsiveness; text overlays, menu cutoff
  • Glitching – various things that go away on refresh
  • Placeholders not replaced
  • Unfiltered error message. User shouldn’t/doesn’t need the back end message
  • “2 guest” instead of “2 guests”
  • Text keys instead of translated value
  • Text keys flash and translate a few seconds later. SSR (server side rendering) solves this.
  • Incorrect/missing info

General

  • Defect – imperfection or deficiency where it does not meet requirements or impairs its intended use
  • ex: expose info that shouldn’t. not clear what to do, instructions don’t work
  • Reproducibility doesn’t matter. Once is enough
  • Found more bugs since June. Maybe because of vibe coding?
  • Most bugs are UI. Logic, error handling came in next
  • Of the critical/blockers, data validation and error handling had most bugs

To prevent

  • webdriver.io good for testing mobile
  • end to end testing
  • dog fooding – use the product yourself
  • exploratory testing – experts can find lots of bugs in short time
  • heat map visualization – see where clicks are. dead clicks (click an element and nothing happens. Rage clicks (repeated clicks out of frustration and nothing happens)
  • Turn off stack traces in prod. Only show specific messages
  • Prevent SQL injection and XSS
  • Test in all the languages you support

My take

The session began with a guest – 30 seconds accordion song about bugs and service pack 2. Relaxing and fun; great timing as last session of the day. I enjoyed seeing the examples and also the analysis/statistics about categories of bugs.

[kcdc 2025] Loom is more than Virtual Threads: Structured Concurrency and Scoped Values

Posted on by
Reply

Speaker: Todd Ginsberg

Bluesky: ‪@todd.ginsberg.com‬

For more see the table of contents

Project Loom

Project charter includes;

  • easy to use
  • high throughput
  • lightweight concurrency
  • new programming models on the Java platform

Virtual Threads

  • Platform threads in JVM map to OS threads. Not useful when blocked, memory hungry, limited number by OS, etc
  • Virtual threads have nothing to do with OS. Just memory on heap.
  • When virtual threads have work, mounted to carrier thread.
  • Carrier thread uses OS thread
  • Virtual threads still java.lang.Thread, must lower memory requirements, number limited by heap memory, quick to create, better use of system resources
  • Virtual threads have ids, but not names, by default since you are supposed to use them and then throw away.
  • 2 seconds to create thousands of platform threads. 41 milliseconds to do the same for virtual threads. 368 milliseconds to create a million virtual threads
  • Little’s law: concurrency – arrival rate (aka throughput) * latency. Virtual threads increase thoroughput
  • Do not pool virtual threads. Create, use, expose. You wouldn’t pool other inexpensive objects.

Structured Concurrency

  • API change so still preview in Java 25
  • Suppose have two futures. One that takes 2 seconds and one that takes 4 seconds.
  • Want to kill one when the other fails so not wasting time.
  • While think of as parent/child threads normally, that relationship doesn’t actually exist
  • jps command gives process ids
  • To get thread dump: jcmd <main program process id> Thread.dump_to_file -format=json unstructured.json
  • Goals: promote style of concurrent programming to eliminate common risks, improve concurrency
  • Enforces children don’t outlive parents
  • Explicit relationship between tasks and subtasks, observability is easier, managing work is easier
  • join() – join point waits until all tasks are done and can then interpret results.
  • Create StructuredTaskScope.open() in try with resources which means all or nothing. Whole scope succeeds or fails
  • scope.fork(() -> doWork())
  • scope.join()
  • future.get() to get the answer now that the join is done
  • Can nest scopes

Scoped Values

  • in Java 25 (no longer in preview)
  • ThreadLocal let you set data. Problems: unconstrained mutability (anyone who can read to it can write to it), unbounded lifespan (have to clean up if reusing platform thread), expensive inheritance
  • Scoped values: Immutable, defined lifetime, cheap/free inheritance
  • Ex: static ScopedValue<String> SCOPED. and ScopedValue.where(SCOPED, obj).run(() -> …)
  • Scoped values good for passing data one way. Good when have structured sharing use cases – ex: data many layers way from where you create it
  • Can replace one way ThreadLocal as use case without structured concurrency

My take

Not the point of the talk but I like that he uses Duration.ofMillis() instead of just putting a number. This topic is like pipelines; I needed to hear it a few times from different people for it to click. Given that scope values are in the Java 25 LTS and structured concurrency is not, I was curious how to use scope values alone so nice to hear that.

using the java playground

Posted on by
Reply

I’ve started offering using Oracle’s Java Playground for labs when I do half or full day trainings. While not all features can be used in playground. many can. This lets people do most of it if they bring a corporate laptop where they can’t install the matching version.

This time, I decided to put the Java Playground instructions in a blog post since they aren’t specific to the lab and anyone reading this blog post might find it useful.

Getting started – running simple code

Just put the contents of what would go in a main method. For example,

System.out.println("Java");

Working with classes/records

To use classes or records, you declare them before your code and then put the calling code “loose”.

public class Foo {
  
}

new Foo();

Using long code listings

If the code is too long, you’ll get a suggestion to use an IDE as output. All my labs can be done in the playground except for the modules where stated otherwise. You may have to delete some code in order to get later parts of the module to run. (Commenting out does not work as it does not decrease line length)

Features not supported

If you try to run something that isn’t allowed you get:

Your snippet is trying to perform an unauthorized operation!

Examples of unauthorized operations include:

  • thread operations (sleep, platform threads, virtual threads)
  • reading a system property or environment variable
  • reading/writing from a file