Karl Seguin

• Scale Cheaply - Memcached

  I generally subscribe to the attitude that premature optimizations are evil, but I strongly believe that a robust caching strategy should evolve alongside the rest of the system. Waiting too long makes it hard to cleanly and thoughtfully add caching. Besides, in my experience, a considered caching strategy generally means I worry less about performance in other areas - especially data access and data modelling. In other words, I can build those complex parts for maintainability, as opposed to having to worry about the cost of each individual query. .NET developers are pretty cache-savvy - thanks largely in part to the powerful System.Web.Caching namespace and ASP.NET's simple to use OutputCaching capabilities. For that reason, and the fact that it tends to be very application specific, I don't want to go over how to decide what to cache, how to deal with synch issues, updates and so on. Instead, I specifically want to talk about Memcached. You're probably already familiar with Memcached - it's a highly efficient distributed caching system. It's used generously by all the big web 2.0 players (In may 2007 it was revealed that Facebook relies on 200 16GB quad-core dedicated Memcached servers). Interest in Memcached from the .NET community has been relatively low (although over the last year more and more people are talking about it). Frankly, if you're doing anything that requires horizontal scaling you're seriously shooting yourself in the foot by overlooking it. It runs on windows - although we run it on Linux and there's really no reason for you not to learn that too! Fundamentally, there are two problems with the built-in cache. First, it's limited to the memory of a single system which happens to be shared with the rest of your application domain. Secondly, if you have two servers, each with their own in-memory cache, users are likely to see very weird synching issues. Memcached isn't as fast as in-memory caching, but will scale to virtually unlimited amount of memory. There isn't any redundancy of failover, simply memory spread across multiple servers. The best part is that it literally takes seconds to get it up and running. First, download a windows build onto your development machine here. (look for the win32 binary of memcached). Unzip the package somewhere, I put mine in c:\program files\memcached\. Next, from the command line, run memcached -d install. This will install memcached as a service. You can run memcached -h for more command lines options. You'll need to start the service (I also changed my startup type to manual, but that's completely up to you). The next step is to install the client library. I use suggest Enyim Memcached from CodePlex. The project comes with a sample configuration file, which you should be able to easily incorporate into your web.config or app.config. While developing, only put one server 127.0.0.1 on port 11211 (which is the default). You also need to add a reference to the two dlls. Aside from that, you basically program against a simple API. You create an instance of MemcachedClient (it's thread-safe so you can use a singleton, or re-create it since it's inexpensive to create), and call Store, Get or Remove (or a few other useful methods) like you would the normal cache object. As I've blogged about before (here and here), I'm a fan of hiding all of this behind an interface to ease mocking and swapping. Here's an example: MemcachedClient client = new MemcachedClient(); client.Store(StoreMode.Set, "Startup", DateTime.Now, DateTime.Now.AddMinutes(20)); DateTime startup = client.Get<DateTime>("Startup"); client.Remove("Startup"); Posted Jul 07 2008, 07:40 PM by karl with 6 comment(s)

• Get Your Func On

  I've noticed that I have a 2 step pattern for learning new framework or language features. I'm guessing this is pretty typical for most people. First, I'll use the feature within framework classes or 3rd party ddls. Then I'll leverage it more directly within my own code. What's surprising to me is the length of time which occurs between step 1 and step 2. Take generics for example. Back in the 1.x days, I wrote a ton of repetitive classes that inherited from CollectionBase. So when 2.0 came out, I immediately and aggressively started to use generic collections. However, it was quite some time later (a year?) until I wrote my own class that leveraged them directly. Today, I don't write a new generic class every day, but I do consider them an important part of my toolbox and kinda wonder what took me so long to take them up. I have a feeling that many developers are in the same boat - it's easy to consume code that implements new features, but not so easy to grasp how to implement those same features ourselves. As it turns out, the other day, I had another such ah-hah moment with the System.Func generic delegate. Like me, you've probably consumed it often, or at least one of its cousins: System.Action and System.Predicate. I thought I'd show how I used it, in hopes that it might open up some possibilities for you. Ovewview First though, a brief overview. The three delegates above are essentially shortcuts that save you from having to write your own common delegate. The most common one is probably Predicate<T>, which returns a boolean. Predicte<T> is used extensively by the List<T> and Array classes. The most obvious is the Exist method: List<string> roles = user.Roles; if (roles.Exists(delegate(string r) { return r == "admin";})) { //do something } or the lambda version (which I much prefer) if (role.Exists(r => r == "admin)) { } Func<T> is a lot like Predicate, but instead of returning a boolean it returns T. Also, Func<T> has multiple overloads that let you pass 0 to 4 input parameters into the delegate. Action<T> is like Func<T> except it doesn't return anything - it does an action. Code Decoupling So, how can you make use of these within your own code? Well, here's what I did. First, I'm a big proponent of caching, as well as a big fan of unit testing. However, the two don't easily go hand-in-hand because Microsoft doesn't provide an interface to their built-in cache, which leads to tight coupling (which of course makes it difficult to change caching implementation down the road, and impossible to unit test). The first thing to do is create your own interface, a simple start might look like: public interface ICacheManager { T Get<T>(string key); void Insert(string key, object value); } Next comes our first implementation: public class InMemoryCacheManager : ICacheManager { public T Get<T>(string key) { return (T) HttpRuntime.Cache.Get(key); } public void Insert(string key, object value) { HttpRuntime.Cache.Insert(key, value); } } Func Fights Repitition So, what does all this have to do with System.Func? Well, the above code is used in a very repetitive manner: get the value from the cache, if it's null, load it from somewhere and put it back in the cache. For example: public User GetUserFromId(int userId) { ICacheManager cache = CacheFactory.GetInstance; string cacheKey = string.Format("User.by_id.{0}", userId); User user = cache.Get(cacheKey); if (user == null) { user = _dataStore.GetUserFromId(userId); cache.Insert(cacheKey, user); } return user; } After a year or so of writing code like this, I figured there must be a better way, which of course is where Func comes in. Ideally, we'd like to get the value, and provide our callback code all at once. So, let's change our interface: public interface ICacheManager { T Get<T>(string key, Func<T> callback); void Insert(string key, object value); } The second parameter is the delegate we'll want to execute if Get returns null. Of course our delegate will return the same type (T) as Get would - just like in the above case where we expect a User from both Get and our data store. Here's the actual implementation: public T Get<T> (string key, Func<T> callback) { T item = (T) HttpRuntime.Cache.Get(key); if (item == null) { item = callback(); Insert(key, item); } return item; } How do we use the above code? public User GetUserFromId(int userId) { return CacheFactory.GetInstance.Get(string.Format("User.by_id.{0}", userId), () => _dataStore.GetUserFromId(userId)); } I know the () => syntax might be intimidating (especially if you aren't familiar with lambdas), but all it is is a parameterless delegate. Of course, this system can easily be expanded to add additional caching instructions (absolute/sliding expiries, dependencies and so on) via overloaded Get<T> and Insert members. (I just noticed this example also highlights how to use generics within your own code too!) Posted Jul 03 2008, 08:15 PM by karl with 15 comment(s)

• Scale Cheaply - Sharding

  There are a lot of expensive ways to scale your database – all of which are highly touted by the big three database vendors because, well, they want to sell you all types of really expensive stuff. Despite what an “engagement consultant” might tell you though, most of the high-traffic websites on the web (google, digg, facebook) rely on far cheaper and better strategies: the core of which is called sharding. What’s really astounding is that sharding is database agnostic – yet only the MySQL crowd seem to really be leveraging it. The sales staff at Microsoft, IBM and Oracle are doing a good job selling us expensive solutions. Sharding is the separation of your data across multiple servers. How you separate your data is up to you, but generally it’s done on some fundamental identifier. For example, if we were building a hosted bug tracking site, our data model would likely look something like: Every Client is pretty much isolated from all other Clients. So if we put all of Client 1’s data on Server 1 and Client 2’s data on Server 2, our system will run just fine. This scales out horizontally infinitely well (there’s little to no overhead). Our first 500 clients can all go on our first server, at which point we can introduce a second database server and place our next 500 clients. Servers need only be added when actually needed, and there’s no need for management servers, load balancers or anything else – just straight database connections. One of the disadvantages of sharding is that it does impact your code. You need to figure out which database to connect to. For our simple scenario above, this isn’t too difficult: using (SqlConnection connection = GetConnection(clientId)) { ... } private static SqlConnection GetConnection(int clientId) { string connectionString; if (clientId <= 500) { connectionString = _connectionStrings[0]; } else { connectionString = _connectionStrings[1]; } return new SqlConnection(connectionString); } This is a simplified example, but should be pretty easy to expand on. Another approach is to use a modulus to figure out which connection string to use, something like: return new SqlConnection(connectingString[clientId % _connectingString.Length]); This brings up another problem with sharding (a big one) – repartitioning your data. If we pick the above modulus algorithm with 2 servers and 2 clients then:      Client 2 will be associated to ConnectionString[0] (2 % 2 == 0)      Client 1 will be associated to ConnectionString[1] (1 % 2 == 1) If we now add a bunch of clients along with a 3rd server, then our code expects to find Client 2 on a different server (2 % 3 == 2). Essentially what this means is that you’ll need a repartitioning strategy – whether that’s an advanced connection manager configuration approach, or bulk copy scripts. The good news is that all of this should be deep inside your data layer and completely hidden from your calling code. There are many ways to handle this, pick whatever seems simplest. The last hurdle to overcome is actually sharding your data. Our bug hosted example was pretty straightforward, but even it has limitations. When a client creates a new account they are asked to submit their subdomain of choice. We need to check whether that subdomain is available or not – which isn’t trivial since our data is spread all around. Similarly, when a user logs in, we don’t yet know which client they belong to, therefore we can’t figure out which database server to hit for authentication. In such cases, rather than sharding data on a key, you shard on purpose. Essentially, this means you have a database dedicated to your Users table, as well as a ClientHost table which does nothing more than provide a single place to look up whether a host is available or not. Again, this is something that your data access layer must be aware of. Despite these issues, sharding is my preferred database scaling choice by far. All the issues can be fixed with a bit of code deep within your data layer. The performance advantage AND cost advantage make it a no-brainer. The only reason to consider clustering is for high availability scenarios, or in cases where your bottleneck is data that cannot be easily split. Also, keep in mind that sharding typically plays nice with replication or clustering, so these aren't necessarily exclusive strategies. Posted Jun 30 2008, 11:11 AM by karl with 24 comment(s)

• Foundations of Programming Ebook

  I'm excited to finally release the official, and completely free, Foundations of Programming EBook. This essentially contains all 9 Foundation parts including a conclusion and some typical book fluff (table of content, acknowledgement and so on). A number of spelling errors were corrected, along with some small technical changes and clarifications - largely based on feedback, so thanks for everyone who provided it! Otherwise it's exactly the same as what's been posted here over the past several months.   Download it from http://codebetter.com/files/folders/codebetter_downloads/entry179694.aspx    If the above link fails, you can also get it from http://www.openmymind.net/FoundationsOfProgramming.pdf Posted Jun 24 2008, 02:53 PM by karl with 54 comment(s) Filed under: Foundations

• Foundations of Programming - pt 9 - Proxy This and Proxy That

  Few keywords are as simple yet amazingly powerful as virtual in C# (overridable in VB.NET). When you mark a method as virtual you allow an inheriting class to override the behavior. Without this functionality inheritance and polymorphism wouldn't be of much use. A simple example, slightly modified from Programming Ruby (ISBN: 978-0-9745140-5-5), which has a KaraokeSong overrides a Song's to_s (ToString) function looks like: class Song def to_s return sprintf("Song: %s, %s (%d)", @name, @artist, @duration) end end class KaraokeSong < Song def to_s return super + " - " @lyrics end end The above code shows how the KaraokeSong is able to build on top of the behavior of its base class. Specialization isn't just about data, it's also about behavior! Even if your ruby is a little rusty, you might have picked up that the base to_s method isn't marked as virtual. That's because many languages, including Java, make methods virtual by default. This represents a fundamental differing of opinion between the Java language designers and the C#/VB.NET language designers. In C# methods are final by default and developers must explicitly allow overriding (via the virtual keyword). In Java, methods are virtual by default and developers must explicitly disallow overriding (via the final keyword). Typically virtual methods are discussed with respect to inheritance of domain models. That is, a KaraokeSong which inherits from a Song, or a Dog which inherits from a Pet. That's a very important concept, but it's already well documented and well understood. Therefore, we'll examine virtual methods for a more technical purpose: proxies. Proxy Domain Pattern A proxy is something acting as something else. In legal terms, a proxy is someone given authority to vote or act on behalf of someone else. Such a proxy has the same rights and behaves pretty much like the person being proxied. In the hardware world, a proxy server sits between you and a server you're accessing. The proxy server transparently behaves just like the actual server, but with additional functionality - be it caching, logging or filtering. In software, the proxy design pattern is a class that behaves like another class. For example, if we were building a task tracking system, we might decide to use a proxy to transparently apply authorization on top of a task object: public class Task { public static Task FindById(int id) { return TaskRepository.Create().FindById(id); } public virtual void Delete() { TaskRepository.Create().Delete(this); } } public class TaskProxy : Task { public override void Delete() { if (User.Current.CanDeleteTask()) { base.Delete(); } else { throw new PermissionException(...); } } } Thanks to polymorphism, FindById can return either a Task or a TaskProxy. The calling client doesn't have to know which was returned - it doesn't even have to know that a TaskProxy exists. It just programs against the Task's public API. Since a proxy is just a subclass that implements additional behavior, you might be wondering if a Dog is a proxy to a Pet. Proxies tend to implement more technical system functions (logging, caching, authorization, remoting, etc) in a transparent way. In other words, you wouldn't declare a variable as TaskProxy - but you'd likely declare a Dog variable. Because of this, a proxy wouldn't add members (since you aren't programming against its API), whereas a Dog might add a Bark method. Interception The reason we're exploring a more technical side of inheritance is because two of the tools we've looked at so far, RhinoMocks and NHibernate, make extensive use of proxies - even though you might not have noticed. RhinoMocks uses proxies to support its core record/playback functionality. NHibernate relies on proxies for its optional lazy-loading capabilities. We'll only look at NHibernate, since it's easier to understand what's going on behind the covers, but the same high level pattern applies to RhinoMocks. (A side note about NHibernate. It's considered a frictionless or transparent O/R mapper because it doesn't require you to modify your domain classes in order to work. However, if you want to enable lazy loading, all members must be virtual. This is still considered frictionless/transparent since you aren't adding NHibernate specific elements to your classes - such as inheriting from an NHibernate base class or sprinkling NHibernate attributes everywhere.) Using NHibernate there are two distinct opportunities to leverage lazy loading. The first, and most obvious, is when loading child collections. For example, you may not want to load all of a Model's Upgrades until they are actually needed. Here's what your mapping file might look like: <class name="Model" table="Models"> <id name="Id" column="Id" type="int"> <generator class="native" /> </id> ... <bag name="Upgrades" table="Upgrades" lazy="true" > <key column="ModelId" /> <one-to-many class="Upgrade" /> </bag> </class> By setting the lazy attribute to true on our bag element, we are telling NHibernate to lazily load the Upgrades collection. NHibernate can easily do this since the it returns it uses its own collection types (which all implement standard interfaces, such as IList, so to you, it's transparent). The second, and far more interesting, usage of lazy loading is for individual domain objects. The general idea is that sometimes you'll want whole objects to be lazily initialized. Why? Well, say that a sale has just been made. Sales are associated with both a sales person and a car model: Sale sale = new Sale(); sale.SalesPerson = session.Get<SalesPerson>(1); sale.Model = session.Get<Model>(2); sale.Price = 25000; session.Save(sale); Unfortunately, we've had to go to the database twice to load the appropriate SalesPerson and Model - even though we aren't really using them. The truth is all we need is their ID (since that's what gets inserted into our database), which we already have. By creating a proxy, NHibernate lets us fully lazy-load an object for just this type of circumstance. The first thing to do is change our mapping and enable lazy loading of both Models and SalesPeoples: <class name="Model" table="Models" lazy="true" proxy="Model">...</class> <class name="SalesPerson" table="SalesPeople" lazy="true" proxy="SalesPerson ">...</class> The proxy attribute tells NHibernate what type should be proxied. This will either be the actual class you are mapping to, or an interface implemented by the class. Since we are using the actual class as our proxy interface, we need to make sure all members are virtual - if we miss any, NHibernate will throw a helpful exception with a list of non-virtual methods. Now we're good to go: Sale sale = new Sale(); sale.SalesPerson = session.Load<SalesPerson>(1); sale.Model = session.Load<Model>(2); sale.Price = 25000; session.Save(sale); Notice that we're using Load instead of Get. The difference between the two is that if you're retrieving a class that supports lazy loading, Load will get the proxy, while Get will get the actual object. With this code in place we're no longer hitting the database just to load IDs. Instead, calling Session.Load<Model>(2) returns a proxy - dynamically generated by NHibernate. The proxy will have an id of 2, since we supplied it the value, and all other properties will be uninitialized. Any call to another member of our proxy, such as sale.Model.Name will be transparently intercepted and the object will be just-in-time loaded from the database. Just a note, NHibernate's lazy-load behavior can be hard to spot when debugging code in Visual Studio. That's because VS.NET's watch/local/tooltip actually inspects the object, causing the load to happen right away. The best way to examine what's going on is to add a couple breakpoints around your code and check out the database activity either through NHibernate's log, or SQL profiler. Hopefully you can imagine how proxies are used by RhinoMocks for recording, replaying and verifying interactions. When you create a partial you're really creating a proxy to your actual object. This proxy intercepts all calls, and depending on which state you are, does its own thing. Of course, for this to work, you must either mock an interface, or a virtual members of a class. In This Chapter In chapter 6 we briefly covered NHibernate's lazy loading capabilities. In this chapter we expanded on that discussion by looking more deeply at the actual implementation. The use of proxies is common enough that you'll not only frequently run into them, but will also likely have good reason to implement some yourself. I still find myself impressed at the rich functionality provided by RhinoMock and NHibernate thanks to the proxy design pattern. Of course, everything hinges on you allowing them to override or insert their behavior over your classes. Hopefully this chapter will also make you think about which of your methods should and which shouldn't be virtual. I strongly recommend that you take a look at the following articles/posts to better understand the virtual by default vs final by default points of view: Anders Hejlsberg's explanation on why C# is final by default Two posts by Eric Gunnerson from Microsoft about the topic (make sure to read the comments!) - post 1 and post 2 And, representing the virtual by default camp, Michael Feathers' point of view Posted Jun 18 2008, 08:32 AM by karl with 5 comment(s) Filed under: Foundations

• Resharper 4

  It's hard to imagine that almost a year has gone by since my jab at Resharper's 3.0 lack of support for .NET 3.5. Yesterday I finally got around to installing thew newly released Resharper 4 and I'm more then blown away by some of the new features. Not only does it fully support the new syntax (lambdas, linq, anonymous types and so on), but it offers some nice new features. The first thing I noticed was that the "Reformat" feature - which i use a lot -  has been renamed to "Cleanup Code" and not only does more, but also supports profiles - so different code cleanup profiles can do different things. One thing i haven't figured out yet is how to edit the 2 default profiles The next thing that surprised me was that Resharper suggested I use object initialization. So given: task t = new Task(); t.Name = "Test"; and hitting alt-enter, resulted in: Task t = new Task {Name = "Test"}; Similarly, Resharper suggests  using implicit type variable. David already blogged about this - and like him, I also disabled this suggestion. However, if you're with JP on this, you'll certainly appreciate the helpful tip. One feature I'm on the fence about is their JetBrains.Annotation assembly. With it, you can decorate your members usings JetBrain-specific attributes to provide even better integration. For example, given a method that behaves like string.Format, I can add a StringFormatMethod attribute: [StringFormatMethod("key")] public void Put(string key, params object[] args) { ... } This then allows Resharper to provide additional information, so if I do: Put("testing {0}, {1}, {2}", 1, 2); Resharper will tell me that {2} doesn't have a matching argument. It's a neat feature, but there's something strange about adding a JetBrain's 'dll to my project. Generally, I think Resharper's a must-have. If you have an older version and aren't working on 3.5 code, then save your money. However, if you're doing even a little bit of 3.5 programming, then this thing is totally worth it. I have three complains/concerns. First, I wish more of the windows docked. For example, I wish "Recent Edits" was dockable. While we're on the topic of recent edit, Resharper should look at what e-TextEditor does and provide THAT amazing functionality. Secondly, each version of Resharper gets progressivley more complex. There are more shortcuts (like the new ctrl-shift-enter) and more configuration. The barrier to entry is starting to get a little high. Although the couple hours you might spend configuring it are quickly made up. Finally, price. I can't help but feel that, despite the amazing value, upgrading from 3.0 to 4.0 should be less than $100. Maybe I feel that way 'cuz 3.0 was a bit of let-down for me (I know it wasn't for everyone, especially VB.NET developers), and also because I think everyone should use it. What are you waiting for? Get your free 30 day trial now. P.S - I downloaded that sucker at 8meg/sec from their Rackspace server - that's insane (rackspace is in Texas, I'm all the way north in Ottawa). And while I still love Rackspace, I'm a far bigger fan of SoftLayer. Same thing but  $600/month cheaper, $0.20/gb instead of like $2.00, and amazingly useful iSCSI.   Posted Jun 12 2008, 09:30 AM by karl with 6 comment(s)

• Foundations of Programming - pt 8 - Back to Basics: Exceptions

  Exceptions are such powerful constructs that developers can get a little overwhelmed and far too defensive when dealing with them. This is unfortunate because exceptions actually represent a key opportunity for developers to make their system considerably more robust. In this chapter we'll look at three distinct aspects of exceptions : handling, creating and throwing them. Since exceptions are unavoidable you can neither run nor hide, so you might as well leverage. Handling Exceptions Your strategy for handling exceptions should consist of two golden rules: 1 - Only handle exceptions that you can actually do something about, and 2 - You can't do anything about the vast majority of exceptions Most new developers do the exact opposite of the first rule, and fight hopelessly against the second. When your application does something deemed exceptionally outside of its normal operation the best thing to do is fail right then and there. If you don't you won't only lose vital information about your mystery bug, but you risk placing your application in an unknown state, which can result in far worse consequences. Whenever you find yourself writing a try/catch statement, ask yourself if you can actually do something about a raised exception. If your database goes down, can you actually write code to recover or are you better off displaying a friendly error message to the user and getting a notification about the problem? It's hard to accept at first, but sometimes it's just better to crash, log the error and move on. Even for mission critical systems, if you're making typical use of a database, what can you do if it goes down? This train of thought isn't limited to database issues or even just environmental failures, but also your typical every-day runtime bug . If converting a configuration value to an integer throws a FormatException does it make sense continuing as if everything's ok? Probably not. Of course, if you can handle an exception you absolutely ought to - but do make sure to catch only the type of exception you can handle. Catching exceptions and not actually handling them is called exception swallowing (I prefer to call it wishful thinking) and it's a bad code. A common example I see has to do with input validation. For example, let's look at how not to handle a categoryId being passed from the QueryString of an ASP.NET page. int categoryId; try { categoryId = int.Parse(Request.QueryString["categoryId"]); } catch(Exception) { categoryId = 1; } The problem with the above code is that regardless of the type of exception thrown, it'll be handled the same way. But does setting the categoryId to a default value of 1 actually handle an OutOfMemoryException? Instead, the above could should catch a specific exception: int categoryId; try { categoryId = int.Parse(Request.QueryString["categoryId"]) } catch(FormatException) { categoryId = -1; } (an even better approach would be the use the int.TryParse function introduced in .NET 2.0 - especially considering that int.Parse can throw two other types of exceptions that we'd want to handle the same way, but that's beside the point). Logging Even though most exceptions are going to go unhandled, you should still log each and every one of them. Ideally you'll centralize your logging - an HttpModule's OnError event is your best choice for an ASP.NET application or web service. I've often seen developers catch exceptions where they occur only to log and rethrow (more on rethrowing in a bit). This causes a lot of unnecessary and repetitive code - better to let exceptions bubble up through your code and log all exceptions at the outer edge of your system. Exactly which logging implementation you use is up to you and will depend on the criticalness of your system. Maybe you'll want to be notified by email as soon as exceptions occur, or maybe you can simply log it to a file or database and either review it daily or have another process send you a daily summary. Many developers leverage rich logging frameworks such as log4net or Microsoft's Logging Application Block. Cleaning Up In the previous chapter we talked about deterministic finalization with respect to the lazy nature of the garbage collector. Exceptions prove to be an added complexity as their abrupt nature can cause Dispose not to be called. A failed database call is a classic example: SqlConnection connection = new SqlConnection(FROM_CONFIGURATION) SqlCommand command = new SqlCommand("SomeSQL", connection); connection.Open(); command.ExecuteNonQuery(); command.Dispose(); connection.Dispose(); If ExecuteNonQuery throws an exception, neither our command nor our connection will get disposed of. The solution is to use Try/Finally: SqlConnection connection; SqlCommand command; try { connection = new SqlConnection(FROM_CONFIGURATION) command = new SqlCommand("SomeSQL", connection); connection.Open(); command.ExecuteNonQuery(); } finally { if (command != null) { command.Dispose(); } if (connection != null) { connection.Dispose(); } } or the syntactically nicer using statement (which gets compiled to the same try/finally above): using (SqlConnection connection = new SqlConnection(FROM_CONFIGURATION)) using (SqlCommand command = new SqlCommand("SomeSQL", connection)) { connection.Open(); command.ExecuteNonQuery(); } The point is that even if you can't handle an exception, and you should centralize all your logging, you do need to be mindful of where exceptions can crop up - especially when it comes to classes that implement IDiposable. Throwing Exceptions There isn't one magic rule to throwing exceptions like there is for catching them (again, that rule is don't catch exceptions unless you can actually handle them). Nonetheless throwing exceptions, whether or not they be your own (which we'll cover next), is still pretty simple. First we'll look at the actual mechanics of throwing exceptions, which relies on the throw statement. Then we'll examine when and why you actually want to throw exceptions. Throwing Mechanics You can either throw a new exception, or rethrow a caught exception. To throw a new exception, simply create a new exception and throw it. throw new Exception("something bad happened!"); //or Exception ex = new Exception("somethign bad happened"); throw ex; I added the second example because some developers think exceptions are some special/unique case - but the truth is that they are just like any other object (except they inherit from System.Exception which in turn inherits from System.Object). In fact, just because you create a new exception doesn't mean you have to throw it - although you probably always would. On occasion you'll need to rethrow an exception because, while you can't handle the exception, you still need to execute some code when an exception occurs. The most common example is having to rollback a transaction on failure: ITransaction transaction = null; try { transaction = session.BeginTransaction(); // do some work transaction.Commit(); } catch { if (transaction != null) { transaction.Rollback(); } throw; } finally { //cleanup } In the above example our vanilla throw statement makes our catch transparent. That is, a handler up the chain of execution won't have any indication that we caught the exception. In most cases, this is what we want - rolling back our transaction really doesn't help anyone else handle the exception. However, there's a way to rethrow an exception which will make it look like the exception occurred within our code: catch (HibernateException ex) { if (transaction != null) { transaction.Rollback(); } throw ex; } By explicitly rethrowing the exception, the stack trace is modified so that the rethrowing line appears to be the source. This is almost always certainly a bad idea, as vital information is lost. So be careful how you rethrow exceptions - the difference is subtle but important. If you find yourself in a situation where you think you want to rethrow an exception with your handler as the source, a better approach is to use a nested exception: catch (HibernateException ex) { if (transaction != null) { transaction.Rollback(); } throw new Exception("Email already in use", ex); } This way the original stack trace is still accessible via the InnerException property exposed by all exceptions. When To Throw Exceptions It's important to know how to throw exceptions. A far more interesting topic though is when and why you should throw them. Having someone else's unruly code bring down your application is one thing. Writing your own code that'll do the same thing just seems plain silly. However, a good developer isn't afraid to judicially use exceptions. There are actually two levels of thought on how exceptions should be used. The first level, which is universally accepted, is that you shouldn't hesitate to raise an exception whenever a truly exceptional situation occurs. My favorite example is the parsing of configuration files. Many developers generously use default values for any invalid entries. This is ok in some cases, but in others it can put the system in an unreliable or unexpected state. Another example might be a Facebook application that gets an unexpected result from an API call. You could ignore the error, or you could raise an exception, log it (so that you can fix it, since the API might have changed) and present a helpful message to your users. The other belief is that exceptions shouldn't just be reserved for exceptional situations, but for any situation in which the expected behavior cannot be executed. This approach is related to the design by contract approach - a methodology that I'm adopting more and more every day. Essentially, if the SaveUser method isn't able to save the user, it should throw an exception. In languages such as C#, VB.NET and Java, which don't support design by contract mechanism, this approach can have mixed results. A Hashtable returns null when a key isn't found, but a Dictionary throws an exception - the unpredictable behavior sucks (if you're curious why they work differently check out Brad Abrams blog post). There's also a line between what constitutes control flow and what's considered exceptional. Exceptions shouldn't be used to control an if/else-like logic, but the bigger a part they play in a library, the more likely programmers will use them as such (the int.Parse method is a good example of this). Generally speaking, I find it easy to decide what should and shouldn't throw an exception. I generally ask myself questions like: 1 - Is this exceptional, 2 - Is this expected, 3 - Can I continue doing something meaningful at this point and 4 - Is this something I should be made aware of so I can fix it, or at least give it a second look Perhaps the most important thing to do when throwing exceptions, or dealing with exceptions in general, is to think about the user. The vast majority of users are naive compared to programmers and can easily panic when presented with error messages. Jeff Atwood recently blogged about the importance of crashing responsibly.: 1 - It is not the user's job to tell you about errors in your software! 2 - Don't expose users to the default screen of death. 3 - Have a detailed public record of your application's errors. It's probably safe to say that Windows' Blue Screen of Death is exactly the type of error message users shouldn't be exposed to (and don't think just because the bar has been set so low that it's ok to be as lazy). Creating Custom Exceptions One of the most overlooked aspect of domain driven design are custom exceptions. Exceptions play a serious part of any business domain, so any serious attempt at modeling a business domain in code must include custom exceptions. This is especially true if you believe that exceptions should be used whenever a method fails to do what it says it will. If a workflow state is invalid it makes sense to throw your own custom WorkflowException exception and even attach some specific information to it which might not only help you identify a potential bug, but can also be used to present meaningful information to the user. Many of the exceptions I create are nothing more than marker exceptions - that is, they extend the base System.Exception class and don't provide further implementation. I liken this to marker interfaces (or marker attributes), such as the INamingContainer interface. These are particularly useful in allowing you to avoid swallowing exceptions. Take the following code as an example. If the Save() method doesn't throw a custom exception when validation fails, we really have little choice but to swallow all exceptions: try { user.Save(); catch { Error.Text = user.GetErrors(); Error.Visible = true; } //versus try { user.Save(); } catch(ValidationException ex) { Error.Text = ex.GetValidationMessage(); Error.Visible = true; } The above example also shows how we can extend exceptions to provide further custom behavior specifically related to our exceptions. This can be as simple as an ErrorCode, to more complex information such as a PermissionException which exposes the user's permission and the missing required permission. Of course, not all exceptions are tied to the domain. It's common to see more operational-oriented exceptions. If you rely on a web service which returns an error code, you may very wrap that into your own custom exception to halt execution (remember, fail fast) and leverage your logging infrastructure. Actually creating a custom exception is a two step process. First (and technically this is all you really need) create a class, with a meaningful name, which inherits from System.Exception. public class UpgradeException : Exception { } You should go the extra step and mark your class with the SerializeAttribute and always provide at least 4 constructors: 1 - public YourException() 2 - public YourException(string message) 3 - public YourException(string message, Exception innerException) 4 - protected YourException(SerializationInfo info, StreamingContext context) The first three allow your exception to be used in an expected manner. The fourth is used to support serialization incase .NET needs to serialize your exception - which means you should also implement the GetObjectData method. The purpose of support serialization is in the case where you have custom properties, which you'd like to have survive being serialized/deserialize. Here's the complete example: [Serializable] public class UpgradeException: Exception { private int _upgradeId; public int UpgradeId { get { return _upgradeId; } } public UpgradeException(int upgradeId) { _upgradeId = upgradeId; } public UpgradeException(int upgradeId, string message, Exception inner) : base(message, innerException) { _upgradeId = upgradeId; } public UpgradeException(int upgradeId, string message) : base(message) { _upgradeId = upgradeId; } protected UpgradeException(SerializationInfo info, StreamingContext c) : base(info, c) { if (info != null) { _upgradeId = i.GetInt32("upgradeId"); } } public override void GetObjectData(SerializationInfo i, StreamingContext c) { if (i != null) { info.AddValue("upgradeId", _upgradeId); } } Conclusion It can take quite a fundamental shift in perspective to appreciate everything exceptions have to offer. Exceptions aren't something to be feared or protected against, but rather vital information about the health of your system. Don't swallow exceptions. Don't catch exceptions unless you can actually handle them. Equally important is to make use of built-in, or your own exceptions when unexpected things happen within your code. You may even expand this pattern for any method that fails to do what it says it will. Finally, exceptions are a part of the business you are modeling. As such, exceptions aren't only useful for operational purposes but should also be part of your overall domain model. Posted May 29 2008, 08:02 PM by karl with 25 comment(s) Filed under: Foundations

• Signing Requests (or anything) with Hashes

  It's common practice to use hashes for signing purposes. For example, you can take a hash (MD5, SHA1, it doesn't really matter) of a file's byte contents and use that hash to ensure the file hasn't been modified. It's also quite common to hash a user's password - which is essentially creating a signature with a single variable. Hashes are ideal because they are relatively fast to compute, available for virtually every known language, secure (especially if you add a random value in order to prevent a dictionary attack), and easy to implement. Using a hash signature with a web service is a great and simple way to provide a certain degree of authentication. It's the approach Facebook, as well as other platforms, use as the basis of their security model for third party applications. At a high level, our strategy is to define a simple algorithm for creating a hash based on parameters and a previously agreed upon secret value. Then, every request a client makes include a hash. The server takes the request and computes its own hash. If the server's hash and the client's hash match, the request is authentic and execution can proceed. Pretend we have a web service for a video game which accepts a score, it's simplest implementation might look something like: savescore.axd?sessionId=323393&score=500 Of course, this isn't very secure. Anyone with basic knowledge of HTTP can easily resubmit the request with whatever values they want: savescore.axd?sessionId=323393&score=01123581321345589 However, if we sign the request based on the two input values (sessionId and score) as well as a secret value, it is no longer possible to simply change the score: savescore.axd?sessionId=323393&score=500&h=albkk309sk So how exactly do we create this signature? Well, sticking with Facebook as our guide, we'll take each key=>value parameter, sort them alphbetically, concatenate them together along with our secret value. So, given them above query and a secret value of "itsover9000", we'd create a hash of: score=500sessionId=323393itsover9000 (notice how we aren't separating our pairs with & - that's just how facebook does it, you can add an extra separator or anything else if you want) Here's a function that does just that: public static string CreateSignature(IDictionary<string, string> parameters, string secret) { SortedDictionary<string, string> sortedParameters = new SortedDictionary<string, string>(parameters); StringBuilder sb = new StringBuilder(); foreach (KeyValuePair<string, string> kvp in sortedParameters) { sb.Append(string.Concat(kvp.Key, "=", kvp.Value)); } sb.Append(secret); byte[] bytes = new MD5CryptoServiceProvider().ComputeHash(Encoding.UTF8.GetBytes(sb.ToString())); StringBuilder data = new StringBuilder(); for (int i = 0; i < bytes.Length; ++i) { data.Append(bytes[ i ].ToString("x2")); } return data.ToString(); } (The last part turns our hashed byte array into a hexadecimal format) Depending on exactly what it is you're trying to do, you can integrate that directly into your framework. For example, if you're using HttpHandlers, you could easily build a base class to handle all of this: public abstract class SignedRequestHandler : IHttpHandler { public void ProcessRequest(HttpContext context) { NameValueCollection parameters; if (string.Compare(context.Request.HttpMethod, "GET", true) == 0) { parameters = new NameValueCollection(context.Request.QueryString); } else { parameters = new NameValueCollection(context.Request.Form); } string clientHash = parameters["h"]; parameters.Remove("h"); if (string.IsNullOrEmpty(clientHash) || clientHash != CreateSignature(parameters, "itsover9000")) { throw new RequestSignatureException(); } } public abstract bool IsReusable { get; } private static string CreateSignature(NameValueCollection parameters, string secret) { SortedDictionary<string, string> sortedParameters = new SortedDictionary<string, string>(); foreach (string item in parameters.AllKeys) { sortedParameters.Add(item, parameters[item]); } return CreateSignature(sortedParameters, secret); } private static string CreateSignature(SortedDictionary<string, string> parameters, string secret) { StringBuilder sb = new StringBuilder(); foreach (KeyValuePair<string, string> kvp in parameters) { sb.Append(kvp.Key); sb.Append("="); sb.Append(kvp.Value); } sb.Append(secret); byte[] bytes = new MD5CryptoServiceProvider().ComputeHash(Encoding.UTF8.GetBytes(sb.ToString())); StringBuilder data = new StringBuilder(); for (int i = 0; i < bytes.Length; ++i) { data.Append(bytes[ i ].ToString("x2")); } return data.ToString(); } } Here we've just hardcoded the secret. If you're targetting multiple client/users, you need to assign them an application id (most open web services call these an APIKey) and have it passed along with each query. You can then use it to lookup the appropriate secret, something like: string apiKey = parameters["apikey"]; string secret = Account.GetSecretFromApiKey(apiKey); And, that's it :) Posted May 22 2008, 08:52 AM by karl with 4 comment(s)

• Beyond Mocks - the Partial

  It's a litlte easy to get carried away with mocking when you first start doing it in conjuction with unit tests. Mocks are unbelivably flexible/powerful. However, to get the most out of them, you really need to be able to inject your mock into the class you're testing. Conincidentaly trying to leverage mocks in your code will lead you to the first tangible benefit of unit testing - you'll notice how tightly coupled your code is (i.e., impossible to test) and learn a wonderful aresenal of strategies to help you write better code. There comes a point though where injection just doesn't make a whole lot of sense for anything _but_ testing and even then the value might not be that evident. Let's see how we can use RhinoMock's Partials to solve the problem. Take for example an LoginHttpHandler that looks something like: public void ProcessRequest(NameValueCollection parameters) { string userName = parameters["username"]; string password = parameters["password"]; User user = User.CreateFromCredentials(userName, password); //do something with our user } This code is impossible to unit test because the call to User.CreateFromCredentials can't be mocked/faked/anything. The best we can do is mock whatever dependencies User.CreateFromCredentials has - but that's just a nightmare not worth exposing ourselves to. What we can do is use a partial instead of a mock. A mock is a dumb object that only records expectations and actuals. A partial on the other hand exposes all of the behavior of the class we've created a partial for - except those we've explicitly set expecations on. For example, if we rewrite the above code as: public void ProcessRequest(NameValueCollection parameters){ string userName = parameters["username"]; string password = parameters["password"]; User user = GetUser(userName, password); //do something with our user } public virtual User GetUser(string userName, string password) { return User.CreateFromCredentials(userName, password); } We can use a  partial to write a useful unit test (well, there isn't much to test for, but you get the idea): [Test] public void LoginHandlerInteractsWithUser() { MockRepository mocks = new MockRepository(); LoginHttpHandler handler = mocks.PartialMock(); User fakeUser = new User(); NameValueCollection nvc = new NameValueCollection(); nvc.Add("userName", "un"); nvc.Add("password", "pass"); using (mocks.Record()) { Expect.Call(handler.GetUser(nvc["userName"], nvc["password"])).Return(fakeUser); } using (mocks.Playback()) { handler.ProcessRequest(nvc); } mocks.VerifyAll(); } We create a partial of our LoginHttpHandler which behaves exactly like a new instance of it - except for those methods (like GetUser) which we've set an expectation on. Just like with a mock, if ProcessRequest called GetUser twice, we'd have to record that call twice. Unlike a mock however, if we didn't, the 2nd call would call the real implementation of GetUser. The only other thing to keep in mind is that the method you plan on mocking must be virtual - this allows  RhinoMocks to override the method and do it's own thing (implement the record/playback logic). In my recent trip down Java land, I actually have a hell of a problem doing this seemingly simple thing. I tried a number of mocking frameworks, eventually settling on EasyMock but the amount of work needed to set up partials was insane. If I missed something, I'd love to know about it. Posted May 13 2008, 07:41 PM by karl with 8 comment(s)

• What arrays and pointers have in common - or - Why arrays start at zero

  Every now and again someone asks why do array indexes start at zero rather than one? It's a good question, because the 1st item in the array is...well..the 1st, not the 0th. Although the answer is easily found on the web, I figured it would tie in nicely with where we left off last time - looking at memory in .NET. Not surprisingly this stems from the good old C days (and perhaps even earlier). You see, back then, arrays and pointers were highly related. I actually remember thinking of them as identical things with different syntax. Once you see that arrays are just syntactical sugar to pointers, you'll understand why everything starts at zero. I'm not sure how much of this still applies in modern languages. I assume that arrays and pointers are still closely correlated - but I'm pretty sure zero now sticks around for convention. Everything below is in C. When you create an array, you cut out a continuous chunk of memory  which stores each value in its own block. So: int values[3] = {1, 20, 30}; will cut out 96bits of memory (3*32) and place the values "1" in the first, "20" in the second and "30" in the third blocks Since this (like everything else) is just memory, we can assign it to a pointer: int *p = &values[0]; //the & operator returns the address of a value The above code assigns the address of the first value to our pointer. So we can say that p points to the start of our array. From our pointer, we can get the 2nd element or 3rd element: printf("%d\r\n", *(p+1)); printf("%d\r\n", *(p+2)); As you can see, *(p+i) is the exact same thing as saying values[ i ]. So, if you look at it from the point of view of pointers, the zero index makes perfect sense because it signifies the memory offset from the start of the array. To prove how tightly coupled the two concepts are, we can actually change: int *p = &values[0]; to  int *p = values; since values array is nothing more than a pointer to the first element. While we're here, let's look at a crazy example that shows the danger (and power) of C. Even though we've only allocated 3 spots for our array, we can easily peak at what's next with either of these statements: printf("%d\r\n", *(p+3)); printf("%s\r\n", values[3]); Worse, we can write an arbitrary value there: *(p+3)  = 0; Posted May 06 2008, 08:01 PM by karl with 7 comment(s)

• Foundations of Programming - pt 7 - Addendum

  I've made two additions to Part 7. The first is based on a suggestion by Greg to talk about a common cause of memory leaks - events and delegates. The second is about deterministic finalization Memory Leaks with Events There's one specific situation worth mentioning as a common cause of memory leaks: events. If, in a class, you register for an event, a reference is created to your class. Unless you de-register from the event your objects lifecycle will ultimately be determined by the event source. In other words, if ClassA (the listener) registers for an event in ClassB (the event source) a reference is created from ClassB to ClassA. Two solutions exists: de-registering from events when you're done (the IDisposable pattern is the ideal solution), or use the WeakEvent Pattern or a simplified version.   Deterministic Finalization Despite the presence of the garbage collector, developers must still take care of managing some of their references. That's because some objects hold on to vital or limited resources, such as file handles or database connections which should be released as soon as possible. This is problematic  since we don't know when the garbage collector will actually run - by nature the garbage collector only runs when memory is in short supply. To compensate, classes which hold on to such resources should make use of the Disposable pattern. All .NET developers are likely familiar with this pattern, along with its actual implementation (the IDisposable interface), so we won't rehash what you already know. With respect to this chapter, it's simply important that you understand the role deterministic finalization takes. It doesn't free the memory used by the object. It releases resources. In the case of database connections for example, it releases the connection back to the pool in order to be reused. If you forget to call Dispose on an object which implements IDisposable the garbage collector will do it for you (eventually). You shouldn't rely on this behavior however as the problem of limited resources is very real (it's relatively trivial to try it out with a loop that opens connections to a database). You may be wondering why some objects expose both a Close and Dispose method, and which you should call. In all the cases I've seen the two are generally equivalent - so it's really a matter of taste. I would suggest that you take advantage of the using statement and forget about Close. Personally I find it frustrating (and inconsistent) that both are exposed. Finally, if you're building a class that would benefit from deterministic finalization you'll find that implementing the IDisposable pattern is simple. A straightforward guide is available on MSDN. Posted May 04 2008, 04:28 PM by karl with 5 comment(s) Filed under: Foundations

• Foundations of Programming - pt 7 - Back to Basics: Memory

  I'm back. Readers can expect a quality free pdf ebook once the series is complete (end of may at the latest hopefully). Try as they might, modern programming language can't fully abstract fundamental aspects of computer systems. This is made evident by the various exceptions thrown by high level languages. For example, it's safe to assume that you've likely faced the following .NET exceptions: NullReferneceException, OutOfMemoryException, StackOverflowException and ThreadAbortException. As important as it is for developers to embrace various high level patterns and techniques, it's equally important to understand the ecosystem in which your program runs. Looking past the layers provided by the C# (or VB.NET) compiler, the CLR and the operating system, we find memory. All programs make extensive use of system memory and interact with it in marvelous ways, it's difficult to be a good programmer without understanding this fundamental interaction. Much of the confusion about memory stems from the fact that C# and VB.NET are managed languages and that the CLR provides automatic garbage collection. This has caused many developers to erroneously assume that they need not worry about memory. Memory Allocation In .NET, as with most languages, every variable you define is either stored on the stack or in the heap. These are two separate spaces allocated in system memory which serve a distinct, yet complimentary purpose. What goes where is predetermined: value types go on the stack, while all reference types go on the heap. In other words, all the system types, such as char, int, long, byte, enum and any structures (either defined in .NET or defined by you) go on the stack. The only exception to this rule are value types belonging to reference types - for example the Id property of a User class goes on the heap along with the instance of the User class itself. The Stack Although we're used to magical garbage collection, values on the stack are automatically managed even in a garbage collectionless world (such as C). That's because whenever you enter a new scope (such as a method or an if statement) values are pushed onto the stack and when you exit the stack the values are popped off. This is why a stack is synonymous with a LIFO - last-in first-out. You can think of it this way: whenever you create a new scope, say a method, a marker is placed on the stack and values are added to it as needed. When you leave that scope, all values are popped off up to and including the method marker. This works with any level of nesting. Until we look at the interaction between the heap and the stack, the only real way to get in trouble with the stack is with the StackOverflowException. This means that you've used up all the space available on the stack. 99.9% of the time, this indicates an endless recursive call (a function which calls itself ad infinitum). In theory it could be caused by a very very poorly designed system, though I've never seen a non-recursive call use up all the space on the stack. The Heap Memory allocation on the heap isn't as straightforward as on the stack. Most heap-based memory allocation occurs whenever we create a new object. The compiler figures out how much memory we'll need (which isn't that difficult, even for objects with nested references), carves up an appropriate chunk of memory and returns a pointer to the allocated memory (more on this in moments). The simplest example is a string, if each character in a string takes up 2 bytes, and we create a new string with the value of "Hello World", then the CLR will need to allocate 22 bytes (11x2) plus whatever overhead is needed. Speaking of strings, you've no doubt heard that string are immutable - that is, once you've declared a string and assigned it a value, if you modify that string (by changing its value, or concatenating another string onto it), then a new string is created. This can actually have negative performance implications, and so the general recommendation is to use a StringBuilder for any significant string manipulation. The truth though is that any object stored on the heap is immutable, and any changes to the underlying size will require new allocation. The StringBuilder, along with some collections, partially get around this by using internal buffers. Once the buffer fills up though, the same reallocation occurs and some type of growth algorithm is used to determined the new size (the simplest being oldSize * 2). Whenever possible it's a good idea to specify the initial capacity of such objects in order to avoid this type of reallocation (the constructor for both the StringBuilder and the ArrayList (amongst many other collections) allow you to specify an initial capacity). Garbage collecting the heap is a non-trivial task. Unlike the stack where the last scope can simply be popped off, objects in the heap aren't local to a given scope. Instead, most are deeply nested references of other referenced objects. In languages such as C, whenever a programmer causes memory to be allocated on the heap, he or she must also make sure to remove it from the heap when he's finished with it. In managed languages, the runtime takes care of cleaning up resources (.NET uses a Generational Garbage Collector which is briefly described on Wikipedia). There are a lot of nasty issues that can sting developers while working with the heap. Memory leaks aren't only possible but very common, memory fragmentation can cause all types of havoc, and various performance issues can arise due to strange allocation behavior or interaction with unmanaged code (which.NET does a lot under the covers). Pointers For many developers, learning pointers in school was a painful experience. They represent the very real indirection which exists between code and hardware. Many more developers have never had the experience of learning them - having jumped into programming directly from a language which didn't expose them directly. The truth though is that anyone claiming that C# of Java are pointerless languages is simply wrong. Since pointers are the mechanism by which all languages manage values on the heap, it seems rather silly not to understand how they are used. Pointers represent the nexus of a system's memory model - that is, pointers are the mechanism by which the stack and the heap work together to provide the memory subsystem required by your program. As we discussed earlier, whenever you instantiate a new object, .NET allocates a chunk of memory on the heap and returns a pointer to the start of this memory block. This is all a pointer is: the starting address for the block of memory containing an object. This address is really nothing more than an unique number, generally represented in hexadecimal format. Therefore, a pointer is nothing more than a unique number that tells .NET where the actual object is in memory. When you assign a reference type to a variable, your variable is actually a pointer to the object. This indirection is transparent in Java or .NET, but not in C or C++ where you can manipulate the memory address directly via pointer arithmetic. In C or C++ you could take a pointer and add 1 to it, hence arbitrarily changing where it points to (and likely crashing your program because of it). Where it gets interesting is where the pointer is actually stored. They actually follow the same rules outlined above: as integers they are stored on the stack - unless of course they are part of a reference object and then they are on the heap with the rest of their object. It might not be clear yet, but this means that ultimately, all heap objects are rooted on the stack (possibly through numerous levels of references). Let's first look at a simple example. static void Main(string[] args) { int x = 5; string y = "codebetter.com"; } From the above code, we'll end up with 2 values on the stack, the integer 5 and the pointer to our string, as well as the actual string on the heap. Here's a graphical representation: When we exit our main function (forget the fact that the program will stop), our stack pops off all local values, meaning both the x and y values are lost. This is significant because the memory allocated on the heap still contains our string, but we've lost all references to it (there's no pointer pointing back to it). In C or C++ this results in a memory leak - without a reference to our heap address we can't free up the memory. In C# or Java, our trusty garbage collector will detect the unreferenced object and free it up. We'll look at a more complex examples, but asside from having more arrows, it's basically the same. public class Employee { private int _employeeId; private Employee _manager; public int EmployeeId { get { return _employeeId; } set { _employeeId = value; } } public Employee Manager { get { return _manager; } set { _manager = value; } } public Employee(int employeeId) { _employeeId = employeeId; } } public class Test { private Employee _subordinate; void DoSomething( { Employee boss = new Employee(1); _subordinate = new Employee(2); _subordinate.Manager = _boss; } } Interestingly, when we leave our method, the boss variable will pop off the stack, but the subordinate, which is defined in a parent scope, won't. This means the garbage collector won't have anything to clean-up because both heap values will still be referenced (one directly from the stack, and the other indirectly from the stack through a referenced object). As you can see, pointers most definitely play a significant part in both C# and VB.NET. Since pointer arithmetic isn't available in either language, pointers are greatly simplified and hopefully easily understood. Memory Model in Practice We'll now look at the actual impact this has on our applications. Keep in mind though that understanding the memory model in play won't only help you avoid pitfalls, but it will also help you write better applications. Boxing Boxing occurs when a value types (stored on the stack) is coerced onto the heap. Unboxing happens when these value types are placed back onto the stack. The simplest way to coerce a value type, such as an integer, onto the heap is by casting it: int x = 5; object y = x; A more common scenario where boxing occurs is when you supply a value type to a method that accepts an object. This was common with collections in .NET 1.x before the introduction of generics. The non-generic collection classes mostly work with the object type, so the following code results in boxing and unboxing: ArrayList userIds = new ArrayList(2); userIds.Add(1); userIds.Add(2); int firstId = (int)userIds[0]; The real benefit of generics is the increase in type-safety, but they also address the performance penalty associated with boxing. In most cases you wouldn't notice this penalty, but in some situations, such as large collections, you very well could. Regardless of whether or not it's something you ought to actually concern yourself with, boxing is a prime example of how the underlying memory system can have an impact on your application. ByRef Without a good understanding of pointers, it's virtually impossible to understand passing a value by reference and by value. Developers generally understand the implication of passing a value type, such as an integer, by reference, but few understand why you'd want to pass a reference by reference. ByRef and ByVal affect reference and value types the same - provided you understand that they always work against the underlying value (which in the case of a reference type means they work against the pointer and not the value). Using ByRef is the only common situation where .NET won't automatically resolve the pointer indirection (passing by reference or as an output parameter isn't allowed in Java). First we'll look at how ByVal/ByRef affects value types. Given the following code: public static void Main() { int counter1 = 0; SeedCounter(counter1); Console.WriteLine(counter1); int counter2 = 0; SeedCounter(ref counter2); Console.WriteLine(counter2); } private static void SeedCounter(int counter) { counter = 1; } private static void SeedCounter(ref int counter) { counter = 1; } We can expect an output of 0 proceeded by 1. The first call does not by pass counter1 by reference, meaning a copy of counter1 is passed into SeedCounter and changes made within are local to the function. In other words, we're taking the value on the stack and duplicating it onto another stack location. In the second case we're actually passing the value by reference which means no copy is created and changes aren't localized to the SeedCounter function. The behavior with reference types is the exact same, although it might not appear so at first. We'll look at two examples. The first one uses a PayManagement class to change the properties of an Employee. In the code below we see that we have two employees and in both cases we're given them a $2000 raise. The only difference is that one passes the employee by reference while the other is passed by value. Can you guess the output? public class Employee { private int _salary; public int Salary { get {return _salary;} set {_salary = value;} } public Employee(int startingSalary) { _salary = startingSalary; } } public class PayManagement { public static void GiveRaise(Employee employee, int raise) { employee.Salary += raise; } public static void GiveRaise(ref Employee employee, int raise) { employee.Salary += raise; } } public static void Main() { Employee employee1 = new Employee(10000); PayManagement.GiveRaise(employee1, 2000); Console.WriteLine(employee1.Salary); Employee employee2 = new Employee(10000); PayManagement.GiveRaise(ref employee2, 2000); Console.WriteLine(employee2.Salary); } In both cases, the output is 12000. At first glance, this seems different than what we just saw with value types. What's happening is that passing a reference type by value does indeed pass a copy of the value, but not the heap value. Instead, we're passing a copy of our pointer. And since a pointer and a copy of the pointer point to the same memory on the heap, a change made by one is reflected in the other. When you pass a reference type by reference, you're passing the actual pointer as opposed to a copy of the pointer. This begs the question, when would we ever pass a reference type by reference? The only reason to pass by reference is when you want to modify the pointer itself - as in where it points to. This can actually result in nasty side effects - which is why it's a good thing functions wanting to do so must specifically specify that they want the parameter passed by reference. Let's look at our second example. public class Employee { private int _salary; public int Salary { get {return _salary;} set {_salary = value;} } public Employee(int startingSalary) { _salary = startingSalary; } } public class PayManagement { public static void Terminate(Employee employee) { employee = null; } public static void Terminate(ref Employee employee) { employee = null; } } public static void Main() { Employee employee1 = new Employee(10000); PayManagement.Terminate(employee1); Console.WriteLine(employee1.Salary); Employee employee2 = new Employee(10000); PayManagement.Terminate(ref employee2); Console.WriteLine(employee2.Salary); } Try to figure out what will happen and why. I'll give you a hint: an exception will be thrown. If you guessed that the call to employee1.Salary outputted 10000 while the 2nd one threw a NullReferenceException then you're right. In the first case we're simply setting a copy of the original pointer to null - it has no impact whatsoever on what employee1 is pointing to. In the second case, we aren't passing a copy but the same stack value used by employee2. Thus setting the employee to null is the same as writing employee2 = null;. It's quite uncommon to want to change the address pointed to by a variable from within a separate method - which is why the only time you're likely to see a reference type passed by value is when you want to return multiple values from a function call (in which case you're better off using an out parameter, or using a purer OO approach). The above example truly highlights the dangers of playing in an environment whose rules aren't fully understood. Managed Memory Leaks We already saw an example of what a memory leak looks like in C. Basically, if C# didn't have a garbage collector, the following code would leak: private void DoSomething() { string name = "dune"; } Our stack value (a pointer) will be popped off, and with it will go the only way we have to reference the memory created to hold our string. Leaving us with no method of freeing it up. This isn't a problem in .NET because it does have a garbage collector which tracks unreferenced memory and frees it. However, a type of memory leak is still possible if you hold on to references indefinitely. This is common in large applications with deeply nested references. They can be hard to identify because the leak might be very small and your application might not run for long enough - even ASP.NET applications tend to be recycled fairly often. Ultimately when your program terminates the operating system will reclaim all memory, leaked or otherwise. However, if you start seeing OutOfMemoryException and aren't dealing with abnormally large data, there's a good chance you have a memory leak. .NET ships with tools to help you out, but you'll likely want to take advantage of a commercial memory profiler such as dotTrace or ANTS Profiler. When hunting for memory leaks you'll be looking for your leaked object (which is pretty easy to find by taking 2 snapshots of your memory and comparing them), tracing through all the objects which still hold a reference to it and correcting the issue. Fragmentation Another common cause for OutOfMemoryException has to do with memory fragmentation. When memory is allocated on the heap it's always a continuous block. This means that the available memory must be scanned for a large enough chunk. As your program runs its course, the heap becomes increasingly fragmented (like your hard drive) and you might end up with plenty of space, but spread out in a manner which makes it unusable. Under normal circumstances, the garbage collector will compact the heap as it's freeing memory. As it compacts memory, addresses of objects change, and .NET makes sure to update all your references accordingly. Sometimes though, .NET can't move an object: namely when the object is pinned to a specific memory address. Pinning Pinning occurs when an object is locked to a specific address on the heap. Pinned memory cannot be compacted by the garbage collector resulting in fragmentation. Why do values get pinned? The most common cause is because your code is interacting with unmanaged code. When the .NET garbage collector compacts the heap, it updates all references in managed code, but it has no way to jump into unmanaged code and do the same. Therefore, before interoping it must first pin objects in memory. Since many methods within the .NET framework rely on unmanaged code, pinning can happen without you knowing about it (the scenario I'm most familiar with are the .NET Socket classes which rely on unmanaged implementations and pin buffers). A common way around this type of pinning is to declare large objects which don't cause as much fragmentation as many small ones (this is even more true considering large objects are placed in a special heap (called the Large Object Heap (LOH) which isn't compacted at all)). For example, rather than creating hundreds of 4KB buffers, you can create 1 large buffer and assign chunks of it yourself. For an example as well as more information on pinning, I suggest you read Greg Young's advanced post on pinning and asynchronous sockets. There's a second reason why an object might be pinned - when you explicitly make it happen. In C# (not in VB.NET) if you compile your assembly with the unsafe option you can pin an object via the fixed statement. While extensive pinning can cause memory pressures on the system, judicial use of the fixed statement can greatly improve performance. Why? Because a pinned object can be manipulated directly with pointer arithmetic - this isn't possible if the object isn't pinned because the garbage collector might reallocate your object somewhere else in memory. Take for example this efficient ASCII string to integer conversion which runs over 6 times faster than using int.Parse. public unsafe static int Parse(string stringToConvert) { int value = 0; int length = stringToConvert.Length; fixed(char* characters = stringToConvert) { for (int i = 0; i &lgt; length; ++i) { value = 10 * value + (characters[ i ] - 48); } } return value; } Unless you're doing something abnormal, there should never be a need to mark your assembly as unsafe and take advantage of the fixed statement. The above code will easily crash (pass null as the string and see what happens), isn't nearly as feature rich as int.Parse, and in the scale of things is extremely risky while providing no benefits. Setting things to null So, should you set your reference types to null when you're done with them? Of course not. Once a variable falls out of scope, it's popped of the stack and the reference is removed. If you can't wait for the scope to exit, you likely need to refactor your code. Conclusion Stacks, heaps and pointers can seem overwhelming at first. Within the context of managed languages though, there isn't really much to it. The benefits of understanding these concepts are tangible in day to day programming, and invaluable when unexpected behavior occurs. You can either be the programmer who causes weird NullReferenceExceptions and OutOfMemoryExceptions, or the one that fixes them. Posted Apr 27 2008, 08:58 PM by karl with 27 comment(s) Filed under: Foundations

• Foundations of Programming - PDF

  UPDATED: There's an official free ebook now available here.   Tim Barcz was kind enough to compile the the foundation series into a single PDF, for your sharing/printer pleasure. You can grab it here  I'll be taking a short break from blogging for the next couple weeks, so have fun playing with the new toys.   Posted Jan 02 2008, 08:12 PM by karl with 16 comment(s) Filed under: Foundations

• Foundations of Programming - Part 6 - NHibernate

  In part 3 we took our first stab at bridging the data and object world by hand-writing our own data access layer and mapper. The approach turned out to be rather limited and required quite a bit of repetitive code (although it was useful in demonstrating the basics). Adding more object and more functionality would bloat our DAL into an enormously unmaintainable violation of DRY (don't repeat yourself). In this section we'll look at an actual O/R Mapping framework to do all the heavy lifting for us. Specifically, we'll look at the popular open-source NHibernate framework (http://www.hibernate.org/343.html). The single greatest barrier preventing people from adopting domain driven design is the issue of persistence. My own adoption of O/R mappers came with great trepidation and doubt. You'll essentially be asked to trade in your knowledge of a tried and true method for something that seems a little too magical. A leap of faith may be required. The first thing to come to terms with is that O/R mappers generate your SQL for you. I know, it sounds like it's going to be slow, insecure and inflexible, especially since you probably figured that it'll have to use inline SQL. But if you can push those fears out of your mind for a second, you have to admit that it could save you a lot of time and result in a lot less bugs. Remember, we want to focus on building behavior, not worry about plumbing (and if it makes you feel any better, a good O/R mapper will provide simple ways for you to circumvent the automated code generation and execute your own SQL or stored procedures). Infamous Inline SQL vs Stored Procedure Debate Over the years, there's been some debate between inline SQL and stored procedures. This debate has been very poorly worded, because when people hear inline SQL, they think of badly written code like: public int GetUserIdByCredentials(string userName, string password) { string sql = @"SELECT UserId FROM Users WHERE UserName = '" + userName + "' AND Password = '" + password + "'"; using (SqlCommand command = new SqlCommand(sql)) { //todo return 0; } } If you stop and think about it though, and compares apples to apples, I think you'll agree that neither is particularly better than the other. Let me help you out. Stored Procedures are more Secure Inline SQL should be written using parameterized queries just like you do with stored procedures. For example, the correct way to write the above code in order to eliminate the possibility of an SQL injection attack is: public int GetUserIdByCredentials(string userName, string password) { string sql = @"SELECT UserId FROM Users WHERE UserName = @UserName AND Password = @Password"; using (SqlCommand command = new SqlCommand(sql)) { command.Parameters.Add("@UserName", SqlDbType.VarChar, 64).Value = userName; command.Parameters.Add("@Password", SqlDbType.VarChar, 64).Value = password; //todo return 0; } } Stored procedures provide an abstraction to the underlying schema Whether you're using inline SQL or stored procedures, what little abstraction you can put in a SELECT statement is the same. If any substantial changes are made, your stored procedures are going to break and there's a good chance you'll need to change the calling code to deal with the issue. O/R Mappers on the other side, generally provide much better abstraction. If I make a change, I don't have to recompile the code Somewhere, somehow, people got it in their head that code compilations should be avoided at all cost (maybe this comes from the days where projects could take hours to compile). If you change a stored procedure, you still have to re-run your unit and integration tests and deploy a change to production. It genuinely scares and puzzles me that developers consider a change to a stored procedure or XML trivial compared to a similar change in code. Stored Procedures reduce network traffic Who cares? In most cases your database is sitting on a GigE connection with your servers and you aren't paying for that bandwidth. You're literally talking fractions of milliseconds. On top of that, a well configured O/R mapper can save round-trips via identify map implementations, caching and lazy loading. Stored procedures are faster This is the excuse I held onto the longest. Write a reasonable/common SQL statement inline and then write the same thing in a stored procedure and time them. Go ahead. In most cases there's little or no difference. In some cases, stored procedures will be slower because a cached execution plan will not be efficient given a certain parameter. Jeff Atwood called using stored procedures for the sake of better performance a fairly extreme case of premature optimization. He's right. The proper approach is to take the simplest possible approach (let a tool generate your SQL for you), and optimize specific queries when/if bottlenecks are identified. It took a while, but after a couple years, I realized that the debate between inline and stored procedures was as trivial and meaningless as the one about C# and VB.NET. Of course, since the differences are practically non-existing; why not just use stored procedures? If you aren't willing to adopt an O/R mapper, that's certainly what I would suggest – there's no sense in dynamically creating your own inline SQL. However, O/R mappers, which rely on inline SQL, provide three very important benefits (there are more, but with respect to maintainability, I think these are the most important: You end up writing a lot less code – which obviously results in a more maintainable system, You gain a true level of abstraction from the underlying data source – both because you're querying the O/R mapper for your data directly (and it converts that into the appropriate SQL), and because you're providing mapping information between your table schemas and domain objects, If your impedance mismatch is low, they save you from having to write a lot of repetitive code; however, if your impedance mismatch is high, you'll be able to design your database the way it should be, and your domain layer the way it should be, without having to create an uncomfortable compromise – the O/R mapper will handle the mismatch for you. In the end, this really comes down to building the simplest solution upfront. After a few iterations, you can spend time profiling your code, and only if you detect an actual problem do you have to address that specific case. It might not sound so much simpler because you have to learn a fairly complex framework upfront, but that's the reality of our profession. Remember, our goal is to widen our knowledge base by looking at different ways to build systems in order to provide our clients with greater value. While we may be specifically talking about NHibernate, the goal is really to introduce to concept of O/R mappers, and try to correct the blind faith .NET developers have put into stored procedures and ADO.NET. NHibernate Of the frameworks and tools we've looked at so far, NHibernate is the most complex. This complexity is certainly something you should take into account when deciding on a persistence solution, but once you do find a project that allows for some R&D time, the payoff will be well worth it in future projects. The nicest thing about NHibernate, and a major design goal of the framework, is that it's completely transparent – your domain objects aren't forced to inherit a specific base class and you don't have to use a bunch of decorator attributes. This makes unit testing your domain layer possible – if you're using a different persistent mechanism, say typed datasets, the tight coupling between domain and data makes it hard/impossible to properly unit test. At a very high level, you configure NHibernate by telling it how your database (tables and columns) map to your domain objects, use the NHibernate API and NHibernate Query Language to talk to your database, and let it do the low level ADO.NET and SQL work. In previous parts we focused on a system for a car dealership – specifically focusing on cars and upgrades. In this part we'll change perspective slightly and look at car sales (sales, models and sales people).The domain model is simple – a SalesPerson has zero or more Sales which reference a specific Model. I've also included a VS.NET solution that contains sample code and annotations – you can find a link at the end of this article. All you need to do to get it running is create a new database, execute the provide SQL script (a handful of create tables), and configure the connection string. The sample, along with the rest of this article, is meant to help you get started with