|
|
|
|
|
|
|
|
|
|
|
|
||
|
I'm often asked why I don't hop on the lastest language bandwagon and just start coding up a storm. The answer comes in two parts: the first is that I do try out these languages to see what the hype is all about, to see where they can fit in and to see their pros and cons. The second is that I realize that there is more to software engineering than just writing code. Software spends disproportionately more time in maintenance than it does in initial development. Just because a language such as Ruby is much faster for initial development doesn't mean that it's much easier to maintain. (Do note that I'm not saying that Ruby is hard / harder to maintain. I'm simply saying that a one cannot determine what the maintenance model for a language is from doing only initial development.) The long and short of all of this is that I am forced by my professionalism and my responsibilites to not only look at how a language works for initial development but also for long term maintenance. By definition this means that it takes me a very long time to determine if a language is suitable in the long term. Since many newly in vogue languages simply haven't been out long enough to have either the community's or my own understanding of its maintenance model one simply cannot start writing production code with them. One quick example of all of this is AOP. I'm enamored with AOP but I cannot and will not use it in production software. The reason is that AOP simply does not have a maintenance model at all. In other words, I cannot take an AOP'ified application and future apply AOP on it (i.e. maintain it) and have understandable and determinable effects. Editor's note: this is a stream of consciousness posting to get an idea down and is not complete or thorough in any way. But as always, comments are welcome. |
|
||
|
I have been playing around with some UI mock ups lately and it is often that I have code that looks like the following:
...
add(new Label("Some text"));
...
If I want to see what
...
add(new Label("Some text") {{ setFont(someFont); }});
...
...
add(new Label("Some text")
{
{
setFont(someFont);
}
});
...
The only question that remains is: when is the instance initializer executed? You can read section 8.8.5.1 of the JLS if you want. (The problem that I have with section 8.8.5.1 is that it is for explicit constructor invocations which doesn't seem to be the case for this example but I cannot find another reference to instance initializers in the JLS.) The code below provides a clearer answer to the question.
class PreTest {
{System.err.println("PreTest First");}
public PreTest() {
System.err.println("PreTest constructor");
}
{System.err.println("PreTest Second");}
}
class Test extends PreTest {
{System.err.println("Test First");}
public Test() {
System.err.println("Test constructor");
}
{System.err.println("Test Second");}
public Test(final int number) {
this();
System.err.println("Test constructor(" + number + ")");
}
{System.err.println("Test Third");}
public void method() {
System.err.println("Test method");
}
{System.err.println("Test Fourth");}
}
class Dummy {
public Dummy() {}
public void go(Test test) {}
}
final Dummy dummy = new Dummy();
dummy.go(new Test(10) {{ method(); }});
When executed, the following is output:
PreTest First
PreTest Second
PreTest constructor
Test First
Test Second
Test Third
Test Fourth
Test constructor
Test constructor(10)
Test method
An instance initializer is executed during construction but after all other instance initializers and all (appropriate) constructors have finished. I should point out that this "trick" is also great in unit tests for populating collections.
...
something.addList(new ArrayList() {{ add("1"); add("2"); add("3"); }});
...
foo.addMap(new HashMap() {{ put("1", "one"); put("2", "two"); }});
...
|
|
||
|
A question was recently posted on the CJUG forum with regards to the following code:
int i;
i = 1;
i = i++;
System.out.println("i: " + i);
The poster wanted to know why in Java the result was If you're like me, the first thing that popped in your head was: This person does not have a clear understanding of the postfix increment operator does. Let's tell him to go suck an egg and get a clue. But then I remembered back to the days when I didn't know what I was doing either and all of the kind and gentle people on usenet that steered me onto the path of knowledge. In case you're having trouble getting over that hurdle, you can look at the problem as follows:
int[] a = { 0, 1, 2 };
int i;
i = 1;
a[i] = i++;
System.out.println("a[0]=" + a[0] + ", a[1]=" + a[1] + ", a[2]=" + a[2]);
which is slightly more palatable and results in the following: a[0]=0, a[1]=1, a[2]=2 I'll spare the long winded answer to the reason why Java returns what it does and refer you to a Java forum posting. (Though if you want me to ramble on about it, just ask!) That takes care of the Java part, but what about C / C++? Well, if you didn't get all soft and squishy developing in Java all these years, you'll remember that the order of evaluation of operands of individual operators and the order in which side effects take place is unspecified in C / C++. You'll also start remembering about sequence points and all of that but before you begin to spasm uncontrollably, you'll remember that you've left all that behind you now. At the end of the day, the fact that the particular C / C++ compiler, runtime, etc resulted in
...in C that statment might assign 0, 1, 42, -1 or any other value to There is also Steve Summit's famous response which provides links to the C FAQ for more information. |
|
||
|
I spent some time a few days ago working with JBoss to determine if it would be a valid service oriented platform for autonomic computing. You can read my multiple JBoss JMX posts for more information. Until a more well defined service lifecycle exists ala JSR 77, the ability to autonomically manage a JBoss service is not possible. I'm looking into OSGi, Avalon and Excalibur next. (If you're like me and forget how Avalon, Merlin, Excalibur, etc are related then refer to this.) Stay tuned for results. |
|
||
|
Given the vast amount of crap that we as programmers need to know these days (which is growing exponentially) I typically wrap unknowns into a black box and add them to my list to check out at a later time. I typically associated a "magic" factor to anything that's in the core Java classes. Take for example how NIO's I assumed incorrectly that It's actually unfortunate that |
|
||||||||
|
I received a number of equiries to get performance numbers with larger numbers of clients. Unfortunately, I am limited to five client machines and one server machine. To increase the number of clients communicating with the server, I had to have multiple clients per machine. From the previous tests, a hypothesis can be made that the clients are either CPU or I/O bound. Adding more clients to each machine is not going to produce interesting results. The is essentially what was seen. There are a total of eight configurations (three with SSL and four without). To simplify analysis, each graph contains the results either from the three SSL servers or the four non-SSL. Three cases were chosen:
The same environment was used as in the previous tests. The choices (besides one client per machine) was completely arbitrary. Numbers were chosen such that the tests would complete in a reasonsable amount of time. Without SSL
With SSL
Analysis (see the other previous tests for more analysis):
A few tests were made to determine if the clients were CPU bound or IO bound. It could be guessed from previous results that they were IO bound (given the signature of the SSL results). Futher testing has shown this to be the case (e.g. all client echo validation was removed). Since the clients are IO bound, adding more clients to each machine would show no greater throughput to the server which is precisely what was observed in these tests. Link-back to main entry: NIO and SSL. |
||||||||
|
||||
|
In following with the previous tests, I performed a performance test of IO and Converted IO with SSL. The testing environment is the same as the previous tests except that anonymous software SSL was enabled. There are a total of three cases:
"IO" uses the standard Java IO (from the
Analysis (see the previous tests for more analysis):
A special thanks goes out to Carlo Segre for use of the cluster. Link-back to main entry: NIO and SSL. |
||||
|
||||
|
I took the opportunity to create a standard IO client and server and performed some changes / optimizations on the Converted IO. The source is available at the usual place. The testing environment is the same as the previous tests. There are a total of four cases:
"NIO" means that the component was created using only NIO. "IO" uses the standard Java IO (from the
Analysis (see the previous tests for more analysis):
A special thanks goes out to Carlo Segre for use of the cluster. Link-back to main entry: NIO and SSL. |
|
||||||
|
I finally had an opportunity to perform some performance testing on the source I made available. A few notes about the testing environment:
As with most performance tests, the results must be interpreted correctly and cannot be taken at face value. You should not look at absolute values but instead you should look at relative values and trends. For "pure test" results the environment was not ideal but for a more "real world" feel for how applications behave, the environment was adequate. There are a total of six cases:
"NIO" means that the component was created using only NIO. "Converted IO" is an NIO wrapper to All of the source for the clients and servers is available but the test harness is not available. It should be a trivial matter to create you own testing mechanism ideal for your environment. Ideally, there should be a standard Java IO implementation as a control but unfortunately time is not on my side.
A special thanks goes out to Carlo Segre for use of the cluster. Link-back to main entry: NIO and SSL. |
|
||
|
Kris mentioned something that I hear all the time in regards to SOA's: it's probably something you could implement using reliable JMS topics (I'm pulling this slightly out of context but it's relevant regardless.) To developers that have kept their eyes open for at least part of the past few years, SOA's will be "yeah, so what?" or "I can just do / I am already doing that with [blah]". For example, an enterprise service bus (ESB) can be considered to be MOM (message oriented middleware). Is "ESB" just another TLA (three letter acronym) that business people use to make themselves appear to be more intelligent? Maybe just a little. But really it's wrangling in a whole bunch of existing ideas (and some new ones like WS-*) and putting it under one umbrella. So if you get that deja-vu feeling you shouldn't feel uneasy. Rather than spouting out more goop, just the links below to get you a feel for what's going on:
|
|
||
|
I recently attended a CJUG talk given by Dave Thomas of The Pragmatic Programmers regarding decoupling code. This was a very well put together talk that was able to reach both novice and advanced developers. Based on this talk I am seriously considering purchasing some of the books that they publish. Thank you Dave for an excellent talk. |
|
||
|
There are a number of cases where something needs to be done only in the case where an exception is thrown (checked or not). A first pass on this would look like:
...
// allow the user to do something. If it fails for any reason
// the error flag must be set so that further operations are not
// attempted.
try
{
doSomething();
} catch(final Throwable t)
{
// some exception has been thrown; set the error flag.
error = true;
// continue the exception
throw t;
}
...
The problem with this is that unless the method signature includes
...
// allow the user to do something. If it fails for any reason
// the error flag must be set so that further operations are not
// attempted.
boolean exceptionThrown = true; // set to false -only- if successful
try
{
doSomething();
// no exceptions were thrown
exceptionThrown = false;
} finally
{
// if there was an exception thrown (exceptionThrown will have
// been set to false if an exception was -not- thrown) then set
// the error flag.
if(exceptionThrown)
error = true;
/* else -- there was no exception thrown */
}
...
Are there any better techniques out there or is this acceptable? |
|
||
|
Some quick notes on JMX and XML descriptors. I don't see anything about standardizing the XML format which is very surprising. Personally, I think the XMBean looks the most palatable. Currently there is only XDoclet support for XMBean. Modeler 1.1 mentions future XDoclet support. JMX is one of the few "Rob approved" XDoclet uses since it is not a "let's use a new technology everywhere it could possibly be applicable and more often than not, not applicable" case (we'll save that rant for another day). Update (August 13th) My XDoclet statements above may be a bit misleading. The JMX XDoclet task will write out standard JMX interfaces (which is very convenient). It will also write out XMBean and JBoss |
|
||
|
As was alluded to in the main NIO and SSL entry, I have made convenience code available at: http://www.realityinteractive.com/software/oss/index.html Refer to the release notes for information about what is been made available. If you have any comments or questions, just post a comment and I will respond as soon as possible. It is not mentioned in the source or readme (I will rectify this shortly) that the intention for the conversion is specifically for long running clients. No thought has been given to "fast attack" clients or server (e.g. HTTP). Performance results are available through the following links:
Link-back to main entry: NIO and SSL. |
|
||
|
I am using a NIO MALFORMED[1] OK, that's helpful. After a little code splunking I determined that this means that the error is "malformed" (pretty obvious) and the length is "1" (not so obvious). What's interesting about the Now I just need to determine why bytes that are supposedly UTF-8 have a value of Since my problem is clearly not on my end, I have added: decoder.onMalformedInput(CodingErrorAction.REPLACE); to circumvent the problem. This will use the |
|
||
|
There has been a lot of press around Aspect-Oriented Programming (AOP) and Software Development (AOSD). Every time I read an article such as this one the QA guy in me shudders uncontrollably. How can I possibly resolve the risk associated with AOP with the benefits that it is purported to provide? Also, given the inherent decoupled nature of AOP from the actual code (using, for example, deployment time AOP or byte-code based AOP), how can one effectively perform change managment? Recently, I attended a JBoss discussion in hopes that it would quell some of my AOP concerns. Instead, the exact opposite occurred. Scott Stark managed to scare the bejesus out of me with transactions and protocol concerns being injected at deployment.
I know that these "advances" provided by AOP sound great to the trench developer (to which Mr. Stark was directing his discussion) that would normally have to struggle to create this functionality but there are clearly maintenance concerns with these approaches that have yet to be addressed. Rickard Öberg voices some of my current concerns but unfortunately, like most developers, he limits it to "testing". Testing isn't the only concern; it's the full product life-cycle. I typically associate a 5 to 1 ratio of maintenance and debugging time to initial development time on any piece of complex code (where I will leave complex undefined here) throughout its lifecycle. If AOP is only addressing the "1" part of that ratio while increasing the "5" part then that's pretty crappy! This thread (based on Rickard Öberg's blog entry) has some interesting insights. Do check other months for follow ups to the thread or related threads. [The AOSD links go down from time to time.] People have spent a good deal of time claiming the programmatic benefits of AOP, but now it is time to start looking forward at debugging, maintaining, changing and growing AOP based code. |
|
||
|
I'm interested in an SOP (service oriented platform) for some of the work that I'm currently doing. It would make my life much easier if there was a container with which I could register my services that would take care of lifecycle concerns. After doing a little research to see what's going on out there I started looking at JBoss's
/**
* The Service interface.
*/
public interface Service
{
/**
* create the service, do expensive operations etc
*/
void create() throws Exception;
/**
* start the service, create is already called
*/
void start() throws Exception;
/**
* stop the service
*/
void stop();
/**
* destroy the service, tear down
*/
void destroy();
}
(The above code is available under the LGPL.) Do you notice anything missing from the above interface? What's the threading contract?!? Should I'll spare everyone the rant and I will just say: Please document the complete contract on important interfaces. When you write javadocs, ask yourself what would someone need to know that has never seen the code. Attempt to place yourself into their shoes and you will likely end up with more useful javadocs. |
|
||
|
In my persuit of a 1.4 NIO + SSL solution I had a momentary glimmer of hope in A server socket will have a channel if, and only if, the channel itself was created via the ServerSocketChannel.open() method. This was confirmed with a trivial test. At first I thought that I was cut off at the knees. I now believe that I have been cut off at the torso. I should mention that because of IllegalBlockingModeException - if this socket has an associated channel, and the channel is in non-blocking mode. I would have been screwed in any case but at least getting at the channel would have made me feel better. Link-back to main entry: NIO and SSL. |
|
||
|
This blog entry mentions serious performance concerns regarding |
|
||
|
It boils the blood that the pair These interface-type defects and inconsistencies are common throughout the package hierarchy. I was hoping that the next major release of Java would make a concerted effort to clean these up but it looks like that's not going to happen. Phooey! Note to self: file RFE on Java bug parade for these interfaces. Link-back to main entry: NIO and SSL. |
|
||
|
I was attempting to use a vanilla SSL server and client socket (such as outlined in this article) but kept getting the dreaded: javax.net.ssl.SSLException: No available certificate corresponds to the SSL cipher suites which are enabled. The usual searches turned up a million posts about junk I already knew. The JSSE ref guide is great for people that already know what they're doing an is therefore self deprecating. The long and short of it is that if you use a default
final SSLServerSocketFactory sslSocketFactory =
(SSLServerSocketFactory)SSLServerSocketFactory.getDefault();
final SSLServerSocket sslServerSocket =
(SSLServerSocket)sslSocketFactory.createServerSocket(port);
// use an anonymous cipher suite so that a KeyManager or TrustManager
// is not needed
// NOTE: this assumes that the cipher suite is known. A check -should-
// be done first.
final String[] enabledCipherSuites = { "SSL_DH_anon_WITH_RC4_128_MD5" };
sslServerSocket.setEnabledCipherSuites(enabledCipherSuites);
A unless you do the same on the client side, you will receive the following:
javax.net.ssl.SSLHandshakeException: no cipher suites in common
javax.net.ssl.SSLHandshakeException:
Received fatal alert: handshake_failure
Link-back to main entry: NIO and SSL. |
|
||
|
To aid in debugging JSSE (J2SDK 1.4 and greater) use: -Djavax.net.debug=all The usefulness of this cannot be expressed in mere words. |
|
||
|
While looking for the current paradigms on storing passwords in Java I stumbled on this Security IQ Test. It's a bit thin but at least you can get a feel for if you know what's going on at a fundamental level. Perhaps the best part is the answers provided after you get your score. This is also an interesting thread. The question that I currently have is: what is the correct techique for obtaining passwords from a configuration file? Currently I store system passwords in an encrypted properties file. Do I have to read and decrypt the properties file each time I need the passwords? I don't think that just reading the passwords once on start makes sense (for the same reason that you use |
|
||
|
I was doing some work this morning with passwords stored as final char[] passwordCopy = new char[password.length]; System.arraycopy(password, 0, passwordCopy, 0, password.length); I stopped myself and said: Hey! Why am I doing that when arrays have a convenient final char[] passwordCopy = (char[])password.clone(); The QA side of me really likes the latter approach as it has a much lower risk associated with it (i.e. there are fewer ways to make a mistake), but the performance side said Whoa! Let's take a look at performance first! I was going to write up a quick test but the lazy side of me went to Google first. This page has a nice test and performance numbers. The shocking result is
.clone(): 2.26
System.arraycopy(): 1.27
for-loop(): 1.00
|
|
||
|
I was talking with another developer the other day and he revealed an interesting piece of information: he believed that comments and code style were a matter of personal choice. To me this was like believing that the world was flat and then having someone say that it's round. All of that time I spent perplexed wondering why I couldn't see things from long distances over a "flat" plane finally become crystal clear. Learning that developers may believe comments and code style are a matter of personal choice has allowed me to understand and put into perspective a number of other conversations that I have had with developers. Code comments and style are a function of quality. This is currently my running hypothesis that I am attempting to prove through empirical evidence. My non-scientific research has shown it to be true. The difficulty in firmly establishing quantitative evidence for this hypothesis stems from the fact that, for example, diligently and effectively commenting code intrinsically changes ones approach to coding. In other words, you cannot separate out the processing of adding and maintaining comments without changing the nature of how one programs. |
|
||
|
In an attempt to dispel the "I don't need to comment my code since if the code is written clearly enough it should describe itself" theory, I present the following: The purpose of code comments is to present intent. A software defect is a deviation from intent. This definition does not make a distinction between implicit (i.e. expected but not defined in a requirement) and explicit (i.e. defined in a requirement) intent. Code is incapable of sufficiently presenting desired intent. Proof I will provide an indirect proof of Theorem 1.1 by assuming "code is capable of sufficiently presenting desired intent" and obtaining a contradition. Choose a section of code that contains defects. By Definition 1.2 this section of code does not correctly describe the intent. QED Notice that Theorem 1.1 contains the word desired. This is necessary to distinguish between the intent that a section of code with defects presents and the intent that is required. Also notice that Theorem 1.1 contains the word sufficiently. Later entries will expound on this in more depth but for now it will suffice to say that code utilizing crafty programming may obfuscate intent. I do acknowledge that for those who use the "I don't need to comment my code since if the code is written clearly enough it should describe itself" to mean "I'm too cool / talented / whatever to comment" or to cover for "I'm too lazy to comment" that my argument will have fallen on deaf ears. I'm getting to you next! |
|
||
|
As if the previous Update After I determined that the write selector was lying to me on Linux, and after pouring over Stevens' Advanced Programming in the UNIX Environment to refresh my memory on Update II It seems that the results of drain-then-fill are dependent on how the sink is filled. If the sink is filled one Closing thoughts Given that Linux's write selector is not accurate and always returns "none available" when there is data in the pipe (but will always return "go ahead" when the pipe is empty), it is nearly impossible to generically replace a file or network channel with a Link-back to main entry: NIO and SSL. |
|
||
|
The number of Windows will eventually give you the known value of The code used is as follows:
// create a Pipe and retrieve its sink and source
// NOTE: the sink and source are SelectableChannels
final Pipe pipe = Pipe.open();
final WritableByteChannel sink = pipe.sink();
final ReadableByteChannel source = pipe.source();
// set the sink to non-blocking and create and register a write
// Selector on it. The Selector is used to determine when the sink
// is "full".
// NOTE: the cast is required since there is no common super-type
// for selectable + readable / writable
((SelectableChannel)sink).configureBlocking(false/*non-blocking*/);
final Selector writeSelector = Selector.open();
((SelectableChannel)sink).register(writeSelector, SelectionKey.OP_WRITE);
// continue to write to the sink until it is "full"
// NOTE: the sanity upper-bound is used to ensure that, in a remote
// case, a sink is not infinite
final ByteBuffer writeBuffer = ByteBuffer.allocate(BUFFER_SIZE);
for(int i=0; i<BUFFER_SIZE; i++)
writeBuffer.put((byte)(i & 0xFF)); // arbitrary
writeBuffer.flip();
boolean isInfinite = true; // set to false if limit found on write
int numberOfBytesWritten = 0;
for(int i=0; i<UPPER_BOUND/*sanity*/; i++)
{
// ensure that data can be written
// NOTE: selectNow() is used so that it does not block
if(writeSelector.selectNow() > 0)
{
// clear the selected keys (required)
writeSelector.selectedKeys().clear();
// write the data
// NOTE: the actual data written is arbitrary
numberOfBytesWritten += sink.write(writeBuffer);
writeBuffer.rewind();
} else
{
// the sink is full. Flag that a limit was found and break
// out of loop.
isInfinite = false;
break;
}
}
And, no, changing I should mention that An interesting Linux tidbit: if the following code is added after the code listed above with a // attempt to write more to the sink even though we shouldn't be // able to writeBuffer.limit(1/*writes one byte*/); numberOfBytesWritten = sink.write(writeBuffer); writeBuffer.rewind(); It seems that the Linux write selector is lying to us. This is not the case on Windows. Link-back to main entry: NIO and SSL. |
|
||
|
Here's some Q:What happens when you close the sink of a pipe? For all those that answered "The source returns Q:What happens when you close the source of a pipe? Belt it out! "Writing to the sink will throw
The concern is the windows case where a write (or multiple writes) can be performed successfully. Why isn't there a Expect to see a defect report / RFE in the bug parade on this topic. A big hearty thanks goes out to Igor for doing the Linux testing! Link-back to main entry: NIO and SSL. |
|
||
|
If you've been following my lamenting over NIO and SSL then you can probably guess that I've made it to step 5 (acceptance). I had a moment of elation this morning when I found another one of those obscure NIO classes: First grieveing and now momentary elation followed by good swift kick in the gut. Doesn't Sun care about the unstable mental state all of this has left me in?!? Side note: isn't it annoying that there's no interface that describes a selectable, readable / writeable channel? In other words, there's no common way to describe a |
|
||
|
I have worked with NIO quite a bit in the past. It has a high activation energy but once you're over that initial hump, it's pretty smooth sailing. I find it difficult not to write non-blocking IO these days. I recently wrapped up a client / server prototype and I am just beginning to get it ready for a "real world" test. The first thing that I thought of was SSL. So like all good programmers, I brought up Google and typed "NIO SSL". Much to my chagrin I find that it is not possible to combine NIO, To make a painful story short, there is no information regarding SSL ever being a possibility with NIO in 1.4. 1.5 will introduce an For those in the same boat as I am, there are solutions for using I'll spare you the Sun rant but let's just say that I'm less that impressed with their decisions to not provide SSL with NIO and to, for all intents and purposes, cover it up. When you read the 1.4 datasheet about NIO and then about JSSE, you get the impression that all is just sunshine, rainbows and lollipops. How can one think that it's acceptible to provide developers with the ability to "write ultra-scalable, high-performance server applications" without parity with existing sockets? And then, in 3 years, not make up for the discrepancy? If you're into conspiracy theories, what do you think about the missing RFE for SSL + NIO? My tin foil hat has been firmly placed on my head! Follow up: I've been doing a lot of poking around to see if there are freeware implementations of JSSE that support NIO. There aren't. I did find this interesting link. Given all of my ramblings about features vs. quality, if Sun didn't ship SSL with NIO due to quality risks then I can buy that. If Sun hasn't shipped an updated JSSE for NIO due to pervasive changes required then I can buy that too. The length of time between releases is just hard to swallow. As you may be able to tell, I have moved onto phase three of the Kubler-Ross 5 stages of grief. The initial entry was written while firmly in phase two. I fully expect to be at phase five by mid-day tomorrow and I will begin to find an acceptable solution to my current problems. Related Entries
|
|
||
|
final JarFile jarFile = new JarFile("rt.jar");
System.out.println(jarFile.getEntry("/java/lang/Object.class"));
System.out.println(jarFile.getEntry("java/lang/Object.class"));
will return:
null
java/lang/Object.class
In general, this is not a big deal. But when manually parsing URLs (don't ask) such as:
jar:file://rt.jar!/java/lang/Object.class
it can bite you in the butt. |
|
||
|
While doing my standard early morning web-walk I stumbled on a mother lode of J2SE 1.5 information. JDiff isn't necessarily 1.5 specific, but it allows you to see all changes that occurred in the API. JDiff is one of those thing you wish you stumbled on years ago. While perusing the diff on |
|
||
|
Given the plethera of "enabling technologies" such as J2EE, does web programming (specifically, tier two -- business logic) make for a lazy developer? In the recent past, I was prototyping a web application using Spring, Struts, and a few other technologies sprinkled in for good measure. After a few weeks of stateless whos-its and whats-its, injecting transaction doo-dads, and so on, I moved on to a project involving NIO, wire protocols, and high degrees of concurrency. Getting back into the swing of worrying about multi-threaded issues, object creation weight, and the like was not a trivial excercise. Let me stress that I'm not referring to API nuances. I'm speaking to the vastly different sets of skills that need to be employed. I felt that a much larger degree of care and awareness was needed when dealing with "systems programming". The web technologies on the other hand made me feel less concerned: "JTA will handle that for me so I don't need to worry." Don't get me wrong, JTA, JMS, JNDI, etc are wonderful things that eliminate much of the tedium and start-from-scratch'ness that allows projects to get done are the current break-neck pace. (I admit that I am making the overgeneralization that enabling technologies and web development are synonymous.) But does all of this "simplification" provided by enabling technologies allow developers to go lax? ... or has all of the hype and marketing surrounding these enabling technologies simply obscured the diligence required? |
|
||
|
How many times have you seen the following?
public void myMethod(...)
throws ...
{
try {
... entire method is here ...
} catch(SomeException se) {
....
}
}
Consider when entire method is here is more than a dozen lines or so with a number of statements that throw Limiting the scope of A common case to watch out for is one where a There are cases where a large |
|
||
|
I constantly run across code that looks like:
public class FileReader {
...
/**
* <p>Reads the file with the specified name and returns the
* contents in a {@link java.nio.ByteBuffer buffer}.</p>
*
* @param filename the name of the file to read
* @return an allocated (not direct) <code>ByteBuffer</code>
* with the contents of the file
* @throws IOException if an I/O error occurs
*/
public ByteBuffer readFile(final String filename)
throws IOException
{
...
}
...
}
What's wrong with that? you're probably asking yourself. It's even got comments! The title of this entry should give you a little clue. I will spare you the rant and soap box about the proper use of exceptions and attempt to appeal to your common sense: If you, as the developer of the function, couldn't handle or recover from the The interface or contract that you expose should not break encapsulation. The fact that you (as the developer) have I/O issues to deal with doesn't need to be exposed out to the user. What the user cares about is: did the function succeed or not, and if not, are there cases that they can possibly recover from. A more sane interface might look like the following:
public class FileReader {
...
/**
* <p>Reads the file with the specified name and returns the
* contents in a {@link java.nio.ByteBuffer buffer}.</p>
*
* @param filename the name of the file to read
* @return an allocated (not direct) <code>ByteBuffer</code>
* with the contents of the file
* @throws NoSuchFileException if there is no file with the specified
* name
* @throws ReadFailedException if there was any unrecoverable
* problem while reading the file
*/
public ByteBuffer readFile(final String filename)
throws NoSuchFileException, ReadFailedException
{
...
}
...
}
This interface throws two exceptions: What's more is that by not throwing The next time that you are developing an interface, think about how a user will use that interface. Get into their shoes and think about their concerns. And most importantly, make sure that you're not breaking your own encapsulation. |
|
||
|
If you use Perforce I find it best to start off a new change with "New Changelist" and a rough outline of what I intend to do. This is a nice way of informing others (especially in a decoupled work environment) what you are going to be working on. As I begin to make changes I will "Edit spec" to keep the change list description up to date. This ensures that not only will others be aware of what I am doing but I wont run into the dreaded situation where I don't actaually remember all of the changes that I made. Don't forget to add the added, updated, or deleted files to this changelist as you go. |
|
||
|
I end up doing a lot of marshalling between Java and C over the wire. ByteBuffers are a natural fit for this situation given The problem comes in when dealing with Strings. There's no 0062006f 006c006c 006f0063 006b0073 .b.o.l.l.o.c.k.s This is all fine and dandy if you're going to another Java application (or something that's commonly double-byte) but when going to vanilla C you're looking for single byte characters. Your next bet is to try: final String string = "bollocks"; final ByteBuffer buffer = ByteBuffer.allocateDirect(string.length()); buffer.put(string.getBytes()); This is fine and dandy for most applications. (It should be noted that the default character set is used in the transformation and that unless this code is used in a controlled environment, you may end up getting final String string = "bollocks"; final byte[] stringBytes = string.getBytes(); final ByteBuffer buffer = ByteBuffer.allocateDirect(stringBytes.length); buffer.put(stringBytes); Or even better yet, explicitly put the charset in So what am I complaining about? Everything seems fine. That's true up to this point. But what if you need to chunk up the string? CharBuffer provides If you're NIO Charset savvy then you may have said to do:
final String string = "bollocks";
final Charset charset = Charset.forName("UTF-8");
final ByteBuffer buffer = charset.encode(string);
This kills lots of birds with a single stone and is very tight code. ("UTF-8" must be supported by Charset so there's no need to check.) The parallel code for chunking is similar:
final String string = "bollocks";
final Charset charset = Charset.forName("UTF-8");
final CharBuffer charBuffer = CharBuffer.wrap(string, 0, 3);
final ByteBuffer buffer = charset.encode(charBuffer);
(where the loop over the remaining chars is not shown). Again, this is nice code that solves the problem. So what am I still complaining about? Well, it's better on the memory consumption but, even though I know the size of my chunking and can allocate a ByteBuffer of this size, I have to allow it to allocate the buffer for me. If really know your
final String string = "bollocks";
final Charset charset = Charset.forName("UTF-8");
final CharsetEncoder encoder = charset.newEncoder();
final CharBuffer charBuffer = CharBuffer.wrap(string, 0, 3);
final ByteBuffer buffer = ByteBuffer.allocateDirect(3);
final CoderResult encodingResult = encoder.encode(charBuffer, buffer, true/*no more input*/);
This is an "elegant" solution that allows for reuse of the ByteBuffer and fits the bill almost exactly! There is the extra CharBuffer in there that has to suck up space but at least it's limited in size. |
|
||
|
I was cleaning up some JavaDocs yesterday in a large, multi-project code base. The process was getting tedious so I enlisted the help of my old friend GSR (global search and replace). Since I wanted to update java files, text documents and package HTML files, I opted to use Everything was going well but then my IDE (Eclipse in this case) starting throwing a fit. I was getting AST creation errors all over the place and it seemed as though the world was caving in. I attempted the old tried-and-true technique of software; I restarted the IDE. No go. Same errors. I was near the point of panic when I took a look at the IDE's log. The first thing I see is To make a painful story short, it turns out that the GSR was doing replacement in JARs as well as text files. This was corrupting the header and I want to hand it to the Eclipse people for making the IDE tolerant to the stupidity of the average Joe out there doing his best to muck things up. Sure, I got errors up the wazoo but had I taken a moment to look at what they were really telling me I would have figured out the problem instantly. Perhaps this should have been titled "When programmers are too smart for their own good!". |
|
||
|
I just about pulled my hair out over the weekend on a bug that was time dependent. The code roughly looked like:
final int index = (int)(System.currentTimeMillis() / intervalPerFrame) %
numberOfFrames;
final Frame frame = frames[index];
This is perfectly legimate code and ran just fine a few months ago but was now throwing So how could a series of positive values return a negative number? Well, it just so happens that on Saturday, January 10th at 7:37:04AM 2004 the time in milliseconds goes from Lesson learned: be much more careful casting |
|
||
|
I constantly hear developers calling testing QA. "Send the build to QA". Based on ANSI/IEEE standards:
The key difference to remember is that QA is interested in the process whereas testing and quality control are interested in the product. Having a testing component in your development process demonstrates a higher degree of quality (as in QA). Testing links
Testing / QA FAQs
Test Interview Questions
General interview tips
For those of you who also want the answers to these questions I offer you the following advice: if you spend the time to look up the answers yourself then it is much more likely that you will have a greater understanding of the answer and you will be more confident when talking with the interviewer or when taking the test. I cannot stress enough to everyone to spend some time looking for answers through Google before posting your questions here. I enjoy answering the occasional difficult or obtuse question, but when I'm swamped with a hundred questions whose answers are easily found via Google then it's hard to become motivated. For example, someone asked: "please explain how to test a web application with winrunner or with any other testing tool". If I go to Google and type in "testing web application", I find Downloadable Reference Library Testing Web Applications which has more information than I know what do to with. This page has links to a Winrunner 7.0 tutorial, users guide, and TSL (Test Script Language) reference. It should be very helpful for those of you that are interested in learning this tool. A WinRunner FAQ is located here. |
|
||
|
Which is a better choice?
There is no clear-cut answer to this: "it depends". Let's throw out numbers to attempt to make sense of this. It takes 5 man days to implement a change using technology number one that has an average bug rate of 1 bug per week. It takes 0.2 man days to implement a change using technology number two but it has a bug rate of 10 bugs per week. This means that technology #2 is 10x more error prone but takes 25x less effort to use it. From this, it appears that it is better to use the more bug-prone technology than it would be to use the restrictive technology. This is obviously a contrived case. The gedankenexperiment behind all of this is to determine when one should introduce a technology into a project in order to reduce risk (in this case, bugs). If a technology has high costs associated with its use (e.g. time, training, personnel) then it may not reduce the overall project risk. Bottom line: Understand all risks associated with a new technology and appropriately factor those into the over-all risk of the project. If the risk increases, it may not be worth while to use technology. If the risk decreases, then the technology will likely provide the desired returns. If there is no appreciable change in risk, then look at other factors such as long-term benefits, project duration, and cost. |
|
||
|
I have been doing to research lately into natural language processing (NLP) and information extraction (IE) when I stumbled on The Double Metaphone Search Algorithm and phonetic distance. This is a good starting point for reference information. |
|
||
|
I was just working with some of the testing folks and they were talking about NAPs and WADs. I had never heard these TLAs (three letter acronyms) before so I had to look them up:
You learn something new every day. |
|
||
|
A colleague of mine and I were chatting around the proverbial water cooler this morning when we ventured onto the topic of developer skills. Do developer skills scale with increasing complexity and project size? Personally, I have witnessed excellent small project programmers completely fall apart on large projects. I have also seen programmers get barreled over by a complex software suite. Is this a marking of cognitive ability, a lack of developed or necessary skills, or do the possessed skills simply not scale? What do you think? |
|
||
|
How many time have I heard a programmer say: "If the code is written well enough, there's no need for comments". This statement could not be farther from the truth. The code, sans comments, obviously defines the what and how: what does the code do and how does it do it. But what is missing from this is the why: under what conditions and what assumptions were made. Comment Types and Categories Before discussing commenting practices let's break down the various types of comments. Some of these are specific to Java and javadoc but it should be an easy exercise for the reader to extrapolate to other langauges.
These comment types can be divided into categories:
Commenting Guildelines
Comment Notifiers It is common to see
Ex: "PERF: ArrayList is explicitly used (rather than List) to minimize the overhead of polymorphism" At times the modifiers can be ambiguous; a |
|
||
|
I'm constantly at odds with my developers over the importance of documenting why a piece of code does what it does. Having been in the code maintenance business for a long time, I have learned the hard way that a particular implementation is only valid for a particular set of conditions. Unless those conditions are well documented, there is no way to effectively determine if the code is valid in another (perhaps the same since there is no way to know) situation. Some examples of questions that should have documented "why"s:
Pulling an example from my own code: "There are certain optimizations that have been made in the writer based on the fact that the send timeout is a constant and is based on the time at which a message is added to the queue (i.e. the queue will contain monotonically increasing timeout values). This implies that until the currently active message's (the message currently being written) timeout occurs, no other message in the queue needs to be checked." As time went on, it was determined that there would be messages that never timed out. This means that the constraint that the timeout values are monotonicly increasing was no longer valid and therefore the implementation was no longer valid. Only by specifying the conditions under which the code was written (assumptions that were made) was it known that the implementation needed to be changed. It is common for the conditions under which an implementation is written to be defined in other systems or documents such as requirements or the bug tracking system. Unless the conditions are presented either within the code itself or the same directories as the code the correlation is lost. Also, the implementation typically has its own specific set of conditions that would not be found in requirements. There is little actual overhead in serializing these conditions as, by definition, they are all known at developement time. In other words, the conditions are all known, they simply must be written out. Once a suitable convention has been established for this documentation and the developers overcome the initial inertia of performing this task, it becomes very natural. Any minimal time lost over the process of typing is overshadowed by the extra level of communication that it provides. |
|
||
|
My wife asked me the other day why is it called a "smoke test". I honestly didn't know. Here's what Jargon has to say about it:
|
|
||
|
I have been involed in architecting and writing web applications as long as there has been a "web". Recently, I have been doing due dilligence on web architectures. Most architectures recognize the value in the Model 2 (or MVC) approach in their design. But is this this sufficient? This is a work in progress so excuse the mess and please check back for updates. Intended audience
This article is geared towards enterprise web applications. An enterprise web application in the context of this article consists of the following:
If your application does not fall under the above constraints then the concepts defined herein may not apply. For example, introducing Model 2 into an environment where there is only one developer may kill productivity due to the overhead associated with the multiple layers. Starting points
There are just as many starting points as there are web frameworks. Below is an attempt to enumerate a few of the initial conditions for a web-enabled application.
What's going on?
I was originally going to do a full write-up on the request / response, MVC, and the like but after re-reading Designing Enterprise Applications with the J2EE(TM) Platform, Second Edition and MVC Detailed it would be significantly redundant. I will be updating this entry with more information using the above link as a reference. |
|
||
|
I have been involved in a code review for the past few days. Time and time again I have come across code that fits into the "if you know something will never happen, it most certainly will" category of development. Take a look at this example:
List users = session.find("select u from User u where u.loginName = ?", ... );
if(users.size() > 0) {
...
return true;
}
return false;
This probably looks like 99% of the code out there. The problem is that you're only concerned with the case where the size is equal to one. The case where the size is greater than one is undefined. I know, you're thinking to yourself: "But that will never happen since I have unique constraints on my primary keys. The entry app will puke when it attempts to enter more than one row." Never say never. A few years ago I was working on an application with the same constraints. In order to speed up and allow for an ETL operation that the DBA was doing, he disabled the all of the constraints and forgot to re-enable them. Rather than having logging in place that would have caught this error immediately, a few weeks went by without anyone noticing. Needless to say, it took a few weeks to clean up the resulting mess. Oh, did I forget to mention that this was a production database? A more sensible and defensive coding strategy would be:
List users = session.find("select u from User u where u.loginName = ?", ... );
// NOTE: the size of users is expected to be [0, 1]
final int usersSize = users.size();
// if the size of users is greater than one, log an error
// but continue as this is not fatal
if(usersSize > 1) {
// log something
...
} /* else -- users size is not greater than 1 */
// there is at least one user. The first user will always
// be used.
// NOTE: more than one user may be present at this time.
// This case can be safely ignored at this point.
if(usersSize > 0) {
...
return true;
} else if(usersSize == 0) {
return false;
} else { // usersSize is less than zero
// this is an error that cannot be attributed to this code
// in any way.
throw new DeveloperException("<some helpful text>");
}
It is up to your particular application guidelines to determine whether or not the exception cases should be immediately bubbled out to the user as errors. Personally, I am not a big fan of |
|
||
|
It seems that every discussion about Eclipse these days quickly degrades into a fighting match about Swing (AWT) vs. JFace (SWT). "Swing is great and it's part of Java. You'd be a fool to anything else!" Rather than attempt to obliterate SWT why don't we embrace it as the must needed alternative. Compitetion is a good thing; it forces each product to a higher level of quality. APIs (especially those for UIs) are not one stop shops. Each product has its pros and cons and having multiple products allows each developers to choose what is best for a particular application. Like Linux to Microsoft, Pepsi to Coke or any coffee house to Starbucks, having Jface / SWT provides a much needed alternative to the firmly implanted incumbent. And having a choice makes everyone happy. |
|
||
|
int hashValue = 0;
for(final Iterator i=entrySet().iterator(); i.hasNext(); )
hashValue += i.next().hashCode();
(This is noted in the javadoc for If you have a significant number of entries in your I would recommend subclassing and overriding
int hashValue = 0;
for(final Iterator i=keySet().iterator(); i.hasNext(); )
hashValue += i.next().hashCode();
as it is common to use simple types for the keys of a map. The use of If two objects are equal according to the equals(Object) method, then calling the hashCode method on each of the two objects must produce the same integer result. contract of If you're jamming a Don't forget that you're still going to get hit with the |
|
||
|
It seems that Kris has been lured toward the sirens that are the proposed JDK 1.5 static imports. I am convinced that static imports will reduce code clarity and therefore increase the bug rate. I offer a contrived example to demonstrate my position: I am working on a class that staticly imports According to the updated JLS: A static-import-on-demand declaration never causes any other declaration to be shadowed. That's fine but it does create confusion on the order of that that would be caused by operator overloading (which is not in Java due in part to "added complexity" associated with it). For the sake of this example, let's say that public static float sin(float angle); public static float sin(double angle); (again, this is contrived to prove a point) and the signature that I added to my class is: float sin(float angle); The call to ... float angle; ... rotated = PI * sin(angle); ... In this exmaple, it may be easy to determine which public static float sin(int angle); that I want to staticly import. I can't do it according to the JLS: If two single-static-import declarations in the same compilation unit attempt to import members with the same simple name, then a compile-time error occurs, unless the two members are the same member of the same type, in which case the duplicate declaration is ignored. So you hopefully see the mess that I'm in. I'll attempt to illustrate to drive the point home.
import static java.lang.Math.*;
import com.someco.MathFunctions; // can't be static
private float sin(final float angle) { ... }
public class ContrivedExample {
...
float angle;
...
rotated = PI * sin(angle); // from local sin()
...
other = sin(angle / 1.5); // from java.lang.Math (1.5 is double)
...
uugh = MathFunctions.sin((int)(angle / 65535)); // from MathFunctions
...
}
That is a debuggers worst nightmare. Of course placing strict coding constraints on how, when, where, and under what conditions static imports are used will help alleviate these problems but given a large set of imports, it might be easier said than done. David Flanagan has also touched on some other issues -- specifically, how one can import a method with the same name but different signatures. Static imports "solves" something that was never a problem to begin with (i.e. explicit names are a good thing). A more suituable solution to this "problem" would be in-line (or horizontal) code folding; just as some IDE's provide the ability to vertically fold various scopes, horizontal folding would fold the qualifier of the name. Updated April 23 at 11:45AM |
|
||
|
My education has been molded within the tenets of the natural sciences. We would follow the scientific method. We had sayings like "if you didn't document it, it didn't happen!". We had a set of common accepted techniques that were used as building blocks to achieve a desired result. Fast forward to the present day and my current foray into computer science. I have struggled to impress the tenets of the sciences into every environment I have participated in: tests exist to ensure correctness and conformity; all code is consistent and thoroughly documented; patterns and common libraries are used. It seems the efforts I take are not universal. I do not claim that I am the only one following these tenets, but I will insist that I am in the minority. Are we practicing computer science or computer art? :s/science/engineering/g
|
|
||
|
From the constructor of
// Find a power of 2 >= initialCapacity
int capacity = 1;
while (capacity < initialCapacity)
capacity <<= 1;
this.loadFactor = loadFactor;
threshold = (int)(capacity * loadFactor);
table = new Entry[capacity];
where
loadFactor = 0.75;
If So what does this all mean? Given a distribution of hash values that fills each bucket only once (such as adding integers) and the default load factor of It should also be noted that chaining is dominant for small non-power-of-two initial capacities (again, given the default load factor). Something to keep in mind. HashMap hash function problems in 1.4.0 |
|
||
|
Incidents like the code snippet below underline the root cause of failure on most projects (and why I fully expect to die from a heart attack at a very young age): if(!((yearObj.options[yearObj.selectedIndex].value / 4).toString().indexOf('.') == -1))
(Sorry about any line wrapping that may have occurred.) That beautiful specimen was purported to compute if a selected year was a leap year or not. No, really. I could spend the rest of this day discussing the failure of the industry to police itself to maintain minimum standards, how programmers are not just generic blobs that can be pulled from one project and jammed into another, how lack of time and infrastructure perpetuate catastropic problems, etc, etc, etc ... but I wont. Another one just in (from the same person as the beauty above): for (var i = 1; i < days + 1; i++)Of course there is nothing inherently wrong with the statement, but what is wrong is that there is a fundamental un-understanding (rather than a misunderstanding which implies that there is some understanding to begin with) of the principles of software engineering. |
|
||
|
While attempting to copy a file's contents to an array of Nothing earth shattering here but it was one of those Hmmmm moments. |
|
||
|
Tip: Be wary of something working on the first try. If something works on the first try, it's guaranteed to be screwed up in some way. A common one for me, as it's easy to forget, is enabling Java's assertions. They're disabled by default and if you use an IDE's fancy doo-dads to automatically run your JUnit tests then it wont have the assertions enabled (you typically have to manually enable them). All shows green and you move on. At some point later you hit an NPE ( |
|
||
|
Java Tip: Put string constants on the left side of a This prevents the dreaded
if(name.equals("rob"))
return;
should always be written as:
if("rob".equals(name))
return;
"rob" will never be null so this is NPE safe. |
|
||
|
Tip: Never check for a single value when you actually are interested in a range. The common case where this occurs is with sizes (list, arrays, etc). The statement:
if(list.size() == 3)
return;
or:
for(int i=0; i!=10; i++)
...
is error prone and should be avoided at all costs. Why? Most of the time the list will have multiple entries added (this is especially poignant in the case of MT (multi-threaded) code) and an equality can be missed. In the for-loop case, it is common (but oooohhh so bad) to see the loop counter manipulated in the loop body. So the correct statements would be:
if(list.size() >= 3) // or (list.size() > 2)
return;
and
for(int i=0; i<10; i++)
...
This is called coding defensively. You're preventing bugs before they've had a chance to form. |
|
||
|
I am always looking for ways to increase code clarity and reduce confusion and maintenance associated with "dangling methods". What's a dangling method? It's a method that is only used by another method to reduce code duplication. The scope of this method should therefore be local to only the calling function. I tend to run into this problem when doing string manipulation. Currently I need to do a "last added character" for a CharBuffer. The only way to currently do this is to add a member function:
private char lastChar(final CharBuffer buffer)
{
// determine if there are already chars in the buffer. If
// there are none, throw.
if(buffer.position <= 0)
throw new IndexOutOfBoundsException();
/* else -- there are characters in the buffer */
// retrieve the last character placed into the buffer
// NOTE: the above check ensures that there will be a char
return buffer.get(buffer.position - 1);
}
to the class. This is no good since the scope of the method is too large. Large scope equals more time determining dependencies which equals more time to debug. If Java allowed for nested functions, one could write:
private String normalize(final String string)
{
...
// inner function for determining the last character
// added to a buffer
char lastChar(final CharBuffer buffer)
{
...
};
...
case '/':
if(lastChar(buffer) != '/')
...
...
}
Having nested (or inner) functions in Java would help enormously. Kris Wehner brought up a Smalltalk technique which would be somewhat useful in this case. What do you think a solution to this problem would be? |
|
||||||||||||
|
Performance of
For "normal" string processing there appears to be no difference between the two -- the effects are lost in the noise. For large strings (documents and the like), CharBuffer has a distinct advantage. CharBuffer has the perk of pointer-like manipulation via The only caveat with CharBuffer is that the size of the buffer must be known a priori. Notes:
|
|
||
|
I have found myself in a position where I am yet again wadding through the quagmire that are Java's URLs.
So what is the problem with Java's URLs? Archives (i.e. JAR and ZIP). Play around with URL's such as: jar:jar:file:///some/directory/file.jar!/nested/file1.jar!/finally.txtand you'll know the pain I feel. There will be more on this ... believe me! Side notes:
|
|
||
|
if(file.isDirectory())
// do something with a directory
else
// do something with a file
Unfortunately, the above is true if and only if Since it is possible for a file to be removed between
if(file.isDirectory())
// do something with a directory
else if(file.isFile()
// do something with a file
else
// do something with a non-existing file
A side note to this: |
|
Unless otherwise expressly stated, all original material of whatever nature created by Rob Grzywinski and included in this weblog and any related pages, including the weblog's archives, is licensed under a Creative Commons License. |
