Common Sense 4 Common People: Programming

November 15, 2009

Rules of program optimization

I recently watched a recorded presentation of Prof.Diomidis Spinellis, author of a couple of world famous books on programming, like "Code Quality". At some point Mr.Spinellis discussed the issue of program optimization and mentioned some famous quotes related to this issue, quotes that were also listed in his "Code Quality" book:

The First Rule of Program Optimization: Don't do it.
The Second Rule of Program Optimization (for experts only): Don't do it yet.

These come from M.A.Jackson. It is hard to exaggerate how much I agree.

I would like to add my own rules to the list :-) Maybe others have said similar words, but now I copy from my own brain:

The 3rd Rule of Program Optimization: Make sense of it in the real world first.
The 4th Rule of Program Optimization: Measure it and justify it before you commit to it.

Programmers often set sail to optimize a piece of code, just because it is plain for all to see that this piece of code CAN be optimized. However, you should do some serious thinking first to see whether it makes sense to optimize this piece of code. How often is it run, under which paths, how long does it take to execute, etc. For example don't optimize code to turn a 0.1 msec into a 0.01 msec if that runs once every minute.

Does it make sense to optimize a process that is executed once a day, if that process takes 10min, 20min, 120min, 360min? Would it make sense to optimize the 10min to 1min (10/1 improvement), the 120min to 30min (4/1 improvement) or the 360min to 120min (3/1)?

You definitely can't tell the answer by looking at the numbers. Maybe the 360min procedure runs at the end of the day, after all employees are gone, so no one benefits from the improved performance, but then the backups can be scheduled earlier. Or the 120min process runs over lunch break, so having it finished before people return from lunch does not make that much of a difference.

That's the meaning of the 3rd rule, don't look at the code searching for optimizations, look at the real world for optimizations.

The 4th rule is a bit drastic. After you decided to optimize the code, do some measurements. Careful measurements of the old implementation, careful measurements of the new implementation. If the improvement is NOT worth the while, then you might as well scrap the optimization. Throw it away. You thought you had good reason, you made extensive changes but didn't get the improvement you expected; no hurt feelings, just dump it.

Code complexity and maintainability are far more critically important than a minor performance optimization. KISS should be the topmost priority, not writing code that makes programmers feel good about themselves ;-)

Have Fun!

Dimitrios Staikos

Posted on November 15, 2009 in Programming | Permalink | Comments (2) | TrackBack (0)

October 04, 2009

DELAY command implemented as batch file

I always had a strange fascination about batch files in Windows. I like automation, but for some reason I don't like using an elephant gun (Perl, Powershell) to shoot a mosquito. Plus I like the automation stuff to work on any PC, without having to install anything new. The Windows shell commands look totally crippled, but there is more to it than meets the eye.

Continue reading "DELAY command implemented as batch file" »

Posted on October 04, 2009 in Programming, Web/Tech | Permalink | Comments (1) | TrackBack (0)

September 16, 2009

Updating WDF on Vista checked build

I had some trouble today with the Windows 7 WDK when I tried to install a driver on the checked build of Windows Vista x86. Actually I found the answer after searching around a little bit, but since all the information was scattered around, I thought it might be nice to put it all together under one roof.

Here are the basic facts:

Vista SP2 comes with WDF version 1.7 while the Win7 WDK has version 1.9.
When installing the driver on the checked build of an OS you must supply the checked build of the WDF coinstallers.
The checked build of the coinstaller is named WdfCoInstaller01009_chk.dll but you have to rename it to WdfCoInstaller01009.dll in your installation package.
The checked WDF coinstallers are not capable of updating Windows Vista.
This means that they cannot upgrade the installed WDF version.
This translates to this error message, if you attempt to install the driver:
Error 776: The client of a component requested an operation which is not valid given the state of the component instance.
And this means that you have to upgrade Vista WDF manually, reboot and then install your driver (still the installation package must include the checked coinstaller).

Here is how to do it in a nutshell:

Open the checked coinstaller DLL in Visual Studio or any other tool capable of exporting resources.
Export the WDFCAB_RESOURCE from RCDATA resources and save the file as a .cab file.
Open the cab and extract the .EXE with the long name (Microsoft Kernel-Mode Driver Framework Install-v1.9-Win2k-WinXP-Win2k3.exe).
Open an elevated command prompt and navigate in that directory. Step 5 will NOT work on a non elevated command prompt, although it requests UAC elevation.
Execute: "Microsoft Kernel-Mode Driver Framework Install-v1.9-Win2k-WinXP-Win2k3.exe" /X
A bunch of files are exported, among which are wdf01000.sys and wdfldr.sys.
Now you must manually override these .sys files on the target system running on the checked build. This means you have to bypass SFP (System File Protection).
Copy the existing files as a backup measure.
Change the security of these two files so that (a) your account appears as the owner and (b) give your account Full Control (you have to do that explicitly - ownership is not enough).
Override the two files with the checked versions of WDF 1.9.
Pray and reboot :-)
After rebooting install your driver.

Have fun :-)
Dimitris Staikos

Posted on September 16, 2009 in Programming | Permalink | Comments (0) | TrackBack (0)

Visual Studio Debugging Tip

More than words can say...

ntStatus is declared as DWORD or anything equivalent to unsigned long.
Works both for Visual Studio 2008 and Visual Studio 2005.
Fare well Error Lookup ;-)

Have Fun!
Dimitris Staikos

Posted on September 16, 2009 in Programming | Permalink | Comments (0) | TrackBack (0)

November 30, 2008

Tips on writing C macros

Macros in C/C++ is an extremely powerful feature, basically one I can't live without. The use of macros has been widely debated and mostly they are labeled as 'evil', as a no-no. This is the usual moral dillema that shows up whenever we have something with significant power in our hands: Anything that is powerful enough can be misused one way or the other. Should we then allow the usage of the powerful tool or ban it altogether so as to prevent its misuse (intentional or unintentional)?

Continue reading "Tips on writing C macros" »

Posted on November 30, 2008 in Programming | Permalink | Comments (6) | TrackBack (0)

November 18, 2008

The code is THE documentation

Yeah sure... Sleep tight and noone is gonna rock your boat, at least while you are sleeping in it.

This is a very luring statement. The reason it is so luring is that it is so obviously true. Or is it not? Doesn't the program do exactly what the code tells it too? So the code is THE one and only always up-to-date documentation of any program. Right?

It is so convincing that you just can't resist falling for it, especially when faced with an aficionado that passionately claims that she doesn't need to write comments as "extra" documentation, because the code is THE documentation, and since she obviously writes top quality code, comments are simply redundant. A waste of screen estate more or less. Useless clutter around the actual documentation.

Sorry to break the news boys and girls... The reality is somehow different.

The code is the imperfect translation into a programming language of the programmer’s imperfect understanding about what the program should do.

You can figure out the rest. The code is THE documentation of the programmer's imperfect language translation of an imperfect understanding. It documents how the programmer failed to code properly what he failed to understand properly.

Anyone still battling on the issue of whether the code is THE documentation and whether comments (in any form) are needed or not, most likely hasn’t worked on a big project (300+KLOC) long enough (5+ years) to figure things out for him/herself.

Life is so sweet when 90% of the time you fool around your own code. Everything is so simple, because everything is in your head. However once you start spending 50% of your time on pieces of code that other people wrote, pieces of code you have NEVER seen before, or pieces of your own code that you wrote 4 years ago and haven't glanced at since, then life is not as sweet.

When you read code you are not familiar with, then you are doing the reverse translation, from imperfect programming language to imperfect understanding about the program's intentions. This is tough. Some may be better at it than others, but trust me... without good comments it can be much more painful and error prone than it has to.

So please, make others' lives easier. Let them cherish your memory after you are gone and enjoy fixing the bugs in your code. Because you WILL be gone some day and your code WILL still have bugs that need fixing.

Enjoy,
Dimitris Staikos

Posted on November 18, 2008 in Common Sense, Programming | Permalink | Comments (1) | TrackBack (0)

October 31, 2008

Sloppy sizeof Programming (Variation #2)

This is another variation on my previous sloppy programming post.

When something potentially dangerous is displayed on TV then we hear them say "Do try this at home".

Well for this kind of sloppy programming I say "Don't try this at work!".
Only try it at home, where you can merrily shoot yourself (and just yourself) in the foot as much as your heart desires, leaving the rest of the world in blissful peace.

Continue reading "Sloppy sizeof Programming (Variation #2)" »

Posted on October 31, 2008 in Programming | Permalink | Comments (1) | TrackBack (0)

October 24, 2008

How violating KISS can end up in 100% CPU usage by your antivirus

Hi all,

I have been using an antivirus/firewall product on 4 of my computers, 2 desktops and 2 laptops, for more than a year without any troubles and was more than happy for the money I paid for it.

However at some moment I noticed that the my IBM ThinkPad X41 was extremely slow. Process Explorer would show CPU utilization being constantly at 100% and the culprit was the executable of the antivirus software.

If I disabled the antivirus real-time protection then CPU went down to normal. When I reenabled it then back to 100%.

To start with I left the laptop open for a couple of days so maybe the antivirus would get done with something it was doing but of course that was a silly thought without results. Then I tried to uninstall and reinstall it but this was just another silly thought and of course the problem remained.

So I decided to use the artillery. I opened up Process Monitor by SysInternals just to take a look at what the antivirus was doing.

Suprise!

It was scanning over and over a 9MB html file!

The location of this file?
C:\Program Files\ThinkPad\ConnectUtilities and the name of it AddConnAdvanced.html

So I added this file to the exclusion list and my laptop became normal again.

I thought maybe my laptop downloaded some software update that screwed things up, so I decided to look at what could a 9MB html file possibly hold...

Surprise (again)!

It was the IBM diagmostics utility debug log...

Then I remembered... I had a problem with the wifi on the laptop about two months ago. So I turned on the debug diagnostics and of course forgot it on even after I solved the problem.

It seems that the IBM developers wanted to appear slick I guess, so a .TXT file was not good enough for them but instead they output an HTML file which eventually gets huge, it is an HTML file so it gets scanned by adivirus software because it might be malicious, ending up in a frustrated user >:( .
Bravo! Way to go!

I do device driver development for a living and as a result I have a "lean and mean" mentality, some also call it KISS (Keep It Simple Stupid). I just hate it when people use HTML/XML for something that could be done with a plain txt, or use .NET for a config utility because they want to add a silly jpg on the dialog and don't know how to do this in plain Win32.

Things are simple: When you do more than you absolutely have to, then you increase your application's "problem surface". More and more things can go wrong and you DON'T want things to go wrong with low level stuff like debug logs and config utilities.

To understand the extent of this problem, that is doing more than you have to just because it is cool, be amused to know that some PhD guys that obviously hadn't do much programming in their lives, designed a camera specification called Genicam, and designed a feature by which the camera could send to the application a file that describes in a standard format all of its settings. This "standard" format of course was XML and everybody was so happy and cool. Of course the time came to write a device driver for such a camera and guess what? How on earth do you fit an XML parser in kernel mode code? Only if you want to play cowboy and device driver developers usually don't have much free time to play cowboy. Using XML, which is user mode crap, for some simple text information that NEVER changes is against KISS.

Dude, do I hear someone saying "but what about schema validation etc"??? We are not talking about a file that got created by a user. We are talking about a file that gets stored inside a camera by the manufacturer. IT BETTER BE IN THE CORRECT FORMAT.

Anyway, although the antivirus is not to blame for my troublesome situation, but it would help if they provided some statistics screen/report with the most scanned files so we can solve such problems in an easier way, without using super natural powers.

Tip: If a similar thing happens to your PC and it is so slow that it is almost unusable because a process is taking 100% CPU and you don't want to kill the process (so that you can study what is going on) then try lowering the process priority of the offending process. This will permit you to use your computer again so that you can solve the problem.

Have fun,
Dimitris Staikos

Posted on October 24, 2008 in Digital Misfortunes, Programming, Web/Tech | Permalink | Comments (1) | TrackBack (0)

August 04, 2008

Sloppy programming

Hell, it seems that the Apple incident inspired me after all and I got our SBP2 bug down :-)

That was a tough nut to crack. The SBP2 driver was failing with a sample 4TB external hard drive, actually giving me a BSOD. However this was not a nice BSOD like most others. The kernel crashed because it detected a corrupt doubly linked list, and of course I had no idea where the corruption came from.

After cleaning up a lot of stuff I found the culprit... just by looking at the debug messages. We had a failed kernel mode sanity check that led to a buffer overrun. However the buffer was at the end of a struct thus overwriting the next struct and leading to crazy behaviour when the OTHER struct was getting used, much later on.

Anyway, to cut a long story short the buffer should be 16 bytes instead of 12 bytes. I changed that and looked carefully through the code, then stepped through the initialization code and all looked nice. Sure enough there was no crash any more, however nothing else worked either :-D

So I embarked on a journey to find what the heck could be causing this and here is my finding.

Suppose you have a struct like this:

struct ORB_DATA
{
// Some members here...

// At the VERY END of the ORB_DATA struct.
struct ORB_CMD orb;
};

NEVER, EVER ASSUME that:

(sizeof(ORB_DATA) - sizeof(ORB_CMD)) == FIELD_OFFSET(ORB_DATA, orb)

The compiler may align things as it sees fit, so just use FIELD_OFFSET and leave the neat tricks alone.

Have fun!
Dimitris Staikos

Posted on August 04, 2008 in Programming | Permalink | Comments (0) | TrackBack (0)

August 01, 2008

Solving an NMI crash

As I described in one of my previous posts, there is a special kind of fatal error called NMI error, a form of ultra fatal error that Windows users don't encounter as often as the infamous Blue Screen of Death (BSOD).

It is caused by some erroneous hardware behavior which, in order to make things sound 'common sense', let's say crashes the motherboard, while BSODs crash the operating system.

Of course, it is the software (operating system and device drivers) that programs the hardware, so if the hardware is not at fault (true hardware damage) then it is the software that is to blame once again :-).
Even if the chips have bugs (hardware bugs) the device driver developer is required to write code that circumvents the hardware bug so that the device operates correctly.

I have been working with Windows device driver code for a total of about 6 years in my career and of course I have encountered and solved dozens of BSODs in our drivers. But so far I had met only one NMI error caused by our driver. A couple of days ago I encountered my second NMI error and I was truly excited!!!

Why I was excited instead of disappointed and thinking that our code is being crappy? For starters, I KNOW our code is not crappy (famous last words) so I couldn't possibly worry about that.
There are two reasons why I was excited:
(1) One NMI error in 6 years means that you don't get the chance to debug such beasts very often. The more often you get to debug such errors the more experienced you become in the sorts of things that cause NMIs and how to debug them. Such a kind of experience is extremely hard to get and extremely valuable.
(2) Secondly, as I explained in my previous NMI post, the software was running smoothly everywhere but was causing an NMI on some semi-exotic platform. This was exactly the case once again, an exotic Xeon-based super server. If we have clients that decide to run our software even on such exotic machines then (a) we must be having a lot of clients (since only a small percentage use exotic machines overall) and (b) they trust our software enough to use it in extremely demanding applications that require exotic machines.

In both NMIs the actual case was that the client let's say started using our software on Series 3 of the server, then upgraded to Series 4, then Series 5 and when they tried to upgrade to Series 6 (in their labs of course) they found out that an NMI was occuring.
So there is no matter of trust to our code and our company. Our clients KNOW that our software works correctly and they obviously realize that we don't have the latest and greatest version of every exotic server available in our lab to test with, so they tell us about the error, we get it fixed and both parties are totally happy and excited!

So if there is a common sense lesson here for ordinary users it is this one: If you decide to build your own super exotic PC with a uniquely super cool combination of the latest-greatest-fanciest hardware don't act that much surprised if you have driver problems (BSODs or more likey NMIs). If you want to stay out of trouble then shoot for something that is less exotic. Or at least ask for your PC provider to build your PC and then test it a bit before you pay for it and take it home.

OK then, just for the record, let me tell you what was causing the NMI.

Initially I thought that it was a cache-coherency issue that made the 1394 adapter read garbage for the context program of its DMA context. Cache-coherency means that the code updates some memory, but the new memory contents are still inside the CPU cache because that portion of the cache was not flushed to main memory.
However devices read their context programs from main memory, so if the data did not reach there yet the device will read garbage and act accordingly. Too bad that devices can't popup error message boxes to the user :-D
By examining the code carefully for that kind of error I located a little well-hidden window of opportunity where it could occur. So I fixed this bug, but lucky me, it was not the cause of the NMI. The NMI persisted.

Then I fired up my 1394 Bus Analyzer and after several experiments and server crashes one thing was evident. The 1394 adapter would always transmit exactly 51 packets before NMIing. Now, *always* and *exactly 51* are a strong indication that something a little special must be happening on the 52nd packet.
I knew of course that each packet uses 5 DMA descriptors in the DMA context program, each descriptor being 16 bytes, so I did some simple math: 5*16*51=4080. BINGO!!!
Each physical page of memory has 4096 bytes, so the 5 descriptors of the 52nd packet were on a physical page boundary. That's always a good start, although the DMA context program is being written in 'physically contiguous' pages so crossing the boundary shouldn't result in any surprises.

The NMI was caused by what we call 'isochronous transmit'. But there is also 'Isochronous receive' and it also uses 5 descriptors of 16 bytes each, but DID NOT crash on the 52nd packet, on the same machine of course.
How could that possibly be?

I studied the chip specs closely for any mention of anything related to physical page boundaries for the DMA context programs and sure enough... there was nothing. No restrictions whatsoever were mentioned.

Mind you, the code that is preparing the isochronous transmit context program was originally written back in 1999 so it has been literally tested on thousands of computers since then. This was sure a neat thing that was going down here. (Note: 1999 is more than 6 years ago, but I didn't work with drivers all the time ;-))

Then I studied our code again and soon I found out that the isochronous transmit was using 5 descriptors but the first one was a bit special, in fact something like a "double" descriptor. Since 4096-4080=16, then it became evident that this "double" descriptor was getting split in two physical pages (always physically continuous in memory).

Hmmm, I thought, maybe this machine is not too happy with this fact and crashes with the NMI at the moment the 1394 DMA chip is trying to read the 32-bytes of the next descriptor in one operation from two different physical pages.
This sounded plausible enough in my mind, so I started to give it a try.

Of course I was not sure that it was the correct reason, I mean it works everywhere else right?

I would have to change the code first then run it and see if the NMI goes away. But I estimated the correction to be at least a week's worth of coding, because too many things had to change in order to accomodate for the required 'holes' in the context program.
Classic case of a Catch-22. I can't put in 4-5 days of work just to test an idea! What if it was not the correct one?

Then something else came to mind... a quick and dirty solution... If I add 3 nop descriptors (nop="no op"="no operation") to each packet then I will have 8*16 bytes = 128 bytes. And sure enough 4096 is divisible by 128, so I would never have the special descriptor on a page boundary.
Of course this means 48 wasted bytes of physical memory for each packet, which is a very precious resource. The requests we deal with may contain thousands of packets, so that would be a non-trivial waste.

I didn't have to think twice before I decided that this was not an acceptable solution, but it was just fine in order to try out my theory!

And then came that precious moment of glory!!!
It worked like a charm :-)
My theory was right and bye-bye NMI #2.

Then I embarked on a 4-day effort to implement the proper solution that doesn't waste memory and works too.

Isn't it just so cool being a driver developer in your spare time? :-D