Back in the day, we used to have to keep track of all the dynamically allocated objects and arrays we created and make sure they eventually get deallocated or we’d have memory leaks all over the place.  But so-called “managed” programming frameworks like .NET did away with that.  Now all we have to do is forget about the object and the garbage collector will magically detect it is no longer being used and reclaim the memory it was using—all transparently behind the scenes.

Or so the theory goes…

I actually ran into a scenario recently, though, where the garbage collector just didn’t cut it.  The objects were “forgotten” (meaning no strong references to them existed anymore) yet the memory used by the application would continue to rise as new objects were created in their place, almost as if there were a memory leak.  Here’s a short description of my application:

My Application

It’s actually a quasi-personal project.  What happened was at work one day, for some unknown reason, our internet was going insanely slow.  We could tell by our network appliance that it was because we were using all our bandwidth, but we had no way of knowing who or what was using it.  There was a sense of urgency to find out, since it was hindering people’s work.

Meanwhile, one of my personal projects involved using sockets to sniff packets to spy on network activity.  So I got an idea.  I quickly wrote a program using my packet sniffing code to calculate how much bandwidth each IP address on the network was using.  Then I hooked up an old network hub (not a switch or router, a hub, because it repeats all traffic to all ports) in series with one of the physical network cables that all the internet traffic was going through, and hooked up my work computer to that hub.  With all the internet traffic being forwarded to my machine, I used my software to determine which computer was using the bandwidth.

After those events, my boss expressed a desire for a long-term solution that could be used if that scenario ever happened again, although he never officially assigned me to work on it, and since it is based on code from a personal project, that is why I call it quasi-personal.  In any case, since then we added a second network adapter to our development server and configured the network switch to “mirror” the port going to the network appliance allowing us to do packet analysis on a long-term basis.

However, my software was in great need of improvement.  Up until that point, it was just a class library that I was invoking using PowerShell with no user interface of its own.  My vision for it was simple: Something like Task Manager’s processes tab where there’s a list of IP addresses and the bandwidth usage of each and you can sort by one of the columns and it will update the sort order periodically.

So that is my application.  A simple network traffic usage monitor.

Why does it need so much memory?

This is one of those things that seems like it should be easy, but it is in fact much more involved to implement.  The application needs to process every single packet traveling across the network.  For each packet, it needs to store information about it for a time in a buffer and categorize it by IP address.

The problem has to do with the objects that are created when a new IP address is encountered.  At first, just to get it working, I did not implement any logic to “forget” these objects once the address is no longer active on the network.  I knew this would have to be implemented eventually, though.  Before implementing this, after a 24 hour period, the application was using gigabytes of memory!  So I implemented the logic to remove objects related to addresses that have been inactive over a configurable period of time.  This improved things drastically.  But I used a PowerShell script to log the CPU and memory usage of the program on a minute-to-minute basis, and I noticed a disturbing trend:

Those areas of higher CPU usage are during business hours when network activity is higher.  You’ll notice during those periods the memory usage rises significantly, which is to be expected.  But it does not fall completely afterward!  Instead, it continues to climb higher and higher over time instead of remaining about the same.  It’s over 300MB after 3 days, when it started out around 50MB.

So what’s the deal?  My program was properly forgetting the objects.  Why wasn’t the garbage collector working its magic?  Well, the other peculiar thing about this chart, is that the CPU usage is never much below 10%.  This makes sense, because it is constantly processing network packets.  It never gets a break.

I wish I could remember the article I read on .NET garbage collection so I could link to it.  But in any case, the reason this is significant is this: The garbage collector needs to move objects around in memory in order to reclaim memory.  Thus, it would be dangerous to have any other thread in the program running while this takes place.  So the garbage collector actually freezes every thread in the program (except its own, of course) while it does its collection magic.  Because of this, it is designed to wait for a convenient time to run; namely, when the program is fairly idle.  However, as you can see above, this never really happens with this program.  As a result, the garbage collector runs much less frequently in this scenario.  Those sharp decreases in memory usage in the chart are likely when the garbage collector runs, and as you can see, they are hours apart.  The garbage collector also does not check every object every time it runs.  It uses an algorithm based on the age of an object to determine the likelihood that it needs to be collected.  The less frequently the garbage collector runs, then, the worse it is at reclaiming the majority of unreachable objects.

What’s the solution?

Well, the first thing that comes to mind is the Collect method of System.GC, which forces a collection to take place.  But there is a reason the garbage collector normally does not want to run when the application is busy.  It could adversely affect performance—in this case, the program’s ability to process every packet on the network.  Some might be skipped because the thread was frozen when the event took place.

Now I know many of you will cringe when you read this, but I implemented recyclable managed objects.  Here’s the code:

public interface IRecyclable
{
    bool Recycle();
    void Reclaim();
} 

// NOTE: This is simplified code.  See below for an improved version. 

public class RecycleBin<T>
    where T : class, IRecyclable
{
    private Queue<WeakReference> _Queue; 

    public RecycleBin()
    {
        _Queue = new Queue<WeakReference>();
    } 

    public void Recycle(T @object)
    {
        if (@object.Recycle())
        {
            _Queue.Enqueue(new WeakReference(@object));
        }
    } 

    public T Reclaim()
    {
        T @object = null; 

        while (_Queue.Count > 0)
        {
            WeakReference reference = _Queue.Dequeue();
            if (reference.IsAlive)
            {
                @object = (T)(reference.Target);
                break;
            }
        } 

        if (@object != null)
        {
            @object.Reclaim();
        } 

        return @object;
    }
}

First is a simple interface called IRecyclable that defines two methods: Recycle, which notifies the object that it is being recycled allowing it to release any resources that are not reusable and returns a boolean indicating whether or not it should be recycled in its current state, and Reclaim, which indicates that the object is being reclaimed and should be put into a usable state.

The RecycleBin class then implements the recycling logic.  You’ll notice that it keeps weak references to recycled objects.  This way, if the garbage collector does run, it will collect the recycled objects.  The RecycleBin class, then, will only reclaim recycled objects if they haven’t been collected.  Thus, it works in harmony with the garbage collector.

The idea is that the recycle bin is checked for a reusable object before a new one is created.  Therefore, between garbage collections, objects are reused if possible instead of creating new ones.

Now before you bash me too much for going against the core principles of managed code, check out this chart:

Although the scale could be reduced significantly to offer more detail, I kept it the same as the above chart to illustrate the improvement.  Where the former code reached close to the top of the chart at over 300MB, this code peaks at about 30MB, and it does not continue to rise over time.  Note that no other code was changed between the gathering of these two data sets than the use of the above recycling code to reuse the objects that handle a given IP address.  Interestingly, the CPU usage is also significantly lower, especially during the periods of low network usage.  This is presumably because there is less allocation of new objects taking place, and the garbage collector has less objects to analyze, less memory to reclaim, less objects to move around, etc.

Improvements

I since made a few improvements to the above code, although they were not running when the above data was gathered.  First, I replaced WeakReference with GCHandle.  WeakReference uses GCHandle internally to do its thing, but WeakReference is a reference type, which allocates memory and requires garbage collection to a small extent defeating the purpose of recycling, whereas GCHandle is a value type, so its data would be stored within the queue object’s array and wouldn’t require reclamation by the garbage collector as long as the queue is in use.  However, this also means each handle has to be manually freed when it is no longer needed.  Also, I added to the IRecyclable interface allowing objects to determine whether they are referring to the same incarnation of the object.

public interface IRecyclable
{
    int RecycleGeneration { get; }
    bool IsRecycled { get; } 

    bool Recycle();
    void Reclaim();
} 

public sealed class RecycleBin<T> : IDisposable
    where T : class, IRecyclable
{
    private Queue<GCHandle> _Queue; 

    private bool _IsDisposed; 

    public RecycleBin()
    {
        _Queue = new Queue<GCHandle>();
    } 

    public void Dispose()
    {
        if (!_IsDisposed)
        {
            while (_Queue.Count > 0)
            {
                GCHandle handle = _Queue.Dequeue();
                if (handle.IsAllocated)
                {
                    handle.Free();
                }
            } 

            _IsDisposed = true;
        }
    } 

    ~RecycleBin()
    {
        Dispose();
    } 

    public void Recycle(T @object)
    {
        CheckDisposed(); 

        if (@object.Recycle())
        {
            _Queue.Enqueue(GCHandle.Alloc(@object, GCHandleType.Weak));
        }
    } 

    public T Reclaim()
    {
        CheckDisposed(); 

        T @object = null;
        while (_Queue.Count > 0)
        {
            GCHandle handle = _Queue.Dequeue();
            if (handle.IsAllocated)
            {
                @object = (T)(handle.Target); 

                handle.Free(); 

                if (@object != null)
                {
                    break;
                }
            }
        } 

        if (@object != null)
        {
            @object.Reclaim();
        } 

        return @object;
    } 

    private void CheckDisposed()
    {
        if (_IsDisposed) throw new InvalidOperationException("Object is disposed.");
    }
}

Problems

I am not advocating this solution, however.  I know it is wrought with problems.  First of all, there is no way to know whether all references to the recyclable object have been released before the object is recycled.  Therefore, a reference could be kept somewhere which would then refer to an object whose normally immutable properties have changed.  This could wreak havoc on a lot of common design patterns.  If only .NET gave us more flexibility when it comes to memory management instead of implementing it for us in a completely fixed and unconfigurable way.  In any case, though, this solution did manage to work wonders in my application…

I found a great post about how the skills that make us great programmers make us lousy communicators. lol.  Check it out here: http://www.secretgeek.net/program_communicate_4reasons.asp

Not too long ago, a wrote a post about chain e-mails.  Someone commented on it and mentioned snopes.com, which is a site that researches rumors including those posed by chain e-mails.  I recently got another chain e-mail warning of the danger of using cell phones while they're on the charger.  Apparently it can be fatal.  The e-mail began, however, with the following words:

"Snopes.com says this is true."

Hahaha!  I found the page on snopes.com about this rumor.  The only thing snopes confirms is that cell phone batteries can explode or start fires under certain circumstances, but there is no evidence to suggest the circumstances mentioned in the rumor increase the risk.  In fact, they could only find one confirmed case back in 2004--hardly 1 person every year dying from it as the e-mail claims.  So if an e-mail says "Snopes.com says this is true" but doesn't offer an actual link to snopes.com to back it up, it's probably false.  But that actually isn't nearly as bad as another e-mail I got:

"THIS HAS BEEN CONFIRMED BY SNOPES.  http://www.snopes.com/computer/virus/mailserver.asp"

This one actually included a link!!  And here's the kicker, if you follow the link, it is actually a page on Snopes.com about this rumor, but it says it's false!  I was apparently the only one smart enough to click the link to make sure lol.  How gullible is that??  Everyone else is like "Oh, it says it's true, it even includes a link.  But instead of clicking the link to be sure, I'm not only going to just accept it myself, I'm going to forward it to everyone I know to openly profess my belief in it and recommend it to others."

People in general really are too gullible, though.  I get a kick out of tricking my friends sometimes.  Like the time I had one of my friends believing that Tomb Raider was based on a true story...  Lol.  Or anything you say using scientific jargon most people will usually accept.  I tell them right away (after I'm sure I had them fooled, of course) that I'm just messing with them, but seriously.  I don't get how people can be like that.  When someone tells me something or I read something somewhere, the first thing that happens in my brain is that the information is cross-referenced with all of my previously gathered knowledge on the subject and checked for consistency.  Not only does that protect me from being deceived, but it also helps me store it by associating it with related information for quick retrieval later.  To me, that's just how my brain works.  I don't understand how it could be any other way.  So when I read the e-mail about cell phones exploding while using them on the charger, a dozen red flags came up as it conflicted with some things I already knew, such as:

• Battery chargers are equipped with circuitry to detect when a battery is fully charged and automatically shut off.
• Even if this circuitry failed, using the cell phone would not increase the risk of an exploding battery, because it would increase the power being used which would draw power away from the battery.
  

But even if you don't know a lot about electronics, wouldn't these items also come to mind?:

• Cell phones have been around for decades.  If this was really a big risk, why haven't I heard of it before?
• Wouldn't such a story be on the news?
• How come no one I know has had this happen?
• Snopes.com is a site for debunking rumors.  Claiming that snopes.com confirms it kindof implies that it's a rumor.  Why not reference a reputable news source if it really is true?

I think this is exactly why there is such a controversy over Wikipedia and similar wiki sites that anyone can edit.  If anyone can edit it, people could just put whatever they want.  But come on, if you just think a little and not be so gullible, it's an invaluable resource.  But since so many people are so gullible, maybe they aren't ready for such a thing as free information.  Maybe they need someone to spoonfeed them from a limited supply of confirmed sources.  I say spoonfeeding is for children who haven't developed their powers of reason yet.  Besides, us grown-ups will never be able to shield people completely from the worthless information and propaganda out there.  They need to learn to think for themselves.  Anyways, enough ranting...

Today I decided to check my credit score.  Immediately, I thought of FreeCreditReport.com.  I went there and filled in all the appropriate information.  Then I was asked for my credit card number.  Credit card number?  I thought it was free?  Just to be sure that my idea of free is a correct one, I checked dictionary.com for the definition related to price/cost.  Here it is:

Yep, that's what I thought it meant.  Hmmm...  So the deal was, there was a 7 day trial period, after which they would automatically charge you the monthly fee for "Triple Advantage" membership.  Ok...  Maybe they meant "free" as in free to cancel before you're charged?  Anyways, after reviewing my credit report I tried to do just that.  I could not find anything on their website about how to cancel.  Finally, I clicked "Contact Us" where I found a "FAQ" with the question "How do I cancel my membership?".  Here's, in short, what it said:

What??  You mean I have to call to cancel?  Pssh.  Figures...  But I sent them a lovely e-mail instead:

What, seriously, has this world come to?  Free should mean free.  Free of cost, and free of obligation to cancel within 7 days to avoid being charged.  And if you can register online, you should be able to cancel online.  There should be a law to that effect...

I knew this day would come.  The day I forget the "where" clause of an SQL delete or update statement and delete or update every row in a table.  Here's the code I used:

update tblNCM
set CLOSED = 0, CLOSED_BY = null, CLOSED_DATE = null

Imagine my dismay when SQL Server Management Studio reported that this statement affected 970 rows!!  Here's what I meant to put:

update tblNCM
set CLOSED = 0, CLOSED_BY = null, CLOSED_DATE = null
where NCM_NO = 980

Yes, this was only supposed to affect one row.  So I inadvertently re-opened all of our NCMs and deleted all the closed by and closed date values.  Great.  All I have to say now is thank God for backups!  In this case, it might have cost me my job!  But, within 20 minutes I was able to restore yesterday's backup to a temporary database, copy all of yesterday's values, and check the change log for any NCMs that were closed since yesterday.  Whew!!  In any case, though, the real issue here is that it is too easy to affect every row in SQL.  For select statements, that's ok.  It doesn't cause any damage to select every row.  But had I designed SQL, I would have made it so you would have to explicitly indicate that every row is intended with update and delete statements instead of assuming it when the where clause is missing.  Something like:

update all MyTable
set MyField = 'Value'

Or, even better from a programmer's mindset, make the where clause required:

update MyTable
set MyField = 'Value'
where true

Ok, ok, so "true" isn't exactly an SQL keyword, but it looks so much better than "where 1"...  In any case, I've never liked the SQL language as a language.  This is just one reason why.  It does not communicate intent very well.  For instance, look at my first code snippet above.  How well does that communicate that you intend to update every row?  From the way it looks to me, it seems like CLOSED, CLOSED_BY, and CLOSED_DATE would be scalar variables.  In any other programming language, when you put "set CLOSED = 0", CLOSED is a single variable with a single value.  There is no loop indicated in the language that would iterate every row and update multiple variables.  But when you say "where" afterward, then it implies that changes are made in possibly more than one place.  Omitting the "where" clause omits the part that implies that multiple rows are affected; therefore, the statement doesn't make sense.

"But I'm a lazy programmer," you might say, "and I don't want to have to write 'where true' every time I want to update or delete every row."  What, though, really, is more important?  Saving a few keystrokes?  Or avoiding a situation where a small oversight on your part could cost you your job during a time of economic hardship?  Or, from a less selfish standpoint, avoiding data loss, lost work, potential bugs, etc.?  Fortunately, we do daily backups.  But what if this was a database that was updated thousands of times a day?  Everyone's work on a particular table that day could potentially be lost because of a minor mistake.  Ugh.

For those of you who don't already know, Windows PowerShell is a command shell that pipes .NET objects between commands instead of text.  You can use it to directly create and manipulate full-fledged .NET objects with the entire .NET Framework at your disposal.  It's sort of like a live .NET programming language where your statements are executed line by line as you type them.

So I was writing a class library and got to a point where I wanted to test it.  I could have written a small test application or a unit testing project, but it occurred to me:  What if I just used PowerShell?

Working with your class library in PowerShell

As far as I know, PowerShell doesn't have any Cmdlets or other mechanism specifically for loading external libraries.  But, it doesn't need one!  Remember, you have the entire .NET Framework at your disposal.  A simple call to the System.Reflection.Assembly class will do the trick.

[Reflection.Assembly]::LoadFrom("MyLibrary.dll")

You could capture the resulting Assembly object in a PowerShell variable if you want, but all that is needed is to load it into the application domain of PowerShell, which is exactly what this method does.  Now that it's loaded, you can access your types the same way you otherwise would in PowerShell:

[MyNamespace.MyClass]::MyStaticMethod()
$obj = New-Object "MyNamespace.MyClass"

Setting up Visual Studio

Of course we want to easily start debugging by pressing the "Play" button, and we want Visual Studio to be able to pick up breakpoints and detect exceptions.  Also, we want some PowerShell commands to be executed automatically every time, such as the one that loads the library and possibly some that instantiate some test objects for you.  I opted to create a PowerShell script file in the project folder called "Debug.ps1".  Setting the project's properties in Visual Studio to get it to work, though, was tricky.

Under the Debug tab in the properties for the class library project, select the "Start external program" option.  Browse for powershell.exe.

Now for the command line arguments.  Here's what I used:

-noexit -command . ..\..\debug.ps1

First, "-noexit" specifies that PowerShell is not to exit after the command is executed.  We want this so that we can type our own commands after the initial script is executed.  Second, "-command" specifies that the rest of the command line arguments is actually a command to be executed.  The command is ". ..\..\debug.ps1".  However, if you use quotes, it will think the quotes are part of the command which will make it simply think it's a string, not code to execute.  The initial dot is there so that the script is "dot-sourced".  "Dot-sourcing" a script means that it executes in the current runspace instead of a new one.  This way, any variables set by the script will be preserved so they can be used afterward.  Finally, if you don't specify a working directory, Visual Studio defaults to the output directory for the project.  I kept it this way in case the project is copied to a different directory; for example, if it were added to source control and someone downloaded it to a different local directory.  So to reference the script that exists in the project directory, I used "..\..\" since the current directory is in \bin\Debug inside the project directory.

Here's an example of what your debug.ps1 script might look like:

# Since the current directory is the output directory for the project, simply pass in the name of the DLL file:
$assembly = [Reflection.Assembly]::LoadFrom("MyLibrary.dll")

# Here's how to create an object using a constructor with two arguments:
$testObj = New-Object "MyNamespace.MyClass" -arguments "First argument.", "Second argument."

And as I mentioned before, since the script is "dot-sourced", the variables $assembly and $testObj will remain after the script is done executing.  Also, if you haven't tried to run scripts in PowerShell yet, you might run into a security issue.  Simply type "set-executionpolicy RemoteSigned" into PowerShell to allow unsigned local scripts to execute.

You ever get those e-mails?  You know, the typical ones people get and forward on to all their friends.  They are usually reminding you to tell your friends how much you care (no doubt by forwarding that e-mail to them) or reminding you to stop and smell the roses, etc., etc.  Some even call for some kind of action on your part, which may seem harmless.  But they always end with an appeal to forward it to all your friends.  I've seen my share of superstitious ones, like "if you don't send this to X number of people, something bad will happen to you."  But today I saw an interesting one:

"FORWARDED E-MAILS ARE TRACKED TO OBTAIN THE TOTAL COUNT."

Tracked???  Hahaha, let me tell you as a software developer--one who is familiar with the protocols, etc. used for e-mail and how it is transmitted:  The former superstitious claim is actually more likely of being true! Lol!  E-mail technology does not permit a person to track if a sent message is forwarded.  Transmission is handled by the e-mail server responsible for the domain of the sending e-mail account, which would be different for each person forwarding the e-mail.  I hate to burst your bubble, but the only feasible way a person could do such tracking is to include a virus in the e-mail.  I checked, and there was no virus in the aforementioned e-mail, but wouldn't that be an effective means to distribute a virus?  Imagine that!  Hundreds of unsuspecting (not to mention gullible) people unknowingly e-mailing viruses to their friends!  All under the guise of showing them how much they care...  How ironic.

Besides, isn't the whole concept silly, really?  "Oh! You received a forwarded e-mail explaining someone else's feelings and took a few seconds of your time to pick my name out of a list in order to forward me this message that you didn't even write and thus add it to my junk mail.  I'm so touched."  It's one thing if it's something amusing that you decided out of your own want to forward to me because you thought I would personally appreciate it.  But here's a clue: If you want to show me how much you care, open up a new e-mail addressed to me and tell me!  Lol.  That's right, a spontaneous personal e-mail in your own words from you to me.  Now that's something I can appreciate, and I may even find it touching.

But what about the ones that guilt you into forwarding?  "Don't you care enough to forward this e-mail??"  For all you know, it could be a virus; don't you care enough not to?  Besides, is your friend really going to be upset that you didn't forward him an e-mail he never even knew about?  And is the original sender going to be upset that you didn't forward the e-mail when they don't even know you received the e-mail in the first place?  Much less whether or not you forwarded it?  I say take the hint and tell your friend how you feel, but in your own words and in your own way.

So in conclusion:  Forwarded chain e-mails cannot be tracked.  No one will ever know the extent of how widely it was distributed.  Furthermore, there is no chain-mail deity that rewards people for forwarding chain e-mails and punishes them for not doing so.  In fact, if you don't forward a chain e-mail, no one will ever know and nothing bad will happen.  It's all a ruse to get people to forward the e-mail.  The fact is, there's no way to verify the original source of the message; therefore, there's no reason to trust it.  In fact, if they're willing to lie to you to get you to forward the e-mail, how can you trust the rest of the e-mail?  For all you know, it could contain a virus.  Something to think about...

It seems to be a popular business model with software vendors to offer two classes of licenses--a less expensive license for personal/home/non-profit use, and a more expensive license for professional/business/profit use.  They may even try to feign this business model as natural and necessary by having two different versions of the software.  (Many vendors actually do have feature-limited versions for less than professional use.  This article does not concern those.  It concerns scenarios where the two versions are actually identical except for what they allow themselves to be used for.)  How is a vendor to enforce this restriction on use, however?  Well, unfortunately, many have made the following mistaken assumption:

"Only businesses use Windows Server.  Windows Server is never used by home users for personal use."

Well, you could say I'm not your typical home user.  My home server is running Windows Server 2008, and I use it for nothing but personal use.  I have no business, and I make no profit from its use.  However, soon after I installed Windows Server on my home server, I discovered that certain home versions of software that I was using before will not install on Windows Server, either claiming that it is not licensed for professional use or that the operating system is not supported.

So I was faced with a moral dilemma.  Do I give in and pay a significant amount of money for the same software just so it will run on Windows Server when I already have a license to use it for personal use?  Or do I find a way to trick the installer program to think it's not actually running on Windows Server?

Windows Version "Masking"

I'm sure anyone who knows me already figured that I chose the latter.  Two days ago I found success, installing a program that supposedly does not support Windows Server on my server.  It installed perfectly and is working flawlessly ever since.

You see, I made the correct assumption that at their core Windows Server 2008 and Windows Vista are the same operating system, that the program did not actually depend on any features exclusive to non-server Windows versions, and that any features included in Windows Server would not interfere with the program.  In fact, the restriction on Windows Server was entirely artificial.  That being the case, it was totally unnecessary to do any emulation.  All that was necessary was to get past the code that checks what version of Windows is running.  Hence, what I needed was a "mask".  I use the term "mask" because a mask is very superficial.  It superficially changes the apparent identity of the wearer, but underneath, they are still the same person.

Now just how would I go about masking Windows Server?  And for that matter, how would I limit it so it only affects certain programs?

Let's start by considering how one would detect what version of Windows is running.  Well, I'm a programmer, so if I were writing that code, how would I figure out how to do it?  Well, Microsoft makes it easy: Getting the System Version (Windows)  This article tells you exactly how to do so.  It even gives source code.  In short, it calls a few Win32 API functions, such as GetVersionEx.  Of course!  API functions!  But how do I intercept API calls and change their behavior?  It turns out this concept is called "API hooking" and there is lots of information online about how to do it.

API Hooking

I found this article extremely helpful: API hooking revealed.  I determined that injecting into a single process and using a "user-level" hook (since I needed to hook a Win32 API, not a native NT API) was the answer.  Modifying the Import Address Tables sounded like my best bet. 

Then I found some source code: HookAPI source code.  This solution was not quite right for a number of reasons.  First off, it was designed to inject into every running process.  I just want to inject into a single process right when it starts.  And more importantly, when I ran the demo application, it crashed every process it injected into!  So it doesn't even work!  (At least on Vista/Server 2008)  When I tried to troubleshoot it, I found out that the author used a massive amount of inline assembly code.  But, I saw what it was trying to do.

It wasn't modifying the Import Address Tables at all.  It was so simple, actually.  It used GetProcAddress to get the address of where the function was loaded into memory, then it overwrote the first 5 bytes with a jump instruction!  That would transfer execution to the address given in the jump instruction, which was the address of a different function, thus overriding the underlying API.  Of course, gaining write access to that memory was a trick, not to mention injecting the DLL into the remote process.

My Proof-of-concept

So, I wrote my own API hooking and DLL injecting code (using no inline assembly, I might add) based on my newfound knowledge, and after some troubleshooting, I was in business.  After I discovered (of course) that the installer extracted some files into a temporary folder and executed one of them, I used the solution on the extracted installer and what do you know?  It called GetVersionEx to check the Windows version, and my hook function returned all the same version information a normal call to GetVersionEx would on Windows Server 2008 except the product type - "workstation" instead of "server".  Voilá!  It downloaded and installed the application.  Interestingly, the application itself runs fine on its own.  It does not check the Windows version.  Only the installer did.

So this is, of course, only a proof-of-concept.  I'm working on making it into a polished solution.  It needs to cover some other ways programs could detect the Windows version and automatically inject into processes started by the masked process before I'd be comfortable offering it for others to use. :)

It has been a cause of annoyance for me when software authors confuse the words "remove" and "delete" in their interfaces, especially since it often involves the sensitivity of your data.

Remove means taking an item off of some sort of list, but by definition, it does not imply destruction of the item itself.

Delete also means crossing off an item, but it implies that the item is also forever destroyed.

The worst case where these are confused is when "remove" is used to describe a process that actually deletes the item, because then the user might click "remove" thinking that the underlying item will still exist, but it is instead deleted.  Also annoying is when "delete" is used to describe a process that only removes the item, because it feels weird clicking "delete" when I know I only want to remove the item, and a user might click "delete" thinking that the item will be destroyed, but it is not.

I wish I had an example of the former case to reference, but I can't think of one off hand.  But I know I have seen it more than once.  An example of the latter case is in Free Download Manager.  The "Delete download" option only removes the download from the list.  It does not delete the downloaded files, as one would think it would.

I had an interesting idea.  See, there's a good reason .NET does not allow multiple class inheritance, although multiple interface inheritance is allowed.  But there are some cases when it would be nice to be able to inherit the behavior of a class while still inheriting from another class.  Consider a simple example.

Say we have a class named Dog and a class named Cat.  As logic would tell us, there is no way something could be both a Dog and a Cat; hence, we cannot inherit both Dog and Cat.  An interface, however, has a different purpose than a class.  Instead of representing a type of object and including its implementation, an interface is intended to describe one or more capabilities of an object.  For instance, we might have an interface called IBarkable, which the Dog class would implement, describing its ability to bark.  Similarly, an IMeowable interface.  Now while there is nothing that is both a dog and a cat, there easily could be an object that has some of the capabilities of both.  For instance, a human can both imitate a dog's bark and a cat's meow.  So it makes sense that a class can implement more than one interface.

However, say we wrote the Dog and Cat classes already and now we're writing a Human class.  We've already written the code that performs the bark and the meow, how do we get that implementation into the Human class?  Now this is a very simple example and could probably be easily done a number of ways, but there are more complex situations similar to this where multiple inheritance would be helpful.  But it still does not justify allowing a class to inherit two base classes.

Here's where my idea comes in:  A new kind of type called a behavior.  Its purpose would be to define an implementation of a capability that is inheritable in a class.  Here's how a behavior would differ from a class:

• A behavior would be implicitly abstract in that it could not be directly instantiated.
• Polymorphism would not apply to behaviors.  Meaning that an implementing class could not be referenced as an object of a behavior.  As a result, variable types, parameter types, etc. could not be behaviors.  This would prevent the poor designs multiple inheritance would normally enable.
• A behavior could implement interfaces and inherit other behaviors, but it cannot inherit a class.
• A behavior could specify a constraint similar to a generic constraint where the class that implements a behavior must inherit a given base class.
• All protected and public members of a behavior must be overridable.

Thus, to solve the above example, a Bark behavior and Meow behavior could be defined, which implement the IBarkable and IMeowable interfaces.  Dog could inherit Bark, Cat could inherit Meow, and Human could inherit both.

Another example that comes to mind are the various WinForms control classes.  You'll notice that Form inherits ContainerControl which inherits ScrollableControl which inherits Control.  But does it logically follow that every container control is also scrollable?  What if the container and scrollable capabilities were implemented as behaviors?  Then a control could inherit the container capabilities without inheriting scrollability, and Form could still inherit both.  Both behaviors would specify a constraint that the class must inherit Control so that they would have access to the members of the Control class.  (That would be one strong advantage over using a simple aggregate relationship instead.)

Unfortunately, I was not able to attend the PDC 2008.  But I have read some blog posts from some who attended yesterday.  It looks like C# 4.0 will support many dynamic typing concepts including co- and contra-variance, and although "duck typing" was not explicitly mentioned, it seems to be implied by what I read.  (Since duck typing is a principle of dynamic typing and not necessarily a feature in its own right, I am not surprised it is not named specifically.)

Now don't get me wrong, it was fun writing the duck typing library, but I would have no problem whatsoever if it were made obsolete by this.  Having the features integrated into C# would be awesome, and I'm sure it would eliminate the initial overhead caused by the dynamic compilation used by the duck typing library.

I think I will have to actually use C# 4.0 before I know how it will affect the usefulness of the duck typing library, but I am thinking right now that it may still be useful for interacting with "vintage" code libraries.  That, as I understand it, is actually what Jordan uses the library for most.  So whether C# 4.0 will fit the bill in this respect hinges on whether the dynamic typing features can be used when interacting with libraries that were not written or compiled in C# 4.0.

Unfortunately, I haven't had the chance to spend a lot of time working on the new duck typing library, which may actually have equaled wasted effort, but if such a library would still be useful with C# 4.0, I think it will change significantly from what I originally thought.  It will probably be designed specifically to complement C# 4.0 features.

It seems inevitable that whenever I run into problems because something isn't working right, it's because some programmer out there somewhere (whoever programmed the tool I'm working with) overlooked something obvious or made some other stupid decision.

For instance, I just finished an ASP .NET program that complements another ASP .NET program already published in my company's intranet.  So, it seemed logical to put it within that program's folder, making it a nested ASP .NET application.  Should be easy, right?  Just copy it in, make it its own application in IIS and bam, you're set.  Wrong.  Some programmer at Microsoft decided that nested ASP .NET applications should inherit all the configuration of the parent application by default (or should I say "dofault" since it's an initial setting that does cause a fault instead of preventing one).  This includes configuration that would cause dependencies to the parent's assemblies, which of course would be missing from the child's bin folder (since they have absolutely nothing to do with the child application).  And, of course, broken dependency equals completely nonfunctional application.

So I thought, "Well, this is a pain in the neck.  Now I have to tell the child application not to inherit configuration from the parent."  Wrong again!  There is actually no way to do that.  No, instead, you have to tell the parent application not to make the child applications inherit its configuration!!  I hope, I really sincerely hope that I don't have to explain what makes that a really really bad design...

Another thing I run into all the time happens when you import from Excel into SQL Server.  If a column contains some number values and some text values, making the column type textual instead of numeric, instead of converting the number values to text like any sane person would do, it omits the number values altogether!  (I would say anyone with half a brain, but I actually know of someone who had half her brain removed due to brain cancer and she's actually pretty smart.)  Guess what, I need those values too!  Otherwise, they wouldn't be there.  So the only solutions I have found are A) Manually convert every numeric value cell to a number stored as text, B) Write a Visual Basic macro to do this for you, or C) Save the spreadsheet as a CSV file and import that into SQL Server.  All of these solutions are either tedious and time-consuming or really really crude and ugly.  I hate resorting to crude methods...

So this has me wondering:  Do people purposely do stupid things?  Like, it's hard for me to imagine that these people actually think these ideas are good ideas.  I mean, they have to realize at least to some degree how stupid they are.  The only reasonable explanation that I can come up with is that implementing a good idea would require more effort up-front and they were simply too lazy for that, and since they don't care, they just went with the bad idea.  So really, it wouldn't be "stupid programmers", it would be "lazy, careless programmers".  Which is worse?  Well, "stupid" is not as bad since a "stupid" person doesn't know any better.  But a "lazy, careless" person can be held accountable because they know better.

Now for me, I simply cannot stand to do anything a certain way when I know there is a better way to do it.  Or even if I know there might be a better way to do it, then I am driven to find it.  I am always thinking of how decisions will affect the project in the long-run, always doing things now to save time on an ongoing basis later.  I won't comment on my smartness, but while I may be lazy at times, I am definitely never careless, and my carefulness at least prevents me from being lazy in a way that will affect the quality of my work.  For me to knowingly implement something stupid would be cruel and unusual torture for me.  I would be ashamed to be associated with such work.  You could not pay me to do it.  I would find a new job if I was forced to cut corners regularly.

Am I the minority?

Is it because many programmers aren't very smart or is it because they don't care?  You know, I would argue that the two are not mutually exclusive.  Since computers and software are constantly changing, you have to be constantly learning in order to succeed in this profession.  If you don't care, you won't want to learn, and you'll end up doing stupid things.  If someone were to ask me if they should enter this field, I would tell them the same thing one of my instructors in college told me.  He said, "If this is what you really love doing, and you really really want to do it for a living, then go for it.  But if you're not that into it, and you just want a job to make money, you might want to consider a different major."  I stuck with it because I live, eat, and breathe programming.  I was programming before I went to college.  I go to work and program, get home from work and program, and constantly read and learn about programming.  I do it because I love developing software and I am passionate about it.  I think that's what makes me good for this job.  It's not knowledge or skills; my current knowledge and skills will no doubt be obsolete in little more than a few years.  But I won't be because I will be continuing to learn.  So if you're a programmer who doesn't care about programming, you're going to be left behind and probably find yourself out of work.  That may be sad for you, but ultimately good for software.  But will that nature of the field be enough to weed out the careless programmers?

Nothing technical, just a rant today.

Whenever there's a "paperless billing" option or similar thing, I always opt for it.  Yet, I still receive an enormous amount of documents on paper--99% of which I never use.  For instance, every other Tuesday, my work gives me an envelope with my "check" in it, except the money is directly deposited into my bank account so it's just for the pay stub.  I bring them home, they sit around unopened cluttering up the place and ultimately end up in the shredder, must of the time still unopened.  I mean, the information is available online, what do I need the paper for??  Heck, online it can be accessed anywhere, anytime and you always know exactly where to find it and requires no organization or other effort on your part.  On paper, it can be accessed in only one place and you have to be there and remember where it is or else look for it.

Here's something even worse: The medical insurance documents that are mailed to me every 6 months.  It's practically a book!  And what happens to it?  It sits around as clutter and ultimately ends up in the garbage untouched.  Why not make the policy documents available online and stop wasting money?  How many people actually sit down and go through all that stuff that they send you?

In fact, scratch using paper, why are we still using snail mail??  Bills, check stubs, notices, insurance claims, letters, cards, documents--e-mail, e-mail, e-mail!  I want it all e-mailed to me!  You know what happens to my incoming snail mail?  It piles up for probably a month before I finally take the time to go through it.  My e-mail, on the other hand, is checked multiple times daily.  In fact, Outlook is set up to automatically organize my incoming e-mail into folders, so it requires no ongoing effort on my part to stay organized.

Oh, and just a quick note about credit card offers that come in the mail.  Imagine how much they could lower interest rates if they didn't waste money sending offers every other day it seems that, despite their weak attempts to disguise them, are evident as such without opening them and immediately end up in the shredder unopened without a second thought.  (And I don't know about everyone else, but a lower interest rate (permanent, not introductory) would appeal to me much more than thinking, "Oh look!  This company actually took the time to pre-approve me for this apparently great credit card offer in an attempt to exploit my stupidity and take advantage of me by hooking me in with a '0% introductory APR' but with all these ridiculous fees and charges hidden in the fine print, not to mention their plan to increase the APR once I'm stuck."  Hollywood principle, please: Don't call us, we'll call you.)

What can I say?  I hate waste--wasted time, wasted energy, wasted time, wasted resources, wasted time...  And snail mail is not only a waste of the sender's resources, but a colossal waste of my time always sorting through it all.  Paper in general is a waste.  It's all this clutter everywhere.  It's so hard to keep organized.  But electronic documents aren't bound by the laws of physics, they can be everywhere and nowhere all at once.  You can instantly access information without physically searching for it.  You can keep all the documents you want and still have no clutter; that's right, you can have your cake and eat it too.

So to all those sending snail mail to me: The Internet, e-mail, and electronic information are not new.  They've kinda been around for a while...  Get with the program, please.  Stop sending me snail mail!

Now, the concept is certainly good.  Have a program automatically check for new versions so that people can keep up to date.  But the fundamental flaw I find is that this check always takes place when you first start the program.  At this point, you're trying to use the program immediately and don't want to wait for it to download and install an update first.  So I always cancel out and never get the needed updates.  So the notification turns into nothing more than a nuisance.

So I thought of a solution, but it would be quite a feat to pull off, and it's not without problems.  What we need is an update agent that checks for updates behind the scenes and informs the user in a non-intrusive way based on how the user set it up.  A single program that will support checking for updates for multiple products.  That way the user would have a central place to view and optionally install these updates, or could configure them to automatically install when that program is not in use.  No more annoying pop-ups when you're trying to use the software.

But here's where the difficulty of such a solution comes in:  As far as I know, there is no standard for distributing updates.  To implement a standard, it would require the cooperation of the vendor for each piece of software.  The other option would be to make the program extensible so that anyone can write a plug-in for it to add support for a particular piece of software.  Now I could certainly write a framework to support this in my sleep and use duck typing for cross-version plug-in support, that would not be a challenge.  The problem is that I can't possibly write a plug-in for every piece of software in existence, or even most.  I'm not exactly good at promoting standards either.

But I'm wondering if I should make the solution for myself anyway, and implement plug-ins for the software that I use, and make it available for free and see what happens...

Yesterday, my friend and I had an interesting conversation.  He was venting about the code one of his co-workers wrote which caused a problem he spent some time tracking down.  Here's the gist of it:

void RaiseEvent(EventArgs e)
{
    Event(this, e);
}

Now most .NET developers should immediately notice what's wrong here.  I certainly hope they do.  What if Event has not been subscribed to?  Then it is null, and invoking it will cause a NullReferenceException.  So this is how I have always invoked event delegates:

if (Event != null)
{
    Event(null, e);
}

But one thing my friend pointed out, which was actually new to me, is that the above code is actually not thread-safe, because another thread can unsubscribe from Event after the check for null and before the invocation.  So to make it thread safe, you would first copy the delegate reference to a local variable:

EventHandler handler = Event;
if (handler != null)
{
    handler(this, e);
}

Now I thought, "This is a lot of code to write just to raise an event.  How can I make this shorter?"  So thanks to C# 3.0 extension methods and lambda expressions, I was able to reduce it to this:

Event.SafeInvoke(d => d(this, e));

Here's the extension method:

public static void SafeInvoke<T>(this T obj, Action<T> action)
    where T : class
{
    if (obj != null)
    {
        action(obj);
    }
}

This accomplishes both objectives: 1) Copy the delegate reference.  This is implicitly done when it is passed as a method parameter.  And 2) Check the delegate for null.  Now I know calling Event.SafeInvoke if Event is null looks a little odd, because you would think it would cause a NullReferenceException, but this is actually not the case with extension methods.  You can call an extension method on null.  This is because the compiler translates this to:

SafeInvoke(Event, d => d(this, e));

Now, unfortunately, you cannot set a restraint on generic types to restrict them to the Enum or Delegate types.  (This makes absolutely no sense to me, I think you should be able to.)  So the above extension method applies to all reference types.  At first I was afraid this would clutter the IntelliSense for non-delegate types, but actually, this extension method would be useful for any reference type.  What if, for instance, you want to call a method on an object but only if it isn't null?

obj.SafeInvoke(o => o.MyMethod());

And the best part is that this will also make the check for null thread-safe if the object in question has a greater scope than a local variable!  So, to wrap up this post, here are all the extension methods I wrote to support both return values and dispatching to another thread (feel free to plagiarize!):

public static void SafeInvoke<T>(this T obj, Action<T> action)
    where T : class
{
    if (obj != null)
    {
        action(obj);
    }
}

public static TResult SafeInvoke<T, TResult>(this T obj, Func<T, TResult> func)
    where T : class
    where TResult : class
{
    return obj.SafeInvoke(func, null);
}

public static TResult SafeInvoke<T, TResult>(this T obj, Func<T, TResult> func, TResult defaultResult)
    where T : class
{
    TResult result = defaultResult;

    if (obj != null)
    {
        result = func(obj);
    }

    return result;
}

public static void SafeDispatch<T>(this T obj, Action<T> action)
{
    if (obj != null)
    {
        action.BeginInvoke(obj, null, null);
    }
}