Anyway, I whinged about how DevPartner lagged behind Visual Studio releases and was told, via a comment from someone at Micro Focus, that DevPartner 10 shipped at the same time as Visual Studio 2010; it would have been nice if my support contract meant that they'd bother to tell me about this since I was entitled to the latest version; heh, here's an idea, the software itself could work it out for me somehow (nah, nobody would do that)... Anyway, it seems that the way I'm supposed to work out that a new version that I'm entitled to under my support contract is available is to log on to the Micro Focus support site and 'request a new version'. Presumably I either poll this site every couple of months and request current version + 1 or I'm supposed to track when they release new versions... Interestingly I get a list of patches for 9.1 displayed but no indication that a 10 is available...

So, I fill in the form and wait a few days, no response, I chase them and eventually get an email with some download links. I download and install DevPartner 10 and run it up in "Error detection" mode on an unmanaged VS2010 solution which contains a relatively simple multi-threaded project...

During the build I get several compiler crashes and whilst it IS the Microsoft C++ compiler that is crashing here it has never crashed with this code if DevPartner instrumentation is NOT enabled... The errors are all similar:

1>e:\source\practicaltesting\jetbytetools\testtools\testmonitor.cpp(748): fatal error C1001: An internal error has occurred in the compiler.

1>  (compiler file 'f:\dd\vctools\compiler\utc\src\p2\main.c[0x524EDFBA:0x00000004]', line 183)

1>   To work around this problem, try simplifying or changing the program near the locations listed above.

1>  Please choose the Technical Support command on the Visual C++ 

1>   Help menu, or open the Technical Support help file for more information

   }

   catch(const CSEHException &e)

   {

      cout << "Exception during test timeout processing: " << CStringConverter::TtoA(e.GetWhere() + _T(" - ") + e.GetMessage()) << endl;

   }

   JETBYTE_TESTS_CATCH_ALL_AT_THREAD_BOUNDARY_IF_ENABLED

   {

      cout << "Unecpedted exception during test timeout processing" << endl;

   }

So, my first impression of the new version is that it's just about as good as the first impression I had of 9.0, i.e. it simply doesn't work on the latest compiler with simple code. I don't know if I'm alone in thinking that when software that you're supposed to rely on for software quality assurance work gives this kind of first impression you tend to worry if it actually does what it needs to at all, rather than simply being a rushed to market mess which underwent too little testing before release so that it could be shipped at the same time as the new compiler without actually supporting it...

Anyway, I thought, perhaps, that by default there were too many error detection options turned on (I tend to use a small subset of the functionality as I've found that the more interesting stuff is prone to not work (API parameter checking is great until you realise that some of the (admittedly many) APIs that it covers are configured incorrectly and report problems that don't exist and you can't change them and have to wait for a service release...). Anyway, off I go to the options screen and find that I can't change the error detection options as "Error Detection settings are unavailable until you select a valid start up project"...

At this point I switched to VS2008 to see how things were back in the legacy compiler environment. This time everything builds OK but when I go to run the program under BoundsChecker I get a message telling me that DevPartner is unable to test 64bit projects. Fair enough; we're still in 'tool lag' country, DevPartner 9.1 could also only 'run on' x64 and not instrument x64 code; then the tool would also try and instrument the x64 builds but the link failure messages were fairly clear in what was wrong. It's a pity that the DevPartner 10 user interface isn't consistent on this, the VS2010 options screen obviously knows it's not supposed to let you work with x64 projects (though could be more helpful) yet the tool bars and build process let you try to build x64 projects rather than, more helpfully, preventing you...

Rebuilding the 32bit version of the code in VS2010 worked OK, but what a wonderful first impression...

Now there seem to be some new weird problem reports inside of the VS2010 STL code which I need to dig my way through to determine why they're OK to ignore...

And then I suppose I need to go and dig up all of the same information that they already have about my development machine so that I can ask them to send me a new license file...

I can't help but think that this whole issue would have never existed if the standard STL allocators had taken the value type as an argument to allocate(), this is likely not possible with things other than std::set and std::map BUT if these took the value type as a parameter then a custom allocator could simply locate the intrusive link structure in the value type and return that to the container. The same underlying map template could then work with either an allocator that allocates its node structure or an allocator that obtains the intrusive structure from the value type... Since it would have been this simple we'd have had the option of intrusive STL containers from day 0...

It's very tempting to hack this kind of change into a copy of the map/set/tree templates used in STLPort rather than writing my own...

This time I'll cover the unmanaged side of things. This is actually where much of the complexity lives. The code that actually manages the creation and destruction of the application domains in which the managed applications run and which deals with wiring them up to the network endpoints that are accepting connections for them.

This allows me to load a set of applications that can be run when the server starts up and start them. I can then tell each network endpoint the name of the application that connections are to be routed to and as each new connection comes in the socket server that is managing that end point can look up the application by name in the CApplicationCollection and connect the connection to it. If the application is not running then the connection will fail and be closed after issuing an error message.

Since there's a difference between applications that the server CAN run and applications that ARE running I can easily restart an application by locating the running instance, telling it we're about to shut down and then unloading its application domain. Meanwhile I can create a new application domain, start a new copy of the managed application, based on the application details that are stored for the application, and insert it into the running applications collection. In fact I do this in reverse, starting and inserting the new application and then shutting down the old. This minimises the time when an application isn't available.

Whenever an application is stopped I need to be able to walk the list of connections that are currently connected to the application and terminate them. This requires that the unmanaged application objects maintain a collection of active connections. This deals with the 'kill' style restarts that I spoke of in the previous article. To handle the 'kind' restarts I need to be able to keep a running application around after it has been removed from the running applications collection and only unload its application domain when all currently active connections have been completed. To enable this the application object is reference counted and the application domain is unloaded when the application object is deleted. This allows me to have each active connection hold a reference to the application that it is connected to and also have the CApplicationCollection hold a reference whilst it has the application in its collection of running applications. When the application is restarted it is removed from the running applications collection and the reference owned by the CApplicationCollection is released, now only the active connections are keeping the application alive and when the last of those ends the application domain is unloaded. Meanwhile we've already started a new copy of the application and placed it in the running applications collection and so new connections go to the new copy of the application and existing connections continue in the old copy.

Automatic restarts are supported by enabling shadow copying on the application domains so that the assemblies aren't locked whilst the application is running and adding a directory change monitor to look for updated files. The directory change monitor starts a 10 second timer when it spots a file change and when the timer expires the application is restarted. The server demonstrates both kind and kill automatic restarts. The timer is necessary to prevent multiple restarts when files are updated by hand, ideally you set a timer for long enough to allow someone to copy or edit files and when the "quiet period" has expired the application is restarted.

Finally a management socket server presents a simple text based protocol that's accessible via telnet which allows the user to list and manipulate the applications. Right now you can't add new applications and endpoints to a running server but there's nothing in the architecture to prevent it. Likewise you can't remove endpoints but it could be added.

This code is all included in a new example server for The Server Framework which will ship with version 6.3.

Over the last four entries I've implemented various parts of the timer wheel and adjusted the test code so that I could reuse the tests that I already had for the other implementations with my timer wheel. The tests needed to be tweaked quite a bit to take into account the different behavioural characteristics of the wheel and the queues, this was accomplished using traits which determine the detail of how the class under test interacts with its service providers (mainly a tick count provider).

Today we finally get to the point where we have a working timer wheel that is compatible with the interface used by the two timer queues. We can then look at the results of the performance tests and work out where we need to go next.

The main change is in how we store the timer data so that we can be dispatching an expired timer and setting, cancelling or destroying the same timer during the dispatch. We need to allow for this because the lock that should be held whilst you're updating the timer wheel is not held during timer dispatch. So, rather than holding a single set of timer data within the timer we hold two sets, an active set and a timed out set. When the timeout handling begins the call to BeginTimeoutHandling(), which should be protected by a lock, updates each of the timers to prepare it for timeout dispatch. This means that it needs to walk the list of timers for this time and copy the active set of data to the timed out set and clear the active set. Now when the timer is processed by HandleTimeout() we're working with the timed out set of data which allows the timer to be manipulated normally using the active data. Having to prepare the timers is a bit of a pain, it means that timer dispatch is O(n) where n is the number of timers to be dispatched, however this is the same as for the timer queue and we're avoiding the O(log n) (n being the number of timers currently set in this case) of the balanced tree lookup required for the timer queues...

There's still scope for some refactoring in the code and there's a need for some more tests to make sure that we're doing things sensibly when we fail to handle timeouts for a long period of time but this can be done later. I've added a few new tests to test the timer wheel with the CThreadedCallbackTimerQueue, I expect that could do with a name change now, but that can also wait.

Since we now have a fully functional timer wheel I can compare the performance results with those from the timer queue implementations. Note that these are the results that I get on my development box, the results that you get are likely to be different but the proportional differences should be similar... All test results are an average of 10 runs of the same test with 100,000 timers in use in each test.

• Creating timers - Unsurprisingly, since very similar work is being done by both the queues and the wheel, CreateTimer() is roughly similar with the wheel actually taking fractionally longer at 55ms vs the queues which both take 50ms.
• Setting timers - Again unsurprisingly, the timer wheel is much faster when setting timers at 8ms compared to 88ms for the queue. Note that the 8ms value is a best case scenario where we set and reset the same timer, with different timers the times rise to 15ms vs 130ms and with different timers being set for the same times we get 14ms vs 60ms. What doesn't show here is that the wheel is also only C(n wheel users) compared to the queue's C(n wheel users)+2C(n heap users) (see here for details of my 'big C' notation for talking about contention).
• HandleTimeouts - When handling timeouts and holding the lock we get results of 54ms against 94ms for the queues. When not holding the locks the numbers are 57ms and 98ms. Again the wheel has lower contention.

All in all I'm pleased with the performance and contention improvements that have come from using a radically different design. The timer wheel isn't as general purpose as the timer queues and it's not going to be a good fit for all of the usage scenarios that I use the queue in but for those situations that it is appropriate for, the performance will be considerably better.

The code can be found here and the previous rules apply.

Of course, being part of boost I first have to work out exactly how much more of boost it will require me to depend on and then I have to work out how I can use it to replace my current std::map usage. It seems quite clever (no surprise there) and allows for a type to be included in multiple intrusive containers by allowing an object to have multiple links embedded in it and allowing you to specify the link to use for a particular container. It seems slightly over engineered for my needs (again, no surprise there) and it's a pity that it doesn't simply provide obvious drop in replacements for the equivalent STL containers; yes it's nice that there are two kinds of base tree structure (red black and AVL) so you can optimise for your specific usage patterns but it would be nicer if you could simply switch from std::map to boost::intrusive::map and add an appropriate data member to the class you want to store in it...

Still, I guess I should spend some more time learning and understanding... One thing that it doesn't do for me, as far as I can see, is provide a multimap from which I can remove all elements at a specific key in one go...

I can't help thinking that allocators weren't really thought through especially well; the whole 'rebind' from allocator<int> to allocator<node> is, IMHO, just pointless 'aren't we clever with templates' crap ;) especially given the fact that at the end of the day all these things are doing is allocating memory of a given size...

Anyway, being able to plug my own allocator into the containers is one small step on the path to improving the performance of the objects in question.

I've taken the second approach as non O(1) timer setting and 'random thread timer dispatch' are not desirable qualities for the usage scenarios that I'm currently targeting. This means that the timer wheel now queries the tick count provider when you call SetTimer() but it's easy to adjust the tests for this due to the test traits that I introduced a while back.

Now that SetTimer() works correctly we can move on to implementing the remaining functions. Unfortunately though, before we do that we need to deal with a memory leak bug in the CCallbackTimerQueueBase class which the tests can't detect and which I missed due to not running BoundsChecker after each set of changes... The leak was introduced when I switched from using the std::multimap to using a std::deque back in part 21. Unfortunately I missed out a couple of delete statements to clear up the new structure that we allocate to store in the std::deque when we set timers. This just goes to show that it doesn't matter how many tests you have and how good your coverage is, it's never enough to prove that the code is without bugs. Running BoundsChecker showed the bug quite clearly but it's a pity that it needs to be a separate stage of testing. Instrumenting memory allocation within the test would help and is something that I might look into... Anyway, the fixes are to add a loop which cleans up the allocated memory in the queue's destructor and to clean up blocks of timers as they expire in HandleTimeouts().

The code can be found here and the previous rules apply.

I've got to the point where I have a nice new server framework example server that demonstrates all of the functionality I need and so it feels like the right time to write about how I got here.

The only thing that you really need to do in your custom AppDomainManager registered is make sure that you implement InitializeNewDomain() so that you set the flags to tell the CLR to register new application domains with your unmanaged host.

      public override void InitializeNewDomain(AppDomainSetup appDomainInfo)

      {

         // let the unmanaged host know about us

         InitializationFlags = AppDomainManagerInitializationOptions.RegisterWithHost;

      }

   [

      object,

      uuid(0EC4D543-008A-4cd3-88DB-A5199F416251),

      helpstring("IManagedHost Interface"),

      pointer_default(unique)

   ]

   interface IManagedHost : IUnknown

   {

      HRESULT InitialiseDefaultAppDomain(

         [in] IUnmanagedHost *host);

  

      HRESULT CreateApplicationInNewAppDomain(

         [in] BSTR appDomainName,

         [in] BSTR applicationName,

         [in] BSTR applicationDirectory,

         [in] BSTR sharedDirectory,

         [in] BSTR configFileName,

         [in] BOOL enableShadowCopy,

         [out, retval] long *pDomainID);

  

      HRESULT Start(

         [in] BSTR assemblyName,

         [in] BSTR typeName,

         [in] BSTR applicationName,

         [out, retval] IManagedApplication **application);

  

      HRESULT RequestStop();

  

      HRESULT Stop();

   };

HRESULT CManagedHost::SetAppDomainManager(

  DWORD dwAppDomainID,

  IUnknown *pUnkAppDomainManager)

{

   ICriticalSection::Owner lock(m_criticalSection);

  

   DomainManagerMap::iterator it = m_domainManagers.find(dwAppDomainID);

  

   if (m_domainManagers.end() != it)

   {

      it->second = SafeRelease(it->second);

   }

  

   IManagedHost *pHost = 0;

  

   const HRESULT hr = pUnkAppDomainManager->QueryInterface(IID_IManagedHost, (void**)&pHost);

  

   if (SUCCEEDED(hr))

   {

      m_domainManagers[dwAppDomainID] = pHost;

   }

  

   return hr;

}

In my example IDL above Start(), RequestStop() and Stop() are methods that can be called only in secondary application domains and InitialiseDefaultAppDomain() and CreateApplicationInNewAppDomain() must only be made onto the default application domain.

InitialiseDefaultAppDomain() is called explicitly just after I start the CLR and set its error escalation policy. It allows me to pass an interface to the managed part of my hosting code that allows it to communicate with the unmanaged part, this interface is pretty simple.

   [

      object,

      uuid(AFF50626-DDCF-481c-9CE7-0F95B0E9E6D7),

      helpstring("IUnmanagedHost Interface"),

      pointer_default(unique)

   ]

   interface IUnmanagedHost : IHostLog

   {

      HRESULT ShutdownHost();

   }

  

   [

      object,

      uuid(7F153933-8BE3-45b6-B8C5-22B5EFA0B8FD),

      helpstring("IHostLog Interface"),

      pointer_default(unique)

   ]

   interface IHostLog : IUnknown

   {

      HRESULT LogMessage(

         [in] BSTR message);

   }

Loading and running plugin code in the CLR is a two stage process. First I call CreateApplicationInNewAppDomain() on the default AppDomainManager which creates a new application domain and sets it up ready to run the plugin code.

      int IManagedHost.CreateApplicationInNewAppDomain(

         string appDomainName, 

         string applicationName, 

         string applicationDirectory, 

         string sharedDirectory,

         string configFile,

         int enableShadowCopy)

      {

         if (!defaultAppDomain)

         {

            throw new InvalidOperationException("Should only be called on the default application domain, not on \"" + this.appDomainName + "\"");

         }

  

         if (host == null)

         {

            throw new InvalidOperationException("Not initialised, call InitialiseDefaultAppDomain() first!");

         }

  

         AppDomainSetup setup = new AppDomainSetup();

  

         setup.ApplicationName = applicationName;

         setup.ApplicationBase = ".";

         setup.PrivateBinPath = ".;" + applicationDirectory + ";" + sharedDirectory;

         setup.ConfigurationFile = configFile;

  

         if (enableShadowCopy == 1)

         {

            setup.ShadowCopyFiles = "true";

            setup.CachePath = ".\\Cache\\" + applicationDirectory;

         }

  

         AppDomain appDomain = AppDomain.CreateDomain(appDomainName, null, setup);

  

         ManagedHost manager = (ManagedHost)appDomain.DomainManager;

  

         manager.SetupAppDomain(appDomainName, appDomain, host);

  

         return appDomain.Id;  

      }

Once the new application domain has been created I can call Start() on its AppDomainManager, this simply loads the supplied assembly into the new application domain, creates an instance of the type that is the entry point for my application code, calls OnApplicationStart() on it to start the application, and returns interface to the application to unmanaged code so that it can be manipulated from there.

      IManagedApplication IManagedHost.Start(

         string assemblyName,

         string typeName,

         string applicationName)

      {

         if (defaultAppDomain)

         {

            throw new InvalidOperationException("Should only be called on the application domain that was created for application \"" + application + "\", not on the default application domain");

         }

  

         if (appDomainName != applicationName)

         {

            throw new InvalidOperationException("Should only be called on the application domain that was created for application \"" + application + "\", not on \"" + appDomainName + "\"");

         }

  

         Assembly assembly = Assembly.Load(assemblyName);

  

         object obj = assembly.CreateInstance(typeName);

  

         if (obj == null)

         {

            throw new TypeLoadException("Object \"" + typeName + "\" not found in assembly \"" + assemblyName + "\"");

         }

  

         this.application = (IManagedApplicationControl)obj;

  

         return application.OnApplicationStart(applicationName, host);

      }

   [

      object,

      uuid(DE2B37FB-190A-4ef9-9CD9-97CE94C3D5FE),

      helpstring("IManagedApplicationControl Interface"),

      pointer_default(unique)

   ]

   interface IManagedApplicationControl : IUnknown

   {

      HRESULT OnApplicationStart(

         [in] BSTR applicationName,

         [in] IHostLog *log,

         [out, retval] IManagedApplication **application);

  

      HRESULT OnApplicationStopRequested();

  

      HRESULT OnApplicationStop();

   };

  

   [

      object,

      uuid(19A68076-9C7E-4981-BE97-949803AEB76F),

      helpstring("IManagedApplication Interface"),

      pointer_default(unique)

   ]

   interface IManagedApplication : IUnknown

   {

      HRESULT OnConnectionEstablished(

         [in] ISocket *socket);

  

      HRESULT OnReadCompleted(

         [in] SAFEARRAY( BYTE ) data,

         [in] ISocket *socket);

  

      HRESULT OnConnectionClientClose(

         [in] ISocket *socket);

   };

The simple example implementation looks something like this.

   class ManagedApplication : IManagedApplicationControl, IManagedApplication

   {

      private string name;

 

      private IHostLog log;

 

      private void LogMessage(string message)

      {

         log.LogMessage(name + ": " + message);

      }

 

      IManagedApplication IManagedApplicationControl.OnApplicationStart(

         string applicationName, 

         IHostLog log)

      {

         this.name = applicationName;

 

         this.log = log;

 

         LogMessage("OnApplicationStart");

 

         return this;

      }

 

      void IManagedApplicationControl.OnApplicationStopRequested()

      {

         LogMessage("OnApplicationStopRequested");

      }

 

      void IManagedApplicationControl.OnApplicationStop()

      {

         LogMessage("OnApplicationStop");

      }

 

      void IManagedApplication.OnConnectionEstablished(

         ISocket socket)

      {

         socket.WriteString("Welcome to CLR echo server: " + name + "\r\n");

 

         socket.Read();

      }

 

      void IManagedApplication.OnReadCompleted(

         byte[] data,

         ISocket socket)

      {

          socket.Write(data);

 

          socket.Read();

      }

 

      void IManagedApplication.OnConnectionClientClose(

         ISocket socket)

      {

         LogMessage("OnConnectionClientClose");

      }

   }

I have two ways to stop an application. Firstly I can call IManagedApplicationControl::Stop() from the applications AppDomainManager. I call this just before I unload the application domain, the idea being that it allows the plugin code to clean up before it is destroyed. Secondly I can call IManagedApplicationControl::RequestStop(), this exists so that my hosting code can demonstrate immediate application domain clear down and 'once all existing connections have completed' application domain clear down. With plugin code that is accessed via network users you may want to restart an application (to upgrade it, for example) whilst there are existing users connected and allow those existing users to continue using the old application until they disconnect, OR you might want to just forcibly abort any existing connections and restart the application domain immediately. I call IManagedApplicationControl::RequestStop() if I'm going to allow the application domain to run until existing users have disconnected, this allows the managed application to react accordingly, such as suggesting to the users that they log off, or whatever.

Once I've decided to stop an application and all existing connections have terminated the AppDomain can be unloaded. I do this by calling ICLRRuntimeHost::UnloadAppDomain() and passing it the ID that was returned when we created the new application domain.

That's pretty much it as far as the interface between managed and unmanaged code is concerned. However, the story doesn't end there, on the unmanaged side there's quite a lot going on to allow us to dynamically load and unload managed applications whilst giving the option of allowing existing connections to complete before the application domain that they're running in is terminated, but I'll deal with that next time...

Switching to hosting 4.0 was easy enough but being able to fall back to hosting 2.0 on a machine where 4.0 wasn't installed is slightly more complex. It's reasonably obvious (you need to make sure that you call GetProcAddress() to bind to CLRCreateInstance() rather than linking to it at build time), but Brad Wilson has a nice list of steps to show how it's done here on his blog.

There still seems to be some complexity with regards to selecting the most appropriate version of the CLR for a given assembly as whilst ICLRMetaHost::GetVersionFromFile() will, for example, give you "v1.0.3705" for a CLR 1.0 assembly and "v1.1.4322" for a CLR 1.1 assembly which is fine but ICLRMetaHost::GetRuntime() wont apply any machine policies to give you a v2.0 or whatever CLR if you ask it for v1.0.3705 and it's not installed.

I'm probably missing something in the API somewhere and it's not really that much of a problem for me right now, I already have a version munging stage which allows things like "v2.0" to mean 'the latest greatest v2.0 you have please (purely for when the next version comes out and the build is changing with the betas...) and which can be told to default to the latest CLR available if the specified one isn't found, or to fail the request, etc.

The problem with tools that lag is that no matter how useful they are the lag and the lack of daily use affects the usefulness of the tool and that always gets evaluated when I have to pay more money for another year of 'support'...

When a tool isn't in the tool box that you use daily you tend to use it less often than you should... Yes, the reason for this rant is that I've just found a couple of leaks with DevPartner that lived a little longer than they should because I'm developing the code in VS2010 and DevPartner isn't there in the toolbar nagging at me to use it. And, yes I know that I'm the one at fault for not using the tool anyway even though it's easier to ignore right now...

This kind of thing usually isn't actually too much of a problem for me as using these kinds of tools is on my release check-list but as I get clients that only want VS2010 builds it gets more likely that the tool lag will bite.

So, in summary, a version of DevPartner Studio for Visual Studio 2010 would be nice and, even better, if you can't ship with the RTM of the compiler then a roadmap that gives a hint about when you might ship, or even a hand wavey indication of an intention to ship, would be nice...

By the end of last time we'd got to the point where we had four functions left to implement...

Whilst adjusting the tests to make sure they took into account the timer wheel's traits and generally worked correctly with the new implementation I decided that although I like my tests rigid (some would say brittle, or fragile), I'd gone slightly too far with the logging coming out of the tick count providers. These were reporting the value of the tick count that was being provided as well as the fact that the call was made. Now in some of my tests this is useful but here the test was clearly setting the value so logging it was of no use and made the tests more complex in the presence of variable timer granularities. Adjusting the mocks and the tests makes them a bit cleaner.

The tests also needed adjusting now that all of the code can be built with monitoring enabled. The traits work pretty well for this and I'm happy with the results.

There's still quite a bit of duplicate code in the tests and the code to create and set a timer is one piece that's easy to slim down by using the helper function that is used by some but not all of the tests. Only the tests that are actually for SetTimer() need to do it long hand to make it clear what we're actually testing.

Since we now have timers that can delete themselves and since I recently added to the timer monitoring interface to allow us to ensure that all timers were always cleaned up it seems about the right time to add monitoring interface support to the timer wheel.

The resulting changes to implement the second SetTimer() overload are as follows, note that I've adjusted CreateTimer() so that the common code that I need to call when I create a timer in SetTimer() isn't duplicated. The timer data constructor that we're using there sets the timer up appropriately for single use mode.

CCallbackTimerWheel::Handle CCallbackTimerWheel::CreateTimer()

{

   TimerData *pData = new TimerData();

  

   return OnTimerCreated(pData);

}


CCallbackTimerWheel::Handle CCallbackTimerWheel::OnTimerCreated(

   TimerData *pData)

{

   m_handles.insert(pData);

  

#if (JETBYTE_PERF_TIMER_WHEEL_MONITORING_DISABLED == 0)

  

   m_monitor.OnTimerCreated();

  

#endif

  

   return reinterpret_cast(pData);

}

bool CCallbackTimerWheel::SetTimer(

   const Handle &handle,

   Timer &timer,

   const Milliseconds timeout,

   const UserData userData)

{

   if (timeout > m_maximumTimeout)

   {

      throw CException(

         _T("CCallbackTimerWheel::SetTimer()"), 

         _T("Timeout is too long. Max is: ") + ToString(m_maximumTimeout) + _T(" tried to set: ") + ToString(timeout));

   }

  

   TimerData &data = ValidateHandle(handle);

  

   const bool wasPending = data.CancelTimer();

  

   data.UpdateData(timer, userData);

  

   InsertTimer(timeout, data, wasPending);

  

#if (JETBYTE_PERF_TIMER_WHEEL_MONITORING_DISABLED == 0)

  

   m_monitor.OnTimerSet(wasPending);

  

#endif

  

   return wasPending;

}

  

void CCallbackTimerWheel::SetTimer(

   IQueueTimers::Timer &timer,

   const Milliseconds timeout,

   const IQueueTimers::UserData userData)

{

   if (timeout > m_maximumTimeout)

   {

      throw CException(

         _T("CCallbackTimerWheel::SetTimer()"), 

         _T("Timeout is too long. Max is: ") + ToString(m_maximumTimeout) + _T(" tried to set: ") + ToString(timeout));

   }

  

   TimerData *pData = new TimerData(timer, userData);

  

   OnTimerCreated(pData);

  

   InsertTimer(timeout, *pData);

  

#if (JETBYTE_PERF_TIMER_WHEEL_MONITORING_DISABLED == 0)

  

   m_monitor.OnOneOffTimerSet();

  

#endif

}

CCallbackTimerWheel::TimerData &CCallbackTimerWheel::ValidateHandle(

   const Handle &handle) const

{

   TimerData *pData = reinterpret_cast(handle);

  

   Handles::const_iterator it = m_handles.find(pData);

  

   if (it == m_handles.end())

   {

      throw CException(

         _T("CCallbackTimerWheel::ValidateHandle()"), 

         _T("Invalid timer handle: ") + ToString(handle));

   }

  

   if (pData->DeleteAfterTimeout())

   {

      throw CException(

         _T("CCallbackTimerWheel::ValidateHandle()"), 

         _T("Invalid timer handle: ") + ToString(handle));

   }

  

   return *pData;

}

Let's assume that we're in the situation shown above and we set a timer. The timer wheel has its current time set to 35ms before the actual time because timeouts haven't been handled yet. At present if we set a timer for 10ms the timer will be set at the point marked as 30 on the diagram above rather than at the point marked 65. The existing tests don't show this problem as they all set timers for a 'now' that is the same as the time the wheel was created or just after timeouts have been handled; which means that current always equals now in most of the tests that set timers. A new test that sets a timer with now != current clearly shows the problem. I'll leave this broken test to show me the way for next time.

The code can be found here and the previous rules apply.

The offending code was a wrapper around the operating system function GetTempPath(). I always tend to wrap these kinds of things so that I can convert errors to exceptions (I did a good job of that here didn't I) and so that I can convert types to the kind of types that I prefer to use. In this case I also dealt with the fact that you need to call the API without a buffer to determine how big a buffer it requires and then call it again with the correct sized buffer to obtain the path.

GetTempPath() is a simple function and the documentation is pretty clear on how it should be used. My original wrapper was fairly crap.

_tstring GetTempPath()

{

   const DWORD spaceRequired = ::GetTempPath(0, 0);      // 1

  

   _tstring directory;

  

   directory.resize(spaceRequired - 1);     // 2

  

   const DWORD spaceUsed = 1 + ::GetTempPath(spaceRequired, const_cast(directory.c_str()));    // 3

  

   if (spaceRequired != spaceUsed)   // 4

   {

      throw CException(_T("GetTempPath()"), _T("Failed to get temp path"));

   }

  

   return directory;

}

There's quite a lot wrong with this code but mostly it will work... The check at stage 4 is overly restrictive but shouldn't pose a problem, except that it does... If your temp path contains an unnecessary double backslash; C:\\temp for example rather that C:\temp then the first call will return the length including the double backslash and the second call will return the path with the unnecessary backslash removed. This means that for the example path shown above, the second call returns spaceRequired - 2 rather than the expected spaceRequired - 1 and the code fails with the rather useless error message.

The fixed version of the code doesn't suffer from this problem.

_tstring GetTempPath()

{

   const DWORD spaceRequired = ::GetTempPath(0, 0);

  

   if (spaceRequired == 0)

   {

      const DWORD lastError = GetLastError();

  

      throw CWin32Exception(_T("GetTempPath()"), lastError);

   }

  

   _tstring directory;

  

   directory.resize(spaceRequired - 1);

  

   const DWORD spaceUsed = ::GetTempPath(spaceRequired, const_cast(directory.c_str()));

  

   if (spaceUsed == 0)

   {

      const DWORD lastError = GetLastError();

  

      throw CWin32Exception(_T("GetTempPath()"), lastError);

   }

  

   if (spaceUsed >= spaceRequired)

   {

      throw CException(

         _T("GetTempPath()"), 

         _T("Failed to get temp path, second call needed more space ") + ToString(spaceUsed + 1) + 

         _T(" than first call allocated ") + ToString(spaceRequired));

   }

  

   directory.resize(spaceUsed);

  

   return directory;

}

This fix will be included in version 6.3 of the server framework code which currently has no scheduled release date.

As soon as I started to look at making some of the failing tests pass I realised that having a heap of failing tests wasn't such a good idea, at least with my home brew test framework. I had stubbed out the timer wheel's interface and had decided to throw exceptions from the functions that weren't implemented yet. Those exceptions caused the tests that used that functionality to fail, so far so good. Unfortunately there was no differentiation between tests that I knew would fail and tests that just happened to be failing; I discovered this when I realised that some of the failing tests were for the timer queues and not the wheel... Switching the exception thrown to one of my testing exceptions, a "test skipped" exception means that I now have a load of timer wheel tests that are skipped due to lack of implementation code and the test failures are clearly failures. Once the real failures were fixed I could move on with the new code.

In the diagram above, if the timer wheel's current time is 0 then we would need to scan forward sequentially from 'start' to the first timer that is set at position 30 to determine that the first timer is set at 30...

It's possible to optimise this. We could manage a 'hint' which points to the earliest timer that has been set, discovering the next timeout could then be O(1) if the hint is set. The hint could be managed by our calls to SetTimer(), if the timer we're setting is earlier than the hint, or if it's the first timer set then we set the hint to point at it. Unfortunately this scheme falls down in the presence of timer cancellation. If you cancel the earliest timer then you need to scan forward to update the hint, this forward scan is potentially O(n); so now your cancellation has gone from O(1) to O(n) to keep your timeout processing at O(1)... In some usage scenarios this might be acceptable except that, of course, expiring a timer or setting a timer that is already set are also forms of cancellation...

For now we'll avoid all of this complexity and settle for O(n) next timeout calculation. We will, however, mitigate the worst case and add a counter that counts how many timers are currently set, if the counter is zero then there's no need to scan the whole array to discover that no timer is set; our worst case is now that only one timer is set and it's set to the maximum timeout value. Likewise we can keep a hint that can be passed from one call to GetNextTimeout() to the next as long as the hint is zeroed upon any timer changes.

Milliseconds CCallbackTimerWheel::GetNextTimeout()

{

   Milliseconds nextTimeout = INFINITE;

  

   // We need to work out the time difference between now and the first timer that is set. 

  

   if (!m_pFirstTimerSetHint)

   {

      m_pFirstTimerSetHint = GetFirstTimerSet(); 

   }

  

   if (m_pFirstTimerSetHint)

   {

      // A timer is set! Calculate the timeout in ms

  

      nextTimeout = static_cast(((m_pFirstTimerSetHint > m_pNow ? (m_pFirstTimerSetHint - m_pNow) : (m_pNow - m_pFirstTimerSetHint)) + 1) * m_timerGranularity);

  

      const Milliseconds now = m_tickCountProvider.GetTickCount();

  

      if (now != m_currentTime)

      {

         // Time has moved on, adjust the next timeout to take into account the difference between now and 

         // the timer wheel's view of the current time...

  

         const Milliseconds timeDiff = (now > m_currentTime ? now - m_currentTime : m_currentTime - now);

  

         if (timeDiff > nextTimeout)

         {

            nextTimeout = 0;

         }

         else

         {

            nextTimeout -= timeDiff;

         }

      }

   }

  

   return nextTimeout;

}

  

CCallbackTimerWheel::TimerData **CCallbackTimerWheel::GetFirstTimerSet() const

{

   TimerData **pFirstTimer = 0;

  

   if (m_numTimersSet != 0)

   {

      // Scan forwards from now to the end of the array...

  

      for (TimerData **p = m_pNow; !pFirstTimer && p < m_pTimersEnd; ++p)

      {

         if (*p)

         {

            pFirstTimer = p;

         }

      }

  

      if (!pFirstTimer)

      {

         // We havent yet found our first timer, now scan from the start of the array to 

         // now...

  

         for (TimerData **p = m_pTimersStart; !pFirstTimer && p < m_pNow; ++p)

         {

            if (*p)

            {

               pFirstTimer = p;

            }

         }

      }

  

      if (!pFirstTimer)

      {

         throw CException(_T("CCallbackTimerWheel::GetFirstTimerSet()"), _T("Unexpected, no timer set but count = ") + ToString(m_numTimersSet));

      }

   }

  

   return pFirstTimer;

}

Now that we can work out when the next timeout is due we can start to think about handling the timers when they expire. Given the diagram below, if the timer wheel believes that the current time is as indicated and the timers are then expired when the time is at 'now' we will need to process all of the the timers that are set in the order shown by their index numbers.

Again, if we were driving the wheel from a timer tick then things are simplified as we would only ever 'rotate' the wheel by one slot at a time. In the world of general purpose, multi-threaded, non-real time systems though (is that a big enough proviso?) all manner of reasons might mean that we don't actually get to process the timers until after they're due.

If all we need to worry about is processing the timers in sequence then we could step along the wheel and then walk each chain of timers and handle them as we go. It could be a little more complex than that if we want to use the BeginTimeoutHandling(), HandleTimeouts(), EndTimeoutHandling() methods to allow us to process timers without holding our lock onto the timer system whilst the timers are dispatched (I talk about why this is a desirable design here, and why needing to go through the begin, handle, end sequence multiple times to process timers is less than ideal here). Ideally, for the later situation we'd want our 'begin' to accumulate all 6 timers into a correctly ordered list and remove them from the wheel. We would then unlock the wheel and process the 6 timers in order before locking the wheel again to update the processed timers inside of EndTimeoutHandling(). Doing it this way would mean traversing each slot's list of timers to get to the last one so that we can link the next list onto the end of the previous lists...

If we ignore the more complex scenario and implement the easy one we end up with code like this to deal with the 'holding a lock whilst dispatching' case.

void CCallbackTimerWheel::HandleTimeouts()

{

   const Milliseconds now = m_tickCountProvider.GetTickCount();

  

   while (TimerData *pTimers = GetTimersToProcess(now))

   {

      while (pTimers)

      {

         pTimers = pTimers->OnTimer();

  

         --m_numTimersSet;

      }

   }

}

  

CCallbackTimerWheel::TimerData *CCallbackTimerWheel::GetTimersToProcess(

   const Milliseconds now)

{

   TimerData *pTimers = 0;

  

   // Round 'now' down to the timer granularity

  

   const Milliseconds thisTime = ((now / m_timerGranularity) * m_timerGranularity);

  

   while (!pTimers && m_currentTime != thisTime)

   {

      TimerData **ppTimers = GetTimerAtOffset(0);

  

      pTimers = *ppTimers;

  

      // Step along the wheel...

  

      m_pNow++;

  

      if (m_pNow >= m_pTimersEnd)

      {

         m_pNow = m_pTimersStart + (m_pNow - m_pTimersEnd);

      }

  

      m_currentTime += m_timerGranularity;

   }

  

   if (pTimers)

   {

      m_pFirstTimerSetHint = 0;

   }

  

   return pTimers;

}

The code can be found here and the previous rules apply.