Interview with Alan Kay

This is an interesting interview with Alan Kay.

Most software today is very much like an Egyptian pyramid with millions of bricks piled on top of each other, with no structural integrity, but just done by brute force and thousands of slaves.

He also has some choice words for early binding

If you’re using early-binding languages as most people do, rather than late-binding languages, then you really start getting locked in to stuff that you’ve already done. You can’t reformulate things that easily.

and the common languages today

so both Lisp and Smalltalk can do their things and are viable today. But both of them are quite obsolete, of course. The stuff that is in vogue today is only about “one- half” of those languages.

and for computer science eductation

but I fear—as far as I can tell—that most undergraduate degrees in computer science these days are basically Java vocational training.

fixed link to interview

Java Daemon

Lately I have been writing a Java program that needs to run in the back ground (like a daemon). I found a couple of neat little tricks that can make this easier. These ideas probably only work in a Unix environment but they have been tested on Linux and Solaris.

So you have your program and you want to start it such that it will not be killed when you log out of the shell in which you start it. You could use nohup, but nohup redirects the standard out and error to files, which is annoying because you are writing all output to a log file anyway. You could do java -cp your_class_path com.domain.main_class <&- 1>/dev/null 2>&1 & which runs the program in the background, closes standard in, and redirects standard out and error to the bit bucket. By closing standard in to the process the shell will not kill the program when it exits and it is running in the background so it will not interfere with other actions we might want to perform with this shell.

However, it would be nice if you could print errors that occur during startup to the prompt — for example if the config file were missing. This is nice because it is generally appropriate to sanity check the configuration so that if the program starts there is a significant chance it will actually work correctly. So let’s not redirect standard out and error. That leaves you with
java -cp your_class_path com.domain.main_class <&- &, which works but a shell will not exit while there are still programs attached to its standard out and error — as this one is.

The solution is to have the Java program detach from standard out and error once its startup is complete. So we will create a method called daemonize() that we will call just before entering the infinite loop that is the main program logic.

static public void daemonize()
{
   System.out.close();
   System.err.close();
}

So now we have a main method which looks like

static public void main(String[] args)
{
   try
   {
       // do sanity checks and startup actions
       daemonize();
   }
   catch (Throwable e)
   {
       System.err.println("Startup failed.");
       e.printStackTrace();
   }

   // do infinite loop
}

Now when we start our program we get to see if it started correctly and if it does start it will not be killed when the shell exits nor will it prevent the shell from exiting.

Now that the program is completely detached from the shell the only way to stop it is by killing the process. However, to do that you need to know the pid. Java has no way for a program to figure its pid directly — it is too system dependent. So we will create a shell script to launch our daemon and record its pid for future use.

#!/bin/sh
java -cp your_class_path com.domain.main_class &lt;&amp;- &
pid=$!
echo ${pid} > mydaemon.pid

This script launches the program and then writes the pid to the file ‘mydaemon.pid’. Now when you want to kill the program you can do

kill `cat mydaemon.pid`

There are a couple of problems with this, one is that the pid file gets written even if the daemon failed to start successfully, another is that if the daemon crashes the pid file will still exist — which might lead you to believe it is still working.

We can solve the pid file surviving daemon crash problem by passing it into the Java program like the following

java -Ddaemon.pidfile=mydaemon.pid -cp your_class_path com.domain.main_class &lt;&amp;- &

And the updated the daemonize() method to the following

.

static public void daemonize()
{
   getPidFile().deleteOnExit();
   System.out.close();
   System.err.close();
}

where getPidFile() is a method which returns a File object file specified by the system property “daemon.pidfile”. That way the pid file will be deleted when the VM exits.

For the overly eager creation of the pid file you could add a delay to the shell script and then check to make sure the process is still running before writing the pid file. But how long should the delay be? A better way is to take advantage of the fact the a shell will not exit while a program is attached to its standard out or error — even if the process is running in the background. We know that our program will not detach from those until the startup process is complete. The following shell script achieves this

#!/bin/sh

launch_daemon()
{
  /bin/sh &lt;&lt;EOF
     java -Ddaemon.pidfile=mydaemon.pid -cp your_class_path com.domain.main_class &lt;&amp;- &
     pid=\$!
     echo \${pid}
EOF
}

daemon_pid=`launch_daemon`
if ps -p "${daemon_pid}" &gt;/dev/null 2&gt;&1
then
  # daemon is running.
  echo ${daemon_pid} &gt; mydaemon.pid
else
  echo "Daemon did not start."
fi

This script starts a sub-shell and launches the daemon (in the launch_daemon() function). The sub-shell will only return once the java program has detached from the console — for our program that means it has completed its startup or died. After the launch_daemon() function returns we check to see if the pid it started is still running. If so it means that the daemon started correctly and the we write the daemon’s pid to the pid file. Remember that whenever the daemon’s VM shuts down the pid file will be deleted so you can treat the existence of the pid file as an indication that the process is running.

Now it occurs to you that if a problem occurs during startup you really would like to log it to both the log file and console. Since you are using log4j this is pretty straight forward. Just updated you main method like the following

static public void main(String[] args)
{
   Appender startupAppender = new ConsoleAppender(new SimpleLayout(), "System.err");
   try
   {
       logger.addAppender(startupAppender);
       // do sanity checks and startup actions
       daemonize();
   }
   catch (Throwable e)
   {
       logger.fatal("Startup failed.",e);
   }
   finally
   {
      logger.removeAppender(startupAppender);
   }

   // do infinite loop
}

where “logger” is a static member variable that contains a Logger object. The nice thing about this is you can log message anywhere in you startup code and know that someone will see them, even if it occurs before you have configured the logging based on the application configuration. If the normal application logging is configured, the messages will go both to the console and to the log file for future debugging.

So all that works pretty well. There is another problem though. There is not a clean way to shut this daemon down. We need a graceful way to handle shutdown. So we add the following code to our main class

static protected boolean shutdownRequested = false;

static public void shutdown()
{
   shutdownRequested = true;
}

static public isShutdownRequested()
{
   return shutdownRequested;
}

Then we update our application so that occasionally it checks ‘isShutdownRequested()’ and if it is we leave the main loop. Now our main method looks like

static public void main(String[] args)
{
   Appender startupAppender = new ConsoleAppender(new SimpleLayout());
   try
   {
       logger.addAppender(startupAppender);
       // do sanity checks and startup actions
       daemonize();
   }
   catch (Throwable e)
   {
       logger.fatal("Startup failed.",e);
   }
   finally
   {
      logger.removeAppender(startupAppender);
   }

   while(!isShutdownRequested())
   {
      // wait for stimuli
      // process stimulus
   }
}

This looks pretty good but you still only shutdown from inside the program. The solution is a VM shutdown hook. The is a bit of code that the VM runs when it is shutdown. We create the following method

static protected void addDaemonShutdownHook()
{
   Runtime.getRuntime().addShutdownHook( new Thread() { public void run() { MainClass.shutdown(); }});
}

and update the shutdown method as follows

static public void shutdown()
{
   shutdownRequested = true;

   try
   {
       getMainDaemonThread().join();
   }
   catch(InterruptedException e)
   {
       logger.error("Interrupted which waiting on main daemon thread to complete.");
   }
}

Note that we now wait for the main daemon thread to die. This is because the VM waits for the VM shutdown hooks to complete for exiting but it does not wait for other threads to complete. This join allows the main daemon threads to complete in a controlled way rather than being killed by the VM. Then we update the main method to call this new addDaemonShutdownHook() method

static public void main(String[] args)
{
   Appender startupAppender = new ConsoleAppender(new SimpleLayout());
   try
   {
       logger.addAppender(startupAppender);
       // do sanity checks and startup actions
       daemonize();
       addDaemonShutdownHook();
   }
   catch (Throwable e)
   {
       logger.fatal("Startup failed.",e);
   }
   finally
   {
      logger.removeAppender(startupAppender);
   }

   while(!isShutdownRequested())
   {
      // wait for stimuli
      // process stimulus
   }

   // do shutdown actions
}

Now you can kill the process using kill `cat mydaemon.pid` but shutdown will be orderly and controlled.

So there you have it. A fairly safe and full featured way of create a Unix daemon with Java. Of course, if you do not need the extra control and do not mind have native binaries it might be easier to use Jakarta Daemon.

{Update: corrected a variable name in one of the shell scripts and added a needed closing brace to one of the bits of Java code}

Stop Over-Reacting

One of my pet peeves with Java is the member access modifiers. I despise the semantics of private. My problem with private is that it prevents subclasses from accessing the member. This is almost always a bad idea. Basically you are saying, “I know how my code should be used all other developers are too stupid to be trusted to use this member in a reasonable way”. If there is one thing you can rely on, it is that any code you write will someday be used in a way you have not yet anticipated.

I think the semantics of private are an example of over-reaction. I can hear the reasoning now, “Global variables make a program hard to debug because they are not encapsulated and therefore get accidentally modified. We should solve that problem by having complete encapsulation.” The real problem, however, is that global variables get accidentally changed, not the lack of encapsulation. Encapsulation is merely a tool that might help prevent accidental use/change of state.

The inappropriate use and change happens because it is not clear who owns them and in what contexts that state should be used and changed. In practice, it seems that encapsulation does help solve this problems but the encapsulation need only be obvious, not enforced. With OO we have a way to provide obvious logical encapsulation in the form of members. The addition of these obvious boundaries of use effectively solves the accidental mis-use problem – regardless of whether those boundaries are enforce or not – by making it clear where it is generally appropriate to use/modify an item. The strictness of Java’s private modifier is not necessary or helpful.

Once I started thinking about this, I noticed that this sort of over-reaction is rampant in the software industry. Static typing is a over-reaction to weakly typed languages. Java/C# inheritance models are an over-reaction to the complexities of multiple inheritance in C++ (interfaces exists because, as it turns out, you really do need multiple inheritance to make OO work and these languages have a broken inheritance model). XP is an over-reaction to water fall development methodologies. (I think. I have not totally convenience myself of this one yet.)

For example, I think manifest (or static) typing is an over-reaction to weakly typed systems. Everyone who has worked with C has a story about how they accidentally overwrote some random memory by doing pointer arithmetic something that was not really a pointer – or something similar – and it caused their program to fail much later in a completely different part of the code. This sort of thing is very difficult to debug because the code which is incorrect is not where the failure occurs. So C++ was introduced with strong and manifest types, and it was better. But it was the strong typing – that is, if you attempted to use an item in way that its type does not support the code fails in an obvious way – was the thing that made it better, not that the types are manifest in the source code. But everyone got the “manifest typing == strong typing == good; anything else == bad” meme anyway.

As for multiple inheritance I can only say that the C++ implementation of multiple inheritance is complex. But it is an implementation problem, not a conceptual problem. Multiple inheritance is not conceptually difficult and it is useful.

This tendency to over-react has been noticed before, of course. There is a well known pattern in software systems called second system syndrome. Second system syndrome is, at its core, an over-reaction. It usually goes like this. You build a system and it works basically as intended. People use it and want it to do something you had not anticipated and it takes a lot of work to implement that functionality. So you say, “well I am not going have that problem again” and you make the 2.0 version super flexible, extensible and any other -able you can think of. The thing about all those -ables is that they make the base system more complex and mostly you will not be using them. You over-reacted and you pay the price in much more difficult maintenance.

XP attempts to mitigate this tendency by saying, “assume simplicity”, which seems to have devolved into “don’t crystal-ball”. I think the “don’t crystal-ball” form is an over-reaction in itself. We have been burned in the past by unneeded complexity so instead we preclude all functionality that is not needed at this exact moment (even if you will probably need it tomorrow). Assuming simplicity not a bad approach but developers should try to guess what is going to happen in the future. Then they should examine those predictions with an extremely critical eye. If a predicted functionality is not likely to be needed it should be ignored. If the predicted functionality can be added easily at a later date it should be ignored. If the predicted functionality is likely to be needed and would be difficult to add in the future it is something that should be implemented now – or at least enough of it should be implemented so the rest can be implemented easily in the future. The thing to remember is that most of the functionality you can imagine will never be needed so you need to be brutal when evaluating your predictions.

I think our industry would be a lot better off if we could learn solve the real problem instead of over-reacting to spurious issues that previous solutions introduced.

Some thoughts about XP

Last week the company I work declared that “XP is the answer to our development process”. I have never worked in an XP environment before so it will be interesting to see how well it works. But before I jump into this I wanted record some thoughts I have about XP and then as time goes on I will comment on them if I gain any insights.

Web Applications

A few months ago I pointed a colleague at XUL as a way to implement a user interface without requiring local installation. After doing a bit of research he mentioned theMozilla Amazon Browser to me. I have been intrigued by the idea of XUL and XAML since I first encountered them but MAB is the first XUL application I have actually used. It is not terribly polished but it gives you the feeling that a XUL application could be extremely slick.

An Anti-pattern I Have

I have just passed the six month mark at my new job. And I am learning a lot of new things, which is nice. However, I recently noticed an anti-pattern in my performance in my new job.

Anti-pattern: Developing generic technical services as a form of procrastination.

My basic tendency is to develop software “bottom-up”, by which I mean generic technical services first and then implementing the application logic on top of those. I had been at my previous job for six years and after a couple of years you start to really understand the domain really well. This bottom up development style served me well at my previous job because I, for the most part, understood the problems I was solving (and the environment in which I was solving it) almost with out thinking. It is very easy to write generic technical services first if you have a reasonable understanding of the problem and solution domains.

In my new job I do not have a good understanding of the problem domains or the environment in which my solutions will run. I have spent the last several months working on a small-ish project and I have spent most of that time work on generic technical services to support the actually application logic. At this point I have far more technical service code than I to application code. The technical service code does exactly what I intended it to do but unfortunately it is for more complex than is really necessary for my current project.

It is very easy to procrastinate actually learning the domain, requirements and environment by jumping into coding the technical services you think you will need. Unfortunately, the “bottom-up” development style really only works if you understand the requirements, domain and environment well. If you do not understand the problem and environment well you will just write tons of code that is either solves the wrong problem or solves the right problem inappropriately.

PS: This article was prompted by a couple of people I respect, David Hansson and Jamis Buck, blogging about mistakes they have made. I agree with David that the net benefits of transparency far out weigh the risks.

Passwordlet

I happened across this interesting little tibit yesterday. It is a bookmarklet that generates a password based on the domain name and a master password. It makes it so that you can have a different password for every website you need to logon to without having to remember hundreds of passwords.