March 2009 - Posts
There are allots of improvements that can be done within application’s configuration file the only catch with it – you have to know that it’s exists. In this post I will show how to improve garbage collection performance according to application’s type.
There are 3 modes of garbage collection that can be defined in a configuration file:
- Workstation mode with enabled Concurrent flag
- Workstation mode with disabled Concurrent flag
- Server mode
Workstation mode with enabled Concurrent flag
This mode is designed to get a better responsiveness of an application’s UI and the price for the responsiveness is more CPU and memory usage.
By default this mode is enabled in Windows Forms applications, Console Applications and Windows Services .
Workstation mode with disabled Concurrent flag
This mode is optimized for height throughput applications running on single CPU computers although it is stops current thread when GC is active. Therefore it is not a best choice for an applications with UI present.
To configure this mode following must be inserted at configuration file:
<configuration>
<runtime>
<gcConcurrent enabled="false"/>
</runtime>
</configuration>
Server mode
In the Server GC mode, GC heap and GC thread are created for each CPU available, making application’s throughput and scalability higher. This mode is available only on multiprocessors systems and it is default at ASP.NET applications.
To configure this mode following must be inserted at configuration file:
<configuration>
<runtime>
<gcServer enabled="true"/>
</runtime>
</configuration>
Summary
In the age of parallel processing when most computers are already have at least two CPUs might be a good idea to test application’s performance with GC mode set to Server mode. Good example for such applications is WCF services host, which in many cases is Console application or Windows Service. In a upcoming Parallel Extensions Library the Server GC mode is a recommended mode by Microsoft for a better performance.
For a dipper exploration of GC principles and modes please refer to a Maoni’s posts.
Today’s Codeproject’s newsletter was full of pretty exciting news that I have to share with you, so it goes like this:
1. IE 8.0 will be released today – this published by Coputerworld news site.
2. Microsoft released SuperPreview - great tool for validation website’s look in known browsers(now available for IE 6.0, 7.0, 8.0 in full release will be able to validate for another browsers) – published at ZDnet
3. A great post by Tim Heuer with a list of new features of Silverlight 3.0 Beta that was announced at MIX09.
Enjoy,
Yevgeni
Lots of developers are not familiar with the fact that string variables are stored in memory as a plain text and can be stolen with simple memory dump. Therefore they are revealed to anyone who has an access to a server. So all the credit card numbers, passwords, database connection strings etc. are literally exposed when no measures are taken…
A simple solution has been always there ... Starting from .NET 2.0 framework there is a SecureString class in System.Security namespace. It’s functionality is similar to a string data type with several changes.
Here are several advantages of this class:
- It’s not stored in heap memory
- Can be made immutable edit stage was finished by calling MakeReadOnly() method
- Stored encrypted with DPAPI
- Can be cleared without leaving a copy (implements IDisposable)
- Can be passed around without leaving a copies in memory (is not stores in managed heap)
SecureString does not contain any methods or properties to inspect it’s content. Therefore to get a stored value System.Runtime.Marshal.SecureStringToBSTR method must be used:
private static SecureString _SomeSecretData;
public static string SomeSecretData
{
set
{
char[] tmpData = value.ToCharArray();
_SomeSecretData = new SecureString();
foreach (char val in tmpData)
{
_SomeSecretData.AppendChar(val);
}
//make string immutable
_SomeSecretData.MakeReadOnly();
}
get
{
IntPtr ptr = System.Runtime.InteropServices.
Marshal.SecureStringToBSTR(_SomeSecretData);
string decryptedString = System.Runtime.InteropServices.
Marshal.PtrToStringUni(ptr);
return decryptedString;
}
}
Summary
SecureString class provides easy to use tool for preventing … or at least making harder, to get sensitive data that is stored in-memory without any additional development overate.
Today I was amazed getting an email from Guy Burstein saying that I got an award “Blogger of the month” in Microsoft’s monthly magazine MSDN Pulse.
What can I say, it’s a great feeling to get such appreciation from the community. It’s one of those things that causes you to sit down and write more and more…
For those of you that still don’t get an MSDN Pulse by email. You can find a subscription data at the bottom of a magazine’s page or contact Guy Burstein directly and get tons of hottest information for developers.