Production postmortemA null reference in our abstraction
This little nugget has caused a database upgrade to fail. Consider the following code for a bit. We have CompoundKey, which has two versions, slow and fast. The idea is that we use this as keys into a cache, and there are two types because we can “query” the cache cheaply, but constructing the actual key for the cache is more expensive. Hence, the names.
public class CompoundKey { public int HashKey; } public sealed class FastCompoundKey : CompoundKey { public int Val; } public sealed class SlowCompoundKey : CompoundKey { public int SlowVal; } public class CompoundKeyEqualityComparer : IEqualityComparer<CompoundKey> { [MethodImpl(MethodImplOptions.AggressiveInlining)] public bool Equals(CompoundKey x, CompoundKey y) { if (x == null || y == null) return false; SlowCompoundKey k; FastCompoundKey self; var key = x as FastCompoundKey; if (key != null) { self = key; k = y as SlowCompoundKey; } else { self = y as FastCompoundKey; k = x as SlowCompoundKey; } return self.Val == k.SlowVal; } [MethodImpl(MethodImplOptions.AggressiveInlining)] public int GetHashCode(CompoundKey obj) { return obj.HashKey; } }
The problem was a null reference exception in the Equals method. And I believe the term for how I felt was:
The problem is that it is obvious why a null reference exception can be thrown. If the values passed to this method are both SlowCompoundKey or both FastCompoundKey. But the reason the Equals method looks the way it does is that this is actually in a very performance sensitive portion of our code, and we have worked to make sure that it runs as speedily as possible. We considered the case where we would have both of them, but the code had a measured performance impact, and after checking the source of the dictionary class, we were certain that such comparisons were not possible.
We were wrong.
Boiling it all down, here is how we can reproduce this issue:
var dic = new Dictionary<CompoundKey, object>(new CompoundKeyEqualityComparer()); dic[new SlowCompoundKey { HashKey = 1 }] = null; dic[new SlowCompoundKey { HashKey = 1 }] = null;
What is going on here?
Well, it is simple. We add another value with the same hash code. That mean that the dictionary need to check if they are the same value, or just a hash collision. It does so by passing both the first key (slow) and the second key (slow) into the Equals method, and then hilarity enthused.
In retrospect, this is pretty much how it has to behave, and we should have considered that, but we were focused on looking at just the read side of the operation, and utterly forgot about how insert must work.
Luckily, this was an easy fix, although we still need to do regressive perf testing.
More posts in "Production postmortem" series:
- (12 Dec 2023) The Spawn of Denial of Service
- (24 Jul 2023) The dog ate my request
- (03 Jul 2023) ENOMEM when trying to free memory
- (27 Jan 2023) The server ate all my memory
- (23 Jan 2023) The big server that couldn’t handle the load
- (16 Jan 2023) The heisenbug server
- (03 Oct 2022) Do you trust this server?
- (15 Sep 2022) The missed indexing reference
- (05 Aug 2022) The allocating query
- (22 Jul 2022) Efficiency all the way to Out of Memory error
- (18 Jul 2022) Broken networks and compressed streams
- (13 Jul 2022) Your math is wrong, recursion doesn’t work this way
- (12 Jul 2022) The data corruption in the node.js stack
- (11 Jul 2022) Out of memory on a clear sky
- (29 Apr 2022) Deduplicating replication speed
- (25 Apr 2022) The network latency and the I/O spikes
- (22 Apr 2022) The encrypted database that was too big to replicate
- (20 Apr 2022) Misleading security and other production snafus
- (03 Jan 2022) An error on the first act will lead to data corruption on the second act…
- (13 Dec 2021) The memory leak that only happened on Linux
- (17 Sep 2021) The Guinness record for page faults & high CPU
- (07 Jan 2021) The file system limitation
- (23 Mar 2020) high CPU when there is little work to be done
- (21 Feb 2020) The self signed certificate that couldn’t
- (31 Jan 2020) The slow slowdown of large systems
- (07 Jun 2019) Printer out of paper and the RavenDB hang
- (18 Feb 2019) This data corruption bug requires 3 simultaneous race conditions
- (25 Dec 2018) Handled errors and the curse of recursive error handling
- (23 Nov 2018) The ARM is killing me
- (22 Feb 2018) The unavailable Linux server
- (06 Dec 2017) data corruption, a view from INSIDE the sausage
- (01 Dec 2017) The random high CPU
- (07 Aug 2017) 30% boost with a single line change
- (04 Aug 2017) The case of 99.99% percentile
- (02 Aug 2017) The lightly loaded trashing server
- (23 Aug 2016) The insidious cost of managed memory
- (05 Feb 2016) A null reference in our abstraction
- (27 Jan 2016) The Razor Suicide
- (13 Nov 2015) The case of the “it is slow on that machine (only)”
- (21 Oct 2015) The case of the slow index rebuild
- (22 Sep 2015) The case of the Unicode Poo
- (03 Sep 2015) The industry at large
- (01 Sep 2015) The case of the lying configuration file
- (31 Aug 2015) The case of the memory eater and high load
- (14 Aug 2015) The case of the man in the middle
- (05 Aug 2015) Reading the errors
- (29 Jul 2015) The evil licensing code
- (23 Jul 2015) The case of the native memory leak
- (16 Jul 2015) The case of the intransigent new database
- (13 Jul 2015) The case of the hung over server
- (09 Jul 2015) The case of the infected cluster
Comments
There's also a bug because Equals(null, null) returns false. You might not care about that, though.
Also note, that a.GetType() == b.GetType() is a JIT intrinsic and amounts to comparing an object header word. It's fast.
broken link
https://ayende.com/blog/archive/9042.aspx
from blog post
https://ayende.com/blog/3219/adaptive-domain-models-with-rhino-commons
when you migrate to new blog site you miss something... can you fix all old blog links Ayende?
thanks
Mario, Thanks, this should go here: https://ayende.com/blog/2145/entities-services-and-what-goes-between-them
Fixe
Hi I'm Mario
broken link https://ayende.com/blog/2006/07/31/IntroducingTheNHibernateQueryGenerator.aspx
from blog post https://ayende.com/blog/1651/book-review-applying-domain-driven-design-and-patterns
Anyone (Ayende can't) there can query and fix all broken links?
thanks
Mario, The link is: https://ayende.com/blog/1567/introducing-the-nhibernate-query-generator I updated the post
Comment preview