- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
My big f-up was on a system used to do a nightly autodial to schools (back when our 56K US Robotics Courier still had that new-car smell) and pass zip files of data back and forth.
I had recently told the operator of that machine to set the temp folder to a local drive for speed, as he had been using a folder on the Novell server. I went to leave that night and noticed the old temp folder still out on the server, so I deleted it.
It turned out that it was still pointed there, so all the received files from that night went poof into nowhere.
I got a call as I was getting dressed for work the next morning. When I finally realized what happened the blood drained from my face & I broke into a flop sweat.
Me, along with everybody else in the department had to call every one of those schools, have them do a backup, restore the pre-transmission backup from last night (it zipped up all their DBFs prior to setting up the auto answer, thank goodness!), resend the previous days' stuff then restore the backup they had just made. We were on the phone all day, but we got it done. We actually finished in time for copious refreshment at happy hour.
Somehow, I managed to get kudos for that gaffe. I guess previous programmers had a "not my station" mentality. My thoughts were that I screwed it up, so I better help fix it!
Changes were made to be more active in checking/logging things during the course of an individual connection as well as counting failures so that if enough happened, it would assume something unusual was afoot and just quit the autodial. The logic being it's much easier to just catch up the next day than it was to do the backup/restore/transmit/restore dance.
Admin
Wrote a script to produce manuals for assembly of automobiles. Incorrect formula (for X components, divided torque by X - likely was drunk when I wrote it) specified under-tightening of many components. SOP was to bribe whoever to pass all tests. End result was a lot of vehicles losing brakes suddenly. It got to the point where if I heard "X dead in rear end collision" on the radio I knew it was my mistake. Big oops. Luckily in what was then Soviet republic, then CCCP fell, so no consequences.
Admin
Biggest oops was reinstalling windows instead of trying to figure out how my boss had corrupted his machine, and learning that the /my documents folder is hiding in c:/windows/..., which I'd deleted to clear all crap. First thing I do now on any new install is point that shortcut to a second partition.
Admin
I don't get it. I assume you are bucketing the item based on the modulo? You did provide for collisions? I mean this code should have worked just fine with a modulo of 1, albeit a bit slower.
Admin
Admin
So YOU'RE the one!!!!
Admin
Because all companies always upgrade to the latest and greatest technology!
...
I've yet to meet a client who won't invariably choose the cheaper of two options. Sometimes it takes 3 or 4 times cycling through the "cheaper" options for them to realize that the "expensive" option really isn't so...
Admin
Quick...What is (179+181)/2???
Back in the early 1990's I had developed a naval control system. Part of its function was to take the relative windspeed from the anonometers process it into actual wind and feed it to the gun control servos...
On the first sea trial, we run running tests [put a video camera in the gun, fly a small plane around, and see if it stays in the sights..].
All of a sudden there was a LOUD bang, and the entire ship shook. Sailors ran like crazy. It could ahve been ANYTHING (a hull breach was a major concern).
Nobody found anything. Abou 90 minutes it happened again. Same scenario, but just a little bit less "panic". Finally an hour later it happened again.
This time a sailor happend to see the main gun (the ship was a Frigate - so the gun was a decent size), slap against the upper stops, then slapp down into the deck, then resume normal operation....
Bonus points to the person who can tell what happened...
(Now you see why my real name is NOT on this post....)
Admin
Your system was representing the windspeed as an 8-bit value and did a calculation that overflowed. That caused the gun to react to a nonexistent wind shift, and then react the other way when the overflow stopped.
Admin
DELETE FROM TABLE WHERE condition1(enter) (not yet typed: AND condition2)
Best to guarantee a syntax error by typing "elete" and then go back and add the "d" at the end.
Admin
Equality operators are an exception to a lot of other stuff - you can't SELECT COL1 = COL2 AS IS_COL1_EQUAL_COL2. Even VB lets you use equality operators as boolean values.
SQL simply doesn't have a single "expression" concept the way C does.
the AND and OR operators are exceptions to the specific rule you named:
WHERE COL = 0 OR COL IS NULL WHERE [NULL] OR [TRUE] WHERE NULL
WHERE COL != 0 AND COL IS NOT NULL WHERE [NULL] AND [FALSE] WHERE NULL
Really any where clause should be fouled up by this, by your logic
Admin
Admin
lol - the consultants ain't THAT highly paid. Most control systems engineering for steel mills (or any factory for that matter) is put out to bid and paid for as cheaply as possible. Typical rates for engineering services like this will be in the $100 - $200 per hour range. This is nothing compared to the $400+ per hour fees charged by lawyers, marketing consultants, etc. Let's face it - you get what you pay for.
Admin
There was an arithmetic overflow. The fix would be to realize that
a + b is the same as a and b + a or b, which is the same as
2 * (a and b) + (a xor b)
Divide by 2 to get
(a and b) + (a xor b) / 2
And use that formula to calculate the average instead.
Admin
...even more dangerous; su - first...
I arrived at work early to get some performance testing out of the way before the dev team came in, so as not to disrupt productivity, KPI's & SLA's - a directive from the Suit In Charge. Whilst preparing the DB, I needed to delete a configuration that did monkey work on the data as the engine came up... so I su -, rm -rf and BAM! I notice /bin, /boot, /dev, /etc, /home, /lib, /opt scroll past before ctrl-c kicked in. I realised for the second time in my life (and 15 years apart) the su - in solaris kicks you back into / . Not to worry, I walk over to the storage gimps to restore the boxen, when I'm told due to management edicts on cost cutting, unnecessary expenditure like tapes for every machine and nightly back ups had been given the arse months back. I work for a company whose management "redefined" the company from a dev house to a "financial services provider" - I assume they did this so they could save on the bottom line and not spend on such trivial things as DR, code-base escrow and relevant dev platforms. The "financial service" we provide is banking software - and our project is once again in the design phase.......
Admin
My first programming job fresh out of school. Working on paratransit (transport for the disabled) software that would solve the travelling salemen problem. It would allow a dispatcher to take travel requests and then it would figure out the most efficient way for X busses to pick up and deliver all the passengers.
During testing, we had created a dummy account named 'Zeke Zero'. As our testing became more involved, soon our test suite had 'Zeke One', 'Zeke Two', etc.
We installed our system in a southern Ontario city of about 150,000. Things seemed to be working fine during the first week of use and we were about to sign off when we had a major 'failure'. A wheelchair bound 10 year old was not picked up after school. It became a major issue because his handler (Who was supposed to wait with him until the bus arrived) left early, leaving the poor child there for hours until his frantic parents found him. Luckily, he was fine. But this resulted in calls from the local news, and the mayor of the city actually came by to check "How this could happen."
The problem? We actually left all the test data in the database for training purposes. Flip a switch, and you were in training mode. Flip it back and real data. But just to make training data never bled into real data, we had a nice filter that would block out the training data. And somehow it made perfect sense at the time that we'd just filter out any passengers named 'Zeke'...
All this wouldn't have been an issue at all if 10 year old Ezekiel's name had been spelled properly, but when he was entered into the system, the dispatcher transposed the i and e...
A comedy of errors. But it wasn't much fun when the mayor of the city is telling you that you're a moron, and people are threatening you with lawsuits...
Admin
Nah, that's too enterprisey (just kidding).
Admin
Yes, but pressing Enter doesn't execute the script. At least, not in SQL Server Management Studio or its predecessor SQL Query.
Admin
This one wins the thread. We've seen major loss of data, millions of dollars in broken equipment, all that good stuff, but finally we have a story with a human face. A 10-year-old, wheelchair-bound human face.
You could get a Lifetime movie out of this one.
Admin
bound volume set disks are a wonderful thing... until they die because one disk goes wack. which given the state of the art in the 90s was often enough, thanks.
so one day we had to fight one, and the DEC guys took a whole day to find a 300 Mb disk and get it installed. the heat was on, fix this: it happened the week before finals at this college I worked at.
planned and dreamed and fidgeted a while, and came up with a piece of code that would break up the student file system into two pieces. unfortunately, we had to balance things just so to fit all the directories on the two disks, so there was a lot of name tests aka "if A, sys$student1, if B sys$student2, if C, sys$student 2," etc.
three good tested backups later (this with a boss who continued to ask if /verify was really important, it takes too long,) we played a few tests onto another machine in the VAXcluster to make sure the software worked. it did.
but you can't be too careful, so I wrote logging in to identify where each student's directory actually went when the moves were made.
we got permission to trip it off one weekend after the students stopped logging in. started it up after waiting out the last text game players til 3 AM, fine.
watched the process run, excellent. and off to bed at 0420 or thereabouts.
the phone rang at 6:30... nobody could log in. at all. even on the console.
yep, the logging went to the system disk. free space 3 bytes. logfile was upwards of a hundred meg.
kill process, delete logs, restart.
oops.
but the files went where they were suppoed to, and I could run new backups and break the volume set later.
Admin
You want to run a real time automation system on Windows CE? I try not to run real time critical processes on a non real time, non deterministic, questionably stable operating system. I really hope you don't work anywhere near the automation industry. Yes there are some units that are running CE but most (all of them) are crap.
Admin
This reminds me of an incident a number of years ago.
I was sitting at my desk, working on some code, when my support pager went off. One of our machines had gone offline. No problem, I thought, I'll just remote-console into the box and reboot it. Except that the remote console connection just hung - nothing there.
Not getting anywhere here, I switched tactics, and logged into the log server, and checked for any indicative problem reports. There were none.
So I called someone up in the data center, and had him go check on the server. He responded about five minutes later, "I can't find it." I gave him directions to the box a half dozen ways, and he kept not finding it. Finally, I drove to the data center, about 20 minutes from my office.
As I got there, there were a couple of other data center guys racking a server... in my cabinet. Conveniently where the missing server was supposed to be. However, it had a different label on it...
Yes, that's right. In the middle of the day, some goons went to our cabinet, pulled one of our machines, re-imaged it, re-labeled it, and were in the process of re-racking it. For what it's worth, there was no notification, to anybody - not even the owners of the box they were supposed to be doing that to.
The box they were supposed to image was a 1U blade in the third cabinet from the wall, second box from the top, had no label, and was powered off - it wasn't even connected to power or network, but only had one power plug and one network port. The box they took was a 6U server in the second cabinet from the center isle, third box from the bottom, had a label front and back, and was powered on and quite active, with redundant power, redundant network cables, plus a console cable.
On the bright side, we had redundant servers, backups, load balancers, etc. Thanks to the timing of it, it cost us approximately 10 seconds of downtime in one region. And, best of all, it broke the stalemate we'd been having with the data center manager over getting our cabinets re-keyed so the data center guys couldn't get into our cabinets.
Admin
I really think that the sql model should require a where clause on a delete statement.
Delete without a where clause should error out. The rare times that someone wants to delete all the rows, one could do a where 1 or something.
Every sql programmer has been burned by this.
Admin
Hitting enter isn't generally the problem.
The problem is getting so focused on the rest of the statement that one forgets that the where clause isn't there, and running it.
This is why it's good to be paranoid when working with sql queries. Adding the where clause first or putting in checks so he can't forget the where clause is just his way of not forgetting and accidentally clearing the table.
Isn't there a truncate table command? I never use it as I rarely need to clear out tables except in test, but I just don't get why a Delete command shouldn't require a where clause.
Admin
I was involved in a very bad production failure that caused President Clinton to make some, umm, unusual comments about porn on the Internet.
News story: http://www.2600.com/news/0214-files/0214-fox.html
The prankster's take: http://www.boredom.org/cnn/statement.html
Some comments from me: http://archive.humbug.org.au/aCCbNhVTEUdFdkynR5QTNA==
Admin
Want to know a fun way to screw up a DELETE statement? Try 'DELETE FROM Table WHERE Id-<x>'. This will happily delete every row except the one you were trying to get rid of. And of course, the - key and the = key are right next to one another...
We had a recent backup, so it wasn't a big deal. I didn't even get yelled at, because I was able to restore it fast enough that no one noticed. Still, seeing that '9000 rows affected' message was not at all fun.
Admin
I learned to do that one indirectly, but from the same incident where I learned to do "ls blah*", and when it looks right, change "ls" to "rm".
Admin
A few years ago I was working at a school as system tech. Please forgive me if I get the names wrong, this was several years ago and I have not used Novel any thing before or since.
I had a pile of old workstations to "wipe" At the time policy was boot to a disk that just ran a format. I thought that was not a very secure way to do it. I started poking around on the Novel Zenworks disk we used for imaging. All I wanted was a command prompt to run DD or some sort of disk wipe function. As I am looking around the menu and trying varius things I find a promising boot mode. As its booting up it was complaining about a missing network link. I thought OK maybe it it looking for the server. SO I plug in a cable. It continues to boot. Then I noticed it was starting a DHCP server AND some sort of multicast. I get that OH $%!^ feeling. I pulled the network cable as fast as I could.
However it was not fast enough. The lowly PII 450 was able to flood the network and blocked traffic for just over a minute. Long enough to cause interruptions to the student attendance and grading database. No data loss tho. That was good because that system is very touchy.
Admin
I used to write control software for production line soldering/tacking machines. The ones used by Qualcomm, 3Com, Siemens, etc. to solder/tack flexible wires (flex) to display glass and circuit boards. These machines had a piston to extend/retract and control the pressure of a variable temperature hot bar. Of course, there was an emergency stop button that cut power and air to the hardware (not the control computer). There was also a retract pressure adjustment knob.
Well, long story short, one of our customers was doing prototype runs and on one run, noticed the hot bar was about to come down on a piece of fixturing. Not wanting to break the glass and ruin the hot bar (10k+ replacement cost), the customer hit the emergency stop button and reached out with their hand to prevent the hot bar from coming down. And... for some reason the customer also turned the retract pressure off. So, after correcting the problem, the customer released the emergency stop and the hot bar didn't retract (no retract pressure). So, with their hand still on the hot bar head, the customer spun up the retract pressure which resulted in the hot bar head being sucked up into the housing along with their hand, crushing their thumb (actually, compressing it into a 1/4 inch gap between two 1" aluminum plates). I had to release a "patch" the next day to require a manual retract before applying pressure. After that, all our machines got light curtains which cut power/pressure when something (a hand) was in the critical area.
We didn't get sued for that one... the customer was very, um, understanding and just wanted to finish the prototype run. The client company was Canadian and seems like they do things differently there... like not suing.
Of all my production defects, and there have been a few, this was the only one in which someone got hurt so it is by far the worst one. Now I'm developing web apps.
Oh yeah, we also worked with motion controllers and there was no IDE or pre-processor for those... just a wack "language" someone made up that we loaded onto the motion controller through a rs-485 party line.
Admin
Try writing DELETE or SELECT starting with WHERE like
Admin
I would only trust the control of a piece of industrial machinery to Windows CE if I was prepared to commit suicide in shame after numerous deaths related to controlling a piece of industrial machinery with Windows CE.
Admin
Admin
Admin
How about:
tar -zcvf /home/blabla/important_folder tarball.tar.gz
tar -zxvf tarball.tar.gz -C /home/blabla
<results in /home/blabla/home/blabla/important_folder>
cd /home/blabla
<check important_folder>rm -rf /home instead of rm -rf home/
Ooops
Admin
"He could be using MySQL with the myisam engine. No transactions supported."
No, actually worse: MySQL/myisam will not support transactions, but will happily respond with OK if you ask it to BEGIN a transaction. Then you'll discover ROLLBACK also happily responds with OK but does not ROLLBACK anything ...
Admin
[quote user="Mike"]That's why MySQL has "--i-am-a-dummy" mode, which prevents one from running UPDATE or DELETE statements without a WHERE clause.
... and why a real database supports BEGIN TRANSACTION?
Admin
Most of the product failures I've encountered were because of inherited code, not something I wrote myself, of course ;) One such case was the PERL shopping cart software deployed on our e-commerce site. Since PERL had no built-in session state, this clever little off-the-shelf system would exclusively use IP address to uniquely identify customers.
I had not been at the company long and so I hadn't analyzed this code much. After I read a handful of customer emails showing concern because they were seeing another customer's name, address, and CREDIT CARD INFORMATION on the checkout page, I took a gander.
I then discovered that this system was saving all customer checkout info in clear text files, by IP address, then the next time anyone checked out with any IP address that had been used before, it was pre-filling the checkout page with the previous customer's credit card info.
I estimated that this security breach was probably viewed by customers between 500 and 1000 times over the life of the site.
I have no idea how many sites used this software, but it was available for sale on the author's Web site for over 10 years. And of course, HIS Web site used the same software for his transactions.
How he managed to not get sued out of existence, I'll never know.
Admin
Didn't do this one myself, only had to fix it.
This customer had several windows computers with crossed shared HHD's (computer A's HDD showed up as E: on computer B and vise versa) so the the operator would have access to each other's data files (art). Well this one operator decided that it was time to delete redundant copies of data files and noticed that both HDD's had a folder called \DOS and some other files in the root called autoexec.bat and config.sys. It continued to work fine until the next morning when they booted up and ... The company manager brought it to me to fix. For fun, while I brought it back to life for him, we calculated the total production loss and associated loss from the people who used the art created on that machine and it turned out to be more than the employee's yearly salary. Of course she was sternly warnednot to ever delete ANYTHING.