Automation is great. Until it breaks and nobody gets paid

Re: This is why we need code review

"to be re-run immediately"

See, what you *should* have done is schedule the script to run 5 minutes later, instead of immediately. This gives you just enough time to log in and undo the mess.

At least, I *hope* that's the "valuable lesson" you learned...

Re: This is why we need code review

<deleted>

Re: This is why we need code review

A sysadmin for a school I attended as a youth had script that ran away with itself that ended up exposing student skullduggery. As students, our personal storage areas were limited in size to something like 64mb...which wasn't as small then as it seems now, but still quite small...so I and an accomplice found a way to create a hidden folder inside the sysadmins folder which we granted ourselves permission to access via some interesting traversal rules so that we had essentially unlimited storage which we "mapped" to our own folders as a hidden folder (we had to hide it, because the method we used to map it essentially gave the mapping to everyone, including the sysadmin)...where this fell apart was the sysadmin had a script that created a replica of a folder inside his folder as a sort of quasi-backup solution, it ensured that he had a "lagged" version of his files by about 1 hour in case he needed to recover something quickly...and he'd keep these 1 hour snapshots for a few days...catalogued using folder names with the date and time that the snapshot was "created"...this was achieved by the way, because all the admin functions were performed using tools that the admin carried around on a floppy disk...a disk we managed to clone during an IT lesson when he left it lying around when he left to room to do something else for a few minutes...that was a very tense few minutes for us because we didn't know when he would return, and at that point we had no idea the extent of the stuff we were cloning!

The sysadmins folder inside his folder is where our "mapped" hidden folder would show up, along side our other hidden folder. Creating a kind of circular reference to itself...anyway, long story short, his backup script went bonkers one day because he'd adjusted it to use a different flag (we suspect he was using the access time on the files, and we think his script was scheduled to run once an hour). Anyway, this led to our hidden folder and the hidden mapping being copied every hour on the hour several times...by the time we'd noticed (because we closely tracked the free storage on the server to ensure we flew under the radar and there were no sudden spikes in usage, well as close as we could with 1 IT lesson a week)...we were shitting bricks because the disk was down to 2% free and our little clandestine storage area used up nearly 2% of the disk. We rationalised to ourselves that it would be fine, because there was no chance the OS was on the same drive, they will find the files, but they can't be linked to us specificially..so we had a moment of calm...which lasted around 49 minutes...because just as the bell was about to go for the next lesson, everything went to shit. Disk space messages started popping up all over the place, people couldn't log in, the internet went down...hell on earth...we found a day or so later that the storage area was indeed on the same drive as the OS and the full drive caused the server to implode and there wasn't even enough space to boot it up after the sysadmin restarted it.

We were never caught for this, because our janky mapping applied to everyone and anything in that folder would automatically be "owned" by the sysadmin...we have no doubt though that our secret collection of Doom WADs, Bomberman clones etc was found out...because a whole host of new restrictions appeared on the system and necessitated a change in tactics if we wished to keep our stash of games on the network, the alternative was to rely our hidden cache of floppy disks that was kept in a cavity behind the hand dryers in the boys toilets, there is a good chance they are still there...this method led to even more chaos (which lasted for months), caused the sysadmin to have a full blown, sweary, meltdown in one of our IT lessons (he had to be dragged out by two teachers, whilst screaming that we were all bastards...not just me and my mate...because he didn't know it was us...literally all of us), did get us caught (I got a particularly scathing bollocks which involved my IT teacher telling me I'd never have a career in IT, and got me chucked off the school website team) and involved the SPOOL folder on the server, locking out the sysadmin entirely by mistake...but that is a story, that involves many reams of wasted paper, a sysadmin sleeping in his car for 2 days, lots of aggressive bollockings and eventually a truce between your heroic hacking duo and the sysadmin for another day.

As a sysadmin now, looking back...yeah we were bastards.

Re: This is why we need code review

That bit about "because they can" is so important. Unless you explicitly state in your documentation that something is undefined behaviour, you must do something intelligent. I find myself using that phrase often; "it won't WORK, but it will do something intelligent".

Even ignoring that you should expect users to do anything they are allowed to do, I feel that a system which does not handle all inputs is probably not well thought-through and generalized in its implementation. In general, a well made piece of software will have few edge cases because it will have systems which naturally handle most possible inputs.

That last point may be a pipe dream, but it's one I'm going to stick with :p

Re: This is why we need code review

"You can't use that" was the plea, everyone works with IE.

Ah yes, the bad old days of "IE or nothing".

I once worked in a business that had a development team doing bespoke business software. We "ate our own dog food" and used the same (well almost) system in-house - including for things like our timesheets. Annoyingly, some bits either didn't work properly, or didn't work at all, unless you used IE6 on Windows. As a Mac user, this was ... irritating as I had to fire up a Windows VM every day just to do my timesheet - a colleague occasionally said "you're doing your timesheet aren't you ?", noting the cursing coming from my direction at the combination of Windows and this 'orrible system.

When I mentioned this to the head dev, his response was that it was my fault for not using Windows and IE like everyone else - and no, he had no intention of even looking at what the problem might be as he only programs for IE on Windows as "that's what all businesses use".

I noted, but somehow managed to avoid gloating at him, that not long afterwards - some of the senior managers at the biggest client were using Macs and iPads ...

Postnote: as a parting gift, a dev just before he left had a look at the timesheet code, fixed an errant ";", and then it worked on Macs as well.

Re: This is why we need code review

The almost 20 years ago, high speed internet and Netscape refusal reminds me - pretty much exactly that amount of time ago, I was getting an 'engineer'-lead install of a blisteringly fast 512/128k DSL line, which hadn't been provisioned properly. Said ISP 'engineer' didn't actually have a computer and tried to blame the line not working on my use of Mozilla; as if it had somehow poisoned the Cisco router - as clearly sites didn't work in Internet Exploder either afterwards.

One argument and a trip to the exchange later, there was internet connectivity. In both browsers.

Re: This is why we need code review

"my expertise was in knowing the clients and their needs)...and actually had a working system when it went live."

Well done you! That is what needs to happen more often these days and the first statement is probably a major reason why the second statement is true.

Too often systems are created with little to no input from the "coal face", let alone testing by those people.

Re: I have consulted in many places over the years

Good grief, we have 100's of shell scripts in our git repos - and you can can't any of them without a code review. (I am trying to convert many of them to python scripts - but that's a _long_ term project).

16384 happens to be 2¹⁴. So I would guess that the script was looping until the variable used by the loop was overflowing at that particular value.

Maybe each run of the script would collect the data for a single contractor and each time it was run it would increment a counter.

Spreadsheet lines? A few per contractor (four, say) to a maximum of Excel 97-2003's 65536 limit.

Needed more boot at coding bootcamp.

"why would you run the darn thing 16K times?"

At a guess

MAX_CONTRACTORS = USHRT_MAX / sizeof (unsigned) // 64k / 4

for 0 <= contractor < MAX_CONTRACTORS do

if infosource [contractor] != 0

collect from infosource [contractor] and send timesheet for contractor to HR etc

fi

resubmit job to cron !! thinking (if at all) "batch" command :(

od

resubmit job to cron !! give it more welly

When you don't have separate prod and dev environments I guess you have to be agile to avoid the brown stuff when it hits the fan.

Re: That's a long queue.

Longer than the cue to play snooker, that's for sure.

Re: "execute his target script 16384 times"

"Exponential" does not mean "big".

The impact in this case is that running time is quadratic instead of linear.

Re: "execute his target script 16384 times"

I think you want to put the start label one line further down?

Re: "execute his target script 16384 times"

It reminded me of XKCD 1678, with similar effects.