WTF Bites
-
@coderpatsy said in WTF Bites:
List of 2024 Leap Day Bugs
Well, it's 2024 and leap day has come once again. As I've done in prior leap years, I've captured as many bug reports and outages as I can, along with links to the source where possible. For those have been following along, you'll notice these have been organized a bit
I would really like to know how such bugs even happen. There should be enough well tested datetime libraries to choose from these days that already handle all the corner cases correctly.
I wanted to say that you should be doing all logic in linear count (e.g. unix time), but for legal reasons, financial transactions do need to be assigned to correct month.
-
enough well tested datetime libraries
Doesn't help when you have NIH syndrome.
-
-
I would really like to know how such bugs even happen. There should be enough well tested datetime libraries to choose from these days that already handle all the corner cases correctly.
Date+time arithmetic is hard, much harder than it appears to be at first glance. The temptation is to hack it; that is always wrong but the problems might not show until years later...
-
@Bulb answer: they don't use the libraries. Several of the examples are the obvious kind - "I have a year, a month and a day and I want a date 1 year in the future, simply increment the year", meaning that they then try to deal with something that should be 29/2/25 which is a no-go for the obvious reason.
What happens with many of the others is that they do date periods based on adding/subtracting days but none of them will use the libraries, they'll do it themselves because that's often easier than using the actual libraries because many of the libraries are "pretty complicated" (because dates are complicated) and inevitably shit like this happens because 3/4 of the years it'll be right.
-
@coderpatsy said in WTF Bites:
Well, it's 2024 and leap day has come once again. As I've done in prior leap years, I've captured as many bug reports and outages as I can, along with links to the source where possible. For those have been following along, you'll notice these have been organized a bit
Looking forward to the Daylight Saving Time starting in Europe on 31 March. What an oddity: this year, the last Sunday of March is the last day of March, so fuckups are to be expected.
-
I would really like to know how such bugs even happen. There should be enough well tested datetime libraries to choose from these days that already handle all the corner cases correctly.
Date+time arithmetic is hard, much harder than it appears to be at first glance. The temptation is to hack it; that is always wrong but the problems might not show until years later...
Just wait till we get to the leap year that isn't...
-
@Bulb answer: they don't use the libraries. Several of the examples are the obvious kind - "I have a year, a month and a day and I want a date 1 year in the future, simply increment the year", meaning that they then try to deal with something that should be 29/2/25 which is a no-go for the obvious reason.
They actually do use the libraries; from those who were kind enough to post failing code, the date/time libraries are there but ... you see things like "take the components of the date, add one to the year component, and build a new date" instead of using the "add time period" method (assuming it's there: one xit admitted it was but they didn't use it).
But now the datetime library has no idea what the result should be; the most common ways to handle "2025-02-29" ("truncate to 2025-02-28" (so it stays in the same month) or "roll over to 2025-03-01" (the natural result of converting treating dates as a context-sensitive mixed-radix count of "days since the epoch")) might be right or wrong for the context.
The other (slightly less, I suspect) common way to handle it is refuse and throw an exception: now the user has to at least be aware that "incrementing the year" could throw. Better if they know what to do if and when they catch.
A still less common way to refuse the operation would be to return a functional Either value which forces the user to "catch" failure conditions before they can get at the returned date. But it will be doing that all through the public interface, and the user will need to have appropriate error-recovery branches for everything, so what're the chances they'll just punt?
All that before you get into localisation.... 30 December 2011 is an invalid date in Samoa.
-
The other (slightly less, I suspect) common way to handle it is refuse and throw an exception: now the user has to at least be aware that "incrementing the year" could throw. Better if they know what to do if and when they catch.
At least one of the bugs in that list is precisely this, it throws an exception because it now can't be a valid date, and it's uncaught. Because for 1460 out of 1461 days the code is fine...
-
@Bulb OK. True. But then again, it seems like something could be improved when you have a pretty predictable pile-up of buses at the base of a small hill that they always can't get up on when there's a bit of snow. Or trains stuck in the middle of nowhere, with some regularity.
Even a 'we're cancelling this bus route until roads are clear - go here instead' would be better in some cases.
-
Just wait till we get to the leap year that isn't...
It's nearly 400 years to the next one...
-
Just wait till we get to the leap year that isn't...
It's nearly 400 years to the next one...
Surely the next one that isn’t is 2100? Divisible by 4 unless ends in 00 in which case must be divisible by 400.
-
@Arantor Ther exception to the exception, or the exception to the exception to the exception?
-
@Arantor !remindme in 76 years
-
@cvi My ashes won't care then, at that time I will have left all timeliness behind.
-
@BernieTheBernie said in WTF Bites:
left all timeliness behind.
I've never been timely. I'm "the late HardwareGeek," even while I'm still alive.
-
That's kinda ironic for someone who works in a job where "late by a few picoseconds" is an issue.
-
@_deathcollege said in WTF Bites:
@Bulb https://maherz.medium.com/how-to-generate-self-signed-certificates-and-configure-net-core-api-bf4b676c9979
heard decent things about rest; this looks like a gitclone thing for certificates, tbh. and then there was also this thing i stumbled upon: http://forum.world.st/How-to-use-HTTPS-SSL-with-Zinc-td4952461.html
in lieu of whatever cloudflare is already doingHad to go through about a dozen of your posts to find one on-topic. But it appears you've left (fortunately), so the problem is solved.
-
@Gern_Blaanston said in WTF Bites:
I have an e-mail account on Microsoft's outlook.live.com because .... raisins.
E-Mail from Microsoft, promoting Microsoft Co-Pilot, is marked as spam. On Microsoft's own e-mail system.
My Boy Scout Troop uses Google's G-Suite of stuff, including groups for mailing lists. Some of these are moderated. My troop email account is an admin for our organization, so of course I'm a moderator.
When there's a message to moderate, Google Groups sends an email. Which is dutifully marked as spam. I've had to add the account where those come from to my contact list, have told GMail multiple times that these aren't spam, but they still occasionally go there. There's always some kind of internal ID in the subject line that looks like line noise, which I'm sure is what triggers this.
For example:
[{IIv835KRus6_fCoCcWswAZrwIIIcHRkx0}]
-
I would really like to know how such bugs even happen. There should be enough well tested datetime libraries to choose from these days that already handle all the corner cases correctly.
Date+time arithmetic is hard, much harder than it appears to be at first glance. The temptation is to hack it; that is always wrong but the problems might not show until years later...
Confession Status: Had a date time bug recently. There's a place in our app where users enter a date for a request. But first they pick a fiscal quarter. And helpfully, we limit their choices to that quarter.
Which means that we have to know the start and end of the quarter. I'd create a new date object...set the day to 30, then pick the month, and update to 31 if it was one of the lucky quarters.
But, of course, if today is February, there's no 30th of the month. So it set that to March 1st. So then you'd end up with ending the quarter on the wrong end of June or September, if those quarters were picked.
Not a leap year bug obviously, but only observable in February.
-
@_deathcollege said in WTF Bites:
@Bulb https://maherz.medium.com/how-to-generate-self-signed-certificates-and-configure-net-core-api-bf4b676c9979
heard decent things about rest; this looks like a gitclone thing for certificates, tbh. and then there was also this thing i stumbled upon: http://forum.world.st/How-to-use-HTTPS-SSL-with-Zinc-td4952461.html
in lieu of whatever cloudflare is already doingHad to go through about a dozen of your posts to find one on-topic. But it appears you've left (fortunately), so the problem is solved.
I didn't leave, but the project is currently winding down. Which doesn't mean I won't be doing it again in the next project. I might, though that context was a bit special.
See, for server certificates, my tool of choice is cert-manager. Which supports automatically obtaining certificates from letsencrypt (or, possibly, other ACME server) for public-facing servers, and automatically signing certificates with an intermediate CA for internal servers.
But for this project we started setting up (we should have scratched it, it was 0verkill) client certificates, and for that I needed an own simple-but-mostly-complete CA service. For which cfssl does the job, though it's poorly documented.
-
I didn't leave, but the project is currently winding down.
I was replying to @_deathcollege . At first I was happy to see a new name, but then I started reading his posts.
But good to have your status update anyway.
-
@BernieTheBernie said in WTF Bites:
My ashes won't care then, at that time I will have left all timeliness behind.
The universe is a bitch. My plan is to exploit this. If I create/leave enough problems that'll only become relevant until after my death as to never have to deal with them, I figure there's a solid chance the universe will find a way to make me live long enough to regret that.
-
@BernieTheBernie said in WTF Bites:
My ashes won't care then, at that time I will have left all timeliness behind.
The universe is a bitch. My plan is to exploit this. If I create/leave enough problems that'll only become relevant until after my death as to never have to deal with them, I figure there's a solid chance the universe will find a way to make me live long enough to regret that.
There is another theory which states that this has already happened.
-
I was replying to @_deathcollege . At first I was happy to see a new name, but then I started reading his posts.
Yeah, she very quickly revealed her particular brand of crazy.
-
-
@TimeBandit said in WTF Bites:
@HardwareGeek said in WTF Bites:
I've never been timely.
I arrived late at my birth
#MeToo
-
@boomzilla said in WTF Bites:
@BernieTheBernie said in WTF Bites:
My ashes won't care then, at that time I will have left all timeliness behind.
The universe is a bitch. My plan is to exploit this. If I create/leave enough problems that'll only become relevant until after my death as to never have to deal with them, I figure there's a solid chance the universe will find a way to make me live long enough to regret that.
There is another theory which states that this has already happened.
READ ANOTHER BOOK!
-
I didn't leave, but the project is currently winding down.
I was replying to @_deathcollege . At first I was happy to see a new name, but then I started reading his posts.
But good to have your status update anyway.
Was he a real user? Who was he? Was he deleted? Am I still one of boomzilla's alts?
-
Was he a real user? Who was he? Was he deleted? Am I still one of boomzilla's alts?
Yes. I do not know his rl identity or if he was an alt. No. Yes.
-
I didn't leave, but the project is currently winding down.
I was replying to @_deathcollege . At first I was happy to see a new name, but then I started reading his posts.
But good to have your status update anyway.
Was he a real user? Who was he? Was he deleted? Am I still one of boomzilla's alts?
No-one knows, no-one cares, no-one could be bothered, no-one here isn't.
-
-
-
-
-
@TimeBandit said in WTF Bites:
@Arantor He's id #0
Can you have auto increment starting at 0 in a Postgres table?
-
I just got an appointment for the local version of the DMV on Friday morning. To everyone's surprise, I booked that online, without calling or faxing anyone. The website even helpfully provided an .ics file to download for the appointment.
So I did that and imported it into my calendar. Later on I checked the calendar on my phone and was a bit surprised. Did I mess up the time? It was supposed to be 8am, but the calendar says 9am.
Oh look, the actual event file even says 0800. So Apple's calendar app is too stupid to do its one single job, do time stuff right? Of all the things, the one thing you'd expect not to have date/time bugs?
No, of course not, the file says20240308T080000Z. Roughly 3.5 seconds of googling will tell you theZmeans UTC. Germany is UTC+1. So whatever moron implemented the "let's have a downloadable calendar event" function didn't test it a single. fucking. time.
(And it's not even quite incompetent city administration to blame here, as it's apparently outsourced to an IT firm. Which would be reasonable if they were above crayon-muncher competent.)
-
-
Can you have auto increment starting at 0 in a Postgres table?
CREATE TABLE tablename ( colname integer GENERATED AS IDENTITY (MINVALUE 0) );CREATE SEQUENCE tablename_colname_seq AS integer MINVALUE 0; CREATE TABLE tablename ( colname integer NOT NULL DEFAULT nextval('tablename_colname_seq') ); ALTER SEQUENCE tablename_colname_seq OWNED BY tablename.colname;
-
@topspin so the crayon-munchers would have set the server time to UTC in Best Practice
but not bothered to check the country of use in case it wasn't UTC.At least this way it won't be wrong because of DST...
-
@topspin so the crayon-munchers would have set the server time to UTC in Best Practice
but not bothered to check the country of use in case it wasn't UTC.I think it's not so much about the server timezone¹ as about incorrectly filling in the timestamp object that then gets serialized into the iCal file. Because iCal recognizes three cases (took another 3.5 seconds of
googlingduckwalking [1]):- Timestamp in local time. It does not specify any timezone and shall be interpreted in the user's timezone, and if the user moves to another timezone, the represented point in time changes with it.
- Timestamp in UTC. It will be converted to whatever timezone the user is in.
- Timestamp is specific timezone. Unlike ISO-8601, this actually specifies a time zone identifier rather than just offset, so the DST is resolved on user side. This is important for recurring events as they are supposed to adjust to DST.
No, of course not, the file says 20240308T080000Z. Roughly 3.5 seconds of googling will tell you the Z means UTC. Germany is UTC+1.
I would at least partially blame authors of the library they are using—if they are using one, of course—to write the iCal records. The event start/end dates are … well, as often in a different timezone as not, so a proper API design would require you to be explicit about which timezone you want, also because often the local time is the correct way out.
¹ Footnote time: yeah, but I was already configuring timezone to the local one in a container with one internal app because the programmers were lazy to set the time themselves in the relevant places as would be more appropriate.
-
@Bulb At least GMT is correct for my current timezone.
-
“inverse decay curve”
Of course the scholars amongst us know this as the first half of the S-Curve™
-
the S-Curve™
"The"? Logistic, arctan, smoothstep, tanh, or some other random variation?
To be fair, "inverse decay curve" is fucking stupid. I tried to google wth that could mean, and best I can say, it's just an exponential growth? (Ok, first part of a logistic function looks kinda exponential, but calling an exponential the first part of an S-curve is still unnecessarily obfuscatory.)
Edit: That said, Helldivers 2 is fun.
-
“inverse decay curve”
Of course the scholars amongst us know this as the first half of the S-Curve™
Meanwhile Suicide Squad, released a week earlier, is into that long tail part of the graph.
-
@cvi basically the norm for vidya games is that week 1 is peak sales, and the normal decay curve just shows it dropping off week by week. They’re surprised that week 3 sales are improving on week 2 which itself improved on week 1.
-
@Arantor Yeah, I get that. The normal case (decreasing sales) actually seems to follow "normal" (exponential) decay fairly well at a glance. Exponential decay is kinda well-known.
"Inverse decay" doesn't seem to be a common name for a function. The problem is that 'inverse' is overloaded. Strictly, the inverse of f(x)=e^-x is f^-1= log(1/y) or something. But that's not what they want (it's also a monotonically decreasing function, so that wouldn't be news).. So,from there on out, things just get very ambiguous. 1/e^-x = e^x? -e^-x? ...
I just started coffee #2, so let me be unnecessarily grumpy.
-
I hate web devs. All of them. They're all a bunch of shit-slinging morons.
So I need to change my car insurance policy. Calling them just tells me "Go to our website, we have great online services.
Go away now!" Yeah, I've tried that, but your website doesn't fucking work.When I enter the relevant data on the form, there's three "buttons" at the bottom:
Download all documents
Back Calculate OfferWhen I click the first button, I get an error message that I should download the documents. :obiwan: That's why I'm here.
When I ignore the shit an click the button to proceed, I get the same error message. No option to skip. Well, you dumbfucks, the button to do the thing tells me to do the thing! What do you expect me to do? Save the website as HTML?? (Of course that doesn't work.)
I tried reloading the shit a few times, clicking stuff in different order, clearing cache in between, etc. I switched from Firefox to Safari, also doesn't work. Firefox developer console tells me that when I click the download button it fires an XHR to which the server responds with 400 Bad Request, and that the "syntax is incorrect".
I even tried it from the phone, which opens a new tab with this response:
Good jorb!
So I tried to see if I can hack around their stupid shit. But no luck, since websites today are ... well. The button isn't obviously connected to any code, just to some extremely obfuscated class name. If I click on the the little
eventthingy in the developer console, the corresponding code that pops up is something like:function(R) { return N(this, R, !1) }Which is of course all 27 levels deep of nested IIFE with obfuscated garbage names, and you can't execute those functions from the developer console. By the way, the syntax generated by their transpilers or whatever makes me wonder if the point is backwards-compatibility to 1989 or if it's intentionally unreadable. Because it sure looks like the latter.
So instead I searched for the error message, set a break-point at that shit and hit the debugger:function ej(t, n) { 1 & t && ( h(0, 'div', 56) (1, 'p'), m( 2, 'Bitte speichern Sie die Dokumente lokal ab und nehmen sie zu Ihren Unterlagen.' ), f() () ) }But, of course, web devs can't just code a fucking web page. No, that'd be too simple. When the breakpoint hits, I'm literally 83 levels deep in the stack, as they had to ship basically a shitty OS for their button handler to run, with a scheduler implemented in
JSDart, apparently and what not, everything running async and even if the code wasn't obfuscated, it'd be impossible to follow the control flow of anything. So I gave up at that point.Literally, they have a website that shows a few forms with a couple entry boxes and 3 buttons. They cannot ship that without downloading all of npm and embedding a single fucking synchronous click handler inside of Flutter or whatever. But they are also too stupid to figure out how to correctly format their server request, and to test what happens if you click that fucking button.
Thanks for being so helpful and not letting me proceed to the next page until I've downloaded the documents, which is impossible.
-
I hate web devs. All of them.
They're all a bunch of shit-slinging morons.
I would pull a #notAllWebDevs but I know I can’t back that claim up. In my defence I am more of a backend dev, and it shows.
But, of course, web devs can't just code a fucking web page. No, that'd be too simple.
Me, I’d love to do just that, I’m absolutely in the camp of not having all this React/Vue/Svelte/Angular bollocks, doing regular page loads and statefulness normally like I’m still in the early 2000s, but people look at me funny when I try to encourage sanity.
This monster project I have here has a total of 80KB of JS and almost all of that is going to be DropZone, the rest of our code is a fraction of that for sure (and most of that is polling the server for status updates, rather than crunchy UI mangling)
-
@Arantor Don't mind him. He's just mad about having to read all those long German words.
for Spam.
