April 16, 2020 at 1:59 pm
I went ahead and hit the unspam. Let's see what others think. As I said, I could be wrong. More than willing to entertain the possibility (especially since it happens all the time).
"The credit belongs to the man who is actually in the arena, whose face is marred by dust and sweat and blood"
- Theodore Roosevelt
Author of:
SQL Server Execution Plans
SQL Server Query Performance Tuning
April 16, 2020 at 2:07 pm
I went ahead and hit the unspam. Let's see what others think. As I said, I could be wrong. More than willing to entertain the possibility (especially since it happens all the time).
I honestly hit the spam button (which I suspect is why I showed up as "editting" it), as it looked like it to me as well. I can only read it in the reply notification nows, however it does read like spam still to me.
Perhaps that wasn't the intent of the post, and it's the language that makes it read like Spam instead. It reads like your advertising WODMode, not that you've successfully implemented it and that you're happy with the results after you've been struggling to do so. if that is the case, we certainly didn't need you to quote their business statement; that alone made it look like an advertisement in my view.
Thom~
Excuse my typos and sometimes awful grammar. My fingers work faster than my brain does.
Larnu.uk
April 16, 2020 at 2:34 pm
Man:
Well, what've you got?
Waitress:
Well, there's egg and bacon; egg sausage and bacon; egg and spam; egg bacon and spam; egg bacon sausage and spam; spam bacon sausage and spam; spam egg spam spam bacon and spam; spam sausage spam spam bacon spam tomato and spam;
Vikings:
Spam spam spam spam...
Waitress:
...spam spam spam egg and spam; spam spam spam spam spam spam baked beans spam spam spam...
Vikings:
Spam! Lovely spam! Lovely spam!
Waitress:
...or Lobster Thermidor a Crevette with a mornay sauce served in a Provencale manner with shallots and aubergines garnished with truffle pate, brandy and with a fried egg on top …….and spam.
-------------------------------------------------------------------------------------------------------------------------------------
Please follow Best Practices For Posting On Forums to receive quicker and higher quality responses
April 16, 2020 at 2:38 pm
I went ahead and hit the unspam. Let's see what others think. As I said, I could be wrong. More than willing to entertain the possibility (especially since it happens all the time).
It looked like spam to me also.
Michael L John
If you assassinate a DBA, would you pull a trigger?
To properly post on a forum:
http://www.sqlservercentral.com/articles/61537/
April 16, 2020 at 3:38 pm
I went ahead and hit the unspam. Let's see what others think. As I said, I could be wrong. More than willing to entertain the possibility (especially since it happens all the time).
In the complete absence of any discussion or even comment - which could have been a simple "Finished!" - it read like spam.
For fast, accurate and documented assistance in answering your questions, please read this article.
Understanding and using APPLY, (I) and (II) Paul White
Hidden RBAR: Triangular Joins / The "Numbers" or "Tally" Table: What it is and how it replaces a loop Jeff Moden
April 16, 2020 at 4:27 pm
I've unspammed it. While it did look funny, I didn't take it that way. Mainly because I've seen quite a few posts from SCDecade.
April 16, 2020 at 8:54 pm
I've unspammed it. While it did look funny, I didn't take it that way. Mainly because I've seen quite a few posts from SCDecade.
BWAAA-HAAAA!!! So you've been watching him for a "decade". That's a long time. 😀
I know... I know... you've had "mo-den e-nuff" of my puns. 😀 Don't take it for grant'ed... I was jones'ing for one. 😀 😀 😀
--Jeff Moden
Change is inevitable... Change for the better is not.
April 25, 2020 at 5:38 pm
Wow... just freakin' WOW!!! I thought that continuous integrationist and deployment was supposed to prevent this type of thing.
The first paragraph (quoted below) is what is really shocking to me.
At Microsoft, 47,000 developers generate nearly 30 thousand bugs a month. These items get stored across over 100 AzureDevOps and GitHub repositories. To better label and prioritize bugs at that scale, we couldn't just apply more people to the problem. However, large volumes of semi-curated data are perfect for machine learning. Since 2001 Microsoft has collected 13 million work items and bugs. We used that data to develop a process and machine learning model that correctly distinguishes between security and non-security bugs 99 percent of the time and accurately identifies the critical, high priority security bugs, 97 percent of the time.
That last sentence is spooky... who the hell wrote the ML to find the bugs??? Hopefully it wasn't the same people that wrote the buggy code to begin with. AND has it come even close to finding all of the new ones and is it checking for regression so we don't have a disaster like the RTM and early SPs of SQL Server 2012?
This does explain a lot of the disasters that have occurred in SQL Server over the years. It also explains the need for monthly CUs because it sounds to me like they're so interested in rapid releases that they'll never "do it right the first" time. Unfortunately, it has become like a very bad drug habit... the more you do it, the more you're going to need to do it.
This is also one of the bad parts about having the internet. In the last couple of decades, more an more companies have apparently adopted the philosophy that it's ok to ship crap code instead of actually doing it right because the users can easily download the "fixes" (which might also be broken, BTW) and they have these EULA's that relieve them of all responsibility for damages that their "hey, we shipped on time again" crap code may wreak upon customer's data.
To wit, I used to worry about computer viruses a whole lot. I now worry MORE about what a monthly CU or new release is going to "F" up.
--Jeff Moden
Change is inevitable... Change for the better is not.
April 25, 2020 at 8:02 pm
You're misunderstanding CI and ML.
CI is designed to catch these things. Developers do not magically write better code with CI. This is < 1 bug/month per dev. Shocking? I'd say that's pretty good. CI is designed to evaluate the code, according to the rules/tests/Static code analysis, and do it completely. Developers should do this, but they're human, and across 47k people, each making changes and compiling most days, they'll forget things. CI is independent validation and verification of code on another machine. I'm stunned it's 30k bugs. I'd have expected 100k+/month, maybe more like 470k for 47k devs.
Likely, there are more bugs caught, but these are the security bugs, not all bugs. There are also bugs that slip through, but the unit testing and ML evolve to keep getting better at catching things.
The ML isn't written. What happens is someone looks at the code that produces various security bugs, say a buffer overrun. They find the C++ (C#) that doesn't end check a parameter or something else. They then set up some extraction for this as a factor. Think this:
IF {
some_code.substring() == [poor parameter checking]
}
print 1
This gives them factors. They have lots of these, then they feed these through an ML algorithm that looks for patterns. There are real developers that evaluate code and give the algorithm some idea of what actually produces a bug and what doesn't. Over time, this trains the model (lots of repetitions here).
This is the same way people learn about buts. Imagine you saw declare @i varchar a few times. At some point, you're realize this a bug and stop doing it (or launch a pork chop at a dev). The ML is teaching the system to find this and automatically raise a flag.
Over time, they get an ML model (not an algorithm), that is good at recognizing the code that does and does not cause issues. They deploy this, scan code, and have humans verify results. Eventually, they turn the algorithm loose and let it notify developers by failing CI with these bugs highlighted.
In the real world, periodically, or continually, humans randomly sample the ML results (both hits and misses) and try to see if the model needs to be retrained. It's a boring evaluate, set new factors, rerun model against training data, re-run against sample data, review, repeat. This is what data scientists do, and it's a lot manual analysis of samples, then letting ML run against small samples, then large samples. It's, IMHO, a boring job for really, really detailed oriented numbers scientists.
The goal is to do it right the first time, but there are pressures from business to get things done, spend resources on new things, and a bunch of other real world software pressures. The quality has gone way up. It's not perfect, never will be, but things like ML here to prevent simple mistakes. The bar keeps being raised. Not where you want it, and certainly the focus on features is not something addressed here.
That is orthogonal to quality. Spending more time on a feature isn't a quality decision. Ex. String_split. MS thinks it works fine and meets the spec. Many of us think it's woefully incomplete. From a quality standpoint, string_split() works. From a customer standpoint, it doesn't
April 25, 2020 at 8:20 pm
You're misunderstanding CI and ML.
Maybe but I don't believe so. For example, you wrote...
CI is designed to catch these things. Developers do not magically write better code with CI. This is < 1 bug/month per dev. Shocking? I'd say that's pretty good. CI is designed to evaluate the code, according to the rules/tests/Static code analysis, and do it completely. Developers should do this, but they're human, and across 47k people, each making changes and compiling most days, they'll forget things. CI is independent validation and verification of code on another machine. I'm stunned it's 30k bugs. I'd have expected 100k+/month, maybe more like 470k for 47k devs.
Considering all of the errors that they say have been released to 100's of "Githubs" (to coin a phrase), I'm thinking that it's not so complete. I also guess you and I have different thresholds for what number of errors is considered to be stunning. 😀
I guess we'll have to agree to disagree on that point. I AM very happy that they apparently realize they have a problem and are trying to do something to correct the problem though.
--Jeff Moden
Change is inevitable... Change for the better is not.
April 27, 2020 at 9:50 am
Sooooo… Anyone else hear of the Cognizant ransomware attack?
People have the customer data and are calling up said customers asking for emergency VPN access so that "We can continue providing you services."
It hurts just thinking about it that people might actually have (or will) fall for that line and open up their systems to hackers because they're not paying attention.
April 27, 2020 at 2:01 pm
Hadn't heard of it, but I'm not surprised. This is a time criminals will take advantage of the stressful situation
April 27, 2020 at 6:55 pm
(Gets ready for Jeff to begin his comments about the "cloud")
So go to get started on some work this morning, getting some of the fiddly-bits straightened out in our new "cloud-ish" environment (really, it's just VMs hosted but another organization, not SAAS / PAAS / Azure-ish) only to find out...
ALL my SQL Servers are inaccessible. At all. No RDP, not SQL connections, nothing.
So, open a ticket with the cloud team to look into it.
And, during our Monday morning cloud meeting find out that "all the SQL VMs are giving black screens and we can't even log in from the consoles, can we reboot them?" Then, as of about 12:30, ONE of my 7 servers was (potentially) reachable (or at least RDP didn't barf an error in the first 30 seconds.)
So I've been dead in the water all day as far as our cloud stuff goes, just spent the afternoon doing various paperwork that needed to be done...
My worst fear, of course, will be getting an e-mail tomorrow from the cloud team along the lines of "yeah, we're sorry about this, but we're going to have to stand up new servers for the SQL servers and you're going to have to load them from scratch. Oh, and it'll be about 3 weeks before we've got them ready for you, this won't impact the timeline, right?" Keep in mind, our intended cut-over date is June 1...
April 27, 2020 at 7:54 pm
I usually get speeches like this - "we usually would have SoAndSo work on that, but he's on vacation for a month. But don't worry, we have a new resource that just joined the team, graduated last week so he should be able to help you"
-------------------------------------------------------------------------------------------------------------------------------------
Please follow Best Practices For Posting On Forums to receive quicker and higher quality responses
April 27, 2020 at 8:21 pm
(Gets ready for Jeff to begin his comments about the "cloud")
There is no umbrella big enough or strong enough to protect anyone from such a s**t storm as that. My thoughts are with you and the ghosts of servers past. 😀
I also just read an article about DBCC CHECKDB and how Azure will take your database offline if corruption is detected and the fact that you can't do a rebuild. Fun stuff, that cloud thingy is . 😀 The silver lining is that it's much more stable, reliable, and cost effective than on premise, right? 😀 😀 😀
If it makes you feel any better, we're actually getting ready for the smoke'n'mirrors in the sky ourselves (not anything near my idea). I'm going to do my damnedest to make sure it's as safe as possible but nothing can prepare anyone for what you're going through. I can only hope we never have such an issue.
--Jeff Moden
Change is inevitable... Change for the better is not.
Viewing 15 posts - 64,816 through 64,830 (of 66,738 total)
You must be logged in to reply to this topic. Login to reply