Re: Best practices

Niall Litchfield wrote:

> "Daniel Morgan" <dmorgan_at_exesolutions.com> wrote in message
> news:3D23508E.387D3F7C_at_exesolutions.com...
> > The code:
> >
> > IF acct_type = 'A' THEN
> > commission_pct := X;
> > ELSIF acct_type = 'B' THEN
> > commission_pct := Y;
> > ELSIF acct_type = 'C' THEN
> > commission_pct := Z;
> > END IF;
> >
> > If you can see what is wrong, and it is pretty obvious, great. But it
> managed to
> > stay in their system for almost a year.
> >
> > What is important is to recognize is that error is so subtle that no QA
> technique
> > known, other than a code review, could possibly catch it.
>
> Assuming the error is that acct_type isn't constrained to be one of A.B,C
> then QA can test this by putting invalid values into the test data. When I
> get a new version of a timesheet system I will always try putting more than
> 24 hours a day into the system (and fewer than zero) to see what happens.
> I'll try to record time to projects with codes like &%'065 etc.
>
> Actually there is another classic bug related to time measurement that I'm
> aware of.
>
> You have an array of 48 elements into which you record measurements taken
> every half hour. At the end of the day the array is emptied into a datastore
> or whatever. When does this system fall over.
>
> --
> Niall Litchfield
> Oracle DBA
> Audit Commission UK
> *****************************************
> Please include version and platform
> and SQL where applicable
> It makes life easier and increases the
> likelihood of a good answer
>
> ******************************************
>
> >
> > If you can't catch it then ask and I'll add it to the thread. (and if I
> made some
> > silly syntax error ... that's not it).
> >
> > Daniel Morgan
> >

The potential error was in fact two fold. One that it would not handle NULL. But that was an issue QA could catch is the spec said an account type was mandatory and this was enforced with NOT NULL and testable. What was not testable was that the bank might, and I emphasize "might" add other account types later.

It is not testable because since those account types didn't exist at the time of the testing every single test passed with flying colors. Now some upstream system might have been tested to see what would happen when they created a new account type and moved it through the entire enterprise. But we all know that that type of testing has never happened anywhere with an operation as large as an international bank.

Amazingly enough, I recieved an email from an employee there yesterday that saw this thread and said she found a similar situation in some code, again, just a few weeks ago. Just about any IF statement that can't handle ELSE is a potential disaster waiting to happen. And the place to catch it is in code reviews ... not in production.

Daniel Morgan Received on Thu Jul 04 2002 - 10:55:19 CDT