Welcome to Software Development on Codidact!
Will you help us build our independent community of developers helping developers? We're small and trying to grow. We welcome questions about all aspects of software development, from design to code to QA and more. Got questions? Got answers? Got code you'd like someone to review? Please join us.
Post History
While [the Apple "goto fail bug"] is pretty interesting, it's anecdotal evidence. I understand that it's still possible to produce bugs like this. One could also reasonably argue that it could ha...
Answer
#2: Post edited
- > While \[[the Apple "goto fail bug"](https://www.imperialviolet.org/2014/02/22/applebug.html)\] is pretty interesting, it's anecdotal evidence. I understand that it's still possible to produce bugs like this. One could also reasonably argue that it could have been avoided if they used `else if` instead of `if` or didn't use `goto`.
- Aviation safety is built, pretty much completely, on that kind of "anecdotal evidence"; and, on the whole, it's pretty successful (it's part of why virtually every airliner accident makes headlines, but very few car accidents do, even though in aggregate, *far* more people die in car accidents than in airliner accidents). So are many other safety regulations. Basically, when something goes wrong, a bunch of very smart people sit down and try to figure out what went wrong, what allowed it to go wrong, and what change to the existing regulations or practices would have prevented it from going wrong.
- I can't help but notice that, in your example, you suggest that
- while(arr[index] != 0) {
- index++;
- }
- should be shortened to
- while(arr[index] != 0)
- index++;
- because the compound statement delimeters are "unnecessary". But you don't take the *obvious* next step and suggest to instead write
- while(arr[index++] != 0);
- which will save you *yet another* line. It also saves you from, completely unnecessarily, naming the iterator variable separately on that second line. Why not?
- I'll hazard a guess: **because that will trip people up.** It's perfectly valid code. It'll accomplish the same thing. It'll almost certainly have the same side effects in all of C, C++ and Java. And because people aren't used to that kind of construct, *at a minimum*, it will require expending additional effort to parse. Just because it's *valid* doesn't make it *good*.
- Yes, in an ideal world, people wouldn't make mistakes, and everyone would do exactly what they intended to do and nothing else. Unfortunately, we don't live in that world, nor do I think we are likely to inhabit any world like it any time soon. If we accept this, it stands to reason that we should look at what can be done to reduce the likelihood of mistakes.
- And let's face it, it's a lot *harder* to accidentally add a statement to the wrong level if every level is laid out with curly braces, `begin`/`end`, or whichever other construct the particular language uses to combine statements into compound statements. **It's far easier to accidentally** (and without noticing it afterward) go from
- if (x)
- y();
- z();
- to
- if (x)
- y();
- y2();
- z();
- than from
- if (x)
- {
- y();
- }
- z();
- to
- if (x)
- {
- y();
- }
- y2();
- z();
- when you meant to make both the `y()` and `y2()` calls conditioned on `x`. No matter what tooling you're using, that last example *immediately* stands out as "it just looks plain *wrong*", whereas the variant without the curly braces doesn't. Likewise, if you were to write
- if (x)
- {
- y();
- }
- y2();
- z();
- (correct indentation, but the `y2()` call placed in the wrong spot) it is also immediately clear that the call to `y2()` is *not* conditioned on `x`, even though that was the original intent.
- Indeed, this "costs" a few extra lines for the braces (or equivalent keywords in languages that don't derive basic syntactical elements from B, such as for example Python or SQL). But if your code is so deeply nested, with so many separate short snippets, that this is actually a problem, maybe you should consider refactoring it anyway. Individual preferences aside, it's not like we're still using VT52 terminals as our primary display devices.
- > While \[[the Apple "goto fail bug"](https://www.imperialviolet.org/2014/02/22/applebug.html)\] is pretty interesting, it's anecdotal evidence. I understand that it's still possible to produce bugs like this. One could also reasonably argue that it could have been avoided if they used `else if` instead of `if` or didn't use `goto`.
- Aviation safety is built, pretty much completely, on that kind of "anecdotal evidence"; and, on the whole, it's pretty successful (it's part of why virtually every airliner accident makes headlines, but very few car accidents do, even though in aggregate, *far* more people die in car accidents than in airliner accidents). So are many other safety regulations. Basically, when something goes wrong, a bunch of very smart people sit down and try to figure out what went wrong, what allowed it to go wrong, and what change to the existing regulations or practices would have prevented it from going wrong.
- I can't help but notice that, in your example, you suggest that
- while(arr[index] != 0) {
- index++;
- }
- should be shortened to
- while(arr[index] != 0)
- index++;
- because the compound statement delimeters are "unnecessary". But you don't take the *obvious* next step and suggest to instead write
- while(arr[index++] != 0);
- which will save you *yet another* line. It also saves you from, completely unnecessarily, naming the iterator variable separately on that second line. Why not?
- I'll hazard a guess: **because that will trip people up.** It's perfectly valid code. It'll accomplish the same thing. It'll almost certainly have the same side effects in all of C, C++ and Java. And because people aren't used to that kind of construct, *at a minimum*, it will require expending additional effort to parse. Just because it's *valid* doesn't make it *good*.
- Yes, in an ideal world, people wouldn't make mistakes, and everyone would do exactly what they intended to do and nothing else. Unfortunately, we don't live in that world, nor do I think we are likely to inhabit any world like it any time soon. If we accept this, it stands to reason that we should look at what can be done to reduce the likelihood of mistakes.
- And let's face it, it's a lot *harder* to accidentally add a statement to the wrong level if every level is laid out with curly braces, `begin`/`end`, or whichever other construct the particular language uses to combine statements into compound statements. **It's far easier to accidentally** (and without noticing it afterward) go from
- if (x)
- y();
- z();
- to
- if (x)
- y();
- y2();
- z();
- than from
- if (x)
- {
- y();
- }
- z();
- to
- if (x)
- {
- y();
- }
- y2();
- z();
- when you meant to make both the `y()` and `y2()` calls conditioned on `x`. No matter what tooling you're using, that last example *immediately* stands out as "it just looks plain *wrong*", whereas the variant without the curly braces doesn't. Likewise, if you were to write
- if (x)
- {
- y();
- }
- y2();
- z();
- (correct indentation, but the `y2()` call placed in the wrong spot) it is also immediately clear that the call to `y2()` is *not* conditioned on `x`, even though that was the original intent.
- If we can make syntactically valid but semantically wrong code actually *look* wrong, it greatly reduces the risk of semantically wrong code slipping through the cracks. The compiler will already catch things that are *syntactically* wrong, but it can't catch those things where what the programmer wrote is *valid*, just not what was *intended*.
- Indeed, this "costs" a few extra lines for the braces (or equivalent keywords in languages that don't derive basic syntactical elements from B, such as for example Python or SQL). But if your code is so deeply nested, with so many separate short snippets, that this is actually a problem, maybe you should consider refactoring it anyway. Individual preferences aside, it's not like we're still using VT52 terminals as our primary display devices.
#1: Initial revision
> While \[[the Apple "goto fail bug"](https://www.imperialviolet.org/2014/02/22/applebug.html)\] is pretty interesting, it's anecdotal evidence. I understand that it's still possible to produce bugs like this. One could also reasonably argue that it could have been avoided if they used `else if` instead of `if` or didn't use `goto`. Aviation safety is built, pretty much completely, on that kind of "anecdotal evidence"; and, on the whole, it's pretty successful (it's part of why virtually every airliner accident makes headlines, but very few car accidents do, even though in aggregate, *far* more people die in car accidents than in airliner accidents). So are many other safety regulations. Basically, when something goes wrong, a bunch of very smart people sit down and try to figure out what went wrong, what allowed it to go wrong, and what change to the existing regulations or practices would have prevented it from going wrong. I can't help but notice that, in your example, you suggest that while(arr[index] != 0) { index++; } should be shortened to while(arr[index] != 0) index++; because the compound statement delimeters are "unnecessary". But you don't take the *obvious* next step and suggest to instead write while(arr[index++] != 0); which will save you *yet another* line. It also saves you from, completely unnecessarily, naming the iterator variable separately on that second line. Why not? I'll hazard a guess: **because that will trip people up.** It's perfectly valid code. It'll accomplish the same thing. It'll almost certainly have the same side effects in all of C, C++ and Java. And because people aren't used to that kind of construct, *at a minimum*, it will require expending additional effort to parse. Just because it's *valid* doesn't make it *good*. Yes, in an ideal world, people wouldn't make mistakes, and everyone would do exactly what they intended to do and nothing else. Unfortunately, we don't live in that world, nor do I think we are likely to inhabit any world like it any time soon. If we accept this, it stands to reason that we should look at what can be done to reduce the likelihood of mistakes. And let's face it, it's a lot *harder* to accidentally add a statement to the wrong level if every level is laid out with curly braces, `begin`/`end`, or whichever other construct the particular language uses to combine statements into compound statements. **It's far easier to accidentally** (and without noticing it afterward) go from if (x) y(); z(); to if (x) y(); y2(); z(); than from if (x) { y(); } z(); to if (x) { y(); } y2(); z(); when you meant to make both the `y()` and `y2()` calls conditioned on `x`. No matter what tooling you're using, that last example *immediately* stands out as "it just looks plain *wrong*", whereas the variant without the curly braces doesn't. Likewise, if you were to write if (x) { y(); } y2(); z(); (correct indentation, but the `y2()` call placed in the wrong spot) it is also immediately clear that the call to `y2()` is *not* conditioned on `x`, even though that was the original intent. Indeed, this "costs" a few extra lines for the braces (or equivalent keywords in languages that don't derive basic syntactical elements from B, such as for example Python or SQL). But if your code is so deeply nested, with so many separate short snippets, that this is actually a problem, maybe you should consider refactoring it anyway. Individual preferences aside, it's not like we're still using VT52 terminals as our primary display devices.