HACKER Q&A
📣 JZN666

What do you consider as “bad” code?


My opinion about this constantly changes through my programming experience. Functions longer than 20 lines of code? Pffff, an algorithm/problem can be such complex in nutshell and decomposing a function solving it will be non-relevant (see any std library of PL). Mutable global state? Pfff, anything in software is based on that, the problem is using it properly in target architecture (ex. in micro-controllers global state usually manages analog/digital output, calling a function for this adds memory and time overhead especially in real-time systems). Copy-paste? Pfff, similar code != this code solves the same problem, sometimes it's easier to include a change in "copy-paste" code than deciding how to include this in boundaries of "reusable" parts (ex. for the first time there're two structures X = (A, B) and Y = (A, B) with similar logic but different domains, and then manager decides to include specific logic for Y working with B data).

Now my general principle which distinguishes "good" code from "bad" one, is how good it resembles a model solving given problem. It can be a non-neccessary complexity of code (ex. instead of "if (isFinite(a)) { ... }" writing "if (a.toString() != "Inifinity" && a.toString() != "NaN") { ... }" when "a" is simply a number). And contrary not-enough complexity of code, relying on blind faith (famous XSS vulnerabilities, SQL injections in web apps are examples of that).

  👤 usrbinbash Accepted Answer ✓
Just my quick list

Code that relies alot on pointless abstractions (aka. bad "signal to noise ratio").

Code with lots of microdependencies to perform really trivial tasks.

Code with premature "optimizations" (usually done before actual performance measurements).

Code sacrificing readability (and thus maintainability) to be overly clever or to do trivial optimizations (usually with little to no impact on overall performance).

And of course all the different ways to mess up comments, style and versioning (Yes, I consider the versioning part of the code):

    * Uncommented code
    * Over-Commented code
    * Comment-Banners
    * Commented-Out code (git exists for a reason)
    * Inconsistent naming
    * entirely_too_long_variable_names for things that exist for 20 LOC
    * Unhelpful commit messages (my favorite: "fixed: some issues")
    * Bulk-Commits that change/fix/introduce multiple features or issues at once 
    * Missing tags
    * No semantic versioning
👤 somethingAlex
If I had to pick, Single responsibility principle is #1 for me.

If each class does one thing, anyone will eventually figure out how it’s doing it. If it’s doing multiple things, all bets are off. It’s also the exact type of code that will break something unrelated when changed.

Mind you, we don’t need classes like DictionaryConstructor and StringParameterParser, but you should - in about one sentence - be able to say what each class’ purview is.

👤 Aqueous
often poor code is a symptom of poor data structure design. having the wrong data structure can make your code heinously complex. conversely designing the data structure correctly can make your code simple and clear, because it’s obvious how to manipulate the structure to your code.

i also see a lot of code where people effectively throw 30 responsibilities into the same class. Really difficult to update. strictly enforcing single responsibility solves a lot of problems.

👤 Jtsummers
Related to a comment I made in another thread: incoherent code. This is code where the organization is arbitrary, not considered. It's not even one of the many possible reasonable and logical organizations of the code.

As a great (but terrible) example, a project at my first job was a real-time system and the dev for it (I was in testing back then) had decided that since he only had 100 ms slots per task, but had the ability to use up to 10 tasks (or whatever the limit was), he'd distribute some logic across all 10 tasks, rather than making one task responsible for that logic entirely. So the system could have had (and ended up having) a reasonable dataflow, DAG structure relating the tasks (input task, fan-out to processing tasks, fan-in to output task), but instead had a much more complicated internal structure than necessary. It was incomprehensible because of its incoherence. Some of the processing tasks were 2-deep or had another layer of fan-out/fan-in, ultimately. But they should have been done that way to begin with. One of the worst bits of this is that it forced an ordering on the execution of the processing tasks that was not, strictly, necessary except for this distributed logic. Imagine a flow more like this:

  In -> Task A -> Out
          |
          v
     -> Task B ->
          |
          v
     -> Task C ->
Versus this:

  In -> Task A -> Out
     -> Task B ->
     -> Task C ->
     -> Task D ->
(With some of those tasks being composed of multiple tasks, but in a more coherent way now.)
👤 glassprongs
These are some properties I see bad code having

  * insecure
  * doesn't work
  * lack of checks and validation leading to unhandled states
  * inconsistent style and method
  * difficult to understand for wrong reasons
  * spaghetti with too much coupling
  * poorly optimized and inefficient
👤 drooby
I ask myself. “How hard will this be to change?” Or, “does this promote a pattern which will evolve into something difficult to change?”

Bad code to me is code that is difficult to modify or extend. “Difficult” to me implies a higher likely hood of regressions or time spent working.

Probably the worst thing of all is the “wrong abstraction”. Concepts that have been shoehorned into other abstractions - bloating method signatures and variables - obfuscating the intent of the names. This issue becomes cancer that causes a ton of other problems.

Great code reads closer to English language. The bottom of the call stack has high level abstract language and the top of the call stack is highly specific. With module on the stack maintaining a consistent degree of abstract language.

👤 wruza
Pfff

Didn’t believe in this cargo from the beginning. Instead I’m watching the world change. When you work with code and understand what it does and all of the implications, these rules are irrelevant, because you have your own sense of when it’s time to (…).

To me bad code is basically two things: (1) negligent/inconsistent formatting, (2) when you read it you can’t grasp what it does. Not because of complex algorithms, but because it is an abomination consisting of tens of files, 5 meaningful lines each, and logic mostly smeared across imports.

My latest favorite was an abstract factory of a single server constructed from specific implementations of property accessors which combine into a hierarchical non-documented method-structure. All it does is listening on a tcp port, regex-parsing messages like

  command; key:value; key:value; …; msg:…
replying “command OK” and calling back .on(“command”, (data_structure_class) => {}). Too bad it parses it wrongly when msg has “;” in it, which is okay according to the spec. 17 files, countless boilerplate lines only to fail in a trivial task, which is basically a one-pager.
👤 tkiolp4
After years of experience in the field, I don’t longer ask myself what’s good or bad code, I ask myself what’s good and bad modules. It’s all about modularity and decomposition: if you get to decompose a system in parts that fit together and fit well, then that’s a good system. Whether or not the module itself contains good or bad code, that’s of less importance.
👤 outsomnia
Can you absorb or re-absorb what it is doing rapidly by looking it over for a few seconds?

If not, there's something wrong... if you can't divine the author's intention at a glance, you and anyone else looking at it will find it hard to spot bugs that deviate from that intention.

👤 mbrodersen
Code without use case tests that are solid, fast, and cover all use cases. I am happy to work with any code written in any style as long as the tests are solid. Tests done well are basically a machine checkable specification of what the software is supposed to do. It allows you to jump in and make large changes without breaking anything. I am maintaining a very large system written in C++ and I routinely refactor and make system wide changes without fear. I haven’t had a bug in production for 5+ years. Imagine how productive you will be when you never have to spend time fixing urgent production bugs.
👤 muzani
Code that does not look like what it's meant to do. The idea is that one business change means one code change. Everything else revolves around this. It's the awkwardly named things. It's the vagueness that you can't write tests for.

A subset of this is that the code should look like the language was written for it. Unsuitable use of design patterns is probably the biggest violation. And often you need to put a lot of thought into understanding both the language and the business domain.

👤 Mezzie
I mean, the primary question is: "Does it meet its use case?"

Now, this does include the uses of the developers working on it throughout its lifestyle, but what makes code 'good' when it comes to a bank's system vs. a SaaS startup vs. a script somebody writes for themselves and themselves alone can be completely different.

Trying to set out concrete rules for what makes something good practice is difficult when it's something as varied as coding.

👤 technion
People come with all sorts of rules, but honestly I think sometimes you just know. I've seen code that breaks a lot of the rules people are going to list, that I've felt in practice was fine. This is what I've inherited. Coding style is often a bikeshed, but sometimes it needs more shedding.

https://ibb.co/JCmcsnF

👤 oxff
1. When it fails at being a function abstraction; though this is a language issue, that is, you can't write good code in most languages.

2. Incorrect, including such issues such as insecure, not filling the specification.

👤 JZN666
* and decomposing a function in smaller functions