March 17th, 2005


userinfo senji
2005/03/17 11:09:00 - On fragility
As you probably know I'm a software engineer. This means I spend most of my day trying to make stinking piles of encrusted cruft work well. Occasionally I do this during my free time as well, because stinking piles of encrusted cruft are surprisingly common.

One of the problems I face in this mission is that at various points the software engineers who've worked on various other stinking piles of encrusted cruft that I have to work with to do my job have either taken the approach that one doesn't need to worry about whether or not the input they get is valid, or the approach that one should attempt to be helpful and carry on regardless and hope it works out for the best.

My commonly quoted example for this is the difference between free(), delete and delete []. It's the wrong sort of distinction, it could easily be implemented such that you knew if the wrong one was called, and never is. Code that makes the mistake usually works, but occasionally fails mysteriously.

The example that's actually occasioned this rant is the lj HTML Validator. This will happily fail to notice that you've closed the wrong sort of tag, or not opened your <table>, but whinges bitterly about missing "s… sometimes. Most of the time the bogus HTML will just get posted anyway and then muck up someone's fiends page.

Web browsers themselves do this too – they'll typically try and display a page even if it has errors, and won't indicate this to you in any way.

The problem with this soft failure model is that it inures users, and they carry on making the same sorts of mistakes, and the more prevalent the mistakes are the harder it is to go through and fix them all. And every one time in 100 (or 1 in 10, or 1 in 10,000) something fails and the user says "oh, my computer's done something strange again".

ETA: Or, indeed, not complain when you write &lt;table&gt; as <table> in your entry and hence muck up the rest of it... *sigh*
Current Mood: [mood icon] annoyed
Entry Tags: geeky, html, lj, programming, rant

< | 11 glosses | comment | > )

userinfo andrewwyld
[userpic]
2005/03/17 11:59:14
What is the difference between free(), delete and delete[]?

(I do know the difference between a shallow and deep copy.)
reply | thread )
userinfo andrewwyld
[userpic]
2005/03/17 12:11:16
Never mind.  I found it and it's utterly irrelevant to me because I'm only using C.
reply | parent | thread )
userinfo senji
[userpic]
2005/03/17 12:39:35
I try to only use C too, but this doesn't always work :(.
reply | parent | thread )
userinfo andrewwyld
[userpic]
2005/03/17 13:39:57
I guess not!  I can use C because I am the only person who gets to muck about with my code, at this point -- hence, I don't have to write a lot of time-consuming checking routines to ensure non-circularity of linked lists or accept the overhead of C++ and make all the methods dealing with linking, delinking and insertion are watertight against mad intruders.
reply | parent | thread )
userinfo kaet
2005/03/17 13:48:41
Writing a "broken HTML" parser is incredibly difficult. I've not seen a good one, and I've seen a few. It's very easy to get all kinds of failure cases which are entirely obvious to people, but really difficult to get right without breaking something else that's entirely obvious, :(.
reply | thread )
userinfo ewx
[userpic]
2005/03/18 00:03:52
LJ doesn't have to parse all broken HTML though - its users requirements are relatively simple and most of the mistakes that currently get through are wrong to the point of rendering wrongly on widely used browsers, which presumably they'd prefer to correct.
reply | parent | thread )
userinfo hairyears
[userpic]
2005/03/17 14:04:49


You think you've got problems: I'm a VBA developer.

VBA - the subset of Visual Basic in MS-Office applications - has an 'option' statement that you can place in the header of your classes and code modules:

Option Explicit

If you use this header, you are now forced to declare all of your variables. Oh, how tedious this is for power-users and scratch developers! And for C++ coders, who show their contempt for VB by always coding as badly as they can when they are forced to use a visual interface development tool, VB, to develop (the horror!) visual interfaces to their libraries.

Without Option Explicit, VBA will not compile... Which is not the same as saying it won't run. It loads and runs in interpreted mode, just like your debugger*, which is to say: slowly.

The first time the interpreter encounters an unknown symbol, it declares it as a variable and conditionally allocates it local scope. Will its value be preserved and available in other procedures? Who knows, I've never figured out the rule. Worse, the interpreter will always recast the variant subtype of this internally-declared variable when the contents are set equal to successive values of differing types.

Except for the odd time I caught it truncating doubles (FLOAT) by casting to long integer.

Now debug the spreadsheet that some forex trader is using to mark-to-market twelve sheets of multi-currency swaps, using four thousand lines of VB macros he wrote in a hurry without a single comment or variable declaration.

VBA lets you get away with far, far too much. Code beautifiers help, but there's no substitute for doing the thinking, then the coding. And I may as well state the obvious, that you can program well in VB just as easily as you can program badly. Far more easily, in fact; VB and the VB Integrated Development Environment were explicitly designed to facilitate coding for simplicity and ease-of-reading. You couldn't ask for better tools for the job.

Said Hairyears, who still needs a way of determining in advance whether a computational problem is in 'P' or 'NP'. It turns out that one of our Excel-based basket-valuation models is 'NP-Hard'.

*just like your debugger? Debuggers are one of the most astonishing feats of programming I have ever encountered. Do you know how difficult that is to do? Break, decompile, re-link as freestanding programs, one for each line, passing values through a context-specific symbol table every time you 'step'? It makes writing a two-pass compiler look trivial.


reply | thread )
userinfo andrewwyld
[userpic]
2005/03/17 14:47:20
An additional point occurs, namely, very few (if any!) browsers implement the W3C spec properly.  This includes Firefox -- the rendering bug where horizontal X-coloured hairlines appear between adjacent Y-coloured boxes within an X-colourd box is still there, meaning I have to stick everything inside Y-coloured divs just in case.

Given you can't get a browser that correctly displays all correct HTML, getting one that handles bad HTML gracefully is probably overambitious for now.  The problem is this:  Most browser users aren't coders, and they want to see whatever someone else wrote, even if it's not well-coded.  They cannot debug someone else's bad page for them (unless they are prepared to download and hand-hack the source -- which is always tedious and sometimes impossible).  It's understandable that browser designers regard ignoring bugs in HTML in some instances to be the least worst option, even if it is a bletcherous one.

It's my view that browsers should come with a "strict" switch so you can test your code ... I don't feel public-spirited enough to want to test everyone else's.
reply | thread )
userinfo senji
[userpic]
2005/03/17 14:49:57
That's a result of the inuration effect, and if browsers didn't have to deal with all the crap html out there then they'd be easier to write too :-).

Sadly there's a "race to the bottom" effect here.
reply | parent | thread )
userinfo andrewwyld
[userpic]
2005/03/18 02:44:09
That's an assumption.  Is it cause, or effect?  It's a cycle, of course, but this very fact explains why it hasn't been broken.
reply | parent | thread )
userinfo claroscuro
[userpic]
2005/03/17 21:42:32
The problem with this soft failure model is that it inures users, and they carry on making the same sorts of mistakes, and the more prevalent the mistakes are the harder it is to go through and fix them all. And every one time in 100 (or 1 in 10, or 1 in 10,000) something fails and the user says "oh, my computer's done something strange again".

AMEN!
reply | thread )

< | 11 glosses | comment | > )

On fragility - Squaring the circle...

> log in
> recent entries
> fiends
> archive
> toothywiki page
> profile
> new entry
> recent comments


> go to top