/r/programminghorror
Share strange or straight-up awful code.
RULES:
All posts MUST show terrible code. There are no exceptions.
No Editor Themes - If it's just your editor that looks bad, it doesn't belong here.
No Advertisement Code. This is generally written by people in marketing who only know what "code" looks like from other ads. It's not real code, so it doesn't belong.
No Student Code. Yes, they're learning, but bad code is part of the process.
No Generated Code. If it's minified JS, generated XML, or what have you, we don't want it here. Yes, the YouTube homepage has an extra right-angle bracket. We know.
No Asking for Help. Go to r/learnprogramming. What are you doing here?
No Spamming/Advertising. We don't care about your shitty Youtube video or new crypto that will "change the world".
Be Nice. No hate speech of any kind is allowed, as well as generally being a jerk. Talk about the code, not eachother.
No Direct Contact of the Mods. Please use the modmail, we don't want to be contacted directly.
Please direct stories without code to /r/talesfromtechsupport, and programming questions to /r/learnprogramming
Programming Horror is where developers come together to revel in the idiocy of our peers.
This subreddit is meant for sharing funny programming related stories and strange or straight-up awful code.
For the sake of not being mauled by rabid lawyer bears, please make sure to anonymize your stories - changing the names of people and companies.
For code examples, indent all your lines with 4 spaces to make it more readable:
foo = 'bar'
Sister subreddits
- talesfromtechsupport - Not everything that involves a computer is a programming horror story. For IT support related submissions, head on over here.
- talesfromdesigners - For our more artistically inclined brothers and sisters.
- badcode - When you don't have a story to go along with the horrible, horrible code.
- shittyprogramming - ninjas that only write in the <b>BEST</b> code
- usemysoftware - A subreddit for software developers to come post their software and for users to test it.
/r/programminghorror
351,443 Subscribers
04:31 UTC
Introduction to python for arts students, courtesy of chatgpt
When our prof copied the code from chat gpt she forgot to readd the indentation
maybe because she also, in spite of being a \"computional archivist\" does not know how to program
Happily my wife has a programming background and showed me how to do indentation so I could help my poor classmates.
04:08 UTC
Me casually doing some pseudo-generic C code
#ifndef VEC_H
#define VEC_H
#ifdef __cplusplus
extern "C" {
#endif // C++
#include <stdlib.h>
#include <stddef.h>
#include "utils.h"
#define Vec(T) CCAT(Vec, T)
#ifndef T
#define T void
#include "vec.h"
#endif
#define VEC_NULL { NULL, 0, 0 }
#define vec_push(self, item) req_semicolon({ \
if ((self)->len >= (self)->cap) \
vec_reserve(self, (self)->cap? (self)->cap: 4); \
(self)->ptr[(self)->len++] = item; \
})
#define vec_for_each(self, var, do) for ( \
size_t CCAT(_i_, var) = 0; \
CCAT(_i_, var) < (self)->len; \
CCAT(_i_, var)++ \
) { \
let var = &(self)->ptr[CCAT(_i_, var)]; \
do; \
}
#define vec_bsrch(self, r, item, fn) req_semicolon({ \
*(r) = 0; \
size_t l = 0, h = (self)->len, m = 0; \
while (l <= h) { \
m = (size_t) (l + (h - l) * .5); \
uint8_t c = fn((self)->ptr[m], (item)); \
if (!c) { *(r) = m + 1; break; } \
else if (c < 0) l = m + 1; \
else h = m - 1; \
} \
})
#define vec_reserve(self, size) vec_resize((self), (self)->cap + (size))
#define vec_resize(self, size) req_semicolon({ \
(self)->cap = (size); \
(self)->ptr = realloc((self)->ptr, (self)->cap * sizeof *(self)->ptr); \
})
#define vec_free(self, fn) req_semicolon({ \
for (size_t i = 0; i < (self)->len; i++) \
fn(&(self)->ptr[i]); \
if ((self)->ptr) free((self)->ptr); \
(self)->cap = (self)->len = 0; \
})
#define null_free(x) req_semicolon({ (void) x; })
#define cmp(a, b) ((a) == (b)? 0: (a) > (b)? 1: -1)
#ifdef __cplusplus
}
#endif // C++
#endif // VEC_H
#ifdef T
typedef struct Vec(T) { T* ptr; size_t len, cap; } Vec(T);
#undef T
#include "vec.h"
#endif // TVery little use of macros, i know
Besides, it works well, specially for a really old language like C
03:37 UTC
if (nowplaying.is_playing) {is_playing=true}
01:22 UTC
@coders.world
10:51 UTC
A minor offense, but why in God's name would you not indent or line break
10:00 UTC
Telegram bot in /bin/sh
[amd64, OpenBSD 7.6, ksh]
Why use all of those fancy libraries and programming languages if it can be implemented in a block of shell script with only echo, cut, tr, awk, sed, openssl and some piping magic?
Simple Telegram bot that forwards messages from specified channel (via s variable) to specified group (via t variable). s, t, and base url (b variable) must be specified in command line.
$ b=https://api.telegram.org/bot$TOKEN/ t=$TARGET_ID s=$SOURCE_ID ./forward.sh21:35 UTC
This is a timestamp on facebook that says "11h". The span containing the h is located somewhere between the two spans containing the 1s.
13:01 UTC
Are rhere any simpler ways to measure length of an array in JS?
20:18 UTC
This C89 function start monstrosity with 60+ variable definitions
This is for a graphing calculator and the SDK only supports ANSI C
20:14 UTC
How can I learn programming
Hello, I am planning to learn programming and I dont know what the basic steps are and how I can learn it. Can you suggest solutions to help me learn it from the beginning?
18:18 UTC
What is y, anyway?
17:54 UTC
An insane lexer helper function
typedef struct {
const char *filename;
char *line, c, next;
Token *tokens;
unsigned int line_no, column_no,
column_max, error_key,
token_no;
} LexerContext;
typedef struct {
unsigned int ErrorKey,
is_literal;
union {
char on_literal;
int (*on_condition)(int); /* int (int) isdigit and friends */
} as;
} CharErrorMechanism;
typedef struct {
CharErrorMechanism* error_triggers;
unsigned int size;
} CharErrorMechanisms;
char read_next(LexerContext *lexer_context) {
/* TODO: Fix logic later */
if (lexer_context->line == NULL) return '\0';
lexer_context->next = lexer_context->line[lexer_context->column_no + 1];
if (lexer_context->next) return '\0';
if (lexer_context->c != 0) lexer_context->c = lexer_context->next;
lexer_context->column_no++;
return lexer_context->next;
}
int group_while_n(char *buffer, int n, LexerContext *lexer_context, int (*condition(char c)), int is_ignore_space, CharErrorMechanisms *error_trigger_handler) {
unsigned i, j;
for (i = 0; (i < n) && (lexer_context->c && condition(lexer_context->c)); i++, read_next(lexer_context)) {
if (is_ignore_space && isspace(lexer_context->c)) {
continue;
}
buffer[i] = lexer_context->c;
if (!error_trigger_handler) {
continue;
}
/* over write char */
buffer[i] = '\0';
for (j = 0; j < error_trigger_handler->size; j++) {
if (!error_trigger_handler->error_triggers[j].is_literal
&& error_trigger_handler->error_triggers[j].as.on_condition(lexer_context->c)) report_error(lexer_context);
/* internal screaming */
else if (error_trigger_handler->error_triggers[j].is_literal &&
(error_trigger_handler->error_triggers[j].as.on_literal == lexer_context->c)) report_error(lexer_context);
}
}
return i;
}15:56 UTC
We finally got permission to work on obsoleting this legacy code, because we can no longer add new features to it; it will not compile if it requires more than 99 different user input parameters to call it from the command line, and we hit that limit.
19:07 UTC
C Macro Warcrimes in a LKM
This is a header for a Linux Kernel Module i wrote. Its part of a project developing a Linux Rootkit. This part is used to provide functions macros to hook various functions in the Linux kernel. The macros create multiple static variables for every function hook and define at least two functions.
I am sure there are better ways to do this, but I had fun writing macros the other night. And also trolling my teammate :D
I think thats a good fit for here xD
09:44 UTC
I knew my old p5.js code would be a great fit for this subreddit, but I didn't remember it being quite this bad
08:22 UTC
Other languages have utilities like a null-filter or enumerate wrapper for this...
00:02 UTC
Programming war crimes
This is a program that was developed by a third-party company, and which I was tasked to maintain/continue to develop. Each method is a callback which has a for inside them, and all of this code is inside a for loop. This whole method takes two minutes to run.
12:27 UTC
code i wrote at 2am
10:17 UTC
The horror of backend programming
You're working on a project, everything goes fine.
Then you come back to it 1 month later and it does not even open.
20:38 UTC
CSS error in Reddit
21:03 UTC
Horror with Credentials: The Curious Case of GCP Secrets
Today’s journey into the depths of legacy code brought me face-to-face with something truly frightening—horror with credentials.
I’ve been migrating an old service from Heroku to AWS, and part of the process involved transferring a bunch of environment variables. Nothing too out of the ordinary… until I stumbled upon not one, not two, but three different sets of Google Cloud Platform (GCP) credentials lurking in the configuration.
At first, I figured it was just one of those “forgotten relics” from past deployments. But being the curious person I am, I couldn’t resist taking a deeper dive into the code to see where these credentials were being used. And that’s where the fun—or terror—truly began.
Random Acts of Credential Use
What did I discover? Apparently, this service was making requests to a third-party API, but instead of using a single GCP credential like a sane, well-organized app might, it had a completely different plan in mind. The credentials were being randomly selected for each request. Every. Single. Time.
Yes, you read that right. For some reason (likely lost to the sands of time), the code was written to choose between three different GCP credentials at random, like some kind of cloud-based game of roulette. If one set failed, the next request would just spin the wheel and try another. No logic, no fallback mechanisms, no real sense of why it needed three credentials at all. Just pure chaos in the form of random authentication.
Why?
There’s no logical explanation. Maybe someone thought they were increasing redundancy? Or perhaps the credentials were split between dev, staging, and production, and someone forgot to clean them up before going live? Or maybe—and this is my favorite theory—it was just a tired engineer’s way of solving a "that shouldn't happen" problem late on a Friday night.
The Consequences
Luckily, nothing seemed to be broken (yet), but this kind of setup feels like an accident waiting to happen. Imagine a scenario where one of these GCP projects gets decommissioned. Suddenly, every third request to that service would start failing mysteriously. And good luck debugging that if you didn’t know about the randomness buried in the code!
Lessons Learned (and a Laugh)
While I got a good chuckle out of this, it’s also a reminder of how important it is to manage environment variables and credentials properly. Having multiple credentials floating around is bad enough, but adding random selection into the mix turns what should be a straightforward task into a horror story.
If you’re working with sensitive credentials, follow the principle of least privilege and use centralized, consistent management tools like AWS Secrets Manager or GCP’s Secret Manager. And for the love of sanity, don’t play credential roulette.
In the end, I cleaned up the mess, consolidated the credentials, and moved everything to a more secure and predictable setup in AWS. But the experience will stay with me for a while. After all, not all horror stories come with ghosts or ghouls—some come with too many GCP credentials.
TL;DR: I found three GCP credentials randomly being used in a legacy service. It was a funny, chaotic setup that highlighted why it's important to manage credentials properly—so no more credential roulette in your infrastructure!
17:34 UTC
an old programming language i made
11:15 UTC
God I love python
09:48 UTC
My new memory allocator. AI is the future
01:48 UTC
Coding in neography
20:11 UTC