User Tools

Site Tools


principles:fail_fast

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
principles:fail_fast [2021-09-02 12:02] – old revision restored (2021-05-19 11:17) 65.21.179.175principles:fail_fast [2021-10-18 21:33] (current) – +++ restored +++ christian
Line 3: Line 3:
 ===== Variants and Alternative Names ===== ===== Variants and Alternative Names =====
  
-  * Rule of Repair+  * Rule of Repair((Eric S. Raymond: //[[http://www.catb.org/~esr/writings/taoup/html/ch01s06.html#id2878538|The Art of Unix Programming: Rule of Repair]]//)) 
 +  * Crash Early((Andrew Hund and David Thomas //[[http://pragprog.com/the-pragmatic-programmer/extracts/tips|The Pragmatic Programmer]]//, p. 120))
  
 ===== Context ===== ===== Context =====
 /* fill in contexts here: */ /* fill in contexts here: */
-  * [[contexts:Object-Oriented Design]] +  * [[contexts:Implementation]] /* FF is more about implementation than design */ 
 +  * [[contexts:API Design]] 
  
  
 ===== Principle Statement ===== ===== Principle Statement =====
  
-> Repair what you can — but when you must failfail noisily and as soon as possible.((Eric S. Raymond: //[[http://www.catb.org/~esr/writings/taoup/html/ch01s06.html#id2878538|The Art of Unix Programming: Rule of Repair]]//))+A design is better when fails fasti.e. as soon as an unrepairable erroneous condition is encountered.
  
  
 ===== Description ===== ===== Description =====
  
 +Check for erroneous conditions like wrong parameter values, unmet preconditions, violated invariants, etc. In case of methods this means that it checks for errors and reports them for example by means of throwing an exception.
  
  
 ===== Rationale ===== ===== Rationale =====
  
 +When a failure remains undetected, it propagates through the system ultimately causing other modules to fail. This results in in a more complicated fault removal. Furthermore undesired side effects like corrupted files may occur. A crashed program clearly communicates that there is a problem and is often a better situation than a misbehaving program.
  
  
 ===== Strategies ===== ===== Strategies =====
 +
 +  * Check input parameters for validity -- especially non-nullness.
 +  * Throw an Exception.
 +  * Use assertions.
 +
 +
 +===== Caveats =====
 +
 +FF reveals problems which are already present in the system. For a system with only a few problems, this is good as the remaining faults are identified and fixed more easily. But applying FF to a system that has many problems may decrease reliability further as problems which were hidden, show up, produce error messages and lead to system aborts.
 +
 +See also section [[#contrary principles]].
  
  
Line 49: Line 64:
 ==== Complementary Principles ==== ==== Complementary Principles ====
  
-  * [[principles:Postel's Law]] +  * [[Postel's Law]]: While FF is (amongst others) about checking for erroneous parameters, Postel's Law is about not being too strict with parameters. It says that the design should allow for uncommon or strangely arranged (yet meaningful) input data. This does not contradict FF as Postel's Law does not demand to process meaningless or erroneous data. 
-  * [[principles:Rule of Least Surprise]]+  * [[Principle of Least Surprise]] (PLS): FF is about what a module should do in the case of error. PLS on the other hand is about how the module should behave normally. Furthermore it normally is not a surprise that a module fails when there is an error but a module that doesn't fail when it should, behaves strangely. 
 +  * [[Murphy's Law]] (ML): Even better than failing fast is to make errors logically impossible. ML is about this.
  
 ==== Principle Collections ==== ==== Principle Collections ====
Line 57: Line 73:
 {{page>collections:Principles in "The Pragmatic Programmer"#Box}} {{page>collections:Principles in "The Pragmatic Programmer"#Box}}
  
-===== Example =====+===== Examples =====
  
  
Line 69: Line 85:
  
   * Eric S. Raymond: //[[http://www.catb.org/~esr/writings/taoup/html/ch01s06.html#id2878538|The Art of Unix Programming: Rule of Repair]]//   * Eric S. Raymond: //[[http://www.catb.org/~esr/writings/taoup/html/ch01s06.html#id2878538|The Art of Unix Programming: Rule of Repair]]//
 +  * Andrew Hund and David Thomas //[[http://pragprog.com/the-pragmatic-programmer/extracts/tips|The Pragmatic Programmer]]//
   * [[wiki>FailFast]]   * [[wiki>FailFast]]
   * [[wp>Fail-fast]]   * [[wp>Fail-fast]]
   * Jim Gray: //[[http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.110.9127|Why Do Computers Stop And What Can Be Done About It?]]//   * Jim Gray: //[[http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.110.9127|Why Do Computers Stop And What Can Be Done About It?]]//
   * Joshua Bloch: //[[http://www.infoq.com/presentations/effective-api-design|How to Design a Good API & Why it Matters]]//   * Joshua Bloch: //[[http://www.infoq.com/presentations/effective-api-design|How to Design a Good API & Why it Matters]]//
 +
 +===== Discussion =====
 +
 +Discuss this wiki article and the principle on the corresponding [[talk:principles:Fail Fast|talk page]].
  
principles/fail_fast.1630576967.txt.gz · Last modified: 2021-09-02 12:02 by 65.21.179.175