|
Unix Programming - Basics of the Unix Philosophy - Rule of Repair: Repair what you can — but when you
Rule of Repair: Repair what you can — but when you
must fail, fail noisily and as soon as possible.
Software should be
transparent in the way that it fails, as well
as in normal operation. It's best when software can cope with
unexpected conditions by adapting to them, but the worst kinds of bugs
are those in which the repair doesn't succeed and the problem quietly
causes corruption that doesn't show up until much later.
Therefore, write your software to cope with incorrect inputs and
its own execution errors as gracefully as possible. But when it
cannot, make it fail in a way that makes diagnosis of the problem as
easy as possible.
Consider also Postel's Prescription:[10]
“Be liberal in what you accept, and conservative in what you
send”. Postel was speaking of network service programs, but the
underlying idea is more general. Well-designed programs cooperate
with other programs by making as much sense as they can from
ill-formed inputs; they either fail noisily or pass strictly clean and
correct data to the next program in the chain.
However, heed also this warning:
|
The original HTML documents recommended “be generous in
what you accept”, and it has bedeviled us ever since because
each browser accepts a different superset of the specifications. It
is the
specifications
that should be generous,
not their interpretation.
|
|
| --
Doug McIlroy
|
|
McIlroy adjures us to
design
for
generosity rather than compensating for inadequate standards with
permissive implementations. Otherwise, as he rightly points
out, it's all too easy to end up in tag soup.
[an error occurred while processing this directive]
|
