[racket] Code that double checks is good, bad, other?

From: Michael Wilber (gcr at sneakygcr.net)
Date: Fri Oct 3 13:47:29 EDT 2014

My opinion: Which will waste less time over all uses of your program? A
few extra CPU-minutes of double checks, or a few extra man-weeks of
debugging when one of your code's assumptions fails?

Sean Kanaley <skanaley at gmail.com> writes:
> Hello all,
>
> Sometimes I run into situations where a callee has certain input
> constraints that the caller must satisfy. Particularly when the caller is
> just below the user interface level, this can lead to redundant checks. For
> example, if the the callee takes an integer, and the user input function
> pulls from a control that only accepts integers to begin with, there is
> really no need for the caller to validate that the thing received from the
> control is really an integer before calling the callee with it. It's this
> middle function between UI and underlying low level model function that
> seems to have redundancy. Actually, the callee wouldn't have to verify
> either, but the callee would be used elsewhere where there might be no
> guarantee.
>
> An analogy is the water company should put water into the system, and water
> should be verified at the tap before blinding drinking it, but does every
> piece of underground pipe need to be like "yep it's water"?
>
> The answer is seemingly "no".
>
> But then it's an issue in a larger program of refactoring every bit of code
> to take maximum advantage of every statically-guaranteed piece of
> information, running as unsafe-yet-still-safe as possible. That seems like
> a lot of manual effort that can be avoided by just throwing in what may or
> may not be a redundant check depending on which series of pipes the
> information flows through.
>
> So as a practical matter, it's an issue of catching errors (bugs) as soon
> as possible vs. there aren't supposed to be any bugs to begin with. So one
> can argue that either 1. I don't understand my program well enough or 2.
> bigger programs are hard to understand, and some measure of practicality is
> warranted. Perhaps the question is more philosophical in the end...is it
> better to have something quickly and useful that works 99% of the time, or
> a perfect guarantee but potentially longer development time? The answer
> depends on whether it's for weapon systems guidance or a hello world
> example.
>
> This question is probably more fit for stack-X, but I wonder what the
> Racket people think of "excessive" checks.
> ____________________
>   Racket Users list:
>   http://lists.racket-lang.org/users

Posted on the users mailing list.