Home/ Questions/Q 3492610
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-18T11:46:46+00:00

Erlang’s (or Joe Armstrong’s?) advice NOT to use defensive programming and to let processes

  • 0

Erlang’s (or Joe Armstrong’s?) advice NOT to use defensive programming and to let processes crash (rather than pollute your code with needless guards trying to keep track of the wreckage) makes so much sense to me now that I wonder why I wasted so much effort on error handling over the years!

What I wonder is – is this approach only applicable to platforms like Erlang? Erlang has a VM with simple native support for process supervision trees and restarting processes is really fast. Should I spend my development efforts (when not in the Erlang world) on recreating supervision trees rather than bogging myself down with top-level exception handlers, error codes, null results etc etc etc.

Do you think this change of approach would work well in (say) the .NET or Java space?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    It’s applicable everywhere. Whether or not you write your software in a “let it crash” pattern, it will crash anyway, e.g., when hardware fails. “Let it crash” applies anywhere where you need to withstand reality. Quoth James Hamilton:

    If a hardware failure requires any immediate administrative action, the service simply won’t scale cost-effectively and reliably. The entire service must be capable of surviving failure without human administrative interaction. Failure recovery must be a very simple path and that path must be tested frequently. Armando Fox of Stanford has argued that the best way to test the failure path is never to shut the service down normally. Just hard-fail it. This sounds counter-intuitive, but if the failure paths aren’t frequently used, they won’t work when needed.

    This doesn’t precisely mean “never use guards,” though. But don’t be afraid to crash!

    • 0