Holy cow, I wrote a book!
Only an idiot would have parameter validation, and only an idiot
would not have it.
In an attempt to resolve this paradox,
commenter Gabe suggested,
"When running for your QA department, it should crash
when running for your customer, it should silently keep going."
A similar opinion was expressed by
and some others.
This replaces one paradox with another.
Under the new regime,
your program reports errors only when nothing is at stake.
"Report problems when running in test mode,
and ignore problems when running on live data."
Isn't this backwards?
Shouldn't we be more sensitive to
problems with live data than problems with test data?
Who cares if test data gets corrupted? That's why it's test data.
But live data—we should get really concerned when there's
a problem with live data.
Allowing execution to continue means that you're attempting to
reason about a total breakdown of normal functioning.
Now, if your program is mission-critical,
you probably have some recovery code that attempts to
reset your data structures to a "last known good" state
or which attempts to salvage what information it can,
like how those space probes have a safe mode.
And that's great.
But silently ignoring the condition means that your
program is going to skip happily along,
unaware that what it's doing is probably taking a bad
situation and subtly making it slightly worse.
Eventually, things will get so bad that
something catastrophic happens,
and when you go to debug the catastrophic
failure, you'll have no idea how it got that way.