I think one of the most common and most expensive (in terms of maintenance) programming errors I see is the handling of exceptions.
I am sure everybody who is passionate about programming has their own principles, but this is my blog, so here are mine. You can give me yours in the comments.
David's Principles of Exception Handling and Reporting
- Silence is deadly - This is the overriding principle. The stack trace is a beautiful thing to someone trying to fix an issue. An error message without a stack trace, or worse yet, silence, is the cloaked harbinger of hours, days, even weeks of hair-pulling debugging. Please, please, do not just quietly catch an exception and do nothing or just print out the message and not the stack trace.
- When in doubt, throw it - If you call a method that throws an checked exception, generally you should rethrow the exception. The only time you shouldn't is if your method is responsible for communicating with the user.
- Have one exception class per module - Here a module is a conceptual grouping of classes that together provide a service. I generally follow the principle that a module should have one and only one exception class, and all exceptions thrown by that module should be of that class. It's not helpful to creatively invent new exceptions for each condition. But, as usual, there are exceptions, particularly when you want to communicate a very particular situation. Bot those exceptions are rare, IMHO.
- Don't break the chain - Because of the two principles above, you need to wrap exceptions you re-throw in the exception class for your module. Please don't just throw a new exception without wrapping the old one - vital information is lost that way, and you are likely cursing somebody (maybe even yourself) to hours or even days of head-scratching. Java has had exception chaining for years - learn it and use it.
- The buck stops here - If you have nobody to re-throw to (generally because your method was invoked by a user action), sorry, but it is your responsibility to report the error the user. Who the user is and how you report it depends on your application. If you're a server application, you need a way to send the error message to the client. If you're a user application, you need to report the error through the UI. In either case, you need translate geek-speak into user-speak. Thus the next principle...
- Be a butler - When you report an error to a user, don't be a gruff soup nazi. Be helpful. Describe the error, provide a likely cause, and offer possible actions the user can take. So instead of "I/O error: unable to read next 10 bytes from stream" say something like "We encountered an error while trying to talk to the server. It is possible the network connection was lost or the server was stopped. Please check to see if the network is working and the server is running and try again."
- Log it - When you report a nice helpful error message to the user, log the full stack trace to the error log and not just the message. Log anything else you think is useful, the more information the better. This essential for the poor sod who has to try to track down the cause of the error. If you don't have an error log, get one.
- Now what - You've just reported an error, what are you going to do next? The answer, of course, is "it depends." It's a discussion left for another day, but my general principle is, if data or long-term state is involved, it's time to fail quickly to avoid data corruption. If data is not involved - it's about a user session and user interaction, you generally report the error and move on - the user is responsible for any corrective action.