The Pattern-Matching Bug: a disabled-by-default warning on unexpectedly-partial matches#13341
Conversation
|
It is not possible to disable or enable this warning by attribute. I believe a similar problem existed for warning 68 while it still existed. (That's the "match-on-mutable-state-prevent-uncurry" warning that went away with syntactic function arity.) I suspect we would need to store a It may well be that the cost-benefit analysis is in favor of merging this as-is — typedtree changes involve some churn. |
ncik-roberts
left a comment
There was a problem hiding this comment.
I'm in favor of this PR. Disabling the warning by default sounds like the right idea, but it is nice to give users the ability to gauge whether their code might get the unexpected Match_failure.
|
I looked at why the warning cannot be silenced with attributes. This is a general issue with warnings emitted during the typedtree->lambda phase. Currently we use |
b862830 to
e72e125
Compare
c528954 to
5c2f5c8
Compare
|
At a highlevel, this looks good to me - I have one very minor comment on the warning name. I agree with your rationale for changing the description (and removing the references to mutability, etc.) but the use of "unexpected" in the name implies to me that this warning is always some kind of potential bug. Especially as we now have correct test examples which we expect to emit an unexpected warning, "unexpected" feels wrong! Couldn't |
863ed3a to
f9dbe4e
Compare
|
@dra27 I applied your suggestion so now the name is |
|
@Octachron, @dra27: this is a ping, in case one of you would be willing to revisit -- I applied all review suggestions so far. |
|
(gentle ping again) |
Octachron
left a comment
There was a problem hiding this comment.
The warning emission code looks good to me.
However, the warning description spends too much time trying to explain why it would rather avoid discussing the cause of the warning.
In particular, the description should not take 6 paragraphs to mention mutable fields.
I would propose to remove all this tiptoeing before merging the PR.
|
@Octachron the current wording of the documentation (which most people will never read, so maybe it's no big deal if there are two more paragraphs than you would have like) comes from my experience of writing a first version that clearly blamed mutable state for all instances of this warning, and then immediately finding counter-examples where polymorphic variants would result in this warning as well. The counter-examples that we found were fixed, but structurally the compiler does not raise the warning when it degrades partiality under a mutable match, it raises the warning at toplevel for all situations where it generated a jump to the final handler -- without specific feedback on what caused these situations. To the best of my knowledge, this situation currently only arises due to mutable fields, but I am not 100% confident that this is the case today, and I am willing to bet that this will become wrong in the future again as we keep evolving the language and the pattern-matching compiler. |
|
You can keep the information that the pessimization might happen in unknown cases, while mentioning earlier the single known case. But I do believe that the sentences about your reluctance to describe the pattern-matching compiler should be removed. For instance, copy-editing a bit your text:
(
|
|
Thanks! I included your proposed modification. |
69a0867 to
731b397
Compare
|
A long time to agree with a name, but |
731b397 to
2a3669b
Compare
|
My point of view is that this new warning should be cherry-picked to 5.3: the core pattern-matching change is in 5.3, and it doesn't make sense to introduce the warning one version later when it is already implemented. |
|
I agree, and I think that it would be nice to also include #13154, which is a relatively minor improvement, has already been reviewed and approved, and whose existence we took into account when reasoning about the desiderability of #13152. On the other hand, no terrible harm would occur if we delay that one to 5.4, so feel free to ask for this. |
|
Agreed for #13154 in 5.3, since this would decrease the number of versions of the pattern matching compiler present in released compilers. |
|
I observe the following failure of the test memory-model/forbidden.ml (in bytecode) on MSVC 64 on this PR: -Observation MP+PA Never
+Observation MP+PA Sometimes
+Invalid behaviour on test MP+PA |
The Pattern-Matching Bug: a disabled-by-default warning on unexpectedly-partial matches (cherry picked from commit 8ce3e6a)
|
@gasche, the warning is not documented in the man page ( |
This PR is part of the Pattern-Matching Bug Saga, see the summary comment in #7241 (comment) . It is in the context of #13152, the "main" PR that actually fixes the Pattern-Matching Bug, by intentionally pessimizing pattern-matching compilation in certain cases. (It is written on top of #13153, which is itself on top of #13152.)
In the discussion of #13152, @ncik-roberts and myself discussed whether there was a risk of this intentional pessimization affecting certain existing programs. (Either programs that are buggy because of The Pattern-Matching Bug, but their authors are confident that the bug scenario, which involves concurrent mutations of the scrutinees, will not occur in practice, so they would rather be fast than correct. Or programs that are not in fact buggy, but are still pessimized by the pattern-matching compiler because its analysis of when to pessimize over-approximates as always.)
@ncik-roberts proposed that we add a warning, disabled by default, that flags the situation where the code is pessimized by #13152 (or, it turns out, #13076). See the details of the discussion in #13152 (comment) .
The present PR implements such a warning, and documents it in the "Warning reference" section of the reference manual, which has description of the most subtle warnings -- to guide users on when to enable them or how to act when they are raised.
Detail: phrasing of the warning
The warning is raised whenever the pattern-matching compiler detects that the code produced is more partial than expected by the type-checker. The only known case of this situation is due to pattern-matching on mutable fields. Initially I phrased the warning in a rather directed way, saying explicitly that it was raised due to pattern-matching on mutable fields.
But then we found out (thanks to the warning) that the situation occurred more cases than we originally thought, due to a regression caused by #13076, which in fact degrades partiality in cases not involving mutable fields. I tracked this regression down yesterday and there is a PR open to fix it ( #13338 ), but this experience made me less certain about when this warning can occur -- it is possible that some situations remain (or appear in the future) where other features than mutable fields result in pessimization and this warning is raised. I tuned down the phrasing accordingly: