Debugging partial functions by the rules
Donald Bruce Stewart
dons at cse.unsw.edu.au
Tue Nov 14 23:54:31 EST 2006
So all this talk of locating head [] and fromJust failures got me
thinking:
Couldn't we just use rewrite rules to rewrite *transparently*
all uses of fromJust to safeFromJust, tagging the call site
with a location?
To work this requires a few things to go right:
* a rewrite rule
* assertions
* and rewrite rules firing before assertions are expanded
Let's try this. Consider the program:
1 import qualified Data.Map as M
2 import Data.Maybe
3
4 main = print f
5
6 f = let m = M.fromList
7 [(1,"1")
8 ,(2,"2")
9 ,(3,"3")]
10 s = M.lookup 4 m
11 in fromJust s
When we run it we get the not so useful error:
$ ./A
A: Maybe.fromJust: Nothing
Ok, so we have a few tricks for locating this, using LocH
(http://www.cse.unsw.edu.au/~dons/loch.html), we can catch an
assertion failure, but we have to insert the assertion by hand:
1 import Debug.Trace.Location
2 import qualified Data.Map as M
3 import Data.Maybe
4
5 main = do print f
6
7 f = let m = M.fromList
8 [(1,"1")
9 ,(2,"2")
10 ,(3,"3")]
11 s = M.lookup 4 m
12 in safeFromJust assert s
13
14 safeFromJust a = check a . fromJust
Which correctly identifies the call site:
$ ./A
A: A.hs:12:20-25: Maybe.fromJust: Nothing
Now, this approach is a little fragile. 'assert' is only respected by GHC if -O
is *not* on, so if we happened to try this trick with -O, we'd get:
$ ./A
A: Debug.Trace.Location.failure
So lesson one: you have to do the bug hunting with -Onot.
Currently there's -fignore-asserts for turning off assertions, but no flag for
turning them on with -O, Simon, could this be fixed? Could we get a
-frespect-asserts that works even with -O ?
Ok, assuming this assert trick is used, can we get the compiler to insert the
asserts for us? If so, this would be a great advantage, you'd just be able to
switch on a flag, or import a debugging module, and your fromJusts would be
transparently rewritten. With rewrite rules we do just this!
So, to our initial unsafe use of fromJust, we add a rewrite rule:
--
-- rewrite fromJust to a located version, and hope that GHC expands
-- 'assert' after the rule fires..
--
{-# RULES
"located fromJust" fromJust = check assert . myFromJust
#-}
This just tells the compiler to replace every occurence of fromJust with a
assertion-throwing fromJust, should it fail. We have to use myFromJust here, to
avoid rule recursion.
--
-- Inlined to avoid recursion in the rule:
--
myFromJust :: Maybe a -> a
myFromJust Nothing = error "Maybe.fromJust: Nothing" -- yuck
myFromJust (Just x) = x
Ok, so can we get ghc to rewrite fromJust to the safe fromJust magicaly?
$ ghc --make -Onot A.hs -fglasgow-exts -ddump-simpl-stats
[1 of 1] Compiling Main ( A.hs, A.o )
1 RuleFired
1 located fromJust
Linking A ...
Yes, the rule fired! GHC *did* rewrite our fromJust to a more useful fromJust.
Running it:
$ ./A
A: A.hs:19:36-41: Maybe.fromJust: Nothing
Looks good! But that is deceiving: the assert was expanded before the rule
fired, and refers to the rewrite rule source line (line 19), not the fromJust
call site (line 12). Now if we could just have the 'assert' token inserted
into the AST before it was expanded, we'd be home and dry. Could this be done
with TH? Or could we arrange for asserts in rewrite rules not to be expanded
till later?
Note that this is still a useful technique, we can rewrite head/fromJust/... to
some other possibly more useful message. And if we can constrain the rule to fire
in only particular modules, we may be able to narrow down the bug, just by
turning on a rule. For example, adding:
{-# RULES
"located fromJust" fromJust = safeFromJust
#-}
safeFromJust s = case s of
Nothing -> "safeFromJust: failed with Nothing. Ouch"
Just x -> x
will produce:
$ ./A
"safeFromJust: failed with Nothing. Ouch"
So rewrite rules can be used to transparently alter uses of partial functions
like head and fromJust.
So, further work:
* have 'assert' respected when -O is on
* think up a technique for splicing in 'assert' via rewrite rules (or TH
...) such that the src locations are expanded after the rewrite, and
correctly reflect the location of the splice point.
Any ideas?
-- Don
More information about the Glasgow-haskell-users
mailing list