Zulip Chat Archive
Stream: lean4 dev
Topic: Panics in syntax accessors
Gabriel Ebner (Sep 13 2022 at 10:34):
fix: panic when Syntax.missing
I got a panic error message today in VS Code because of this function.
It is weird because, as far as I can tell, this function is only used by
theregister_simp_attrmacro, and this macro was not being used in
the files I was editing.
I think the fix is resonable for aSyntax.missingcase.
@Leonardo de Moura Thanks for spotting this issue, I completely forgot that .missing is a valid syntax for every TSyntax k.
Unfortunately, the same issue is present in a lot of other functions. Just one example:
macro "same" &"issue" n:num : term =>
open Lean in pure (quote n.getNat : Term)
#check same issue -- PANIC
Personally I'm not a fan of panic! at all, since it completely defies the principle of "well-typed programs don't crash". Particularly with Syntax, we often get temporarily wrong syntax trees during editing, and the most common ways to access syntax (pattern matching, indexing) fail safely. So my preference would be to remove the panic cases for these syntax accessors entirely, and return a default value instead (0, empty string, etc.). Any thoughts?
Leonardo de Moura (Sep 13 2022 at 10:41):
Yes, panic!s behavior is a recurrent issue.
Personally I'm not a fan of panic! at all, since it completely defies the principle of "well-typed programs don't crash".
Note that the program only crashes if we set the environment variable LEAN_ABORT_ON_PANIC.
So my preference would be to remove the panic cases for these syntax accessors entirely, and return a default value instead (0, empty string, etc.). Any thoughts?
I am fine with this solution, but in the past others complained about silently returning the default value in similar situations.
Gabriel Ebner (Sep 13 2022 at 11:00):
but in the past others complained about silently returning the default value in similar situations.
I think this is more of an issue with List.head! [], where [] is both a perfectly common value for List Nat, and a value which should be handled in a separate case. With Syntax.NumLit, the only common value is ⟨.atom ..⟩; the ⟨.missing⟩ value should not be treated differently since it only comes from parsing errors.
Note that some Syntax functions are already non-panicking. For example, Syntax.getIdent or TSyntax.getIdent return the anonymous name if the argument is not an identifier. stx[i] returns .missing if the argument is not a node, etc.
Gabriel Ebner (Sep 13 2022 at 11:16):
Note that the program only crashes if we set the environment variable
LEAN_ABORT_ON_PANIC.
Okay, I was stretching the term "crash" here a bit. For the user, it doesn't matter too much if the program terminates from an abort, from a segfault, or prints a pages-long scary warning message. All of these are issues that need to be fixed.
Leonardo de Moura (Sep 13 2022 at 11:24):
Note that some Syntax functions are already non-panicking. For example, Syntax.getIdent or TSyntax.getIdent return the anonymous name if the argument is not an identifier. stx[i] returns .missing if the argument is not a node, etc.
I am fine with not panicking in Syntax functions.
Last updated: Dec 20 2023 at 11:08 UTC