<div dir="ltr">Hi Owen, Dave,<div><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><span style="font-size:13px">I want to ask what I feel is an important high-level question here: how does this approach differ, fundamentally, from exceptions, and why should we go down the route of building our own error handling scheme rather than “just” adopting exceptions?</span> </blockquote><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><br><span style="font-size:13px">To answer my own question, my impression is that your proposed scheme is functionally similar to exceptions, with the major deviation of being opt-in rather than opt-out...</span></blockquote><div><br></div><div>I think that's a good one-line summary of the difference between the two schemes.</div><div><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><span style="font-size:13px">In particular, an opt-in scheme will require threading the error-handling type system through many layers of generic and/or boilerplate code in order to allow various callbacks in target backends to report errors properly.</span></blockquote><div><span style="font-size:13px"><br></span></div><div>Agreed. For the purposes of this discussion I'm going to take it as given that we *should* be handling these errors, and currently can't because we haven't turned on exceptions or threaded anything through.</div><div><br></div><div>If we turned exceptions on we wouldn't need any API changes, but we would pay the overhead for exceptions and RTTI everywhere in LLVM except where we explicitly opt out via noexcept specifiers. To get an upper bound on this I did a Release (non-LTO) build of LLVM with and without exceptions+RTTI turned on. I didn't get past looking at the binary size differences: clang got >9% bigger. Other tools got between 2% and 25% bigger, with most clustered around a 10-15% increase. Those are some scary size regressions.</div><div><br></div><div>If we use TypedError to solve this we would have to thread errors through many layers of the stack to get to ISel (pass managers, passes, etc). However, I believe that only a very small percentage of all LLVM functions would need to change, and I expect the space and performance overhead of TypedError to be correspondingly small. So we end up trading some engineering effort (explicitly threading TypedError) for (I expect) better performance.</div><div><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><span style="font-size:13px">It may be that other approaches, more like the diagnostic handling options discussed in the original thread (& that we have plumbed through for the "remarks" support). But maybe you need a hard stop on these errors, in which case you do need some implicit or explicit control flow to get you out.</span></blockquote><div><br></div><div>As I mentioned in the RFC thread I'm not opposed to diagnostic handlers, but I think they're a solution for a fairly specific problem. Since the primary aim here is to return cleanly (without taking down whatever program called the failing operation), we need some sort of error return. With TypedError, the error value is sufficient to hold the error message and the question becomes: What value would be added by threading a diagnostic handler through as well? Some libraries, particularly those that need to produce non-trivial source diagnostics like in clang and LLVM's IR parser, will actually want a diagnostic handler, whereas something like ISel can probably get away with an error-return alone.</div><div><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><span style="font-size:13px">I can speak only to my own use case here: if my frontend provided me with contract-violating IR, I want to propagate an error all the way out to the the client (non-LLVM code) such that (1) they can log/report the error as appropriate for the platform, to aid in future debug, and (2) to give them a chance to recover via higher-order mechanisms such as falling back to a lower tier JIT, to an interpreter, or simply to an unoptimized compilation. My impression is that #2 tends to get overlooked here, but many online and JIT compilation use cases have reasonable fallbacks options to continue program execution even if LLVM fails in a nominally unrecoverable manner.</span></blockquote><div><span style="font-size:13px"><br></span></div><div>Yep. I think this need is satisfied equally well by my scheme or exceptions. </div><div><br></div><div>- Lang.</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Mar 1, 2016 at 2:02 PM, David Blaikie <span dir="ltr"><<a href="mailto:dblaikie@gmail.com" target="_blank">dblaikie@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote"><span class="">On Tue, Mar 1, 2016 at 1:55 PM, Owen Anderson <span dir="ltr"><<a href="mailto:resistor@mac.com" target="_blank">resistor@mac.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word"><span><br><div><blockquote type="cite"><div>On Mar 1, 2016, at 1:43 PM, David Blaikie <<a href="mailto:dblaikie@gmail.com" target="_blank">dblaikie@gmail.com</a>> wrote:</div><br><div><div style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px">It may be that other approaches, more like the diagnostic handling options discussed in the original thread (& that we have plumbed through for the "remarks" support). But maybe you need a hard stop on these errors, in which case you do need some implicit or explicit control flow to get you out. There was a bit of discussion about how to do this for lld recently - returning stub results that are "sufficient" maybe with a flag saying "this isn't a real result" - more like Clang's Parser/Sema: we don't have error results everywhere. We return erroneous stubs and the like which allow a lot of Clang to continue on without worrying about whether something failed. Only handling the failures in relatively few places.</div><div style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px"><br></div><div style="font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px">This is also useful for providing error recovery/multiple errors (eg: this instruction /and/ thin instruction were both wrong - so the user doesn't have to edit/compile loop again just to find out the two lines they wrote both needed changes). </div></div></blockquote></div><br></span><div>I can speak only to my own use case here: if my frontend provided me with contract-violating IR, I want to propagate an error all the way out to the the client (non-LLVM code) such that (1) they can log/report the error as appropriate for the platform, to aid in future debug, and (2) to give them a chance to recover via higher-order mechanisms such as falling back to a lower tier JIT, to an interpreter, or simply to an unoptimized compilation. My impression is that #2 tends to get overlooked here, but many online and JIT compilation use cases have reasonable fallbacks options to continue program execution even if LLVM fails in a nominally unrecoverable manner.</div></div></blockquote><div><br></div></span><div>Fair point - a callback mechanism could still be used to achieve that goal (or hybrid mechanisms involving the kind of "stub result" sort of stuff Clang does - you could register a null diagnostic handler and still expect the system to fail and in (2) I imagine you don't differentiate the specific failures much just "LLVM JIT didn't work, try the other thing"). Possibly not the best tool for the job, but one path that could be considered.<br><br>But yeah, good to keep that scenario in mind to be sure - thanks for articulating/clarifying it (& if my responses aren't making sense in that context, sorry about that - happy to try to clarify/explain differently)<br><br>- Dave </div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word"><span><font color="#888888"><div><br></div><div>—Owen</div></font></span></div></blockquote></div><br></div></div>
</blockquote></div><br></div>