Skip to content
  • Sebastian Graf's avatar
    DmdAnal: Improve handling of precise exceptions · 9bd20e83
    Sebastian Graf authored and Marge Bot's avatar Marge Bot committed
    This patch does two things: Fix possible unsoundness in what was called
    the "IO hack" and implement part 2.1 of the "fixing precise exceptions"
    plan in
    https://gitlab.haskell.org/ghc/ghc/wikis/fixing-precise-exceptions,
    which, in combination with !2956, supersedes !3014 and !2525.
    
    **IO hack**
    
    The "IO hack" (which is a fallback to preserve precise exceptions
    semantics and thus soundness, rather than some smart thing that
    increases precision) is called `exprMayThrowPreciseException` now.
    I came up with two testcases exemplifying possible unsoundness (if
    twisted enough) in the old approach:
    
    - `T13380d`: Demonstrating unsoundness of the "IO hack" when resorting
                 to manual state token threading and direct use of primops.
                 More details below.
    - `T13380e`: Demonstrating unsoundness of the "IO hack" when we have
                 Nested CPR. Not currently relevant, as we don't have Nested
                 CPR yet.
    - `T13380f`: Demonstrating unsoundness of the "IO hack" for safe FFI
                 calls.
    
    Basically, the IO hack assumed that precise exceptions can only be
    thrown from a case scrutinee of type `(# State# RealWorld, _ #)`. I
    couldn't come up with a program using the `IO` abstraction that violates
    this assumption. But it's easy to do so via manual state token threading
    and direct use of primops, see `T13380d`. Also similar code might be
    generated by Nested CPR in the (hopefully not too) distant future, see
    `T13380e`. Hence, we now have a more careful test in `forcesRealWorld`
    that passes `T13380{d,e}` (and will hopefully be robust to Nested CPR).
    
    **Precise exceptions**
    
    In #13380 and #17676 we saw that we didn't preserve precise exception
    semantics in demand analysis. We fixed that with minimal changes in
    !2956, but that was terribly unprincipled.
    
    That unprincipledness resulted in a loss of precision, which is tracked
    by these new test cases:
    
    - `T13380b`: Regression in dead code elimination, because !2956 was too
                 syntactic about `raiseIO#`
    - `T13380c`: No need to apply the "IO hack" when the IO action may not
                 throw a precise exception (and the existing IO hack doesn't
                 detect that)
    
    Fixing both issues in !3014 turned out to be too complicated and had
    the potential to regress in the future. Hence we decided to only fix
    `T13380b` and augment the `Divergence` lattice with a new middle-layer
    element, `ExnOrDiv`, which means either `Diverges` (, throws an
    imprecise exception) or throws a *precise* exception.
    
    See the wiki page on Step 2.1 for more implementational details:
    https://gitlab.haskell.org/ghc/ghc/wikis/fixing-precise-exceptions#dead-code-elimination-for-raiseio-with-isdeadenddiv-introducing-exnordiv-step-21
    9bd20e83