Add a flag to make CHECK failures non-fatal for debugging.
#4835
Conversation
`toolchain/autoupdate_testdata.py --allow-check-fail` can now be used to perform an autoupdate even if some `CARBON_CHECK`s are failing. What this does will depend on how the toolchain behaves after the `CHECK` failure, and of course there's no guarantees there, but this can be useful if it's easier to debug the `CHECK` failure by looking at the produced SemIR. Internally, this uses `bazel build --config=non-fatal-checks`, which in turn specifies a `--per_file_copt` for `check_internal.cpp`. The intent here is that the rebuild required to enable or disable this mode is as small as reasonably possible. This mode is not compatible with `-c opt`, as it's important that check failure calls are `[[noreturn]]` in `-c opt` mode.
toolchain/autoupdate_testdata.py
Outdated
| @@ -37,11 +38,22 @@ def main() -> None: | |||
| else: | |||
| exit(f"Build mode not found in `bazel-bin` symlink: {link}") | |||
|
|
|||
| # TODO: Add proper argument parsing. | |||
| if "--allow-check-fail" in args: | |||
There was a problem hiding this comment.
Had you considered --non-fatal-checks to match the --config?
There was a problem hiding this comment.
Yeah, I've gone back and forth on this. I found this flag name more intuitive when running autoupdate_testdata, but using a single name also seems nice, and this name doesn't work so well for the config. If you have a strong opinion I'm happy to defer to that.
There was a problem hiding this comment.
I have a slight leaning towards the same name because it's niche, so my instinct is keeping the same name in spots would make it clearer that they're closely related. I wouldn't call it a strong opinion though.
Perhaps a different name would help -- maybe no-abort-on-check (or disable-check-abort, or similar) or log[ging]-checks? Mirroring something similar to the #ifdef... I don't know if any of those names sound better to you in the various spots.
There was a problem hiding this comment.
A slight leaning is more than I have, so I've gone with non-fatal-checks throughout.
Co-authored-by: Jon Ross-Perkins <jperkins@google.com>
|
BTW, LG with the argparse changes, sorry about my |
|
I don't really want to block this landing, but I do feel very nervous about it. Specifically, I'm very nervous about something that is only sometimes no-return. For example, won't this build mode be flaky with This is debug only, and so I'm fine if we want to experiment with it and see if its useful. But I think this is even more brittle than it is described. Mostly, I don't want us to start slowly accumulating changes to work around when |
I think zygoloid is taking advantage of a very peculiar trick: This means only the implementation of It's weird and potentially risky, and yes brittle, but when it's mainly for debug (and also default-off) I'm kind of okay with that if it helps zygoloid. I think it's better than the alternative mentioned of adding another |
So this should not in any way affect flow-sensitive reachability. It does affect path-sensitive reachability, but I'm assuming that that (a) won't affect diagnostics, and (b) doesn't really matter outside |
toolchain/autoupdate_testdata.py --allow-check-failcan now be used to perform an autoupdate even if someCARBON_CHECKs are failing. What this does will depend on how the toolchain behaves after theCHECKfailure, and of course there's no guarantees there, but this can be useful if it's easier to debug theCHECKfailure by looking at the produced SemIR.Internally, this uses
bazel build --config=non-fatal-checks, which in turn specifies a--per_file_coptforcheck_internal.cpp. The intent here is that the rebuild required to enable or disable this mode is as small as reasonably possible.This mode is not compatible with
-c opt, as it's important that check failure calls are[[noreturn]]in-c optmode.