Re: better error messages through assertions

[Maxim Cournoyer]

Hello Ricardo,

Ricardo Wurmus <rekado@elephly.net> writes:

> Hi Guix,
>
> today on IRC someone reported an ugly error message when reconfiguring
> their system:
>
> Backtrace:
>           18 (primitive-load "/home/me/.config/guix/current/bin/…")
> In guix/ui.scm:
>    2209:7 17 (run-guix . _)
>   2172:10 16 (run-guix-command _ . _)
> In ice-9/boot-9.scm:
>   1752:10 15 (with-exception-handler _ _ #:unwind? _ # _)
> In guix/status.scm:
>     822:3 14 (_)
>     802:4 13 (call-with-status-report _ _)
> In guix/scripts/system.scm:
>    1256:4 12 (_)
> In ice-9/boot-9.scm:
>   1752:10 11 (with-exception-handler _ _ #:unwind? _ # _)
> In guix/store.scm:
>    658:37 10 (thunk)
>    1320:8  9 (call-with-build-handler #<procedure 7fecaf8570c0 at g…> …)
>   2123:24  8 (run-with-store #<store-connection 256.99 7fecb75c7230> …)
> In guix/scripts/system.scm:
>     827:2  7 (_ _)
>     703:7  6 (_ #<store-connection 256.99 7fecb75c7230>)
> In gnu/system.scm:
>   1227:19  5 (operating-system-derivation _)
> In gnu/services.scm:
>    1091:6  4 (instantiate-missing-services _)
> In srfi/srfi-1.scm:
>    460:18  3 (fold #<procedure 7fecb73c0960 at gnu/services.scm:109…> …)
> In gnu/services.scm:
>   1092:27  2 (_ (#<<service> type: #<service-type gdm 7fecbd17f6…> …) …)
> In ice-9/boot-9.scm:
>   1685:16  1 (raise-exception _ #:continuable? _)
>   1685:16  0 (raise-exception _ #:continuable? _)
>
> ice-9/boot-9.scm:1685:16: In procedure raise-exception:
> In procedure struct-vtable: Wrong type argument in position 1 (expecting 
> struct):
>
> As you can probably tell easily by looking at this message, the
> “service” field of the operating system configuration looked something
> like this:
>
>   (services (append (list a b c %desktop-services) #;oops))
>
> instead of this
>
>   (services (append (list a b c) %desktop-services))
>
> This is because INSTANTIATE-MISSING-SERVICES — and FOLD-SERVICES, and
> many more — assumes that it is only passed a plain list of services.  It
> then proceeds to call SERVICE-KIND on what may or may not be a service.
>
> I think we should add simple type checks, something like this:
>
>   (define (listof pred)
>     (lambda (thing)
>      (and (list? thing) (every pred thing))))
>   …
>   (define (assert-type type-check thing message)
>     (or (false-if-exception (type-check thing))
>         (report-error (G_ "type error: …\n" message))))
>
>   ;; Use ASSERT-TYPE in an example procedure.
>   (define (do-something-with-services services)
>     (assert-type (listof service?) services
>                  "SERVICES must be a list of <service> values.")
>
>     ;; Do things…
>     (map service-kind services))
>
> What do you think?  There are many different ways of implementing this
> (a new variant of DEFINE that also accepts a type declaration, an assert
> like above, a fancier assert that composes a helpful error message by
> itself, a separate type declaration that is looked up only when the
> corresponding procedure is called in a certain context, etc), but I’d
> first like to know if there is consensus that we want something like
> this.

I hear we now have "field sanitizers" on Guix records; without having
dug the details, it seems to be we could add a predicate validating the
input there?  The nice thing about it is that it'd be a one place
change, instead of asserts to sprinkle around various places.

Thanks,

Maxim