Teach the Swift front-end to generate code with sanitizer coverage #2527
Conversation
|
@jrose-apple I suspect you will have opinions on this PR. Please take a look when you have time. |
| legacy::PassManagerBase &PM) { | ||
| SanitizerCoverageOptions opts; | ||
| opts.CoverageType = sanitizerCoverageType; | ||
| assert(opts.CoverageType != SanitizerCoverageOptions::SCK_None); |
There was a problem hiding this comment.
You should be able to make this a static_assert, since it's a template parameter.
|
This looks really good, Dan. I peppered it with some minor comments but I don't see any real issues. |
|
@jrose-apple Thank you for the review. It turns out I need to extend the |
|
Sounds good, thanks! |
delcypher
force-pushed
the
sanitizer_coverage
branch
from
2833a04 to
1f4d5dc
Compare
|
@jrose-apple You can probably take another look now. Something I'm not very happy about is the introduction of the |
delcypher
force-pushed
the
sanitizer_coverage
branch
from
1f4d5dc to
a66ffc9
Compare
I am leaning toward including the definitions from LLVM rather than copying them over, especially, if what's defined in the LLVM header is identical to what you use. You could also consider splitting the LLVM header into 2. For example, one of them could contain only the definitions of the options. |
I should probably go for that then unless @jrose-apple has objections.
Unfortunately I don't think that is practical. The change would need to be made upstream (I don't want this to be a swift only change to LLVM) which might get some push back and take a while to get accepted upstream which would delay getting this PR merged. |
|
|
||
| ERROR(error_option_missing_required_argument, none, | ||
| "option '%0' is missing a required argument. The required " | ||
| "argument %1", (StringRef, StringRef)) |
There was a problem hiding this comment.
:-/ I'm still unhappy with one of the diagnostic arguments being a whole phrase. How about "option '%0' is missing a required argument (%1)"? That way there's less of a grammatical restriction, and it's also more concise.
There was a problem hiding this comment.
SGTM. I will make this change.
|
I'm torn about the LLVM header. That's not (transitively) a small header, but Anna's right that the duplication isn't worth it. Let's include it for now, but file a bug to split it up upstream as suggested. |
|
Okay. I've addressed @jrose-apple comments (apart from the LLVM header issue. I'm waiting on @rjmccall to give me the okay on that). Looks like this PR won't merge cleanly anymore so I'm going to rebase now and squash everything into a single commit. |
|
For sanitizer tests that crash, please use the following option. This will ensure they do not crash, which is bad because it will generate a crash report. |
delcypher
force-pushed
the
sanitizer_coverage
branch
2 times, most recently
from
43e4439 to
8647614
Compare
Is that necessary here? The single test that use the sanitizer shouldn't be doing anything bad with addresses. The |
delcypher
force-pushed
the
sanitizer_coverage
branch
from
8647614 to
601c31c
Compare
|
@jrose-apple @AnnaZaks This PR has been rebased, modified to use the LLVM header and squashed into a single commit. When you have time please take a look. |
|
You don't have to add that if the test is not reporting any issues. Though, we might want to have it for consistency. |
| @@ -91,6 +94,9 @@ class IRGenOptions { | |||
| /// Which sanitizer is turned on. | |||
| SanitizerKind Sanitize : 2; | |||
|
|
|||
| /// Which sanitizer coverage is turned on. | |||
| llvm::SanitizerCoverageOptions SanitizeCoverage; | |||
There was a problem hiding this comment.
Oops, nitpick: please move this out of the bitfields, so it doesn't stop them from getting merged.
delcypher
force-pushed
the
sanitizer_coverage
branch
3 times, most recently
from
35b1613 to
bce30a0
Compare
Oh looks like you've added a |
|
@jrose-apple Sorry for the issues. I've tried to fix them in the latest version of the commit. |
I've checked which directory you use in this patch before adding mine:)
I call %target-run %t_tsan-binary, which does not work without using 'env'. |
|
Looks good on my end. Thanks for bearing with my feedback! |
|
@jrose-apple Great. Is there anything left for me to do (e.g. triggering test runs)? |
|
@swift-ci test |
|
@AnnaZaks I don't think the Linux build failure is to do with me. It looks like its in lldb. |
|
@swift-ci please test and merge |
1 similar comment
|
@swift-ci please test and merge |
That looks like a real issue. Are these tests supposed to have REQUIRES guards? |
|
|
| // RUN: %target-swift-frontend -emit-ir -sanitize=address -sanitize-coverage=edge,indirect-calls %s | FileCheck %s -check-prefix=SANCOV -check-prefix=SANCOV_INDIRECT_CALLS | ||
| // RUN: %target-swift-frontend -emit-ir -sanitize=address -sanitize-coverage=edge,8bit-counters %s | FileCheck %s -check-prefix=SANCOV -check-prefix=SANCOV_8BIT_COUNTERS | ||
|
|
||
| import Foundation |
There was a problem hiding this comment.
Now that I think of it, please import Darwin instead of Foundation, to make it easier to port this test to Linux later.
There was a problem hiding this comment.
Okay. I'm not sure how that makes porting easier but I'm not familiar enough with these modules to know any better.
There was a problem hiding this comment.
It just means we won't accidentally start introducing dependencies on ObjC and/or Foundation.
Yes they should. I completely forgot about this. I can probably use |
|
You need XFAIL: linux. I suspect you do not need REQUIRES: asan_runtime for the driver tests. The failure above will be addressed by the XFAIL. The REQUIRES will make sure that the engineers that do not check out compiler RT will not run into test failures. |
"Sanitizer Coverage" with a new flag ``-sanitize-coverage=``. This flag is analogous to Clang's ``-fsanitize-coverage=``. This instrumentation currently requires ASan or TSan to be enabled because the module pass created by ``createSanitizerCoverageModulePass()`` inserts calls into functions found in compiler-rt's "sanitizer_common". "sanitizer_common" is not shipped as an individual library but instead exists in several of the sanitizer runtime libraries so we have to link with one of them to avoid linking errors. The rationale between adding this feature is to allow experimentation with libFuzzer which currently relies on "Sanitizer Coverage" instrumentation.
delcypher
force-pushed
the
sanitizer_coverage
branch
from
bce30a0 to
827f573
Compare
|
@AnnaZaks Okay I've made the changes. Could you re-run the tests? |
|
@swift-ci please test and merge |
|
@jrose-apple @AnnaZaks |
|
Yeah, we're seeing this on master too. I think it's okay to merge. |
|
@jrose-apple Okay I'm merging then. Fingers crossed... |
What's in this pull request?
Teach the Swift front-end to generate code with "Sanitizer Coverage" with a new command line flag
-sanitize-coverage=. This flag is analogous to Clang's-fsanitize-coverage=.This instrumentation currently requires ASan or TSan to be enabled
because the module pass created by
createSanitizerCoverageModulePass()inserts calls into functions found in compiler-rt's "sanitizer_common".
"sanitizer_common" is not shipped as an individual library but instead
exists in several of the sanitizer runtime libraries so we have to
link with one of them to avoid linking errors.
The rationale between adding this feature is to allow experimentation
with libFuzzer which currently relies on "Sanitizer Coverage"
instrumentation.
CC: @AnnaZaks @devincoughlin
Before merging this pull request to apple/swift repository:
Triggering Swift CI
The swift-ci is triggered by writing a comment on this PR addressed to the GitHub user @swift-ci. Different tests will run depending on the specific comment that you use. The currently available comments are:
Smoke Testing
Validation Testing
Note: Only members of the Apple organization can trigger swift-ci.