Open LebedevRI opened 1 year ago
vchuravy
commented
1 year ago Yes I think that would be a welcomed addition. I long wanted to have support for tsan in a similar addition.
We will have to talk about how this interacts with cached object files / multi-versioning.
cc: @pchintalapudi
LebedevRI
commented
1 year ago Great to hear!
I'm going to take a look then...
LebedevRI
commented
1 year ago Two observations so far:
Assertion in RTDyldMemoryManagerJL::allocateCodeSection
// allocating more than one code section can confuse libunwind.
assert(!code_allocated);(https://github.com/JuliaLang/julia/commit/8533a1c40a62e2ae874ae4e3eb6719af24aa34e8#diff-8186bd96ba9aaa52f867b0e1d5e203800b1d15c4f2c2d8b332bb120744b7da85R761-R762) fails with sancov too. While i have workarounded that by disabling it when sancov is enabled, it raises the question, is the comment still true/relevant?
I haven't solved this yet, but looks like a stub hooks will need to be provided (effectively, https://godbolt.org/z/78ExvTzsY), otherwise even init_f16_funcs() crashes. The interesting question being their linkage, since we'd want for the real hooks to override the stubs.
pchintalapudi
commented
1 year ago 1 should be solved by turning on JITLink (in src/jitlayers.h), 2 may need 1 or 2 new JITDylib linked in the correct order to allow overriding.
LebedevRI
commented
1 year ago 1 should be solved by turning on JITLink (in src/jitlayers.h)
Looking at that file, i see the point. But the problem is, it's not known at the time the julia itself is compiled whether or not sancov is enabled, it's a run-time setting, so that would effectively require the julia to completely migrate to JITLink.
2 may need 1 or 2 new JITDylib linked in the correct order to allow overriding.
Yeah, that's the rough plan i guess.
pchintalapudi
commented
1 year ago I think if you want a sancov-capable build there should be a flag that turns on JITLink, but then also does the runtime check for the sancov flag. Turning on JITLink on your chosen platform shouldn't harm the JIT (and if it does, we'd like to hear about it) unless the platform isn't supported by JITLink.
LebedevRI
commented
1 year ago I think if you want a sancov-capable build there should be a flag that turns on JITLink
... which would be default-on.
LebedevRI
commented
1 year ago Ok, with JL_USE_JITLINK, stubs seem to work, and (non-fuzzing) julia --sanitizer-coverage is usable,
but there's now this weird JIT session error: Duplicate section issue.,
i'm guessing pass-generated instrumentation functions happen to end up in different section?
pchintalapudi
commented
1 year ago @code_llvm raw=true dump_module=true might provide additional helpful info here.
vchuravy
commented
1 year ago And you can use the environment variable JULIA_LLVM_ARGS to pass flags like you would to opt. IIRC JITLink has some options to get more information.
LebedevRI
commented
1 year ago (thank you, i'm aware of those tricks, that was more of a rhetorical question)
LebedevRI
commented
1 year ago FTR, here's the complete output of:
JULIA_LLVM_ARGS="-print-before-all -debug" /builddirs/julia-dev/julia -Cnative -Jusr/lib/julia/sys-debug.so --depwarn=error --check-bounds=yes -g1 --startup-file=no --startup-file=no --color=no --sanitizer-coverage -E"Bool(Base.JLOptions().sanitizer_coverage)" &> log.txt:
log.txt
It is a bit unobvious which sections are the problem, but i guess it's
12: Creating section for "__sancov_guards"
13: Creating section for "__sancov_pcs"
14: ".rela__sancov_pcs" is not an SHF_ALLOC section: No graph section will be created.
15: Creating section for "__sancov_guards"
16: Creating section for "__sancov_pcs"
I wonder if we could just uniquify section names for all LLVM IR globals? Or is that generally undesired in Julia?
vchuravy
commented
1 year ago What do you mean by that?
Maybe @lhames as an idea.
LebedevRI
commented
1 year ago What do you mean by that?
Effectively, the same what -ffunction-sections does: https://godbolt.org/z/PrnYr38a9
)Just go through each global, and if it is in a section that we have already seen, change it's section to a new one.
Would it be considered acceptable to add (at least a) a front-end switch (
julia --sanitizer-coverage?) to control insertion of said pass into the LLVM pass pipeline (close to where sanitizer passes are handled)?The long story is, i have a C++ codebase, and in my expirience, having more than one implementation is paramount to weeding-out various issues, so i'm somewhat interested in having a second implementation of said codebase. But just having a second implementation isn't sufficient, the key is to be able to compare their externally-observable side-effects, and fuzzing is rather invaluable there, and that strongly suggests AOT compilation and guided fuzzing, and thus coverage is needed (thus, subj).