This is an archive of the discontinued LLVM Phabricator instance.

Differential D131084

Add support for specifying the severity of a SARIF Result.
ClosedPublic

Authored by vaibhav.y on Aug 3 2022, 10:52 AM.

Details

Reviewers
aaron.ballman
cjdb
denik
abrahamcd
dbeer1
Commits
rG1bd2b2dce2a9: Add support for specifying the severity of a SARIF Result
Summary
  • Extend SarifResult with level property, and allow rule configuration
  • Create SarifReportingConfiguration which allow configuring rules with a default priority, severity and an enable-toggle
  • Support for setting the level property[1] of a result.

If unset, it defaults to "warning", which is the result of an empty default configuration on rules[2]

[1]: https://docs.oasis-open.org/sarif/sarif/v2.1.0/os/sarif-v2.1.0-os.html#_Toc34317648
[2]: https://docs.oasis-open.org/sarif/sarif/v2.1.0/os/sarif-v2.1.0-os.html#_Toc34317855

Diff Detail

Event Timeline

vaibhav.y created this revision.Aug 3 2022, 10:52 AM
Herald added a project: Restricted Project. · View Herald TranscriptAug 3 2022, 10:52 AM
vaibhav.y edited the summary of this revision. (Show Details)Aug 3 2022, 10:53 AM
vaibhav.y edited the summary of this revision. (Show Details)
vaibhav.y updated this revision to Diff 449713.Aug 3 2022, 10:55 AM

Update diff

vaibhav.y updated this revision to Diff 449717.Aug 3 2022, 11:00 AM

Rebase on main, set result level to warning by default.

vaibhav.y updated this revision to Diff 449718.Aug 3 2022, 11:04 AM
  • Add differential revision to individual commits
  • Remove unused header
vaibhav.y updated this revision to Diff 449721.Aug 3 2022, 11:07 AM

Fix typo in comment

vaibhav.y edited projects, added Restricted Project; removed Restricted Project.Aug 3 2022, 11:08 AM
vaibhav.y added a subscriber: Restricted Project.
Herald added a project: Restricted Project. · View Herald TranscriptAug 3 2022, 11:08 AM
vaibhav.y removed a project: Restricted Project.Aug 3 2022, 11:08 AM
Herald added a project: Restricted Project. · View Herald TranscriptAug 3 2022, 11:08 AM
vaibhav.y published this revision for review.Aug 3 2022, 11:26 AM

Submitting for review:

Some notes:

There are a couple of ways I think we can acheive this, per the spec:

  1. The reportingDescriptor (rule) objects can be given a default configuration property, which can set the default warning level and other data such as rule parameters etc.
  2. The reportingDescriptor objects can omit the default configuration (which then allows operating with warning as default), and the level is then set when the result is reported.

The first approach would be "more correct", what are your thoughts on this? Would we benefit from having per-diagnostic configuration?

There is also the question about the "kind" of results in clang. From my reading of the spec, it seems that "fail" is the only case that applies to us because:

  • "pass": Implies no issue was found.
  • "open": This value is used by proof-based tools. It could also mean additional assertions required
  • "informational": The specified rule was evaluated and produced a purely informational result that does not indicate the presence of a problem
  • "notApplicable": The rule specified by ruleId was not evaluated, because it does not apply to the analysis target.

Of these "open" and "notApplicable" seem to be ones that *could* come to use but I'm not sure where / what kind of diagnostics would use these. Probably clang-tidy's bugprone-* suite?

Let me know what you think is a good way to approach this wrt clang's diagnostics system.

Herald added a subscriber: cfe-commits. · View Herald TranscriptAug 3 2022, 11:26 AM
vaibhav.y added a subscriber: samanpa.Aug 3 2022, 11:28 AM
cjdb added a comment.Aug 3 2022, 11:38 AM
In D131084#3697211, @vaibhav.y wrote:

Submitting for review:

Some notes:

There are a couple of ways I think we can acheive this, per the spec:

  1. The reportingDescriptor (rule) objects can be given a default configuration property, which can set the default warning level and other data such as rule parameters etc.
  2. The reportingDescriptor objects can omit the default configuration (which then allows operating with warning as default), and the level is then set when the result is reported.

The first approach would be "more correct", what are your thoughts on this? Would we benefit from having per-diagnostic configuration?

There is also the question about the "kind" of results in clang. From my reading of the spec, it seems that "fail" is the only case that applies to us because:

  • "pass": Implies no issue was found.
  • "open": This value is used by proof-based tools. It could also mean additional assertions required
  • "informational": The specified rule was evaluated and produced a purely informational result that does not indicate the presence of a problem
  • "notApplicable": The rule specified by ruleId was not evaluated, because it does not apply to the analysis target.

Of these "open" and "notApplicable" seem to be ones that *could* come to use but I'm not sure where / what kind of diagnostics would use these. Probably clang-tidy's bugprone-* suite?

Let me know what you think is a good way to approach this wrt clang's diagnostics system.

Hmm, we can probably use "informational" for notes, warnings, and remarks, but I'm kinda partial to proposing the latter two upstream.

denik added a comment.Aug 3 2022, 12:22 PM
In D131084#3697256, @cjdb wrote:
In D131084#3697211, @vaibhav.y wrote:

Submitting for review:

Some notes:

There are a couple of ways I think we can acheive this, per the spec:

  1. The reportingDescriptor (rule) objects can be given a default configuration property, which can set the default warning level and other data such as rule parameters etc.
  2. The reportingDescriptor objects can omit the default configuration (which then allows operating with warning as default), and the level is then set when the result is reported.

The first approach would be "more correct", what are your thoughts on this? Would we benefit from having per-diagnostic configuration?

There is also the question about the "kind" of results in clang. From my reading of the spec, it seems that "fail" is the only case that applies to us because:

  • "pass": Implies no issue was found.
  • "open": This value is used by proof-based tools. It could also mean additional assertions required
  • "informational": The specified rule was evaluated and produced a purely informational result that does not indicate the presence of a problem
  • "notApplicable": The rule specified by ruleId was not evaluated, because it does not apply to the analysis target.

Of these "open" and "notApplicable" seem to be ones that *could* come to use but I'm not sure where / what kind of diagnostics would use these. Probably clang-tidy's bugprone-* suite?

Let me know what you think is a good way to approach this wrt clang's diagnostics system.

Hmm, we can probably use "informational" for notes, warnings, and remarks, but I'm kinda partial to proposing the latter two upstream.

I think we can skip kind in the clang diagnostic. I found this:

If kind is absent, it SHALL default to "fail".
If level has any value other than "none" and kind is present, then kind SHALL have the value "fail".

Harbormaster completed remote builds in B179071: Diff 449721.Aug 3 2022, 12:22 PM
vaibhav.y added a comment.Aug 3 2022, 1:03 PM

Hmm, we can probably use "informational" for notes, warnings, and remarks, but I'm kinda partial to proposing the latter two upstream.

Interesting, I agree that remarks could fit under "informational".

As for notes: As I understand it they are always child diagnostics of warnings/errors, so seems it would be okay to associate these with the "fail" kind.

cjdb added a comment.Aug 3 2022, 1:27 PM

It seems I got confused and conflated the two this morning.

In D131084#3697525, @vaibhav.y wrote:

Hmm, we can probably use "informational" for notes, warnings, and remarks, but I'm kinda partial to proposing the latter two upstream.

Interesting, I agree that remarks could fit under "informational".

As for notes: As I understand it they are always child diagnostics of warnings/errors, so seems it would be okay to associate these with the "fail" kind.

I don't think classifying warnings as "fail" is right unless -Werror is being used. For notes, I think there may be two options, if we don't want to use informational:

  • inherit from the parent diagnostic
  • use notApplicable, since they don't have any influence on their own
In D131084#3697308, @denik wrote:
In D131084#3697256, @cjdb wrote:
In D131084#3697211, @vaibhav.y wrote:

Submitting for review:

Some notes:

There are a couple of ways I think we can acheive this, per the spec:

  1. The reportingDescriptor (rule) objects can be given a default configuration property, which can set the default warning level and other data such as rule parameters etc.
  2. The reportingDescriptor objects can omit the default configuration (which then allows operating with warning as default), and the level is then set when the result is reported.

The first approach would be "more correct", what are your thoughts on this? Would we benefit from having per-diagnostic configuration?

There is also the question about the "kind" of results in clang. From my reading of the spec, it seems that "fail" is the only case that applies to us because:

  • "pass": Implies no issue was found.
  • "open": This value is used by proof-based tools. It could also mean additional assertions required
  • "informational": The specified rule was evaluated and produced a purely informational result that does not indicate the presence of a problem
  • "notApplicable": The rule specified by ruleId was not evaluated, because it does not apply to the analysis target.

Of these "open" and "notApplicable" seem to be ones that *could* come to use but I'm not sure where / what kind of diagnostics would use these. Probably clang-tidy's bugprone-* suite?

Let me know what you think is a good way to approach this wrt clang's diagnostics system.

Hmm, we can probably use "informational" for notes, warnings, and remarks, but I'm kinda partial to proposing the latter two upstream.

I think we can skip kind in the clang diagnostic. I found this:

If kind is absent, it SHALL default to "fail".
If level has any value other than "none" and kind is present, then kind SHALL have the value "fail".

If skipping the kind defaults to fail, then we shouldn't skip it, because getting a warning or remark doesn't necessarily mean that the build has failed.

aaron.ballman added a comment.Aug 4 2022, 5:24 AM
In D131084#3697678, @cjdb wrote:

It seems I got confused and conflated the two this morning.

In D131084#3697525, @vaibhav.y wrote:

Hmm, we can probably use "informational" for notes, warnings, and remarks, but I'm kinda partial to proposing the latter two upstream.

Interesting, I agree that remarks could fit under "informational".

As for notes: As I understand it they are always child diagnostics of warnings/errors, so seems it would be okay to associate these with the "fail" kind.

I don't think classifying warnings as "fail" is right unless -Werror is being used. For notes, I think there may be two options, if we don't want to use informational:

  • inherit from the parent diagnostic
  • use notApplicable, since they don't have any influence on their own
In D131084#3697308, @denik wrote:
In D131084#3697256, @cjdb wrote:
In D131084#3697211, @vaibhav.y wrote:

Submitting for review:

Some notes:

There are a couple of ways I think we can acheive this, per the spec:

  1. The reportingDescriptor (rule) objects can be given a default configuration property, which can set the default warning level and other data such as rule parameters etc.
  2. The reportingDescriptor objects can omit the default configuration (which then allows operating with warning as default), and the level is then set when the result is reported.

The first approach would be "more correct", what are your thoughts on this? Would we benefit from having per-diagnostic configuration?

There is also the question about the "kind" of results in clang. From my reading of the spec, it seems that "fail" is the only case that applies to us because:

  • "pass": Implies no issue was found.
  • "open": This value is used by proof-based tools. It could also mean additional assertions required
  • "informational": The specified rule was evaluated and produced a purely informational result that does not indicate the presence of a problem
  • "notApplicable": The rule specified by ruleId was not evaluated, because it does not apply to the analysis target.

Of these "open" and "notApplicable" seem to be ones that *could* come to use but I'm not sure where / what kind of diagnostics would use these. Probably clang-tidy's bugprone-* suite?

Let me know what you think is a good way to approach this wrt clang's diagnostics system.

Hmm, we can probably use "informational" for notes, warnings, and remarks, but I'm kinda partial to proposing the latter two upstream.

I think we can skip kind in the clang diagnostic. I found this:

If kind is absent, it SHALL default to "fail".
If level has any value other than "none" and kind is present, then kind SHALL have the value "fail".

If skipping the kind defaults to fail, then we shouldn't skip it, because getting a warning or remark doesn't necessarily mean that the build has failed.

My suggestion is that we only need to worry about two kinds: fail for warnings and errors and informational for remarks. When the kind if fail, I'd expect we'd use the level warning or error.

Notes are interesting though. Sometimes they're extra information about the diagnostic on the given line, so I was kind of expecting they'd be specified via attachments in that case. But they can also sometimes be used to represent code flow (like in some CFG based warnings where we're showing where something was called from), and they can also sometimes be a related location (like "declared here" notes). Perhaps we may want to expose those to SARIF in different ways depending on the situation?

cjdb added a subscriber: Naghasan.Aug 4 2022, 9:32 AM
In D131084#3699223, @aaron.ballman wrote:
In D131084#3697678, @cjdb wrote:

It seems I got confused and conflated the two this morning.

In D131084#3697525, @vaibhav.y wrote:

Hmm, we can probably use "informational" for notes, warnings, and remarks, but I'm kinda partial to proposing the latter two upstream.

Interesting, I agree that remarks could fit under "informational".

As for notes: As I understand it they are always child diagnostics of warnings/errors, so seems it would be okay to associate these with the "fail" kind.

I don't think classifying warnings as "fail" is right unless -Werror is being used. For notes, I think there may be two options, if we don't want to use informational:

  • inherit from the parent diagnostic
  • use notApplicable, since they don't have any influence on their own
In D131084#3697308, @denik wrote:
In D131084#3697256, @cjdb wrote:
In D131084#3697211, @vaibhav.y wrote:

Submitting for review:

Some notes:

There are a couple of ways I think we can acheive this, per the spec:

  1. The reportingDescriptor (rule) objects can be given a default configuration property, which can set the default warning level and other data such as rule parameters etc.
  2. The reportingDescriptor objects can omit the default configuration (which then allows operating with warning as default), and the level is then set when the result is reported.

The first approach would be "more correct", what are your thoughts on this? Would we benefit from having per-diagnostic configuration?

There is also the question about the "kind" of results in clang. From my reading of the spec, it seems that "fail" is the only case that applies to us because:

  • "pass": Implies no issue was found.
  • "open": This value is used by proof-based tools. It could also mean additional assertions required
  • "informational": The specified rule was evaluated and produced a purely informational result that does not indicate the presence of a problem
  • "notApplicable": The rule specified by ruleId was not evaluated, because it does not apply to the analysis target.

Of these "open" and "notApplicable" seem to be ones that *could* come to use but I'm not sure where / what kind of diagnostics would use these. Probably clang-tidy's bugprone-* suite?

Let me know what you think is a good way to approach this wrt clang's diagnostics system.

Hmm, we can probably use "informational" for notes, warnings, and remarks, but I'm kinda partial to proposing the latter two upstream.

I think we can skip kind in the clang diagnostic. I found this:

If kind is absent, it SHALL default to "fail".
If level has any value other than "none" and kind is present, then kind SHALL have the value "fail".

If skipping the kind defaults to fail, then we shouldn't skip it, because getting a warning or remark doesn't necessarily mean that the build has failed.

My suggestion is that we only need to worry about two kinds: fail for warnings and errors and informational for remarks. When the kind if fail, I'd expect we'd use the level warning or error.

Notes are interesting though. Sometimes they're extra information about the diagnostic on the given line, so I was kind of expecting they'd be specified via attachments in that case. But they can also sometimes be used to represent code flow (like in some CFG based warnings where we're showing where something was called from), and they can also sometimes be a related location (like "declared here" notes). Perhaps we may want to expose those to SARIF in different ways depending on the situation?

I proposed relaxing the kind upstream last night., since I think that it might be good to discern when a warning isn't an error with warning/informational, because then consumers could trivially treat them differently. I think review is the best one for remarks, because some of them do communicate potential problems (remark_fe_backend_optimization_remark_analysis_aliasing is the only public one I can see that's like this, but I do recall a few from ComputeCpp too (cc @Naghasan). Perhaps these ones should instead be promoted to warnings?)

Notes that are exposed as SARIF could be none/informational, while remarks are none/review? A part of my endgame is to see notes be incorporated into their parents, but that's a long way off methinks.

vaibhav.y added a comment.Aug 4 2022, 2:15 PM

A part of my endgame is to see notes be incorporated into their parents, but that's a long way off methinks.

Regarding this, the current best approach the spec provides is using the "locationRelationShip", but the relationships that exist dont' seem to cover cases needed by us. One example is macro-expansion (example from an older proposal for SARIF in clang).

Seems that for locationRelationShip the spec allows producer defined strings:

A locationRelationship object MAY contain a property named kinds whose value is an array of one or more unique (§3.7.3) strings each of which specifies a relationship between theSource and theTarget (see §3.34.1). If kinds is absent, it SHALL default to [ "relevant" ] (see below for the meaning of "relevant").

When possible, SARIF producers SHOULD use the following values, with the specified meanings.

· "includes": The artifact identified by theSource includes the artifact identified by theTarget.

· "isIncludedBy": The artifact identified by theSource is included by the artifact identified by theTarget.

· "relevant": theTarget is relevant to theSource in a way not covered by other relationship kinds.

If none of these values are appropriate, a SARIF producer MAY use any value.

NOTE: Although "relevant" is a catch-all for any relationship not described by the other values, a producer might still wish to define its own more specific values.

In particular, the values defined for logicalLocation.kind (§3.33.7) and threadFlowLocation.kinds (§3.38.8) might prove useful.

abrahamcd added a comment.Aug 5 2022, 11:44 AM
In D131084#3697211, @vaibhav.y wrote:

Submitting for review:

Some notes:

There are a couple of ways I think we can acheive this, per the spec:

  1. The reportingDescriptor (rule) objects can be given a default configuration property, which can set the default warning level and other data such as rule parameters etc.
  2. The reportingDescriptor objects can omit the default configuration (which then allows operating with warning as default), and the level is then set when the result is reported.

The first approach would be "more correct", what are your thoughts on this? Would we benefit from having per-diagnostic configuration?

There is also the question about the "kind" of results in clang. From my reading of the spec, it seems that "fail" is the only case that applies to us because:

  • "pass": Implies no issue was found.
  • "open": This value is used by proof-based tools. It could also mean additional assertions required
  • "informational": The specified rule was evaluated and produced a purely informational result that does not indicate the presence of a problem
  • "notApplicable": The rule specified by ruleId was not evaluated, because it does not apply to the analysis target.

Of these "open" and "notApplicable" seem to be ones that *could* come to use but I'm not sure where / what kind of diagnostics would use these. Probably clang-tidy's bugprone-* suite?

Let me know what you think is a good way to approach this wrt clang's diagnostics system.

@cjdb, @denik, and I discussed the two approaches yesterday, and we thought the first would be the better option (add setDefaultConfig to SarifRule instead of setDiagnosticLevel in SarifResult). We could make use of the defaultConfiguration's "level", "enabled", and "rank" properties to define the different diagnostic types that are currently present in Clang, and it would consolidate that information in a single rule rather than copying it across every result related to that rule. Then we could just have a small set of defaultConfigurations that correspond to the current Clang diagnostic categories that we can choose from when making new rules.

vaibhav.y updated this revision to Diff 451585.Aug 10 2022, 11:36 AM

Update diff:

  • Create class SarifReportingConfiguration:

This should allow rules to specify the defaultConfiguration property

Add tests for:

  • Creating rules with custom reporting configuration
  • Death test for invalid reporting configuration rank
  • Death test for creating a result that references a disabled rule
vaibhav.y added inline comments.Aug 10 2022, 11:40 AM
clang/include/clang/Basic/Sarif.h
264

Is this form preferred for expressing a statically known default value?

cjdb accepted this revision.Aug 10 2022, 12:03 PM
This revision is now accepted and ready to land.Aug 10 2022, 12:03 PM
Harbormaster completed remote builds in B180483: Diff 451585.Aug 10 2022, 2:21 PM
vaibhav.y updated this revision to Diff 451633.Aug 10 2022, 2:33 PM

Autofix clang-tidy readability warnings

vaibhav.y updated this revision to Diff 451635.Aug 10 2022, 2:36 PM

Run git-clang-format

Rebase on upstream

Harbormaster completed remote builds in B180525: Diff 451635.Aug 10 2022, 4:43 PM
vaibhav.y edited the summary of this revision. (Show Details)Aug 11 2022, 6:59 AM
aaron.ballman added inline comments.Aug 11 2022, 8:31 AM
clang/include/clang/Basic/Sarif.h
157

Should this include Remark for diagnostics like: https://github.com/llvm/llvm-project/blob/main/clang/include/clang/Basic/DiagnosticFrontendKinds.td#L55

If not, I think the comments should explain how to map remarks to one of these levels.

clang/lib/Basic/Sarif.cpp
25

Why was this include required?

397–400

(Probably have to re-run clang-format)

vaibhav.y marked an inline comment as not done.Aug 11 2022, 11:08 AM
vaibhav.y added inline comments.
clang/include/clang/Basic/Sarif.h
157

Ack, if we're adding remark, should I also add support the "informational"/"fail" result kind that was previously discussed by you? Currently there's no kind, so we are defaulting to "fail".

clang/lib/Basic/Sarif.cpp
25

It provides llvm_unreachable. so far it was available transitively, must have been added when I implemented resultLevelToStr(...).

I don't feel strongly about keeping this though.

397–400

Good catch! I notice Optional<T> has value_or, is that okay as well here?

aaron.ballman added inline comments.Aug 12 2022, 5:18 AM
clang/include/clang/Basic/Sarif.h
157

I think we should, but it could be done in a follow-up commit. Remarks aren't the most common of diagnostics (they're infrequent unless you're asking for them), but they certainly exist and we should have some plan for them. Doing it as a separate patch means we don't have to think about things like "What does it mean to have an optimization report in SARIF? What should that look like?" quite yet.

clang/lib/Basic/Sarif.cpp
25

Yeah, that's one I'd drop as it's transitively included through many different interfaces already. But I don't feel strongly because IWYU is a nice approach too.

397–400

Oh yes, that's even better!

vaibhav.y marked 4 inline comments as done.Aug 17 2022, 2:05 PM
vaibhav.y added inline comments.
clang/include/clang/Basic/Sarif.h
157

Gotcha, the best way forward for now would be to include the None Level. I'll add support for alternative result kinds as a follow-up task.

vaibhav.y updated this revision to Diff 453427.Aug 17 2022, 2:27 PM
vaibhav.y edited the summary of this revision. (Show Details)

Address review comments:

  • Drop include line that added llvm/Support/ErrorHandling.h
  • Use llvm::Optional::value_or(...) instead of bare conditional
  • Add SarifResultLevel::None type for encoding Remark-like diagnostics.
    • Support for these is not yet complete since it requires a custom result kind (this currently defaults to "fail", thus omitted)
    • Add a comment explaining how diagnostic levels are typically mapped to sarif result levels
Harbormaster completed remote builds in B181835: Diff 453427.Aug 17 2022, 3:09 PM
aaron.ballman accepted this revision.Aug 18 2022, 7:39 AM

LGTM!

vaibhav.y added a comment.Aug 18 2022, 8:10 AM

Thank you! I don't have merge access, will need your help for that :)

For the commit details, I'd like to use:

  • Name: Vaibhav Yenamandra
  • email address: vyenamandra@bloomberg.net
This revision was landed with ongoing or failed builds.Aug 19 2022, 4:15 AM
Closed by commit rG1bd2b2dce2a9: Add support for specifying the severity of a SARIF Result (authored by vaibhav.y, committed by aaron.ballman). · Explain Why
This revision was automatically updated to reflect the committed changes.
aaron.ballman added a commit: rG1bd2b2dce2a9: Add support for specifying the severity of a SARIF Result.
denik mentioned this in D131632: [clang] Enable output of SARIF diagnostics.Aug 19 2022, 3:02 PM

Revision Contents

PathSize
clang/
include/
clang/
Basic/
75 lines
lib/
Basic/
31 lines
unittests/
Basic/
154 lines

Diff 453951

clang/include/clang/Basic/Sarif.h

Show First 20 LinesShow All 139 Lines▼ Show 20 Lines SarifArtifact setMimeType(llvm::StringRef ArtifactMimeType) {
return *this; return *this;
} }
}; };
} // namespace detail } // namespace detail
enum class ThreadFlowImportance { Important, Essential, Unimportant }; enum class ThreadFlowImportance { Important, Essential, Unimportant };
/// The level of severity associated with a \ref SarifResult.
///
/// Of all the levels, \c None is the only one that is not associated with
/// a failure.
///
/// A typical mapping for clang's DiagnosticKind to SarifResultLevel would look
/// like:
/// * \c None: \ref clang::DiagnosticsEngine::Level::Remark, \ref clang::DiagnosticsEngine::Level::Ignored
/// * \c Note: \ref clang::DiagnosticsEngine::Level::Note
/// * \c Warning: \ref clang::DiagnosticsEngine::Level::Warning
aaron.ballmanUnsubmitted
Not Done
ReplyInline Actions

Should this include Remark for diagnostics like: https://github.com/llvm/llvm-project/blob/main/clang/include/clang/Basic/DiagnosticFrontendKinds.td#L55

If not, I think the comments should explain how to map remarks to one of these levels.

aaron.ballman: Should this include `Remark` for diagnostics like: https://github.com/llvm/llvm…
vaibhav.yAuthorUnsubmitted
Not Done
ReplyInline Actions

Ack, if we're adding remark, should I also add support the "informational"/"fail" result kind that was previously discussed by you? Currently there's no kind, so we are defaulting to "fail".

vaibhav.y: Ack, if we're adding `remark`, should I also add support the "informational"/"fail" result kind…
aaron.ballmanUnsubmitted
Not Done
ReplyInline Actions

I think we should, but it could be done in a follow-up commit. Remarks aren't the most common of diagnostics (they're infrequent unless you're asking for them), but they certainly exist and we should have some plan for them. Doing it as a separate patch means we don't have to think about things like "What does it mean to have an optimization report in SARIF? What should that look like?" quite yet.

aaron.ballman: I think we should, but it could be done in a follow-up commit. Remarks aren't the most common…
vaibhav.yAuthorUnsubmitted
Not Done
ReplyInline Actions

Gotcha, the best way forward for now would be to include the None Level. I'll add support for alternative result kinds as a follow-up task.

vaibhav.y: Gotcha, the best way forward for now would be to include the `None` Level. I'll add support for…
/// * \c Error could be generated from one of:
/// - \ref clang::DiagnosticsEngine::Level::Warning with \c -Werror
/// - \ref clang::DiagnosticsEngine::Level::Error
/// - \ref clang::DiagnosticsEngine::Level::Fatal when \ref clang::DiagnosticsEngine::ErrorsAsFatal is set.
///
/// Reference:
/// 1. <a href="https://docs.oasis-open.org/sarif/sarif/v2.1.0/os/sarif-v2.1.0-os.html#_Toc34317648">level property</a>
enum class SarifResultLevel { None, Note, Warning, Error };
/// A thread flow is a sequence of code locations that specify a possible path /// A thread flow is a sequence of code locations that specify a possible path
/// through a single thread of execution. /// through a single thread of execution.
/// A thread flow in SARIF is related to a code flow which describes /// A thread flow in SARIF is related to a code flow which describes
/// the progress of one or more programs through one or more thread flows. /// the progress of one or more programs through one or more thread flows.
/// ///
/// Reference: /// Reference:
/// 1. <a href="https://docs.oasis-open.org/sarif/sarif/v2.1.0/os/sarif-v2.1.0-os.html#_Toc34317744">threadFlow object</a> /// 1. <a href="https://docs.oasis-open.org/sarif/sarif/v2.1.0/os/sarif-v2.1.0-os.html#_Toc34317744">threadFlow object</a>
/// 2. <a href="https://docs.oasis-open.org/sarif/sarif/v2.1.0/os/sarif-v2.1.0-os.html#_Toc34317740">codeFlow object</a> /// 2. <a href="https://docs.oasis-open.org/sarif/sarif/v2.1.0/os/sarif-v2.1.0-os.html#_Toc34317740">codeFlow object</a>
Show All 22 Linespublic:
} }
ThreadFlow setMessage(llvm::StringRef ItemMessage) { ThreadFlow setMessage(llvm::StringRef ItemMessage) {
Message = ItemMessage.str(); Message = ItemMessage.str();
return *this; return *this;
} }
}; };
/// A SARIF Reporting Configuration (\c reportingConfiguration) object contains
/// properties for a \ref SarifRule that can be configured at runtime before
/// analysis begins.
///
/// Reference:
/// 1. <a href="https://docs.oasis-open.org/sarif/sarif/v2.1.0/os/sarif-v2.1.0-os.html#_Toc34317852">reportingConfiguration object</a>
class SarifReportingConfiguration {
friend class clang::SarifDocumentWriter;
bool Enabled = true;
SarifResultLevel Level = SarifResultLevel::Warning;
float Rank = -1.0f;
SarifReportingConfiguration() = default;
public:
static SarifReportingConfiguration create() { return {}; };
SarifReportingConfiguration disable() {
Enabled = false;
return *this;
}
SarifReportingConfiguration enable() {
Enabled = true;
return *this;
}
SarifReportingConfiguration setLevel(SarifResultLevel TheLevel) {
Level = TheLevel;
return *this;
}
SarifReportingConfiguration setRank(float TheRank) {
assert(TheRank >= 0.0f && "Rule rank cannot be smaller than 0.0");
assert(TheRank <= 100.0f && "Rule rank cannot be larger than 100.0");
Rank = TheRank;
return *this;
}
};
/// A SARIF rule (\c reportingDescriptor object) contains information that /// A SARIF rule (\c reportingDescriptor object) contains information that
/// describes a reporting item generated by a tool. A reporting item is /// describes a reporting item generated by a tool. A reporting item is
/// either a result of analysis or notification of a condition encountered by /// either a result of analysis or notification of a condition encountered by
/// the tool. Rules are arbitrary but are identifiable by a hierarchical /// the tool. Rules are arbitrary but are identifiable by a hierarchical
/// rule-id. /// rule-id.
/// ///
/// This builder provides an interface to create SARIF \c reportingDescriptor /// This builder provides an interface to create SARIF \c reportingDescriptor
/// objects via the \ref SarifRule::create static method. /// objects via the \ref SarifRule::create static method.
/// ///
/// Reference: /// Reference:
/// 1. <a href="https://docs.oasis-open.org/sarif/sarif/v2.1.0/os/sarif-v2.1.0-os.html#_Toc34317836">reportingDescriptor object</a> /// 1. <a href="https://docs.oasis-open.org/sarif/sarif/v2.1.0/os/sarif-v2.1.0-os.html#_Toc34317836">reportingDescriptor object</a>
class SarifRule { class SarifRule {
friend class clang::SarifDocumentWriter; friend class clang::SarifDocumentWriter;
std::string Name; std::string Name;
std::string Id; std::string Id;
std::string Description; std::string Description;
std::string HelpURI; std::string HelpURI;
SarifReportingConfiguration DefaultConfiguration;
vaibhav.yAuthorUnsubmitted
Not Done
ReplyInline Actions
std::string HelpURI;
- SarifReportingConfiguration DefaultConfiguration;
-
+ SarifReportingConfiguration DefaultConfiguration = SarifReportingConfiguration::create();
SarifRule() : DefaultConfiguration(SarifReportingConfiguration::create()) {}

Is this form preferred for expressing a statically known default value?

vaibhav.y: Is this form preferred for expressing a statically known default value?
SarifRule() = default; SarifRule() : DefaultConfiguration(SarifReportingConfiguration::create()) {}
public: public:
static SarifRule create() { return {}; } static SarifRule create() { return {}; }
SarifRule setName(llvm::StringRef RuleName) { SarifRule setName(llvm::StringRef RuleName) {
Name = RuleName.str(); Name = RuleName.str();
return *this; return *this;
} }
SarifRule setRuleId(llvm::StringRef RuleId) { SarifRule setRuleId(llvm::StringRef RuleId) {
Id = RuleId.str(); Id = RuleId.str();
return *this; return *this;
} }
SarifRule setDescription(llvm::StringRef RuleDesc) { SarifRule setDescription(llvm::StringRef RuleDesc) {
Description = RuleDesc.str(); Description = RuleDesc.str();
return *this; return *this;
} }
SarifRule setHelpURI(llvm::StringRef RuleHelpURI) { SarifRule setHelpURI(llvm::StringRef RuleHelpURI) {
HelpURI = RuleHelpURI.str(); HelpURI = RuleHelpURI.str();
return *this; return *this;
} }
SarifRule
setDefaultConfiguration(const SarifReportingConfiguration &Configuration) {
DefaultConfiguration = Configuration;
return *this;
}
}; };
/// A SARIF result (also called a "reporting item") is a unit of output /// A SARIF result (also called a "reporting item") is a unit of output
/// produced when one of the tool's \c reportingDescriptor encounters a match /// produced when one of the tool's \c reportingDescriptor encounters a match
/// on the file being analysed by the tool. /// on the file being analysed by the tool.
/// ///
/// This builder provides a \ref SarifResult::create static method that can be /// This builder provides a \ref SarifResult::create static method that can be
/// used to create an empty shell onto which attributes can be added using the /// used to create an empty shell onto which attributes can be added using the
Show All 15 Linesclass SarifResult {
// This type cannot fit all possible indexes representable by JSON, but is // This type cannot fit all possible indexes representable by JSON, but is
// chosen because it is the largest unsigned type that can be safely // chosen because it is the largest unsigned type that can be safely
// converted to an \c int64_t. // converted to an \c int64_t.
uint32_t RuleIdx; uint32_t RuleIdx;
std::string RuleId; std::string RuleId;
std::string DiagnosticMessage; std::string DiagnosticMessage;
llvm::SmallVector<CharSourceRange, 8> Locations; llvm::SmallVector<CharSourceRange, 8> Locations;
llvm::SmallVector<ThreadFlow, 8> ThreadFlows; llvm::SmallVector<ThreadFlow, 8> ThreadFlows;
llvm::Optional<SarifResultLevel> LevelOverride;
SarifResult() = delete; SarifResult() = delete;
explicit SarifResult(uint32_t RuleIdx) : RuleIdx(RuleIdx) {} explicit SarifResult(uint32_t RuleIdx) : RuleIdx(RuleIdx) {}
public: public:
static SarifResult create(uint32_t RuleIdx) { return SarifResult{RuleIdx}; } static SarifResult create(uint32_t RuleIdx) { return SarifResult{RuleIdx}; }
SarifResult setIndex(uint32_t Idx) { SarifResult setIndex(uint32_t Idx) {
Show All 20 Lines
#endif #endif
Locations.assign(DiagLocs.begin(), DiagLocs.end()); Locations.assign(DiagLocs.begin(), DiagLocs.end());
return *this; return *this;
} }
SarifResult setThreadFlows(llvm::ArrayRef<ThreadFlow> ThreadFlowResults) { SarifResult setThreadFlows(llvm::ArrayRef<ThreadFlow> ThreadFlowResults) {
ThreadFlows.assign(ThreadFlowResults.begin(), ThreadFlowResults.end()); ThreadFlows.assign(ThreadFlowResults.begin(), ThreadFlowResults.end());
return *this; return *this;
} }
SarifResult setDiagnosticLevel(const SarifResultLevel &TheLevel) {
LevelOverride = TheLevel;
return *this;
}
}; };
/// This class handles creating a valid SARIF document given various input /// This class handles creating a valid SARIF document given various input
/// attributes. However, it requires an ordering among certain method calls: /// attributes. However, it requires an ordering among certain method calls:
/// ///
/// 1. Because every SARIF document must contain at least 1 \c run, callers /// 1. Because every SARIF document must contain at least 1 \c run, callers
/// must ensure that \ref SarifDocumentWriter::createRun is is called before /// must ensure that \ref SarifDocumentWriter::createRun is is called before
/// any other methods. /// any other methods.
▲ Show 20 LinesShow All 137 LinesShow Last 20 Lines

clang/lib/Basic/Sarif.cpp

Show All 16 Lines
#include "clang/Basic/Sarif.h" #include "clang/Basic/Sarif.h"
#include "clang/Basic/SourceLocation.h" #include "clang/Basic/SourceLocation.h"
#include "clang/Basic/SourceManager.h" #include "clang/Basic/SourceManager.h"
#include "llvm/ADT/ArrayRef.h" #include "llvm/ADT/ArrayRef.h"
#include "llvm/ADT/STLExtras.h" #include "llvm/ADT/STLExtras.h"
#include "llvm/ADT/StringMap.h" #include "llvm/ADT/StringMap.h"
#include "llvm/ADT/StringRef.h" #include "llvm/ADT/StringRef.h"
#include "llvm/Support/ConvertUTF.h" #include "llvm/Support/ConvertUTF.h"
#include "llvm/Support/JSON.h" #include "llvm/Support/JSON.h"
aaron.ballmanUnsubmitted
Done
ReplyInline Actions

Why was this include required?

aaron.ballman: Why was this include required?
vaibhav.yAuthorUnsubmitted
Done
ReplyInline Actions

It provides llvm_unreachable. so far it was available transitively, must have been added when I implemented resultLevelToStr(...).

I don't feel strongly about keeping this though.

vaibhav.y: It provides `llvm_unreachable`. so far it was available transitively, must have been added when…
aaron.ballmanUnsubmitted
Done
ReplyInline Actions

Yeah, that's one I'd drop as it's transitively included through many different interfaces already. But I don't feel strongly because IWYU is a nice approach too.

aaron.ballman: Yeah, that's one I'd drop as it's transitively included through many different interfaces…
#include "llvm/Support/Path.h" #include "llvm/Support/Path.h"
#include <string> #include <string>
#include <utility> #include <utility>
using namespace clang; using namespace clang;
using namespace llvm; using namespace llvm;
▲ Show 20 LinesShow All 141 Lines▼ Show 20 Linesstatic StringRef importanceToStr(ThreadFlowImportance I) {
case ThreadFlowImportance::Essential: case ThreadFlowImportance::Essential:
return "essential"; return "essential";
case ThreadFlowImportance::Unimportant: case ThreadFlowImportance::Unimportant:
return "unimportant"; return "unimportant";
} }
llvm_unreachable("Fully covered switch is not so fully covered"); llvm_unreachable("Fully covered switch is not so fully covered");
} }
static StringRef resultLevelToStr(SarifResultLevel R) {
switch (R) {
case SarifResultLevel::None:
return "none";
case SarifResultLevel::Note:
return "note";
case SarifResultLevel::Warning:
return "warning";
case SarifResultLevel::Error:
return "error";
}
llvm_unreachable("Potentially un-handled SarifResultLevel. "
"Is the switch not fully covered?");
}
static json::Object static json::Object
createThreadFlowLocation(json::Object &&Location, createThreadFlowLocation(json::Object &&Location,
const ThreadFlowImportance &Importance) { const ThreadFlowImportance &Importance) {
return json::Object{{"location", std::move(Location)}, return json::Object{{"location", std::move(Location)},
{"importance", importanceToStr(Importance)}}; {"importance", importanceToStr(Importance)}};
} }
/// @} /// @}
▲ Show 20 LinesShow All 57 Lines▼ Show 20 Linesvoid SarifDocumentWriter::endRun() {
// Since Closed = false here, expect there to be at least 1 Run, anything // Since Closed = false here, expect there to be at least 1 Run, anything
// else is an invalid state. // else is an invalid state.
assert(!Runs.empty() && "There are no runs associated with the document!"); assert(!Runs.empty() && "There are no runs associated with the document!");
// Flush all the rules. // Flush all the rules.
json::Object &Tool = getCurrentTool(); json::Object &Tool = getCurrentTool();
json::Array Rules; json::Array Rules;
for (const SarifRule &R : CurrentRules) { for (const SarifRule &R : CurrentRules) {
json::Object Config{
{"enabled", R.DefaultConfiguration.Enabled},
{"level", resultLevelToStr(R.DefaultConfiguration.Level)},
{"rank", R.DefaultConfiguration.Rank}};
json::Object Rule{ json::Object Rule{
{"name", R.Name}, {"name", R.Name},
{"id", R.Id}, {"id", R.Id},
{"fullDescription", json::Object{{"text", R.Description}}}}; {"fullDescription", json::Object{{"text", R.Description}}},
{"defaultConfiguration", std::move(Config)}};
if (!R.HelpURI.empty()) if (!R.HelpURI.empty())
Rule["helpUri"] = R.HelpURI; Rule["helpUri"] = R.HelpURI;
Rules.emplace_back(std::move(Rule)); Rules.emplace_back(std::move(Rule));
} }
json::Object &Driver = *Tool.getObject("driver"); json::Object &Driver = *Tool.getObject("driver");
Driver["rules"] = std::move(Rules); Driver["rules"] = std::move(Rules);
// Flush all the artifacts. // Flush all the artifacts.
▲ Show 20 LinesShow All 85 Lines▼ Show 20 Linessize_t SarifDocumentWriter::createRule(const SarifRule &Rule) {
CurrentRules.emplace_back(Rule); CurrentRules.emplace_back(Rule);
return Ret; return Ret;
} }
void SarifDocumentWriter::appendResult(const SarifResult &Result) { void SarifDocumentWriter::appendResult(const SarifResult &Result) {
size_t RuleIdx = Result.RuleIdx; size_t RuleIdx = Result.RuleIdx;
assert(RuleIdx < CurrentRules.size() && assert(RuleIdx < CurrentRules.size() &&
"Trying to reference a rule that doesn't exist"); "Trying to reference a rule that doesn't exist");
const SarifRule &Rule = CurrentRules[RuleIdx];
assert(Rule.DefaultConfiguration.Enabled &&
"Cannot add a result referencing a disabled Rule");
json::Object Ret{{"message", createMessage(Result.DiagnosticMessage)}, json::Object Ret{{"message", createMessage(Result.DiagnosticMessage)},
{"ruleIndex", static_cast<int64_t>(RuleIdx)}, {"ruleIndex", static_cast<int64_t>(RuleIdx)},
{"ruleId", CurrentRules[RuleIdx].Id}}; {"ruleId", Rule.Id}};
if (!Result.Locations.empty()) { if (!Result.Locations.empty()) {
json::Array Locs; json::Array Locs;
for (auto &Range : Result.Locations) { for (auto &Range : Result.Locations) {
Locs.emplace_back(createLocation(createPhysicalLocation(Range))); Locs.emplace_back(createLocation(createPhysicalLocation(Range)));
} }
Ret["locations"] = std::move(Locs); Ret["locations"] = std::move(Locs);
} }
if (!Result.ThreadFlows.empty()) if (!Result.ThreadFlows.empty())
Ret["codeFlows"] = json::Array{createCodeFlow(Result.ThreadFlows)}; Ret["codeFlows"] = json::Array{createCodeFlow(Result.ThreadFlows)};
Ret["level"] = resultLevelToStr(
Result.LevelOverride.value_or(Rule.DefaultConfiguration.Level));
json::Object &Run = getCurrentRun(); json::Object &Run = getCurrentRun();
aaron.ballmanUnsubmitted
Done
ReplyInline Actions
Ret["codeFlows"] = json::Array{createCodeFlow(Result.ThreadFlows)};
- if (Result.LevelOverride.hasValue())
- Ret["level"] = resultLevelToStr(Result.LevelOverride.getValue());
- else
- Ret["level"] = resultLevelToStr(Rule.DefaultConfiguration.Level);
+ Ret["level"] = resultLevelToStr(Result.LevelOverride ?
+ *Result.LevelOverride.getValue() :
+ Rule.DefaultConfiguration.Level);
json::Object &Run = getCurrentRun();

(Probably have to re-run clang-format)

aaron.ballman: (Probably have to re-run clang-format)
vaibhav.yAuthorUnsubmitted
Done
ReplyInline Actions

Good catch! I notice Optional<T> has value_or, is that okay as well here?

vaibhav.y: Good catch! I notice Optional<T> has `value_or`, is that okay as well here?
aaron.ballmanUnsubmitted
Done
ReplyInline Actions

Oh yes, that's even better!

aaron.ballman: Oh yes, that's even better!
json::Array *Results = Run.getArray("results"); json::Array *Results = Run.getArray("results");
Results->emplace_back(std::move(Ret)); Results->emplace_back(std::move(Ret));
} }
json::Object SarifDocumentWriter::createDocument() { json::Object SarifDocumentWriter::createDocument() {
// Flush all temporaries to their destinations if needed. // Flush all temporaries to their destinations if needed.
endRun(); endRun();
json::Object Doc{ json::Object Doc{
{"$schema", SchemaURI}, {"$schema", SchemaURI},
{"version", SchemaVersion}, {"version", SchemaVersion},
}; };
if (!Runs.empty()) if (!Runs.empty())
Doc["runs"] = json::Array(Runs); Doc["runs"] = json::Array(Runs);
return Doc; return Doc;
} }

clang/unittests/Basic/SarifTest.cpp

//===- unittests/Basic/SarifTest.cpp - Test writing SARIF documents -------===// //===- unittests/Basic/SarifTest.cpp - Test writing SARIF documents -------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
#include "clang/Basic/Sarif.h" #include "clang/Basic/Sarif.h"
#include "clang/Basic/DiagnosticIDs.h"
#include "clang/Basic/DiagnosticOptions.h" #include "clang/Basic/DiagnosticOptions.h"
#include "clang/Basic/FileManager.h" #include "clang/Basic/FileManager.h"
#include "clang/Basic/FileSystemOptions.h" #include "clang/Basic/FileSystemOptions.h"
#include "clang/Basic/LangOptions.h" #include "clang/Basic/LangOptions.h"
#include "clang/Basic/SourceLocation.h" #include "clang/Basic/SourceLocation.h"
#include "clang/Basic/SourceManager.h" #include "clang/Basic/SourceManager.h"
#include "llvm/ADT/StringRef.h" #include "llvm/ADT/StringRef.h"
#include "llvm/Support/FormatVariadic.h" #include "llvm/Support/FormatVariadic.h"
Show All 9 Lines
using namespace clang; using namespace clang;
namespace { namespace {
using LineCol = std::pair<unsigned int, unsigned int>; using LineCol = std::pair<unsigned int, unsigned int>;
static std::string serializeSarifDocument(llvm::json::Object &&Doc) { static std::string serializeSarifDocument(llvm::json::Object &&Doc) {
std::string Output; std::string Output;
llvm::json::Value value(std::move(Doc)); llvm::json::Value Value(std::move(Doc));
llvm::raw_string_ostream OS{Output}; llvm::raw_string_ostream OS{Output};
OS << llvm::formatv("{0}", value); OS << llvm::formatv("{0}", Value);
OS.flush(); OS.flush();
return Output; return Output;
} }
class SarifDocumentWriterTest : public ::testing::Test { class SarifDocumentWriterTest : public ::testing::Test {
protected: protected:
SarifDocumentWriterTest() SarifDocumentWriterTest()
: InMemoryFileSystem(new llvm::vfs::InMemoryFileSystem), : InMemoryFileSystem(new llvm::vfs::InMemoryFileSystem),
Show All 34 Lines
TEST_F(SarifDocumentWriterTest, canCreateEmptyDocument) { TEST_F(SarifDocumentWriterTest, canCreateEmptyDocument) {
// GIVEN: // GIVEN:
SarifDocumentWriter Writer{SourceMgr}; SarifDocumentWriter Writer{SourceMgr};
// WHEN: // WHEN:
const llvm::json::Object &EmptyDoc = Writer.createDocument(); const llvm::json::Object &EmptyDoc = Writer.createDocument();
std::vector<StringRef> Keys(EmptyDoc.size()); std::vector<StringRef> Keys(EmptyDoc.size());
std::transform(EmptyDoc.begin(), EmptyDoc.end(), Keys.begin(), std::transform(EmptyDoc.begin(), EmptyDoc.end(), Keys.begin(),
[](auto item) { return item.getFirst(); }); [](auto Item) { return Item.getFirst(); });
// THEN: // THEN:
ASSERT_THAT(Keys, testing::UnorderedElementsAre("$schema", "version")); ASSERT_THAT(Keys, testing::UnorderedElementsAre("$schema", "version"));
} }
// Test that a newly inserted run will associate correct tool names // Test that a newly inserted run will associate correct tool names
TEST_F(SarifDocumentWriterTest, canCreateDocumentWithOneRun) { TEST_F(SarifDocumentWriterTest, canCreateDocumentWithOneRun) {
// GIVEN: // GIVEN:
Show All 10 LinesTEST_F(SarifDocumentWriterTest, canCreateDocumentWithOneRun) {
// THEN: // THEN:
// A run was created // A run was created
ASSERT_THAT(Runs, testing::NotNull()); ASSERT_THAT(Runs, testing::NotNull());
// It is the only run // It is the only run
ASSERT_EQ(Runs->size(), 1UL); ASSERT_EQ(Runs->size(), 1UL);
// The tool associated with the run was the tool // The tool associated with the run was the tool
const llvm::json::Object *driver = const llvm::json::Object *Driver =
Runs->begin()->getAsObject()->getObject("tool")->getObject("driver"); Runs->begin()->getAsObject()->getObject("tool")->getObject("driver");
ASSERT_THAT(driver, testing::NotNull()); ASSERT_THAT(Driver, testing::NotNull());
ASSERT_TRUE(Driver->getString("name").has_value());
ASSERT_TRUE(Driver->getString("fullName").has_value());
ASSERT_TRUE(Driver->getString("language").has_value());
ASSERT_TRUE(driver->getString("name").has_value()); EXPECT_EQ(Driver->getString("name").value(), ShortName);
ASSERT_TRUE(driver->getString("fullName").has_value()); EXPECT_EQ(Driver->getString("fullName").value(), LongName);
ASSERT_TRUE(driver->getString("language").has_value()); EXPECT_EQ(Driver->getString("language").value(), "en-US");
EXPECT_EQ(driver->getString("name").value(), ShortName);
EXPECT_EQ(driver->getString("fullName").value(), LongName);
EXPECT_EQ(driver->getString("language").value(), "en-US");
} }
TEST_F(SarifDocumentWriterTest, addingResultsWillCrashIfThereIsNoRun) { TEST_F(SarifDocumentWriterTest, addingResultsWillCrashIfThereIsNoRun) {
#if defined(NDEBUG) || !GTEST_HAS_DEATH_TEST #if defined(NDEBUG) || !GTEST_HAS_DEATH_TEST
GTEST_SKIP() << "This death test is only available for debug builds."; GTEST_SKIP() << "This death test is only available for debug builds.";
#endif #endif
// GIVEN: // GIVEN:
SarifDocumentWriter Writer{SourceMgr}; SarifDocumentWriter Writer{SourceMgr};
// WHEN: // WHEN:
// A SarifDocumentWriter::createRun(...) was not called prior to // A SarifDocumentWriter::createRun(...) was not called prior to
// SarifDocumentWriter::appendResult(...) // SarifDocumentWriter::appendResult(...)
// But a rule exists // But a rule exists
auto RuleIdx = Writer.createRule(SarifRule::create()); auto RuleIdx = Writer.createRule(SarifRule::create());
const SarifResult &EmptyResult = SarifResult::create(RuleIdx); const SarifResult &EmptyResult = SarifResult::create(RuleIdx);
// THEN: // THEN:
auto Matcher = ::testing::AnyOf( auto Matcher = ::testing::AnyOf(
::testing::HasSubstr("create a run first"), ::testing::HasSubstr("create a run first"),
::testing::HasSubstr("no runs associated with the document")); ::testing::HasSubstr("no runs associated with the document"));
ASSERT_DEATH(Writer.appendResult(EmptyResult), Matcher); ASSERT_DEATH(Writer.appendResult(EmptyResult), Matcher);
} }
TEST_F(SarifDocumentWriterTest, settingInvalidRankWillCrash) {
#if defined(NDEBUG) || !GTEST_HAS_DEATH_TEST
GTEST_SKIP() << "This death test is only available for debug builds.";
#endif
// GIVEN:
SarifDocumentWriter Writer{SourceMgr};
// WHEN:
// A SarifReportingConfiguration is created with an invalid "rank"
// * Ranks below 0.0 are invalid
// * Ranks above 100.0 are invalid
// THEN: The builder will crash in either case
EXPECT_DEATH(SarifReportingConfiguration::create().setRank(-1.0),
::testing::HasSubstr("Rule rank cannot be smaller than 0.0"));
EXPECT_DEATH(SarifReportingConfiguration::create().setRank(101.0),
::testing::HasSubstr("Rule rank cannot be larger than 100.0"));
}
TEST_F(SarifDocumentWriterTest, creatingResultWithDisabledRuleWillCrash) {
#if defined(NDEBUG) || !GTEST_HAS_DEATH_TEST
GTEST_SKIP() << "This death test is only available for debug builds.";
#endif
// GIVEN:
SarifDocumentWriter Writer{SourceMgr};
// WHEN:
// A disabled Rule is created, and a result is create referencing this rule
const auto &Config = SarifReportingConfiguration::create().disable();
auto RuleIdx =
Writer.createRule(SarifRule::create().setDefaultConfiguration(Config));
const SarifResult &Result = SarifResult::create(RuleIdx);
// THEN:
// SarifResult::create(...) will produce a crash
ASSERT_DEATH(
Writer.appendResult(Result),
::testing::HasSubstr("Cannot add a result referencing a disabled Rule"));
}
// Test adding rule and result shows up in the final document // Test adding rule and result shows up in the final document
TEST_F(SarifDocumentWriterTest, addingResultWithValidRuleAndRunIsOk) { TEST_F(SarifDocumentWriterTest, addingResultWithValidRuleAndRunIsOk) {
// GIVEN: // GIVEN:
SarifDocumentWriter Writer{SourceMgr}; SarifDocumentWriter Writer{SourceMgr};
const SarifRule &Rule = const SarifRule &Rule =
SarifRule::create() SarifRule::create()
.setRuleId("clang.unittest") .setRuleId("clang.unittest")
.setDescription("Example rule created during unit tests") .setDescription("Example rule created during unit tests")
.setName("clang unit test"); .setName("clang unit test");
// WHEN: // WHEN:
Writer.createRun("sarif test", "sarif test runner"); Writer.createRun("sarif test", "sarif test runner");
unsigned RuleIdx = Writer.createRule(Rule); unsigned RuleIdx = Writer.createRule(Rule);
const SarifResult &result = SarifResult::create(RuleIdx); const SarifResult &Result = SarifResult::create(RuleIdx);
Writer.appendResult(result); Writer.appendResult(Result);
const llvm::json::Object &Doc = Writer.createDocument(); const llvm::json::Object &Doc = Writer.createDocument();
// THEN: // THEN:
// A document with a valid schema and version exists // A document with a valid schema and version exists
ASSERT_THAT(Doc.get("$schema"), ::testing::NotNull()); ASSERT_THAT(Doc.get("$schema"), ::testing::NotNull());
ASSERT_THAT(Doc.get("version"), ::testing::NotNull()); ASSERT_THAT(Doc.get("version"), ::testing::NotNull());
const llvm::json::Array *Runs = Doc.getArray("runs"); const llvm::json::Array *Runs = Doc.getArray("runs");
Show All 20 LinesTEST_F(SarifDocumentWriterTest, addingResultWithValidRuleAndRunIsOk) {
// The results are as expected // The results are as expected
EXPECT_EQ(Results->size(), 1UL); EXPECT_EQ(Results->size(), 1UL);
// The artifacts are as expected // The artifacts are as expected
EXPECT_TRUE(Artifacts->empty()); EXPECT_TRUE(Artifacts->empty());
} }
TEST_F(SarifDocumentWriterTest, checkSerializingResults) { TEST_F(SarifDocumentWriterTest, checkSerializingResultsWithDefaultRuleConfig) {
// GIVEN: // GIVEN:
const std::string ExpectedOutput = const std::string ExpectedOutput =
R"({"$schema":"https://docs.oasis-open.org/sarif/sarif/v2.1.0/cos02/schemas/sarif-schema-2.1.0.json","runs":[{"artifacts":[],"columnKind":"unicodeCodePoints","results":[{"message":{"text":""},"ruleId":"clang.unittest","ruleIndex":0}],"tool":{"driver":{"fullName":"sarif test runner","informationUri":"https://clang.llvm.org/docs/UsersManual.html","language":"en-US","name":"sarif test","rules":[{"fullDescription":{"text":"Example rule created during unit tests"},"id":"clang.unittest","name":"clang unit test"}],"version":"1.0.0"}}}],"version":"2.1.0"})"; R"({"$schema":"https://docs.oasis-open.org/sarif/sarif/v2.1.0/cos02/schemas/sarif-schema-2.1.0.json","runs":[{"artifacts":[],"columnKind":"unicodeCodePoints","results":[{"level":"warning","message":{"text":""},"ruleId":"clang.unittest","ruleIndex":0}],"tool":{"driver":{"fullName":"sarif test runner","informationUri":"https://clang.llvm.org/docs/UsersManual.html","language":"en-US","name":"sarif test","rules":[{"defaultConfiguration":{"enabled":true,"level":"warning","rank":-1},"fullDescription":{"text":"Example rule created during unit tests"},"id":"clang.unittest","name":"clang unit test"}],"version":"1.0.0"}}}],"version":"2.1.0"})";
SarifDocumentWriter Writer{SourceMgr}; SarifDocumentWriter Writer{SourceMgr};
const SarifRule &Rule = const SarifRule &Rule =
SarifRule::create() SarifRule::create()
.setRuleId("clang.unittest") .setRuleId("clang.unittest")
.setDescription("Example rule created during unit tests") .setDescription("Example rule created during unit tests")
.setName("clang unit test"); .setName("clang unit test");
// WHEN: A run contains a result // WHEN: A run contains a result
Writer.createRun("sarif test", "sarif test runner", "1.0.0"); Writer.createRun("sarif test", "sarif test runner", "1.0.0");
unsigned ruleIdx = Writer.createRule(Rule); unsigned RuleIdx = Writer.createRule(Rule);
const SarifResult &Result = SarifResult::create(ruleIdx); const SarifResult &Result = SarifResult::create(RuleIdx);
Writer.appendResult(Result);
std::string Output = serializeSarifDocument(Writer.createDocument());
// THEN:
ASSERT_THAT(Output, ::testing::StrEq(ExpectedOutput));
}
TEST_F(SarifDocumentWriterTest, checkSerializingResultsWithCustomRuleConfig) {
// GIVEN:
const std::string ExpectedOutput =
R"({"$schema":"https://docs.oasis-open.org/sarif/sarif/v2.1.0/cos02/schemas/sarif-schema-2.1.0.json","runs":[{"artifacts":[],"columnKind":"unicodeCodePoints","results":[{"level":"error","message":{"text":""},"ruleId":"clang.unittest","ruleIndex":0}],"tool":{"driver":{"fullName":"sarif test runner","informationUri":"https://clang.llvm.org/docs/UsersManual.html","language":"en-US","name":"sarif test","rules":[{"defaultConfiguration":{"enabled":true,"level":"error","rank":35.5},"fullDescription":{"text":"Example rule created during unit tests"},"id":"clang.unittest","name":"clang unit test"}],"version":"1.0.0"}}}],"version":"2.1.0"})";
SarifDocumentWriter Writer{SourceMgr};
const SarifRule &Rule =
SarifRule::create()
.setRuleId("clang.unittest")
.setDescription("Example rule created during unit tests")
.setName("clang unit test")
.setDefaultConfiguration(SarifReportingConfiguration::create()
.setLevel(SarifResultLevel::Error)
.setRank(35.5));
// WHEN: A run contains a result
Writer.createRun("sarif test", "sarif test runner", "1.0.0");
unsigned RuleIdx = Writer.createRule(Rule);
const SarifResult &Result = SarifResult::create(RuleIdx);
Writer.appendResult(Result); Writer.appendResult(Result);
std::string Output = serializeSarifDocument(Writer.createDocument()); std::string Output = serializeSarifDocument(Writer.createDocument());
// THEN: // THEN:
ASSERT_THAT(Output, ::testing::StrEq(ExpectedOutput)); ASSERT_THAT(Output, ::testing::StrEq(ExpectedOutput));
} }
// Check that serializing artifacts from results produces valid SARIF // Check that serializing artifacts from results produces valid SARIF
TEST_F(SarifDocumentWriterTest, checkSerializingArtifacts) { TEST_F(SarifDocumentWriterTest, checkSerializingArtifacts) {
// GIVEN: // GIVEN:
const std::string ExpectedOutput = const std::string ExpectedOutput =
R"({"$schema":"https://docs.oasis-open.org/sarif/sarif/v2.1.0/cos02/schemas/sarif-schema-2.1.0.json","runs":[{"artifacts":[{"length":40,"location":{"index":0,"uri":"file:///main.cpp"},"mimeType":"text/plain","roles":["resultFile"]}],"columnKind":"unicodeCodePoints","results":[{"locations":[{"physicalLocation":{"artifactLocation":{"index":0},"region":{"endColumn":14,"startColumn":14,"startLine":3}}}],"message":{"text":"expected ';' after top level declarator"},"ruleId":"clang.unittest","ruleIndex":0}],"tool":{"driver":{"fullName":"sarif test runner","informationUri":"https://clang.llvm.org/docs/UsersManual.html","language":"en-US","name":"sarif test","rules":[{"fullDescription":{"text":"Example rule created during unit tests"},"id":"clang.unittest","name":"clang unit test"}],"version":"1.0.0"}}}],"version":"2.1.0"})"; R"({"$schema":"https://docs.oasis-open.org/sarif/sarif/v2.1.0/cos02/schemas/sarif-schema-2.1.0.json","runs":[{"artifacts":[{"length":40,"location":{"index":0,"uri":"file:///main.cpp"},"mimeType":"text/plain","roles":["resultFile"]}],"columnKind":"unicodeCodePoints","results":[{"level":"error","locations":[{"physicalLocation":{"artifactLocation":{"index":0},"region":{"endColumn":14,"startColumn":14,"startLine":3}}}],"message":{"text":"expected ';' after top level declarator"},"ruleId":"clang.unittest","ruleIndex":0}],"tool":{"driver":{"fullName":"sarif test runner","informationUri":"https://clang.llvm.org/docs/UsersManual.html","language":"en-US","name":"sarif test","rules":[{"defaultConfiguration":{"enabled":true,"level":"warning","rank":-1},"fullDescription":{"text":"Example rule created during unit tests"},"id":"clang.unittest","name":"clang unit test"}],"version":"1.0.0"}}}],"version":"2.1.0"})";
SarifDocumentWriter Writer{SourceMgr}; SarifDocumentWriter Writer{SourceMgr};
const SarifRule &Rule = const SarifRule &Rule =
SarifRule::create() SarifRule::create()
.setRuleId("clang.unittest") .setRuleId("clang.unittest")
.setDescription("Example rule created during unit tests") .setDescription("Example rule created during unit tests")
.setName("clang unit test"); .setName("clang unit test");
Show All 9 LinesTEST_F(SarifDocumentWriterTest, checkSerializingArtifacts) {
FileID MainFileID = FileID MainFileID =
registerSource("/main.cpp", SourceText, /* IsMainFile = */ true); registerSource("/main.cpp", SourceText, /* IsMainFile = */ true);
CharSourceRange SourceCSR = CharSourceRange SourceCSR =
getFakeCharSourceRange(MainFileID, {3, 14}, {3, 14}); getFakeCharSourceRange(MainFileID, {3, 14}, {3, 14});
DiagLocs.push_back(SourceCSR); DiagLocs.push_back(SourceCSR);
const SarifResult &Result = const SarifResult &Result =
SarifResult::create(RuleIdx).setLocations(DiagLocs).setDiagnosticMessage( SarifResult::create(RuleIdx)
"expected ';' after top level declarator"); .setLocations(DiagLocs)
.setDiagnosticMessage("expected ';' after top level declarator")
.setDiagnosticLevel(SarifResultLevel::Error);
Writer.appendResult(Result); Writer.appendResult(Result);
std::string Output = serializeSarifDocument(Writer.createDocument()); std::string Output = serializeSarifDocument(Writer.createDocument());
// THEN: Assert that the serialized SARIF is as expected // THEN: Assert that the serialized SARIF is as expected
ASSERT_THAT(Output, ::testing::StrEq(ExpectedOutput)); ASSERT_THAT(Output, ::testing::StrEq(ExpectedOutput));
} }
TEST_F(SarifDocumentWriterTest, checkSerializingCodeflows) { TEST_F(SarifDocumentWriterTest, checkSerializingCodeflows) {
// GIVEN: // GIVEN:
const std::string ExpectedOutput = const std::string ExpectedOutput =
R"({"$schema":"https://docs.oasis-open.org/sarif/sarif/v2.1.0/cos02/schemas/sarif-schema-2.1.0.json","runs":[{"artifacts":[{"length":27,"location":{"index":1,"uri":"file:///test-header-1.h"},"mimeType":"text/plain","roles":["resultFile"]},{"length":30,"location":{"index":2,"uri":"file:///test-header-2.h"},"mimeType":"text/plain","roles":["resultFile"]},{"length":28,"location":{"index":3,"uri":"file:///test-header-3.h"},"mimeType":"text/plain","roles":["resultFile"]},{"length":41,"location":{"index":0,"uri":"file:///main.cpp"},"mimeType":"text/plain","roles":["resultFile"]}],"columnKind":"unicodeCodePoints","results":[{"codeFlows":[{"threadFlows":[{"locations":[{"importance":"essential","location":{"message":{"text":"Message #1"},"physicalLocation":{"artifactLocation":{"index":1},"region":{"endColumn":8,"endLine":2,"startColumn":1,"startLine":1}}}},{"importance":"important","location":{"message":{"text":"Message #2"},"physicalLocation":{"artifactLocation":{"index":2},"region":{"endColumn":8,"endLine":2,"startColumn":1,"startLine":1}}}},{"importance":"unimportant","location":{"message":{"text":"Message #3"},"physicalLocation":{"artifactLocation":{"index":3},"region":{"endColumn":8,"endLine":2,"startColumn":1,"startLine":1}}}}]}]}],"locations":[{"physicalLocation":{"artifactLocation":{"index":0},"region":{"endColumn":8,"endLine":2,"startColumn":5,"startLine":2}}}],"message":{"text":"Redefinition of 'foo'"},"ruleId":"clang.unittest","ruleIndex":0}],"tool":{"driver":{"fullName":"sarif test runner","informationUri":"https://clang.llvm.org/docs/UsersManual.html","language":"en-US","name":"sarif test","rules":[{"fullDescription":{"text":"Example rule created during unit tests"},"id":"clang.unittest","name":"clang unit test"}],"version":"1.0.0"}}}],"version":"2.1.0"})"; R"({"$schema":"https://docs.oasis-open.org/sarif/sarif/v2.1.0/cos02/schemas/sarif-schema-2.1.0.json","runs":[{"artifacts":[{"length":27,"location":{"index":1,"uri":"file:///test-header-1.h"},"mimeType":"text/plain","roles":["resultFile"]},{"length":30,"location":{"index":2,"uri":"file:///test-header-2.h"},"mimeType":"text/plain","roles":["resultFile"]},{"length":28,"location":{"index":3,"uri":"file:///test-header-3.h"},"mimeType":"text/plain","roles":["resultFile"]},{"length":41,"location":{"index":0,"uri":"file:///main.cpp"},"mimeType":"text/plain","roles":["resultFile"]}],"columnKind":"unicodeCodePoints","results":[{"codeFlows":[{"threadFlows":[{"locations":[{"importance":"essential","location":{"message":{"text":"Message #1"},"physicalLocation":{"artifactLocation":{"index":1},"region":{"endColumn":8,"endLine":2,"startColumn":1,"startLine":1}}}},{"importance":"important","location":{"message":{"text":"Message #2"},"physicalLocation":{"artifactLocation":{"index":2},"region":{"endColumn":8,"endLine":2,"startColumn":1,"startLine":1}}}},{"importance":"unimportant","location":{"message":{"text":"Message #3"},"physicalLocation":{"artifactLocation":{"index":3},"region":{"endColumn":8,"endLine":2,"startColumn":1,"startLine":1}}}}]}]}],"level":"warning","locations":[{"physicalLocation":{"artifactLocation":{"index":0},"region":{"endColumn":8,"endLine":2,"startColumn":5,"startLine":2}}}],"message":{"text":"Redefinition of 'foo'"},"ruleId":"clang.unittest","ruleIndex":0}],"tool":{"driver":{"fullName":"sarif test runner","informationUri":"https://clang.llvm.org/docs/UsersManual.html","language":"en-US","name":"sarif test","rules":[{"defaultConfiguration":{"enabled":true,"level":"warning","rank":-1},"fullDescription":{"text":"Example rule created during unit tests"},"id":"clang.unittest","name":"clang unit test"}],"version":"1.0.0"}}}],"version":"2.1.0"})";
const char *SourceText = "int foo = 0;\n" const char *SourceText = "int foo = 0;\n"
"int foo = 1;\n" "int foo = 1;\n"
"float x = 0.0;\n"; "float x = 0.0;\n";
FileID MainFileID = FileID MainFileID =
registerSource("/main.cpp", SourceText, /* IsMainFile = */ true); registerSource("/main.cpp", SourceText, /* IsMainFile = */ true);
CharSourceRange DiagLoc{getFakeCharSourceRange(MainFileID, {2, 5}, {2, 8})}; CharSourceRange DiagLoc{getFakeCharSourceRange(MainFileID, {2, 5}, {2, 8})};
SarifDocumentWriter Writer{SourceMgr}; SarifDocumentWriter Writer{SourceMgr};
const SarifRule &Rule = const SarifRule &Rule =
SarifRule::create() SarifRule::create()
.setRuleId("clang.unittest") .setRuleId("clang.unittest")
.setDescription("Example rule created during unit tests") .setDescription("Example rule created during unit tests")
.setName("clang unit test"); .setName("clang unit test");
constexpr unsigned int NUM_CASES = 3; constexpr unsigned int NumCases = 3;
llvm::SmallVector<ThreadFlow, NUM_CASES> Threadflows; llvm::SmallVector<ThreadFlow, NumCases> Threadflows;
const char *HeaderTexts[NUM_CASES]{("#pragma once\n" const char *HeaderTexts[NumCases]{("#pragma once\n"
"#include <foo>"), "#include <foo>"),
("#ifndef FOO\n" ("#ifndef FOO\n"
"#define FOO\n" "#define FOO\n"
"#endif"), "#endif"),
("#ifdef FOO\n" ("#ifdef FOO\n"
"#undef FOO\n" "#undef FOO\n"
"#endif")}; "#endif")};
const char *HeaderNames[NUM_CASES]{"/test-header-1.h", "/test-header-2.h", const char *HeaderNames[NumCases]{"/test-header-1.h", "/test-header-2.h",
"/test-header-3.h"}; "/test-header-3.h"};
ThreadFlowImportance Importances[NUM_CASES]{ ThreadFlowImportance Importances[NumCases]{ThreadFlowImportance::Essential,
ThreadFlowImportance::Essential, ThreadFlowImportance::Important, ThreadFlowImportance::Important,
ThreadFlowImportance::Unimportant}; ThreadFlowImportance::Unimportant};
for (size_t Idx = 0; Idx != NUM_CASES; ++Idx) { for (size_t Idx = 0; Idx != NumCases; ++Idx) {
FileID FID = registerSource(HeaderNames[Idx], HeaderTexts[Idx]); FileID FID = registerSource(HeaderNames[Idx], HeaderTexts[Idx]);
CharSourceRange &&CSR = getFakeCharSourceRange(FID, {1, 1}, {2, 8}); CharSourceRange &&CSR = getFakeCharSourceRange(FID, {1, 1}, {2, 8});
std::string Message = llvm::formatv("Message #{0}", Idx + 1); std::string Message = llvm::formatv("Message #{0}", Idx + 1);
ThreadFlow Item = ThreadFlow::create() ThreadFlow Item = ThreadFlow::create()
.setRange(CSR) .setRange(CSR)
.setImportance(Importances[Idx]) .setImportance(Importances[Idx])
.setMessage(Message); .setMessage(Message);
Threadflows.push_back(Item); Threadflows.push_back(Item);
} }
// WHEN: A result containing code flows and diagnostic locations is added // WHEN: A result containing code flows and diagnostic locations is added
Writer.createRun("sarif test", "sarif test runner", "1.0.0"); Writer.createRun("sarif test", "sarif test runner", "1.0.0");
unsigned RuleIdx = Writer.createRule(Rule); unsigned RuleIdx = Writer.createRule(Rule);
const SarifResult &Result = SarifResult::create(RuleIdx) const SarifResult &Result =
SarifResult::create(RuleIdx)
.setLocations({DiagLoc}) .setLocations({DiagLoc})
.setDiagnosticMessage("Redefinition of 'foo'") .setDiagnosticMessage("Redefinition of 'foo'")
.setThreadFlows(Threadflows); .setThreadFlows(Threadflows)
.setDiagnosticLevel(SarifResultLevel::Warning);
Writer.appendResult(Result); Writer.appendResult(Result);
std::string Output = serializeSarifDocument(Writer.createDocument()); std::string Output = serializeSarifDocument(Writer.createDocument());
// THEN: Assert that the serialized SARIF is as expected // THEN: Assert that the serialized SARIF is as expected
ASSERT_THAT(Output, ::testing::StrEq(ExpectedOutput)); ASSERT_THAT(Output, ::testing::StrEq(ExpectedOutput));
} }
} // namespace } // namespace