-
Notifications
You must be signed in to change notification settings - Fork 13k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
sanitizers: Stabilize AddressSanitizer and LeakSanitizer for the Tier 1 targets #123617
base: master
Are you sure you want to change the base?
Conversation
rustbot has assigned @compiler-errors. Use |
Some changes occurred in src/tools/compiletest cc @jieyouxu These commits modify compiler targets. |
r? @davidtwco |
This comment has been minimized.
This comment has been minimized.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd like to see tests that exercise things like -Csanitizer=non-existent
and -Zsanitizer=non-existent
, and also -Zsanitizer=stable-sanitizer
1 (e.g. an x86_64-unknown-linux-gnu test for a stable sanitizer) and -Csanitizer=unstable-sanitizer
(I believe you can add a run-make test with a custom target that has no sanitizers enabled for it?)
Footnotes
-
What do we do if we pass
-Zsanitizer
with a stable sanitizer? Should we error? Presumably not, but I would assume we'd want to at least warn the users that the sanitizer has been stabilized and they should be using-C
, just like we do for feature gates. ↩
Documentation will need an update. Is something like |
This is unusable to most stable Rust users, right? It requires either |
This comment has been minimized.
This comment has been minimized.
This comment was marked as resolved.
This comment was marked as resolved.
cec660e
to
17eff53
Compare
This comment has been minimized.
This comment has been minimized.
This comment was marked as resolved.
This comment was marked as resolved.
17eff53
to
f81f25d
Compare
This comment has been minimized.
This comment has been minimized.
f81f25d
to
2cfed6e
Compare
Thank you everyone again for the patience and the time while I went through all the issues listed here. Here are the final updates about these issues:
I also added AddressSanitizer for aarch64-apple-darwin since it was promoted to Tier 1 in #128592, but let me know if anyone has any objections. Otherwise, this PR should be ready to be merged. Thank you to everyone that contributed to and in this PR! Also thank you very much for helping me out with pushing this through the last mile, @tmiasko, @1c3t3a, and @jakos-sec! It was much appreciated. |
72102f8
to
01822f2
Compare
This comment has been minimized.
This comment has been minimized.
01822f2
to
dae2b7a
Compare
This comment has been minimized.
This comment has been minimized.
dae2b7a
to
4f14c34
Compare
This comment has been minimized.
This comment has been minimized.
4f14c34
to
89d1ada
Compare
☔ The latest upstream changes (presumably #134516) made this pull request unmergeable. Please resolve the merge conflicts. |
89d1ada
to
98c6364
Compare
Add suppport for specifying stable sanitizers in addition to the existing supported sanitizers.
Stabilize AddressSanitizer and LeakSanitizer for the Tier 1 targets that support them.
98c6364
to
2d45cd8
Compare
This comment has been minimized.
This comment has been minimized.
Stabilize the `no_sanitize` attribute so stable sanitizers can also be selectively disabled for annotated functions.
Stabilize AddressSanitizer for aarch64-apple-darwin since it was promoted to Tier 1 in rust-lang#128592.
2d45cd8
to
38419ea
Compare
Add documentation for the `no_sanitize` attribute, being stabilized in rust-lang/rust#123617 along with AddressSanitizer and LeakSanitizer.
Add documentation for the `no_sanitize` attribute, being stabilized in rust-lang/rust#123617 along with AddressSanitizer and LeakSanitizer.
Need { | ||
name: "needs-sanitizer-kasan", | ||
condition: cache.sanitizer_kasan, | ||
name: "needs-sanitizer-kernel-address", | ||
condition: cache.sanitizer_kernel_address, | ||
ignore_reason: "ignored on targets without kernel address sanitizer", | ||
}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Suggestion: since this is renaming that particular sanitizer directive, could you please update https://rustc-dev-guide.rust-lang.org/tests/directives.html#controlling-when-tests-are-run (repo is https://github.com/rust-lang/rustc-dev-guide) about this particular rename? I think the current needs-sanitizer-*
docs are already somewhat outdated but yeah.
@rfcbot fcp cancel // The bot will ignore me.
Lang owns attributes, so this proposed FCP will need to include lang. I wouldn't yet repropose FCP, because I don't see immediately if or where we've ever discussed this matter, and we may want to consider other spellings. E.g., @ehuss proposed When we do repropose FCP, we can check the boxes checked here: And we'll also need to refile @wesleywiser's concern from here: |
This option allows for use of one or more of these sanitizers: | ||
|
||
* [AddressSanitizer | ||
(ASan)](https://doc.rust-lang.org/rustc/sanitizers.html#addresssanitizer): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
All links to books should be relative (this helps with offline viewing and linkchecking).
(ASan)](https://doc.rust-lang.org/rustc/sanitizers.html#addresssanitizer): | |
(ASan)](../sanitizers.md#addresssanitizer): |
(ASan)](https://doc.rust-lang.org/rustc/sanitizers.html#addresssanitizer): | ||
Detects memory errors (e.g., buffer overflows, use after free). | ||
* [LeakSanitizer | ||
(LSan)](https://doc.rust-lang.org/rustc/sanitizers.html#leaksanitizer): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
(LSan)](https://doc.rust-lang.org/rustc/sanitizers.html#leaksanitizer): | |
(LSan)](../sanitizers.md#leaksanitizer): |
For more information about the Sanitizers, see the [Sanitizers | ||
chapter](https://doc.rust-lang.org/rustc/sanitizers.html) of [The rustc | ||
book](https://doc.rust-lang.org/rustc/). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For more information about the Sanitizers, see the [Sanitizers | |
chapter](https://doc.rust-lang.org/rustc/sanitizers.html) of [The rustc | |
book](https://doc.rust-lang.org/rustc/). | |
For more information about the Sanitizers, see the [Sanitizers | |
chapter](../sanitizers.md). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For more information about the Sanitizers, see the [Sanitizers | |
chapter](https://doc.rust-lang.org/rustc/sanitizers.html) of [The rustc | |
book](https://doc.rust-lang.org/rustc/). | |
For more information about the available sanitizers, see the [Sanitizers | |
chapter](../sanitizers.md). |
Add support for specifying stable sanitizers in addition to the existing supported sanitizers, remove the
-Zsanitizer
unstable option and have only the-Csanitize
codegen option, requiring the-Zunstable-options
to be passed for using unstable sanitizers, add AddressSanitizer and LeakSanitizer for the Tier 1 targets that support them, and also stabilize theno_sanitize
attribute so stable sanitizers can also be selectively disabled for annotated functions.. The tracking issue for stabilizing the sanitizers is #123615. This is part of our work to stabilize support for sanitizers in the Rust compiler. (See our roadmap at https://hackmd.io/@rcvalle/S1Ou9K6H6.)Stabilization Report
Summary
We would like to propose stabilizing AddressSanitizer and LeakSanitizer for the Tier 1 targets that support them, and stabilize the
no_sanitize
attribute so stable sanitizers can also be selectively disabled for annotated functions.. This will be done by-Zsanitizer
unstable option and having only the-Csanitize
codegen option, and requiring the-Zunstable-options
to be passed for using unstable sanitizers.no_sanitize
attribute.After stabilizing these sanitizers, the supported sanitizers will look like this:
The tracking issue for stabilizing the sanitizers is #123615. This is part of our work to stabilize support for sanitizers in the Rust compiler. (See our roadmap at https://hackmd.io/@rcvalle/S1Ou9K6H6.)
Documentation
Documentation will be updated by adding documentation for the
-Csanitizer
codegen option to the Codegen Options in the The rustc book.Tests
You may find current and will find additional test cases for the sanitizers in:
Unresolved questions
We will prioritize stabilizing sanitizers that provide incremental value without requiring rebuilding the Rust Standard Library (i.e., Cargo build-std feature). We're also working on Partial compilation using MIR-only rlibs compiler-team#738, which should help with
-Zbuild-std
.