run-make: Delete `cat-and-grep-sanity-check` and restrict `branch-protection-check-IBT` to stable by Oneirical · Pull Request #129156 · rust-lang/rust

Oneirical · 2024-08-16T15:23:50Z

Part of #121876 and the associated Google Summer of Code project.

First, this PR deletes the now useless cat-and-grep-sanity-check test.

Second, it revisits the branch-protection-check-IBT test, which was disabled due to a nonsensical llvm_components check. #126720 states that the test does work on stable rustc, so let's check this: added //@ only-stable.

If this works, some of the FIXME and commented-out lines will need cleanup before merging.

Please try:

try-job: x86_64-gnu-stable

rustbot · 2024-08-16T15:23:58Z

r? @jieyouxu

rustbot has assigned @jieyouxu.
They will have a look at your PR within the next two weeks and either review your PR or reassign to another reviewer.

Use r? to explicitly pick a reviewer

rustbot · 2024-08-16T15:24:00Z

This PR modifies tests/run-make/. If this PR is trying to port a Makefile
run-make test to use rmake.rs, please update the
run-make port tracking issue
so we can track our progress. You can either modify the tracking issue
directly, or you can comment on the tracking issue and link this PR.

cc @jieyouxu

jieyouxu · 2024-08-16T15:26:11Z

@bors delegate+ (try jobs)

bors · 2024-08-16T15:26:14Z

✌️ @Oneirical, you can now approve this pull request!

If @jieyouxu told you to "r=me" after making some further change, please make that change, then do @bors r=@jieyouxu

Oneirical · 2024-08-16T15:27:53Z

@bors try

run-make: Delete `cat-and-grep-sanity-check` and restrict `branch-protection-check-IBT` to stable Part of rust-lang#121876 and the associated [Google Summer of Code project](https://blog.rust-lang.org/2024/05/01/gsoc-2024-selected-projects.html). First, this PR deletes the now useless `cat-and-grep-sanity-check` test. Second, it revisits the `branch-protection-check-IBT` test, which was disabled due to a nonsensical `llvm_components` check. rust-lang#126720 states that the test does work on stable rustc, so let's check this: added `//@ only-stable`. If this works, some of the FIXME and commented-out lines will need cleanup before merging. Please try: try-job: x86_64-gnu-stable

bors · 2024-08-16T15:29:03Z

⌛ Trying commit 41cd029 with merge 2b85d0b...

Oneirical · 2024-08-16T15:33:27Z

@bors try- (feature request: this should be called bors give up)

Oneirical · 2024-08-16T15:33:47Z

@bors try

bors · 2024-08-16T15:34:57Z

⌛ Trying commit d85d292 with merge 2f217ea...

run-make: Delete `cat-and-grep-sanity-check` and restrict `branch-protection-check-IBT` to stable Part of rust-lang#121876 and the associated [Google Summer of Code project](https://blog.rust-lang.org/2024/05/01/gsoc-2024-selected-projects.html). First, this PR deletes the now useless `cat-and-grep-sanity-check` test. Second, it revisits the `branch-protection-check-IBT` test, which was disabled due to a nonsensical `llvm_components` check. rust-lang#126720 states that the test does work on stable rustc, so let's check this: added `//@ only-stable`. If this works, some of the FIXME and commented-out lines will need cleanup before merging. Please try: try-job: x86_64-gnu-stable

rust-log-analyzer · 2024-08-16T15:35:56Z

The job x86_64-gnu-stable failed! Check out the build log: (web) (plain)

Click to see the possible cause of the failure (guessed by this bot)

file:.git/config remote.origin.url=https://github.com/rust-lang-ci/rust
file:.git/config remote.origin.fetch=+refs/heads/*:refs/remotes/origin/*
file:.git/config gc.auto=0
file:.git/config http.https://github.com/.extraheader=AUTHORIZATION: basic ***
file:.git/config branch.try.remote=origin
file:.git/config branch.try.merge=refs/heads/try
file:.git/config submodule.library/backtrace.url=https://github.com/rust-lang/backtrace-rs.git
file:.git/config submodule.library/stdarch.active=true
file:.git/config submodule.library/stdarch.url=https://github.com/rust-lang/stdarch.git
file:.git/config submodule.src/doc/book.active=true
---
##[endgroup]
[TIMING] core::build_steps::tool::ToolBuild { compiler: Compiler { stage: 0, host: x86_64-unknown-linux-gnu }, target: x86_64-unknown-linux-gnu, tool: "tidy", path: "src/tools/tidy", mode: ToolBootstrap, source_type: InTree, extra_features: [], allow_features: "", cargo_args: [] } -- 29.943
[TIMING] core::build_steps::tool::Tidy { compiler: Compiler { stage: 0, host: x86_64-unknown-linux-gnu }, target: x86_64-unknown-linux-gnu } -- 0.000
tidy check
tidy error: Makefile `/checkout/tests/run-make/branch-protection-check-IBT/Makefile` no longer exists and should be removed from the exclusions in `src/tools/tidy/src/allowed_run_make_makefiles.txt`, you can run `x test tidy --bless` to update the allow list
tidy error: Makefile `/checkout/tests/run-make/cat-and-grep-sanity-check/Makefile` no longer exists and should be removed from the exclusions in `src/tools/tidy/src/allowed_run_make_makefiles.txt`, you can run `x test tidy --bless` to update the allow list
some tidy checks failed
some tidy checks failed
Command has failed. Rerun with -v to see more details.
  local time: Fri Aug 16 15:35:30 UTC 2024
  network time: Fri, 16 Aug 2024 15:35:30 GMT
##[error]Process completed with exit code 1.
Post job cleanup.

tests/run-make/branch-protection-check-IBT/rmake.rs

rust-log-analyzer · 2024-08-16T17:18:27Z

The job x86_64-gnu-stable failed! Check out the build log: (web) (plain)

Click to see the possible cause of the failure (guessed by this bot)

file:.git/config remote.origin.url=https://github.com/rust-lang-ci/rust
file:.git/config remote.origin.fetch=+refs/heads/*:refs/remotes/origin/*
file:.git/config gc.auto=0
file:.git/config http.https://github.com/.extraheader=AUTHORIZATION: basic ***
file:.git/config branch.try.remote=origin
file:.git/config branch.try.merge=refs/heads/try
file:.git/config submodule.library/backtrace.url=https://github.com/rust-lang/backtrace-rs.git
file:.git/config submodule.library/stdarch.active=true
file:.git/config submodule.library/stdarch.url=https://github.com/rust-lang/stdarch.git
file:.git/config submodule.src/doc/book.active=true
---
---- [run-make] tests/run-make/branch-protection-check-IBT stdout ----

error: rmake recipe failed to complete
status: exit status: 101
command: cd "/checkout/obj/build/x86_64-unknown-linux-gnu/test/run-make/branch-protection-check-IBT/rmake_out" && env -u RUSTFLAGS AR="ar" CC="cc" CC_DEFAULT_FLAGS="-ffunction-sections -fdata-sections -fPIC -m64" CXX="c++" CXX_DEFAULT_FLAGS="-ffunction-sections -fdata-sections -fPIC -m64" HOST_RPATH_DIR="/checkout/obj/build/x86_64-unknown-linux-gnu/stage2/lib" LD_LIBRARY_PATH="/checkout/obj/build/x86_64-unknown-linux-gnu/stage0-bootstrap-tools/x86_64-unknown-linux-gnu/release/deps:/checkout/obj/build/x86_64-unknown-linux-gnu/stage0/lib:/checkout/obj/build/x86_64-unknown-linux-gnu/stage2-tools-bin:/checkout/obj/build/x86_64-unknown-linux-gnu/stage2/lib/rustlib/x86_64-unknown-linux-gnu/lib" LD_LIB_PATH_ENVVAR="LD_LIBRARY_PATH" LLVM_BIN_DIR="/checkout/obj/build/x86_64-unknown-linux-gnu/ci-llvm/bin" LLVM_COMPONENTS="aarch64 aarch64asmparser aarch64codegen aarch64desc aarch64disassembler aarch64info aarch64utils aggressiveinstcombine all all-targets analysis arm armasmparser armcodegen armdesc armdisassembler arminfo armutils asmparser asmprinter avr avrasmparser avrcodegen avrdesc avrdisassembler avrinfo binaryformat bitreader bitstreamreader bitwriter bpf bpfasmparser bpfcodegen bpfdesc bpfdisassembler bpfinfo cfguard codegen codegendata codegentypes core coroutines coverage csky cskyasmparser cskycodegen cskydesc cskydisassembler cskyinfo debuginfobtf debuginfocodeview debuginfodwarf debuginfogsym debuginfologicalview debuginfomsf debuginfopdb demangle dlltooldriver dwarflinker dwarflinkerclassic dwarflinkerparallel dwp engine executionengine extensions filecheck frontenddriver frontendhlsl frontendoffloading frontendopenacc frontendopenmp fuzzercli fuzzmutate globalisel hexagon hexagonasmparser hexagoncodegen hexagondesc hexagondisassembler hexagoninfo hipstdpar instcombine instrumentation interfacestub interpreter ipo irprinter irreader jitlink libdriver lineeditor linker loongarch loongarchasmparser loongarchcodegen loongarchdesc loongarchdisassembler loongarchinfo lto m68k m68kasmparser m68kcodegen m68kdesc m68kdisassembler m68kinfo mc mca mcdisassembler mcjit mcparser mips mipsasmparser mipscodegen mipsdesc mipsdisassembler mipsinfo mirparser msp430 msp430asmparser msp430codegen msp430desc msp430disassembler msp430info native nativecodegen nvptx nvptxcodegen nvptxdesc nvptxinfo objcarcopts objcopy object objectyaml option orcdebugging orcjit orcshared orctargetprocess passes powerpc powerpcasmparser powerpccodegen powerpcdesc powerpcdisassembler powerpcinfo profiledata remarks riscv riscvasmparser riscvcodegen riscvdesc riscvdisassembler riscvinfo riscvtargetmca runtimedyld sandboxir scalaropts selectiondag sparc sparcasmparser sparccodegen sparcdesc sparcdisassembler sparcinfo support symbolize systemz systemzasmparser systemzcodegen systemzdesc systemzdisassembler systemzinfo tablegen target targetparser textapi textapibinaryreader transformutils vectorize webassembly webassemblyasmparser webassemblycodegen webassemblydesc webassemblydisassembler webassemblyinfo webassemblyutils windowsdriver windowsmanifest x86 x86asmparser x86codegen x86desc x86disassembler x86info x86targetmca xray xtensa xtensaasmparser xtensacodegen xtensadesc xtensadisassembler xtensainfo" LLVM_FILECHECK="/checkout/obj/build/x86_64-unknown-linux-gnu/ci-llvm/bin/FileCheck" PYTHON="/usr/bin/python3" RUSTC="/checkout/obj/build/x86_64-unknown-linux-gnu/stage2/bin/rustc" RUSTDOC="/checkout/obj/build/x86_64-unknown-linux-gnu/stage2/bin/rustdoc" SOURCE_ROOT="/checkout" TARGET="x86_64-unknown-linux-gnu" TARGET_RPATH_DIR="/checkout/obj/build/x86_64-unknown-linux-gnu/stage2/lib/rustlib/x86_64-unknown-linux-gnu/lib" TARGET_RPATH_ENV="/checkout/obj/build/x86_64-unknown-linux-gnu/test/run-make/branch-protection-check-IBT/rmake_out:/checkout/obj/build/x86_64-unknown-linux-gnu/stage0-bootstrap-tools/x86_64-unknown-linux-gnu/release/deps:/checkout/obj/build/x86_64-unknown-linux-gnu/stage0/lib" "/checkout/obj/build/x86_64-unknown-linux-gnu/test/run-make/branch-protection-check-IBT/rmake"
--- stderr -------------------------------
--- stderr -------------------------------
=== HAYSTACK ===
Displaying notes found in: .note.gnu.build-id
  Owner                Data size  Description
  GNU                  0x00000014 NT_GNU_BUILD_ID (unique build ID bitstring)
    Build ID: f41d700c73e7e4aacdbf360ebe994bb0564b9efb
=== NEEDLE ===
.note.gnu.property
thread 'main' panicked at /checkout/tests/run-make/branch-protection-check-IBT/rmake.rs:27:51:
needle was not found in haystack

bors · 2024-08-16T17:18:40Z

💔 Test failed - checks-actions

jieyouxu

Hm. I'll need to find PG-exploit-mitigations experts to help us take a look. This seems weird.

jieyouxu · 2024-08-21T17:34:06Z

tests/run-make/branch-protection-check-IBT/rmake.rs

 // python3 x.py test --target x86_64-unknown-linux-gnu  tests/run-make/branch-protection-check-IBT/

 //@ only-x86_64
+//@ only-stable


Problem: this can't be correct, it's been in stable since forever, and I don't see any changes that would cause this to not be emitted (yet).

jieyouxu · 2024-08-21T17:34:26Z

tests/run-make/branch-protection-check-IBT/rmake.rs

+//@ only-stable

-//@ ignore-test
 // FIXME(jieyouxu): see the FIXME in the Makefile


Remark (for myself): FIXME

jieyouxu · 2024-08-21T18:22:11Z

tests/run-make/branch-protection-check-IBT/Makefile

-
-all:
-ifeq ($(filter x86,$(LLVM_COMPONENTS)),x86_64)
-	$(RUSTC) --target x86_64-unknown-linux-gnu -Z cf-protection=branch -L$(TMPDIR) -C link-args='-nostartfiles'  -C save-temps  ./main.rs -o $(TMPDIR)/rsmain


Discussion: I used cross to try to reproduce this, and lo-and-behold, there is no .note.gnu.property:

PS E:\Repos\test\huh> cat .\target\x86_64-unknown-linux-gnu\debug\.fingerprint\huh-1e1959310e6cde68\bin-huh.json {"rustc":11041252367277408880,"features":"[]","declared_features":"[]","target":3507701825157409998,"profile":6929766844333714335,"path":10602529704205407992,"deps":[],"local":[{"CheckDepInfo":{"dep_info":"x86_64-unknown-linux-gnu/debug/.fingerprint/huh-1e1959310e6cde68/dep-bin-huh"}}],"rustflags":["-Z","cf-protection=branch","-C","link-args=-nostartfiles"],"metadata":7797948686568424061,"config":2202906307356721367,"compile_kind":9018714775688763800} PS E:\Repos\test\huh> readelf -n .\target\x86_64-unknown-linux-gnu\debug\huh Displaying notes found in: .note.gnu.build-id Owner Data size Description GNU 0x00000014 NT_GNU_BUILD_ID (unique build ID bitstring) Build ID: fa9d90e0ef28addf979dfd4645b35a4a06308327 PS E:\Repos\test\huh>

there is .note.gnu.build-id. I'm suspecting maybe the Intel CET landscape changed to no longer require this note...?

Rejyr got to display the gnu property note by using the following commands:

$ rustc +stable main.rs -o main $ llvm-readobj --elf-output-style=GNU -nW main

Could this have something to do with --elf-output-style=GNU? Or perhaps with the extra flags being passed to rustc?

Ah good point. I need to double-check this with the people who knows about Intel IBT (not to be confused with Arm's BTI, also this is -Z cf-protection=branch, not to be confused with -Z branch-protection). Thanks for the info.

-Z cf-protection: Tracking Issue for control-flow enforcement technology (CET) #93754

-Z branch-protection: Tracking Issue for stabilisation of -Z branch-protection #113369

Remark (for myself):

Initial issue: Synthetic object files disable control flow protection features #103001

Initial PR: Add GNU Property Note #110304

Relevant docs:

Arm

BTI: Branch Target Identification
Docs: https://developer.arm.com/documentation/102433/latest/Applying-these-techniques-to-real-code

Intel x86_64

IBT: Indirect Branch Tracking
Docs: https://edc.intel.com/content/www/us/en/design/ipla/software-development-platforms/client/platforms/alder-lake-desktop/12th-generation-intel-core-processors-datasheet-volume-1-of-2/006/indirect-branch-tracking/

Could this have something to do with --elf-output-style=GNU?

That seems a bit weird, because in my case I was compiling on a x86_64 host for a x86_64 target, so surely --elf-output-style can't be arm... right?

no repro in a docker container w/ x86_64-gnu either.

jieyouxu · 2024-08-21T18:22:51Z

tests/run-make/branch-protection-check-IBT/rmake.rs

-    let llvm_components = env_var("LLVM_COMPONENTS");
-    if !format!(" {llvm_components} ").contains(" x86 ") {
-        return;
-    }
+    // if !llvm_components_contain("x86") {
+    //     panic!();
+    // }


Discussion (self-remark mostly): it's not entirely clear to me why we need to check for llvm-components.

EDIT: because if we want to run target-specific codegen, it will need the llvm component. Right.

jieyouxu · 2024-08-29T11:55:49Z

cc @bjorn3 do you have any idea if .note.gnu.property is still needed for linkers to properly handle Intel IBT? Or do you know anyone else who might have a clue if this note is still needed?

AFAICT (at least on nightly/master), on a x86_64-linux-unknown-gnu host, .note.gnu.property may have never been emitted, or have regressed since #110304

$ rustc \
    --target=x86_64-linux-unknown-gnu \
    -Z cf-protection=branch \
    -C link-args='-nostartfiles' \
    hello_world.rs \
    -o hello_world
$ llvm-readelf -nW hello_world

only has build-id, not .note.gnu.property.

Asked in https://rust-lang.zulipchat.com/#narrow/stream/182449-t-compiler.2Fhelp/topic/Branch.20protection.20and.20.60.2Enote.2Egnu.2Eproperty.60/near/465997093.

Update: may need -Z build-std...

jieyouxu · 2024-08-29T12:51:21Z

As nikic suggested, I was able to repro the note via

$ RUSTFLAGS="-Z cf-protection=branch" cargo +nightly build -Z build-std --target=x86_64-unknown-linux-gnu

so we probably want to use bootstrap cargo like in some other tests (yes I know this will require internet connection and is probably not ideal).

bjorn3 · 2024-08-29T14:04:09Z

do you have any idea if .note.gnu.property is still needed for linkers to properly handle Intel IBT? Or do you know anyone else who might have a clue if this note is still needed?

Not all that familiar with this, but I would IBT to only be enabled for the process if .note.gnu.property indicates that the executable was compiled with IBT support and the linker to only tell that IBT is supported if all input object files indicate that they support IBT, which in turn requires the standard library to be compiled with IBT enabled. I wonder if we can just unconditionally compile the standard library with IBT support. As I understand it, it only inserts endbr instructions at the start of each function and endbr is a nop on CPU's that don't support IBT. Many distros nowadays compile everything with IBT support enabled anyway.

bors · 2024-10-08T07:44:34Z

☔ The latest upstream changes (presumably #131387) made this pull request unmergeable. Please resolve the merge conflicts.

Dylan-DPC · 2024-11-07T15:21:48Z

@Oneirical any updates on this? thanks

jieyouxu · 2024-11-07T15:28:12Z

@rustbot review (I need to look at it again)

…eck-IBT, r=<try> Migrate `branch-protection-check-IBT` to rmake.rs - The Makefile version *never* ran because of Makefile syntax confusion because `ifeq ($(filter x86,$(LLVM_COMPONENTS)),x86_64)` [compares `x86` to `x86_64`, which always evaluates to false](rust-lang#126720 (comment)). - The test would've always failed because precompiled std is not built with `-Z cf-protection=branch`, but linkers require all input object files to indicate IBT support in order to enable IBT for the executable, which is not the case for std. - Thus, the test input file is instead changed to a `no_std` program. The GNU property note was added by rust-lang#110304 in order to address rust-lang#103001. Partially supersedes rust-lang#129156. The rmake.rs port was initially authored by `@Rejyr` in rust-lang#126720. This PR is co-authored with `@Oneirical` and `@Rejyr.` r? `@bjorn3` or reroll try-job: x86_64-msvc try-job: x86_64-apple

…eck-IBT, r=<try> Migrate `branch-protection-check-IBT` to rmake.rs - The Makefile version *never* ran because of Makefile syntax confusion because `ifeq ($(filter x86,$(LLVM_COMPONENTS)),x86_64)` [compares `x86` to `x86_64`, which always evaluates to false](rust-lang#126720 (comment)). - The test would've always failed because precompiled std is not built with `-Z cf-protection=branch`, but linkers require all input object files to indicate IBT support in order to enable IBT for the executable, which is not the case for std. - Thus, the test input file is instead changed to a `no_std` program. The GNU property note was added by rust-lang#110304 in order to address rust-lang#103001. Partially supersedes rust-lang#129156. The rmake.rs port was initially authored by `@Rejyr` in rust-lang#126720. This PR is co-authored with `@Oneirical` and `@Rejyr.` r? `@bjorn3` or reroll try-job: x86_64-msvc try-job: x86_64-apple-1 try-job: x86_64-apple-2

…eck-IBT, r=<try> Migrate `branch-protection-check-IBT` to rmake.rs - The Makefile version *never* ran because of Makefile syntax confusion because `ifeq ($(filter x86,$(LLVM_COMPONENTS)),x86_64)` [compares `x86` to `x86_64`, which always evaluates to false](rust-lang#126720 (comment)). - The test would've always failed because precompiled std is not built with `-Z cf-protection=branch`, but linkers require all input object files to indicate IBT support in order to enable IBT for the executable, which is not the case for std. - Thus, the test input file is instead changed to a `no_std` program. - Ignore cross-compile for now, because that will require us to build `core` for the cross-compile target (something like `minicore` will not suffice because we need to reach and go past the linking stage). The GNU property note was added by rust-lang#110304 in order to address rust-lang#103001. Partially supersedes rust-lang#129156. The rmake.rs port was initially authored by `@Rejyr` in rust-lang#126720. This PR is co-authored with `@Oneirical` and `@Rejyr.` r? `@bjorn3` or reroll try-job: x86_64-msvc try-job: x86_64-apple-1 try-job: x86_64-apple-2

…eck-IBT, r=<try> Migrate `branch-protection-check-IBT` to rmake.rs - The Makefile version *never* ran because of Makefile syntax confusion because `ifeq ($(filter x86,$(LLVM_COMPONENTS)),x86_64)` [compares `x86` to `x86_64`, which always evaluates to false](rust-lang#126720 (comment)). - The test would've always failed because precompiled std is not built with `-Z cf-protection=branch`, but linkers require all input object files to indicate IBT support in order to enable IBT for the executable, which is not the case for std. - Thus, the test input file is instead changed to a `no_std` program. - Only specifically `x86_64-unknown-linux-gnu` for now. The GNU property note was added by rust-lang#110304 in order to address rust-lang#103001. Partially supersedes rust-lang#129156. The rmake.rs port was initially authored by `@Rejyr` in rust-lang#126720. This PR is co-authored with `@Oneirical` and `@Rejyr.` r? `@bjorn3` or reroll try-job: x86_64-mingw-1 try-job: x86_64-mingw-2 try-job: x86_64-msvc try-job: x86_64-apple-1 try-job: x86_64-apple-2

…check-IBT, r=lqd Migrate `branch-protection-check-IBT` to rmake.rs - The Makefile version *never* ran because of Makefile syntax confusion because `ifeq ($(filter x86,$(LLVM_COMPONENTS)),x86_64)` [compares `x86` to `x86_64`, which always evaluates to false](rust-lang#126720 (comment)). - The test would've always failed because precompiled std is not built with `-Z cf-protection=branch`, but linkers require all input object files to indicate IBT support in order to enable IBT for the executable, which is not the case for std. - Thus, the test input file is instead changed to a `no_std` program. - The test is currently limited to only `x86_64-unknown-linux-gnu` host, there are various other problems when the test is cross-compiled that I didn't want to fix atm, and is left as an exercise for the `-Z cf-protection` implementers. The GNU property note was added by rust-lang#110304 in order to address rust-lang#103001. Partially supersedes rust-lang#129156. The rmake.rs port was initially authored by `@Rejyr` in rust-lang#126720. This PR is co-authored with `@Oneirical` and `@Rejyr.` r? `@bjorn3` or reroll try-job: x86_64-mingw-1 try-job: x86_64-mingw-2 try-job: x86_64-msvc try-job: x86_64-apple-1 try-job: x86_64-apple-2

Rollup merge of rust-lang#134760 - jieyouxu:enable-branch-protection-check-IBT, r=lqd Migrate `branch-protection-check-IBT` to rmake.rs - The Makefile version *never* ran because of Makefile syntax confusion because `ifeq ($(filter x86,$(LLVM_COMPONENTS)),x86_64)` [compares `x86` to `x86_64`, which always evaluates to false](rust-lang#126720 (comment)). - The test would've always failed because precompiled std is not built with `-Z cf-protection=branch`, but linkers require all input object files to indicate IBT support in order to enable IBT for the executable, which is not the case for std. - Thus, the test input file is instead changed to a `no_std` program. - The test is currently limited to only `x86_64-unknown-linux-gnu` host, there are various other problems when the test is cross-compiled that I didn't want to fix atm, and is left as an exercise for the `-Z cf-protection` implementers. The GNU property note was added by rust-lang#110304 in order to address rust-lang#103001. Partially supersedes rust-lang#129156. The rmake.rs port was initially authored by `@Rejyr` in rust-lang#126720. This PR is co-authored with `@Oneirical` and `@Rejyr.` r? `@bjorn3` or reroll try-job: x86_64-mingw-1 try-job: x86_64-mingw-2 try-job: x86_64-msvc try-job: x86_64-apple-1 try-job: x86_64-apple-2

…check-IBT, r=lqd Migrate `branch-protection-check-IBT` to rmake.rs - The Makefile version *never* ran because of Makefile syntax confusion because `ifeq ($(filter x86,$(LLVM_COMPONENTS)),x86_64)` [compares `x86` to `x86_64`, which always evaluates to false](rust-lang#126720 (comment)). - The test would've always failed because precompiled std is not built with `-Z cf-protection=branch`, but linkers require all input object files to indicate IBT support in order to enable IBT for the executable, which is not the case for std. - Thus, the test input file is instead changed to a `no_std` program. - The test is currently limited to only `x86_64-unknown-linux-gnu` host, there are various other problems when the test is cross-compiled that I didn't want to fix atm, and is left as an exercise for the `-Z cf-protection` implementers. The GNU property note was added by rust-lang#110304 in order to address rust-lang#103001. Partially supersedes rust-lang#129156. The rmake.rs port was initially authored by `@Rejyr` in rust-lang#126720. This PR is co-authored with `@Oneirical` and `@Rejyr.` r? `@bjorn3` or reroll try-job: x86_64-mingw-1 try-job: x86_64-mingw-2 try-job: x86_64-msvc try-job: x86_64-apple-1 try-job: x86_64-apple-2

jieyouxu · 2025-01-21T13:59:04Z

Superseded by #134760 with attribution, thanks for the PR!

restrict branch-protection-check-IBT run-make test to stable

78272ae

rustbot assigned jieyouxu Aug 16, 2024

rustbot added A-run-make Area: port run-make Makefiles to rmake.rs S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. labels Aug 16, 2024

This comment has been minimized.

Sign in to view

remove cat-and-grep-sanity-check run-make test

d85d292

Oneirical force-pushed the final-curtest-call branch from 41cd029 to d85d292 Compare August 16, 2024 15:30

rustbot added A-testsuite Area: The testsuite used to check the correctness of rustc T-bootstrap Relevant to the bootstrap subteam: Rust's build system (x.py and src/bootstrap) labels Aug 16, 2024

fbstj reviewed Aug 16, 2024

View reviewed changes

tests/run-make/branch-protection-check-IBT/rmake.rs Show resolved Hide resolved

Kobzol mentioned this pull request Aug 16, 2024

Tracking Issue for porting run-make tests to use Rust #121876

Closed

bors added S-waiting-on-author Status: This is awaiting some action (such as code changes or more information) from the author. and removed S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. labels Aug 16, 2024

jieyouxu reviewed Aug 21, 2024

View reviewed changes

jieyouxu added S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. and removed S-waiting-on-author Status: This is awaiting some action (such as code changes or more information) from the author. labels Aug 21, 2024

jieyouxu added S-waiting-on-author Status: This is awaiting some action (such as code changes or more information) from the author. and removed S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. labels Aug 29, 2024

alex-semenyuk added S-waiting-on-author Status: This is awaiting some action (such as code changes or more information) from the author. and removed S-waiting-on-author Status: This is awaiting some action (such as code changes or more information) from the author. labels Sep 16, 2024

rustbot added S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. and removed S-waiting-on-author Status: This is awaiting some action (such as code changes or more information) from the author. labels Nov 7, 2024

jieyouxu mentioned this pull request Dec 25, 2024

Migrate branch-protection-check-IBT to rmake.rs #134760

Merged

jieyouxu mentioned this pull request Dec 25, 2024

Delete cat-and-grep-sanity-check #134762

Closed

jieyouxu closed this Jan 21, 2025

Uh oh!

Conversation

Oneirical commented Aug 16, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

rustbot commented Aug 16, 2024

Uh oh!

rustbot commented Aug 16, 2024

Uh oh!

jieyouxu commented Aug 16, 2024

Uh oh!

bors commented Aug 16, 2024

Uh oh!

Oneirical commented Aug 16, 2024

Uh oh!

bors commented Aug 16, 2024

Uh oh!

This comment has been minimized.

Oneirical commented Aug 16, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Oneirical commented Aug 16, 2024

Uh oh!

bors commented Aug 16, 2024

Uh oh!

rust-log-analyzer commented Aug 16, 2024

Uh oh!

Uh oh!

rust-log-analyzer commented Aug 16, 2024

Uh oh!

bors commented Aug 16, 2024

Uh oh!

jieyouxu left a comment

Choose a reason for hiding this comment

Uh oh!

jieyouxu Aug 21, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Choose a reason for hiding this comment

Uh oh!

jieyouxu Aug 21, 2024

Choose a reason for hiding this comment

Uh oh!

jieyouxu Aug 21, 2024

Choose a reason for hiding this comment

Uh oh!

Oneirical Aug 21, 2024

Choose a reason for hiding this comment

Uh oh!

jieyouxu Aug 21, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Choose a reason for hiding this comment

Arm

Intel x86_64

Uh oh!

jieyouxu Aug 21, 2024

Choose a reason for hiding this comment

Uh oh!

jieyouxu Aug 29, 2024

Choose a reason for hiding this comment

Uh oh!

jieyouxu Aug 21, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Choose a reason for hiding this comment

Uh oh!

jieyouxu commented Aug 29, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

jieyouxu commented Aug 29, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

bjorn3 commented Aug 29, 2024

Uh oh!

bors commented Oct 8, 2024

Uh oh!

Dylan-DPC commented Nov 7, 2024

Uh oh!

jieyouxu commented Nov 7, 2024

Uh oh!

jieyouxu commented Jan 21, 2025

Uh oh!

Oneirical commented Aug 16, 2024 •

edited

Loading

Oneirical commented Aug 16, 2024 •

edited

Loading

jieyouxu Aug 21, 2024 •

edited

Loading

jieyouxu Aug 21, 2024 •

edited

Loading

jieyouxu Aug 21, 2024 •

edited

Loading

jieyouxu commented Aug 29, 2024 •

edited

Loading

jieyouxu commented Aug 29, 2024 •

edited

Loading