Skip to content

CFI: Fix LTO for #![no_builtins] crates with CFI#156024

Merged
rust-bors[bot] merged 1 commit intorust-lang:mainfrom
rcvalle:rust-cfi-fix-142284
May 7, 2026
Merged

CFI: Fix LTO for #![no_builtins] crates with CFI#156024
rust-bors[bot] merged 1 commit intorust-lang:mainfrom
rcvalle:rust-cfi-fix-142284

Conversation

@rcvalle
Copy link
Copy Markdown
Member

@rcvalle rcvalle commented May 1, 2026
edited by rustbot
Loading

View all comments

Fixes LTO for #![no_builtins] crates with CFI enabled by using rustc's EmitObj::Bitcode path (and emitting LLVM bitcode in the .o for linker-based LTO).

It also adds tests that verify that the examples in rust-cfi-examples build and run with -Zbuild-std to prevent other future regressions.

@rustbot rustbot added A-run-make Area: port run-make Makefiles to rmake.rs S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. T-compiler Relevant to the compiler team, which will review and decide on the PR/issue. labels May 1, 2026
@rustbot
Copy link
Copy Markdown
Collaborator

rustbot commented May 1, 2026

r? @jieyouxu

rustbot has assigned @jieyouxu.
They will have a look at your PR within the next two weeks and either review your PR or reassign to another reviewer.

Use r? to explicitly pick a reviewer

Why was this reviewer chosen?

The reviewer was selected based on:

  • Owners of files modified in this PR: compiler
  • compiler expanded to 73 candidates
  • Random selection from 20 candidates

@rcvalle rcvalle added PG-exploit-mitigations Project group: Exploit mitigations A-control-flow-integrity Area: Control Flow Integrity (CFI) security mitigation labels May 1, 2026
@rust-log-analyzer

This comment has been minimized.

Sign in to view
@rcvalle rcvalle force-pushed the rust-cfi-fix-142284 branch from 58c916f to 02987f4 Compare May 1, 2026 02:52
@rust-log-analyzer

This comment has been minimized.

Sign in to view
bjorn3
bjorn3 reviewed May 1, 2026
View reviewed changes
Comment thread compiler/rustc_codegen_ssa/src/back/write.rs
@rcvalle rcvalle force-pushed the rust-cfi-fix-142284 branch from 02987f4 to 49f46f9 Compare May 1, 2026 16:48
@rust-log-analyzer

This comment has been minimized.

Sign in to view
@rcvalle rcvalle force-pushed the rust-cfi-fix-142284 branch from 49f46f9 to 1a3cf09 Compare May 1, 2026 16:53
@rust-log-analyzer

This comment has been minimized.

Sign in to view
@rcvalle rcvalle force-pushed the rust-cfi-fix-142284 branch 2 times, most recently from c338aae to 6650fd5 Compare May 1, 2026 21:01
@jieyouxu
Copy link
Copy Markdown
Member

jieyouxu commented May 2, 2026

r? bjorn3 (since you're already reviewing this, and know way more about this than I do)

@rustbot rustbot assigned bjorn3 and unassigned jieyouxu May 2, 2026
@rcvalle rcvalle force-pushed the rust-cfi-fix-142284 branch from 6650fd5 to 994844b Compare May 2, 2026 20:09
@rust-log-analyzer

This comment has been minimized.

Sign in to view
@rcvalle rcvalle force-pushed the rust-cfi-fix-142284 branch 4 times, most recently from 1e9d441 to c9526ae Compare May 5, 2026 04:58
@rcvalle rcvalle force-pushed the rust-cfi-fix-142284 branch from c9526ae to b3be83c Compare May 5, 2026 18:35
bjorn3
bjorn3 requested changes May 6, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@bjorn3 bjorn3 left a comment
edited by rustbot
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should there also be a test for a mismatched pointer target type?

View changes since this review

Comment thread tests/run-make-cargo/sanitizer-cfi-build-std-clang/shared_build_rs.rs
Comment thread tests/run-make-cargo/sanitizer-cfi-build-std-clang/Cargo.toml
Comment thread ...n-make-cargo/sanitizer-cfi-build-std-clang/cross-lang-integer-normalization-abort/Cargo.toml
Comment thread ...ke-cargo/sanitizer-cfi-build-std-clang/cross-lang-integer-normalization-not-abort/Cargo.toml
Comment thread tests/run-make-cargo/sanitizer-cfi-build-std-clang/rmake.rs Outdated
Comment thread ...-make-cargo/sanitizer-cfi-build-std-clang/cross-lang-integer-normalization-abort/src/main.rs

#[link(name = "foo")]
extern "C" {
fn do_twice(f: unsafe extern "C" fn(i32) -> i32, arg: i32) -> i32;
Copy link
Copy Markdown
Member

@bjorn3 bjorn3 May 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should these perhaps use std::ffi::c_int to ensure the bit width matches C on all targets?

Copy link
Copy Markdown
Member Author

@rcvalle rcvalle May 6, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This test is mainly to emphasize how the C integer types are encoded by their respective sizes when using integer normalization so I think it makes more sense the Rust side to have a sized integer types. Note all these tests are gated to only-x86_64-unknown-linux-gnu because of the naked_asm in the invalid-branch-target-abort test and to save CI resources anyway.

@rustbot rustbot added S-waiting-on-author Status: This is awaiting some action (such as code changes or more information) from the author. and removed S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. labels May 6, 2026
@rcvalle rcvalle force-pushed the rust-cfi-fix-142284 branch 3 times, most recently from 8baf995 to 1a2d398 Compare May 6, 2026 19:31
@rcvalle
Copy link
Copy Markdown
Member Author

rcvalle commented May 6, 2026

I also added the indirect-return-type-mismatch-abort and indirect-type-qualifier-mismatch-abort tests for completeness.

@rust-log-analyzer

This comment has been minimized.

Sign in to view
@rcvalle
CFI: Fix LTO for #![no_builtins] crates with CFI
acc33fe 
Fixes LTO for `#![no_builtins]` crates with CFI enabled by using rustc's
`EmitObj::Bitcode` path (and emitting LLVM bitcode in the `.o` for
linker-based LTO).
@rcvalle rcvalle force-pushed the rust-cfi-fix-142284 branch from 1a2d398 to acc33fe Compare May 6, 2026 20:44
@bjorn3
Copy link
Copy Markdown
Member

bjorn3 commented May 7, 2026

@bors r+

@rust-bors
Copy link
Copy Markdown
Contributor

rust-bors Bot commented May 7, 2026

📌 Commit acc33fe has been approved by bjorn3

It is now in the queue for this repository.

@rust-bors rust-bors Bot added S-waiting-on-bors Status: Waiting on bors to run and complete tests. Bors will change the label on completion. and removed S-waiting-on-author Status: This is awaiting some action (such as code changes or more information) from the author. labels May 7, 2026
JonathanBrouwer added a commit to JonathanBrouwer/rust that referenced this pull request May 7, 2026
@JonathanBrouwer
Rollup merge of rust-lang#156024 - rcvalle:rust-cfi-fix-142284, r=bjorn3
53219be 
CFI: Fix LTO for `#![no_builtins]` crates with CFI

Fixes LTO for `#![no_builtins]` crates with CFI enabled by using rustc's `EmitObj::Bitcode` path (and emitting LLVM bitcode in the `.o` for linker-based LTO).

It also adds tests that verify that the examples in [rust-cfi-examples](https://github.com/rcvalle/rust-cfi-examples) build and run with `-Zbuild-std` to prevent other future regressions.
@JonathanBrouwer JonathanBrouwer mentioned this pull request May 7, 2026
Closed
rust-bors Bot pushed a commit that referenced this pull request May 7, 2026
@bors
Auto merge of #156275 - JonathanBrouwer:rollup-0kXfHjm, r=JonathanBro…
fc4b52a 
…uwer

Rollup of 5 pull requests

Successful merges:

 - #146273 (lint ImproperCTypes: refactor linting architecture (part 2))
 - #156024 (CFI: Fix LTO for `#![no_builtins]` crates with CFI)
 - #156243 (Move CrateInfo computation after codegen_crate)
 - #156245 (Move invocation_temp into OutputFilenames)
 - #156265 (Remove unused `ToStableHashKey` impls.)
@JonathanBrouwer JonathanBrouwer mentioned this pull request May 7, 2026
Merged
rust-bors Bot pushed a commit that referenced this pull request May 7, 2026
@bors
Auto merge of #156278 - JonathanBrouwer:rollup-O8O1IcI, r=JonathanBro…
ffccab6 
…uwer

Rollup of 10 pull requests

Successful merges:

 - #146273 (lint ImproperCTypes: refactor linting architecture (part 2))
 - #154025 (Add `keepalive`, `set_keepalive` to `TcpStream` implementations)
 - #156024 (CFI: Fix LTO for `#![no_builtins]` crates with CFI)
 - #156243 (Move CrateInfo computation after codegen_crate)
 - #154846 (Add better default spans for the `Ty` impl of `QueryKey`)
 - #155220 (cg_clif: Don't show verbose run-make cmd output for passing tests)
 - #156204 (Implemented `PathBuf::into_string`)
 - #156245 (Move invocation_temp into OutputFilenames)
 - #156250 (add a few new solver normalization tests)
 - #156265 (Remove unused `ToStableHashKey` impls.)
@rust-bors rust-bors Bot merged commit 2549421 into rust-lang:main May 7, 2026
11 checks passed
@rustbot rustbot added this to the 1.97.0 milestone May 7, 2026
@rcvalle rcvalle deleted the rust-cfi-fix-142284 branch May 7, 2026 18:38
@rcvalle rcvalle mentioned this pull request May 7, 2026
Closed
pull Bot pushed a commit to LeeeeeeM/miri that referenced this pull request May 8, 2026
@bors
Auto merge of #156278 - JonathanBrouwer:rollup-O8O1IcI, r=JonathanBro…
892f407 
…uwer

Rollup of 10 pull requests

Successful merges:

 - rust-lang/rust#146273 (lint ImproperCTypes: refactor linting architecture (part 2))
 - rust-lang/rust#154025 (Add `keepalive`, `set_keepalive` to `TcpStream` implementations)
 - rust-lang/rust#156024 (CFI: Fix LTO for `#![no_builtins]` crates with CFI)
 - rust-lang/rust#156243 (Move CrateInfo computation after codegen_crate)
 - rust-lang/rust#154846 (Add better default spans for the `Ty` impl of `QueryKey`)
 - rust-lang/rust#155220 (cg_clif: Don't show verbose run-make cmd output for passing tests)
 - rust-lang/rust#156204 (Implemented `PathBuf::into_string`)
 - rust-lang/rust#156245 (Move invocation_temp into OutputFilenames)
 - rust-lang/rust#156250 (add a few new solver normalization tests)
 - rust-lang/rust#156265 (Remove unused `ToStableHashKey` impls.)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bjorn3 bjorn3 bjorn3 requested changes

Assignees

@bjorn3 bjorn3

Labels

A-control-flow-integrity Area: Control Flow Integrity (CFI) security mitigation A-run-make Area: port run-make Makefiles to rmake.rs PG-exploit-mitigations Project group: Exploit mitigations S-waiting-on-bors Status: Waiting on bors to run and complete tests. Bors will change the label on completion. T-compiler Relevant to the compiler team, which will review and decide on the PR/issue.

Projects

None yet

Milestone

1.97.0

Development

Successfully merging this pull request may close these issues.

5 participants

@rcvalle @rustbot @rust-log-analyzer @jieyouxu @bjorn3