Relax restrictions on multiple sanitizers

[djkoloski]

Most combinations of LLVM sanitizers are legal-enough to enable simultaneously. This change will allow simultaneously enabling ASAN and shadow call stacks on supported platforms.

I used this python script to generate the mutually-exclusive sanitizer combinations:

#!/usr/bin/python3

import subprocess

flags = [
    ["-fsanitize=address"],
    ["-fsanitize=leak"],
    ["-fsanitize=memory"],
    ["-fsanitize=thread"],
    ["-fsanitize=hwaddress"],
    ["-fsanitize=cfi", "-flto", "-fvisibility=hidden"],
    ["-fsanitize=memtag", "--target=aarch64-linux-android", "-march=armv8a+memtag"],
    ["-fsanitize=shadow-call-stack"],
    ["-fsanitize=kcfi", "-flto", "-fvisibility=hidden"],
    ["-fsanitize=kernel-address"],
    ["-fsanitize=safe-stack"],
    ["-fsanitize=dataflow"],
]

for i in range(len(flags)):
    for j in range(i):
        command = ["clang++"] + flags[i] + flags[j] + ["-o", "main.o", "-c", "main.cpp"]
        completed = subprocess.run(command, stderr=subprocess.DEVNULL)
        if completed.returncode != 0:
            first = flags[i][0][11:].replace('-', '').upper()
            second = flags[j][0][11:].replace('-', '').upper()
            print(f"(SanitizerSet::{first}, SanitizerSet::{second}),")

[rustbot]

r? @estebank

rustbot has assigned @estebank.
They will have a look at your PR within the next two weeks and either review your PR or reassign to another reviewer.

Use r? to explicitly pick a reviewer

[rustbot]

These commits modify compiler targets.
(See the Target Tier Policy.)

[rustbot]

Some changes occurred in tests/ui/sanitizer

cc @rust-lang/project-exploit-mitigations, @rcvalle

[tmiasko]

Since Address Sanitizer includes the leak detection, combining it with Leak Sanitizer should omit the Leak Sanitizer runtime library:

https://github.com/rust-lang/llvm-project/blob/5399a24c66cb6164cf32280e7d300488c90d5765/clang/include/clang/Driver/SanitizerArgs.h#L92-L96

[ilovepi]

Since Address Sanitizer includes the leak detection, combining it with Leak Sanitizer should omit the Leak Sanitizer runtime library:

https://github.com/rust-lang/llvm-project/blob/5399a24c66cb6164cf32280e7d300488c90d5765/clang/include/clang/Driver/SanitizerArgs.h#L92-L96

That's a good point. I had assumed rustc already had similar logic, but I suppose if multiple sanitizers were disallowed, maybe it did not. This is some more evidence that on the LLVM side, we should probably keep that logic in a support library that frontends like clang and rustc can reuse without duplicating the same logic everywhere.

[djkoloski]

r? @cuviper

[rcvalle]

LGTM (@cuviper FYI). Thank you for your time and for working on this, @djkoloski! Much appreciated.

[cuviper]

Thanks!

@bors r=cuviper,rcvalle

[bors]

📌 Commit 1e1143c has been approved by cuviper,rcvalle

It is now in the queue for this repository.

[bors]

⌛ Testing commit 1e1143c with merge 5065123...

[bors]

☀️ Test successful - checks-actions
Approved by: cuviper,rcvalle
Pushing 5065123 to master...

[rust-timer]

Finished benchmarking commit (5065123): comparison URL.

Overall result: ❌ regressions - no action needed

@rustbot label: -perf-regression

Instruction count

This is a highly reliable metric that was used to determine the overall result at the top of this comment.

	mean	range	count
Regressions ❌ (primary)	-	-	0
Regressions ❌ (secondary)	1.4%	[1.0%, 1.7%]	2
Improvements ✅ (primary)	-	-	0
Improvements ✅ (secondary)	-	-	0
All ❌✅ (primary)	-	-	0

Max RSS (memory usage)

This benchmark run did not return any relevant results for this metric.

Cycles

Results (primary -5.5%)

This is a less reliable metric that may be of interest but was not used to determine the overall result at the top of this comment.

	mean	range	count
Regressions ❌ (primary)	-	-	0
Regressions ❌ (secondary)	-	-	0
Improvements ✅ (primary)	-5.5%	[-5.5%, -5.5%]	1
Improvements ✅ (secondary)	-	-	0
All ❌✅ (primary)	-5.5%	[-5.5%, -5.5%]	1

Binary size

This benchmark run did not return any relevant results for this metric.

Bootstrap: 673.673s -> 670.767s (-0.43%)
Artifact size: 315.38 MiB -> 315.37 MiB (-0.00%)