| Age | Commit message (Collapse) | Author | Lines |
|---|
|
Wrapper for `-Z gcc-ld=lld` to invoke rust-lld with the correct flavor
This PR adds an `lld-wrapper` tool which is installed as `ld` and `ld64` in `lib\rustlib\<host_target>\bin\gcc-ld` directory and whose sole purpose is to invoke `rust-lld` in the parent directory with the correct flavor. Lld decides which flavor to use from either the first two commandline arguments or from the name of the executable (`ld` for GNU/ld flavor, `ld64` for Darwin/Macos/ld64 flavor and so on). Symbolic links could not be used as they are not supported by rustup and on Windows.
The wrapper replaces full copies of rust-lld which added some significant bloat. On UNIXish operating systems it exec rust-lld, on Windows it spawns it as a child process.
Fixes #88869.
r? ```@Mark-Simulacrum```
cc ```@nagisa``` ```@petrochenkov``` ```@1000teslas```
|
|
The wrapper is installed as `ld` and `ld64` in the `lib\rustlib\<host_target>\bin\gcc-ld`
directory and its sole purpose is to invoke `rust-lld` in the parent directory with
the correct flavor.
|
|
Add `deref_into_dyn_supertrait` lint.
Initial implementation of #89460. Resolves #89190.
Maybe also worth a beta backport if necessary.
r? `@nikomatsakis`
|
|
library std, libc dependency update
to solve #87528 build.
|
|
Fix performance regression with #[instrument]
linked tracing PR: https://github.com/tokio-rs/tracing/pull/1600
regression introduced by #89048
|
|
Move ICH to rustc_query_system
Based on https://github.com/rust-lang/rust/pull/89183
The StableHashingContext does not need to be in rustc_middle.
This PR moves it to rustc_query_system. This will avoid a dependency between rustc_ast_lowering and rustc_middle in https://github.com/rust-lang/rust/pull/89124.
|
|
to solve #87528 build.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Added -Z randomize-layout flag
An implementation of #77316, it currently randomly shuffles the fields of `repr(rust)` types based on their `DefPathHash`
r? ``@eddyb``
|
|
|
|
|
|
|
|
This version of odht contains a potential fix for #89085.
|
|
|
|
r=wesleywiser
Simplify lazy DefPathHash decoding by using an on-disk hash table.
This PR simplifies the logic around mapping `DefPathHash` values encountered during incremental compilation to valid `DefId`s in the current session. It is able to do so by using an on-disk hash table encoding that allows for looking up values directly, i.e. without deserializing the entire table.
The main simplification comes from not having to keep track of `DefPathHashes` being used during the compilation session.
|
|
Update cargo
13 commits in e515c3277bf0681bfc79a9e763861bfe26bb05db..33ee5f82edb50af87b952c5b28de0f5fb41ebf18
2021-09-08 14:32:15 +0000 to 2021-09-17 13:51:54 +0000
- Update curl-sys (rust-lang/cargo#9917)
- Bump Cargo's curl requirement to 7.79.0 (rust-lang/cargo#9914)
- Revert "When a dependency does not have a version, git or path, fails directly" (rust-lang/cargo#9911)
- Add some contributor docs for debugging testsuite tests. (rust-lang/cargo#9904)
- Fix warnings when documenting with `--document-private-items` (rust-lang/cargo#9903)
- Improve "wrong output" error. (rust-lang/cargo#9905)
- Fix warnings from better precision of `dead_code` lint (rust-lang/cargo#9906)
- Bump to 0.58.0, update changelog (rust-lang/cargo#9900)
- Fix rustc --profile=dev unstable check. (rust-lang/cargo#9898)
- config.md: fix typo (rust-lang/cargo#9896)
- Enable some tests on windows. (rust-lang/cargo#9893)
- Enable strip test on macos. (rust-lang/cargo#9889)
- Fix `cargo fix --edition` on stable. (rust-lang/cargo#9890)
|
|
|
|
|
|
Use a separate interner type for UniqueTypeId
Using symbol::Interner makes it very easy to mixup UniqueTypeId symbols
with the global interner. In fact the Debug implementation of
UniqueTypeId did exactly this.
Using a separate interner type also avoids prefilling the interner with
unused symbols and allow for optimizing the symbol interner for parallel
access without negatively affecting the single threaded module codegen.
|
|
|
|
Using symbol::Interner makes it very easy to mixup UniqueTypeId symbols
with the global interner. In fact the Debug implementation of
UniqueTypeId did exactly this.
Using a separate interner type also avoids prefilling the interner with
unused symbols and allow for optimizing the symbol interner for parallel
access without negatively affecting the single threaded module codegen.
|
|
|
|
Update Clippy
r? `@Manishearth`
|
|
Split rustc_mir
The `rustc_mir` crate is the second largest in the compiler.
This PR splits it up into 5 crates:
- rustc_borrowck;
- rustc_const_eval;
- rustc_mir_dataflow;
- rustc_mir_transform;
- rustc_monomorphize.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Update Miri
Fixes #88671.
r? `@RalfJung`
|
|
|
|
Pin bootstrap checksums and add a tool to update it automatically
:warning: :warning: This is just a proactive hardening we're performing on the build system, and it's not prompted by any known compromise. If you're aware of security issues being exploited please [check out our responsible disclosure page](https://www.rust-lang.org/policies/security). :warning: :warning:
---
This PR aims to improve Rust's supply chain security by pinning the checksums of the bootstrap compiler downloaded by `x.py`, preventing a compromised `static.rust-lang.org` from affecting building the compiler. The checksums are stored in `src/stage0.json`, which replaces `src/stage0.txt`. This PR also adds a tool to automatically update the bootstrap compiler.
The changes in this PR were originally discussed in [Zulip](https://zulip-archive.rust-lang.org/stream/241545-t-release/topic/pinning.20stage0.20hashes.html).
## Potential attack
Before this PR, an attacker who wanted to compromise the bootstrap compiler would "just" need to:
1. Gain write access to `static.rust-lang.org`, either by compromising DNS or the underlying storage.
2. Upload compromised binaries and corresponding `.sha256` files to `static.rust-lang.org`.
There is no signature verification in `x.py` as we don't want the build system to depend on GPG. Also, since the checksums were not pinned inside the repository, they were downloaded from `static.rust-lang.org` too: this only protected from accidental changes in `static.rust-lang.org` that didn't change the `*.sha256` files. The attack would allow the attacker to compromise past and future invocations of `x.py`.
## Mitigations introduced in this PR
This PR adds pinned checksums for all the bootstrap components in `src/stage0.json` instead of downloading the checksums from `static.rust-lang.org`. This changes the attack scenario to:
1. Gain write access to `static.rust-lang.org`, either by compromising DNS or the underlying storage.
2. Upload compromised binaries to `static.rust-lang.org`.
3. Land a (reviewed) change in the `rust-lang/rust` repository changing the pinned hashes.
Even with a successful attack, existing clones of the Rust repository won't be affected, and once the attack is detected reverting the pinned hashes changes should be enough to be protected from the attack. This also enables further mitigations to be implemented in following PRs, such as verifying signatures when pinning new checksums (removing the trust on first use aspect of this PR) and adding a check in CI making sure a PR updating the checksum has not been tampered with (see the future improvements section).
## Additional changes
There are additional changes implemented in this PR to enable the mitigation:
* The `src/stage0.txt` file has been replaced with `src/stage0.json`. The reasoning for the change is that there is existing tooling to read and manipulate JSON files compared to the custom format we were using before, and the slight challenge of manually editing JSON files (no comments, no trailing commas) are not a problem thanks to the new `bump-stage0`.
* A new tool has been added to the repository, `bump-stage0`. When invoked, the tool automatically calculates which release should be used as the bootstrap compiler given the current version and channel, gathers all the relevant checksums and updates `src/stage0.json`. The tool can be invoked by running:
```
./x.py run src/tools/bump-stage0
```
* Support for downloading releases from `https://dev-static.rust-lang.org` has been removed, as it's not possible to verify checksums there (it's customary to replace existing artifacts there if a rebuild is warranted). This will require a change to the release process to avoid bumping the bootstrap compiler on beta before the stable release.
## Future improvements
* Add signature verification as part of `bump-stage0`, which would require the attacker to also obtain the release signing keys in order to successfully compromise the bootstrap compiler. This would be fine to add now, as the burden of installing the tool to verify signatures would only be placed on whoever updates the bootstrap compiler, instead of everyone compiling Rust.
* Add a check on CI that ensures the checksums in `src/stage0.json` are the expected ones. If a PR changes the stage0 file CI should also run the `bump-stage0` tool and fail if the output in CI doesn't match the committed file. This prevents the PR author from tweaking the output of the tool manually, which would otherwise be close to impossible for a human to detect.
* Automate creating the PRs bumping the bootstrap compiler, by setting up a scheduled job in GitHub Actions that runs the tool and opens a PR.
* Investigate whether a similar mitigation can be done for "download from CI" components like the prebuilt LLVM.
r? `@Mark-Simulacrum`
|
|
Lint missing Abi in ast validation instead of lowering.
|
|
Fix loading large rlibs
Bumps object crate to permit parsing archives with 64-bit table entries. These
are primarily encountered when there's more than 4GB of archive data.
cc https://github.com/gimli-rs/object/issues/365
Helps with https://github.com/rust-lang/rust/issues/88351, but will also need a beta backport
r? `@ehuss` (mostly for the test)
|
|
|
|
Warn when [T; N].into_iter() is ambiguous in the new edition.
Fixes https://github.com/rust-lang/rust/issues/88475
In https://github.com/rust-lang/rust/issues/88475, a situation was found where `[T; N].into_iter()` becomes *ambiguous* in the new edition. This is different than the case where `(&[T; N]).into_iter()` resolves differently, which was the only case handled by the `array_into_iter` lint. This is almost identical to the new-traits-in-the-prelude problem. Effectively, due to the array-into-iter hack disappearing in Rust 2021, we effectively added `IntoIterator` to the 'prelude' in Rust 2021 specifically for arrays.
This modifies the prelude collisions lint to detect that case and emit a `array_into_iter` lint in that case.
|
|
Bumps object crate to permit parsing archives with 64-bit table entries. These
are primarily encountered when there's more than 4GB of archive data.
|
|
|
|
Update stacker and psm crates
Primarily to include https://github.com/rust-lang/stacker/pull/54
|
|
Bump vulnerable crates
crossbeam-deque v0.7.3 -> v0.7.4:
https://rustsec.org/advisories/RUSTSEC-2021-0093
https://github.com/crossbeam-rs/crossbeam/pull/728/files
openssl-src v111.15.0+1.1.1k -> v111.16.0+1.1.1l:
https://rustsec.org/advisories/RUSTSEC-2021-0097
https://rustsec.org/advisories/RUSTSEC-2021-0098
https://www.openssl.org/news/vulnerabilities-1.1.1.html
tar v0.4.35 -> v0.4.37:
https://rustsec.org/advisories/RUSTSEC-2021-0080
updated to 0.4.37 as there breaking change in 0.4.36: https://github.com/alexcrichton/tar-rs/pull/260
|
|
|
|
|
|
https://rustsec.org/advisories/RUSTSEC-2021-0093
https://github.com/crossbeam-rs/crossbeam/pull/728/files
openssl-src v111.15.0+1.1.1k -> v111.16.0+1.1.1l:
https://rustsec.org/advisories/RUSTSEC-2021-0097
https://rustsec.org/advisories/RUSTSEC-2021-0098
https://www.openssl.org/news/vulnerabilities-1.1.1.html
tar v0.4.35 -> v0.4.37:
https://rustsec.org/advisories/RUSTSEC-2021-0080
updated to 0.4.37 as there breaking change in 0.4.36: https://github.com/alexcrichton/tar-rs/pull/260
|
|
|
