mikros/rust
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Separate testing and production sanitizers

Browse Source
This commit is contained in:
Oli Iliffe 2024-02-16 18:07:44 +00:00 committed by Eric Huss
parent d2e8ecd8bd
commit 3e5ad4285c
1 changed files with 29 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
src/doc/unstable-book/src/compiler-flags/sanitizer.md
View File

@ -1,5 +1,14 @@
# `sanitizer` # `sanitizer`
Sanitizers are tools that help detect and prevent various types of bugs and
vulnerabilities in software. They are available in compilers and work by
instrumenting the code to add additional runtime checks. While they provide
powerful tools for identifying bugs or security issues, it's important to note
that using sanitizers can introduce runtime overhead and might not catch all
possible issues. Therefore, they are typically used alongside other best
practices in software development, such as testing and fuzzing, to ensure the
highest level of software quality and security.
The tracking issues for this feature are: The tracking issues for this feature are:
* [#39699](https://github.com/rust-lang/rust/issues/39699). * [#39699](https://github.com/rust-lang/rust/issues/39699).
@ -9,21 +18,26 @@ The tracking issues for this feature are:
This feature allows for use of one of following sanitizers: This feature allows for use of one of following sanitizers:
* [AddressSanitizer](#addresssanitizer) a fast memory error detector. * Those intended for testing or fuzzing (but not production use):
* [ControlFlowIntegrity](#controlflowintegrity) LLVM Control Flow Integrity (CFI) provides * [AddressSanitizer](#addresssanitizer) a fast memory error detector.
forward-edge control flow protection. * [HWAddressSanitizer](#hwaddresssanitizer) a memory error detector similar to
* [HWAddressSanitizer](#hwaddresssanitizer) a memory error detector similar to AddressSanitizer, but based on partial hardware assistance.
AddressSanitizer, but based on partial hardware assistance. * [LeakSanitizer](#leaksanitizer) a run-time memory leak detector.
* [KernelControlFlowIntegrity](#kernelcontrolflowintegrity) LLVM Kernel Control * [MemorySanitizer](#memorysanitizer) a detector of uninitialized reads.
Flow Integrity (KCFI) provides forward-edge control flow protection for * [ThreadSanitizer](#threadsanitizer) a fast data race detector.
operating systems kernels.
* [LeakSanitizer](#leaksanitizer) a run-time memory leak detector. * Those that apart from testing, may be used in production:
* [MemorySanitizer](#memorysanitizer) a detector of uninitialized reads. * [ControlFlowIntegrity](#controlflowintegrity) LLVM Control Flow Integrity
* [MemTagSanitizer](#memtagsanitizer) fast memory error detector based on (CFI) provides forward-edge control flow protection.
Armv8.5-A Memory Tagging Extension. * [KernelControlFlowIntegrity](#kernelcontrolflowintegrity) LLVM Kernel
* [SafeStack](#safestack) provides backward-edge control flow protection by separating the stack into safe and unsafe regions. Control Flow Integrity (KCFI) provides forward-edge control flow protection
* [ShadowCallStack](#shadowcallstack) provides backward-edge control flow protection (aarch64 only). for operating systems kernels.
* [ThreadSanitizer](#threadsanitizer) a fast data race detector. * [MemTagSanitizer](#memtagsanitizer) fast memory error detector based on
Armv8.5-A Memory Tagging Extension.
* [SafeStack](#safestack) provides backward-edge control flow protection by
separating the stack into safe and unsafe regions.
* [ShadowCallStack](#shadowcallstack) provides backward-edge control flow
protection (aarch64 only).
To enable a sanitizer compile with `-Zsanitizer=address`,`-Zsanitizer=cfi`, To enable a sanitizer compile with `-Zsanitizer=address`,`-Zsanitizer=cfi`,
`-Zsanitizer=hwaddress`, `-Zsanitizer=leak`, `-Zsanitizer=memory`, `-Zsanitizer=hwaddress`, `-Zsanitizer=leak`, `-Zsanitizer=memory`,