add warning for async

Author: luca3s

compiler/rustc_codegen_ssa/src/codegen_attrs.rs

@@ -3,7 +3,7 @@ use std::str::FromStr;
 use rustc_abi::{Align, ExternAbi};
 use rustc_ast::expand::autodiff_attrs::{AutoDiffAttrs, DiffActivity, DiffMode};
 use rustc_ast::{LitKind, MetaItem, MetaItemInner, attr};
-use rustc_hir::attrs::{AttributeKind, InlineAttr, InstructionSetAttr, UsedBy};
+use rustc_hir::attrs::{AttributeKind, InlineAttr, InstructionSetAttr, RtsanSetting, UsedBy};
 use rustc_hir::def::DefKind;
 use rustc_hir::def_id::{DefId, LOCAL_CRATE, LocalDefId};
 use rustc_hir::{self as hir, Attribute, LangItem, find_attr, lang_items};
@@ -468,6 +468,28 @@ fn check_result(
         })
     }
 
+    // warn for nonblocking async fn.
+    // This doesn't behave as expected, because the executor can run blocking code without the sanitizer noticing.
+    if codegen_fn_attrs.sanitizers.rtsan_setting == RtsanSetting::Nonblocking
+        && let Some(sanitize_span) = interesting_spans.sanitize
+        // async function
+        && (tcx.asyncness(did).is_async() || (tcx.is_closure_like(did.into())
+            // async block
+            && (tcx.coroutine_is_async(did.into())
+                // async closure
+                || tcx.coroutine_is_async(tcx.coroutine_for_closure(did)))))
+    {
+        let hir_id = tcx.local_def_id_to_hir_id(did);
+        tcx.node_span_lint(
+            lint::builtin::RTSAN_NONBLOCKING_ASYNC,
+            hir_id,
+            sanitize_span,
+            |lint| {
+                lint.primary_message(r#"the async executor can run blocking code, without realtime sanitizer catching it"#);
+            }
+        );
+    }
+
     // error when specifying link_name together with link_ordinal
     if let Some(_) = codegen_fn_attrs.symbol_name
         && let Some(_) = codegen_fn_attrs.link_ordinal

compiler/rustc_lint_defs/src/builtin.rs

@@ -87,6 +87,7 @@ declare_lint_pass! {
         REFINING_IMPL_TRAIT_REACHABLE,
         RENAMED_AND_REMOVED_LINTS,
         REPR_TRANSPARENT_NON_ZST_FIELDS,
+        RTSAN_NONBLOCKING_ASYNC,
         RUST_2021_INCOMPATIBLE_CLOSURE_CAPTURES,
         RUST_2021_INCOMPATIBLE_OR_PATTERNS,
         RUST_2021_PREFIXES_INCOMPATIBLE_SYNTAX,
@@ -2332,6 +2333,35 @@ declare_lint! {
     r#"detects incompatible use of `#[inline(always)]` and `#[sanitize(... = "off")]`"#,
 }
 
+declare_lint! {
+    /// The `rtsan_nonblocking_async` lint detects incompatible use of
+    /// [`#[sanitize(realtime = "nonblocking")]`][sanitize] on async functions.
+    ///
+    /// [sanitize]: https://doc.rust-lang.org/nightly/unstable-book/language-features/no-sanitize.html
+    /// ### Example
+    ///
+    /// ```rust,no_run
+    /// #![feature(sanitize)]
+    ///
+    /// #[sanitize(realtime = "nonblocking")]
+    /// async fn x() {}
+    ///
+    /// fn main() {
+    ///     x();
+    /// }
+    /// ```
+    ///
+    /// {{produces}}
+    ///
+    /// ### Explanation
+    ///
+    /// The sanitizer only considers the async function body nonblocking. The executor, which runs on
+    /// every `.await` point can run non-realtime code, without the sanitizer catching it.
+    pub RTSAN_NONBLOCKING_ASYNC,
+    Warn,
+    r#"detects incompatible uses of `#[sanitize(realtime = "nonblocking")]` on async functions"#,
+}
+
 declare_lint! {
     /// The `asm_sub_register` lint detects using only a subset of a register
     /// for inline asm inputs.

tests/ui/sanitize-attr/invalid-sanitize.rs

@@ -1,3 +1,4 @@
+//@ edition:2018
 #![feature(sanitize)]
 
 #[sanitize(brontosaurus = "off")] //~ ERROR malformed `sanitize` attribute input
@@ -22,3 +23,18 @@ fn just_word() {}
 
 #[sanitize(realtime = "on")] //~ ERROR malformed `sanitize` attribute input
 fn wrong_value_realtime() {}
+
+#[sanitize(realtime = "nonblocking")] //~ WARN: the async executor can run blocking code, without realtime sanitizer catching it [rtsan_nonblocking_async]
+async fn async_nonblocking() {}
+
+fn test() {
+    let _async_block = {
+        #[sanitize(realtime = "nonblocking")] //~ WARN: the async executor can run blocking code, without realtime sanitizer catching it [rtsan_nonblocking_async]
+        async {}
+    };
+
+    let _async_closure = {
+        #[sanitize(realtime = "nonblocking")] //~ WARN: the async executor can run blocking code, without realtime sanitizer catching it [rtsan_nonblocking_async]
+        async || {}
+    };
+}

tests/ui/sanitize-attr/invalid-sanitize.stderr

@@ -1,5 +1,5 @@
 error[E0539]: malformed `sanitize` attribute input
-  --> $DIR/invalid-sanitize.rs:3:1
+  --> $DIR/invalid-sanitize.rs:4:1
    |
 LL | #[sanitize(brontosaurus = "off")]
    | ^^^^^^^^^^^------------^^^^^^^^^^
@@ -23,31 +23,31 @@ LL + #[sanitize(kcfi = "on|off")]
    = and 6 other candidates
 
 error: multiple `sanitize` attributes
-  --> $DIR/invalid-sanitize.rs:6:1
+  --> $DIR/invalid-sanitize.rs:7:1
    |
 LL | #[sanitize(address = "off")]
    | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ help: remove this attribute
    |
 note: attribute also specified here
-  --> $DIR/invalid-sanitize.rs:7:1
+  --> $DIR/invalid-sanitize.rs:8:1
    |
 LL | #[sanitize(address = "off")]
    | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 
 error: multiple `sanitize` attributes
-  --> $DIR/invalid-sanitize.rs:10:1
+  --> $DIR/invalid-sanitize.rs:11:1
    |
 LL | #[sanitize(address = "on")]
    | ^^^^^^^^^^^^^^^^^^^^^^^^^^^ help: remove this attribute
    |
 note: attribute also specified here
-  --> $DIR/invalid-sanitize.rs:11:1
+  --> $DIR/invalid-sanitize.rs:12:1
    |
 LL | #[sanitize(address = "off")]
    | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 
 error[E0539]: malformed `sanitize` attribute input
-  --> $DIR/invalid-sanitize.rs:14:1
+  --> $DIR/invalid-sanitize.rs:15:1
    |
 LL | #[sanitize(address = "bogus")]
    | ^^^^^^^^^^^^^^^^^^^^^-------^^
@@ -71,7 +71,7 @@ LL + #[sanitize(kcfi = "on|off")]
    = and 6 other candidates
 
 error[E0539]: malformed `sanitize` attribute input
-  --> $DIR/invalid-sanitize.rs:17:1
+  --> $DIR/invalid-sanitize.rs:18:1
    |
 LL | #[sanitize = "off"]
    | ^^^^^^^^^^^^^^^^^^^ expected this to be a list
@@ -93,7 +93,7 @@ LL + #[sanitize(kcfi = "on|off")]
    = and 6 other candidates
 
 error[E0539]: malformed `sanitize` attribute input
-  --> $DIR/invalid-sanitize.rs:20:1
+  --> $DIR/invalid-sanitize.rs:21:1
    |
 LL | #[sanitize]
    | ^^^^^^^^^^^ expected this to be a list
@@ -111,7 +111,7 @@ LL | #[sanitize(kcfi = "on|off")]
    = and 6 other candidates
 
 error[E0539]: malformed `sanitize` attribute input
-  --> $DIR/invalid-sanitize.rs:23:1
+  --> $DIR/invalid-sanitize.rs:24:1
    |
 LL | #[sanitize(realtime = "on")]
    | ^^^^^^^^^^^^^^^^^^^^^^----^^
@@ -134,6 +134,26 @@ LL + #[sanitize(kcfi = "on|off")]
    |
    = and 6 other candidates
 
-error: aborting due to 7 previous errors
+warning: the async executor can run blocking code, without realtime sanitizer catching it
+  --> $DIR/invalid-sanitize.rs:27:1
+   |
+LL | #[sanitize(realtime = "nonblocking")]
+   | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+   |
+   = note: `#[warn(rtsan_nonblocking_async)]` on by default
+
+warning: the async executor can run blocking code, without realtime sanitizer catching it
+  --> $DIR/invalid-sanitize.rs:32:9
+   |
+LL | ...   #[sanitize(realtime = "nonblocking")]
+   |       ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+warning: the async executor can run blocking code, without realtime sanitizer catching it
+  --> $DIR/invalid-sanitize.rs:37:9
+   |
+LL | ...   #[sanitize(realtime = "nonblocking")]
+   |       ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+error: aborting due to 7 previous errors; 3 warnings emitted
 
 For more information about this error, try `rustc --explain E0539`.