rust-lang
diff --git a/‎bootstrap.example.toml‎
Lines changed: 2 additions & 3 deletions b/‎bootstrap.example.toml‎
Lines changed: 2 additions & 3 deletions
diff --git a/‎compiler/rustc_codegen_llvm/src/attributes.rs‎
Lines changed: 0 additions & 1 deletion b/‎compiler/rustc_codegen_llvm/src/attributes.rs‎
Lines changed: 0 additions & 1 deletion
diff --git a/‎compiler/rustc_codegen_llvm/src/lib.rs‎
Lines changed: 13 additions & 12 deletions b/‎compiler/rustc_codegen_llvm/src/lib.rs‎
Lines changed: 13 additions & 12 deletions
diff --git a/‎compiler/rustc_interface/src/tests.rs‎
Lines changed: 2 additions & 1 deletion b/‎compiler/rustc_interface/src/tests.rs‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎compiler/rustc_session/src/errors.rs‎
Lines changed: 1 addition & 1 deletion b/‎compiler/rustc_session/src/errors.rs‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎compiler/rustc_session/src/options.rs‎
Lines changed: 11 additions & 6 deletions b/‎compiler/rustc_session/src/options.rs‎
Lines changed: 11 additions & 6 deletions
diff --git a/‎compiler/rustc_session/src/options/mitigation_coverage.rs‎
Lines changed: 0 additions & 4 deletions b/‎compiler/rustc_session/src/options/mitigation_coverage.rs‎
Lines changed: 0 additions & 4 deletions
diff --git a/‎compiler/rustc_session/src/session.rs‎
Lines changed: 9 additions & 8 deletions b/‎compiler/rustc_session/src/session.rs‎
Lines changed: 9 additions & 8 deletions
diff --git a/‎compiler/rustc_target/src/spec/mod.rs‎
Lines changed: 0 additions & 6 deletions b/‎compiler/rustc_target/src/spec/mod.rs‎
Lines changed: 0 additions & 6 deletions
diff --git a/‎src/bootstrap/src/core/builder/cargo.rs‎
Lines changed: 1 addition & 1 deletion b/‎src/bootstrap/src/core/builder/cargo.rs‎
Lines changed: 1 addition & 1 deletion
@@ -760,10 +760,9 @@
 #rust.frame-pointers = false
 
 # Indicates whether stack protectors should be used
-# via the unstable option `-Zstack-protector`.
+# via `-Cstack-protector`.
 #
-# Valid options are : `none`(default),`basic`,`strong`, or `all`.
-# `strong` and `basic` options may be buggy and are not recommended, see rust-lang/rust#114903.
+# Valid options are : `none`(default), `strong`, or `all`.
 #rust.stack-protector = "none"
 
 # Prints each test name as it is executed, to help debug issues in the test harness itself.
 
@@ -297,7 +297,6 @@ fn stackprotector_attr<'ll>(cx: &SimpleCx<'ll>, sess: &Session) -> Option<&'ll A
         StackProtector::None => return None,
         StackProtector::All => AttributeKind::StackProtectReq,
         StackProtector::Strong => AttributeKind::StackProtectStrong,
-        StackProtector::Basic => AttributeKind::StackProtect,
     };
 
     Some(sspattr.create_attr(cx.llcx))
 
@@ -279,18 +279,19 @@ impl CodegenBackend for LlvmCodegenBackend {
         Generate stack canaries in all functions.
 
     strong
-        Generate stack canaries in a function if it either:
-        - has a local variable of `[T; N]` type, regardless of `T` and `N`
-        - takes the address of a local variable.
-
-          (Note that a local variable being borrowed is not equivalent to its
-          address being taken: e.g. some borrows may be removed by optimization,
-          while by-value argument passing may be implemented with reference to a
-          local stack variable in the ABI.)
-
-    basic
-        Generate stack canaries in functions with local variables of `[T; N]`
-        type, where `T` is byte-sized and `N` >= 8.
+        Generate stack canaries for all functions, unless the compiler
+        can prove these functions can't be the source of a stack
+        buffer overflow (even in the presence of undefined behavior).
+
+        This provides similar security guarantees to Clang's
+        `-fstack-protector-strong`.
+
+        The exact rules are unstable and subject to change, but
+        currently, it generates stack protectors for functions that,
+        *post-optimization*, contain LLVM allocas (which
+        include all stack allocations - including fixed-size
+        allocations - that are used in a way that is not completely
+        determined by static control flow).
 
     none
         Do not generate stack canaries.
 
@@ -638,6 +638,7 @@ fn test_codegen_options_tracking_hash() {
     tracked!(relocation_model, Some(RelocModel::Pic));
     tracked!(relro_level, Some(RelroLevel::Full));
     tracked!(split_debuginfo, Some(SplitDebuginfo::Packed));
+    tracked!(stack_protector, Some(StackProtector::All));
     tracked!(symbol_mangling_version, Some(SymbolManglingVersion::V0));
     tracked!(target_cpu, Some(String::from("abc")));
     tracked!(target_feature, String::from("all the features, all of them"));
@@ -868,7 +869,7 @@ fn test_unstable_options_tracking_hash() {
     tracked!(small_data_threshold, Some(16));
     tracked!(split_lto_unit, Some(true));
     tracked!(src_hash_algorithm, Some(SourceFileHashAlgorithm::Sha1));
-    tracked!(stack_protector, StackProtector::All);
+    tracked!(stack_protector, Some(StackProtector::All));
     tracked!(teach, true);
     tracked!(thinlto, Some(true));
     tracked!(tiny_const_eval_limit, true);
 
@@ -206,7 +206,7 @@ pub(crate) struct EmbedSourceRequiresDebugInfo;
 
 #[derive(Diagnostic)]
 #[diag(
-    "`-Z stack-protector={$stack_protector}` is not supported for target {$target_triple} and will be ignored"
+    "`-C stack-protector={$stack_protector}` is not supported for target {$target_triple} and will be ignored"
 )]
 pub(crate) struct StackProtectorNotSupportedForTarget<'a> {
     pub(crate) stack_protector: StackProtector,
 
@@ -932,8 +932,7 @@ mod desc {
     pub(crate) const parse_polonius: &str = "either no value or `legacy` (the default), or `next`";
     pub(crate) const parse_annotate_moves: &str =
         "either a boolean (`yes`, `no`, `on`, `off`, etc.), or a size limit in bytes";
-    pub(crate) const parse_stack_protector: &str =
-        "one of (`none` (default), `basic`, `strong`, or `all`)";
+    pub(crate) const parse_stack_protector: &str = "one of (`none` (default), `strong`, or `all`)";
     pub(crate) const parse_branch_protection: &str = "a `,` separated combination of `bti`, `gcs`, `pac-ret`, (optionally with `pc`, `b-key`, `leaf` if `pac-ret` is set)";
     pub(crate) const parse_proc_macro_execution_strategy: &str =
         "one of supported execution strategies (`same-thread`, or `cross-thread`)";
@@ -1959,9 +1958,12 @@ pub mod parse {
         true
     }
 
-    pub(crate) fn parse_stack_protector(slot: &mut StackProtector, v: Option<&str>) -> bool {
+    pub(crate) fn parse_stack_protector(
+        slot: &mut Option<StackProtector>,
+        v: Option<&str>,
+    ) -> bool {
         match v.and_then(|s| StackProtector::from_str(s).ok()) {
-            Some(ssp) => *slot = ssp,
+            Some(ssp) => *slot = Some(ssp),
             _ => return false,
         }
         true
@@ -2269,6 +2271,9 @@ options! {
     #[rustc_lint_opt_deny_field_access("use `Session::split_debuginfo` instead of this field")]
     split_debuginfo: Option<SplitDebuginfo> = (None, parse_split_debuginfo, [TRACKED],
         "how to handle split-debuginfo, a platform-specific option"),
+    #[rustc_lint_opt_deny_field_access("use `Session::stack_protector` instead of this field")]
+    stack_protector: Option<StackProtector> = (None, parse_stack_protector, [TRACKED MITIGATION],
+        "control stack smashing protection strategy (`rustc --print stack-protector-strategies` for details)"),
     strip: Strip = (Strip::None, parse_strip, [UNTRACKED],
         "tell the linker which information to strip (`none` (default), `debuginfo` or `symbols`)"),
     symbol_mangling_version: Option<SymbolManglingVersion> = (None,
@@ -2760,8 +2765,8 @@ written to standard error output)"),
     src_hash_algorithm: Option<SourceFileHashAlgorithm> = (None, parse_src_file_hash, [TRACKED],
         "hash algorithm of source files in debug info (`md5`, `sha1`, or `sha256`)"),
     #[rustc_lint_opt_deny_field_access("use `Session::stack_protector` instead of this field")]
-    stack_protector: StackProtector = (StackProtector::None, parse_stack_protector, [TRACKED MITIGATION],
-        "control stack smash protection strategy (`rustc --print stack-protector-strategies` for details)"),
+    stack_protector: Option<StackProtector> = (None, parse_stack_protector, [TRACKED MITIGATION],
+        "control stack smashing protection strategy (`rustc --print stack-protector-strategies` for details)"),
     staticlib_allow_rdylib_deps: bool = (false, parse_bool, [TRACKED],
         "allow staticlibs to have rust dylib dependencies"),
     staticlib_prefer_dynamic: bool = (false, parse_bool, [TRACKED],
 
@@ -20,7 +20,6 @@ impl DeniedPartialMitigationLevel {
     pub fn level_str(&self) -> &'static str {
         match self {
             DeniedPartialMitigationLevel::StackProtector(StackProtector::All) => "=all",
-            DeniedPartialMitigationLevel::StackProtector(StackProtector::Basic) => "=basic",
             DeniedPartialMitigationLevel::StackProtector(StackProtector::Strong) => "=strong",
             // currently `=disabled` should not appear
             DeniedPartialMitigationLevel::Enabled(false) => "=disabled",
@@ -36,9 +35,6 @@ impl std::fmt::Display for DeniedPartialMitigationLevel {
             DeniedPartialMitigationLevel::StackProtector(StackProtector::All) => {
                 write!(f, "all")
             }
-            DeniedPartialMitigationLevel::StackProtector(StackProtector::Basic) => {
-                write!(f, "basic")
-            }
             DeniedPartialMitigationLevel::StackProtector(StackProtector::Strong) => {
                 write!(f, "strong")
             }
 
@@ -748,11 +748,12 @@ impl Session {
     }
 
     pub fn stack_protector(&self) -> StackProtector {
-        if self.target.options.supports_stack_protector {
-            self.opts.unstable_opts.stack_protector
-        } else {
-            StackProtector::None
-        }
+        // -C stack-protector overwrites -Z stack-protector, default to StackProtector::None
+        self.opts
+            .cg
+            .stack_protector
+            .or(self.opts.unstable_opts.stack_protector)
+            .unwrap_or(StackProtector::None)
     }
 
     pub fn must_emit_unwind_tables(&self) -> bool {
@@ -1262,10 +1263,10 @@ fn validate_commandline_args_with_session_available(sess: &Session) {
         }
     }
 
-    if sess.opts.unstable_opts.stack_protector != StackProtector::None {
+    if sess.stack_protector() != StackProtector::None {
         if !sess.target.options.supports_stack_protector {
-            sess.dcx().emit_warn(errors::StackProtectorNotSupportedForTarget {
-                stack_protector: sess.opts.unstable_opts.stack_protector,
+            sess.dcx().emit_err(errors::StackProtectorNotSupportedForTarget {
+                stack_protector: sess.stack_protector(),
                 target_triple: &sess.opts.target_triple,
             });
         }
 
@@ -1352,12 +1352,6 @@ crate::target_spec_enum! {
         /// Disable stack canary generation.
         None = "none",
 
-        /// On LLVM, mark all generated LLVM functions with the `ssp` attribute (see
-        /// llvm/docs/LangRef.rst). This triggers stack canary generation in
-        /// functions which contain an array of a byte-sized type with more than
-        /// eight elements.
-        Basic = "basic",
-
         /// On LLVM, mark all generated LLVM functions with the `sspstrong`
         /// attribute (see llvm/docs/LangRef.rst). This triggers stack canary
         /// generation in functions which either contain an array, or which take
 
@@ -972,7 +972,7 @@ impl Builder<'_> {
         cargo.env(profile_var("STRIP"), self.config.rust_strip.to_string());
 
         if let Some(stack_protector) = &self.config.rust_stack_protector {
-            rustflags.arg(&format!("-Zstack-protector={stack_protector}"));
+            rustflags.arg(&format!("-Cstack-protector={stack_protector}"));
         }
 
         let debuginfo_level = match mode {
Original file line number	Diff line number	Diff line change
`@@ -748,11 +748,12 @@ impl Session {`
`748`	`748`	`}`
`749`	`749`
`750`	`750`	`pub fn stack_protector(&self) -> StackProtector {`
`751`		`- if self.target.options.supports_stack_protector {`
`752`		`- self.opts.unstable_opts.stack_protector`
`753`		`- } else {`
`754`		`- StackProtector::None`
`755`		`- }`
	`751`	`+ // -C stack-protector overwrites -Z stack-protector, default to StackProtector::None`
	`752`	`+ self.opts`
	`753`	`+ .cg`
	`754`	`+ .stack_protector`
	`755`	`+ .or(self.opts.unstable_opts.stack_protector)`
	`756`	`+ .unwrap_or(StackProtector::None)`
`756`	`757`	`}`
`757`	`758`
`758`	`759`	`pub fn must_emit_unwind_tables(&self) -> bool {`
`@@ -1262,10 +1263,10 @@ fn validate_commandline_args_with_session_available(sess: &Session) {`
`1262`	`1263`	`}`
`1263`	`1264`	`}`
`1264`	`1265`
`1265`		`- if sess.opts.unstable_opts.stack_protector != StackProtector::None {`
	`1266`	`+ if sess.stack_protector() != StackProtector::None {`
`1266`	`1267`	`if !sess.target.options.supports_stack_protector {`
`1267`		`- sess.dcx().emit_warn(errors::StackProtectorNotSupportedForTarget {`
`1268`		`- stack_protector: sess.opts.unstable_opts.stack_protector,`
	`1268`	`+ sess.dcx().emit_err(errors::StackProtectorNotSupportedForTarget {`
	`1269`	`+ stack_protector: sess.stack_protector(),`
`1269`	`1270`	`target_triple: &sess.opts.target_triple,`
`1270`	`1271`	`});`
`1271`	`1272`	`}`
Original file line number	Diff line number	Diff line change
`@@ -972,7 +972,7 @@ impl Builder<'_> {`
`972`	`972`	`cargo.env(profile_var("STRIP"), self.config.rust_strip.to_string());`
`973`	`973`
`974`	`974`	`if let Some(stack_protector) = &self.config.rust_stack_protector {`
`975`		`- rustflags.arg(&format!("-Zstack-protector={stack_protector}"));`
	`975`	`+ rustflags.arg(&format!("-Cstack-protector={stack_protector}"));`
`976`	`976`	`}`
`977`	`977`
`978`	`978`	`let debuginfo_level = match mode {`