From f2fe08e944f1412db8dc3d659705adfda26d87c7 Mon Sep 17 00:00:00 2001
From: Joe Richey <joerichey@google.com>
Date: Wed, 18 Dec 2024 13:04:26 -0800
Subject: [PATCH] Detect use of MemorySanitizer without using Nightly-only
 features

This allows msan detection to "just-work" whenever someone passes
`-Zsanitizer=memory`. Users no longer need to do any
`getrandom`-specific configuration.

This will also continue working once
https://github.com/rust-lang/rust/issues/123615 is merged which
stabilizes some sanitizers (but not MemorySanitizer).

This is the approch taken by other low-level crates:
  - [`parking_lot_core`](https://github.com/Amanieu/parking_lot/blob/ca920b31312839013b4455aba1d53a4aede21b2f/core/build.rs)
  - [`crossbeam-utils`](https://github.com/crossbeam-rs/crossbeam/blob/00283fb1818174c25b02d7f1c883c5e19f8506a4/crossbeam-utils/build.rs#L42)

The only downside is that this adds a build-script, but it's as small as
possible, doesn't seem to impact build times, and is only a temporary
workaround.

Signed-off-by: Joe Richey <joerichey@google.com>
---
 .github/workflows/tests.yml |  6 +++---
 Cargo.toml                  |  2 +-
 README.md                   | 13 ++++++-------
 build.rs                    |  9 +++++++++
 src/lib.rs                  |  7 ++-----
 5 files changed, 21 insertions(+), 16 deletions(-)
 create mode 100644 build.rs

diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
index ae4910ea..673fd370 100644
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -140,9 +140,9 @@ jobs:
           toolchain: nightly-2024-10-08
           components: rust-src
       - env:
-          RUSTFLAGS: -Dwarnings -Zsanitizer=memory --cfg getrandom_sanitize
-        # `--all-targets` is used to skip doc tests which currently fail linking
-        run: cargo test -Zbuild-std --target=x86_64-unknown-linux-gnu --all-targets
+          RUSTFLAGS: -Dwarnings -Zsanitizer=memory
+          RUSTDOCFLAGS: -Dwarnings -Zsanitizer=memory
+        run: cargo test -Zbuild-std --target=x86_64-unknown-linux-gnu
 
   cross:
     name: Cross
diff --git a/Cargo.toml b/Cargo.toml
index e8c00a58..57fe2274 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -81,7 +81,7 @@ rustc-dep-of-std = ["dep:compiler_builtins", "dep:core"]
 level = "warn"
 check-cfg = [
   'cfg(getrandom_backend, values("custom", "rdrand", "rndr", "linux_getrandom", "linux_rustix", "wasm_js", "esp_idf"))',
-  'cfg(getrandom_sanitize)',
+  'cfg(getrandom_msan)',
   'cfg(getrandom_test_linux_fallback)',
   'cfg(getrandom_test_netbsd_fallback)',
 ]
diff --git a/README.md b/README.md
index ebd1b76a..7ece9ecf 100644
--- a/README.md
+++ b/README.md
@@ -267,15 +267,14 @@ our code should correctly handle it and return an error, e.g.
 
 ## Sanitizer support
 
-If your code uses [`fill_uninit`] and you enable memory sanitization
-(i.e. `-Zsanitizer=memory`), you need to pass the `getrandom_sanitize`
-configuration flag to enable unpoisoning of the destination buffer
-filled by `fill_uninit`.
+If your code uses [`fill_uninit`] and you enable
+[MemorySanitizer](https://doc.rust-lang.org/beta/unstable-book/compiler-flags/sanitizer.html#memorysanitizer)
+(i.e. `-Zsanitizer=memory`), we will automatically handle unpoisoning
+of the destination buffer filled by `fill_uninit`.
 
-For example, it can be done as follows (requires a Nightly compiler):
+You can run sanitizer tests for your crate dependent on `getrandom` like this:
 ```sh
-RUSTFLAGS="-Zsanitizer=memory --cfg getrandom_sanitize" \
-    cargo test -Zbuild-std --target=x86_64-unknown-linux-gnu
+RUSTFLAGS="-Zsanitizer=memory" cargo test -Zbuild-std --target=x86_64-unknown-linux-gnu
 ```
 
 ## Minimum Supported Rust Version
diff --git a/build.rs b/build.rs
new file mode 100644
index 00000000..15d41919
--- /dev/null
+++ b/build.rs
@@ -0,0 +1,9 @@
+// Automatically detect cfg(sanitize = "memory") even if cfg(sanitize) isn't
+// supported. Build scripts get cfg() info, even if the cfg is unstable.
+fn main() {
+    println!("cargo:rerun-if-changed=build.rs");
+    let santizers = std::env::var("CARGO_CFG_SANITIZE").unwrap_or_default();
+    if santizers.contains("memory") {
+        println!("cargo:rustc-cfg=getrandom_msan");
+    }
+}
diff --git a/src/lib.rs b/src/lib.rs
index 5b0f47fd..2ac0ad0b 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -10,7 +10,6 @@
 #![doc = include_str!("../README.md")]
 #![warn(rust_2018_idioms, unused_lifetimes, missing_docs)]
 #![cfg_attr(docsrs, feature(doc_auto_cfg))]
-#![cfg_attr(getrandom_sanitize, feature(cfg_sanitize))]
 #![deny(
     clippy::cast_lossless,
     clippy::cast_possible_truncation,
@@ -99,8 +98,7 @@ pub fn fill_uninit(dest: &mut [MaybeUninit<u8>]) -> Result<&mut [u8], Error> {
         backends::fill_inner(dest)?;
     }
 
-    #[cfg(getrandom_sanitize)]
-    #[cfg(sanitize = "memory")]
+    #[cfg(getrandom_msan)]
     extern "C" {
         fn __msan_unpoison(a: *mut core::ffi::c_void, size: usize);
     }
@@ -108,8 +106,7 @@ pub fn fill_uninit(dest: &mut [MaybeUninit<u8>]) -> Result<&mut [u8], Error> {
     // SAFETY: `dest` has been fully initialized by `imp::fill_inner`
     // since it returned `Ok`.
     Ok(unsafe {
-        #[cfg(getrandom_sanitize)]
-        #[cfg(sanitize = "memory")]
+        #[cfg(getrandom_msan)]
         __msan_unpoison(dest.as_mut_ptr().cast(), dest.len());
 
         util::slice_assume_init_mut(dest)