go
/
gvisor
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
gvisor/tools/nogo
History
Michael Pratt 62ea5c0a22 checklinkname: rudimentary type-checking of linkname directives 
This CL introduces a 'checklinkname' analyzer, which provides rudimentary
type-checking that verifies that function signatures on the local and remote
sides of //go:linkname directives match expected values.

If the Go standard library changes the definitions of any of these function,
checklinkname will flag the change as a finding, providing an error informing
the gVisor team to adapt to the upstream changes. This allows us to eliminate
the majority of gVisor's forward-looking negative build tags, as we can catch
mismatches in testing [1].

The remaining forward-looking negative build tags are covering shared struct
definitions, which I hope to add to checklinkname in a future CL.

[1] Of course, semantics/requirements can change without the signature
changing, so we still must be careful, but this covers the common case.

PiperOrigin-RevId: 387873847
 		2021-07-30 13:42:15 -07:00
..
check Mix checklocks and atomic analyzers. 2021-07-01 15:07:56 -07:00
filter checklinkname: rudimentary type-checking of linkname directives 2021-07-30 13:42:15 -07:00
objdump Mix checklocks and atomic analyzers. 2021-07-01 15:07:56 -07:00
BUILD checklinkname: rudimentary type-checking of linkname directives 2021-07-30 13:42:15 -07:00
README.md
analyzers.go checklinkname: rudimentary type-checking of linkname directives 2021-07-30 13:42:15 -07:00
build.go Add go:build directives as required by Go 1.17's gofmt. 2021-07-20 16:28:45 -07:00
config-schema.json Add YAML validation for configuration files. 2021-01-05 10:43:04 -08:00
config.go Fix per-analyzer overrides of default-disabled groups 2021-07-26 10:26:43 -07:00
config_test.go Fix per-analyzer overrides of default-disabled groups 2021-07-26 10:26:43 -07:00
defs.bzl Mix checklocks and atomic analyzers. 2021-07-01 15:07:56 -07:00
findings.go Fix per-analyzer overrides of default-disabled groups 2021-07-26 10:26:43 -07:00
nogo.go Mix checklocks and atomic analyzers. 2021-07-01 15:07:56 -07:00

README.md

Extended "nogo" analysis

This package provides a build aspect that perform nogo analysis. This will be automatically injected to all relevant libraries when using the default go_binary and go_library rules.

It exists for several reasons.

  • The default nogo provided by bazel is insufficient with respect to the possibility of binary analysis. This package allows us to analyze the generated binary in addition to using the standard analyzers.

  • The configuration provided in this package is much richer than the standard nogo JSON blob. Specifically, it allows us to exclude specific structures from the composite rules (such as the Ranges that are common with the set types).

  • The bazel version of nogo is run directly against the go_library and go_binary targets, meaning that any change to the configuration requires a rebuild from scratch (for some reason included all C++ source files in the process). Using an aspect is more efficient in this regard.

  • The checks supported by this package are exported as tests, which makes it easier to reason about and plumb into the build system.

  • For uninteresting reasons, it is impossible to integrate the default nogo analyzer provided by bazel with internal Google tooling. To provide a consistent experience, this package allows those systems to be unified.

To use this package, import nogo_test from defs.bzl and add a single dependency which is a go_binary or go_library rule.