From 615d0911bd213489dca59b267b1d1643162da23b Mon Sep 17 00:00:00 2001
From: Ariel Ben-Yehuda <me@arielby.net>
Date: Mon, 24 Nov 2025 13:56:38 +0000
Subject: [PATCH 1/9] Implement `-Z allow-partial-mitigations` (RFC 3855)

This implements `-Z allow-partial-mitigations` as an unstable option,
currently with support for control-flow-guard and stack-protector.

As a difference from the RFC, we have `-Z allow-partial-mitigations=!foo`
rather than `-Z deny-partial-mitigations=foo`, since I couldn't find an easy
way to have an allow/deny pair of flags where the latter flag wins.

To allow for stabilization, this is only enabled starting from the next edition. Maybe a
better policy is possible (bikeshed).
---
 compiler/rustc_interface/src/passes.rs        |   3 +-
 compiler/rustc_metadata/src/creader.rs        |  51 +++++-
 compiler/rustc_metadata/src/errors.rs         |  18 ++
 compiler/rustc_metadata/src/rmeta/decoder.rs  |  18 +-
 compiler/rustc_metadata/src/rmeta/encoder.rs  |  11 +-
 compiler/rustc_metadata/src/rmeta/mod.rs      |   3 +-
 .../rustc_metadata/src/rmeta/parameterized.rs |   1 +
 compiler/rustc_session/src/config.rs          |  12 ++
 compiler/rustc_session/src/options.rs         | 172 +++++++++++++++++-
 compiler/rustc_target/src/spec/mod.rs         |   1 +
 tests/ui/README.md                            |   6 +
 .../err-allow-partial-mitigations.both.stderr |  92 ++++++++++
 ...r-allow-partial-mitigations.disable.stderr |  47 +++++
 ...-partial-mitigations.enable-disable.stderr |  47 +++++
 .../err-allow-partial-mitigations.rs          |  43 +++++
 .../err-allow-partial-mitigations.sp.stderr   |  47 +++++
 ...ow-partial-mitigations.wrong-enable.stderr |  47 +++++
 .../ok-allow-partial-mitigations-minicore.rs  |  18 ++
 .../ok-allow-partial-mitigations.rs           |  11 ++
 19 files changed, 638 insertions(+), 10 deletions(-)
 create mode 100644 tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.both.stderr
 create mode 100644 tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.disable.stderr
 create mode 100644 tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.enable-disable.stderr
 create mode 100644 tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.rs
 create mode 100644 tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.sp.stderr
 create mode 100644 tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.wrong-enable.stderr
 create mode 100644 tests/ui/allow-partial-mitigations/ok-allow-partial-mitigations-minicore.rs
 create mode 100644 tests/ui/allow-partial-mitigations/ok-allow-partial-mitigations.rs

diff --git a/compiler/rustc_interface/src/passes.rs b/compiler/rustc_interface/src/passes.rs
index a2c11c608330a..6b8201da3719d 100644
--- a/compiler/rustc_interface/src/passes.rs
+++ b/compiler/rustc_interface/src/passes.rs
@@ -302,8 +302,7 @@ fn configure_and_expand(
 
     resolver.resolve_crate(&krate);
 
-    CStore::from_tcx(tcx).report_incompatible_target_modifiers(tcx, &krate);
-    CStore::from_tcx(tcx).report_incompatible_async_drop_feature(tcx, &krate);
+    CStore::from_tcx(tcx).report_session_incompatibilities(tcx, &krate);
     krate
 }
 
diff --git a/compiler/rustc_metadata/src/creader.rs b/compiler/rustc_metadata/src/creader.rs
index 4000f12459a90..c2676b894ec95 100644
--- a/compiler/rustc_metadata/src/creader.rs
+++ b/compiler/rustc_metadata/src/creader.rs
@@ -1,5 +1,6 @@
 //! Validates all used crates and extern libraries and loads their metadata
 
+use std::collections::BTreeMap;
 use std::error::Error;
 use std::path::Path;
 use std::str::FromStr;
@@ -25,8 +26,8 @@ use rustc_middle::ty::{TyCtxt, TyCtxtFeed};
 use rustc_proc_macro::bridge::client::ProcMacro;
 use rustc_session::Session;
 use rustc_session::config::{
-    CrateType, ExtendedTargetModifierInfo, ExternLocation, Externs, OptionsTargetModifiers,
-    TargetModifier,
+    CrateType, EnforcedMitigationLevel, ExtendedTargetModifierInfo, ExternLocation, Externs,
+    OptionsTargetModifiers, TargetModifier,
 };
 use rustc_session::cstore::{CrateDepKind, CrateSource, ExternCrate, ExternCrateSource};
 use rustc_session::lint::{self, BuiltinLintDiag};
@@ -457,6 +458,12 @@ impl CStore {
         }
     }
 
+    pub fn report_session_incompatibilities(&self, tcx: TyCtxt<'_>, krate: &Crate) {
+        self.report_incompatible_target_modifiers(tcx, krate);
+        self.report_incompatible_enforced_mitigations(tcx, krate);
+        self.report_incompatible_async_drop_feature(tcx, krate);
+    }
+
     pub fn report_incompatible_target_modifiers(&self, tcx: TyCtxt<'_>, krate: &Crate) {
         for flag_name in &tcx.sess.opts.cg.unsafe_allow_abi_mismatch {
             if !OptionsTargetModifiers::is_target_modifier(flag_name) {
@@ -478,6 +485,46 @@ impl CStore {
         }
     }
 
+    pub fn report_incompatible_enforced_mitigations(&self, tcx: TyCtxt<'_>, krate: &Crate) {
+        let my_mitigations = tcx.sess.gather_enabled_enforced_mitigations();
+        let mut my_mitigations: BTreeMap<_, _> = my_mitigations
+            .iter()
+            .filter(|mitigation| mitigation.kind.enforced_since() <= tcx.sess.edition())
+            .map(|mitigation| (mitigation.kind, mitigation))
+            .collect();
+        for skipped_mitigation in tcx.sess.opts.allowed_partial_mitigations() {
+            my_mitigations.remove(&skipped_mitigation);
+        }
+        const MAX_ERRORS_PER_MITIGATION: usize = 5;
+        let mut errors_per_mitigation = BTreeMap::new();
+        for (_cnum, data) in self.iter_crate_data() {
+            if data.is_proc_macro_crate() {
+                continue;
+            }
+            let their_mitigations = data.enforced_mitigations();
+            for my_mitigation in my_mitigations.values() {
+                let their_mitigation = their_mitigations
+                    .iter()
+                    .find(|mitigation| mitigation.kind == my_mitigation.kind)
+                    .map_or(EnforcedMitigationLevel::Enabled(false), |m| m.level);
+                if their_mitigation < my_mitigation.level {
+                    let errors = errors_per_mitigation.entry(my_mitigation.kind).or_insert(0);
+                    if *errors >= MAX_ERRORS_PER_MITIGATION {
+                        continue;
+                    }
+                    *errors += 1;
+
+                    tcx.dcx().emit_err(errors::MitigationLessStrictInDependency {
+                        span: krate.spans.inner_span.shrink_to_lo(),
+                        mitigation_name: my_mitigation.kind.to_string(),
+                        mitigation_level: my_mitigation.level.level_str().to_string(),
+                        extern_crate: data.name(),
+                    });
+                }
+            }
+        }
+    }
+
     // Report about async drop types in dependency if async drop feature is disabled
     pub fn report_incompatible_async_drop_feature(&self, tcx: TyCtxt<'_>, krate: &Crate) {
         if tcx.features().async_drop() {
diff --git a/compiler/rustc_metadata/src/errors.rs b/compiler/rustc_metadata/src/errors.rs
index 7320ad98d113a..bdb227ca50e71 100644
--- a/compiler/rustc_metadata/src/errors.rs
+++ b/compiler/rustc_metadata/src/errors.rs
@@ -688,3 +688,21 @@ pub struct RawDylibMalformed {
     #[primary_span]
     pub span: Span,
 }
+
+#[derive(Diagnostic)]
+#[diag(
+    "your program uses the crate `{$extern_crate}`, that is not compiled with `{$mitigation_name}{$mitigation_level}` enabled"
+)]
+#[note(
+    "recompile `{$extern_crate}` with `{$mitigation_name}{$mitigation_level}` enabled, or use `-Z allow-partial-mitigations={$mitigation_name}` to allow creating an artifact that has the mitigation only partially enabled "
+)]
+#[help(
+    "it is possible to disable `-Z allow-partial-mitigations={$mitigation_name}` via `-Z deny-partial-mitigations={$mitigation_name}`"
+)]
+pub struct MitigationLessStrictInDependency {
+    #[primary_span]
+    pub span: Span,
+    pub mitigation_name: String,
+    pub mitigation_level: String,
+    pub extern_crate: Symbol,
+}
diff --git a/compiler/rustc_metadata/src/rmeta/decoder.rs b/compiler/rustc_metadata/src/rmeta/decoder.rs
index bd5b3893e4e8a..49b8f6e56b2ba 100644
--- a/compiler/rustc_metadata/src/rmeta/decoder.rs
+++ b/compiler/rustc_metadata/src/rmeta/decoder.rs
@@ -29,7 +29,7 @@ use rustc_middle::{bug, implement_ty_decoder};
 use rustc_proc_macro::bridge::client::ProcMacro;
 use rustc_serialize::opaque::MemDecoder;
 use rustc_serialize::{Decodable, Decoder};
-use rustc_session::config::TargetModifier;
+use rustc_session::config::{EnforcedMitigation, TargetModifier};
 use rustc_session::cstore::{CrateSource, ExternCrate};
 use rustc_span::hygiene::HygieneDecodeContext;
 use rustc_span::{
@@ -78,9 +78,12 @@ impl MetadataBlob {
 /// own crate numbers.
 pub(crate) type CrateNumMap = IndexVec<CrateNum, CrateNum>;
 
-/// Target modifiers - abi or exploit mitigations flags
+/// Target modifiers - abi or exploit mitigations flags that cause unsoundness when mixed
 pub(crate) type TargetModifiers = Vec<TargetModifier>;
 
+/// Enforced Mitigations
+pub(crate) type EnforcedMitigations = Vec<EnforcedMitigation>;
+
 pub(crate) struct CrateMetadata {
     /// The primary crate data - binary metadata blob.
     blob: MetadataBlob,
@@ -959,6 +962,13 @@ impl CrateRoot {
     ) -> impl ExactSizeIterator<Item = TargetModifier> {
         self.target_modifiers.decode(metadata)
     }
+
+    pub(crate) fn decode_enforced_mitigations<'a>(
+        &self,
+        metadata: &'a MetadataBlob,
+    ) -> impl ExactSizeIterator<Item = EnforcedMitigation> {
+        self.enforced_mitigations.decode(metadata)
+    }
 }
 
 impl<'a> CrateMetadataRef<'a> {
@@ -1939,6 +1949,10 @@ impl CrateMetadata {
         self.root.decode_target_modifiers(&self.blob).collect()
     }
 
+    pub(crate) fn enforced_mitigations(&self) -> EnforcedMitigations {
+        self.root.decode_enforced_mitigations(&self.blob).collect()
+    }
+
     /// Keep `new_extern_crate` if it looks better in diagnostics
     pub(crate) fn update_extern_crate_diagnostics(
         &mut self,
diff --git a/compiler/rustc_metadata/src/rmeta/encoder.rs b/compiler/rustc_metadata/src/rmeta/encoder.rs
index a3d8b07fb1d9a..1041864892137 100644
--- a/compiler/rustc_metadata/src/rmeta/encoder.rs
+++ b/compiler/rustc_metadata/src/rmeta/encoder.rs
@@ -27,7 +27,7 @@ use rustc_middle::ty::codec::TyEncoder;
 use rustc_middle::ty::fast_reject::{self, TreatParams};
 use rustc_middle::{bug, span_bug};
 use rustc_serialize::{Decodable, Decoder, Encodable, Encoder, opaque};
-use rustc_session::config::{CrateType, OptLevel, TargetModifier};
+use rustc_session::config::{CrateType, EnforcedMitigation, OptLevel, TargetModifier};
 use rustc_span::hygiene::HygieneEncodeContext;
 use rustc_span::{
     ByteSymbol, ExternalSource, FileName, SourceFile, SpanData, SpanEncoder, StableSourceFileId,
@@ -715,6 +715,8 @@ impl<'a, 'tcx> EncodeContext<'a, 'tcx> {
         // `SourceFiles` we actually need to encode.
         let source_map = stat!("source-map", || self.encode_source_map());
         let target_modifiers = stat!("target-modifiers", || self.encode_target_modifiers());
+        let enforced_mitigations =
+            stat!("enforced-mitigations", || self.encode_enforced_mitigations());
 
         let root = stat!("final", || {
             let attrs = tcx.hir_krate_attrs();
@@ -758,6 +760,7 @@ impl<'a, 'tcx> EncodeContext<'a, 'tcx> {
                 foreign_modules,
                 source_map,
                 target_modifiers,
+                enforced_mitigations,
                 traits,
                 impls,
                 incoherent_impls,
@@ -2102,6 +2105,12 @@ impl<'a, 'tcx> EncodeContext<'a, 'tcx> {
         self.lazy_array(tcx.sess.opts.gather_target_modifiers())
     }
 
+    fn encode_enforced_mitigations(&mut self) -> LazyArray<EnforcedMitigation> {
+        empty_proc_macro!(self);
+        let tcx = self.tcx;
+        self.lazy_array(tcx.sess.gather_enabled_enforced_mitigations())
+    }
+
     fn encode_lib_features(&mut self) -> LazyArray<(Symbol, FeatureStability)> {
         empty_proc_macro!(self);
         let tcx = self.tcx;
diff --git a/compiler/rustc_metadata/src/rmeta/mod.rs b/compiler/rustc_metadata/src/rmeta/mod.rs
index 408b50ae48df1..dc587fc9339f1 100644
--- a/compiler/rustc_metadata/src/rmeta/mod.rs
+++ b/compiler/rustc_metadata/src/rmeta/mod.rs
@@ -34,7 +34,7 @@ use rustc_middle::ty::fast_reject::SimplifiedType;
 use rustc_middle::ty::{self, Ty, TyCtxt, UnusedGenericParams};
 use rustc_middle::util::Providers;
 use rustc_serialize::opaque::FileEncoder;
-use rustc_session::config::{SymbolManglingVersion, TargetModifier};
+use rustc_session::config::{EnforcedMitigation, SymbolManglingVersion, TargetModifier};
 use rustc_session::cstore::{CrateDepKind, ForeignModule, LinkagePreference, NativeLib};
 use rustc_span::edition::Edition;
 use rustc_span::hygiene::{ExpnIndex, MacroKind, SyntaxContextKey};
@@ -285,6 +285,7 @@ pub(crate) struct CrateRoot {
 
     source_map: LazyTable<u32, Option<LazyValue<rustc_span::SourceFile>>>,
     target_modifiers: LazyArray<TargetModifier>,
+    enforced_mitigations: LazyArray<EnforcedMitigation>,
 
     compiler_builtins: bool,
     needs_allocator: bool,
diff --git a/compiler/rustc_metadata/src/rmeta/parameterized.rs b/compiler/rustc_metadata/src/rmeta/parameterized.rs
index 8a9de07836db4..ee22a08850bca 100644
--- a/compiler/rustc_metadata/src/rmeta/parameterized.rs
+++ b/compiler/rustc_metadata/src/rmeta/parameterized.rs
@@ -119,6 +119,7 @@ trivially_parameterized_over_tcx! {
     rustc_middle::ty::Visibility<DefIndex>,
     rustc_middle::ty::adjustment::CoerceUnsizedInfo,
     rustc_middle::ty::fast_reject::SimplifiedType,
+    rustc_session::config::EnforcedMitigation,
     rustc_session::config::TargetModifier,
     rustc_session::cstore::ForeignModule,
     rustc_session::cstore::LinkagePreference,
diff --git a/compiler/rustc_session/src/config.rs b/compiler/rustc_session/src/config.rs
index b278a6179fe7f..38e748b38be2b 100644
--- a/compiler/rustc_session/src/config.rs
+++ b/compiler/rustc_session/src/config.rs
@@ -1494,6 +1494,18 @@ impl Options {
     pub fn autodiff_enabled(&self) -> bool {
         self.unstable_opts.autodiff.contains(&AutoDiff::Enable)
     }
+
+    pub fn allowed_partial_mitigations(&self) -> impl Iterator<Item = EnforcedMitigationKind> {
+        let mut result = BTreeSet::default();
+        for mitigation in &self.unstable_opts.allow_partial_mitigations {
+            if mitigation.enabled {
+                result.insert(mitigation.kind);
+            } else {
+                result.remove(&mitigation.kind);
+            }
+        }
+        result.into_iter()
+    }
 }
 
 impl UnstableOptions {
diff --git a/compiler/rustc_session/src/options.rs b/compiler/rustc_session/src/options.rs
index 9219b5a7e8aca..ac3593bf7c6a6 100644
--- a/compiler/rustc_session/src/options.rs
+++ b/compiler/rustc_session/src/options.rs
@@ -1,7 +1,7 @@
 use std::collections::BTreeMap;
 use std::num::{IntErrorKind, NonZero};
 use std::path::PathBuf;
-use std::str;
+use std::str::{self, FromStr};
 
 use rustc_abi::Align;
 use rustc_data_structures::fx::FxIndexMap;
@@ -11,7 +11,7 @@ use rustc_errors::{ColorConfig, LanguageIdentifier, TerminalUrl};
 use rustc_feature::UnstableFeatures;
 use rustc_hashes::Hash64;
 use rustc_hir::attrs::CollapseMacroDebuginfo;
-use rustc_macros::{BlobDecodable, Encodable};
+use rustc_macros::{BlobDecodable, Decodable, Encodable};
 use rustc_span::edition::Edition;
 use rustc_span::{RealFileName, RemapPathScopeComponents, SourceFileHashAlgorithm};
 use rustc_target::spec::{
@@ -84,6 +84,151 @@ pub struct TargetModifier {
     pub value_name: String,
 }
 
+#[derive(Copy, Clone, Debug, PartialEq, Eq, PartialOrd, Ord, Encodable, BlobDecodable)]
+pub enum EnforcedMitigationLevel {
+    // Enabled(false) should be the bottom of the Ord hierarchy
+    Enabled(bool),
+    StackProtector(StackProtector),
+}
+
+impl EnforcedMitigationLevel {
+    pub fn level_str(&self) -> &'static str {
+        match self {
+            EnforcedMitigationLevel::StackProtector(StackProtector::All) => "=all",
+            EnforcedMitigationLevel::StackProtector(StackProtector::Basic) => "=basic",
+            EnforcedMitigationLevel::StackProtector(StackProtector::Strong) => "=strong",
+            // currently `=disabled` should not appear
+            EnforcedMitigationLevel::Enabled(false) => "=disabled",
+            EnforcedMitigationLevel::StackProtector(StackProtector::None)
+            | EnforcedMitigationLevel::Enabled(true) => "",
+        }
+    }
+}
+
+impl std::fmt::Display for EnforcedMitigationLevel {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        match self {
+            EnforcedMitigationLevel::StackProtector(StackProtector::All) => {
+                write!(f, "all")
+            }
+            EnforcedMitigationLevel::StackProtector(StackProtector::Basic) => {
+                write!(f, "basic")
+            }
+            EnforcedMitigationLevel::StackProtector(StackProtector::Strong) => {
+                write!(f, "strong")
+            }
+            EnforcedMitigationLevel::Enabled(true) => {
+                write!(f, "enabled")
+            }
+            EnforcedMitigationLevel::StackProtector(StackProtector::None)
+            | EnforcedMitigationLevel::Enabled(false) => {
+                write!(f, "disabled")
+            }
+        }
+    }
+}
+
+impl From<bool> for EnforcedMitigationLevel {
+    fn from(value: bool) -> Self {
+        EnforcedMitigationLevel::Enabled(value)
+    }
+}
+
+impl From<StackProtector> for EnforcedMitigationLevel {
+    fn from(value: StackProtector) -> Self {
+        EnforcedMitigationLevel::StackProtector(value)
+    }
+}
+
+pub struct EnforcedMitigationKindParseError;
+
+#[derive(Copy, Clone, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, Encodable, Decodable)]
+pub struct MitigationEnablement {
+    pub kind: EnforcedMitigationKind,
+    pub enabled: bool,
+}
+
+macro_rules! intersperse {
+    ($sep:expr, ($first:expr $(, $rest:expr)* $(,)?)) => {
+        concat!($first $(, $sep, $rest)*)
+    };
+}
+
+macro_rules! enforced_mitigations {
+    ([$self:ident] enum $kind:ident {$(($name:ident, $text:expr, $since:ident, $code:expr)),*}) => {
+        #[derive(Copy, Clone, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, Encodable, BlobDecodable)]
+        pub enum EnforcedMitigationKind {
+            $($name),*
+        }
+
+        impl std::fmt::Display for EnforcedMitigationKind {
+            fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+                match self {
+                    $(EnforcedMitigationKind::$name => write!(f, $text)),*
+                }
+            }
+        }
+
+        impl EnforcedMitigationKind {
+            const KINDS: &'static str = concat!("comma-separated list of mitigation kinds (available: ",
+                intersperse!(", ", ($(concat!("`", $text, "`")),*)), ")");
+        }
+
+        impl FromStr for EnforcedMitigationKind {
+            type Err = EnforcedMitigationKindParseError;
+
+            fn from_str(v: &str) -> Result<EnforcedMitigationKind, EnforcedMitigationKindParseError> {
+                match v {
+                    $($text => Ok(EnforcedMitigationKind::$name)),*
+                    ,
+                    _ => Err(EnforcedMitigationKindParseError),
+                }
+            }
+        }
+
+        #[allow(unused)]
+        impl EnforcedMitigationKind {
+            pub fn enforced_since(&self) -> Edition {
+                match self {
+                    // Should change the enforced-since edition of StackProtector to 2015
+                    // (all editions) when `-C stack-protector` is stabilized.
+                    $(EnforcedMitigationKind::$name => Edition::$since),*
+                }
+            }
+        }
+
+        impl Session {
+            pub fn gather_enabled_enforced_mitigations(&$self) -> Vec<EnforcedMitigation> {
+                let mut mitigations = [
+                    $(
+                    EnforcedMitigation {
+                        kind: EnforcedMitigationKind::$name,
+                        level: From::from($code),
+                    }
+                    ),*
+                ];
+                mitigations.sort();
+                mitigations.into_iter().collect()
+            }
+        }
+    }
+}
+
+enforced_mitigations! {
+    [self]
+    enum EnforcedMitigationKind {
+        (StackProtector, "stack-protector", EditionFuture, self.stack_protector()),
+        (ControlFlowGuard, "control-flow-guard", EditionFuture, self.opts.cg.control_flow_guard == CFGuard::Checks)
+    }
+}
+
+/// Enforced mitigations, see [RFC 3855](https://github.com/rust-lang/rfcs/pull/3855)
+#[derive(Copy, Clone, Debug, PartialEq, Eq, PartialOrd, Ord, Encodable, BlobDecodable)]
+pub struct EnforcedMitigation {
+    pub kind: EnforcedMitigationKind,
+    pub level: EnforcedMitigationLevel,
+}
+
 mod target_modifier_consistency_check {
     use super::*;
     pub(super) fn sanitizer(l: &TargetModifier, r: Option<&TargetModifier>) -> bool {
@@ -882,6 +1027,7 @@ mod desc {
     pub(crate) const parse_mir_include_spans: &str =
         "either a boolean (`yes`, `no`, `on`, `off`, etc), or `nll` (default: `nll`)";
     pub(crate) const parse_align: &str = "a number that is a power of 2 between 1 and 2^29";
+    pub(crate) const parse_allow_partial_mitigations: &str = super::EnforcedMitigationKind::KINDS;
 }
 
 pub mod parse {
@@ -2058,6 +2204,26 @@ pub mod parse {
 
         true
     }
+
+    pub(crate) fn parse_allow_partial_mitigations(
+        slot: &mut Vec<MitigationEnablement>,
+        v: Option<&str>,
+    ) -> bool {
+        match v {
+            Some(s) => {
+                for sub in s.split(',') {
+                    let (sub, enabled) =
+                        if sub.starts_with('!') { (&sub[1..], false) } else { (sub, true) };
+                    match sub.parse() {
+                        Ok(kind) => slot.push(MitigationEnablement { kind, enabled }),
+                        Err(_) => return false,
+                    }
+                }
+                true
+            }
+            None => false,
+        }
+    }
 }
 
 options! {
@@ -2219,6 +2385,8 @@ options! {
     // tidy-alphabetical-start
     allow_features: Option<Vec<String>> = (None, parse_opt_comma_list, [TRACKED],
         "only allow the listed language features to be enabled in code (comma separated)"),
+    allow_partial_mitigations: Vec<MitigationEnablement> = (Vec::new(), parse_allow_partial_mitigations, [UNTRACKED],
+        "Allow mitigations not enabled for all dependency crates (comma separated list)"),
     always_encode_mir: bool = (false, parse_bool, [TRACKED],
         "encode MIR of all functions into the crate metadata (default: no)"),
     annotate_moves: AnnotateMoves = (AnnotateMoves::Disabled, parse_annotate_moves, [TRACKED],
diff --git a/compiler/rustc_target/src/spec/mod.rs b/compiler/rustc_target/src/spec/mod.rs
index 2d2f15651c431..9aca821ab1666 100644
--- a/compiler/rustc_target/src/spec/mod.rs
+++ b/compiler/rustc_target/src/spec/mod.rs
@@ -1336,6 +1336,7 @@ impl FramePointer {
 
 crate::target_spec_enum! {
     /// Controls use of stack canaries.
+    #[derive(Encodable, BlobDecodable, HashStable_Generic)]
     pub enum StackProtector {
         /// Disable stack canary generation.
         None = "none",
diff --git a/tests/ui/README.md b/tests/ui/README.md
index 16cdde08431c0..5a44dd6e745c1 100644
--- a/tests/ui/README.md
+++ b/tests/ui/README.md
@@ -22,6 +22,12 @@ These tests exercise `#![feature(allocator_api)]` and the `#[global_allocator]`
 
 See [Allocator traits and `std::heap` #32838](https://github.com/rust-lang/rust/issues/32838).
 
+## `tests/ui/allow-partial-mitigations`
+
+These tests exercise the check against partial mitigation enforcement.
+
+See [the mitigation enforcement RFC](https://github.com/rust-lang/rfcs/pull/3855).
+
 ## `tests/ui/annotate-moves`
 
 These tests exercise the `annotate-moves` feature.
diff --git a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.both.stderr b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.both.stderr
new file mode 100644
index 0000000000000..35801653495ef
--- /dev/null
+++ b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.both.stderr
@@ -0,0 +1,92 @@
+error: your program uses the crate `std`, that is not compiled with `stack-protector=all` enabled
+  --> $DIR/err-allow-partial-mitigations.rs:13:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `std` with `stack-protector=all` enabled, or use `-Z allow-partial-mitigations=stack-protector` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
+
+error: your program uses the crate `std`, that is not compiled with `control-flow-guard` enabled
+  --> $DIR/err-allow-partial-mitigations.rs:13:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `std` with `control-flow-guard` enabled, or use `-Z allow-partial-mitigations=control-flow-guard` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=control-flow-guard` via `-Z deny-partial-mitigations=control-flow-guard`
+
+error: your program uses the crate `core`, that is not compiled with `stack-protector=all` enabled
+  --> $DIR/err-allow-partial-mitigations.rs:13:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `core` with `stack-protector=all` enabled, or use `-Z allow-partial-mitigations=stack-protector` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
+
+error: your program uses the crate `core`, that is not compiled with `control-flow-guard` enabled
+  --> $DIR/err-allow-partial-mitigations.rs:13:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `core` with `control-flow-guard` enabled, or use `-Z allow-partial-mitigations=control-flow-guard` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=control-flow-guard` via `-Z deny-partial-mitigations=control-flow-guard`
+
+error: your program uses the crate `alloc`, that is not compiled with `stack-protector=all` enabled
+  --> $DIR/err-allow-partial-mitigations.rs:13:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `alloc` with `stack-protector=all` enabled, or use `-Z allow-partial-mitigations=stack-protector` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
+
+error: your program uses the crate `alloc`, that is not compiled with `control-flow-guard` enabled
+  --> $DIR/err-allow-partial-mitigations.rs:13:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `alloc` with `control-flow-guard` enabled, or use `-Z allow-partial-mitigations=control-flow-guard` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=control-flow-guard` via `-Z deny-partial-mitigations=control-flow-guard`
+
+error: your program uses the crate `compiler_builtins`, that is not compiled with `stack-protector=all` enabled
+  --> $DIR/err-allow-partial-mitigations.rs:13:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `compiler_builtins` with `stack-protector=all` enabled, or use `-Z allow-partial-mitigations=stack-protector` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
+
+error: your program uses the crate `compiler_builtins`, that is not compiled with `control-flow-guard` enabled
+  --> $DIR/err-allow-partial-mitigations.rs:13:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `compiler_builtins` with `control-flow-guard` enabled, or use `-Z allow-partial-mitigations=control-flow-guard` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=control-flow-guard` via `-Z deny-partial-mitigations=control-flow-guard`
+
+error: your program uses the crate `libc`, that is not compiled with `stack-protector=all` enabled
+  --> $DIR/err-allow-partial-mitigations.rs:13:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `libc` with `stack-protector=all` enabled, or use `-Z allow-partial-mitigations=stack-protector` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
+
+error: your program uses the crate `libc`, that is not compiled with `control-flow-guard` enabled
+  --> $DIR/err-allow-partial-mitigations.rs:13:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `libc` with `control-flow-guard` enabled, or use `-Z allow-partial-mitigations=control-flow-guard` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=control-flow-guard` via `-Z deny-partial-mitigations=control-flow-guard`
+
+error: aborting due to 10 previous errors
+
diff --git a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.disable.stderr b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.disable.stderr
new file mode 100644
index 0000000000000..f0e48e02347b3
--- /dev/null
+++ b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.disable.stderr
@@ -0,0 +1,47 @@
+error: your program uses the crate `std`, that is not compiled with `stack-protector=all` enabled
+  --> $DIR/err-allow-partial-mitigations.rs:13:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `std` with `stack-protector=all` enabled, or use `-Z allow-partial-mitigations=stack-protector` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
+
+error: your program uses the crate `core`, that is not compiled with `stack-protector=all` enabled
+  --> $DIR/err-allow-partial-mitigations.rs:13:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `core` with `stack-protector=all` enabled, or use `-Z allow-partial-mitigations=stack-protector` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
+
+error: your program uses the crate `alloc`, that is not compiled with `stack-protector=all` enabled
+  --> $DIR/err-allow-partial-mitigations.rs:13:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `alloc` with `stack-protector=all` enabled, or use `-Z allow-partial-mitigations=stack-protector` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
+
+error: your program uses the crate `compiler_builtins`, that is not compiled with `stack-protector=all` enabled
+  --> $DIR/err-allow-partial-mitigations.rs:13:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `compiler_builtins` with `stack-protector=all` enabled, or use `-Z allow-partial-mitigations=stack-protector` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
+
+error: your program uses the crate `libc`, that is not compiled with `stack-protector=all` enabled
+  --> $DIR/err-allow-partial-mitigations.rs:13:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `libc` with `stack-protector=all` enabled, or use `-Z allow-partial-mitigations=stack-protector` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
+
+error: aborting due to 5 previous errors
+
diff --git a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.enable-disable.stderr b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.enable-disable.stderr
new file mode 100644
index 0000000000000..f0e48e02347b3
--- /dev/null
+++ b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.enable-disable.stderr
@@ -0,0 +1,47 @@
+error: your program uses the crate `std`, that is not compiled with `stack-protector=all` enabled
+  --> $DIR/err-allow-partial-mitigations.rs:13:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `std` with `stack-protector=all` enabled, or use `-Z allow-partial-mitigations=stack-protector` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
+
+error: your program uses the crate `core`, that is not compiled with `stack-protector=all` enabled
+  --> $DIR/err-allow-partial-mitigations.rs:13:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `core` with `stack-protector=all` enabled, or use `-Z allow-partial-mitigations=stack-protector` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
+
+error: your program uses the crate `alloc`, that is not compiled with `stack-protector=all` enabled
+  --> $DIR/err-allow-partial-mitigations.rs:13:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `alloc` with `stack-protector=all` enabled, or use `-Z allow-partial-mitigations=stack-protector` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
+
+error: your program uses the crate `compiler_builtins`, that is not compiled with `stack-protector=all` enabled
+  --> $DIR/err-allow-partial-mitigations.rs:13:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `compiler_builtins` with `stack-protector=all` enabled, or use `-Z allow-partial-mitigations=stack-protector` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
+
+error: your program uses the crate `libc`, that is not compiled with `stack-protector=all` enabled
+  --> $DIR/err-allow-partial-mitigations.rs:13:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `libc` with `stack-protector=all` enabled, or use `-Z allow-partial-mitigations=stack-protector` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
+
+error: aborting due to 5 previous errors
+
diff --git a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.rs b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.rs
new file mode 100644
index 0000000000000..0aa1c5933ea53
--- /dev/null
+++ b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.rs
@@ -0,0 +1,43 @@
+// ignore-tidy-linelength
+//@ revisions: sp both disable enable-disable wrong-enable
+//@ check-fail
+//@ ignore-nvptx64 stack protector is not supported
+//@ ignore-wasm32-unknown-unknown stack protector is not supported
+//@ edition:future
+//@ [both] compile-flags: -Z unstable-options -C control-flow-guard=on -Z stack-protector=all
+//@ [sp] compile-flags:  -Z unstable-options -Z stack-protector=all
+//@ [disable] compile-flags: -Z unstable-options -Z allow-partial-mitigations=!stack-protector -Z stack-protector=all
+//@ [enable-disable] compile-flags: -Z unstable-options -Z allow-partial-mitigations=stack-protector -Z allow-partial-mitigations=!stack-protector -Z stack-protector=all
+//@ [wrong-enable] compile-flags: -Z unstable-options -Z allow-partial-mitigations=control-flow-guard -Z stack-protector=all
+
+fn main() {}
+//[both]~^ ERROR that is not compiled with
+//[both]~| ERROR that is not compiled with
+//[both]~| ERROR that is not compiled with
+//[both]~| ERROR that is not compiled with
+//[both]~| ERROR that is not compiled with
+//[both]~| ERROR that is not compiled with
+//[both]~| ERROR that is not compiled with
+//[both]~| ERROR that is not compiled with
+//[both]~| ERROR that is not compiled with
+//[both]~| ERROR that is not compiled with
+//[sp]~^^^^^^^^^^^ ERROR that is not compiled with
+//[sp]~| ERROR that is not compiled with
+//[sp]~| ERROR that is not compiled with
+//[sp]~| ERROR that is not compiled with
+//[sp]~| ERROR that is not compiled with
+//[disable]~^^^^^^^^^^^^^^^^ ERROR that is not compiled with
+//[disable]~| ERROR that is not compiled with
+//[disable]~| ERROR that is not compiled with
+//[disable]~| ERROR that is not compiled with
+//[disable]~| ERROR that is not compiled with
+//[enable-disable]~^^^^^^^^^^^^^^^^^^^^^ ERROR that is not compiled with
+//[enable-disable]~| ERROR that is not compiled with
+//[enable-disable]~| ERROR that is not compiled with
+//[enable-disable]~| ERROR that is not compiled with
+//[enable-disable]~| ERROR that is not compiled with
+//[wrong-enable]~^^^^^^^^^^^^^^^^^^^^^^^^^^ ERROR that is not compiled with
+//[wrong-enable]~| ERROR that is not compiled with
+//[wrong-enable]~| ERROR that is not compiled with
+//[wrong-enable]~| ERROR that is not compiled with
+//[wrong-enable]~| ERROR that is not compiled with
diff --git a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.sp.stderr b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.sp.stderr
new file mode 100644
index 0000000000000..f0e48e02347b3
--- /dev/null
+++ b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.sp.stderr
@@ -0,0 +1,47 @@
+error: your program uses the crate `std`, that is not compiled with `stack-protector=all` enabled
+  --> $DIR/err-allow-partial-mitigations.rs:13:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `std` with `stack-protector=all` enabled, or use `-Z allow-partial-mitigations=stack-protector` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
+
+error: your program uses the crate `core`, that is not compiled with `stack-protector=all` enabled
+  --> $DIR/err-allow-partial-mitigations.rs:13:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `core` with `stack-protector=all` enabled, or use `-Z allow-partial-mitigations=stack-protector` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
+
+error: your program uses the crate `alloc`, that is not compiled with `stack-protector=all` enabled
+  --> $DIR/err-allow-partial-mitigations.rs:13:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `alloc` with `stack-protector=all` enabled, or use `-Z allow-partial-mitigations=stack-protector` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
+
+error: your program uses the crate `compiler_builtins`, that is not compiled with `stack-protector=all` enabled
+  --> $DIR/err-allow-partial-mitigations.rs:13:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `compiler_builtins` with `stack-protector=all` enabled, or use `-Z allow-partial-mitigations=stack-protector` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
+
+error: your program uses the crate `libc`, that is not compiled with `stack-protector=all` enabled
+  --> $DIR/err-allow-partial-mitigations.rs:13:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `libc` with `stack-protector=all` enabled, or use `-Z allow-partial-mitigations=stack-protector` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
+
+error: aborting due to 5 previous errors
+
diff --git a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.wrong-enable.stderr b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.wrong-enable.stderr
new file mode 100644
index 0000000000000..f0e48e02347b3
--- /dev/null
+++ b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.wrong-enable.stderr
@@ -0,0 +1,47 @@
+error: your program uses the crate `std`, that is not compiled with `stack-protector=all` enabled
+  --> $DIR/err-allow-partial-mitigations.rs:13:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `std` with `stack-protector=all` enabled, or use `-Z allow-partial-mitigations=stack-protector` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
+
+error: your program uses the crate `core`, that is not compiled with `stack-protector=all` enabled
+  --> $DIR/err-allow-partial-mitigations.rs:13:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `core` with `stack-protector=all` enabled, or use `-Z allow-partial-mitigations=stack-protector` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
+
+error: your program uses the crate `alloc`, that is not compiled with `stack-protector=all` enabled
+  --> $DIR/err-allow-partial-mitigations.rs:13:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `alloc` with `stack-protector=all` enabled, or use `-Z allow-partial-mitigations=stack-protector` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
+
+error: your program uses the crate `compiler_builtins`, that is not compiled with `stack-protector=all` enabled
+  --> $DIR/err-allow-partial-mitigations.rs:13:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `compiler_builtins` with `stack-protector=all` enabled, or use `-Z allow-partial-mitigations=stack-protector` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
+
+error: your program uses the crate `libc`, that is not compiled with `stack-protector=all` enabled
+  --> $DIR/err-allow-partial-mitigations.rs:13:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `libc` with `stack-protector=all` enabled, or use `-Z allow-partial-mitigations=stack-protector` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
+
+error: aborting due to 5 previous errors
+
diff --git a/tests/ui/allow-partial-mitigations/ok-allow-partial-mitigations-minicore.rs b/tests/ui/allow-partial-mitigations/ok-allow-partial-mitigations-minicore.rs
new file mode 100644
index 0000000000000..16eecd455dbe0
--- /dev/null
+++ b/tests/ui/allow-partial-mitigations/ok-allow-partial-mitigations-minicore.rs
@@ -0,0 +1,18 @@
+// ignore-tidy-linelength
+//@ check-pass
+//@ add-minicore
+//@ edition:future
+//@ revisions: default deny
+//@[default] compile-flags: -Z unstable-options -Z stack-protector=all
+//@[deny] compile-flags: -Z allow-partial-mitigations=!stack-protector -Z unstable-options -Z stack-protector=all
+
+// ^ enables stack-protector for both minicore and this crate
+
+#![crate_type = "lib"]
+#![feature(no_core)]
+#![no_std]
+#![no_core]
+
+extern crate minicore;
+
+pub fn foo() {}
diff --git a/tests/ui/allow-partial-mitigations/ok-allow-partial-mitigations.rs b/tests/ui/allow-partial-mitigations/ok-allow-partial-mitigations.rs
new file mode 100644
index 0000000000000..c0ec555305841
--- /dev/null
+++ b/tests/ui/allow-partial-mitigations/ok-allow-partial-mitigations.rs
@@ -0,0 +1,11 @@
+// ignore-tidy-linelength
+//@ revisions: sp both disable-enable
+//@ check-pass
+//@ edition:future
+//@ ignore-nvptx64 stack protector is not supported
+//@ ignore-wasm32-unknown-unknown stack protector is not supported
+//@ [both] compile-flags: -Z unstable-options -Z allow-partial-mitigations=stack-protector,control-flow-guard -C control-flow-guard=on -Z stack-protector=all
+//@ [sp] compile-flags:  -Z unstable-options -Z allow-partial-mitigations=stack-protector -Z stack-protector=all
+//@ [disable-enable] compile-flags: -Z unstable-options -Z allow-partial-mitigations=!stack-protector -Z allow-partial-mitigations=stack-protector -Z stack-protector=all
+
+fn main() {}

From be3a932517e8c84a16800ca96dd1e1eacc6a6cc8 Mon Sep 17 00:00:00 2001
From: Ariel Ben-Yehuda <me@arielby.net>
Date: Wed, 26 Nov 2025 20:14:39 +0000
Subject: [PATCH 2/9] address review comments

---
 compiler/rustc_metadata/src/creader.rs        |   5 +-
 compiler/rustc_metadata/src/rmeta/decoder.rs  |   3 +-
 compiler/rustc_metadata/src/rmeta/encoder.rs  |   3 +-
 compiler/rustc_metadata/src/rmeta/mod.rs      |   3 +-
 .../rustc_metadata/src/rmeta/parameterized.rs |   2 +-
 compiler/rustc_session/src/config.rs          |   1 +
 compiler/rustc_session/src/options.rs         | 154 +-----------------
 .../src/options/enforced_mitigations.rs       | 153 +++++++++++++++++
 8 files changed, 171 insertions(+), 153 deletions(-)
 create mode 100644 compiler/rustc_session/src/options/enforced_mitigations.rs

diff --git a/compiler/rustc_metadata/src/creader.rs b/compiler/rustc_metadata/src/creader.rs
index c2676b894ec95..f05b8549fbc5b 100644
--- a/compiler/rustc_metadata/src/creader.rs
+++ b/compiler/rustc_metadata/src/creader.rs
@@ -25,9 +25,10 @@ use rustc_middle::ty::data_structures::IndexSet;
 use rustc_middle::ty::{TyCtxt, TyCtxtFeed};
 use rustc_proc_macro::bridge::client::ProcMacro;
 use rustc_session::Session;
+use rustc_session::config::enforced_mitigations::EnforcedMitigationLevel;
 use rustc_session::config::{
-    CrateType, EnforcedMitigationLevel, ExtendedTargetModifierInfo, ExternLocation, Externs,
-    OptionsTargetModifiers, TargetModifier,
+    CrateType, ExtendedTargetModifierInfo, ExternLocation, Externs, OptionsTargetModifiers,
+    TargetModifier,
 };
 use rustc_session::cstore::{CrateDepKind, CrateSource, ExternCrate, ExternCrateSource};
 use rustc_session::lint::{self, BuiltinLintDiag};
diff --git a/compiler/rustc_metadata/src/rmeta/decoder.rs b/compiler/rustc_metadata/src/rmeta/decoder.rs
index 49b8f6e56b2ba..3f889f95b2917 100644
--- a/compiler/rustc_metadata/src/rmeta/decoder.rs
+++ b/compiler/rustc_metadata/src/rmeta/decoder.rs
@@ -29,7 +29,8 @@ use rustc_middle::{bug, implement_ty_decoder};
 use rustc_proc_macro::bridge::client::ProcMacro;
 use rustc_serialize::opaque::MemDecoder;
 use rustc_serialize::{Decodable, Decoder};
-use rustc_session::config::{EnforcedMitigation, TargetModifier};
+use rustc_session::config::TargetModifier;
+use rustc_session::config::enforced_mitigations::EnforcedMitigation;
 use rustc_session::cstore::{CrateSource, ExternCrate};
 use rustc_span::hygiene::HygieneDecodeContext;
 use rustc_span::{
diff --git a/compiler/rustc_metadata/src/rmeta/encoder.rs b/compiler/rustc_metadata/src/rmeta/encoder.rs
index 1041864892137..b4812fcc9fc70 100644
--- a/compiler/rustc_metadata/src/rmeta/encoder.rs
+++ b/compiler/rustc_metadata/src/rmeta/encoder.rs
@@ -27,7 +27,8 @@ use rustc_middle::ty::codec::TyEncoder;
 use rustc_middle::ty::fast_reject::{self, TreatParams};
 use rustc_middle::{bug, span_bug};
 use rustc_serialize::{Decodable, Decoder, Encodable, Encoder, opaque};
-use rustc_session::config::{CrateType, EnforcedMitigation, OptLevel, TargetModifier};
+use rustc_session::config::enforced_mitigations::EnforcedMitigation;
+use rustc_session::config::{CrateType, OptLevel, TargetModifier};
 use rustc_span::hygiene::HygieneEncodeContext;
 use rustc_span::{
     ByteSymbol, ExternalSource, FileName, SourceFile, SpanData, SpanEncoder, StableSourceFileId,
diff --git a/compiler/rustc_metadata/src/rmeta/mod.rs b/compiler/rustc_metadata/src/rmeta/mod.rs
index dc587fc9339f1..57f7c9b97dd01 100644
--- a/compiler/rustc_metadata/src/rmeta/mod.rs
+++ b/compiler/rustc_metadata/src/rmeta/mod.rs
@@ -34,7 +34,8 @@ use rustc_middle::ty::fast_reject::SimplifiedType;
 use rustc_middle::ty::{self, Ty, TyCtxt, UnusedGenericParams};
 use rustc_middle::util::Providers;
 use rustc_serialize::opaque::FileEncoder;
-use rustc_session::config::{EnforcedMitigation, SymbolManglingVersion, TargetModifier};
+use rustc_session::config::enforced_mitigations::EnforcedMitigation;
+use rustc_session::config::{SymbolManglingVersion, TargetModifier};
 use rustc_session::cstore::{CrateDepKind, ForeignModule, LinkagePreference, NativeLib};
 use rustc_span::edition::Edition;
 use rustc_span::hygiene::{ExpnIndex, MacroKind, SyntaxContextKey};
diff --git a/compiler/rustc_metadata/src/rmeta/parameterized.rs b/compiler/rustc_metadata/src/rmeta/parameterized.rs
index ee22a08850bca..8debefd21a070 100644
--- a/compiler/rustc_metadata/src/rmeta/parameterized.rs
+++ b/compiler/rustc_metadata/src/rmeta/parameterized.rs
@@ -119,8 +119,8 @@ trivially_parameterized_over_tcx! {
     rustc_middle::ty::Visibility<DefIndex>,
     rustc_middle::ty::adjustment::CoerceUnsizedInfo,
     rustc_middle::ty::fast_reject::SimplifiedType,
-    rustc_session::config::EnforcedMitigation,
     rustc_session::config::TargetModifier,
+    rustc_session::config::enforced_mitigations::EnforcedMitigation,
     rustc_session::cstore::ForeignModule,
     rustc_session::cstore::LinkagePreference,
     rustc_session::cstore::NativeLib,
diff --git a/compiler/rustc_session/src/config.rs b/compiler/rustc_session/src/config.rs
index 38e748b38be2b..87f3a121758a3 100644
--- a/compiler/rustc_session/src/config.rs
+++ b/compiler/rustc_session/src/config.rs
@@ -32,6 +32,7 @@ use rustc_target::spec::{
 use tracing::debug;
 
 pub use crate::config::cfg::{Cfg, CheckCfg, ExpectedValues};
+use crate::config::enforced_mitigations::EnforcedMitigationKind;
 use crate::config::native_libs::parse_native_libs;
 pub use crate::config::print_request::{PrintKind, PrintRequest};
 use crate::errors::FileWriteFail;
diff --git a/compiler/rustc_session/src/options.rs b/compiler/rustc_session/src/options.rs
index ac3593bf7c6a6..b057213939c32 100644
--- a/compiler/rustc_session/src/options.rs
+++ b/compiler/rustc_session/src/options.rs
@@ -1,7 +1,7 @@
 use std::collections::BTreeMap;
 use std::num::{IntErrorKind, NonZero};
 use std::path::PathBuf;
-use std::str::{self, FromStr};
+use std::str;
 
 use rustc_abi::Align;
 use rustc_data_structures::fx::FxIndexMap;
@@ -11,7 +11,7 @@ use rustc_errors::{ColorConfig, LanguageIdentifier, TerminalUrl};
 use rustc_feature::UnstableFeatures;
 use rustc_hashes::Hash64;
 use rustc_hir::attrs::CollapseMacroDebuginfo;
-use rustc_macros::{BlobDecodable, Decodable, Encodable};
+use rustc_macros::{BlobDecodable, Encodable};
 use rustc_span::edition::Edition;
 use rustc_span::{RealFileName, RemapPathScopeComponents, SourceFileHashAlgorithm};
 use rustc_target::spec::{
@@ -20,6 +20,7 @@ use rustc_target::spec::{
     TargetTuple, TlsModel,
 };
 
+use crate::config::enforced_mitigations::MitigationEnablement;
 use crate::config::*;
 use crate::search_paths::SearchPath;
 use crate::utils::NativeLib;
@@ -84,150 +85,7 @@ pub struct TargetModifier {
     pub value_name: String,
 }
 
-#[derive(Copy, Clone, Debug, PartialEq, Eq, PartialOrd, Ord, Encodable, BlobDecodable)]
-pub enum EnforcedMitigationLevel {
-    // Enabled(false) should be the bottom of the Ord hierarchy
-    Enabled(bool),
-    StackProtector(StackProtector),
-}
-
-impl EnforcedMitigationLevel {
-    pub fn level_str(&self) -> &'static str {
-        match self {
-            EnforcedMitigationLevel::StackProtector(StackProtector::All) => "=all",
-            EnforcedMitigationLevel::StackProtector(StackProtector::Basic) => "=basic",
-            EnforcedMitigationLevel::StackProtector(StackProtector::Strong) => "=strong",
-            // currently `=disabled` should not appear
-            EnforcedMitigationLevel::Enabled(false) => "=disabled",
-            EnforcedMitigationLevel::StackProtector(StackProtector::None)
-            | EnforcedMitigationLevel::Enabled(true) => "",
-        }
-    }
-}
-
-impl std::fmt::Display for EnforcedMitigationLevel {
-    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
-        match self {
-            EnforcedMitigationLevel::StackProtector(StackProtector::All) => {
-                write!(f, "all")
-            }
-            EnforcedMitigationLevel::StackProtector(StackProtector::Basic) => {
-                write!(f, "basic")
-            }
-            EnforcedMitigationLevel::StackProtector(StackProtector::Strong) => {
-                write!(f, "strong")
-            }
-            EnforcedMitigationLevel::Enabled(true) => {
-                write!(f, "enabled")
-            }
-            EnforcedMitigationLevel::StackProtector(StackProtector::None)
-            | EnforcedMitigationLevel::Enabled(false) => {
-                write!(f, "disabled")
-            }
-        }
-    }
-}
-
-impl From<bool> for EnforcedMitigationLevel {
-    fn from(value: bool) -> Self {
-        EnforcedMitigationLevel::Enabled(value)
-    }
-}
-
-impl From<StackProtector> for EnforcedMitigationLevel {
-    fn from(value: StackProtector) -> Self {
-        EnforcedMitigationLevel::StackProtector(value)
-    }
-}
-
-pub struct EnforcedMitigationKindParseError;
-
-#[derive(Copy, Clone, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, Encodable, Decodable)]
-pub struct MitigationEnablement {
-    pub kind: EnforcedMitigationKind,
-    pub enabled: bool,
-}
-
-macro_rules! intersperse {
-    ($sep:expr, ($first:expr $(, $rest:expr)* $(,)?)) => {
-        concat!($first $(, $sep, $rest)*)
-    };
-}
-
-macro_rules! enforced_mitigations {
-    ([$self:ident] enum $kind:ident {$(($name:ident, $text:expr, $since:ident, $code:expr)),*}) => {
-        #[derive(Copy, Clone, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, Encodable, BlobDecodable)]
-        pub enum EnforcedMitigationKind {
-            $($name),*
-        }
-
-        impl std::fmt::Display for EnforcedMitigationKind {
-            fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
-                match self {
-                    $(EnforcedMitigationKind::$name => write!(f, $text)),*
-                }
-            }
-        }
-
-        impl EnforcedMitigationKind {
-            const KINDS: &'static str = concat!("comma-separated list of mitigation kinds (available: ",
-                intersperse!(", ", ($(concat!("`", $text, "`")),*)), ")");
-        }
-
-        impl FromStr for EnforcedMitigationKind {
-            type Err = EnforcedMitigationKindParseError;
-
-            fn from_str(v: &str) -> Result<EnforcedMitigationKind, EnforcedMitigationKindParseError> {
-                match v {
-                    $($text => Ok(EnforcedMitigationKind::$name)),*
-                    ,
-                    _ => Err(EnforcedMitigationKindParseError),
-                }
-            }
-        }
-
-        #[allow(unused)]
-        impl EnforcedMitigationKind {
-            pub fn enforced_since(&self) -> Edition {
-                match self {
-                    // Should change the enforced-since edition of StackProtector to 2015
-                    // (all editions) when `-C stack-protector` is stabilized.
-                    $(EnforcedMitigationKind::$name => Edition::$since),*
-                }
-            }
-        }
-
-        impl Session {
-            pub fn gather_enabled_enforced_mitigations(&$self) -> Vec<EnforcedMitigation> {
-                let mut mitigations = [
-                    $(
-                    EnforcedMitigation {
-                        kind: EnforcedMitigationKind::$name,
-                        level: From::from($code),
-                    }
-                    ),*
-                ];
-                mitigations.sort();
-                mitigations.into_iter().collect()
-            }
-        }
-    }
-}
-
-enforced_mitigations! {
-    [self]
-    enum EnforcedMitigationKind {
-        (StackProtector, "stack-protector", EditionFuture, self.stack_protector()),
-        (ControlFlowGuard, "control-flow-guard", EditionFuture, self.opts.cg.control_flow_guard == CFGuard::Checks)
-    }
-}
-
-/// Enforced mitigations, see [RFC 3855](https://github.com/rust-lang/rfcs/pull/3855)
-#[derive(Copy, Clone, Debug, PartialEq, Eq, PartialOrd, Ord, Encodable, BlobDecodable)]
-pub struct EnforcedMitigation {
-    pub kind: EnforcedMitigationKind,
-    pub level: EnforcedMitigationLevel,
-}
+pub mod enforced_mitigations;
 
 mod target_modifier_consistency_check {
     use super::*;
@@ -1027,13 +885,15 @@ mod desc {
     pub(crate) const parse_mir_include_spans: &str =
         "either a boolean (`yes`, `no`, `on`, `off`, etc), or `nll` (default: `nll`)";
     pub(crate) const parse_align: &str = "a number that is a power of 2 between 1 and 2^29";
-    pub(crate) const parse_allow_partial_mitigations: &str = super::EnforcedMitigationKind::KINDS;
+    pub(crate) const parse_allow_partial_mitigations: &str =
+        super::enforced_mitigations::EnforcedMitigationKind::KINDS;
 }
 
 pub mod parse {
     use std::str::FromStr;
 
     pub(crate) use super::*;
+    use crate::config::enforced_mitigations::MitigationEnablement;
     pub(crate) const MAX_THREADS_CAP: usize = 256;
 
     /// This is for boolean options that don't take a value, and are true simply
diff --git a/compiler/rustc_session/src/options/enforced_mitigations.rs b/compiler/rustc_session/src/options/enforced_mitigations.rs
new file mode 100644
index 0000000000000..7b965595fbdde
--- /dev/null
+++ b/compiler/rustc_session/src/options/enforced_mitigations.rs
@@ -0,0 +1,153 @@
+use std::str::FromStr;
+
+use rustc_macros::{BlobDecodable, Encodable};
+use rustc_span::edition::Edition;
+use rustc_target::spec::StackProtector;
+
+use crate::Session;
+use crate::options::CFGuard;
+
+#[derive(Copy, Clone, Debug, PartialEq, Eq, PartialOrd, Ord, Encodable, BlobDecodable)]
+pub enum EnforcedMitigationLevel {
+    // Enabled(false) should be the bottom of the Ord hierarchy
+    Enabled(bool),
+    StackProtector(StackProtector),
+}
+
+impl EnforcedMitigationLevel {
+    pub fn level_str(&self) -> &'static str {
+        match self {
+            EnforcedMitigationLevel::StackProtector(StackProtector::All) => "=all",
+            EnforcedMitigationLevel::StackProtector(StackProtector::Basic) => "=basic",
+            EnforcedMitigationLevel::StackProtector(StackProtector::Strong) => "=strong",
+            // currently `=disabled` should not appear
+            EnforcedMitigationLevel::Enabled(false) => "=disabled",
+            EnforcedMitigationLevel::StackProtector(StackProtector::None)
+            | EnforcedMitigationLevel::Enabled(true) => "",
+        }
+    }
+}
+
+impl std::fmt::Display for EnforcedMitigationLevel {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        match self {
+            EnforcedMitigationLevel::StackProtector(StackProtector::All) => {
+                write!(f, "all")
+            }
+            EnforcedMitigationLevel::StackProtector(StackProtector::Basic) => {
+                write!(f, "basic")
+            }
+            EnforcedMitigationLevel::StackProtector(StackProtector::Strong) => {
+                write!(f, "strong")
+            }
+            EnforcedMitigationLevel::Enabled(true) => {
+                write!(f, "enabled")
+            }
+            EnforcedMitigationLevel::StackProtector(StackProtector::None)
+            | EnforcedMitigationLevel::Enabled(false) => {
+                write!(f, "disabled")
+            }
+        }
+    }
+}
+
+impl From<bool> for EnforcedMitigationLevel {
+    fn from(value: bool) -> Self {
+        EnforcedMitigationLevel::Enabled(value)
+    }
+}
+
+impl From<StackProtector> for EnforcedMitigationLevel {
+    fn from(value: StackProtector) -> Self {
+        EnforcedMitigationLevel::StackProtector(value)
+    }
+}
+
+pub struct EnforcedMitigationKindParseError;
+
+#[derive(Copy, Clone, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, Encodable, BlobDecodable)]
+pub struct MitigationEnablement {
+    pub kind: EnforcedMitigationKind,
+    pub enabled: bool,
+}
+
+macro_rules! intersperse {
+    ($sep:expr, ($first:expr $(, $rest:expr)* $(,)?)) => {
+        concat!($first $(, $sep, $rest)*)
+    };
+}
+
+macro_rules! enforced_mitigations {
+    ([$self:ident] enum $kind:ident {$(($name:ident, $text:expr, $since:ident, $code:expr)),*}) => {
+        #[derive(Copy, Clone, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, Encodable, BlobDecodable)]
+        pub enum EnforcedMitigationKind {
+            $($name),*
+        }
+
+        impl std::fmt::Display for EnforcedMitigationKind {
+            fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+                match self {
+                    $(EnforcedMitigationKind::$name => write!(f, $text)),*
+                }
+            }
+        }
+
+        impl EnforcedMitigationKind {
+            pub(crate) const KINDS: &'static str = concat!("comma-separated list of mitigation kinds (available: ",
+                intersperse!(", ", ($(concat!("`", $text, "`")),*)), ")");
+        }
+
+        impl FromStr for EnforcedMitigationKind {
+            type Err = EnforcedMitigationKindParseError;
+
+            fn from_str(v: &str) -> Result<EnforcedMitigationKind, EnforcedMitigationKindParseError> {
+                match v {
+                    $($text => Ok(EnforcedMitigationKind::$name)),*
+                    ,
+                    _ => Err(EnforcedMitigationKindParseError),
+                }
+            }
+        }
+
+        #[allow(unused)]
+        impl EnforcedMitigationKind {
+            pub fn enforced_since(&self) -> Edition {
+                match self {
+                    // Should change the enforced-since edition of StackProtector to 2015
+                    // (all editions) when `-C stack-protector` is stabilized.
+                    $(EnforcedMitigationKind::$name => Edition::$since),*
+                }
+            }
+        }
+
+        impl Session {
+            pub fn gather_enabled_enforced_mitigations(&$self) -> Vec<EnforcedMitigation> {
+                let mut mitigations = [
+                    $(
+                    EnforcedMitigation {
+                        kind: EnforcedMitigationKind::$name,
+                        level: From::from($code),
+                    }
+                    ),*
+                ];
+                mitigations.sort();
+                mitigations.into_iter().collect()
+            }
+        }
+    }
+}
+
+enforced_mitigations! {
+    [self]
+    enum EnforcedMitigationKind {
+        (StackProtector, "stack-protector", EditionFuture, self.stack_protector()),
+        (ControlFlowGuard, "control-flow-guard", EditionFuture, self.opts.cg.control_flow_guard == CFGuard::Checks)
+    }
+}
+
+/// Enforced mitigations, see [RFC 3855](https://github.com/rust-lang/rfcs/pull/3855)
+#[derive(Copy, Clone, Debug, PartialEq, Eq, PartialOrd, Ord, Encodable, BlobDecodable)]
+pub struct EnforcedMitigation {
+    pub kind: EnforcedMitigationKind,
+    pub level: EnforcedMitigationLevel,
+}

From 2fe3d41d388ca055435b2c12ce51caec44587481 Mon Sep 17 00:00:00 2001
From: Ariel Ben-Yehuda <me@arielby.net>
Date: Thu, 27 Nov 2025 15:00:09 +0000
Subject: [PATCH 3/9] allow denying mitigations in earlier editions

---
 compiler/rustc_metadata/src/creader.rs        |  9 ++--
 compiler/rustc_session/src/config.rs          | 13 -----
 .../src/options/enforced_mitigations.rs       | 29 ++++++++++++
 ...low-partial-mitigations-current-edition.rs | 17 +++++++
 ...partial-mitigations-current-edition.stderr | 47 +++++++++++++++++++
 5 files changed, 96 insertions(+), 19 deletions(-)
 create mode 100644 tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-current-edition.rs
 create mode 100644 tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-current-edition.stderr

diff --git a/compiler/rustc_metadata/src/creader.rs b/compiler/rustc_metadata/src/creader.rs
index f05b8549fbc5b..3a68e7b1ef746 100644
--- a/compiler/rustc_metadata/src/creader.rs
+++ b/compiler/rustc_metadata/src/creader.rs
@@ -488,12 +488,9 @@ impl CStore {
 
     pub fn report_incompatible_enforced_mitigations(&self, tcx: TyCtxt<'_>, krate: &Crate) {
         let my_mitigations = tcx.sess.gather_enabled_enforced_mitigations();
-        let mut my_mitigations: BTreeMap<_, _> = my_mitigations
-            .iter()
-            .filter(|mitigation| mitigation.kind.enforced_since() <= tcx.sess.edition())
-            .map(|mitigation| (mitigation.kind, mitigation))
-            .collect();
-        for skipped_mitigation in tcx.sess.opts.allowed_partial_mitigations() {
+        let mut my_mitigations: BTreeMap<_, _> =
+            my_mitigations.iter().map(|mitigation| (mitigation.kind, mitigation)).collect();
+        for skipped_mitigation in tcx.sess.opts.allowed_partial_mitigations(tcx.sess.edition()) {
             my_mitigations.remove(&skipped_mitigation);
         }
         const MAX_ERRORS_PER_MITIGATION: usize = 5;
diff --git a/compiler/rustc_session/src/config.rs b/compiler/rustc_session/src/config.rs
index 87f3a121758a3..b278a6179fe7f 100644
--- a/compiler/rustc_session/src/config.rs
+++ b/compiler/rustc_session/src/config.rs
@@ -32,7 +32,6 @@ use rustc_target::spec::{
 use tracing::debug;
 
 pub use crate::config::cfg::{Cfg, CheckCfg, ExpectedValues};
-use crate::config::enforced_mitigations::EnforcedMitigationKind;
 use crate::config::native_libs::parse_native_libs;
 pub use crate::config::print_request::{PrintKind, PrintRequest};
 use crate::errors::FileWriteFail;
@@ -1495,18 +1494,6 @@ impl Options {
     pub fn autodiff_enabled(&self) -> bool {
         self.unstable_opts.autodiff.contains(&AutoDiff::Enable)
     }
-
-    pub fn allowed_partial_mitigations(&self) -> impl Iterator<Item = EnforcedMitigationKind> {
-        let mut result = BTreeSet::default();
-        for mitigation in &self.unstable_opts.allow_partial_mitigations {
-            if mitigation.enabled {
-                result.insert(mitigation.kind);
-            } else {
-                result.remove(&mitigation.kind);
-            }
-        }
-        result.into_iter()
-    }
 }
 
 impl UnstableOptions {
diff --git a/compiler/rustc_session/src/options/enforced_mitigations.rs b/compiler/rustc_session/src/options/enforced_mitigations.rs
index 7b965595fbdde..731b519eda58e 100644
--- a/compiler/rustc_session/src/options/enforced_mitigations.rs
+++ b/compiler/rustc_session/src/options/enforced_mitigations.rs
@@ -1,3 +1,4 @@
+use std::collections::BTreeSet;
 use std::str::FromStr;
 
 use rustc_macros::{BlobDecodable, Encodable};
@@ -5,6 +6,7 @@ use rustc_span::edition::Edition;
 use rustc_target::spec::StackProtector;
 
 use crate::Session;
+use crate::config::Options;
 use crate::options::CFGuard;
 
 #[derive(Copy, Clone, Debug, PartialEq, Eq, PartialOrd, Ord, Encodable, BlobDecodable)]
@@ -120,6 +122,12 @@ macro_rules! enforced_mitigations {
             }
         }
 
+        impl Options {
+            pub fn all_enforced_mitigations(&self) -> impl Iterator<Item = EnforcedMitigationKind> {
+                [$(EnforcedMitigationKind::$name),*].into_iter()
+            }
+        }
+
         impl Session {
             pub fn gather_enabled_enforced_mitigations(&$self) -> Vec<EnforcedMitigation> {
                 let mut mitigations = [
@@ -151,3 +159,24 @@ pub struct EnforcedMitigation {
     pub kind: EnforcedMitigationKind,
     pub level: EnforcedMitigationLevel,
 }
+
+impl Options {
+    // Return the list of mitigations that are allowed to be partial
+    pub fn allowed_partial_mitigations(
+        &self,
+        edition: Edition,
+    ) -> impl Iterator<Item = EnforcedMitigationKind> {
+        let mut result: BTreeSet<_> = self
+            .all_enforced_mitigations()
+            .filter(|mitigation| mitigation.enforced_since() > edition)
+            .collect();
+        for mitigation in &self.unstable_opts.allow_partial_mitigations {
+            if mitigation.enabled {
+                result.insert(mitigation.kind);
+            } else {
+                result.remove(&mitigation.kind);
+            }
+        }
+        result.into_iter()
+    }
+}
diff --git a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-current-edition.rs b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-current-edition.rs
new file mode 100644
index 0000000000000..1299e5e003cac
--- /dev/null
+++ b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-current-edition.rs
@@ -0,0 +1,17 @@
+// ignore-tidy-linelength
+//@ check-fail
+//@ ignore-nvptx64 stack protector is not supported
+//@ ignore-wasm32-unknown-unknown stack protector is not supported
+//@ edition: 2024
+//@ compile-flags: -Z allow-partial-mitigations=!control-flow-guard -C control-flow-guard=on
+
+// check that in edition 2024, it is still possible to explicitly
+// disallow partial mitigations (in edition=future, they are
+// disallowed by default)
+
+fn main() {}
+//~^ ERROR that is not compiled with
+//~| ERROR that is not compiled with
+//~| ERROR that is not compiled with
+//~| ERROR that is not compiled with
+//~| ERROR that is not compiled with
diff --git a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-current-edition.stderr b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-current-edition.stderr
new file mode 100644
index 0000000000000..02e9154986791
--- /dev/null
+++ b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-current-edition.stderr
@@ -0,0 +1,47 @@
+error: your program uses the crate `std`, that is not compiled with `control-flow-guard` enabled
+  --> $DIR/err-allow-partial-mitigations-current-edition.rs:12:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `std` with `control-flow-guard` enabled, or use `-Z allow-partial-mitigations=control-flow-guard` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=control-flow-guard` via `-Z deny-partial-mitigations=control-flow-guard`
+
+error: your program uses the crate `core`, that is not compiled with `control-flow-guard` enabled
+  --> $DIR/err-allow-partial-mitigations-current-edition.rs:12:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `core` with `control-flow-guard` enabled, or use `-Z allow-partial-mitigations=control-flow-guard` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=control-flow-guard` via `-Z deny-partial-mitigations=control-flow-guard`
+
+error: your program uses the crate `alloc`, that is not compiled with `control-flow-guard` enabled
+  --> $DIR/err-allow-partial-mitigations-current-edition.rs:12:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `alloc` with `control-flow-guard` enabled, or use `-Z allow-partial-mitigations=control-flow-guard` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=control-flow-guard` via `-Z deny-partial-mitigations=control-flow-guard`
+
+error: your program uses the crate `compiler_builtins`, that is not compiled with `control-flow-guard` enabled
+  --> $DIR/err-allow-partial-mitigations-current-edition.rs:12:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `compiler_builtins` with `control-flow-guard` enabled, or use `-Z allow-partial-mitigations=control-flow-guard` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=control-flow-guard` via `-Z deny-partial-mitigations=control-flow-guard`
+
+error: your program uses the crate `libc`, that is not compiled with `control-flow-guard` enabled
+  --> $DIR/err-allow-partial-mitigations-current-edition.rs:12:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `libc` with `control-flow-guard` enabled, or use `-Z allow-partial-mitigations=control-flow-guard` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=control-flow-guard` via `-Z deny-partial-mitigations=control-flow-guard`
+
+error: aborting due to 5 previous errors
+

From e874974c16452a8fccc7f52c367e18c82f6a0d12 Mon Sep 17 00:00:00 2001
From: Ariel Ben-Yehuda <me@arielby.net>
Date: Sun, 7 Dec 2025 12:14:23 +0000
Subject: [PATCH 4/9] enforced => enforcable mitigation

---
 compiler/rustc_metadata/src/creader.rs        | 12 +--
 compiler/rustc_metadata/src/rmeta/decoder.rs  | 16 ++--
 compiler/rustc_metadata/src/rmeta/encoder.rs  | 12 +--
 compiler/rustc_metadata/src/rmeta/mod.rs      |  4 +-
 .../rustc_metadata/src/rmeta/parameterized.rs |  2 +-
 compiler/rustc_session/src/options.rs         |  8 +-
 ...tigations.rs => enforcable_mitigations.rs} | 84 +++++++++----------
 7 files changed, 69 insertions(+), 69 deletions(-)
 rename compiler/rustc_session/src/options/{enforced_mitigations.rs => enforcable_mitigations.rs} (60%)

diff --git a/compiler/rustc_metadata/src/creader.rs b/compiler/rustc_metadata/src/creader.rs
index 3a68e7b1ef746..6c4236dcc2a74 100644
--- a/compiler/rustc_metadata/src/creader.rs
+++ b/compiler/rustc_metadata/src/creader.rs
@@ -25,7 +25,7 @@ use rustc_middle::ty::data_structures::IndexSet;
 use rustc_middle::ty::{TyCtxt, TyCtxtFeed};
 use rustc_proc_macro::bridge::client::ProcMacro;
 use rustc_session::Session;
-use rustc_session::config::enforced_mitigations::EnforcedMitigationLevel;
+use rustc_session::config::enforcable_mitigations::EnforcableMitigationLevel;
 use rustc_session::config::{
     CrateType, ExtendedTargetModifierInfo, ExternLocation, Externs, OptionsTargetModifiers,
     TargetModifier,
@@ -461,7 +461,7 @@ impl CStore {
 
     pub fn report_session_incompatibilities(&self, tcx: TyCtxt<'_>, krate: &Crate) {
         self.report_incompatible_target_modifiers(tcx, krate);
-        self.report_incompatible_enforced_mitigations(tcx, krate);
+        self.report_incompatible_enforcable_mitigations(tcx, krate);
         self.report_incompatible_async_drop_feature(tcx, krate);
     }
 
@@ -486,8 +486,8 @@ impl CStore {
         }
     }
 
-    pub fn report_incompatible_enforced_mitigations(&self, tcx: TyCtxt<'_>, krate: &Crate) {
-        let my_mitigations = tcx.sess.gather_enabled_enforced_mitigations();
+    pub fn report_incompatible_enforcable_mitigations(&self, tcx: TyCtxt<'_>, krate: &Crate) {
+        let my_mitigations = tcx.sess.gather_enabled_enforcable_mitigations();
         let mut my_mitigations: BTreeMap<_, _> =
             my_mitigations.iter().map(|mitigation| (mitigation.kind, mitigation)).collect();
         for skipped_mitigation in tcx.sess.opts.allowed_partial_mitigations(tcx.sess.edition()) {
@@ -499,12 +499,12 @@ impl CStore {
             if data.is_proc_macro_crate() {
                 continue;
             }
-            let their_mitigations = data.enforced_mitigations();
+            let their_mitigations = data.enabled_enforcable_mitigations();
             for my_mitigation in my_mitigations.values() {
                 let their_mitigation = their_mitigations
                     .iter()
                     .find(|mitigation| mitigation.kind == my_mitigation.kind)
-                    .map_or(EnforcedMitigationLevel::Enabled(false), |m| m.level);
+                    .map_or(EnforcableMitigationLevel::Enabled(false), |m| m.level);
                 if their_mitigation < my_mitigation.level {
                     let errors = errors_per_mitigation.entry(my_mitigation.kind).or_insert(0);
                     if *errors >= MAX_ERRORS_PER_MITIGATION {
diff --git a/compiler/rustc_metadata/src/rmeta/decoder.rs b/compiler/rustc_metadata/src/rmeta/decoder.rs
index 3f889f95b2917..64f79dd2d5f65 100644
--- a/compiler/rustc_metadata/src/rmeta/decoder.rs
+++ b/compiler/rustc_metadata/src/rmeta/decoder.rs
@@ -30,7 +30,7 @@ use rustc_proc_macro::bridge::client::ProcMacro;
 use rustc_serialize::opaque::MemDecoder;
 use rustc_serialize::{Decodable, Decoder};
 use rustc_session::config::TargetModifier;
-use rustc_session::config::enforced_mitigations::EnforcedMitigation;
+use rustc_session::config::enforcable_mitigations::EnforcableMitigation;
 use rustc_session::cstore::{CrateSource, ExternCrate};
 use rustc_span::hygiene::HygieneDecodeContext;
 use rustc_span::{
@@ -82,8 +82,8 @@ pub(crate) type CrateNumMap = IndexVec<CrateNum, CrateNum>;
 /// Target modifiers - abi or exploit mitigations flags that cause unsoundness when mixed
 pub(crate) type TargetModifiers = Vec<TargetModifier>;
 
-/// Enforced Mitigations
-pub(crate) type EnforcedMitigations = Vec<EnforcedMitigation>;
+/// The set of enforcable mitigations (RFC 3855) that are currently enabled for this crate
+pub(crate) type EnforcableMitigations = Vec<EnforcableMitigation>;
 
 pub(crate) struct CrateMetadata {
     /// The primary crate data - binary metadata blob.
@@ -964,11 +964,11 @@ impl CrateRoot {
         self.target_modifiers.decode(metadata)
     }
 
-    pub(crate) fn decode_enforced_mitigations<'a>(
+    pub(crate) fn decode_enforcable_mitigations<'a>(
         &self,
         metadata: &'a MetadataBlob,
-    ) -> impl ExactSizeIterator<Item = EnforcedMitigation> {
-        self.enforced_mitigations.decode(metadata)
+    ) -> impl ExactSizeIterator<Item = EnforcableMitigation> {
+        self.enforcable_mitigations.decode(metadata)
     }
 }
 
@@ -1950,8 +1950,8 @@ impl CrateMetadata {
         self.root.decode_target_modifiers(&self.blob).collect()
     }
 
-    pub(crate) fn enforced_mitigations(&self) -> EnforcedMitigations {
-        self.root.decode_enforced_mitigations(&self.blob).collect()
+    pub(crate) fn enabled_enforcable_mitigations(&self) -> EnforcableMitigations {
+        self.root.decode_enforcable_mitigations(&self.blob).collect()
     }
 
     /// Keep `new_extern_crate` if it looks better in diagnostics
diff --git a/compiler/rustc_metadata/src/rmeta/encoder.rs b/compiler/rustc_metadata/src/rmeta/encoder.rs
index b4812fcc9fc70..a9d42745626e8 100644
--- a/compiler/rustc_metadata/src/rmeta/encoder.rs
+++ b/compiler/rustc_metadata/src/rmeta/encoder.rs
@@ -27,7 +27,7 @@ use rustc_middle::ty::codec::TyEncoder;
 use rustc_middle::ty::fast_reject::{self, TreatParams};
 use rustc_middle::{bug, span_bug};
 use rustc_serialize::{Decodable, Decoder, Encodable, Encoder, opaque};
-use rustc_session::config::enforced_mitigations::EnforcedMitigation;
+use rustc_session::config::enforcable_mitigations::EnforcableMitigation;
 use rustc_session::config::{CrateType, OptLevel, TargetModifier};
 use rustc_span::hygiene::HygieneEncodeContext;
 use rustc_span::{
@@ -716,8 +716,8 @@ impl<'a, 'tcx> EncodeContext<'a, 'tcx> {
         // `SourceFiles` we actually need to encode.
         let source_map = stat!("source-map", || self.encode_source_map());
         let target_modifiers = stat!("target-modifiers", || self.encode_target_modifiers());
-        let enforced_mitigations =
-            stat!("enforced-mitigations", || self.encode_enforced_mitigations());
+        let enforcable_mitigations =
+            stat!("enforced-mitigations", || self.encode_enabled_enforcable_mitigations());
 
         let root = stat!("final", || {
             let attrs = tcx.hir_krate_attrs();
@@ -761,7 +761,7 @@ impl<'a, 'tcx> EncodeContext<'a, 'tcx> {
                 foreign_modules,
                 source_map,
                 target_modifiers,
-                enforced_mitigations,
+                enforcable_mitigations,
                 traits,
                 impls,
                 incoherent_impls,
@@ -2106,10 +2106,10 @@ impl<'a, 'tcx> EncodeContext<'a, 'tcx> {
         self.lazy_array(tcx.sess.opts.gather_target_modifiers())
     }
 
-    fn encode_enforced_mitigations(&mut self) -> LazyArray<EnforcedMitigation> {
+    fn encode_enabled_enforcable_mitigations(&mut self) -> LazyArray<EnforcableMitigation> {
         empty_proc_macro!(self);
         let tcx = self.tcx;
-        self.lazy_array(tcx.sess.gather_enabled_enforced_mitigations())
+        self.lazy_array(tcx.sess.gather_enabled_enforcable_mitigations())
     }
 
     fn encode_lib_features(&mut self) -> LazyArray<(Symbol, FeatureStability)> {
diff --git a/compiler/rustc_metadata/src/rmeta/mod.rs b/compiler/rustc_metadata/src/rmeta/mod.rs
index 57f7c9b97dd01..21337f4315403 100644
--- a/compiler/rustc_metadata/src/rmeta/mod.rs
+++ b/compiler/rustc_metadata/src/rmeta/mod.rs
@@ -34,7 +34,7 @@ use rustc_middle::ty::fast_reject::SimplifiedType;
 use rustc_middle::ty::{self, Ty, TyCtxt, UnusedGenericParams};
 use rustc_middle::util::Providers;
 use rustc_serialize::opaque::FileEncoder;
-use rustc_session::config::enforced_mitigations::EnforcedMitigation;
+use rustc_session::config::enforcable_mitigations::EnforcableMitigation;
 use rustc_session::config::{SymbolManglingVersion, TargetModifier};
 use rustc_session::cstore::{CrateDepKind, ForeignModule, LinkagePreference, NativeLib};
 use rustc_span::edition::Edition;
@@ -286,7 +286,7 @@ pub(crate) struct CrateRoot {
 
     source_map: LazyTable<u32, Option<LazyValue<rustc_span::SourceFile>>>,
     target_modifiers: LazyArray<TargetModifier>,
-    enforced_mitigations: LazyArray<EnforcedMitigation>,
+    enforcable_mitigations: LazyArray<EnforcableMitigation>,
 
     compiler_builtins: bool,
     needs_allocator: bool,
diff --git a/compiler/rustc_metadata/src/rmeta/parameterized.rs b/compiler/rustc_metadata/src/rmeta/parameterized.rs
index 8debefd21a070..b993932eb70dc 100644
--- a/compiler/rustc_metadata/src/rmeta/parameterized.rs
+++ b/compiler/rustc_metadata/src/rmeta/parameterized.rs
@@ -120,7 +120,7 @@ trivially_parameterized_over_tcx! {
     rustc_middle::ty::adjustment::CoerceUnsizedInfo,
     rustc_middle::ty::fast_reject::SimplifiedType,
     rustc_session::config::TargetModifier,
-    rustc_session::config::enforced_mitigations::EnforcedMitigation,
+    rustc_session::config::enforcable_mitigations::EnforcableMitigation,
     rustc_session::cstore::ForeignModule,
     rustc_session::cstore::LinkagePreference,
     rustc_session::cstore::NativeLib,
diff --git a/compiler/rustc_session/src/options.rs b/compiler/rustc_session/src/options.rs
index b057213939c32..9ce6898dd2ca7 100644
--- a/compiler/rustc_session/src/options.rs
+++ b/compiler/rustc_session/src/options.rs
@@ -20,7 +20,7 @@ use rustc_target::spec::{
     TargetTuple, TlsModel,
 };
 
-use crate::config::enforced_mitigations::MitigationEnablement;
+use crate::config::enforcable_mitigations::MitigationEnablement;
 use crate::config::*;
 use crate::search_paths::SearchPath;
 use crate::utils::NativeLib;
@@ -85,7 +85,7 @@ pub struct TargetModifier {
     pub value_name: String,
 }
 
-pub mod enforced_mitigations;
+pub mod enforcable_mitigations;
 
 mod target_modifier_consistency_check {
     use super::*;
@@ -886,14 +886,14 @@ mod desc {
         "either a boolean (`yes`, `no`, `on`, `off`, etc), or `nll` (default: `nll`)";
     pub(crate) const parse_align: &str = "a number that is a power of 2 between 1 and 2^29";
     pub(crate) const parse_allow_partial_mitigations: &str =
-        super::enforced_mitigations::EnforcedMitigationKind::KINDS;
+        super::enforcable_mitigations::EnforcableMitigationKind::KINDS;
 }
 
 pub mod parse {
     use std::str::FromStr;
 
     pub(crate) use super::*;
-    use crate::config::enforced_mitigations::MitigationEnablement;
+    use crate::config::enforcable_mitigations::MitigationEnablement;
     pub(crate) const MAX_THREADS_CAP: usize = 256;
 
     /// This is for boolean options that don't take a value, and are true simply
diff --git a/compiler/rustc_session/src/options/enforced_mitigations.rs b/compiler/rustc_session/src/options/enforcable_mitigations.rs
similarity index 60%
rename from compiler/rustc_session/src/options/enforced_mitigations.rs
rename to compiler/rustc_session/src/options/enforcable_mitigations.rs
index 731b519eda58e..667dd0b8aadc7 100644
--- a/compiler/rustc_session/src/options/enforced_mitigations.rs
+++ b/compiler/rustc_session/src/options/enforcable_mitigations.rs
@@ -10,66 +10,66 @@ use crate::config::Options;
 use crate::options::CFGuard;
 
 #[derive(Copy, Clone, Debug, PartialEq, Eq, PartialOrd, Ord, Encodable, BlobDecodable)]
-pub enum EnforcedMitigationLevel {
+pub enum EnforcableMitigationLevel {
     // Enabled(false) should be the bottom of the Ord hierarchy
     Enabled(bool),
     StackProtector(StackProtector),
 }
 
-impl EnforcedMitigationLevel {
+impl EnforcableMitigationLevel {
     pub fn level_str(&self) -> &'static str {
         match self {
-            EnforcedMitigationLevel::StackProtector(StackProtector::All) => "=all",
-            EnforcedMitigationLevel::StackProtector(StackProtector::Basic) => "=basic",
-            EnforcedMitigationLevel::StackProtector(StackProtector::Strong) => "=strong",
+            EnforcableMitigationLevel::StackProtector(StackProtector::All) => "=all",
+            EnforcableMitigationLevel::StackProtector(StackProtector::Basic) => "=basic",
+            EnforcableMitigationLevel::StackProtector(StackProtector::Strong) => "=strong",
             // currently `=disabled` should not appear
-            EnforcedMitigationLevel::Enabled(false) => "=disabled",
-            EnforcedMitigationLevel::StackProtector(StackProtector::None)
-            | EnforcedMitigationLevel::Enabled(true) => "",
+            EnforcableMitigationLevel::Enabled(false) => "=disabled",
+            EnforcableMitigationLevel::StackProtector(StackProtector::None)
+            | EnforcableMitigationLevel::Enabled(true) => "",
         }
     }
 }
 
-impl std::fmt::Display for EnforcedMitigationLevel {
+impl std::fmt::Display for EnforcableMitigationLevel {
     fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
         match self {
-            EnforcedMitigationLevel::StackProtector(StackProtector::All) => {
+            EnforcableMitigationLevel::StackProtector(StackProtector::All) => {
                 write!(f, "all")
             }
-            EnforcedMitigationLevel::StackProtector(StackProtector::Basic) => {
+            EnforcableMitigationLevel::StackProtector(StackProtector::Basic) => {
                 write!(f, "basic")
             }
-            EnforcedMitigationLevel::StackProtector(StackProtector::Strong) => {
+            EnforcableMitigationLevel::StackProtector(StackProtector::Strong) => {
                 write!(f, "strong")
             }
-            EnforcedMitigationLevel::Enabled(true) => {
+            EnforcableMitigationLevel::Enabled(true) => {
                 write!(f, "enabled")
             }
-            EnforcedMitigationLevel::StackProtector(StackProtector::None)
-            | EnforcedMitigationLevel::Enabled(false) => {
+            EnforcableMitigationLevel::StackProtector(StackProtector::None)
+            | EnforcableMitigationLevel::Enabled(false) => {
                 write!(f, "disabled")
             }
         }
     }
 }
 
-impl From<bool> for EnforcedMitigationLevel {
+impl From<bool> for EnforcableMitigationLevel {
     fn from(value: bool) -> Self {
-        EnforcedMitigationLevel::Enabled(value)
+        EnforcableMitigationLevel::Enabled(value)
     }
 }
 
-impl From<StackProtector> for EnforcedMitigationLevel {
+impl From<StackProtector> for EnforcableMitigationLevel {
     fn from(value: StackProtector) -> Self {
-        EnforcedMitigationLevel::StackProtector(value)
+        EnforcableMitigationLevel::StackProtector(value)
     }
 }
 
-pub struct EnforcedMitigationKindParseError;
+pub struct EnforcableMitigationKindParseError;
 
 #[derive(Copy, Clone, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, Encodable, BlobDecodable)]
 pub struct MitigationEnablement {
-    pub kind: EnforcedMitigationKind,
+    pub kind: EnforcableMitigationKind,
     pub enabled: bool,
 }
 
@@ -82,58 +82,58 @@ macro_rules! intersperse {
 macro_rules! enforced_mitigations {
     ([$self:ident] enum $kind:ident {$(($name:ident, $text:expr, $since:ident, $code:expr)),*}) => {
         #[derive(Copy, Clone, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, Encodable, BlobDecodable)]
-        pub enum EnforcedMitigationKind {
+        pub enum EnforcableMitigationKind {
             $($name),*
         }
 
-        impl std::fmt::Display for EnforcedMitigationKind {
+        impl std::fmt::Display for EnforcableMitigationKind {
             fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
                 match self {
-                    $(EnforcedMitigationKind::$name => write!(f, $text)),*
+                    $(EnforcableMitigationKind::$name => write!(f, $text)),*
                 }
             }
         }
 
-        impl EnforcedMitigationKind {
+        impl EnforcableMitigationKind {
             pub(crate) const KINDS: &'static str = concat!("comma-separated list of mitigation kinds (available: ",
                 intersperse!(", ", ($(concat!("`", $text, "`")),*)), ")");
         }
 
-        impl FromStr for EnforcedMitigationKind {
-            type Err = EnforcedMitigationKindParseError;
+        impl FromStr for EnforcableMitigationKind {
+            type Err = EnforcableMitigationKindParseError;
 
-            fn from_str(v: &str) -> Result<EnforcedMitigationKind, EnforcedMitigationKindParseError> {
+            fn from_str(v: &str) -> Result<EnforcableMitigationKind, EnforcableMitigationKindParseError> {
                 match v {
-                    $($text => Ok(EnforcedMitigationKind::$name)),*
+                    $($text => Ok(EnforcableMitigationKind::$name)),*
                     ,
-                    _ => Err(EnforcedMitigationKindParseError),
+                    _ => Err(EnforcableMitigationKindParseError),
                 }
             }
         }
 
         #[allow(unused)]
-        impl EnforcedMitigationKind {
+        impl EnforcableMitigationKind {
             pub fn enforced_since(&self) -> Edition {
                 match self {
                     // Should change the enforced-since edition of StackProtector to 2015
                     // (all editions) when `-C stack-protector` is stabilized.
-                    $(EnforcedMitigationKind::$name => Edition::$since),*
+                    $(EnforcableMitigationKind::$name => Edition::$since),*
                 }
             }
         }
 
         impl Options {
-            pub fn all_enforced_mitigations(&self) -> impl Iterator<Item = EnforcedMitigationKind> {
-                [$(EnforcedMitigationKind::$name),*].into_iter()
+            pub fn all_enforced_mitigations(&self) -> impl Iterator<Item = EnforcableMitigationKind> {
+                [$(EnforcableMitigationKind::$name),*].into_iter()
             }
         }
 
         impl Session {
-            pub fn gather_enabled_enforced_mitigations(&$self) -> Vec<EnforcedMitigation> {
+            pub fn gather_enabled_enforcable_mitigations(&$self) -> Vec<EnforcableMitigation> {
                 let mut mitigations = [
                     $(
-                    EnforcedMitigation {
-                        kind: EnforcedMitigationKind::$name,
+                    EnforcableMitigation {
+                        kind: EnforcableMitigationKind::$name,
                         level: From::from($code),
                     }
                     ),*
@@ -147,7 +147,7 @@ macro_rules! enforced_mitigations {
 
 enforced_mitigations! {
     [self]
-    enum EnforcedMitigationKind {
+    enum EnforcableMitigationKind {
         (StackProtector, "stack-protector", EditionFuture, self.stack_protector()),
         (ControlFlowGuard, "control-flow-guard", EditionFuture, self.opts.cg.control_flow_guard == CFGuard::Checks)
     }
@@ -155,9 +155,9 @@ enforced_mitigations! {
 
 /// Enforced mitigations, see [RFC 3855](https://github.com/rust-lang/rfcs/pull/3855)
 #[derive(Copy, Clone, Debug, PartialEq, Eq, PartialOrd, Ord, Encodable, BlobDecodable)]
-pub struct EnforcedMitigation {
-    pub kind: EnforcedMitigationKind,
-    pub level: EnforcedMitigationLevel,
+pub struct EnforcableMitigation {
+    pub kind: EnforcableMitigationKind,
+    pub level: EnforcableMitigationLevel,
 }
 
 impl Options {
@@ -165,7 +165,7 @@ impl Options {
     pub fn allowed_partial_mitigations(
         &self,
         edition: Edition,
-    ) -> impl Iterator<Item = EnforcedMitigationKind> {
+    ) -> impl Iterator<Item = EnforcableMitigationKind> {
         let mut result: BTreeSet<_> = self
             .all_enforced_mitigations()
             .filter(|mitigation| mitigation.enforced_since() > edition)

From fef2b197e8ba68ac456828447e0e37b0126c4cac Mon Sep 17 00:00:00 2001
From: Ariel Ben-Yehuda <me@arielby.net>
Date: Wed, 10 Dec 2025 18:37:48 +0000
Subject: [PATCH 5/9] EnforcableMitigation => DeniedPartialMitigation

---
 compiler/rustc_metadata/src/creader.rs        | 12 +--
 compiler/rustc_metadata/src/rmeta/decoder.rs  | 14 ++--
 compiler/rustc_metadata/src/rmeta/encoder.rs  | 12 +--
 compiler/rustc_metadata/src/rmeta/mod.rs      |  4 +-
 .../rustc_metadata/src/rmeta/parameterized.rs |  2 +-
 compiler/rustc_session/src/options.rs         |  2 +-
 .../src/options/enforcable_mitigations.rs     | 84 +++++++++----------
 7 files changed, 65 insertions(+), 65 deletions(-)

diff --git a/compiler/rustc_metadata/src/creader.rs b/compiler/rustc_metadata/src/creader.rs
index 6c4236dcc2a74..8aae529efcb00 100644
--- a/compiler/rustc_metadata/src/creader.rs
+++ b/compiler/rustc_metadata/src/creader.rs
@@ -25,7 +25,7 @@ use rustc_middle::ty::data_structures::IndexSet;
 use rustc_middle::ty::{TyCtxt, TyCtxtFeed};
 use rustc_proc_macro::bridge::client::ProcMacro;
 use rustc_session::Session;
-use rustc_session::config::enforcable_mitigations::EnforcableMitigationLevel;
+use rustc_session::config::enforcable_mitigations::DeniedPartialMitigationLevel;
 use rustc_session::config::{
     CrateType, ExtendedTargetModifierInfo, ExternLocation, Externs, OptionsTargetModifiers,
     TargetModifier,
@@ -461,7 +461,7 @@ impl CStore {
 
     pub fn report_session_incompatibilities(&self, tcx: TyCtxt<'_>, krate: &Crate) {
         self.report_incompatible_target_modifiers(tcx, krate);
-        self.report_incompatible_enforcable_mitigations(tcx, krate);
+        self.report_incompatible_denied_partial_mitigations(tcx, krate);
         self.report_incompatible_async_drop_feature(tcx, krate);
     }
 
@@ -486,8 +486,8 @@ impl CStore {
         }
     }
 
-    pub fn report_incompatible_enforcable_mitigations(&self, tcx: TyCtxt<'_>, krate: &Crate) {
-        let my_mitigations = tcx.sess.gather_enabled_enforcable_mitigations();
+    pub fn report_incompatible_denied_partial_mitigations(&self, tcx: TyCtxt<'_>, krate: &Crate) {
+        let my_mitigations = tcx.sess.gather_enabled_denied_partial_mitigations();
         let mut my_mitigations: BTreeMap<_, _> =
             my_mitigations.iter().map(|mitigation| (mitigation.kind, mitigation)).collect();
         for skipped_mitigation in tcx.sess.opts.allowed_partial_mitigations(tcx.sess.edition()) {
@@ -499,12 +499,12 @@ impl CStore {
             if data.is_proc_macro_crate() {
                 continue;
             }
-            let their_mitigations = data.enabled_enforcable_mitigations();
+            let their_mitigations = data.enabled_denied_partial_mitigations();
             for my_mitigation in my_mitigations.values() {
                 let their_mitigation = their_mitigations
                     .iter()
                     .find(|mitigation| mitigation.kind == my_mitigation.kind)
-                    .map_or(EnforcableMitigationLevel::Enabled(false), |m| m.level);
+                    .map_or(DeniedPartialMitigationLevel::Enabled(false), |m| m.level);
                 if their_mitigation < my_mitigation.level {
                     let errors = errors_per_mitigation.entry(my_mitigation.kind).or_insert(0);
                     if *errors >= MAX_ERRORS_PER_MITIGATION {
diff --git a/compiler/rustc_metadata/src/rmeta/decoder.rs b/compiler/rustc_metadata/src/rmeta/decoder.rs
index 64f79dd2d5f65..81b06db796c83 100644
--- a/compiler/rustc_metadata/src/rmeta/decoder.rs
+++ b/compiler/rustc_metadata/src/rmeta/decoder.rs
@@ -30,7 +30,7 @@ use rustc_proc_macro::bridge::client::ProcMacro;
 use rustc_serialize::opaque::MemDecoder;
 use rustc_serialize::{Decodable, Decoder};
 use rustc_session::config::TargetModifier;
-use rustc_session::config::enforcable_mitigations::EnforcableMitigation;
+use rustc_session::config::enforcable_mitigations::DeniedPartialMitigation;
 use rustc_session::cstore::{CrateSource, ExternCrate};
 use rustc_span::hygiene::HygieneDecodeContext;
 use rustc_span::{
@@ -83,7 +83,7 @@ pub(crate) type CrateNumMap = IndexVec<CrateNum, CrateNum>;
 pub(crate) type TargetModifiers = Vec<TargetModifier>;
 
 /// The set of enforcable mitigations (RFC 3855) that are currently enabled for this crate
-pub(crate) type EnforcableMitigations = Vec<EnforcableMitigation>;
+pub(crate) type DeniedPartialMitigations = Vec<DeniedPartialMitigation>;
 
 pub(crate) struct CrateMetadata {
     /// The primary crate data - binary metadata blob.
@@ -964,11 +964,11 @@ impl CrateRoot {
         self.target_modifiers.decode(metadata)
     }
 
-    pub(crate) fn decode_enforcable_mitigations<'a>(
+    pub(crate) fn decode_denied_partial_mitigations<'a>(
         &self,
         metadata: &'a MetadataBlob,
-    ) -> impl ExactSizeIterator<Item = EnforcableMitigation> {
-        self.enforcable_mitigations.decode(metadata)
+    ) -> impl ExactSizeIterator<Item = DeniedPartialMitigation> {
+        self.denied_partial_mitigations.decode(metadata)
     }
 }
 
@@ -1950,8 +1950,8 @@ impl CrateMetadata {
         self.root.decode_target_modifiers(&self.blob).collect()
     }
 
-    pub(crate) fn enabled_enforcable_mitigations(&self) -> EnforcableMitigations {
-        self.root.decode_enforcable_mitigations(&self.blob).collect()
+    pub(crate) fn enabled_denied_partial_mitigations(&self) -> DeniedPartialMitigations {
+        self.root.decode_denied_partial_mitigations(&self.blob).collect()
     }
 
     /// Keep `new_extern_crate` if it looks better in diagnostics
diff --git a/compiler/rustc_metadata/src/rmeta/encoder.rs b/compiler/rustc_metadata/src/rmeta/encoder.rs
index a9d42745626e8..75848c206e321 100644
--- a/compiler/rustc_metadata/src/rmeta/encoder.rs
+++ b/compiler/rustc_metadata/src/rmeta/encoder.rs
@@ -27,7 +27,7 @@ use rustc_middle::ty::codec::TyEncoder;
 use rustc_middle::ty::fast_reject::{self, TreatParams};
 use rustc_middle::{bug, span_bug};
 use rustc_serialize::{Decodable, Decoder, Encodable, Encoder, opaque};
-use rustc_session::config::enforcable_mitigations::EnforcableMitigation;
+use rustc_session::config::enforcable_mitigations::DeniedPartialMitigation;
 use rustc_session::config::{CrateType, OptLevel, TargetModifier};
 use rustc_span::hygiene::HygieneEncodeContext;
 use rustc_span::{
@@ -716,8 +716,8 @@ impl<'a, 'tcx> EncodeContext<'a, 'tcx> {
         // `SourceFiles` we actually need to encode.
         let source_map = stat!("source-map", || self.encode_source_map());
         let target_modifiers = stat!("target-modifiers", || self.encode_target_modifiers());
-        let enforcable_mitigations =
-            stat!("enforced-mitigations", || self.encode_enabled_enforcable_mitigations());
+        let denied_partial_mitigations =
+            stat!("enforced-mitigations", || self.encode_enabled_denied_partial_mitigations());
 
         let root = stat!("final", || {
             let attrs = tcx.hir_krate_attrs();
@@ -761,7 +761,7 @@ impl<'a, 'tcx> EncodeContext<'a, 'tcx> {
                 foreign_modules,
                 source_map,
                 target_modifiers,
-                enforcable_mitigations,
+                denied_partial_mitigations,
                 traits,
                 impls,
                 incoherent_impls,
@@ -2106,10 +2106,10 @@ impl<'a, 'tcx> EncodeContext<'a, 'tcx> {
         self.lazy_array(tcx.sess.opts.gather_target_modifiers())
     }
 
-    fn encode_enabled_enforcable_mitigations(&mut self) -> LazyArray<EnforcableMitigation> {
+    fn encode_enabled_denied_partial_mitigations(&mut self) -> LazyArray<DeniedPartialMitigation> {
         empty_proc_macro!(self);
         let tcx = self.tcx;
-        self.lazy_array(tcx.sess.gather_enabled_enforcable_mitigations())
+        self.lazy_array(tcx.sess.gather_enabled_denied_partial_mitigations())
     }
 
     fn encode_lib_features(&mut self) -> LazyArray<(Symbol, FeatureStability)> {
diff --git a/compiler/rustc_metadata/src/rmeta/mod.rs b/compiler/rustc_metadata/src/rmeta/mod.rs
index 21337f4315403..6f6e356443a69 100644
--- a/compiler/rustc_metadata/src/rmeta/mod.rs
+++ b/compiler/rustc_metadata/src/rmeta/mod.rs
@@ -34,7 +34,7 @@ use rustc_middle::ty::fast_reject::SimplifiedType;
 use rustc_middle::ty::{self, Ty, TyCtxt, UnusedGenericParams};
 use rustc_middle::util::Providers;
 use rustc_serialize::opaque::FileEncoder;
-use rustc_session::config::enforcable_mitigations::EnforcableMitigation;
+use rustc_session::config::enforcable_mitigations::DeniedPartialMitigation;
 use rustc_session::config::{SymbolManglingVersion, TargetModifier};
 use rustc_session::cstore::{CrateDepKind, ForeignModule, LinkagePreference, NativeLib};
 use rustc_span::edition::Edition;
@@ -286,7 +286,7 @@ pub(crate) struct CrateRoot {
 
     source_map: LazyTable<u32, Option<LazyValue<rustc_span::SourceFile>>>,
     target_modifiers: LazyArray<TargetModifier>,
-    enforcable_mitigations: LazyArray<EnforcableMitigation>,
+    denied_partial_mitigations: LazyArray<DeniedPartialMitigation>,
 
     compiler_builtins: bool,
     needs_allocator: bool,
diff --git a/compiler/rustc_metadata/src/rmeta/parameterized.rs b/compiler/rustc_metadata/src/rmeta/parameterized.rs
index b993932eb70dc..35ea06b384536 100644
--- a/compiler/rustc_metadata/src/rmeta/parameterized.rs
+++ b/compiler/rustc_metadata/src/rmeta/parameterized.rs
@@ -120,7 +120,7 @@ trivially_parameterized_over_tcx! {
     rustc_middle::ty::adjustment::CoerceUnsizedInfo,
     rustc_middle::ty::fast_reject::SimplifiedType,
     rustc_session::config::TargetModifier,
-    rustc_session::config::enforcable_mitigations::EnforcableMitigation,
+    rustc_session::config::enforcable_mitigations::DeniedPartialMitigation,
     rustc_session::cstore::ForeignModule,
     rustc_session::cstore::LinkagePreference,
     rustc_session::cstore::NativeLib,
diff --git a/compiler/rustc_session/src/options.rs b/compiler/rustc_session/src/options.rs
index 9ce6898dd2ca7..e30a182d240be 100644
--- a/compiler/rustc_session/src/options.rs
+++ b/compiler/rustc_session/src/options.rs
@@ -886,7 +886,7 @@ mod desc {
         "either a boolean (`yes`, `no`, `on`, `off`, etc), or `nll` (default: `nll`)";
     pub(crate) const parse_align: &str = "a number that is a power of 2 between 1 and 2^29";
     pub(crate) const parse_allow_partial_mitigations: &str =
-        super::enforcable_mitigations::EnforcableMitigationKind::KINDS;
+        super::enforcable_mitigations::DeniedPartialMitigationKind::KINDS;
 }
 
 pub mod parse {
diff --git a/compiler/rustc_session/src/options/enforcable_mitigations.rs b/compiler/rustc_session/src/options/enforcable_mitigations.rs
index 667dd0b8aadc7..851659f416e85 100644
--- a/compiler/rustc_session/src/options/enforcable_mitigations.rs
+++ b/compiler/rustc_session/src/options/enforcable_mitigations.rs
@@ -10,66 +10,66 @@ use crate::config::Options;
 use crate::options::CFGuard;
 
 #[derive(Copy, Clone, Debug, PartialEq, Eq, PartialOrd, Ord, Encodable, BlobDecodable)]
-pub enum EnforcableMitigationLevel {
+pub enum DeniedPartialMitigationLevel {
     // Enabled(false) should be the bottom of the Ord hierarchy
     Enabled(bool),
     StackProtector(StackProtector),
 }
 
-impl EnforcableMitigationLevel {
+impl DeniedPartialMitigationLevel {
     pub fn level_str(&self) -> &'static str {
         match self {
-            EnforcableMitigationLevel::StackProtector(StackProtector::All) => "=all",
-            EnforcableMitigationLevel::StackProtector(StackProtector::Basic) => "=basic",
-            EnforcableMitigationLevel::StackProtector(StackProtector::Strong) => "=strong",
+            DeniedPartialMitigationLevel::StackProtector(StackProtector::All) => "=all",
+            DeniedPartialMitigationLevel::StackProtector(StackProtector::Basic) => "=basic",
+            DeniedPartialMitigationLevel::StackProtector(StackProtector::Strong) => "=strong",
             // currently `=disabled` should not appear
-            EnforcableMitigationLevel::Enabled(false) => "=disabled",
-            EnforcableMitigationLevel::StackProtector(StackProtector::None)
-            | EnforcableMitigationLevel::Enabled(true) => "",
+            DeniedPartialMitigationLevel::Enabled(false) => "=disabled",
+            DeniedPartialMitigationLevel::StackProtector(StackProtector::None)
+            | DeniedPartialMitigationLevel::Enabled(true) => "",
         }
     }
 }
 
-impl std::fmt::Display for EnforcableMitigationLevel {
+impl std::fmt::Display for DeniedPartialMitigationLevel {
     fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
         match self {
-            EnforcableMitigationLevel::StackProtector(StackProtector::All) => {
+            DeniedPartialMitigationLevel::StackProtector(StackProtector::All) => {
                 write!(f, "all")
             }
-            EnforcableMitigationLevel::StackProtector(StackProtector::Basic) => {
+            DeniedPartialMitigationLevel::StackProtector(StackProtector::Basic) => {
                 write!(f, "basic")
             }
-            EnforcableMitigationLevel::StackProtector(StackProtector::Strong) => {
+            DeniedPartialMitigationLevel::StackProtector(StackProtector::Strong) => {
                 write!(f, "strong")
             }
-            EnforcableMitigationLevel::Enabled(true) => {
+            DeniedPartialMitigationLevel::Enabled(true) => {
                 write!(f, "enabled")
             }
-            EnforcableMitigationLevel::StackProtector(StackProtector::None)
-            | EnforcableMitigationLevel::Enabled(false) => {
+            DeniedPartialMitigationLevel::StackProtector(StackProtector::None)
+            | DeniedPartialMitigationLevel::Enabled(false) => {
                 write!(f, "disabled")
             }
         }
     }
 }
 
-impl From<bool> for EnforcableMitigationLevel {
+impl From<bool> for DeniedPartialMitigationLevel {
     fn from(value: bool) -> Self {
-        EnforcableMitigationLevel::Enabled(value)
+        DeniedPartialMitigationLevel::Enabled(value)
     }
 }
 
-impl From<StackProtector> for EnforcableMitigationLevel {
+impl From<StackProtector> for DeniedPartialMitigationLevel {
     fn from(value: StackProtector) -> Self {
-        EnforcableMitigationLevel::StackProtector(value)
+        DeniedPartialMitigationLevel::StackProtector(value)
     }
 }
 
-pub struct EnforcableMitigationKindParseError;
+pub struct DeniedPartialMitigationKindParseError;
 
 #[derive(Copy, Clone, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, Encodable, BlobDecodable)]
 pub struct MitigationEnablement {
-    pub kind: EnforcableMitigationKind,
+    pub kind: DeniedPartialMitigationKind,
     pub enabled: bool,
 }
 
@@ -82,58 +82,58 @@ macro_rules! intersperse {
 macro_rules! enforced_mitigations {
     ([$self:ident] enum $kind:ident {$(($name:ident, $text:expr, $since:ident, $code:expr)),*}) => {
         #[derive(Copy, Clone, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, Encodable, BlobDecodable)]
-        pub enum EnforcableMitigationKind {
+        pub enum DeniedPartialMitigationKind {
             $($name),*
         }
 
-        impl std::fmt::Display for EnforcableMitigationKind {
+        impl std::fmt::Display for DeniedPartialMitigationKind {
             fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
                 match self {
-                    $(EnforcableMitigationKind::$name => write!(f, $text)),*
+                    $(DeniedPartialMitigationKind::$name => write!(f, $text)),*
                 }
             }
         }
 
-        impl EnforcableMitigationKind {
+        impl DeniedPartialMitigationKind {
             pub(crate) const KINDS: &'static str = concat!("comma-separated list of mitigation kinds (available: ",
                 intersperse!(", ", ($(concat!("`", $text, "`")),*)), ")");
         }
 
-        impl FromStr for EnforcableMitigationKind {
-            type Err = EnforcableMitigationKindParseError;
+        impl FromStr for DeniedPartialMitigationKind {
+            type Err = DeniedPartialMitigationKindParseError;
 
-            fn from_str(v: &str) -> Result<EnforcableMitigationKind, EnforcableMitigationKindParseError> {
+            fn from_str(v: &str) -> Result<DeniedPartialMitigationKind, DeniedPartialMitigationKindParseError> {
                 match v {
-                    $($text => Ok(EnforcableMitigationKind::$name)),*
+                    $($text => Ok(DeniedPartialMitigationKind::$name)),*
                     ,
-                    _ => Err(EnforcableMitigationKindParseError),
+                    _ => Err(DeniedPartialMitigationKindParseError),
                 }
             }
         }
 
         #[allow(unused)]
-        impl EnforcableMitigationKind {
+        impl DeniedPartialMitigationKind {
             pub fn enforced_since(&self) -> Edition {
                 match self {
                     // Should change the enforced-since edition of StackProtector to 2015
                     // (all editions) when `-C stack-protector` is stabilized.
-                    $(EnforcableMitigationKind::$name => Edition::$since),*
+                    $(DeniedPartialMitigationKind::$name => Edition::$since),*
                 }
             }
         }
 
         impl Options {
-            pub fn all_enforced_mitigations(&self) -> impl Iterator<Item = EnforcableMitigationKind> {
-                [$(EnforcableMitigationKind::$name),*].into_iter()
+            pub fn all_enforced_mitigations(&self) -> impl Iterator<Item = DeniedPartialMitigationKind> {
+                [$(DeniedPartialMitigationKind::$name),*].into_iter()
             }
         }
 
         impl Session {
-            pub fn gather_enabled_enforcable_mitigations(&$self) -> Vec<EnforcableMitigation> {
+            pub fn gather_enabled_denied_partial_mitigations(&$self) -> Vec<DeniedPartialMitigation> {
                 let mut mitigations = [
                     $(
-                    EnforcableMitigation {
-                        kind: EnforcableMitigationKind::$name,
+                    DeniedPartialMitigation {
+                        kind: DeniedPartialMitigationKind::$name,
                         level: From::from($code),
                     }
                     ),*
@@ -147,7 +147,7 @@ macro_rules! enforced_mitigations {
 
 enforced_mitigations! {
     [self]
-    enum EnforcableMitigationKind {
+    enum DeniedPartialMitigationKind {
         (StackProtector, "stack-protector", EditionFuture, self.stack_protector()),
         (ControlFlowGuard, "control-flow-guard", EditionFuture, self.opts.cg.control_flow_guard == CFGuard::Checks)
     }
@@ -155,9 +155,9 @@ enforced_mitigations! {
 
 /// Enforced mitigations, see [RFC 3855](https://github.com/rust-lang/rfcs/pull/3855)
 #[derive(Copy, Clone, Debug, PartialEq, Eq, PartialOrd, Ord, Encodable, BlobDecodable)]
-pub struct EnforcableMitigation {
-    pub kind: EnforcableMitigationKind,
-    pub level: EnforcableMitigationLevel,
+pub struct DeniedPartialMitigation {
+    pub kind: DeniedPartialMitigationKind,
+    pub level: DeniedPartialMitigationLevel,
 }
 
 impl Options {
@@ -165,7 +165,7 @@ impl Options {
     pub fn allowed_partial_mitigations(
         &self,
         edition: Edition,
-    ) -> impl Iterator<Item = EnforcableMitigationKind> {
+    ) -> impl Iterator<Item = DeniedPartialMitigationKind> {
         let mut result: BTreeSet<_> = self
             .all_enforced_mitigations()
             .filter(|mitigation| mitigation.enforced_since() > edition)

From 1b780dce74f49f9c0527e3974242f5692115d0a7 Mon Sep 17 00:00:00 2001
From: Ariel Ben-Yehuda <me@arielby.net>
Date: Wed, 10 Dec 2025 18:46:39 +0000
Subject: [PATCH 6/9] use -Z deny-partial-mitigations instead of -Z
 allow-partial-mitigations=!

---
 compiler/rustc_session/src/options.rs         | 26 +++++-
 ...low-partial-mitigations-current-edition.rs |  2 +-
 .../err-allow-partial-mitigations.both.stderr | 20 ++--
 ...r-allow-partial-mitigations.disable.stderr | 10 +-
 ...-partial-mitigations.enable-disable.stderr | 10 +-
 ....enable-separately-disable-together.stderr | 92 +++++++++++++++++++
 .../err-allow-partial-mitigations.rs          | 17 +++-
 .../err-allow-partial-mitigations.sp.stderr   | 10 +-
 ...ow-partial-mitigations.wrong-enable.stderr | 10 +-
 .../ok-allow-partial-mitigations-minicore.rs  |  2 +-
 .../ok-allow-partial-mitigations.rs           |  2 +-
 11 files changed, 162 insertions(+), 39 deletions(-)
 create mode 100644 tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.enable-separately-disable-together.stderr

diff --git a/compiler/rustc_session/src/options.rs b/compiler/rustc_session/src/options.rs
index e30a182d240be..5022e4ee0d33e 100644
--- a/compiler/rustc_session/src/options.rs
+++ b/compiler/rustc_session/src/options.rs
@@ -694,6 +694,9 @@ impl CodegenOptions {
 // Sometimes different options need to build a common structure.
 // That structure can be kept in one of the options' fields, the others become dummy.
 macro_rules! redirect_field {
+    ($cg:ident.deny_partial_mitigations) => {
+        $cg.allow_partial_mitigations
+    };
     ($cg:ident.link_arg) => {
         $cg.link_args
     };
@@ -887,6 +890,8 @@ mod desc {
     pub(crate) const parse_align: &str = "a number that is a power of 2 between 1 and 2^29";
     pub(crate) const parse_allow_partial_mitigations: &str =
         super::enforcable_mitigations::DeniedPartialMitigationKind::KINDS;
+    pub(crate) const parse_deny_partial_mitigations: &str =
+        super::enforcable_mitigations::DeniedPartialMitigationKind::KINDS;
 }
 
 pub mod parse {
@@ -2065,15 +2070,14 @@ pub mod parse {
         true
     }
 
-    pub(crate) fn parse_allow_partial_mitigations(
+    fn parse_partial_mitigations(
         slot: &mut Vec<MitigationEnablement>,
         v: Option<&str>,
+        enabled: bool,
     ) -> bool {
         match v {
             Some(s) => {
                 for sub in s.split(',') {
-                    let (sub, enabled) =
-                        if sub.starts_with('!') { (&sub[1..], false) } else { (sub, true) };
                     match sub.parse() {
                         Ok(kind) => slot.push(MitigationEnablement { kind, enabled }),
                         Err(_) => return false,
@@ -2084,6 +2088,20 @@ pub mod parse {
             None => false,
         }
     }
+
+    pub(crate) fn parse_allow_partial_mitigations(
+        slot: &mut Vec<MitigationEnablement>,
+        v: Option<&str>,
+    ) -> bool {
+        parse_partial_mitigations(slot, v, true)
+    }
+
+    pub(crate) fn parse_deny_partial_mitigations(
+        slot: &mut Vec<MitigationEnablement>,
+        v: Option<&str>,
+    ) -> bool {
+        parse_partial_mitigations(slot, v, false)
+    }
 }
 
 options! {
@@ -2314,6 +2332,8 @@ options! {
         "deduplicate identical diagnostics (default: yes)"),
     default_visibility: Option<SymbolVisibility> = (None, parse_opt_symbol_visibility, [TRACKED],
         "overrides the `default_visibility` setting of the target"),
+    deny_partial_mitigations: Vec<MitigationEnablement> = (Vec::new(), parse_deny_partial_mitigations, [UNTRACKED],
+        "Deny mitigations not enabled for all dependency crates (comma separated list)"),
     dep_info_omit_d_target: bool = (false, parse_bool, [TRACKED],
         "in dep-info output, omit targets for tracking dependencies of the dep-info files \
         themselves (default: no)"),
diff --git a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-current-edition.rs b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-current-edition.rs
index 1299e5e003cac..d32c579a8cae1 100644
--- a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-current-edition.rs
+++ b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-current-edition.rs
@@ -3,7 +3,7 @@
 //@ ignore-nvptx64 stack protector is not supported
 //@ ignore-wasm32-unknown-unknown stack protector is not supported
 //@ edition: 2024
-//@ compile-flags: -Z allow-partial-mitigations=!control-flow-guard -C control-flow-guard=on
+//@ compile-flags: -Z deny-partial-mitigations=control-flow-guard -C control-flow-guard=on
 
 // check that in edition 2024, it is still possible to explicitly
 // disallow partial mitigations (in edition=future, they are
diff --git a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.both.stderr b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.both.stderr
index 35801653495ef..50febbee060f2 100644
--- a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.both.stderr
+++ b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.both.stderr
@@ -1,5 +1,5 @@
 error: your program uses the crate `std`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:13:1
+  --> $DIR/err-allow-partial-mitigations.rs:14:1
    |
 LL | fn main() {}
    | ^
@@ -8,7 +8,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `std`, that is not compiled with `control-flow-guard` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:13:1
+  --> $DIR/err-allow-partial-mitigations.rs:14:1
    |
 LL | fn main() {}
    | ^
@@ -17,7 +17,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=control-flow-guard` via `-Z deny-partial-mitigations=control-flow-guard`
 
 error: your program uses the crate `core`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:13:1
+  --> $DIR/err-allow-partial-mitigations.rs:14:1
    |
 LL | fn main() {}
    | ^
@@ -26,7 +26,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `core`, that is not compiled with `control-flow-guard` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:13:1
+  --> $DIR/err-allow-partial-mitigations.rs:14:1
    |
 LL | fn main() {}
    | ^
@@ -35,7 +35,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=control-flow-guard` via `-Z deny-partial-mitigations=control-flow-guard`
 
 error: your program uses the crate `alloc`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:13:1
+  --> $DIR/err-allow-partial-mitigations.rs:14:1
    |
 LL | fn main() {}
    | ^
@@ -44,7 +44,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `alloc`, that is not compiled with `control-flow-guard` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:13:1
+  --> $DIR/err-allow-partial-mitigations.rs:14:1
    |
 LL | fn main() {}
    | ^
@@ -53,7 +53,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=control-flow-guard` via `-Z deny-partial-mitigations=control-flow-guard`
 
 error: your program uses the crate `compiler_builtins`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:13:1
+  --> $DIR/err-allow-partial-mitigations.rs:14:1
    |
 LL | fn main() {}
    | ^
@@ -62,7 +62,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `compiler_builtins`, that is not compiled with `control-flow-guard` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:13:1
+  --> $DIR/err-allow-partial-mitigations.rs:14:1
    |
 LL | fn main() {}
    | ^
@@ -71,7 +71,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=control-flow-guard` via `-Z deny-partial-mitigations=control-flow-guard`
 
 error: your program uses the crate `libc`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:13:1
+  --> $DIR/err-allow-partial-mitigations.rs:14:1
    |
 LL | fn main() {}
    | ^
@@ -80,7 +80,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `libc`, that is not compiled with `control-flow-guard` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:13:1
+  --> $DIR/err-allow-partial-mitigations.rs:14:1
    |
 LL | fn main() {}
    | ^
diff --git a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.disable.stderr b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.disable.stderr
index f0e48e02347b3..b8ca779ed3b6d 100644
--- a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.disable.stderr
+++ b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.disable.stderr
@@ -1,5 +1,5 @@
 error: your program uses the crate `std`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:13:1
+  --> $DIR/err-allow-partial-mitigations.rs:14:1
    |
 LL | fn main() {}
    | ^
@@ -8,7 +8,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `core`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:13:1
+  --> $DIR/err-allow-partial-mitigations.rs:14:1
    |
 LL | fn main() {}
    | ^
@@ -17,7 +17,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `alloc`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:13:1
+  --> $DIR/err-allow-partial-mitigations.rs:14:1
    |
 LL | fn main() {}
    | ^
@@ -26,7 +26,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `compiler_builtins`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:13:1
+  --> $DIR/err-allow-partial-mitigations.rs:14:1
    |
 LL | fn main() {}
    | ^
@@ -35,7 +35,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `libc`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:13:1
+  --> $DIR/err-allow-partial-mitigations.rs:14:1
    |
 LL | fn main() {}
    | ^
diff --git a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.enable-disable.stderr b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.enable-disable.stderr
index f0e48e02347b3..b8ca779ed3b6d 100644
--- a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.enable-disable.stderr
+++ b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.enable-disable.stderr
@@ -1,5 +1,5 @@
 error: your program uses the crate `std`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:13:1
+  --> $DIR/err-allow-partial-mitigations.rs:14:1
    |
 LL | fn main() {}
    | ^
@@ -8,7 +8,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `core`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:13:1
+  --> $DIR/err-allow-partial-mitigations.rs:14:1
    |
 LL | fn main() {}
    | ^
@@ -17,7 +17,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `alloc`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:13:1
+  --> $DIR/err-allow-partial-mitigations.rs:14:1
    |
 LL | fn main() {}
    | ^
@@ -26,7 +26,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `compiler_builtins`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:13:1
+  --> $DIR/err-allow-partial-mitigations.rs:14:1
    |
 LL | fn main() {}
    | ^
@@ -35,7 +35,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `libc`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:13:1
+  --> $DIR/err-allow-partial-mitigations.rs:14:1
    |
 LL | fn main() {}
    | ^
diff --git a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.enable-separately-disable-together.stderr b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.enable-separately-disable-together.stderr
new file mode 100644
index 0000000000000..50febbee060f2
--- /dev/null
+++ b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.enable-separately-disable-together.stderr
@@ -0,0 +1,92 @@
+error: your program uses the crate `std`, that is not compiled with `stack-protector=all` enabled
+  --> $DIR/err-allow-partial-mitigations.rs:14:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `std` with `stack-protector=all` enabled, or use `-Z allow-partial-mitigations=stack-protector` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
+
+error: your program uses the crate `std`, that is not compiled with `control-flow-guard` enabled
+  --> $DIR/err-allow-partial-mitigations.rs:14:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `std` with `control-flow-guard` enabled, or use `-Z allow-partial-mitigations=control-flow-guard` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=control-flow-guard` via `-Z deny-partial-mitigations=control-flow-guard`
+
+error: your program uses the crate `core`, that is not compiled with `stack-protector=all` enabled
+  --> $DIR/err-allow-partial-mitigations.rs:14:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `core` with `stack-protector=all` enabled, or use `-Z allow-partial-mitigations=stack-protector` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
+
+error: your program uses the crate `core`, that is not compiled with `control-flow-guard` enabled
+  --> $DIR/err-allow-partial-mitigations.rs:14:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `core` with `control-flow-guard` enabled, or use `-Z allow-partial-mitigations=control-flow-guard` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=control-flow-guard` via `-Z deny-partial-mitigations=control-flow-guard`
+
+error: your program uses the crate `alloc`, that is not compiled with `stack-protector=all` enabled
+  --> $DIR/err-allow-partial-mitigations.rs:14:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `alloc` with `stack-protector=all` enabled, or use `-Z allow-partial-mitigations=stack-protector` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
+
+error: your program uses the crate `alloc`, that is not compiled with `control-flow-guard` enabled
+  --> $DIR/err-allow-partial-mitigations.rs:14:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `alloc` with `control-flow-guard` enabled, or use `-Z allow-partial-mitigations=control-flow-guard` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=control-flow-guard` via `-Z deny-partial-mitigations=control-flow-guard`
+
+error: your program uses the crate `compiler_builtins`, that is not compiled with `stack-protector=all` enabled
+  --> $DIR/err-allow-partial-mitigations.rs:14:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `compiler_builtins` with `stack-protector=all` enabled, or use `-Z allow-partial-mitigations=stack-protector` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
+
+error: your program uses the crate `compiler_builtins`, that is not compiled with `control-flow-guard` enabled
+  --> $DIR/err-allow-partial-mitigations.rs:14:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `compiler_builtins` with `control-flow-guard` enabled, or use `-Z allow-partial-mitigations=control-flow-guard` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=control-flow-guard` via `-Z deny-partial-mitigations=control-flow-guard`
+
+error: your program uses the crate `libc`, that is not compiled with `stack-protector=all` enabled
+  --> $DIR/err-allow-partial-mitigations.rs:14:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `libc` with `stack-protector=all` enabled, or use `-Z allow-partial-mitigations=stack-protector` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
+
+error: your program uses the crate `libc`, that is not compiled with `control-flow-guard` enabled
+  --> $DIR/err-allow-partial-mitigations.rs:14:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `libc` with `control-flow-guard` enabled, or use `-Z allow-partial-mitigations=control-flow-guard` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=control-flow-guard` via `-Z deny-partial-mitigations=control-flow-guard`
+
+error: aborting due to 10 previous errors
+
diff --git a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.rs b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.rs
index 0aa1c5933ea53..8ba8873053e05 100644
--- a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.rs
+++ b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.rs
@@ -1,14 +1,15 @@
 // ignore-tidy-linelength
-//@ revisions: sp both disable enable-disable wrong-enable
+//@ revisions: sp both disable enable-disable wrong-enable enable-separately-disable-together
 //@ check-fail
 //@ ignore-nvptx64 stack protector is not supported
 //@ ignore-wasm32-unknown-unknown stack protector is not supported
 //@ edition:future
 //@ [both] compile-flags: -Z unstable-options -C control-flow-guard=on -Z stack-protector=all
 //@ [sp] compile-flags:  -Z unstable-options -Z stack-protector=all
-//@ [disable] compile-flags: -Z unstable-options -Z allow-partial-mitigations=!stack-protector -Z stack-protector=all
-//@ [enable-disable] compile-flags: -Z unstable-options -Z allow-partial-mitigations=stack-protector -Z allow-partial-mitigations=!stack-protector -Z stack-protector=all
+//@ [disable] compile-flags: -Z unstable-options -Z deny-partial-mitigations=stack-protector -Z stack-protector=all
+//@ [enable-disable] compile-flags: -Z unstable-options -Z allow-partial-mitigations=stack-protector -Z deny-partial-mitigations=stack-protector -Z stack-protector=all
 //@ [wrong-enable] compile-flags: -Z unstable-options -Z allow-partial-mitigations=control-flow-guard -Z stack-protector=all
+//@ [enable-separately-disable-together] compile-flags: -Z unstable-options -Z allow-partial-mitigations=stack-protector -Z allow-partial-mitigations=control-flow-guard -Z deny-partial-mitigations=control-flow-guard,stack-protector -C control-flow-guard=on -Z stack-protector=all
 
 fn main() {}
 //[both]~^ ERROR that is not compiled with
@@ -41,3 +42,13 @@ fn main() {}
 //[wrong-enable]~| ERROR that is not compiled with
 //[wrong-enable]~| ERROR that is not compiled with
 //[wrong-enable]~| ERROR that is not compiled with
+//[enable-separately-disable-together]~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ERROR that is not compiled with
+//[enable-separately-disable-together]~| ERROR that is not compiled with
+//[enable-separately-disable-together]~| ERROR that is not compiled with
+//[enable-separately-disable-together]~| ERROR that is not compiled with
+//[enable-separately-disable-together]~| ERROR that is not compiled with
+//[enable-separately-disable-together]~| ERROR that is not compiled with
+//[enable-separately-disable-together]~| ERROR that is not compiled with
+//[enable-separately-disable-together]~| ERROR that is not compiled with
+//[enable-separately-disable-together]~| ERROR that is not compiled with
+//[enable-separately-disable-together]~| ERROR that is not compiled with
diff --git a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.sp.stderr b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.sp.stderr
index f0e48e02347b3..b8ca779ed3b6d 100644
--- a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.sp.stderr
+++ b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.sp.stderr
@@ -1,5 +1,5 @@
 error: your program uses the crate `std`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:13:1
+  --> $DIR/err-allow-partial-mitigations.rs:14:1
    |
 LL | fn main() {}
    | ^
@@ -8,7 +8,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `core`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:13:1
+  --> $DIR/err-allow-partial-mitigations.rs:14:1
    |
 LL | fn main() {}
    | ^
@@ -17,7 +17,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `alloc`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:13:1
+  --> $DIR/err-allow-partial-mitigations.rs:14:1
    |
 LL | fn main() {}
    | ^
@@ -26,7 +26,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `compiler_builtins`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:13:1
+  --> $DIR/err-allow-partial-mitigations.rs:14:1
    |
 LL | fn main() {}
    | ^
@@ -35,7 +35,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `libc`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:13:1
+  --> $DIR/err-allow-partial-mitigations.rs:14:1
    |
 LL | fn main() {}
    | ^
diff --git a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.wrong-enable.stderr b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.wrong-enable.stderr
index f0e48e02347b3..b8ca779ed3b6d 100644
--- a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.wrong-enable.stderr
+++ b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.wrong-enable.stderr
@@ -1,5 +1,5 @@
 error: your program uses the crate `std`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:13:1
+  --> $DIR/err-allow-partial-mitigations.rs:14:1
    |
 LL | fn main() {}
    | ^
@@ -8,7 +8,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `core`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:13:1
+  --> $DIR/err-allow-partial-mitigations.rs:14:1
    |
 LL | fn main() {}
    | ^
@@ -17,7 +17,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `alloc`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:13:1
+  --> $DIR/err-allow-partial-mitigations.rs:14:1
    |
 LL | fn main() {}
    | ^
@@ -26,7 +26,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `compiler_builtins`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:13:1
+  --> $DIR/err-allow-partial-mitigations.rs:14:1
    |
 LL | fn main() {}
    | ^
@@ -35,7 +35,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `libc`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:13:1
+  --> $DIR/err-allow-partial-mitigations.rs:14:1
    |
 LL | fn main() {}
    | ^
diff --git a/tests/ui/allow-partial-mitigations/ok-allow-partial-mitigations-minicore.rs b/tests/ui/allow-partial-mitigations/ok-allow-partial-mitigations-minicore.rs
index 16eecd455dbe0..bc8aaa3cb2e61 100644
--- a/tests/ui/allow-partial-mitigations/ok-allow-partial-mitigations-minicore.rs
+++ b/tests/ui/allow-partial-mitigations/ok-allow-partial-mitigations-minicore.rs
@@ -4,7 +4,7 @@
 //@ edition:future
 //@ revisions: default deny
 //@[default] compile-flags: -Z unstable-options -Z stack-protector=all
-//@[deny] compile-flags: -Z allow-partial-mitigations=!stack-protector -Z unstable-options -Z stack-protector=all
+//@[deny] compile-flags: -Z deny-partial-mitigations=stack-protector -Z unstable-options -Z stack-protector=all
 
 // ^ enables stack-protector for both minicore and this crate
 
diff --git a/tests/ui/allow-partial-mitigations/ok-allow-partial-mitigations.rs b/tests/ui/allow-partial-mitigations/ok-allow-partial-mitigations.rs
index c0ec555305841..c0bc09276568f 100644
--- a/tests/ui/allow-partial-mitigations/ok-allow-partial-mitigations.rs
+++ b/tests/ui/allow-partial-mitigations/ok-allow-partial-mitigations.rs
@@ -6,6 +6,6 @@
 //@ ignore-wasm32-unknown-unknown stack protector is not supported
 //@ [both] compile-flags: -Z unstable-options -Z allow-partial-mitigations=stack-protector,control-flow-guard -C control-flow-guard=on -Z stack-protector=all
 //@ [sp] compile-flags:  -Z unstable-options -Z allow-partial-mitigations=stack-protector -Z stack-protector=all
-//@ [disable-enable] compile-flags: -Z unstable-options -Z allow-partial-mitigations=!stack-protector -Z allow-partial-mitigations=stack-protector -Z stack-protector=all
+//@ [disable-enable] compile-flags: -Z unstable-options -Z deny-partial-mitigations=stack-protector -Z allow-partial-mitigations=stack-protector -Z stack-protector=all
 
 fn main() {}

From 5557188f6c6d81fa2b0ae24aa5cf6da13637c0ce Mon Sep 17 00:00:00 2001
From: Ariel Ben-Yehuda <me@arielby.net>
Date: Wed, 10 Dec 2025 20:24:03 +0000
Subject: [PATCH 7/9] enforcable -> enforceable

---
 compiler/rustc_metadata/src/creader.rs                 |  2 +-
 compiler/rustc_metadata/src/rmeta/decoder.rs           |  4 ++--
 compiler/rustc_metadata/src/rmeta/encoder.rs           |  2 +-
 compiler/rustc_metadata/src/rmeta/mod.rs               |  2 +-
 compiler/rustc_metadata/src/rmeta/parameterized.rs     |  2 +-
 compiler/rustc_session/src/options.rs                  | 10 +++++-----
 ...cable_mitigations.rs => enforceable_mitigations.rs} |  0
 7 files changed, 11 insertions(+), 11 deletions(-)
 rename compiler/rustc_session/src/options/{enforcable_mitigations.rs => enforceable_mitigations.rs} (100%)

diff --git a/compiler/rustc_metadata/src/creader.rs b/compiler/rustc_metadata/src/creader.rs
index 8aae529efcb00..83724fb84e138 100644
--- a/compiler/rustc_metadata/src/creader.rs
+++ b/compiler/rustc_metadata/src/creader.rs
@@ -25,7 +25,7 @@ use rustc_middle::ty::data_structures::IndexSet;
 use rustc_middle::ty::{TyCtxt, TyCtxtFeed};
 use rustc_proc_macro::bridge::client::ProcMacro;
 use rustc_session::Session;
-use rustc_session::config::enforcable_mitigations::DeniedPartialMitigationLevel;
+use rustc_session::config::enforceable_mitigations::DeniedPartialMitigationLevel;
 use rustc_session::config::{
     CrateType, ExtendedTargetModifierInfo, ExternLocation, Externs, OptionsTargetModifiers,
     TargetModifier,
diff --git a/compiler/rustc_metadata/src/rmeta/decoder.rs b/compiler/rustc_metadata/src/rmeta/decoder.rs
index 81b06db796c83..64ee905513090 100644
--- a/compiler/rustc_metadata/src/rmeta/decoder.rs
+++ b/compiler/rustc_metadata/src/rmeta/decoder.rs
@@ -30,7 +30,7 @@ use rustc_proc_macro::bridge::client::ProcMacro;
 use rustc_serialize::opaque::MemDecoder;
 use rustc_serialize::{Decodable, Decoder};
 use rustc_session::config::TargetModifier;
-use rustc_session::config::enforcable_mitigations::DeniedPartialMitigation;
+use rustc_session::config::enforceable_mitigations::DeniedPartialMitigation;
 use rustc_session::cstore::{CrateSource, ExternCrate};
 use rustc_span::hygiene::HygieneDecodeContext;
 use rustc_span::{
@@ -82,7 +82,7 @@ pub(crate) type CrateNumMap = IndexVec<CrateNum, CrateNum>;
 /// Target modifiers - abi or exploit mitigations flags that cause unsoundness when mixed
 pub(crate) type TargetModifiers = Vec<TargetModifier>;
 
-/// The set of enforcable mitigations (RFC 3855) that are currently enabled for this crate
+/// The set of enforceable mitigations (RFC 3855) that are currently enabled for this crate
 pub(crate) type DeniedPartialMitigations = Vec<DeniedPartialMitigation>;
 
 pub(crate) struct CrateMetadata {
diff --git a/compiler/rustc_metadata/src/rmeta/encoder.rs b/compiler/rustc_metadata/src/rmeta/encoder.rs
index 75848c206e321..d90139b8b2b92 100644
--- a/compiler/rustc_metadata/src/rmeta/encoder.rs
+++ b/compiler/rustc_metadata/src/rmeta/encoder.rs
@@ -27,7 +27,7 @@ use rustc_middle::ty::codec::TyEncoder;
 use rustc_middle::ty::fast_reject::{self, TreatParams};
 use rustc_middle::{bug, span_bug};
 use rustc_serialize::{Decodable, Decoder, Encodable, Encoder, opaque};
-use rustc_session::config::enforcable_mitigations::DeniedPartialMitigation;
+use rustc_session::config::enforceable_mitigations::DeniedPartialMitigation;
 use rustc_session::config::{CrateType, OptLevel, TargetModifier};
 use rustc_span::hygiene::HygieneEncodeContext;
 use rustc_span::{
diff --git a/compiler/rustc_metadata/src/rmeta/mod.rs b/compiler/rustc_metadata/src/rmeta/mod.rs
index 6f6e356443a69..ef553ece55bf4 100644
--- a/compiler/rustc_metadata/src/rmeta/mod.rs
+++ b/compiler/rustc_metadata/src/rmeta/mod.rs
@@ -34,7 +34,7 @@ use rustc_middle::ty::fast_reject::SimplifiedType;
 use rustc_middle::ty::{self, Ty, TyCtxt, UnusedGenericParams};
 use rustc_middle::util::Providers;
 use rustc_serialize::opaque::FileEncoder;
-use rustc_session::config::enforcable_mitigations::DeniedPartialMitigation;
+use rustc_session::config::enforceable_mitigations::DeniedPartialMitigation;
 use rustc_session::config::{SymbolManglingVersion, TargetModifier};
 use rustc_session::cstore::{CrateDepKind, ForeignModule, LinkagePreference, NativeLib};
 use rustc_span::edition::Edition;
diff --git a/compiler/rustc_metadata/src/rmeta/parameterized.rs b/compiler/rustc_metadata/src/rmeta/parameterized.rs
index 35ea06b384536..39686aeb22ffd 100644
--- a/compiler/rustc_metadata/src/rmeta/parameterized.rs
+++ b/compiler/rustc_metadata/src/rmeta/parameterized.rs
@@ -120,7 +120,7 @@ trivially_parameterized_over_tcx! {
     rustc_middle::ty::adjustment::CoerceUnsizedInfo,
     rustc_middle::ty::fast_reject::SimplifiedType,
     rustc_session::config::TargetModifier,
-    rustc_session::config::enforcable_mitigations::DeniedPartialMitigation,
+    rustc_session::config::enforceable_mitigations::DeniedPartialMitigation,
     rustc_session::cstore::ForeignModule,
     rustc_session::cstore::LinkagePreference,
     rustc_session::cstore::NativeLib,
diff --git a/compiler/rustc_session/src/options.rs b/compiler/rustc_session/src/options.rs
index 5022e4ee0d33e..e4ce830f6a212 100644
--- a/compiler/rustc_session/src/options.rs
+++ b/compiler/rustc_session/src/options.rs
@@ -20,7 +20,7 @@ use rustc_target::spec::{
     TargetTuple, TlsModel,
 };
 
-use crate::config::enforcable_mitigations::MitigationEnablement;
+use crate::config::enforceable_mitigations::MitigationEnablement;
 use crate::config::*;
 use crate::search_paths::SearchPath;
 use crate::utils::NativeLib;
@@ -85,7 +85,7 @@ pub struct TargetModifier {
     pub value_name: String,
 }
 
-pub mod enforcable_mitigations;
+pub mod enforceable_mitigations;
 
 mod target_modifier_consistency_check {
     use super::*;
@@ -889,16 +889,16 @@ mod desc {
         "either a boolean (`yes`, `no`, `on`, `off`, etc), or `nll` (default: `nll`)";
     pub(crate) const parse_align: &str = "a number that is a power of 2 between 1 and 2^29";
     pub(crate) const parse_allow_partial_mitigations: &str =
-        super::enforcable_mitigations::DeniedPartialMitigationKind::KINDS;
+        super::enforceable_mitigations::DeniedPartialMitigationKind::KINDS;
     pub(crate) const parse_deny_partial_mitigations: &str =
-        super::enforcable_mitigations::DeniedPartialMitigationKind::KINDS;
+        super::enforceable_mitigations::DeniedPartialMitigationKind::KINDS;
 }
 
 pub mod parse {
     use std::str::FromStr;
 
     pub(crate) use super::*;
-    use crate::config::enforcable_mitigations::MitigationEnablement;
+    use crate::config::enforceable_mitigations::MitigationEnablement;
     pub(crate) const MAX_THREADS_CAP: usize = 256;
 
     /// This is for boolean options that don't take a value, and are true simply
diff --git a/compiler/rustc_session/src/options/enforcable_mitigations.rs b/compiler/rustc_session/src/options/enforceable_mitigations.rs
similarity index 100%
rename from compiler/rustc_session/src/options/enforcable_mitigations.rs
rename to compiler/rustc_session/src/options/enforceable_mitigations.rs

From 18699c73c32dc8057f56be4dba54a088ce40e087 Mon Sep 17 00:00:00 2001
From: Ariel Ben-Yehuda <me@arielby.net>
Date: Tue, 16 Dec 2025 23:55:35 +0000
Subject: [PATCH 8/9] address review comments

---
 compiler/rustc_metadata/src/creader.rs        |  6 ++---
 compiler/rustc_metadata/src/rmeta/decoder.rs  |  2 +-
 compiler/rustc_metadata/src/rmeta/encoder.rs  |  2 +-
 compiler/rustc_metadata/src/rmeta/mod.rs      |  2 +-
 .../rustc_metadata/src/rmeta/parameterized.rs |  2 +-
 compiler/rustc_session/src/options.rs         | 22 +++++++++----------
 ..._mitigations.rs => mitigation_coverage.rs} | 12 +++++-----
 7 files changed, 24 insertions(+), 24 deletions(-)
 rename compiler/rustc_session/src/options/{enforceable_mitigations.rs => mitigation_coverage.rs} (94%)

diff --git a/compiler/rustc_metadata/src/creader.rs b/compiler/rustc_metadata/src/creader.rs
index 83724fb84e138..62fae032659a7 100644
--- a/compiler/rustc_metadata/src/creader.rs
+++ b/compiler/rustc_metadata/src/creader.rs
@@ -25,7 +25,7 @@ use rustc_middle::ty::data_structures::IndexSet;
 use rustc_middle::ty::{TyCtxt, TyCtxtFeed};
 use rustc_proc_macro::bridge::client::ProcMacro;
 use rustc_session::Session;
-use rustc_session::config::enforceable_mitigations::DeniedPartialMitigationLevel;
+use rustc_session::config::mitigation_coverage::DeniedPartialMitigationLevel;
 use rustc_session::config::{
     CrateType, ExtendedTargetModifierInfo, ExternLocation, Externs, OptionsTargetModifiers,
     TargetModifier,
@@ -461,7 +461,7 @@ impl CStore {
 
     pub fn report_session_incompatibilities(&self, tcx: TyCtxt<'_>, krate: &Crate) {
         self.report_incompatible_target_modifiers(tcx, krate);
-        self.report_incompatible_denied_partial_mitigations(tcx, krate);
+        self.report_incompatible_partial_mitigations(tcx, krate);
         self.report_incompatible_async_drop_feature(tcx, krate);
     }
 
@@ -486,7 +486,7 @@ impl CStore {
         }
     }
 
-    pub fn report_incompatible_denied_partial_mitigations(&self, tcx: TyCtxt<'_>, krate: &Crate) {
+    pub fn report_incompatible_partial_mitigations(&self, tcx: TyCtxt<'_>, krate: &Crate) {
         let my_mitigations = tcx.sess.gather_enabled_denied_partial_mitigations();
         let mut my_mitigations: BTreeMap<_, _> =
             my_mitigations.iter().map(|mitigation| (mitigation.kind, mitigation)).collect();
diff --git a/compiler/rustc_metadata/src/rmeta/decoder.rs b/compiler/rustc_metadata/src/rmeta/decoder.rs
index 64ee905513090..ead64335ecae7 100644
--- a/compiler/rustc_metadata/src/rmeta/decoder.rs
+++ b/compiler/rustc_metadata/src/rmeta/decoder.rs
@@ -30,7 +30,7 @@ use rustc_proc_macro::bridge::client::ProcMacro;
 use rustc_serialize::opaque::MemDecoder;
 use rustc_serialize::{Decodable, Decoder};
 use rustc_session::config::TargetModifier;
-use rustc_session::config::enforceable_mitigations::DeniedPartialMitigation;
+use rustc_session::config::mitigation_coverage::DeniedPartialMitigation;
 use rustc_session::cstore::{CrateSource, ExternCrate};
 use rustc_span::hygiene::HygieneDecodeContext;
 use rustc_span::{
diff --git a/compiler/rustc_metadata/src/rmeta/encoder.rs b/compiler/rustc_metadata/src/rmeta/encoder.rs
index d90139b8b2b92..de0c43ebc9357 100644
--- a/compiler/rustc_metadata/src/rmeta/encoder.rs
+++ b/compiler/rustc_metadata/src/rmeta/encoder.rs
@@ -27,7 +27,7 @@ use rustc_middle::ty::codec::TyEncoder;
 use rustc_middle::ty::fast_reject::{self, TreatParams};
 use rustc_middle::{bug, span_bug};
 use rustc_serialize::{Decodable, Decoder, Encodable, Encoder, opaque};
-use rustc_session::config::enforceable_mitigations::DeniedPartialMitigation;
+use rustc_session::config::mitigation_coverage::DeniedPartialMitigation;
 use rustc_session::config::{CrateType, OptLevel, TargetModifier};
 use rustc_span::hygiene::HygieneEncodeContext;
 use rustc_span::{
diff --git a/compiler/rustc_metadata/src/rmeta/mod.rs b/compiler/rustc_metadata/src/rmeta/mod.rs
index ef553ece55bf4..06c3a38b900f8 100644
--- a/compiler/rustc_metadata/src/rmeta/mod.rs
+++ b/compiler/rustc_metadata/src/rmeta/mod.rs
@@ -34,7 +34,7 @@ use rustc_middle::ty::fast_reject::SimplifiedType;
 use rustc_middle::ty::{self, Ty, TyCtxt, UnusedGenericParams};
 use rustc_middle::util::Providers;
 use rustc_serialize::opaque::FileEncoder;
-use rustc_session::config::enforceable_mitigations::DeniedPartialMitigation;
+use rustc_session::config::mitigation_coverage::DeniedPartialMitigation;
 use rustc_session::config::{SymbolManglingVersion, TargetModifier};
 use rustc_session::cstore::{CrateDepKind, ForeignModule, LinkagePreference, NativeLib};
 use rustc_span::edition::Edition;
diff --git a/compiler/rustc_metadata/src/rmeta/parameterized.rs b/compiler/rustc_metadata/src/rmeta/parameterized.rs
index 39686aeb22ffd..1531584e99788 100644
--- a/compiler/rustc_metadata/src/rmeta/parameterized.rs
+++ b/compiler/rustc_metadata/src/rmeta/parameterized.rs
@@ -120,7 +120,7 @@ trivially_parameterized_over_tcx! {
     rustc_middle::ty::adjustment::CoerceUnsizedInfo,
     rustc_middle::ty::fast_reject::SimplifiedType,
     rustc_session::config::TargetModifier,
-    rustc_session::config::enforceable_mitigations::DeniedPartialMitigation,
+    rustc_session::config::mitigation_coverage::DeniedPartialMitigation,
     rustc_session::cstore::ForeignModule,
     rustc_session::cstore::LinkagePreference,
     rustc_session::cstore::NativeLib,
diff --git a/compiler/rustc_session/src/options.rs b/compiler/rustc_session/src/options.rs
index e4ce830f6a212..88479d97cbb51 100644
--- a/compiler/rustc_session/src/options.rs
+++ b/compiler/rustc_session/src/options.rs
@@ -20,7 +20,7 @@ use rustc_target::spec::{
     TargetTuple, TlsModel,
 };
 
-use crate::config::enforceable_mitigations::MitigationEnablement;
+use crate::config::mitigation_coverage::MitigationCoverage;
 use crate::config::*;
 use crate::search_paths::SearchPath;
 use crate::utils::NativeLib;
@@ -85,7 +85,7 @@ pub struct TargetModifier {
     pub value_name: String,
 }
 
-pub mod enforceable_mitigations;
+pub mod mitigation_coverage;
 
 mod target_modifier_consistency_check {
     use super::*;
@@ -889,16 +889,16 @@ mod desc {
         "either a boolean (`yes`, `no`, `on`, `off`, etc), or `nll` (default: `nll`)";
     pub(crate) const parse_align: &str = "a number that is a power of 2 between 1 and 2^29";
     pub(crate) const parse_allow_partial_mitigations: &str =
-        super::enforceable_mitigations::DeniedPartialMitigationKind::KINDS;
+        super::mitigation_coverage::DeniedPartialMitigationKind::KINDS;
     pub(crate) const parse_deny_partial_mitigations: &str =
-        super::enforceable_mitigations::DeniedPartialMitigationKind::KINDS;
+        super::mitigation_coverage::DeniedPartialMitigationKind::KINDS;
 }
 
 pub mod parse {
     use std::str::FromStr;
 
     pub(crate) use super::*;
-    use crate::config::enforceable_mitigations::MitigationEnablement;
+    use crate::config::mitigation_coverage::MitigationCoverage;
     pub(crate) const MAX_THREADS_CAP: usize = 256;
 
     /// This is for boolean options that don't take a value, and are true simply
@@ -2071,7 +2071,7 @@ pub mod parse {
     }
 
     fn parse_partial_mitigations(
-        slot: &mut Vec<MitigationEnablement>,
+        slot: &mut Vec<MitigationCoverage>,
         v: Option<&str>,
         enabled: bool,
     ) -> bool {
@@ -2079,7 +2079,7 @@ pub mod parse {
             Some(s) => {
                 for sub in s.split(',') {
                     match sub.parse() {
-                        Ok(kind) => slot.push(MitigationEnablement { kind, enabled }),
+                        Ok(kind) => slot.push(MitigationCoverage { kind, enabled }),
                         Err(_) => return false,
                     }
                 }
@@ -2090,14 +2090,14 @@ pub mod parse {
     }
 
     pub(crate) fn parse_allow_partial_mitigations(
-        slot: &mut Vec<MitigationEnablement>,
+        slot: &mut Vec<MitigationCoverage>,
         v: Option<&str>,
     ) -> bool {
         parse_partial_mitigations(slot, v, true)
     }
 
     pub(crate) fn parse_deny_partial_mitigations(
-        slot: &mut Vec<MitigationEnablement>,
+        slot: &mut Vec<MitigationCoverage>,
         v: Option<&str>,
     ) -> bool {
         parse_partial_mitigations(slot, v, false)
@@ -2263,7 +2263,7 @@ options! {
     // tidy-alphabetical-start
     allow_features: Option<Vec<String>> = (None, parse_opt_comma_list, [TRACKED],
         "only allow the listed language features to be enabled in code (comma separated)"),
-    allow_partial_mitigations: Vec<MitigationEnablement> = (Vec::new(), parse_allow_partial_mitigations, [UNTRACKED],
+    allow_partial_mitigations: Vec<MitigationCoverage> = (Vec::new(), parse_allow_partial_mitigations, [UNTRACKED],
         "Allow mitigations not enabled for all dependency crates (comma separated list)"),
     always_encode_mir: bool = (false, parse_bool, [TRACKED],
         "encode MIR of all functions into the crate metadata (default: no)"),
@@ -2332,7 +2332,7 @@ options! {
         "deduplicate identical diagnostics (default: yes)"),
     default_visibility: Option<SymbolVisibility> = (None, parse_opt_symbol_visibility, [TRACKED],
         "overrides the `default_visibility` setting of the target"),
-    deny_partial_mitigations: Vec<MitigationEnablement> = (Vec::new(), parse_deny_partial_mitigations, [UNTRACKED],
+    deny_partial_mitigations: Vec<MitigationCoverage> = (Vec::new(), parse_deny_partial_mitigations, [UNTRACKED],
         "Deny mitigations not enabled for all dependency crates (comma separated list)"),
     dep_info_omit_d_target: bool = (false, parse_bool, [TRACKED],
         "in dep-info output, omit targets for tracking dependencies of the dep-info files \
diff --git a/compiler/rustc_session/src/options/enforceable_mitigations.rs b/compiler/rustc_session/src/options/mitigation_coverage.rs
similarity index 94%
rename from compiler/rustc_session/src/options/enforceable_mitigations.rs
rename to compiler/rustc_session/src/options/mitigation_coverage.rs
index 851659f416e85..d851fac1ea1e8 100644
--- a/compiler/rustc_session/src/options/enforceable_mitigations.rs
+++ b/compiler/rustc_session/src/options/mitigation_coverage.rs
@@ -68,7 +68,7 @@ impl From<StackProtector> for DeniedPartialMitigationLevel {
 pub struct DeniedPartialMitigationKindParseError;
 
 #[derive(Copy, Clone, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, Encodable, BlobDecodable)]
-pub struct MitigationEnablement {
+pub struct MitigationCoverage {
     pub kind: DeniedPartialMitigationKind,
     pub enabled: bool,
 }
@@ -79,7 +79,7 @@ macro_rules! intersperse {
     };
 }
 
-macro_rules! enforced_mitigations {
+macro_rules! denied_partial_mitigations {
     ([$self:ident] enum $kind:ident {$(($name:ident, $text:expr, $since:ident, $code:expr)),*}) => {
         #[derive(Copy, Clone, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, Encodable, BlobDecodable)]
         pub enum DeniedPartialMitigationKind {
@@ -123,7 +123,7 @@ macro_rules! enforced_mitigations {
         }
 
         impl Options {
-            pub fn all_enforced_mitigations(&self) -> impl Iterator<Item = DeniedPartialMitigationKind> {
+            pub fn all_denied_partial_mitigations(&self) -> impl Iterator<Item = DeniedPartialMitigationKind> {
                 [$(DeniedPartialMitigationKind::$name),*].into_iter()
             }
         }
@@ -145,7 +145,7 @@ macro_rules! enforced_mitigations {
     }
 }
 
-enforced_mitigations! {
+denied_partial_mitigations! {
     [self]
     enum DeniedPartialMitigationKind {
         (StackProtector, "stack-protector", EditionFuture, self.stack_protector()),
@@ -153,7 +153,7 @@ enforced_mitigations! {
     }
 }
 
-/// Enforced mitigations, see [RFC 3855](https://github.com/rust-lang/rfcs/pull/3855)
+/// Denied-partial mitigations, see [RFC 3855](https://github.com/rust-lang/rfcs/pull/3855)
 #[derive(Copy, Clone, Debug, PartialEq, Eq, PartialOrd, Ord, Encodable, BlobDecodable)]
 pub struct DeniedPartialMitigation {
     pub kind: DeniedPartialMitigationKind,
@@ -167,7 +167,7 @@ impl Options {
         edition: Edition,
     ) -> impl Iterator<Item = DeniedPartialMitigationKind> {
         let mut result: BTreeSet<_> = self
-            .all_enforced_mitigations()
+            .all_denied_partial_mitigations()
             .filter(|mitigation| mitigation.enforced_since() > edition)
             .collect();
         for mitigation in &self.unstable_opts.allow_partial_mitigations {

From 3d02032d16e94b6fdb9ef0fcb3cf65ac77bca56e Mon Sep 17 00:00:00 2001
From: Ariel Ben-Yehuda <me@arielby.net>
Date: Fri, 20 Feb 2026 01:38:38 +0200
Subject: [PATCH 9/9] reset mitigation status on a mitigation option as per the
 RFC

---
 compiler/rustc_session/src/config.rs          |  12 +-
 compiler/rustc_session/src/options.rs         | 146 ++++++++++--------
 .../src/options/mitigation_coverage.rs        |  94 +++++++++--
 src/librustdoc/config.rs                      |   8 +-
 ...mitigations-1-error.cfg-allow-first.stderr |  47 ++++++
 ...tions-1-error.disable-enable-reset.stderr} |  10 +-
 ...artial-mitigations-1-error.disable.stderr} |  10 +-
 ...mitigations-1-error.enable-disable.stderr} |  10 +-
 .../err-allow-partial-mitigations-1-error.rs  |  20 +++
 ...mitigations-1-error.sp-allow-first.stderr} |  10 +-
 ...llow-partial-mitigations-1-error.sp.stderr |  47 ++++++
 ...al-mitigations-1-error.wrong-enable.stderr |  47 ++++++
 ...-partial-mitigations-2-errors.both.stderr} |  20 +--
 ...enable-separately-disable-together.stderr} |  20 +--
 .../err-allow-partial-mitigations-2-errors.rs |  20 +++
 .../err-allow-partial-mitigations-bad-cli.rs  |  12 ++
 ...r-allow-partial-mitigations-bad-cli.stderr |   2 +
 ...low-partial-mitigations-current-edition.rs |   2 +-
 .../err-allow-partial-mitigations.rs          |  54 -------
 ...low-partial-mitigations-current-edition.rs |  13 ++
 .../ok-allow-partial-mitigations.rs           |   6 +-
 21 files changed, 423 insertions(+), 187 deletions(-)
 create mode 100644 tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-1-error.cfg-allow-first.stderr
 rename tests/ui/allow-partial-mitigations/{err-allow-partial-mitigations.sp.stderr => err-allow-partial-mitigations-1-error.disable-enable-reset.stderr} (89%)
 rename tests/ui/allow-partial-mitigations/{err-allow-partial-mitigations.disable.stderr => err-allow-partial-mitigations-1-error.disable.stderr} (89%)
 rename tests/ui/allow-partial-mitigations/{err-allow-partial-mitigations.enable-disable.stderr => err-allow-partial-mitigations-1-error.enable-disable.stderr} (89%)
 create mode 100644 tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-1-error.rs
 rename tests/ui/allow-partial-mitigations/{err-allow-partial-mitigations.wrong-enable.stderr => err-allow-partial-mitigations-1-error.sp-allow-first.stderr} (89%)
 create mode 100644 tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-1-error.sp.stderr
 create mode 100644 tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-1-error.wrong-enable.stderr
 rename tests/ui/allow-partial-mitigations/{err-allow-partial-mitigations.both.stderr => err-allow-partial-mitigations-2-errors.both.stderr} (89%)
 rename tests/ui/allow-partial-mitigations/{err-allow-partial-mitigations.enable-separately-disable-together.stderr => err-allow-partial-mitigations-2-errors.enable-separately-disable-together.stderr} (89%)
 create mode 100644 tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-2-errors.rs
 create mode 100644 tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-bad-cli.rs
 create mode 100644 tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-bad-cli.stderr
 delete mode 100644 tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.rs
 create mode 100644 tests/ui/allow-partial-mitigations/ok-allow-partial-mitigations-current-edition.rs

diff --git a/compiler/rustc_session/src/config.rs b/compiler/rustc_session/src/config.rs
index b278a6179fe7f..21460fea6e8ae 100644
--- a/compiler/rustc_session/src/config.rs
+++ b/compiler/rustc_session/src/config.rs
@@ -1449,6 +1449,7 @@ impl Default for Options {
             logical_env: FxIndexMap::default(),
             verbose: false,
             target_modifiers: BTreeMap::default(),
+            mitigation_coverage_map: Default::default(),
         }
     }
 }
@@ -2470,9 +2471,9 @@ pub fn build_session_options(early_dcx: &mut EarlyDiagCtxt, matches: &getopts::M
     let crate_types = parse_crate_types_from_list(unparsed_crate_types)
         .unwrap_or_else(|e| early_dcx.early_fatal(e));
 
-    let mut target_modifiers = BTreeMap::<OptionsTargetModifiers, String>::new();
+    let mut collected_options = Default::default();
 
-    let mut unstable_opts = UnstableOptions::build(early_dcx, matches, &mut target_modifiers);
+    let mut unstable_opts = UnstableOptions::build(early_dcx, matches, &mut collected_options);
     let (lint_opts, describe_lints, lint_cap) = get_cmd_lint_options(early_dcx, matches);
 
     if !unstable_opts.unstable_options && json_timings {
@@ -2488,7 +2489,7 @@ pub fn build_session_options(early_dcx: &mut EarlyDiagCtxt, matches: &getopts::M
 
     let output_types = parse_output_types(early_dcx, &unstable_opts, matches);
 
-    let mut cg = CodegenOptions::build(early_dcx, matches, &mut target_modifiers);
+    let mut cg = CodegenOptions::build(early_dcx, matches, &mut collected_options);
     let (disable_local_thinlto, codegen_units) = should_override_cgus_and_disable_thinlto(
         early_dcx,
         &output_types,
@@ -2641,7 +2642,7 @@ pub fn build_session_options(early_dcx: &mut EarlyDiagCtxt, matches: &getopts::M
     // -Zretpoline-external-thunk also requires -Zretpoline
     if unstable_opts.retpoline_external_thunk {
         unstable_opts.retpoline = true;
-        target_modifiers.insert(
+        collected_options.target_modifiers.insert(
             OptionsTargetModifiers::UnstableOptions(UnstableOptionsTargetModifiers::retpoline),
             "true".to_string(),
         );
@@ -2802,7 +2803,8 @@ pub fn build_session_options(early_dcx: &mut EarlyDiagCtxt, matches: &getopts::M
         color,
         logical_env,
         verbose,
-        target_modifiers,
+        target_modifiers: collected_options.target_modifiers,
+        mitigation_coverage_map: collected_options.mitigations,
     }
 }
 
diff --git a/compiler/rustc_session/src/options.rs b/compiler/rustc_session/src/options.rs
index 88479d97cbb51..92668cda33c25 100644
--- a/compiler/rustc_session/src/options.rs
+++ b/compiler/rustc_session/src/options.rs
@@ -20,7 +20,6 @@ use rustc_target::spec::{
     TargetTuple, TlsModel,
 };
 
-use crate::config::mitigation_coverage::MitigationCoverage;
 use crate::config::*;
 use crate::search_paths::SearchPath;
 use crate::utils::NativeLib;
@@ -200,15 +199,15 @@ macro_rules! gather_tmods {
         tmod_push!($struct_name, $tmod_enum_name, $opt_name, $opt_expr, $init, $mods, $tmod_vals)
     };
     ($struct_name:ident, $tmod_enum_name:ident, $opt_name:ident, $opt_expr:expr, $init:expr, $mods:expr, $tmod_vals:expr,
-        [SUBSTRUCT], []) => {
+        [SUBSTRUCT], [$(MITIGATION)?]) => {
         $opt_expr.gather_target_modifiers($mods, $tmod_vals);
     };
     ($struct_name:ident, $tmod_enum_name:ident, $opt_name:ident, $opt_expr:expr, $init:expr, $mods:expr, $tmod_vals:expr,
-        [UNTRACKED], []) => {{}};
+        [UNTRACKED], [$(MITIGATION)?]) => {{}};
     ($struct_name:ident, $tmod_enum_name:ident, $opt_name:ident, $opt_expr:expr, $init:expr, $mods:expr, $tmod_vals:expr,
-        [TRACKED], []) => {{}};
+        [TRACKED], [$(MITIGATION)?]) => {{}};
     ($struct_name:ident, $tmod_enum_name:ident, $opt_name:ident, $opt_expr:expr, $init:expr, $mods:expr, $tmod_vals:expr,
-        [TRACKED_NO_CRATE_HASH], []) => {{}};
+        [TRACKED_NO_CRATE_HASH], [$(MITIGATION)?]) => {{}};
 }
 
 macro_rules! gather_tmods_top_level {
@@ -218,7 +217,7 @@ macro_rules! gather_tmods_top_level {
     ($opt_name:ident, $opt_expr:expr, $mods:expr, $tmod_vals:expr, [$non_substruct:ident TARGET_MODIFIER]) => {
         compile_error!("Top level option can't be target modifier");
     };
-    ($opt_name:ident, $opt_expr:expr, $mods:expr, $tmod_vals:expr, [$non_substruct:ident]) => {};
+    ($opt_name:ident, $opt_expr:expr, $mods:expr, $tmod_vals:expr, [$non_substruct:ident $(MITIGATION)?]) => {};
 }
 
 /// Macro for generating OptionsTargetsModifiers top-level enum with impl.
@@ -323,6 +322,7 @@ macro_rules! top_level_options {
                 pub $opt: $t
             ),*,
             pub target_modifiers: BTreeMap<OptionsTargetModifiers, String>,
+            pub mitigation_coverage_map: mitigation_coverage::MitigationCoverageMap,
         }
 
         impl Options {
@@ -506,11 +506,20 @@ top_level_options!(
     }
 );
 
+macro_rules! mitigation_enum_opt {
+    ($opt:ident, MITIGATION) => {
+        Some(mitigation_coverage::DeniedPartialMitigationKind::$opt)
+    };
+    ($opt:ident, $(TARGET_MODIFIER)?) => {
+        None
+    };
+}
+
 macro_rules! tmod_enum_opt {
-    ($struct_name:ident, $tmod_enum_name:ident, $opt:ident, $v:ident) => {
+    ($struct_name:ident, $tmod_enum_name:ident, $opt:ident, TARGET_MODIFIER) => {
         Some(OptionsTargetModifiers::$struct_name($tmod_enum_name::$opt))
     };
-    ($struct_name:ident, $tmod_enum_name:ident, $opt:ident, ) => {
+    ($struct_name:ident, $tmod_enum_name:ident, $opt:ident, $(MITIGATION)?) => {
         None
     };
 }
@@ -582,7 +591,7 @@ macro_rules! tmod_enum {
     (
         $tmod_enum_name:ident, $prefix:expr,
         @parse {$($eout:tt)*}, ($puser_value:ident){$($pout:tt)*};
-            $opt:ident, $parse:ident, $t:ty, [] |
+            $opt:ident, $parse:ident, $t:ty, [$(MITIGATION)?] |
         $($tail:tt)*
     ) => {
         tmod_enum! {
@@ -599,6 +608,47 @@ macro_rules! tmod_enum {
     };
 }
 
+#[derive(Default)]
+pub struct CollectedOptions {
+    pub target_modifiers: BTreeMap<OptionsTargetModifiers, String>,
+    pub mitigations: mitigation_coverage::MitigationCoverageMap,
+}
+
+macro_rules! setter_for {
+    // the allow/deny-mitigations options use collected/index instead of the cg, since they
+    // work across option groups
+    (allow_partial_mitigations, $struct_name:ident, $parse:ident) => {
+        pub(super) fn allow_partial_mitigations(
+            _cg: &mut super::$struct_name,
+            collected: &mut super::CollectedOptions,
+            v: Option<&str>,
+            index: usize,
+        ) -> bool {
+            collected.mitigations.handle_allowdeny_mitigation_option(v, index, true)
+        }
+    };
+    (deny_partial_mitigations, $struct_name:ident, $parse:ident) => {
+        pub(super) fn deny_partial_mitigations(
+            _cg: &mut super::$struct_name,
+            collected: &mut super::CollectedOptions,
+            v: Option<&str>,
+            index: usize,
+        ) -> bool {
+            collected.mitigations.handle_allowdeny_mitigation_option(v, index, false)
+        }
+    };
+    ($opt:ident, $struct_name:ident, $parse:ident) => {
+        pub(super) fn $opt(
+            cg: &mut super::$struct_name,
+            _collected: &mut super::CollectedOptions,
+            v: Option<&str>,
+            _index: usize,
+        ) -> bool {
+            super::parse::$parse(&mut redirect_field!(cg.$opt), v)
+        }
+    };
+}
+
 /// Defines all `CodegenOptions`/`DebuggingOptions` fields and parsers all at once. The goal of this
 /// macro is to define an interface that can be programmatically used by the option parser
 /// to initialize the struct without hardcoding field names all over the place.
@@ -612,7 +662,7 @@ macro_rules! options {
      $($( #[$attr:meta] )* $opt:ident : $t:ty = (
         $init:expr,
         $parse:ident,
-        [$dep_tracking_marker:ident $( $tmod:ident )?],
+        [$dep_tracking_marker:ident $( $modifier_kind:ident )?],
         $desc:expr
         $(, deprecated_do_nothing: $dnn:literal )?)
      ),* ,) =>
@@ -621,7 +671,7 @@ macro_rules! options {
     #[rustc_lint_opt_ty]
     pub struct $struct_name { $( $( #[$attr] )* pub $opt: $t),* }
 
-    tmod_enum!( $tmod_enum_name, $prefix, {$($opt, $parse, $t, [$($tmod),*])|*} );
+    tmod_enum!( $tmod_enum_name, $prefix, {$($opt, $parse, $t, [$($modifier_kind),*])|*} );
 
     impl Default for $struct_name {
         fn default() -> $struct_name {
@@ -633,7 +683,7 @@ macro_rules! options {
         pub fn build(
             early_dcx: &EarlyDiagCtxt,
             matches: &getopts::Matches,
-            target_modifiers: &mut BTreeMap<OptionsTargetModifiers, String>,
+            target_modifiers: &mut CollectedOptions,
         ) -> $struct_name {
             build_options(early_dcx, matches, target_modifiers, $stat, $prefix, $outputname)
         }
@@ -663,7 +713,7 @@ macro_rules! options {
         ) {
             $({
                 gather_tmods!($struct_name, $tmod_enum_name, $opt, &self.$opt, $init, _mods, _tmod_vals,
-                    [$dep_tracking_marker], [$($tmod),*]);
+                    [$dep_tracking_marker], [$($modifier_kind),*]);
             })*
         }
     }
@@ -671,13 +721,13 @@ macro_rules! options {
     pub const $stat: OptionDescrs<$struct_name> =
         &[ $( OptionDesc{ name: stringify!($opt), setter: $optmod::$opt,
             type_desc: desc::$parse, desc: $desc, is_deprecated_and_do_nothing: false $( || $dnn )?,
-            tmod: tmod_enum_opt!($struct_name, $tmod_enum_name, $opt, $($tmod),*) } ),* ];
+            tmod: tmod_enum_opt!($struct_name, $tmod_enum_name, $opt, $($modifier_kind),*),
+            mitigation: mitigation_enum_opt!($opt, $($modifier_kind),*),
+        } ),* ];
 
     mod $optmod {
     $(
-        pub(super) fn $opt(cg: &mut super::$struct_name, v: Option<&str>) -> bool {
-            super::parse::$parse(&mut redirect_field!(cg.$opt), v)
-        }
+        setter_for!($opt, $struct_name, $parse);
     )*
     }
 
@@ -694,9 +744,6 @@ impl CodegenOptions {
 // Sometimes different options need to build a common structure.
 // That structure can be kept in one of the options' fields, the others become dummy.
 macro_rules! redirect_field {
-    ($cg:ident.deny_partial_mitigations) => {
-        $cg.allow_partial_mitigations
-    };
     ($cg:ident.link_arg) => {
         $cg.link_args
     };
@@ -708,7 +755,7 @@ macro_rules! redirect_field {
     };
 }
 
-type OptionSetter<O> = fn(&mut O, v: Option<&str>) -> bool;
+type OptionSetter<O> = fn(&mut O, &mut CollectedOptions, v: Option<&str>, pos: usize) -> bool;
 type OptionDescrs<O> = &'static [OptionDesc<O>];
 
 pub struct OptionDesc<O> {
@@ -720,6 +767,7 @@ pub struct OptionDesc<O> {
     desc: &'static str,
     is_deprecated_and_do_nothing: bool,
     tmod: Option<OptionsTargetModifiers>,
+    mitigation: Option<mitigation_coverage::DeniedPartialMitigationKind>,
 }
 
 impl<O> OptionDesc<O> {
@@ -735,13 +783,13 @@ impl<O> OptionDesc<O> {
 fn build_options<O: Default>(
     early_dcx: &EarlyDiagCtxt,
     matches: &getopts::Matches,
-    target_modifiers: &mut BTreeMap<OptionsTargetModifiers, String>,
+    collected_options: &mut CollectedOptions,
     descrs: OptionDescrs<O>,
     prefix: &str,
     outputname: &str,
 ) -> O {
     let mut op = O::default();
-    for option in matches.opt_strs(prefix) {
+    for (index, option) in matches.opt_strs_pos(prefix) {
         let (key, value) = match option.split_once('=') {
             None => (option, None),
             Some((k, v)) => (k.to_string(), Some(v)),
@@ -756,13 +804,14 @@ fn build_options<O: Default>(
                 desc,
                 is_deprecated_and_do_nothing,
                 tmod,
+                mitigation,
             }) => {
                 if *is_deprecated_and_do_nothing {
                     // deprecation works for prefixed options only
                     assert!(!prefix.is_empty());
                     early_dcx.early_warn(format!("`-{prefix} {key}`: {desc}"));
                 }
-                if !setter(&mut op, value) {
+                if !setter(&mut op, collected_options, value, index) {
                     match value {
                         None => early_dcx.early_fatal(
                             format!(
@@ -778,7 +827,10 @@ fn build_options<O: Default>(
                 }
                 if let Some(tmod) = *tmod {
                     let v = value.map_or(String::new(), ToOwned::to_owned);
-                    target_modifiers.insert(tmod, v);
+                    collected_options.target_modifiers.insert(tmod, v);
+                }
+                if let Some(mitigation) = mitigation {
+                    collected_options.mitigations.reset_mitigation(*mitigation, index);
                 }
             }
             None => early_dcx.early_fatal(format!("unknown {outputname} option: `{key}`")),
@@ -898,7 +950,6 @@ pub mod parse {
     use std::str::FromStr;
 
     pub(crate) use super::*;
-    use crate::config::mitigation_coverage::MitigationCoverage;
     pub(crate) const MAX_THREADS_CAP: usize = 256;
 
     /// This is for boolean options that don't take a value, and are true simply
@@ -2069,39 +2120,6 @@ pub mod parse {
 
         true
     }
-
-    fn parse_partial_mitigations(
-        slot: &mut Vec<MitigationCoverage>,
-        v: Option<&str>,
-        enabled: bool,
-    ) -> bool {
-        match v {
-            Some(s) => {
-                for sub in s.split(',') {
-                    match sub.parse() {
-                        Ok(kind) => slot.push(MitigationCoverage { kind, enabled }),
-                        Err(_) => return false,
-                    }
-                }
-                true
-            }
-            None => false,
-        }
-    }
-
-    pub(crate) fn parse_allow_partial_mitigations(
-        slot: &mut Vec<MitigationCoverage>,
-        v: Option<&str>,
-    ) -> bool {
-        parse_partial_mitigations(slot, v, true)
-    }
-
-    pub(crate) fn parse_deny_partial_mitigations(
-        slot: &mut Vec<MitigationCoverage>,
-        v: Option<&str>,
-    ) -> bool {
-        parse_partial_mitigations(slot, v, false)
-    }
 }
 
 options! {
@@ -2124,7 +2142,7 @@ options! {
     collapse_macro_debuginfo: CollapseMacroDebuginfo = (CollapseMacroDebuginfo::Unspecified,
         parse_collapse_macro_debuginfo, [TRACKED],
         "set option to collapse debuginfo for macros"),
-    control_flow_guard: CFGuard = (CFGuard::Disabled, parse_cfguard, [TRACKED],
+    control_flow_guard: CFGuard = (CFGuard::Disabled, parse_cfguard, [TRACKED MITIGATION],
         "use Windows Control Flow Guard (default: no)"),
     debug_assertions: Option<bool> = (None, parse_opt_bool, [TRACKED],
         "explicitly enable the `cfg(debug_assertions)` directive"),
@@ -2263,7 +2281,9 @@ options! {
     // tidy-alphabetical-start
     allow_features: Option<Vec<String>> = (None, parse_opt_comma_list, [TRACKED],
         "only allow the listed language features to be enabled in code (comma separated)"),
-    allow_partial_mitigations: Vec<MitigationCoverage> = (Vec::new(), parse_allow_partial_mitigations, [UNTRACKED],
+    // the real parser is at the `setter_for` macro, to allow `-Z` and `-C` options to
+    // work together.
+    allow_partial_mitigations: () = ((), parse_allow_partial_mitigations, [UNTRACKED],
         "Allow mitigations not enabled for all dependency crates (comma separated list)"),
     always_encode_mir: bool = (false, parse_bool, [TRACKED],
         "encode MIR of all functions into the crate metadata (default: no)"),
@@ -2332,7 +2352,7 @@ options! {
         "deduplicate identical diagnostics (default: yes)"),
     default_visibility: Option<SymbolVisibility> = (None, parse_opt_symbol_visibility, [TRACKED],
         "overrides the `default_visibility` setting of the target"),
-    deny_partial_mitigations: Vec<MitigationCoverage> = (Vec::new(), parse_deny_partial_mitigations, [UNTRACKED],
+    deny_partial_mitigations: () = ((), parse_deny_partial_mitigations, [UNTRACKED],
         "Deny mitigations not enabled for all dependency crates (comma separated list)"),
     dep_info_omit_d_target: bool = (false, parse_bool, [TRACKED],
         "in dep-info output, omit targets for tracking dependencies of the dep-info files \
@@ -2718,7 +2738,7 @@ written to standard error output)"),
     src_hash_algorithm: Option<SourceFileHashAlgorithm> = (None, parse_src_file_hash, [TRACKED],
         "hash algorithm of source files in debug info (`md5`, `sha1`, or `sha256`)"),
     #[rustc_lint_opt_deny_field_access("use `Session::stack_protector` instead of this field")]
-    stack_protector: StackProtector = (StackProtector::None, parse_stack_protector, [TRACKED],
+    stack_protector: StackProtector = (StackProtector::None, parse_stack_protector, [TRACKED MITIGATION],
         "control stack smash protection strategy (`rustc --print stack-protector-strategies` for details)"),
     staticlib_allow_rdylib_deps: bool = (false, parse_bool, [TRACKED],
         "allow staticlibs to have rust dylib dependencies"),
diff --git a/compiler/rustc_session/src/options/mitigation_coverage.rs b/compiler/rustc_session/src/options/mitigation_coverage.rs
index d851fac1ea1e8..cf839706fe787 100644
--- a/compiler/rustc_session/src/options/mitigation_coverage.rs
+++ b/compiler/rustc_session/src/options/mitigation_coverage.rs
@@ -1,4 +1,4 @@
-use std::collections::BTreeSet;
+use std::collections::{BTreeMap, BTreeSet};
 use std::str::FromStr;
 
 use rustc_macros::{BlobDecodable, Encodable};
@@ -65,14 +65,66 @@ impl From<StackProtector> for DeniedPartialMitigationLevel {
     }
 }
 
-pub struct DeniedPartialMitigationKindParseError;
+#[derive(Copy, Clone)]
+struct MitigationStatus {
+    // This is the index of the option in the command line. This is needed because
+    // re-enabling a mitigation resets the partial mitigation status if it's later in the command
+    // line, and this works across `-C` and `-Z` args.
+    //
+    // e.g. `-Z stack-protector=strong` resets `-C allow-partial-mitigations=stack-protector`.
+    index: usize,
+    allowed: Option<bool>,
+}
 
-#[derive(Copy, Clone, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, Encodable, BlobDecodable)]
-pub struct MitigationCoverage {
-    pub kind: DeniedPartialMitigationKind,
-    pub enabled: bool,
+#[derive(Clone, Default)]
+pub struct MitigationCoverageMap {
+    map: BTreeMap<DeniedPartialMitigationKind, MitigationStatus>,
 }
 
+impl MitigationCoverageMap {
+    fn apply_mitigation(
+        &mut self,
+        kind: DeniedPartialMitigationKind,
+        index: usize,
+        allowed: Option<bool>,
+    ) {
+        self.map
+            .entry(kind)
+            .and_modify(|e| {
+                if index >= e.index {
+                    *e = MitigationStatus { index, allowed }
+                }
+            })
+            .or_insert(MitigationStatus { index, allowed });
+    }
+
+    pub(crate) fn handle_allowdeny_mitigation_option(
+        &mut self,
+        v: Option<&str>,
+        index: usize,
+        allowed: bool,
+    ) -> bool {
+        match v {
+            Some(s) => {
+                for sub in s.split(',') {
+                    match sub.parse() {
+                        Ok(kind) => self.apply_mitigation(kind, index, Some(allowed)),
+                        Err(_) => return false,
+                    }
+                }
+                true
+            }
+            None => false,
+        }
+    }
+
+    pub(crate) fn reset_mitigation(&mut self, kind: DeniedPartialMitigationKind, index: usize) {
+        self.apply_mitigation(kind, index, None);
+    }
+}
+
+pub struct DeniedPartialMitigationKindParseError;
+
 macro_rules! intersperse {
     ($sep:expr, ($first:expr $(, $rest:expr)* $(,)?)) => {
         concat!($first $(, $sep, $rest)*)
@@ -81,6 +133,7 @@ macro_rules! intersperse {
 
 macro_rules! denied_partial_mitigations {
     ([$self:ident] enum $kind:ident {$(($name:ident, $text:expr, $since:ident, $code:expr)),*}) => {
+        #[allow(non_camel_case_types)]
         #[derive(Copy, Clone, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, Encodable, BlobDecodable)]
         pub enum DeniedPartialMitigationKind {
             $($name),*
@@ -113,12 +166,13 @@ macro_rules! denied_partial_mitigations {
 
         #[allow(unused)]
         impl DeniedPartialMitigationKind {
-            pub fn enforced_since(&self) -> Edition {
-                match self {
+            pub fn allowed_by_default_at(&self, edition: Edition) -> bool {
+                let enforced_since = match self {
                     // Should change the enforced-since edition of StackProtector to 2015
                     // (all editions) when `-C stack-protector` is stabilized.
                     $(DeniedPartialMitigationKind::$name => Edition::$since),*
-                }
+                };
+                edition < enforced_since
             }
         }
 
@@ -148,8 +202,10 @@ macro_rules! denied_partial_mitigations {
 denied_partial_mitigations! {
     [self]
     enum DeniedPartialMitigationKind {
-        (StackProtector, "stack-protector", EditionFuture, self.stack_protector()),
-        (ControlFlowGuard, "control-flow-guard", EditionFuture, self.opts.cg.control_flow_guard == CFGuard::Checks)
+        // The mitigation name should match the option name in rustc_session::options,
+        // to allow for resetting the mitigation
+        (stack_protector, "stack-protector", EditionFuture, self.stack_protector()),
+        (control_flow_guard, "control-flow-guard", EditionFuture, self.opts.cg.control_flow_guard == CFGuard::Checks)
     }
 }
 
@@ -168,13 +224,17 @@ impl Options {
     ) -> impl Iterator<Item = DeniedPartialMitigationKind> {
         let mut result: BTreeSet<_> = self
             .all_denied_partial_mitigations()
-            .filter(|mitigation| mitigation.enforced_since() > edition)
+            .filter(|mitigation| mitigation.allowed_by_default_at(edition))
             .collect();
-        for mitigation in &self.unstable_opts.allow_partial_mitigations {
-            if mitigation.enabled {
-                result.insert(mitigation.kind);
-            } else {
-                result.remove(&mitigation.kind);
+        for (kind, MitigationStatus { index: _, allowed }) in &self.mitigation_coverage_map.map {
+            match allowed {
+                Some(true) => {
+                    result.insert(*kind);
+                }
+                Some(false) => {
+                    result.remove(kind);
+                }
+                None => {}
             }
         }
         result.into_iter()
diff --git a/src/librustdoc/config.rs b/src/librustdoc/config.rs
index 3d4b4e969157c..c98049e4c3df6 100644
--- a/src/librustdoc/config.rs
+++ b/src/librustdoc/config.rs
@@ -409,9 +409,9 @@ impl Options {
             config::parse_error_format(early_dcx, matches, color, json_color, json_rendered);
         let diagnostic_width = matches.opt_get("diagnostic-width").unwrap_or_default();
 
-        let mut target_modifiers = BTreeMap::<OptionsTargetModifiers, String>::new();
-        let codegen_options = CodegenOptions::build(early_dcx, matches, &mut target_modifiers);
-        let unstable_opts = UnstableOptions::build(early_dcx, matches, &mut target_modifiers);
+        let mut collected_options = Default::default();
+        let codegen_options = CodegenOptions::build(early_dcx, matches, &mut collected_options);
+        let unstable_opts = UnstableOptions::build(early_dcx, matches, &mut collected_options);
 
         let remap_path_prefix = match parse_remap_path_prefix(matches) {
             Ok(prefix_mappings) => prefix_mappings,
@@ -874,7 +874,7 @@ impl Options {
             scrape_examples_options,
             unstable_features,
             doctest_build_args,
-            target_modifiers,
+            target_modifiers: collected_options.target_modifiers,
         };
         let render_options = RenderOptions {
             output,
diff --git a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-1-error.cfg-allow-first.stderr b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-1-error.cfg-allow-first.stderr
new file mode 100644
index 0000000000000..24bcf83a9be6f
--- /dev/null
+++ b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-1-error.cfg-allow-first.stderr
@@ -0,0 +1,47 @@
+error: your program uses the crate `std`, that is not compiled with `control-flow-guard` enabled
+  --> $DIR/err-allow-partial-mitigations-1-error.rs:15:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `std` with `control-flow-guard` enabled, or use `-Z allow-partial-mitigations=control-flow-guard` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=control-flow-guard` via `-Z deny-partial-mitigations=control-flow-guard`
+
+error: your program uses the crate `core`, that is not compiled with `control-flow-guard` enabled
+  --> $DIR/err-allow-partial-mitigations-1-error.rs:15:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `core` with `control-flow-guard` enabled, or use `-Z allow-partial-mitigations=control-flow-guard` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=control-flow-guard` via `-Z deny-partial-mitigations=control-flow-guard`
+
+error: your program uses the crate `alloc`, that is not compiled with `control-flow-guard` enabled
+  --> $DIR/err-allow-partial-mitigations-1-error.rs:15:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `alloc` with `control-flow-guard` enabled, or use `-Z allow-partial-mitigations=control-flow-guard` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=control-flow-guard` via `-Z deny-partial-mitigations=control-flow-guard`
+
+error: your program uses the crate `compiler_builtins`, that is not compiled with `control-flow-guard` enabled
+  --> $DIR/err-allow-partial-mitigations-1-error.rs:15:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `compiler_builtins` with `control-flow-guard` enabled, or use `-Z allow-partial-mitigations=control-flow-guard` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=control-flow-guard` via `-Z deny-partial-mitigations=control-flow-guard`
+
+error: your program uses the crate `libc`, that is not compiled with `control-flow-guard` enabled
+  --> $DIR/err-allow-partial-mitigations-1-error.rs:15:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `libc` with `control-flow-guard` enabled, or use `-Z allow-partial-mitigations=control-flow-guard` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=control-flow-guard` via `-Z deny-partial-mitigations=control-flow-guard`
+
+error: aborting due to 5 previous errors
+
diff --git a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.sp.stderr b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-1-error.disable-enable-reset.stderr
similarity index 89%
rename from tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.sp.stderr
rename to tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-1-error.disable-enable-reset.stderr
index b8ca779ed3b6d..f039dc7acbd09 100644
--- a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.sp.stderr
+++ b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-1-error.disable-enable-reset.stderr
@@ -1,5 +1,5 @@
 error: your program uses the crate `std`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:14:1
+  --> $DIR/err-allow-partial-mitigations-1-error.rs:15:1
    |
 LL | fn main() {}
    | ^
@@ -8,7 +8,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `core`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:14:1
+  --> $DIR/err-allow-partial-mitigations-1-error.rs:15:1
    |
 LL | fn main() {}
    | ^
@@ -17,7 +17,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `alloc`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:14:1
+  --> $DIR/err-allow-partial-mitigations-1-error.rs:15:1
    |
 LL | fn main() {}
    | ^
@@ -26,7 +26,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `compiler_builtins`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:14:1
+  --> $DIR/err-allow-partial-mitigations-1-error.rs:15:1
    |
 LL | fn main() {}
    | ^
@@ -35,7 +35,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `libc`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:14:1
+  --> $DIR/err-allow-partial-mitigations-1-error.rs:15:1
    |
 LL | fn main() {}
    | ^
diff --git a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.disable.stderr b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-1-error.disable.stderr
similarity index 89%
rename from tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.disable.stderr
rename to tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-1-error.disable.stderr
index b8ca779ed3b6d..f039dc7acbd09 100644
--- a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.disable.stderr
+++ b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-1-error.disable.stderr
@@ -1,5 +1,5 @@
 error: your program uses the crate `std`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:14:1
+  --> $DIR/err-allow-partial-mitigations-1-error.rs:15:1
    |
 LL | fn main() {}
    | ^
@@ -8,7 +8,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `core`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:14:1
+  --> $DIR/err-allow-partial-mitigations-1-error.rs:15:1
    |
 LL | fn main() {}
    | ^
@@ -17,7 +17,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `alloc`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:14:1
+  --> $DIR/err-allow-partial-mitigations-1-error.rs:15:1
    |
 LL | fn main() {}
    | ^
@@ -26,7 +26,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `compiler_builtins`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:14:1
+  --> $DIR/err-allow-partial-mitigations-1-error.rs:15:1
    |
 LL | fn main() {}
    | ^
@@ -35,7 +35,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `libc`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:14:1
+  --> $DIR/err-allow-partial-mitigations-1-error.rs:15:1
    |
 LL | fn main() {}
    | ^
diff --git a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.enable-disable.stderr b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-1-error.enable-disable.stderr
similarity index 89%
rename from tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.enable-disable.stderr
rename to tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-1-error.enable-disable.stderr
index b8ca779ed3b6d..f039dc7acbd09 100644
--- a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.enable-disable.stderr
+++ b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-1-error.enable-disable.stderr
@@ -1,5 +1,5 @@
 error: your program uses the crate `std`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:14:1
+  --> $DIR/err-allow-partial-mitigations-1-error.rs:15:1
    |
 LL | fn main() {}
    | ^
@@ -8,7 +8,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `core`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:14:1
+  --> $DIR/err-allow-partial-mitigations-1-error.rs:15:1
    |
 LL | fn main() {}
    | ^
@@ -17,7 +17,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `alloc`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:14:1
+  --> $DIR/err-allow-partial-mitigations-1-error.rs:15:1
    |
 LL | fn main() {}
    | ^
@@ -26,7 +26,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `compiler_builtins`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:14:1
+  --> $DIR/err-allow-partial-mitigations-1-error.rs:15:1
    |
 LL | fn main() {}
    | ^
@@ -35,7 +35,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `libc`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:14:1
+  --> $DIR/err-allow-partial-mitigations-1-error.rs:15:1
    |
 LL | fn main() {}
    | ^
diff --git a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-1-error.rs b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-1-error.rs
new file mode 100644
index 0000000000000..4b419e8212c10
--- /dev/null
+++ b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-1-error.rs
@@ -0,0 +1,20 @@
+// ignore-tidy-linelength
+//@ revisions: sp disable enable-disable wrong-enable disable-enable-reset cfg-allow-first sp-allow-first
+//@ check-fail
+//@ ignore-nvptx64 stack protector is not supported
+//@ ignore-wasm32-unknown-unknown stack protector is not supported
+//@ edition:future
+//@ [sp] compile-flags:  -Z unstable-options -Z stack-protector=all
+//@ [disable] compile-flags: -Z unstable-options -Z deny-partial-mitigations=stack-protector -Z stack-protector=all
+//@ [enable-disable] compile-flags: -Z unstable-options -Z allow-partial-mitigations=stack-protector -Z deny-partial-mitigations=stack-protector -Z stack-protector=all
+//@ [wrong-enable] compile-flags: -Z unstable-options -Z allow-partial-mitigations=control-flow-guard -Z stack-protector=all
+//@ [cfg-allow-first] compile-flags: -Z unstable-options -Z allow-partial-mitigations=stack-protector -C control-flow-guard=on
+//@ [sp-allow-first] compile-flags:  -Z unstable-options -Z allow-partial-mitigations=stack-protector -Z stack-protector=all
+//@ [disable-enable-reset] compile-flags: -Z unstable-options -Z deny-partial-mitigations=stack-protector -Z allow-partial-mitigations=stack-protector -Z stack-protector=all
+
+fn main() {}
+//~^ ERROR that is not compiled with
+//~| ERROR that is not compiled with
+//~| ERROR that is not compiled with
+//~| ERROR that is not compiled with
+//~| ERROR that is not compiled with
diff --git a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.wrong-enable.stderr b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-1-error.sp-allow-first.stderr
similarity index 89%
rename from tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.wrong-enable.stderr
rename to tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-1-error.sp-allow-first.stderr
index b8ca779ed3b6d..f039dc7acbd09 100644
--- a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.wrong-enable.stderr
+++ b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-1-error.sp-allow-first.stderr
@@ -1,5 +1,5 @@
 error: your program uses the crate `std`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:14:1
+  --> $DIR/err-allow-partial-mitigations-1-error.rs:15:1
    |
 LL | fn main() {}
    | ^
@@ -8,7 +8,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `core`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:14:1
+  --> $DIR/err-allow-partial-mitigations-1-error.rs:15:1
    |
 LL | fn main() {}
    | ^
@@ -17,7 +17,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `alloc`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:14:1
+  --> $DIR/err-allow-partial-mitigations-1-error.rs:15:1
    |
 LL | fn main() {}
    | ^
@@ -26,7 +26,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `compiler_builtins`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:14:1
+  --> $DIR/err-allow-partial-mitigations-1-error.rs:15:1
    |
 LL | fn main() {}
    | ^
@@ -35,7 +35,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `libc`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:14:1
+  --> $DIR/err-allow-partial-mitigations-1-error.rs:15:1
    |
 LL | fn main() {}
    | ^
diff --git a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-1-error.sp.stderr b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-1-error.sp.stderr
new file mode 100644
index 0000000000000..f039dc7acbd09
--- /dev/null
+++ b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-1-error.sp.stderr
@@ -0,0 +1,47 @@
+error: your program uses the crate `std`, that is not compiled with `stack-protector=all` enabled
+  --> $DIR/err-allow-partial-mitigations-1-error.rs:15:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `std` with `stack-protector=all` enabled, or use `-Z allow-partial-mitigations=stack-protector` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
+
+error: your program uses the crate `core`, that is not compiled with `stack-protector=all` enabled
+  --> $DIR/err-allow-partial-mitigations-1-error.rs:15:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `core` with `stack-protector=all` enabled, or use `-Z allow-partial-mitigations=stack-protector` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
+
+error: your program uses the crate `alloc`, that is not compiled with `stack-protector=all` enabled
+  --> $DIR/err-allow-partial-mitigations-1-error.rs:15:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `alloc` with `stack-protector=all` enabled, or use `-Z allow-partial-mitigations=stack-protector` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
+
+error: your program uses the crate `compiler_builtins`, that is not compiled with `stack-protector=all` enabled
+  --> $DIR/err-allow-partial-mitigations-1-error.rs:15:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `compiler_builtins` with `stack-protector=all` enabled, or use `-Z allow-partial-mitigations=stack-protector` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
+
+error: your program uses the crate `libc`, that is not compiled with `stack-protector=all` enabled
+  --> $DIR/err-allow-partial-mitigations-1-error.rs:15:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `libc` with `stack-protector=all` enabled, or use `-Z allow-partial-mitigations=stack-protector` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
+
+error: aborting due to 5 previous errors
+
diff --git a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-1-error.wrong-enable.stderr b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-1-error.wrong-enable.stderr
new file mode 100644
index 0000000000000..f039dc7acbd09
--- /dev/null
+++ b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-1-error.wrong-enable.stderr
@@ -0,0 +1,47 @@
+error: your program uses the crate `std`, that is not compiled with `stack-protector=all` enabled
+  --> $DIR/err-allow-partial-mitigations-1-error.rs:15:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `std` with `stack-protector=all` enabled, or use `-Z allow-partial-mitigations=stack-protector` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
+
+error: your program uses the crate `core`, that is not compiled with `stack-protector=all` enabled
+  --> $DIR/err-allow-partial-mitigations-1-error.rs:15:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `core` with `stack-protector=all` enabled, or use `-Z allow-partial-mitigations=stack-protector` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
+
+error: your program uses the crate `alloc`, that is not compiled with `stack-protector=all` enabled
+  --> $DIR/err-allow-partial-mitigations-1-error.rs:15:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `alloc` with `stack-protector=all` enabled, or use `-Z allow-partial-mitigations=stack-protector` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
+
+error: your program uses the crate `compiler_builtins`, that is not compiled with `stack-protector=all` enabled
+  --> $DIR/err-allow-partial-mitigations-1-error.rs:15:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `compiler_builtins` with `stack-protector=all` enabled, or use `-Z allow-partial-mitigations=stack-protector` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
+
+error: your program uses the crate `libc`, that is not compiled with `stack-protector=all` enabled
+  --> $DIR/err-allow-partial-mitigations-1-error.rs:15:1
+   |
+LL | fn main() {}
+   | ^
+   |
+   = note: recompile `libc` with `stack-protector=all` enabled, or use `-Z allow-partial-mitigations=stack-protector` to allow creating an artifact that has the mitigation only partially enabled
+   = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
+
+error: aborting due to 5 previous errors
+
diff --git a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.both.stderr b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-2-errors.both.stderr
similarity index 89%
rename from tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.both.stderr
rename to tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-2-errors.both.stderr
index 50febbee060f2..cbbe300365303 100644
--- a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.both.stderr
+++ b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-2-errors.both.stderr
@@ -1,5 +1,5 @@
 error: your program uses the crate `std`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:14:1
+  --> $DIR/err-allow-partial-mitigations-2-errors.rs:10:1
    |
 LL | fn main() {}
    | ^
@@ -8,7 +8,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `std`, that is not compiled with `control-flow-guard` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:14:1
+  --> $DIR/err-allow-partial-mitigations-2-errors.rs:10:1
    |
 LL | fn main() {}
    | ^
@@ -17,7 +17,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=control-flow-guard` via `-Z deny-partial-mitigations=control-flow-guard`
 
 error: your program uses the crate `core`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:14:1
+  --> $DIR/err-allow-partial-mitigations-2-errors.rs:10:1
    |
 LL | fn main() {}
    | ^
@@ -26,7 +26,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `core`, that is not compiled with `control-flow-guard` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:14:1
+  --> $DIR/err-allow-partial-mitigations-2-errors.rs:10:1
    |
 LL | fn main() {}
    | ^
@@ -35,7 +35,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=control-flow-guard` via `-Z deny-partial-mitigations=control-flow-guard`
 
 error: your program uses the crate `alloc`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:14:1
+  --> $DIR/err-allow-partial-mitigations-2-errors.rs:10:1
    |
 LL | fn main() {}
    | ^
@@ -44,7 +44,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `alloc`, that is not compiled with `control-flow-guard` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:14:1
+  --> $DIR/err-allow-partial-mitigations-2-errors.rs:10:1
    |
 LL | fn main() {}
    | ^
@@ -53,7 +53,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=control-flow-guard` via `-Z deny-partial-mitigations=control-flow-guard`
 
 error: your program uses the crate `compiler_builtins`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:14:1
+  --> $DIR/err-allow-partial-mitigations-2-errors.rs:10:1
    |
 LL | fn main() {}
    | ^
@@ -62,7 +62,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `compiler_builtins`, that is not compiled with `control-flow-guard` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:14:1
+  --> $DIR/err-allow-partial-mitigations-2-errors.rs:10:1
    |
 LL | fn main() {}
    | ^
@@ -71,7 +71,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=control-flow-guard` via `-Z deny-partial-mitigations=control-flow-guard`
 
 error: your program uses the crate `libc`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:14:1
+  --> $DIR/err-allow-partial-mitigations-2-errors.rs:10:1
    |
 LL | fn main() {}
    | ^
@@ -80,7 +80,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `libc`, that is not compiled with `control-flow-guard` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:14:1
+  --> $DIR/err-allow-partial-mitigations-2-errors.rs:10:1
    |
 LL | fn main() {}
    | ^
diff --git a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.enable-separately-disable-together.stderr b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-2-errors.enable-separately-disable-together.stderr
similarity index 89%
rename from tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.enable-separately-disable-together.stderr
rename to tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-2-errors.enable-separately-disable-together.stderr
index 50febbee060f2..cbbe300365303 100644
--- a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.enable-separately-disable-together.stderr
+++ b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-2-errors.enable-separately-disable-together.stderr
@@ -1,5 +1,5 @@
 error: your program uses the crate `std`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:14:1
+  --> $DIR/err-allow-partial-mitigations-2-errors.rs:10:1
    |
 LL | fn main() {}
    | ^
@@ -8,7 +8,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `std`, that is not compiled with `control-flow-guard` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:14:1
+  --> $DIR/err-allow-partial-mitigations-2-errors.rs:10:1
    |
 LL | fn main() {}
    | ^
@@ -17,7 +17,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=control-flow-guard` via `-Z deny-partial-mitigations=control-flow-guard`
 
 error: your program uses the crate `core`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:14:1
+  --> $DIR/err-allow-partial-mitigations-2-errors.rs:10:1
    |
 LL | fn main() {}
    | ^
@@ -26,7 +26,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `core`, that is not compiled with `control-flow-guard` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:14:1
+  --> $DIR/err-allow-partial-mitigations-2-errors.rs:10:1
    |
 LL | fn main() {}
    | ^
@@ -35,7 +35,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=control-flow-guard` via `-Z deny-partial-mitigations=control-flow-guard`
 
 error: your program uses the crate `alloc`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:14:1
+  --> $DIR/err-allow-partial-mitigations-2-errors.rs:10:1
    |
 LL | fn main() {}
    | ^
@@ -44,7 +44,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `alloc`, that is not compiled with `control-flow-guard` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:14:1
+  --> $DIR/err-allow-partial-mitigations-2-errors.rs:10:1
    |
 LL | fn main() {}
    | ^
@@ -53,7 +53,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=control-flow-guard` via `-Z deny-partial-mitigations=control-flow-guard`
 
 error: your program uses the crate `compiler_builtins`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:14:1
+  --> $DIR/err-allow-partial-mitigations-2-errors.rs:10:1
    |
 LL | fn main() {}
    | ^
@@ -62,7 +62,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `compiler_builtins`, that is not compiled with `control-flow-guard` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:14:1
+  --> $DIR/err-allow-partial-mitigations-2-errors.rs:10:1
    |
 LL | fn main() {}
    | ^
@@ -71,7 +71,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=control-flow-guard` via `-Z deny-partial-mitigations=control-flow-guard`
 
 error: your program uses the crate `libc`, that is not compiled with `stack-protector=all` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:14:1
+  --> $DIR/err-allow-partial-mitigations-2-errors.rs:10:1
    |
 LL | fn main() {}
    | ^
@@ -80,7 +80,7 @@ LL | fn main() {}
    = help: it is possible to disable `-Z allow-partial-mitigations=stack-protector` via `-Z deny-partial-mitigations=stack-protector`
 
 error: your program uses the crate `libc`, that is not compiled with `control-flow-guard` enabled
-  --> $DIR/err-allow-partial-mitigations.rs:14:1
+  --> $DIR/err-allow-partial-mitigations-2-errors.rs:10:1
    |
 LL | fn main() {}
    | ^
diff --git a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-2-errors.rs b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-2-errors.rs
new file mode 100644
index 0000000000000..2ce4172023aad
--- /dev/null
+++ b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-2-errors.rs
@@ -0,0 +1,20 @@
+// ignore-tidy-linelength
+//@ revisions: both enable-separately-disable-together
+//@ check-fail
+//@ ignore-nvptx64 stack protector is not supported
+//@ ignore-wasm32-unknown-unknown stack protector is not supported
+//@ edition:future
+//@ [both] compile-flags: -Z unstable-options -C control-flow-guard=on -Z stack-protector=all
+//@ [enable-separately-disable-together] compile-flags: -Z unstable-options -Z allow-partial-mitigations=stack-protector -Z allow-partial-mitigations=control-flow-guard -Z deny-partial-mitigations=control-flow-guard,stack-protector -C control-flow-guard=on -Z stack-protector=all
+
+fn main() {}
+//~^ ERROR that is not compiled with
+//~| ERROR that is not compiled with
+//~| ERROR that is not compiled with
+//~| ERROR that is not compiled with
+//~| ERROR that is not compiled with
+//~| ERROR that is not compiled with
+//~| ERROR that is not compiled with
+//~| ERROR that is not compiled with
+//~| ERROR that is not compiled with
+//~| ERROR that is not compiled with
diff --git a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-bad-cli.rs b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-bad-cli.rs
new file mode 100644
index 0000000000000..0f45830b9b64f
--- /dev/null
+++ b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-bad-cli.rs
@@ -0,0 +1,12 @@
+// ignore-tidy-linelength
+//@ check-fail
+//@ ignore-nvptx64 stack protector is not supported
+//@ ignore-wasm32-unknown-unknown stack protector is not supported
+//@ edition:future
+//@ compile-flags: -Z unstable-options -Z deny-partial-mitigations=garbage
+
+// have a test that the list of mitigations is generated correctly
+
+//~? ERROR incorrect value `garbage` for unstable option `deny-partial-mitigations` - comma-separated list of mitigation kinds (available:
+
+fn main() {}
diff --git a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-bad-cli.stderr b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-bad-cli.stderr
new file mode 100644
index 0000000000000..9af53a1689aec
--- /dev/null
+++ b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-bad-cli.stderr
@@ -0,0 +1,2 @@
+error: incorrect value `garbage` for unstable option `deny-partial-mitigations` - comma-separated list of mitigation kinds (available: `stack-protector`, `control-flow-guard`) was expected
+
diff --git a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-current-edition.rs b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-current-edition.rs
index d32c579a8cae1..5ed5edf63ece2 100644
--- a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-current-edition.rs
+++ b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations-current-edition.rs
@@ -3,7 +3,7 @@
 //@ ignore-nvptx64 stack protector is not supported
 //@ ignore-wasm32-unknown-unknown stack protector is not supported
 //@ edition: 2024
-//@ compile-flags: -Z deny-partial-mitigations=control-flow-guard -C control-flow-guard=on
+//@ compile-flags: -C control-flow-guard=on -Z deny-partial-mitigations=control-flow-guard
 
 // check that in edition 2024, it is still possible to explicitly
 // disallow partial mitigations (in edition=future, they are
diff --git a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.rs b/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.rs
deleted file mode 100644
index 8ba8873053e05..0000000000000
--- a/tests/ui/allow-partial-mitigations/err-allow-partial-mitigations.rs
+++ /dev/null
@@ -1,54 +0,0 @@
-// ignore-tidy-linelength
-//@ revisions: sp both disable enable-disable wrong-enable enable-separately-disable-together
-//@ check-fail
-//@ ignore-nvptx64 stack protector is not supported
-//@ ignore-wasm32-unknown-unknown stack protector is not supported
-//@ edition:future
-//@ [both] compile-flags: -Z unstable-options -C control-flow-guard=on -Z stack-protector=all
-//@ [sp] compile-flags:  -Z unstable-options -Z stack-protector=all
-//@ [disable] compile-flags: -Z unstable-options -Z deny-partial-mitigations=stack-protector -Z stack-protector=all
-//@ [enable-disable] compile-flags: -Z unstable-options -Z allow-partial-mitigations=stack-protector -Z deny-partial-mitigations=stack-protector -Z stack-protector=all
-//@ [wrong-enable] compile-flags: -Z unstable-options -Z allow-partial-mitigations=control-flow-guard -Z stack-protector=all
-//@ [enable-separately-disable-together] compile-flags: -Z unstable-options -Z allow-partial-mitigations=stack-protector -Z allow-partial-mitigations=control-flow-guard -Z deny-partial-mitigations=control-flow-guard,stack-protector -C control-flow-guard=on -Z stack-protector=all
-
-fn main() {}
-//[both]~^ ERROR that is not compiled with
-//[both]~| ERROR that is not compiled with
-//[both]~| ERROR that is not compiled with
-//[both]~| ERROR that is not compiled with
-//[both]~| ERROR that is not compiled with
-//[both]~| ERROR that is not compiled with
-//[both]~| ERROR that is not compiled with
-//[both]~| ERROR that is not compiled with
-//[both]~| ERROR that is not compiled with
-//[both]~| ERROR that is not compiled with
-//[sp]~^^^^^^^^^^^ ERROR that is not compiled with
-//[sp]~| ERROR that is not compiled with
-//[sp]~| ERROR that is not compiled with
-//[sp]~| ERROR that is not compiled with
-//[sp]~| ERROR that is not compiled with
-//[disable]~^^^^^^^^^^^^^^^^ ERROR that is not compiled with
-//[disable]~| ERROR that is not compiled with
-//[disable]~| ERROR that is not compiled with
-//[disable]~| ERROR that is not compiled with
-//[disable]~| ERROR that is not compiled with
-//[enable-disable]~^^^^^^^^^^^^^^^^^^^^^ ERROR that is not compiled with
-//[enable-disable]~| ERROR that is not compiled with
-//[enable-disable]~| ERROR that is not compiled with
-//[enable-disable]~| ERROR that is not compiled with
-//[enable-disable]~| ERROR that is not compiled with
-//[wrong-enable]~^^^^^^^^^^^^^^^^^^^^^^^^^^ ERROR that is not compiled with
-//[wrong-enable]~| ERROR that is not compiled with
-//[wrong-enable]~| ERROR that is not compiled with
-//[wrong-enable]~| ERROR that is not compiled with
-//[wrong-enable]~| ERROR that is not compiled with
-//[enable-separately-disable-together]~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ERROR that is not compiled with
-//[enable-separately-disable-together]~| ERROR that is not compiled with
-//[enable-separately-disable-together]~| ERROR that is not compiled with
-//[enable-separately-disable-together]~| ERROR that is not compiled with
-//[enable-separately-disable-together]~| ERROR that is not compiled with
-//[enable-separately-disable-together]~| ERROR that is not compiled with
-//[enable-separately-disable-together]~| ERROR that is not compiled with
-//[enable-separately-disable-together]~| ERROR that is not compiled with
-//[enable-separately-disable-together]~| ERROR that is not compiled with
-//[enable-separately-disable-together]~| ERROR that is not compiled with
diff --git a/tests/ui/allow-partial-mitigations/ok-allow-partial-mitigations-current-edition.rs b/tests/ui/allow-partial-mitigations/ok-allow-partial-mitigations-current-edition.rs
new file mode 100644
index 0000000000000..6a9c297698b63
--- /dev/null
+++ b/tests/ui/allow-partial-mitigations/ok-allow-partial-mitigations-current-edition.rs
@@ -0,0 +1,13 @@
+// ignore-tidy-linelength
+//@ revisions: no-deny deny-first
+//@ check-pass
+//@ ignore-nvptx64 stack protector is not supported
+//@ ignore-wasm32-unknown-unknown stack protector is not supported
+//@ edition: 2024
+//@ [deny-first] compile-flags: -Z deny-partial-mitigations=control-flow-guard -C control-flow-guard=on
+//@ [no-deny] compile-flags: -C control-flow-guard=on
+
+// check that the `-C control-flow-guard=on` overrides the `-Z deny-partial-mitigations=control-flow-guard`,
+// which in edition 2024 leads to partial mitigations being allowed
+
+fn main() {}
diff --git a/tests/ui/allow-partial-mitigations/ok-allow-partial-mitigations.rs b/tests/ui/allow-partial-mitigations/ok-allow-partial-mitigations.rs
index c0bc09276568f..804873f397516 100644
--- a/tests/ui/allow-partial-mitigations/ok-allow-partial-mitigations.rs
+++ b/tests/ui/allow-partial-mitigations/ok-allow-partial-mitigations.rs
@@ -4,8 +4,8 @@
 //@ edition:future
 //@ ignore-nvptx64 stack protector is not supported
 //@ ignore-wasm32-unknown-unknown stack protector is not supported
-//@ [both] compile-flags: -Z unstable-options -Z allow-partial-mitigations=stack-protector,control-flow-guard -C control-flow-guard=on -Z stack-protector=all
-//@ [sp] compile-flags:  -Z unstable-options -Z allow-partial-mitigations=stack-protector -Z stack-protector=all
-//@ [disable-enable] compile-flags: -Z unstable-options -Z deny-partial-mitigations=stack-protector -Z allow-partial-mitigations=stack-protector -Z stack-protector=all
+//@ [both] compile-flags: -Z unstable-options -Z stack-protector=all -C control-flow-guard=on -Z allow-partial-mitigations=stack-protector,control-flow-guard
+//@ [sp] compile-flags:  -Z unstable-options -Z stack-protector=all -Z allow-partial-mitigations=stack-protector
+//@ [disable-enable] compile-flags: -Z unstable-options -Z deny-partial-mitigations=stack-protector -Z stack-protector=all -Z allow-partial-mitigations=stack-protector
 
 fn main() {}