Add the -Z randomize-layout flag
#457
Labels
major-change
A proposal to make a major change to rustc
major-change-accepted
A major change proposal that was accepted
T-compiler
Add this label so rfcbot knows to poll the compiler team
Comments
Kixiron
added
major-change
|
This issue is not meant to be used for technical discussion. There is a Zulip stream for that. Use this issue to leave procedural comments, such as volunteering to review, indicating that you second the proposal (or third, etc), or raising a concern that you would like to be addressed. cc @rust-lang/compiler @rust-lang/compiler-contributors |
|
@rustbot second |
rustbot
added
the
final-comment-period
|
@rustbot label -final-comment-period +major-change-accepted |
rustbot
added
major-change-accepted
matthiaskrgr
added a commit
to matthiaskrgr/rust
that referenced
this issue
Dec 18, 2021
Add user seed to `-Z randomize-layout` Allows users of -`Z randomize-layout` to provide `-Z layout-seed=<seed>` in order to further randomizing type layout randomization. Extension of [compiler-team/rust-lang#457](rust-lang/compiler-team#457), allows users to change struct layouts without changing code and hoping that item path hashes change, aiding in detecting layout errors
hawkw
added a commit
to hawkw/mycelium
that referenced
this issue
Jun 19, 2022
`cordyceps` and `maitake` currently contain code that perform layout-dependent casts (in this case, casting a ptr to struct to a ptr to the struct's first subfield), which would be UB if those structs were not `#[repr(C)]`. the `-Zrandomize-layout` flag tells the Rust compiler to randomize the layout of all `#[repr(Rust)]` structs (see rust-lang/compiler-team#457 for details). if we ever perform a layout-dependent cast on a struct that is not `#[repr(C)]` (or `#[repr(transparent)]`), layout randomization would break that cast. enabling this flag while running the Miri tests will help to catch any bugs introduced by accidentally performing such a cast on a non-layout-dependent type. i also made some changes to the `bin/miri` script. this was primarily to add comments on the individual flags that are added to `$MIRIFLAGS`, so that we can remember what they're doing when we look back at the script. the actual behavior should be identical, but the values added to `$MIRIFLAGS` are now declared in an array so that each flag can have a comment. Closes #229 Signed-off-by: Eliza Weisman <[email protected]>
hawkw
added a commit
to hawkw/mycelium
that referenced
this issue
Jun 19, 2022
`cordyceps` and `maitake` currently contain code that perform layout-dependent casts (in this case, casting a ptr to struct to a ptr to the struct's first subfield), which would be UB if those structs were not `#[repr(C)]`. the `-Zrandomize-layout` flag tells the Rust compiler to randomize the layout of all `#[repr(Rust)]` structs (see rust-lang/compiler-team#457 for details). if we ever perform a layout-dependent cast on a struct that is not `#[repr(C)]` (or `#[repr(transparent)]`), layout randomization would break that cast. enabling this flag while running the Miri tests will help to catch any bugs introduced by accidentally performing such a cast on a non-layout-dependent type. i also made some changes to the `bin/miri` script. this was primarily to add comments on the individual flags that are added to `$MIRIFLAGS`, so that we can remember what they're doing when we look back at the script. the actual behavior should be identical, but the values added to `$MIRIFLAGS` are now declared in an array so that each flag can have a comment. Closes #229 Signed-off-by: Eliza Weisman <[email protected]>
hawkw
added a commit
to hawkw/mycelium
that referenced
this issue
Jun 21, 2022
`cordyceps` and `maitake` currently contain code that perform layout-dependent casts (in this case, casting a ptr to struct to a ptr to the struct's first subfield), which would be UB if those structs were not `#[repr(C)]`. the `-Zrandomize-layout` flag tells the Rust compiler to randomize the layout of all `#[repr(Rust)]` structs (see rust-lang/compiler-team#457 for details). if we ever perform a layout-dependent cast on a struct that is not `#[repr(C)]` (or `#[repr(transparent)]`), layout randomization would break that cast. enabling this flag while running the Miri tests will help to catch any bugs introduced by accidentally performing such a cast on a non-layout-dependent type. i also made some changes to the `bin/miri` script. this was primarily to add comments on the individual flags that are added to `$MIRIFLAGS`, so that we can remember what they're doing when we look back at the script. the actual behavior should be identical, but the values added to `$MIRIFLAGS` are now declared in an array so that each flag can have a comment. Closes #229 Signed-off-by: Eliza Weisman <[email protected]>
51 tasks
3 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Proposal
Adds the
-Z randomize-layoutflag and infrastructure required for it. The randomize layout flag randomizes/shuffles/otherwise makes unpredictable the layout ofrepr(Rust)types, which do not have a specified layout. This is to aid in debugging programs, detecting undefined behavior and running crater experiments. This does not affect any types with specified layouts, such as#[repr(C)]or#[repr(transparent)]types. This is strictly an opt-in flag and will not affect current stable code unless the end user explicitly uses the-Z randomize-layoutflag with a nightly compiler.Mentors or Reviewers
@eddyb
Process
The main points of the Major Change Process are as follows:
@rustbot second.-C flag, then full team check-off is required.@rfcbot fcp mergeon either the MCP or the PR.You can read more about Major Change Proposals on forge.
Comments
This issue is not meant to be used for technical discussion. There is a Zulip stream for that. Use this issue to leave procedural comments, such as volunteering to review, indicating that you second the proposal (or third, etc), or raising a concern that you would like to be addressed.
The text was updated successfully, but these errors were encountered: