Closed
Description
(Moved from #69098 (comment) with an added PoC.)
The following program (playground) demonstrates how current implementation of target_feature_11 allows using a target_feature from safe code without ensuring it's actually available:
#![feature(target_feature_11)]
#[target_feature(enable="avx")]
fn use_avx() {
println!("Hello from AVX")
}
fn call_it(f: impl FnOnce()) {
f();
}
fn main() {
call_it(use_avx);
}This is unsound because it allows executing (e.g.) AVX instructions on CPUs that do not implement them, which is UB. It only works because "safe fns with target_features" are erroneously considered to implement the FnOnce/FnMut/Fn traits.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Metadata
Assignees
Labels
Area: Enabling/disabling target features like AVX, Neon, etc.Category: This is a bug.target feature 1.1 RFCIssue: A soundness hole (worst kind of bug), see: https://en.wikipedia.org/wiki/SoundnessRelevant to the compiler team, which will review and decide on the PR/issue.Relevant to the language team, which will review and decide on the PR/issue.This issue requires a nightly compiler in some way.