-C target_cpu=cortex-a72
(and -target-cpu=native
on Raspberry Pi) wrongly enables crypto features that are optional on Cortex-A72
#125033
Labels
A-LLVM
Area: Code generation parts specific to LLVM. Both correctness bugs and optimization-related issues.
A-target-feature
Area: Enabling/disabling target features like AVX, Neon, etc.
A-targets
Area: Concerning the implications of different compiler targets
C-bug
Category: This is a bug.
I-unsound
Issue: A soundness hole (worst kind of bug), see: https://en.wikipedia.org/wiki/Soundness
O-AArch64
Armv8-A or later processors in AArch64 mode
P-critical
Critical priority
T-compiler
Relevant to the compiler team, which will review and decide on the PR/issue.
Building with
RUSTFLAGS="-C target_cpu=cortex-a72"
statically enables thetarget_feature="aes"
,target_feature="crc"
,target_feature="pmuv3"
, andtarget_feature="sha2"
. However, at least the crypto features AES, CRC, and SHA2 are optional on this CPU. The definition for this target is wrong. See the upstream LLVM bug: llvm/llvm-project#90365.The main consequence is that crypto libraries that use
cfg(target_feature = ...)
feature detection for these hardware instructions are getting miscompiled, causing the programs to, at best, crash with an illegal instruction exception. This particular affects Raspberry Pi users compiling withRUSTLFAGS=-target-cpu=native
. From briansmith/ring#1858 (comment):I verified this is an issue on Rust 1.61 stable, 1.78 stable, and rustc 1.80.0-nightly (6e1d947 2024-05-10).
Although some crypto libraries may work around this issue, these workarounds have negative consequences. In the case of ring's workaround, the result of the workaround is bloat and worse performance on all AArch64 CPUs that actually are guaranteed to have the crypto extensions (except on Fuchsia, Windows, and macOS).
The text was updated successfully, but these errors were encountered: