segfault when compiling with address sanitizer and debug variable locations

[mikebenfield]

In the crate rustc-demangle-capi version 0.1.0
(wget https://crates.io.api/v1/crates/rustc-demangle-capi/0.1.0/download)

I do this

$ RUSTFLAGS="-Cpasses=sancov-module -Cllvm-args=-sanitizer-coverage-level=4 -Cllvm-args=-sanitizer-coverage-inline-8bit-counters -Cllvm-args=-sanitizer-coverage-trace-compares -Cllvm-args=-sanitizer-coverage-pc-table -Cllvm-args=-sanitizer-coverage-trace-divs -Cllvm-args=-sanitizer-coverage-trace-geps -Cllvm-args=-sanitizer-coverage-prune-blocks=0 -Clink-arg=-Wl,--no-gc-sections -Cdebuginfo=2  -Zsanitizer=address -Copt-level=3 -Cllvm-args=-experimental-debug-variable-locations=1" cargo build

I get a segfault:

error: could not compile `rustc-demangle`

Caused by:
  process didn't exit successfully: `rustc --crate-name rustc_demangle /usr/local/google/home/mbenfield/.cargo/registry/src/github.heygears.com-1ecc6299db9ec823/rustc-demangle-0.1.21/src/lib.rs --error-format=json --json=diagnostic-rendered-ansi,artifacts,future-incompat --crate-type lib --emit=dep-info,metadata,link -C embed-bitcode=no -C debuginfo=2 -C metadata=5d383c335f8e8ef8 -C extra-filename=-5d383c335f8e8ef8 --out-dir /usr/local/google/home/mbenfield/Current/rust-segfault/rustc-demangle-capi-0.1.0/target/debug/deps -L dependency=/usr/local/google/home/mbenfield/Current/rust-segfault/rustc-demangle-capi-0.1.0/target/debug/deps --cap-lints allow -Cpasses=sancov-module -Cllvm-args=-sanitizer-coverage-level=4 -Cllvm-args=-sanitizer-coverage-inline-8bit-counters -Cllvm-args=-sanitizer-coverage-trace-compares -Cllvm-args=-sanitizer-coverage-pc-table -Cllvm-args=-sanitizer-coverage-trace-divs -Cllvm-args=-sanitizer-coverage-trace-geps -Cllvm-args=-sanitizer-coverage-prune-blocks=0 -Clink-arg=-Wl,--no-gc-sections -Cdebuginfo=2 -Zsanitizer=address -Zallow-features=sanitizer,backtrace -Copt-level=3 -Cllvm-args=-experimental-debug-variable-locations=1` (signal: 11, SIGSEGV: invalid memory reference)

rustc --version --verbose:

rustc 1.64.0-nightly (38b72154d 2022-07-11)
binary: rustc
commit-hash: 38b72154ded23847cd08a796d0c6708b5efac265
commit-date: 2022-07-11
host: x86_64-unknown-linux-gnu
release: 1.64.0-nightly
LLVM version: 14.0.6

Note that -experimental-debug-variable-locations=1 is now the default on x86-64 (since this LLVM commit, which is in Rust's LLVM repo since around 1.61), so that option doesn't actually have to be present. If we turn it off with -Cllvm-args=-experimental-debug-variable-locations=0 no segfault happens.

I suppose this is likely actually an LLVM problem, but I only have an illustration of the bug in Rust code.

I have another crate which also causes rustc to segfault when using the same options, but it's a big thing with lots of dependencies, so I'm illustrating the problem with rustc-demangle-capi.

[evanrichter]

This issue also occurs when compiling the fuzz harness of multer-rs: https://github.com/rousan/multer-rs and adding RUSTFLAGS="-Cllvm-args=-experimental-debug-variable-locations=0" fixes the issue here too

[tgross35]

Can anyone reproduce this still?

Ref #39699

[Jules-Bertholet]

@rustbot label A-sanitizers

[jieyouxu]

Triage: missing a recent reproduction, closing for now but feel free to reopen if there's a more recent repro.