Closed
Description
Better reproducer here: #114488 (comment)
I do not have proof that this isn't UB in regex but considering how much we have run that crate in Miri I think it is much more likely that this is a miscompilation of some kind.
fn main() {
let _ = regex::Regex::new("");
}Run with this pile of flags, as far as I can tell they are all required
$ RUSTFLAGS="-Cdebuginfo=2 -Zmir-opt-level=2 -Zmir-enable-passes=+DestinationPropagation -Cembed-bitcode=yes -Clto=fat -Cpanic=abort -Copt-level=3" cargo run
Compiling memchr v2.5.0
Compiling regex-syntax v0.7.4
Compiling aho-corasick v1.0.2
Compiling regex-automata v0.3.4
Compiling regex v1.9.1
Compiling scratch v0.1.0 (/tmp/scratch)
Finished dev [unoptimized + debuginfo] target(s) in 16.62s
Running `target/x86_64-unknown-linux-gnu/debug/scratch`
Segmentation fault (core dumped)
gdb says the segfault is here:
#0 core::sync::atomic::atomic_add<usize> (dst=0x1)
at /rustc/474709a9a2a74a8bcf0055fadb335d0ca0d2d939/library/core/src/sync/atomic.rs:3217
#1 core::sync::atomic::AtomicUsize::fetch_add ()
at /rustc/474709a9a2a74a8bcf0055fadb335d0ca0d2d939/library/core/src/sync/atomic.rs:2545
#2 alloc::sync::{impl#28}::clone<dyn regex_automata::util::prefilter::PrefilterI, alloc::alloc::Global> (self=<optimized out>)
at /rustc/474709a9a2a74a8bcf0055fadb335d0ca0d2d939/library/alloc/src/sync.rs:2022
#3 regex_automata::util::prefilter::{impl#3}::clone () at src/util/prefilter/mod.rs:141
#4 core::option::{impl#5}::clone<regex_automata::util::prefilter::Prefilter> (self=<optimized out>)
at /rustc/474709a9a2a74a8bcf0055fadb335d0ca0d2d939/library/core/src/option.rs:1968
#5 regex_automata::meta::wrappers::HybridEngine::new (info=0x7fff9afa5c90, pre=..., nfa=<optimized out>,
nfarev=<optimized out>) at src/meta/wrappers.rs:540
#6 regex_automata::meta::wrappers::Hybrid::new (info=0x7fff9afa5c90, pre=..., nfa=<optimized out>, nfarev=0x7fff9afa5e00)
at src/meta/wrappers.rs:502
#7 0x0000559770000239 in regex_automata::meta::strategy::Core::new (info=..., pre=..., hirs=...) at src/meta/strategy.rs:517
#8 regex_automata::meta::strategy::new (info=<optimized out>, hirs=...) at src/meta/strategy.rs:151
#9 0x000055977002c439 in regex_automata::meta::regex::Builder::build_many_from_hir<regex_syntax::hir::Hir> (
self=<optimized out>, hirs=...) at src/meta/regex.rs:3464
#10 regex_automata::meta::regex::Builder::build_many<&str> (self=<optimized out>, patterns=...) at src/meta/regex.rs:3352
#11 regex_automata::meta::regex::Builder::build (self=<optimized out>, pattern=...) at src/meta/regex.rs:3271
#12 0x000055976ffc4e88 in regex::builders::Builder::build_one_string (self=0x7fff9afa9488)
at /home/ben/.cargo/registry/src/index.crates.io-6f17d22bba15001f/regex-1.9.1/src/builders.rs:77
#13 regex::builders::string::RegexBuilder::build (self=0x7fff9afa9488)
at /home/ben/.cargo/registry/src/index.crates.io-6f17d22bba15001f/regex-1.9.1/src/builders.rs:223
#14 regex::regex::string::Regex::new (re=...)
at /home/ben/.cargo/registry/src/index.crates.io-6f17d22bba15001f/regex-1.9.1/src/regex/string.rs:181
#15 scratch::main () at src/main.rs:2
searched nightlies: from nightly-2023-07-06 to nightly-2023-07-19
regressed nightly: nightly-2023-07-15
searched commit range: 7bd81ee...ad96323
regressed commit: 079e544
bisected with cargo-bisect-rustc v0.6.6
Host triple: x86_64-unknown-linux-gnu
Reproduce with:
cargo bisect-rustc --start 2023-07-06 --end 2023-07-19 --script script Metadata
Metadata
Assignees
Labels
Area: Code generationArea: Debugging information in compiled programs (DWARF, PDB, etc.)Area: MIR optimizationsCategory: This is a bug.Issue: A soundness hole (worst kind of bug), see: https://en.wikipedia.org/wiki/SoundnessCritical priorityRelevant to the compiler team, which will review and decide on the PR/issue.Performance or correctness regression from stable to nightly.