Always STATUS_ACCESS_VIOLATION error in "cargo build"

Finally, I found the reason of the problem. It is the latest version problem of 'rustc' program.

From the v1.83, the "STATUS_ACCESS_VIOLATION" error came out when I try to build the "hello" sample code. Below v1.82, it's OK, no problem to build and run the code.

• ver 1.81 --> OK
• ver 1.82 --> OK
• ver 1.83 --> Error
• ver 1.84 --> Error

My computer spec is:

• Processor: 11th Gen Intel(R) Core(TM) i7-11600H @ 2.90GHz 2.92 GHz
• OS: Win 11 v21H2

The reason why I couldn't find this problem before is that I used wrong command to downgrade the 'rustc' version.

• I did wrong way to downgrade the version: rustup install 1.81
• The right way to downgrade the version: rustup default 1.81
  --> I didn't know this command, so I thought I downgraded the version and tested it.

Therefore, though I re-installed the Windows and re-installed Rust using rustup-init.exe, the latest version of Rust was installed in my PC, and it caused the problem.

I didn't know this and thought the problem was with the company's DRM software. That's because I had the same problem when I installed Rust on another PC. But the problem was with the latest version. The other PC was the same model of laptop, but I had installed the latest version of Rust using rustup_init.exe, which caused the problem.

Below is my test result according to the 'rustc' version:

--------------
[Ver 1.81] --> OK

D:\tmp\test1>rustc --version
rustc 1.81.0 (eeb90cda1 2024-09-04)

D:\tmp\test1>cargo run
    Finished `dev` profile [unoptimized + debuginfo] target(s) in 0.03s
     Running `target\debug\test1.exe`
Hello, world!

-------------
[Ver 1.82] --> OK

D:\tmp\test1>rustc --version
rustc 1.82.0 (f6e511eec 2024-10-15)

D:\tmp\test1>cargo build
   Compiling test1 v0.1.0 (D:\tmp\test1)
    Finished `dev` profile [unoptimized + debuginfo] target(s) in 1.71s

D:\tmp\test1>cargo run
    Finished `dev` profile [unoptimized + debuginfo] target(s) in 0.03s
     Running `target\debug\test1.exe`
Hello, world!

-------------
[Ver 1.83] --> Error

D:\tmp\test1>rustc --version
rustc 1.83.0 (90b35a623 2024-11-26)

D:\tmp\test1>cargo clean
     Removed 35 files, 3.0MiB total

D:\tmp\test1>cargo build
   Compiling test1 v0.1.0 (D:\tmp\test1)
error: could not compile `test1` (bin "test1")

Caused by:
  process didn't exit successfully: `C:\Users\hj7.park\.rustup\toolchains\1.83-x86_64-pc-windows-msvc\bin\rustc.exe --crate-name test1 --edition=2021 src/main.rs --error-format=json --json=diagnostic-rendered-ansi,artifacts,future-incompat --diagnostic-width=119 --crate-type bin --emit=dep-info,link -C embed-bitcode=no -C debuginfo=2 --check-cfg cfg(docsrs) --check-cfg "cfg(feature, values())" -C metadata=99d5b0c255016219 --out-dir D:\tmp\test1\target\debug\deps -C incremental=D:\tmp\test1\target\debug\incremental -L dependency=D:\tmp\test1\target\debug\deps` (exit code: 0xc0000005, STATUS_ACCESS_VIOLATION)
  
  ---------------
  [Ver 1.84] --> Error

  D:\tmp\test1>cargo clean
     Removed 7 files, 16.7KiB total

D:\tmp\test1>cargo build
   Compiling test1 v0.1.0 (D:\tmp\test1)
error: could not compile `test1` (bin "test1")

Caused by:
  process didn't exit successfully: `C:\Users\hj7.park\.rustup\toolchains\1.84-x86_64-pc-windows-msvc\bin\rustc.exe --crate-name test1 --edition=2021 src\main.rs --error-format=json --json=diagnostic-rendered-ansi,artifacts,future-incompat --diagnostic-width=119 --crate-type bin --emit=dep-info,link -C embed-bitcode=no -C debuginfo=2 --check-cfg cfg(docsrs) --check-cfg "cfg(feature, values())" -C metadata=3818258f0814ea6f --out-dir D:\tmp\test1\target\debug\deps -C incremental=D:\tmp\test1\target\debug\incremental -L dependency=D:\tmp\test1\target\debug\deps` (exit code: 0xc0000005, STATUS_ACCESS_VIOLATION)

D:\tmp\test1>rustc --version
rustc 1.84.0 (9fc6b4312 2025-01-07)

It would probably be useful for troubleshooting to capture the crash in a debugger. VS or WinDbg will work. It will give you more detailed information about the cause of the crash.

I changed default Rust version to v1.84 and made a 'Error condition' and dumped using WinDbg by commanding "cargo build". Below is the dump, but I couldn't analyse it.

Microsoft (R) Windows Debugger Version 10.0.27725.1000 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.

CommandLine: cargo build
Starting directory: d:\tmp\testa

************* Path validation summary **************
Response                         Time (ms)     Location
Deferred                                       srv*
Symbol search path is: srv*
Executable search path is: 

+------------------------------------------------------------------------+
| This target supports Hardware-enforced Stack Protection. A HW based    |
| "Shadow Stack" may be available to assist in debugging and analysis.   |
| See aka.ms/userhsp for more info.                                      |
|                                                                        |
| dps @ssp                                                               |
|                                                                        |
+------------------------------------------------------------------------+

ModLoad: 00007ff6`6f060000 00007ff6`6f8ee000   rustup_init.exe
ModLoad: 00007ffb`4eca0000 00007ffb`4eeaa000   ntdll.dll
ModLoad: 00007ffb`4cb00000 00007ffb`4cbbd000   C:\Windows\System32\KERNEL32.DLL
ModLoad: 00007ffb`4c340000 00007ffb`4c6c5000   C:\Windows\System32\KERNELBASE.dll
ModLoad: 00007ffb`4e1a0000 00007ffb`4e251000   C:\Windows\System32\advapi32.dll
ModLoad: 00007ffb`4e440000 00007ffb`4e4e3000   C:\Windows\System32\msvcrt.dll
ModLoad: 00007ffb`4dae0000 00007ffb`4db81000   C:\Windows\System32\sechost.dll
ModLoad: 00007ffb`4cac0000 00007ffb`4cae7000   C:\Windows\System32\bcrypt.dll
ModLoad: 00007ffb`4e6f0000 00007ffb`4e811000   C:\Windows\System32\RPCRT4.dll
ModLoad: 00007ffb`4dc80000 00007ffb`4de1a000   C:\Windows\System32\ole32.dll
ModLoad: 00007ffb`4c100000 00007ffb`4c19d000   C:\Windows\System32\msvcp_win.dll
ModLoad: 00007ffb`4c750000 00007ffb`4c861000   C:\Windows\System32\ucrtbase.dll
ModLoad: 00007ffb`4e550000 00007ffb`4e579000   C:\Windows\System32\GDI32.dll
ModLoad: 00007ffb`4c310000 00007ffb`4c336000   C:\Windows\System32\win32u.dll
ModLoad: 00007ffb`4c870000 00007ffb`4c98c000   C:\Windows\System32\gdi32full.dll
ModLoad: 00007ffb`4e820000 00007ffb`4e9cc000   C:\Windows\System32\USER32.dll
ModLoad: 00007ffb`4de20000 00007ffb`4e196000   C:\Windows\System32\combase.dll
ModLoad: 00007ffb`4e580000 00007ffb`4e656000   C:\Windows\System32\oleaut32.dll
ModLoad: 00007ffb`4c1a0000 00007ffb`4c302000   C:\Windows\System32\crypt32.dll
ModLoad: 00007ffb`4d510000 00007ffb`4d57f000   C:\Windows\System32\ws2_32.dll
ModLoad: 00007ffb`4cbc0000 00007ffb`4d386000   C:\Windows\System32\shell32.dll
ModLoad: 00007ffb`4b990000 00007ffb`4b99c000   C:\Windows\SYSTEM32\CRYPTBASE.DLL
(3e9c.31ac): Break instruction exception - code 80000003 (first chance)
ntdll!LdrpDoDebuggerBreak+0x30:
00007ffb`4ed7cb44 cc              int     3
0:000> .dump /ma "d:\tmp\cargo_build.dmp"
Creating d:\tmp\cargo_build.dmp - mini user dump
Dump successfully written
NatVis script unloaded from 'C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2410.11001.0_x64__8wekyb3d8bbwe\amd64\Visualizers\atlmfc.natvis'
NatVis script unloaded from 'C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2410.11001.0_x64__8wekyb3d8bbwe\amd64\Visualizers\concurrency.natvis'
NatVis script unloaded from 'C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2410.11001.0_x64__8wekyb3d8bbwe\amd64\Visualizers\cpp_rest.natvis'
NatVis script unloaded from 'C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2410.11001.0_x64__8wekyb3d8bbwe\amd64\Visualizers\ObjectiveC.natvis'
NatVis script unloaded from 'C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2410.11001.0_x64__8wekyb3d8bbwe\amd64\Visualizers\stl.natvis'
NatVis script unloaded from 'C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2410.11001.0_x64__8wekyb3d8bbwe\amd64\Visualizers\Windows.Data.Json.natvis'
NatVis script unloaded from 'C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2410.11001.0_x64__8wekyb3d8bbwe\amd64\Visualizers\Windows.Devices.Geolocation.natvis'
NatVis script unloaded from 'C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2410.11001.0_x64__8wekyb3d8bbwe\amd64\Visualizers\Windows.Devices.Sensors.natvis'
NatVis script unloaded from 'C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2410.11001.0_x64__8wekyb3d8bbwe\amd64\Visualizers\Windows.Media.natvis'
NatVis script unloaded from 'C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2410.11001.0_x64__8wekyb3d8bbwe\amd64\Visualizers\windows.natvis'
NatVis script unloaded from 'C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2410.11001.0_x64__8wekyb3d8bbwe\amd64\Visualizers\winrt.natvis'

************* Preparing the environment for Debugger Extensions Gallery repositories **************
   ExtensionRepository : Implicit
   UseExperimentalFeatureForNugetShare : true
   AllowNugetExeUpdate : true
   NonInteractiveNuget : true
   AllowNugetMSCredentialProviderInstall : true
   AllowParallelInitializationOfLocalRepositories : true
   EnableRedirectToChakraJsProvider : false

   -- Configuring repositories
      ----> Repository : LocalInstalled, Enabled: true
      ----> Repository : UserExtensions, Enabled: true

>>>>>>>>>>>>> Preparing the environment for Debugger Extensions Gallery repositories completed, duration 0.000 seconds

************* Waiting for Debugger Extensions Gallery to Initialize **************

>>>>>>>>>>>>> Waiting for Debugger Extensions Gallery to Initialize completed, duration 0.031 seconds
   ----> Repository : UserExtensions, Enabled: true, Packages count: 0
   ----> Repository : LocalInstalled, Enabled: true, Packages count: 42

Microsoft (R) Windows Debugger Version 10.0.27725.1000 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [D:\tmp\cargo_build.dmp]
User Mini Dump File with Full Memory: Only application data is available


************* Path validation summary **************
Response                         Time (ms)     Location
Deferred                                       srv*
Symbol search path is: srv*
Executable search path is: 
Windows 10 Version 22000 MP (12 procs) Free x64
Product: WinNt, suite: SingleUserTS
Edition build lab: 22000.1.amd64fre.co_release.210604-1628
Debug session time: Mon Jan 13 16:12:31.000 2025 (UTC + 9:00)
System Uptime: 2 days 9:15:04.846
Process Uptime: 0 days 0:00:46.000
......................
This dump file has a breakpoint exception stored in it.
The stored exception information can be accessed via .ecxr.

+------------------------------------------------------------------------+
| This target supports Hardware-enforced Stack Protection. A HW based    |
| "Shadow Stack" may be available to assist in debugging and analysis.   |
| See aka.ms/userhsp for more info.                                      |
|                                                                        |
| dps @ssp                                                               |
|                                                                        |
+------------------------------------------------------------------------+

For analysis of this file, run !analyze -v
ntdll!LdrpDoDebuggerBreak+0x30:
00007ffb`4ed7cb44 cc              int     3

Can you run the k command to get a backtrace?

I did 'k' command in the WinDbg, but I'm not familiar with WinDbg, I don't know that the log means.

1:001> k
 # Child-SP          RetAddr               Call Site
00 0000008d`a9a8eea0 00007ffb`4ed7fc68     ntdll!LdrpDoDebuggerBreak+0x30
01 0000008d`a9a8eee0 00007ffb`4ed6d696     ntdll!LdrpInitializeProcess+0x1bec
02 0000008d`a9a8f2a0 00007ffb`4ed1b283     ntdll!_LdrpInitialize+0x523da
03 0000008d`a9a8f320 00007ffb`4ed1b1ae     ntdll!LdrpInitializeInternal+0x6b
04 0000008d`a9a8f5a0 00000000`00000000     ntdll!LdrInitializeThunk+0xe

0:000> dx Debugger.Sessions[0].Processes[1476].Threads[19032].Stack.Frames[0].SwitchTo();dv /t /v
Debugger.Sessions[0].Processes[1476].Threads[19032].Stack.Frames[0].SwitchTo()
Unable to enumerate locals, Win32 error 0n87
Private symbols (symbols.pri) are required for locals.
Type ".hh dbgerr005" for details.

That looks like a breakpoint inserted at the start of the executable. Try g to continue execution and then k when it breaks again on what should be the location of the crash.

I did it at home, b/c my laptop at home push the same error. Below is the log in the WinDbg, I gave 'g' command once and the error came out, after then I typed 'k' command.

CommandLine: cargo build
Starting directory: c:\tmp\test1

************* Path validation summary **************
Response                         Time (ms)     Location
Deferred                                       srv*
Symbol search path is: srv*
Executable search path is: 
ModLoad: 00750000 00e13000   rustup_init.exe
ModLoad: 771f0000 77394000   ntdll.dll
ModLoad: 76950000 76a40000   C:\windows\SysWOW64\KERNEL32.DLL
ModLoad: 76470000 766af000   C:\windows\SysWOW64\KERNELBASE.dll
ModLoad: 75dd0000 75e4e000   C:\windows\SysWOW64\advapi32.dll
ModLoad: 76870000 7692f000   C:\windows\SysWOW64\msvcrt.dll
ModLoad: 76230000 762a7000   C:\windows\SysWOW64\sechost.dll
ModLoad: 77090000 7714c000   C:\windows\SysWOW64\RPCRT4.dll
ModLoad: 762b0000 762c9000   C:\windows\SysWOW64\bcrypt.dll
ModLoad: 75420000 75503000   C:\windows\SysWOW64\ole32.dll
ModLoad: 75300000 75420000   C:\windows\SysWOW64\ucrtbase.dll
ModLoad: 75070000 752f0000   C:\windows\SysWOW64\combase.dll
ModLoad: 75ff0000 76013000   C:\windows\SysWOW64\GDI32.dll
ModLoad: 76080000 76098000   C:\windows\SysWOW64\win32u.dll
ModLoad: 75f00000 75fe5000   C:\windows\SysWOW64\gdi32full.dll
ModLoad: 760a0000 7611b000   C:\windows\SysWOW64\msvcp_win.dll
ModLoad: 766d0000 7686c000   C:\windows\SysWOW64\USER32.dll
ModLoad: 76b50000 76be6000   C:\windows\SysWOW64\oleaut32.dll
ModLoad: 75cd0000 75dce000   C:\windows\SysWOW64\crypt32.dll
ModLoad: 76320000 76383000   C:\windows\SysWOW64\ws2_32.dll
ModLoad: 75580000 75b59000   C:\windows\SysWOW64\shell32.dll
ModLoad: 70c50000 70c5a000   C:\windows\SysWOW64\CRYPTBASE.DLL
(8ac.1458): Break instruction exception - code 80000003 (first chance)
eax=00000000 ebx=00000000 ecx=ae5c0000 edx=00000000 esi=771f6998 edi=771f691c
eip=772a1b02 esp=00faf934 ebp=00faf960 iopl=0         nv up ei pl zr na pe nc
cs=0023  ss=002b  ds=002b  es=002b  fs=0053  gs=002b             efl=00000246
ntdll!LdrpDoDebuggerBreak+0x2b:
772a1b02 cc              int     3
0:000> g
ModLoad: 75550000 75575000   C:\windows\SysWOW64\IMM32.DLL
ModLoad: 69b00000 69de3000   C:\Windows\pcdrm\NSCCOR03.DLL
ModLoad: 762d0000 7631d000   C:\windows\SysWOW64\WINTRUST.dll
ModLoad: 742a0000 742ae000   C:\windows\SysWOW64\MSASN1.dll
ModLoad: 74f70000 74f78000   C:\windows\SysWOW64\version.dll
ModLoad: 766c0000 766c6000   C:\windows\SysWOW64\psapi.dll
ModLoad: 76930000 76949000   C:\windows\SysWOW64\Imagehlp.dll
ModLoad: 71750000 71779000   C:\windows\SysWOW64\ntmarta.dll
ModLoad: 69a20000 69a54000   C:\windows\pcdrm\NBID.dll
ModLoad: 63fa0000 63fc4000   C:\windows\pcdrm\NSCPE.dll
ModLoad: 699c0000 699f8000   C:\windows\pcdrm\NFD01.dll
ModLoad: 74f70000 74f78000   C:\windows\SysWOW64\VERSION.dll
ModLoad: 74620000 7462a000   C:\windows\SysWOW64\secur32.dll
ModLoad: 74a80000 74aa1000   C:\windows\SysWOW64\SSPICLI.DLL
ModLoad: 73720000 73752000   C:\windows\SysWOW64\iphlpapi.dll
ModLoad: 76a40000 76a9f000   C:\windows\SysWOW64\bcryptprimitives.dll
eax=00000000 ebx=00000000 ecx=00000000 edx=00000000 esi=00000065 edi=77315b40
eip=7726329c esp=00fafc04 ebp=00fafcd8 iopl=0         nv up ei pl nz na po nc
cs=0023  ss=002b  ds=002b  es=002b  fs=0053  gs=002b             efl=00000202
ntdll!NtTerminateProcess+0xc:
7726329c c20800          ret     8
0:000> k
 # ChildEBP RetAddr      
00 00fafc00 7724da2d     ntdll!NtTerminateProcess+0xc
01 00fafcd8 76976a52     ntdll!RtlExitUserProcess+0xbd
02 00fafcec 00b6c207     KERNEL32!ExitProcessImplementation+0x12
WARNING: Stack unwind information not available. Following frames may be wrong.
03 00fafcf4 00b6c1bf     rustup_init+0x41c207
04 00fafcfc 00752fdc     rustup_init+0x41c1bf
05 00fafd2c 7723c7cf     rustup_init+0x2fdc
06 00fafd80 765afd74     ntdll!RtlAnsiStringToUnicodeString+0x13f
07 00fafdcc 00751002     KERNELBASE!InitOnceComplete+0x14
08 00fafe40 00c64c0d     rustup_init+0x1002
09 00fafe88 7696fcc9     rustup_init+0x514c0d
0a 00fafe98 7725809e     KERNEL32!BaseThreadInitThunk+0x19
0b 00fafef4 7725806e     ntdll!__RtlUserThreadStart+0x2f
0c 00faff04 00000000     ntdll!_RtlUserThreadStart+0x1b

Looks like the debugger is attached to rustup, not the rustc process that crashes. Can you run the command that cargo reports as crashing in the debugger? I think that would be C:\Users\hj7.park\.rustup\toolchains\1.84-x86_64-pc-windows-msvc\bin\rustc.exe --crate-name test1 --edition=2021 src\main.rs --error-format=json --json=diagnostic-rendered-ansi,artifacts,future-incompat --diagnostic-width=119 --crate-type bin --emit=dep-info,link -C embed-bitcode=no -C debuginfo=2 --check-cfg cfg(docsrs) --check-cfg "cfg(feature, values())" -C metadata=3818258f0814ea6f --out-dir D:\tmp\test1\target\debug\deps -C incremental=D:\tmp\test1\target\debug\incremental -L dependency=D:\tmp\test1\target\debug\deps.

instead of launching the program inside the debugger, maybe it's more convenient to set windbg as the jit debugger so it will automatically attach to the crashed process. e.g.:

Z:\> windbg -I
Z:\> cargo build

note, for the first command, the flag is an upper case I. to quote the documentation:

-I[S]
Installs WinDbg as the postmortem debugger. For details, see Enabling Postmortem Debugging.

After this action is attempted, a success or failure message is displayed. If S is included, this procedure is done silently if it is successful; only failure messages are displayed.

The -I parameter must not be used with any other parameters. This command will not actually start WinDbg, although a WinDbg window may appear for a moment.

Yep. Thank you your kind guide. I did 'rustc.exe' is performed in the WinDbg and maybe I captured the point (not sure). If not, please tell me again.

************* Preparing the environment for Debugger Extensions Gallery repositories **************
   ExtensionRepository : Implicit
   UseExperimentalFeatureForNugetShare : true
   AllowNugetExeUpdate : true
   NonInteractiveNuget : true
   AllowNugetMSCredentialProviderInstall : true
   AllowParallelInitializationOfLocalRepositories : true
   EnableRedirectToChakraJsProvider : false

   -- Configuring repositories
      ----> Repository : LocalInstalled, Enabled: true
      ----> Repository : UserExtensions, Enabled: true

>>>>>>>>>>>>> Preparing the environment for Debugger Extensions Gallery repositories completed, duration 0.000 seconds

************* Waiting for Debugger Extensions Gallery to Initialize **************

>>>>>>>>>>>>> Waiting for Debugger Extensions Gallery to Initialize completed, duration 0.031 seconds
   ----> Repository : UserExtensions, Enabled: true, Packages count: 0
   ----> Repository : LocalInstalled, Enabled: true, Packages count: 42

Microsoft (R) Windows Debugger Version 10.0.27725.1000 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.

CommandLine: C:\Users\hj7.park\.rustup\toolchains\1.84-x86_64-pc-windows-msvc\bin\rustc.exe --crate-name test1 --edition=2021 src\main.rs --error-format=json --json=diagnostic-rendered-ansi,artifacts,future-incompat --diagnostic-width=119 --crate-type bin --emit=dep-info,link -C embed-bitcode=no -C debuginfo=2 --check-cfg cfg(docsrs) --check-cfg "cfg(feature, values())" -C metadata=3818258f0814ea6f --out-dir D:\tmp\test1\target\debug\deps -C incremental=D:\tmp\test1\target\debug\incremental -L dependency=D:\tmp\test1\target\debug\deps
Starting directory: d:\tmp\test1

************* Path validation summary **************
Response                         Time (ms)     Location
Deferred                                       srv*
Symbol search path is: srv*
Executable search path is: 

+------------------------------------------------------------------------+
| This target supports Hardware-enforced Stack Protection. A HW based    |
| "Shadow Stack" may be available to assist in debugging and analysis.   |
| See aka.ms/userhsp for more info.                                      |
|                                                                        |
| dps @ssp                                                               |
|                                                                        |
+------------------------------------------------------------------------+

ModLoad: 00007ff7`f7080000 00007ff7`f709f000   rustc_main-a10215add1caec1a.exe
ModLoad: 00007ffb`4eca0000 00007ffb`4eeaa000   ntdll.dll
ModLoad: 00007ffb`4cb00000 00007ffb`4cbbd000   C:\Windows\System32\KERNEL32.DLL
ModLoad: 00007ffb`4c340000 00007ffb`4c6c5000   C:\Windows\System32\KERNELBASE.dll
ModLoad: 00007ffa`baca0000 00007ffa`c3829000   C:\Users\hj7.park\.rustup\toolchains\1.84-x86_64-pc-windows-msvc\bin\rustc_driver-fa0e808d9c2eec55.dll
ModLoad: 00007ffb`4e580000 00007ffb`4e656000   C:\Windows\System32\oleaut32.dll
ModLoad: 00007ffb`4c100000 00007ffb`4c19d000   C:\Windows\System32\msvcp_win.dll
ModLoad: 00007ffb`4c750000 00007ffb`4c861000   C:\Windows\System32\ucrtbase.dll
ModLoad: 00007ffb`4de20000 00007ffb`4e196000   C:\Windows\System32\combase.dll
ModLoad: 00007ffb`4e6f0000 00007ffb`4e811000   C:\Windows\System32\RPCRT4.dll
ModLoad: 00007ffb`4dc80000 00007ffb`4de1a000   C:\Windows\System32\ole32.dll
ModLoad: 00007ffb`4e550000 00007ffb`4e579000   C:\Windows\System32\GDI32.dll
ModLoad: 00007ffb`4c310000 00007ffb`4c336000   C:\Windows\System32\win32u.dll
ModLoad: 00007ffb`4c870000 00007ffb`4c98c000   C:\Windows\System32\gdi32full.dll
ModLoad: 00007ffb`4e820000 00007ffb`4e9cc000   C:\Windows\System32\USER32.dll
ModLoad: 00007ffb`4c6d0000 00007ffb`4c74f000   C:\Windows\System32\bcryptprimitives.dll
ModLoad: 00007ffb`4cbc0000 00007ffb`4d386000   C:\Windows\System32\SHELL32.dll
ModLoad: 00007ffb`4e1a0000 00007ffb`4e251000   C:\Windows\System32\ADVAPI32.dll
ModLoad: 00007ffb`4e440000 00007ffb`4e4e3000   C:\Windows\System32\msvcrt.dll
ModLoad: 00007ffb`4dae0000 00007ffb`4db81000   C:\Windows\System32\sechost.dll
ModLoad: 00007ffb`4cac0000 00007ffb`4cae7000   C:\Windows\System32\bcrypt.dll
ModLoad: 00007ffb`4d510000 00007ffb`4d57f000   C:\Windows\System32\WS2_32.dll
ModLoad: 00007ffb`48730000 00007ffb`48827000   C:\Windows\SYSTEM32\propsys.dll
ModLoad: 00007ffb`4b820000 00007ffb`4b849000   C:\Windows\SYSTEM32\USERENV.dll
ModLoad: 00007ffb`4b990000 00007ffb`4b99c000   C:\Windows\SYSTEM32\CRYPTBASE.DLL
(100c.4aa0): Break instruction exception - code 80000003 (first chance)
ntdll!LdrpDoDebuggerBreak+0x30:
00007ffb`4ed7cb44 cc              int     3
0:000> g
ModLoad: 00007ffb`4d4d0000 00007ffb`4d501000   C:\Windows\System32\IMM32.DLL
ModLoad: 00007ffb`337d0000 00007ffb`338a7000   C:\Windows\incops3\ESDCNL64.dll
ModLoad: 00007ffb`4b3d0000 00007ffb`4b404000   C:\Windows\SYSTEM32\ntmarta.dll
ModLoad: 00007ffb`2ce90000 00007ffb`2cf9f000   C:\Windows\incops3\ESATM64.dll
ModLoad: 00007ffb`4ca50000 00007ffb`4cab7000   C:\Windows\System32\WINTRUST.dll
ModLoad: 00007ffb`4c1a0000 00007ffb`4c302000   C:\Windows\System32\CRYPT32.dll
ModLoad: 00007ffb`4b9d0000 00007ffb`4b9e2000   C:\Windows\SYSTEM32\MSASN1.dll
ModLoad: 00007ffb`42fc0000 00007ffb`42fca000   C:\Windows\SYSTEM32\version.dll
ModLoad: 00007ffb`2b660000 00007ffb`2b766000   C:\Windows\incops3\ESSCNL64.dll
ModLoad: 00007ffb`33d30000 00007ffb`33d61000   C:\PaperSecu\SPCOREHK64.DLL
ModLoad: 00007ffb`33c00000 00007ffb`33d2e000   C:\PAPERSECU\PAPERHK64.DLL
ModLoad: 00007ffb`42fc0000 00007ffb`42fca000   C:\Windows\SYSTEM32\VERSION.dll
ModLoad: 00007ffb`36160000 00007ffb`36208000   C:\Windows\SYSTEM32\WINSPOOL.DRV
ModLoad: 00007ffb`4e350000 00007ffb`4e43a000   C:\Windows\System32\shcore.dll
ModLoad: 00007ffb`33b90000 00007ffb`33bf2000   C:\PAPERSECU\PAPERPHK64.DLL
ModLoad: 00007ffb`27d40000 00007ffb`2803f000   C:\Windows\pcdrm\NSCCOR0364.DLL
ModLoad: 00007ffb`4da10000 00007ffb`4da18000   C:\Windows\System32\psapi.dll
ModLoad: 000001a8`b05f0000 000001a8`b060f000   C:\Windows\System32\Imagehlp.dll
ModLoad: 00007ffb`28740000 00007ffb`2877b000   C:\Windows\pcdrm\NBID64.dll
ModLoad: 00007ffb`2add0000 00007ffb`2adfb000   C:\Windows\pcdrm\NSCPE64.dll
ModLoad: 00007ffb`286f0000 00007ffb`28731000   C:\Windows\pcdrm\NFD0164.dll
ModLoad: 00007ffb`2c910000 00007ffb`2cb80000   C:\Windows\pcdrm\NSCFA64.DLL
ModLoad: 000001a8`b0790000 000001a8`b07ed000   C:\Windows\System32\SHLWAPI.dll
ModLoad: 00007ffb`2e210000 00007ffb`2e219000   C:\Windows\SYSTEM32\WSOCK32.dll
ModLoad: 00007ffa`ee7f0000 00007ffa`eeca6000   C:\Windows\pcdrm\NSCCOR0164.DLL
ModLoad: 000001a8`b07f0000 000001a8`b084d000   C:\Windows\System32\SHLWAPI.dll
ModLoad: 00007ffb`4a050000 00007ffb`4a8b4000   C:\Windows\SYSTEM32\windows.storage.dll
ModLoad: 00007ffb`49eb0000 00007ffb`4a017000   C:\Windows\SYSTEM32\wintypes.dll
ModLoad: 000001a8`b0890000 000001a8`b08ed000   C:\Windows\System32\shlwapi.dll
(100c.34c4): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
PAPERPHK64!hkFunc01+0x7ac:
00007ffb`33bb61ec 66833a5c        cmp     word ptr [rdx],5Ch ds:00000000`00000002=????
0:004> g
(100c.34c4): Access violation - code c0000005 (!!! second chance !!!)
PAPERPHK64!hkFunc01+0x7ac:
00007ffb`33bb61ec 66833a5c        cmp     word ptr [rdx],5Ch ds:00000000`00000002=????
0:004> g
(100c.34c4): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
PAPERPHK64!hkFunc01+0x7ac:
00007ffb`33bb61ec 66833a5c        cmp     word ptr [rdx],5Ch ds:00000000`00000002=????
0:004> k
 # Child-SP          RetAddr               Call Site
00 00000039`59acf140 00007ffb`4f0b100a     PAPERPHK64!hkFunc01+0x7ac
01 00000039`59acf3e0 00000000`00000012     0x00007ffb`4f0b100a
02 00000039`59acf3e8 00000000`0000000d     0x12
03 00000039`59acf3f0 00000039`59acf420     0xd
04 00000039`59acf3f8 000001a8`b07db3d0     0x00000039`59acf420
05 00000039`59acf400 000001a8`00000007     <Unloaded_SHLWAPI.dll>+0x4b3d0
06 00000039`59acf408 000001a8`00200000     0x000001a8`00000007
07 00000039`59acf410 00000000`00000003     0x000001a8`00200000
08 00000039`59acf418 000001a8`b07db824     0x3
09 00000039`59acf420 00012045`0000000d     <Unloaded_SHLWAPI.dll>+0x4b824
0a 00000039`59acf428 00000012`4ecc76e1     0x00012045`0000000d
0b 00000039`59acf430 00000039`59acf500     0x00000012`4ecc76e1
0c 00000039`59acf438 00000039`59acf518     0x00000039`59acf500
0d 00000039`59acf440 00000000`00012045     0x00000039`59acf518
0e 00000039`59acf448 00000039`59acf628     0x12045
0f 00000039`59acf450 00007ffb`4cb22f60     0x00000039`59acf628
10 00000039`59acf458 00000000`00010000     KERNEL32!CloseHandle
11 00000039`59acf460 00000000`00000002     0x10000
12 00000039`59acf468 00000039`59acf648     0x2
13 00000039`59acf470 00000039`59acf590     0x00000039`59acf648
14 00000039`59acf478 00000000`00200000     0x00000039`59acf590
15 00000039`59acf480 00000039`59acf510     0x200000
16 00000039`59acf488 00007ffb`4ef7100a     0x00000039`59acf510
17 00000039`59acf490 00000000`00010000     0x00007ffb`4ef7100a
18 00000039`59acf498 00007ffb`4cb22f60     0x10000
19 00000039`59acf4a0 000001a8`b07db3e0     KERNEL32!CloseHandle
1a 00000039`59acf4a8 00007ffb`4ecc76e1     <Unloaded_SHLWAPI.dll>+0x4b3e0
1b 00000039`59acf4b0 00000000`00000000     ntdll!RtlFreeHeap+0x51

looks like @Coding-Badly was right, code was injected to the compiler process (probably every processes on the system).

searching the module name PAPERPHK64 didn't give many results, with conflicting information about what it actually is, but it's not a crash caused by rustc itself.

one source indicates it comes from some kind of secure printing software published by some " LI TECH Co., LTD":

but another source identifies it as " Trojan.Siggen28.41565":

https://vms.drweb.com/virus/?i=28225967

Oh. Great!!

Our company use the software "SecuPrint" which manage printing a document and it was developed a Korean company. ((주)엘아이텍)

Now, I'm trying to remove it.

I failed to remove this software in my laptop. It's forbidden to remove it by company's policy.

I just have to downgrade Rustc to v1.82.

Yup. Not my first rodeo. I've been on all sides of that: Writing injection code. Debugging my own injection code. Dealing with buggy 3rd party injection code.

Thank you for your perseverance and contributions!

Instead of removing it you may be able to temporarily cripple it by renaming the DLL (before starting rustc). If that works just remember to restore the name when you finish.

If I understand correctly what that program does, I would honestly consider it (indistinguishable from) malware.

In any case maybe it would be possible for rustc to do something similar to what Firefox does to block DLL injection? Letting users block injected third-party DLLs in Firefox - Mozilla Hacks - the Web developer blog

Yes, I think so.
In our company, there are a few security program such as 'incops3', 'SecuPrint' etc.

According to the log, I found 'PAPERPHK64.DLL' is called after 'System32\shcore.dll' and I found the 'System32\shcore.dll' is newly modified at the time that I installed the Security software.

Therefore, we can assume, the SecuPrint program replace ' System32\shcore.dll' and it can call PAPERPHK64.dll during the time of 'rustc' is runned.

...
ModLoad: 00007ffb`4e350000 00007ffb`4e43a000   C:\Windows\System32\shcore.dll
ModLoad: 00007ffb`33b90000 00007ffb`33bf2000   C:\PAPERSECU\PAPERPHK64.DLL
ModLoad: 00007ffb`27d40000 00007ffb`2803f000   C:\Windows\pcdrm\NSCCOR0364.DLL
ModLoad: 00007ffb`4da10000 00007ffb`4da18000   C:\Windows\System32\psapi.dll
...

This topic was automatically closed 90 days after the last reply. We invite you to open a new topic if you have further questions or comments.

Requested this be reopened since this thread is still gaining likes. We have a Rust issue that does some more investigation at remove_dir_all implementation on Windows is incompatible with some third-party hooks for NtOpenFile, leading to Firefox crashes · Issue #143078 · rust-lang/rust · GitHub. The problem appears to be that SecuPrint is doing an out-of-bounds read which, in the best case, leads to an access violation. Please consider contacting the vendor to report this problem if you are able to (I attempted to but was unsuccessful), this is a pretty severe bug.

A couple of other security software products also seem affected, including one from Samsung and one from Jiangsu Agile Technology. There may also be others that are not yet known.

This topic was automatically closed after 5 days. We invite you to open a new topic if you have further questions or comments.