.NET 7.0-preview3 Linux x64 stack overflow during GC under memory profiler (CRITICAL)

[ww898]

I got the crash under memory profiler only for .NET v7.0.100-preview.3.22179.4 and only under Linux x64 platforms:

• Ubuntu 20.04
• Alpine 3.13
• Fedora 35
• CentOS 7.6

.NET v7.0.100-preview.2.22153.17 works properly

Stack trace:

...
    frame #174458: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174459: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174460: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174461: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174462: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174463: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174464: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174465: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174466: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174467: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174468: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174469: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174470: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174471: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174472: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174473: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174474: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174475: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="s", args=<unavailable>) at gc.cpp:32086:9
    frame #174476: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="u", args=<unavailable>) at gc.cpp:32086:9
    frame #174477: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="a", args=<unavailable>) at gc.cpp:32086:9
    frame #174478: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="c", args=<unavailable>) at gc.cpp:32086:9
    frame #174479: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="M\tu\x7f", args=<unavailable>) at gc.cpp:32086:9
    frame #174480: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174481: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174482: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174483: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174484: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174485: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174486: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174487: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="\x80m9\tu\x7f", args=<unavailable>) at gc.cpp:32086:9
    frame #174488: 0x00007f7582821693 libcoreclr.so`WKS::gc_heap::walk_relocation(profiling_context=0x000055788643c860, fn=(libcoreclr.so`WalkMovedReferences(unsigned char*, unsigned char*, long, void*, bool, bool) at gcenv.ee.cpp:829))(unsigned char*, unsigned char*, long, void*, bool, bool)) at gc.cpp:32184:21
    frame #174489: 0x00007f758282eeec libcoreclr.so`WKS::GCHeap::DiagWalkSurvivorsWithType(void*, void (*)(unsigned char*, unsigned char*, long, void*, bool, bool), void*, walk_surv_type, int) [inlined] WKS::gc_heap::walk_survivors_relocation(profiling_context=0x000055788643c860, fn=(libcoreclr.so`WalkMovedReferences(unsigned char*, unsigned char*, long, void*, bool, bool) at gcenv.ee.cpp:829))(unsigned char*, unsigned char*, long, void*, bool, bool)) at gc.cpp:40686:5
    frame #174490: 0x00007f758282eee1 libcoreclr.so`WKS::GCHeap::DiagWalkSurvivorsWithType(void*, void (*)(unsigned char*, unsigned char*, long, void*, bool, bool), void*, walk_surv_type, int) [inlined] WKS::gc_heap::walk_survivors(void (*)(unsigned char*, unsigned char*, long, void*, bool, bool), void*, walk_surv_type) at gc.cpp:32197
    frame #174491: 0x00007f758282eee1 libcoreclr.so`WKS::GCHeap::DiagWalkSurvivorsWithType(this=<unavailable>, gc_context=<unavailable>, fn=(libcoreclr.so`WalkMovedReferences(unsigned char*, unsigned char*, long, void*, bool, bool) at gcenv.ee.cpp:829), diag_context=0x000055788643c860, type=<unavailable>, gen_number=<unavailable>)(unsigned char*, unsigned char*, long, void*, bool, bool), void*, walk_surv_type, int) at gc.cpp:47291
    frame #174492: 0x00007f75826b245d libcoreclr.so`GCToEEInterface::DiagWalkSurvivors(gcContext=0x0000000000000000, fCompacting=<unavailable>) at gcenv.ee.cpp:845:39
    frame #174493: 0x00007f758280b2e0 libcoreclr.so`WKS::gc_heap::plan_phase(condemned_gen_number=0) at gc.cpp:29922:9
    frame #174494: 0x00007f75828027ed libcoreclr.so`WKS::gc_heap::gc1() at gc.cpp:20602:13
    frame #174495: 0x00007f758280fddb libcoreclr.so`WKS::gc_heap::garbage_collect(n=0) at gc.cpp:0
    frame #174496: 0x00007f75827fdb7b libcoreclr.so`WKS::GCHeap::GarbageCollectGeneration(this=<unavailable>, gen=0, reason=reason_alloc_soh) at gc.cpp:45930:9
    frame #174497: 0x00007f7582800060 libcoreclr.so`WKS::gc_heap::try_allocate_more_space(acontext=<unavailable>, size=<unavailable>, flags=<unavailable>, gen_number=<unavailable>) at gc.cpp:17472:21
    frame #174498: 0x00007f758282c420 libcoreclr.so`WKS::GCHeap::Alloc(gc_alloc_context*, unsigned long, unsigned int) [inlined] WKS::gc_heap::allocate_more_space(acontext=0x000055788634dc08, flags=0, alloc_generation_number=0) at gc.cpp:17943:18
    frame #174499: 0x00007f758282c403 libcoreclr.so`WKS::GCHeap::Alloc(gc_alloc_context*, unsigned long, unsigned int) at gc.cpp:17974
    frame #174500: 0x00007f758282c3e5 libcoreclr.so`WKS::GCHeap::Alloc(this=<unavailable>, context=0x000055788634dc08, size=7688, flags=0) at gc.cpp:44892
    frame #174501: 0x00007f75826b5ccb libcoreclr.so`AllocateSzArray(MethodTable*, int, GC_ALLOC_FLAGS) at gchelpers.cpp:226:48
    frame #174502: 0x00007f75826b5c63 libcoreclr.so`AllocateSzArray(pArrayMT=<unavailable>, cElements=958, flags=GC_ALLOC_NO_FLAGS) at gchelpers.cpp:0
    frame #174503: 0x00007f75826d3722 libcoreclr.so`JIT_NewArr1(arrayMT=0x00007f7509684df8, size=958) at jithelpers.cpp:2627:16
    frame #174504: 0x00007f75093bcdae
    frame #174505: 0x00007f75093b5e68
    frame #174506: 0x00007f7582833837 libcoreclr.so`CallDescrWorkerInternal at unixasmmacrosamd64.inc:845
    frame #174507: 0x00007f7582668ba4 libcoreclr.so`MethodDescCallSite::CallTargetWorker(unsigned long const*, unsigned long*, int) at callhelpers.cpp:67:5
    frame #174508: 0x00007f7582668b49 libcoreclr.so`MethodDescCallSite::CallTargetWorker(this=<unavailable>, pArguments=0x00007ffd24c22740, pReturnValue=0x00007ffd24c22750, cbReturnValue=8) at callhelpers.cpp:538
    frame #174509: 0x00007f758254321b libcoreclr.so`RunMain(MethodDesc*, short, int*, PtrArray**) [inlined] MethodDescCallSite::Call_RetArgSlot(this=0x00007ffd24c227a8, pArguments=0x00007ffd24c22740) at callhelpers.h:458:9
    frame #174510: 0x00007f7582543211 libcoreclr.so`RunMain(MethodDesc*, short, int*, PtrArray**) at assembly.cpp:1415
    frame #174511: 0x00007f758254307a libcoreclr.so`RunMain(MethodDesc*, short, int*, PtrArray**) [inlined] RunMain(this=<unavailable>, pParam=<unavailable>)::$_0::operator()(Param*) const::'lambda'(Param*)::operator()(Param*) const at assembly.cpp:1483
    frame #174512: 0x00007f758254307a libcoreclr.so`RunMain(MethodDesc*, short, int*, PtrArray**) at assembly.cpp:1485
    frame #174513: 0x00007f7582543067 libcoreclr.so`RunMain(pFD=<unavailable>, numSkipArgs=1, piRetVal=<unavailable>, stringArgs=<unavailable>) at assembly.cpp:1485
    frame #174514: 0x00007f7582543551 libcoreclr.so`Assembly::ExecuteMainMethod(this=0x0000557886371c30, stringArgs=0x00007ffd24c22ba0, waitForOtherThreads=YES) at assembly.cpp:1601:18
    frame #174515: 0x00007f7582576e13 libcoreclr.so`CorHost2::ExecuteAssembly(this=<unavailable>, dwAppDomainId=<unavailable>, pwzAssemblyPath=u"/mnt/agent/temp/buildTmp/JetBrainsPerUserTemp-0-1/DotNetTestCodeCompiler_Output/Hupovyf/ValueTypeArray.dll", argc=<unavailable>, argv=0x0000000000000000, pReturnValue=0x00007ffd24c22d00) at corhost.cpp:384:39
    frame #174516: 0x00007f7582a15d7d libcoreclr.so`::coreclr_execute_assembly(hostHandle=<unavailable>, domainId=<unavailable>, argc=0, argv=<unavailable>, managedAssemblyPath=<unavailable>, exitCode=<unavailable>) at exports.cpp:430:24
    frame #174517: 0x00007f7582ac0731 libhostpolicy.so`run_app_for_context(context=<unavailable>, argc=<unavailable>, argv=0x0000000000000000) at hostpolicy.cpp:249:32
    frame #174518: 0x00007f7582ac0bc1 libhostpolicy.so`run_app(argc=0, argv=0x00007ffd24c232d0) at hostpolicy.cpp:284:12
    frame #174519: 0x00007f7582ac15ec libhostpolicy.so`::corehost_main(argc=1, argv=0x00007ffd24c232c8) at hostpolicy.cpp:430:12
    frame #174520: 0x00007f7582b1aa24 libhostfxr.so`fx_muxer_t::handle_exec_host_command(std::string const&, host_startup_info_t const&, std::string const&, std::unordered_map<known_options, std::vector<std::string, std::allocator<std::string> >, known_options_hash, std::equal_to<known_options>, std::allocator<std::pair<known_options const, std::vector<std::string, std::allocator<std::string> > > > > const&, int, char const**, int, host_mode_t, bool, char*, int, int*) at fx_muxer.cpp:146:20
    frame #174521: 0x00007f7582b1a8f7 libhostfxr.so`fx_muxer_t::handle_exec_host_command(std::string const&, host_startup_info_t const&, std::string const&, std::unordered_map<known_options, std::vector<std::string, std::allocator<std::string> >, known_options_hash, std::equal_to<known_options>, std::allocator<std::pair<known_options const, std::vector<std::string, std::allocator<std::string> > > > > const&, int, char const**, int, host_mode_t, bool, char*, int, int*) [inlined] (anonymous namespace)::read_config_and_execute(host_command=<unavailable>, host_info=<unavailable>, app_candidate=error: summary string parsing error, opts=0x00007f7582ac1540, new_argc=1, new_argv=0x00007ffd24c232c8, mode=<unavailable>, is_sdk_command=<unavailable>, out_buffer=<unavailable>, buffer_size=<unavailable>, required_buffer_size=<unavailable>) at fx_muxer.cpp:533
    frame #174522: 0x00007f7582b1a650 libhostfxr.so`fx_muxer_t::handle_exec_host_command(host_command=<unavailable>, host_info=<unavailable>, app_candidate=<unavailable>, opts=<unavailable>, argc=<unavailable>, argv=<unavailable>, argoff=1, mode=apphost, is_sdk_command=<unavailable>, result_buffer=0x0000000000000000, buffer_size=0, required_buffer_size=0x0000000000000000) at fx_muxer.cpp:1018
    frame #174523: 0x00007f7582b19129 libhostfxr.so`fx_muxer_t::execute(host_command=error: summary string parsing error, argc=1, argv=0x00007ffd24c232c8, host_info=0x00007ffd24c23090, result_buffer=0x0000000000000000, buffer_size=0, required_buffer_size=0x0000000000000000) at fx_muxer.cpp:579:18
    frame #174524: 0x00007f7582b145db libhostfxr.so`::hostfxr_main_startupinfo(argc=1, argv=0x00007ffd24c232c8, host_path="/mnt/agent/temp/buildTmp/JetBrainsPerUserTemp-0-1/DotNetTestCodeCompiler_Output/Hupovyf/ValueTypeArray", dotnet_root="/mnt/agent/temp/buildTmp/JetBrainsPerUserTemp-0-1/DotNetTestCodeCompiler_Output/Hupovyf/", app_path="/mnt/agent/temp/buildTmp/JetBrainsPerUserTemp-0-1/DotNetTestCodeCompiler_Output/Hupovyf/ValueTypeArray.dll") at hostfxr.cpp:61:12
    frame #174525: 0x00005578856b2355 ValueTypeArray`exe_start(argc=1, argv=0x00007ffd24c232c8) at corehost.cpp:235:18
    frame #174526: 0x00005578856b2820 ValueTypeArray`main(argc=1, argv=0x00007ffd24c232c8) at corehost.cpp:301:21
    frame #174527: 0x00007f7582b870b3 libc.so.6`___lldb_unnamed_symbol111$$libc.so.6 + 259

Repro: ValueTypeArray.zip
Crash dumps: gc-crash.20220509.tar.gz (SHA-256: a38c77ad4b834f1332a087156eeeeb0a2aeadf3994e0f58bd13c3e51dc7e2d55)

Tagging subscribers to this area: @dotnet/gc
See info in area-owners.md if you want to be subscribed.

Issue Details

---

I got the crash only for .NET v7.0.100-preview.2.22153.17 and only under Linux x64 platforms:

• Ubuntu 20.04
• Alpine 3.13
• Fedora 35
• CentOS 7.6

Stack trace:

    frame #174458: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174459: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174460: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174461: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174462: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174463: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174464: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174465: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174466: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174467: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174468: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174469: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174470: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174471: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174472: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174473: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174474: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174475: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="s", args=<unavailable>) at gc.cpp:32086:9
    frame #174476: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="u", args=<unavailable>) at gc.cpp:32086:9
    frame #174477: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="a", args=<unavailable>) at gc.cpp:32086:9
    frame #174478: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="c", args=<unavailable>) at gc.cpp:32086:9
    frame #174479: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="M\tu\x7f", args=<unavailable>) at gc.cpp:32086:9
    frame #174480: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174481: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174482: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174483: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174484: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174485: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174486: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="", args=<unavailable>) at gc.cpp:32086:9
    frame #174487: 0x00007f758282140b libcoreclr.so`WKS::gc_heap::walk_relocation_in_brick(tree="\x80m9\tu\x7f", args=<unavailable>) at gc.cpp:32086:9
    frame #174488: 0x00007f7582821693 libcoreclr.so`WKS::gc_heap::walk_relocation(profiling_context=0x000055788643c860, fn=(libcoreclr.so`WalkMovedReferences(unsigned char*, unsigned char*, long, void*, bool, bool) at gcenv.ee.cpp:829))(unsigned char*, unsigned char*, long, void*, bool, bool)) at gc.cpp:32184:21
    frame #174489: 0x00007f758282eeec libcoreclr.so`WKS::GCHeap::DiagWalkSurvivorsWithType(void*, void (*)(unsigned char*, unsigned char*, long, void*, bool, bool), void*, walk_surv_type, int) [inlined] WKS::gc_heap::walk_survivors_relocation(profiling_context=0x000055788643c860, fn=(libcoreclr.so`WalkMovedReferences(unsigned char*, unsigned char*, long, void*, bool, bool) at gcenv.ee.cpp:829))(unsigned char*, unsigned char*, long, void*, bool, bool)) at gc.cpp:40686:5
    frame #174490: 0x00007f758282eee1 libcoreclr.so`WKS::GCHeap::DiagWalkSurvivorsWithType(void*, void (*)(unsigned char*, unsigned char*, long, void*, bool, bool), void*, walk_surv_type, int) [inlined] WKS::gc_heap::walk_survivors(void (*)(unsigned char*, unsigned char*, long, void*, bool, bool), void*, walk_surv_type) at gc.cpp:32197
    frame #174491: 0x00007f758282eee1 libcoreclr.so`WKS::GCHeap::DiagWalkSurvivorsWithType(this=<unavailable>, gc_context=<unavailable>, fn=(libcoreclr.so`WalkMovedReferences(unsigned char*, unsigned char*, long, void*, bool, bool) at gcenv.ee.cpp:829), diag_context=0x000055788643c860, type=<unavailable>, gen_number=<unavailable>)(unsigned char*, unsigned char*, long, void*, bool, bool), void*, walk_surv_type, int) at gc.cpp:47291
    frame #174492: 0x00007f75826b245d libcoreclr.so`GCToEEInterface::DiagWalkSurvivors(gcContext=0x0000000000000000, fCompacting=<unavailable>) at gcenv.ee.cpp:845:39
    frame #174493: 0x00007f758280b2e0 libcoreclr.so`WKS::gc_heap::plan_phase(condemned_gen_number=0) at gc.cpp:29922:9
    frame #174494: 0x00007f75828027ed libcoreclr.so`WKS::gc_heap::gc1() at gc.cpp:20602:13
    frame #174495: 0x00007f758280fddb libcoreclr.so`WKS::gc_heap::garbage_collect(n=0) at gc.cpp:0
    frame #174496: 0x00007f75827fdb7b libcoreclr.so`WKS::GCHeap::GarbageCollectGeneration(this=<unavailable>, gen=0, reason=reason_alloc_soh) at gc.cpp:45930:9
    frame #174497: 0x00007f7582800060 libcoreclr.so`WKS::gc_heap::try_allocate_more_space(acontext=<unavailable>, size=<unavailable>, flags=<unavailable>, gen_number=<unavailable>) at gc.cpp:17472:21
    frame #174498: 0x00007f758282c420 libcoreclr.so`WKS::GCHeap::Alloc(gc_alloc_context*, unsigned long, unsigned int) [inlined] WKS::gc_heap::allocate_more_space(acontext=0x000055788634dc08, flags=0, alloc_generation_number=0) at gc.cpp:17943:18
    frame #174499: 0x00007f758282c403 libcoreclr.so`WKS::GCHeap::Alloc(gc_alloc_context*, unsigned long, unsigned int) at gc.cpp:17974
    frame #174500: 0x00007f758282c3e5 libcoreclr.so`WKS::GCHeap::Alloc(this=<unavailable>, context=0x000055788634dc08, size=7688, flags=0) at gc.cpp:44892
    frame #174501: 0x00007f75826b5ccb libcoreclr.so`AllocateSzArray(MethodTable*, int, GC_ALLOC_FLAGS) at gchelpers.cpp:226:48
    frame #174502: 0x00007f75826b5c63 libcoreclr.so`AllocateSzArray(pArrayMT=<unavailable>, cElements=958, flags=GC_ALLOC_NO_FLAGS) at gchelpers.cpp:0
    frame #174503: 0x00007f75826d3722 libcoreclr.so`JIT_NewArr1(arrayMT=0x00007f7509684df8, size=958) at jithelpers.cpp:2627:16
    frame #174504: 0x00007f75093bcdae
    frame #174505: 0x00007f75093b5e68
    frame #174506: 0x00007f7582833837 libcoreclr.so`CallDescrWorkerInternal at unixasmmacrosamd64.inc:845
    frame #174507: 0x00007f7582668ba4 libcoreclr.so`MethodDescCallSite::CallTargetWorker(unsigned long const*, unsigned long*, int) at callhelpers.cpp:67:5
    frame #174508: 0x00007f7582668b49 libcoreclr.so`MethodDescCallSite::CallTargetWorker(this=<unavailable>, pArguments=0x00007ffd24c22740, pReturnValue=0x00007ffd24c22750, cbReturnValue=8) at callhelpers.cpp:538
    frame #174509: 0x00007f758254321b libcoreclr.so`RunMain(MethodDesc*, short, int*, PtrArray**) [inlined] MethodDescCallSite::Call_RetArgSlot(this=0x00007ffd24c227a8, pArguments=0x00007ffd24c22740) at callhelpers.h:458:9
    frame #174510: 0x00007f7582543211 libcoreclr.so`RunMain(MethodDesc*, short, int*, PtrArray**) at assembly.cpp:1415
    frame #174511: 0x00007f758254307a libcoreclr.so`RunMain(MethodDesc*, short, int*, PtrArray**) [inlined] RunMain(this=<unavailable>, pParam=<unavailable>)::$_0::operator()(Param*) const::'lambda'(Param*)::operator()(Param*) const at assembly.cpp:1483
    frame #174512: 0x00007f758254307a libcoreclr.so`RunMain(MethodDesc*, short, int*, PtrArray**) at assembly.cpp:1485
    frame #174513: 0x00007f7582543067 libcoreclr.so`RunMain(pFD=<unavailable>, numSkipArgs=1, piRetVal=<unavailable>, stringArgs=<unavailable>) at assembly.cpp:1485
    frame #174514: 0x00007f7582543551 libcoreclr.so`Assembly::ExecuteMainMethod(this=0x0000557886371c30, stringArgs=0x00007ffd24c22ba0, waitForOtherThreads=YES) at assembly.cpp:1601:18
    frame #174515: 0x00007f7582576e13 libcoreclr.so`CorHost2::ExecuteAssembly(this=<unavailable>, dwAppDomainId=<unavailable>, pwzAssemblyPath=u"/mnt/agent/temp/buildTmp/JetBrainsPerUserTemp-0-1/DotNetTestCodeCompiler_Output/Hupovyf/ValueTypeArray.dll", argc=<unavailable>, argv=0x0000000000000000, pReturnValue=0x00007ffd24c22d00) at corhost.cpp:384:39
    frame #174516: 0x00007f7582a15d7d libcoreclr.so`::coreclr_execute_assembly(hostHandle=<unavailable>, domainId=<unavailable>, argc=0, argv=<unavailable>, managedAssemblyPath=<unavailable>, exitCode=<unavailable>) at exports.cpp:430:24
    frame #174517: 0x00007f7582ac0731 libhostpolicy.so`run_app_for_context(context=<unavailable>, argc=<unavailable>, argv=0x0000000000000000) at hostpolicy.cpp:249:32
    frame #174518: 0x00007f7582ac0bc1 libhostpolicy.so`run_app(argc=0, argv=0x00007ffd24c232d0) at hostpolicy.cpp:284:12
    frame #174519: 0x00007f7582ac15ec libhostpolicy.so`::corehost_main(argc=1, argv=0x00007ffd24c232c8) at hostpolicy.cpp:430:12
    frame #174520: 0x00007f7582b1aa24 libhostfxr.so`fx_muxer_t::handle_exec_host_command(std::string const&, host_startup_info_t const&, std::string const&, std::unordered_map<known_options, std::vector<std::string, std::allocator<std::string> >, known_options_hash, std::equal_to<known_options>, std::allocator<std::pair<known_options const, std::vector<std::string, std::allocator<std::string> > > > > const&, int, char const**, int, host_mode_t, bool, char*, int, int*) at fx_muxer.cpp:146:20
    frame #174521: 0x00007f7582b1a8f7 libhostfxr.so`fx_muxer_t::handle_exec_host_command(std::string const&, host_startup_info_t const&, std::string const&, std::unordered_map<known_options, std::vector<std::string, std::allocator<std::string> >, known_options_hash, std::equal_to<known_options>, std::allocator<std::pair<known_options const, std::vector<std::string, std::allocator<std::string> > > > > const&, int, char const**, int, host_mode_t, bool, char*, int, int*) [inlined] (anonymous namespace)::read_config_and_execute(host_command=<unavailable>, host_info=<unavailable>, app_candidate=error: summary string parsing error, opts=0x00007f7582ac1540, new_argc=1, new_argv=0x00007ffd24c232c8, mode=<unavailable>, is_sdk_command=<unavailable>, out_buffer=<unavailable>, buffer_size=<unavailable>, required_buffer_size=<unavailable>) at fx_muxer.cpp:533
    frame #174522: 0x00007f7582b1a650 libhostfxr.so`fx_muxer_t::handle_exec_host_command(host_command=<unavailable>, host_info=<unavailable>, app_candidate=<unavailable>, opts=<unavailable>, argc=<unavailable>, argv=<unavailable>, argoff=1, mode=apphost, is_sdk_command=<unavailable>, result_buffer=0x0000000000000000, buffer_size=0, required_buffer_size=0x0000000000000000) at fx_muxer.cpp:1018
    frame #174523: 0x00007f7582b19129 libhostfxr.so`fx_muxer_t::execute(host_command=error: summary string parsing error, argc=1, argv=0x00007ffd24c232c8, host_info=0x00007ffd24c23090, result_buffer=0x0000000000000000, buffer_size=0, required_buffer_size=0x0000000000000000) at fx_muxer.cpp:579:18
    frame #174524: 0x00007f7582b145db libhostfxr.so`::hostfxr_main_startupinfo(argc=1, argv=0x00007ffd24c232c8, host_path="/mnt/agent/temp/buildTmp/JetBrainsPerUserTemp-0-1/DotNetTestCodeCompiler_Output/Hupovyf/ValueTypeArray", dotnet_root="/mnt/agent/temp/buildTmp/JetBrainsPerUserTemp-0-1/DotNetTestCodeCompiler_Output/Hupovyf/", app_path="/mnt/agent/temp/buildTmp/JetBrainsPerUserTemp-0-1/DotNetTestCodeCompiler_Output/Hupovyf/ValueTypeArray.dll") at hostfxr.cpp:61:12
    frame #174525: 0x00005578856b2355 ValueTypeArray`exe_start(argc=1, argv=0x00007ffd24c232c8) at corehost.cpp:235:18
    frame #174526: 0x00005578856b2820 ValueTypeArray`main(argc=1, argv=0x00007ffd24c232c8) at corehost.cpp:301:21
    frame #174527: 0x00007f7582b870b3 libc.so.6`___lldb_unnamed_symbol111$$libc.so.6 + 259

Repro: ValueTypeArray.zip
Crash dumps: gc-crash.20220509.tar.gz (SHA-256: a38c77ad4b834f1332a087156eeeeb0a2aeadf3994e0f58bd13c3e51dc7e2d55)

Author:	ww898
Assignees:	-
Labels:	area-GC-coreclr, untriaged
Milestone:	-

[cshung]

This is likely to be #64263. That should be fixed with #67889 and #67940.

[mangod9]

Correct, this is a dupe of #64263. It should be fixed in preview4