[NativeAOT/arm32] Crash in write barrier early during startup #100112
Description
From #100000 (comment):
(lldb) bt
This version of LLDB has no plugin for the language "assembler". Inspection of frame variables will be limited.
* thread #1, name = 'Microsoft.Exten', stop reason = signal SIGSEGV
* frame #0: 0x00eab31e Microsoft.Extensions.Logging.Console.Tests`RhpCheckedAssignRefr1 at WriteBarriers.S:251
frame #1: 0x011ec304 Microsoft.Extensions.Logging.Console.Tests`System.Runtime.TypeCast___cctor at TypeCast.cs:36
frame #2: 0x0121c2b8 Microsoft.Extensions.Logging.Console.Tests`Internal.Runtime.CompilerHelpers.StartupCodeHelpers__RunInitializers(typeManager=<unavailable>, section=<unavailable>) at StartupCodeHelpers.cs:181
frame #3: 0x0121be8e Microsoft.Extensions.Logging.Console.Tests`Internal.Runtime.CompilerHelpers.StartupCodeHelpers__InitializeModules(osModule=<unavailable>, pModuleHeaders=<unavailable>, count=<unavailable>, pClasslibFunctions=<unavailable>, nClasslibFunctions=<unavailable>) at StartupCodeHelpers.cs:53
frame #4: 0x00e6f4d4 Microsoft.Extensions.Logging.Console.Tests`main [inlined] InitializeRuntime() at main.cpp:203:5 [opt]
frame #5: 0x00e6f470 Microsoft.Extensions.Logging.Console.Tests`main(argc=9, argv=0xffca6804) at main.cpp:221:19 [opt]
(lldb) dis -b -A thumbv7
Microsoft.Extensions.Logging.Console.Tests`RhpCheckedAssignRef:
0xeab2be <+0>: 0xf3bf8f5f dmb sy
Microsoft.Extensions.Logging.Console.Tests`RhpCheckedAssignRefr1:
0xeab2c2 <+4>: 0x6001 str r1, [r0]
0xeab2c4 <+6>: 0xf2400c4c movw r12, #0x4c
0xeab2c8 <+10>: 0xf2c00ca0 movt r12, #0xa0
0xeab2cc <+14>: 0x44fc add r12, pc
0xeab2ce <+16>: 0xf8dcc000 ldr.w r12, [r12]
0xeab2d2 <+20>: 0x4560 cmp r0, r12
0xeab2d4 <+22>: 0xd328 blo 0x89b328 ; <+106>
0xeab2d6 <+24>: 0xf2400c3e movw r12, #0x3e
0xeab2da <+28>: 0xf2c00ca0 movt r12, #0xa0
0xeab2de <+32>: 0x44fc add r12, pc
0xeab2e0 <+34>: 0xf8dcc000 ldr.w r12, [r12]
0xeab2e4 <+38>: 0x4560 cmp r0, r12
0xeab2e6 <+40>: 0xd21f bhs 0x89b328 ; <+106>
0xeab2e8 <+42>: 0xf6470ca0 movw r12, #0x78a0
0xeab2ec <+46>: 0xf2c00c9e movt r12, #0x9e
0xeab2f0 <+50>: 0x44fc add r12, pc
0xeab2f2 <+52>: 0xf8dcc000 ldr.w r12, [r12]
0xeab2f6 <+56>: 0x4561 cmp r1, r12
0xeab2f8 <+58>: 0xd31b blo 0x89b332 ; <+116>
0xeab2fa <+60>: 0xf6470c92 movw r12, #0x7892
0xeab2fe <+64>: 0xf2c00c9e movt r12, #0x9e
0xeab302 <+68>: 0x44fc add r12, pc
0xeab304 <+70>: 0xf8dcc000 ldr.w r12, [r12]
0xeab308 <+74>: 0x4561 cmp r1, r12
0xeab30a <+76>: 0xd212 bhs 0x89b332 ; <+116>
0xeab30c <+78>: 0xf2400c00 movw r12, #0x0
0xeab310 <+82>: 0xf2c00c9f movt r12, #0x9f
0xeab314 <+86>: 0x44fc add r12, pc
0xeab316 <+88>: 0xf8dcc000 ldr.w r12, [r12]
0xeab31a <+92>: 0xeb0c2090 add.w r0, r12, r0, lsr #10
-> 0xeab31e <+96>: 0xf890c000 ldrb.w r12, [r0]
0xeab322 <+100>: 0xf1bc0fff cmp.w r12, #0xff
0xeab326 <+104>: 0xd100 bne 0x89b32a ; <+108>
0xeab328 <+106>: 0xe003 b 0x89b332 ; <+116>
0xeab32a <+108>: 0xf04f0cff mov.w r12, #0xff
0xeab32e <+112>: 0xf880c000 strb.w r12, [r0]
0xeab332 <+116>: 0x4770 bx lr
(lldb)
Cc @filipnavara
Runfo:
runfo get-helix-payload -j 320338f9-9d8c-4deb-9eeb-884cfb26892e -w Microsoft.Extensions.Logging.Console.Tests -o c:\helix_payload\Microsoft.Extensions.Logging.Console.Tests