[NativeAOT] Always zero-init if object contains pointers

[VSadov]

GC_ALLOC_ZEROING_OPTIONAL flag should be unset when the object contains GC references. Otherwise, random values in object slots may break heap tracing.

It looks like NativeAOT never had a check for this condition, but the combination was not reachable, thus was not causing problems.

#89293 has made this scenario reachable, but the check was not introduced. It resulted in (relatively rare) crashes in run-to-failure test runs.

[dotnet-policy-service]

Tagging subscribers to this area: @agocke, @MichalStrehovsky, @jkotas
See info in area-owners.md if you want to be subscribed.

[VSadov]

Thanks!!

[VSadov]

It looks like AllocateUninitializedArray with pointer contained types has made it into 8.0.
Do we want to backport the fix or wait for evidence that the fix is needed?

In theory, using the feature on NativeAOT without the fix will be fatal to the app, unless the array is allocated very early (when heap is clean) or dies quickly, before seeing any GC.

[MichalStrehovsky]

If the evidence we'd be waiting for is a crash in GC that will take hours/days to root cause, my vote would be not to wait for such evidence.

[VSadov]

a crash in GC that will take hours/days to root cause

Right. I saw occasional stress failures that were in a test that specifically tests this stuff, so it was a good hint for what might be happening. In a regular app, the crash would wait until the next Gen2 GC, so figuring the reasons would be harder.

The only mitigating part is that AllocateUninitializedArray with pointer containing types seems like uncommon scenario.

[VSadov]

/backport to release/8.0-staging

[github-actions]

Started backporting to release/8.0-staging: https://github.com/dotnet/runtime/actions/runs/8442103310

[github-actions]

@VSadov backporting to release/8.0-staging failed, the patch most likely resulted in conflicts:

$ git am --3way --ignore-whitespace --keep-non-patch changes.patch

Applying: Always zero-init if object contains pointers
Using index info to reconstruct a base tree...
M	src/coreclr/nativeaot/Runtime/GCHelpers.cpp
A	src/libraries/System.Runtime/tests/System.Runtime.Tests/System/GCTests.cs
Falling back to patching base and 3-way merge...
Auto-merging src/libraries/System.Runtime/tests/System/GCTests.cs
Auto-merging src/coreclr/nativeaot/Runtime/GCHelpers.cpp
CONFLICT (content): Merge conflict in src/coreclr/nativeaot/Runtime/GCHelpers.cpp
error: Failed to merge in the changes.
hint: Use 'git am --show-current-patch=diff' to see the failed patch
Patch failed at 0001 Always zero-init if object contains pointers
When you have resolved this problem, run "git am --continue".
If you prefer to skip this patch, run "git am --skip" instead.
To restore the original branch and stop patching, run "git am --abort".
Error: The process '/usr/bin/git' failed with exit code 128

Please backport manually!

[github-actions]

@VSadov an error occurred while backporting to release/8.0-staging, please check the run log for details!

Error: git am failed, most likely due to a merge conflict.