[Startup] Bump PerfMap ahead of DiagnosticServer#123226
Merged
mdh1418 merged 2 commits intodotnet:mainfrom Jan 16, 2026
Merged
Conversation
github-actions
bot
added
the
needs-area-label
Contributor
There was a problem hiding this comment.
Pull request overview
This PR fixes a race condition where the DiagnosticServer's EnablePerfMap IPC command could crash the runtime by being invoked before PerfMap::Initialize(). The fix moves PerfMap initialization to occur before DiagnosticServer initialization in the startup sequence.
Changes:
- Reordered PerfMap initialization to occur before DiagnosticServer initialization in
EEStartupHelper()
noahfalk
reviewed
Jan 15, 2026
jkotas
approved these changes
Jan 16, 2026
jkotas
added
area-Diagnostics-coreclr
and removed
needs-area-label
Contributor
|
Tagging subscribers to this area: @steveisok, @tommcdon, @dotnet/dotnet-diag |
lateralusX
approved these changes
Jan 16, 2026
rosebyte
pushed a commit
that referenced
this pull request
Jan 19, 2026
Fixes #122472 From some inspection, it looks like `PerfMap::Initialize` does not depend on the methods right above it. ``` #ifdef FEATURE_PERFTRACING DiagnosticServerAdapter::Initialize(); DiagnosticServerAdapter::PauseForDiagnosticsMonitor(); #endif // FEATURE_PERFTRACING #ifdef FEATURE_GDBJIT // Initialize gdbjit NotifyGdb::Initialize(); #endif // FEATURE_GDBJIT #ifdef FEATURE_EVENT_TRACE // Initialize event tracing early so we can trace CLR startup time events. InitializeEventTracing(); // Fire the EE startup ETW event ETWFireEvent(EEStartupStart_V1); #endif // FEATURE_EVENT_TRACE InitGSCookie(); #ifdef LOGGING InitializeLogging() #endif ``` `PerfMap::Initialize` depends on `SString::Startup()` which occurs earlier in startup and some PAL/OS services. Instead of adding more logic to handle a racing DiagnosticServer IPC [`EnablePerfMap` command](https://github.com/dotnet/diagnostics/blob/main/documentation/design-docs/ipc-protocol.md#enableperfmap) and `PerfMap::Initialize` (e.g. lazy-init/queued commands), bump the PerfMap initialization ahead of the DiagnosticServer initialization. The DiagnosticServer also doesn't depend on PerfMap being initialized afterwards, and PerfMap's `CrstStatic` and `PerfMap::Enable(type, sendExisting)` suggests that the IPC enable perfmap command should occur after `PerfMap::Initialize`. This way, DiagnosticServer is still early in startup, and its `PerfMap::Enable` will not crash the runtime. As for the IPC command to set environment variables, it is unlikely that it was used to `DOTNET_PerfMapEnabled` because that would either not have applied early enough or have crashed the runtime like in the issue. Instead, the `EnablePerfMap`/`DisablePerfMap` commands should be used to toggle PerfMap status.
4 tasks
steveisok
pushed a commit
that referenced
this pull request
Feb 11, 2026
…y in startup (#124208) Manual backport of #123226 and #124055 to release/10.0 ## Customer Impact - [ ] Customer reported - [x] Found internally The DiagnosticServer allows profilers to enable PerfMap early in start-up, even before PerfMap is initialized and dependencies are ready, inducing a crash. Enabling PerfMap this early in start-up was not tested until user_events support was added in .NET 10, where One-Collect's [record-trace](https://github.com/microsoft/one-collect) aggressively enables PerfMaps as soon as it connects to a .NET Process so it can resolve JIT'd code. As .NET user_events + record-trace gains more users, this crash will likely be observed more frequently. With the changes in the two PRs, the runtime is resilient to early PerfMap::Enable commands received by the DiagnosticServer. DiagnosticServer initialization will still be early in start-up, PerfMap initialization is just bumped right before it. ## Regression - [ ] Yes - [x] No ## Testing I validated on a wsl2 instance, pausing the startup logic with DOTNET_DefaultDiagnosticPortSuspend=1 and kicking off a separate app invoking DiagnosticClient.EnablePerfMap. Before the change, it would sigsegv and crash. After the changes, its resilient and doesn't crash. ## Risk Low. PerfMap initialization doesn't depend on the logic between its former and proposed location. The logic to handle early IPC PerfMap Enable commands makes the problematic logic a no-op until the dependencies are ready.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes #122472
From some inspection, it looks like
PerfMap::Initializedoes not depend on the methods right above it.PerfMap::Initializedepends onSString::Startup()which occurs earlier in startup and some PAL/OS services.Instead of adding more logic to handle a racing DiagnosticServer IPC
EnablePerfMapcommand andPerfMap::Initialize(e.g. lazy-init/queued commands), bump the PerfMap initialization ahead of the DiagnosticServer initialization. The DiagnosticServer also doesn't depend on PerfMap being initialized afterwards, and PerfMap'sCrstStaticandPerfMap::Enable(type, sendExisting)suggests that the IPC enable perfmap command should occur afterPerfMap::Initialize.This way, DiagnosticServer is still early in startup, and its
PerfMap::Enablewill not crash the runtime.As for the IPC command to set environment variables, it is unlikely that it was used to
DOTNET_PerfMapEnabledbecause that would either not have applied early enough or have crashed the runtime like in the issue. Instead, theEnablePerfMap/DisablePerfMapcommands should be used to toggle PerfMap status.