fix for 'dynamic profile cache corruptted' issue

while deserializing and allocating recycler memory, which can trigger GC, and call into JavascriptLibrary finalizer and causes scriptContext closing, and causes dynamic profile info serializing, which causes the *record above be freed and after GC returns, the deserializing will be reading freed and reused memory, which behaves like dynamic profile cache corrupted. Fixing this with not updating the record when serializing dpc for same file -- always use the first one or the loaded from file
chakra-core · Feb 27, 2018 · 15b14ab · 15b14ab
1 parent 99c7256
commit 15b14ab
Showing 1 changed file with 8 additions and 2 deletions.
diff --git a/lib/Runtime/Language/DynamicProfileStorage.cpp b/lib/Runtime/Language/DynamicProfileStorage.cpp
@@ -1057,9 +1057,15 @@ void DynamicProfileStorage::SaveRecord(__in_z char16 const * filename, __in_ecou
             AssertOrFailFast(!useCacheDir);
             if (info->record != nullptr)
             {
-                DeleteRecord(info->record);
+                // Here it can be in GC and generated new record, and the GC call an be from 
+                // allocation that deserializing info->record. So not replacing the old record 
+                // since we might be loading data from it, and drop the new generated one.
+                DeleteRecord(record);
+            }
+            else
+            {
+                info->record = record;
             }
-            info->record = record;
             return;
         }
         AssertOrFailFast(useCacheDir);