Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Inconsistent allocator usage causing crashes #687

Closed
1 of 3 tasks
p0358 opened this issue Mar 12, 2022 · 1 comment · Fixed by #1019
Closed
1 of 3 tasks

Inconsistent allocator usage causing crashes #687

p0358 opened this issue Mar 12, 2022 · 1 comment · Fixed by #1019
Labels
bug Something isn't working

Comments

@p0358
Copy link

p0358 commented Mar 12, 2022

Description

There's sentry_malloc and sentry_free functions. It is expected that they're the only ones used for memory allocation and free operations.
However, for example in this code:

sentry-native/src/backends/sentry_backend_crashpad.cpp

Lines 85 to 92 in 757a7b8

char *mpack = sentry_value_to_msgpack(event, &mpack_size);
sentry_value_decref(event);
if (!mpack) {
return;
}
int rv = sentry__path_write_buffer(data->event_path, mpack, mpack_size);
sentry_free(mpack);

the usage is inconsistent. When sentry_value_to_msgpack is called, it calls mpack_writer_init_growable, that uses MPACK_MALLOC, which is defined as:

sentry-native/vendor/mpack.h

Lines 204 to 206 in 757a7b8

#define MPACK_MALLOC malloc
#define MPACK_REALLOC realloc
#define MPACK_FREE free

So the pointer is allocated with MPACK_MALLOC aka malloc, but getting freed with sentry_free.

When does the problem happen

  • During build
  • During run-time
  • When capturing a hard crash

Environment

  • OS: [e.g. Windows 10, 64-bit] Windows 10, 64-bit
  • Compiler: [e.g. MSVC 19] MSVC 19.31.31104.0
  • CMake version and config: 3.22.22022201-MSVC_2, -DCMAKE_BUILD_TYPE=RelWithDebInfo -DBUILD_SHARED_LIBS=OFF -DSENTRY_LIBRARY_TYPE=STATIC
    -- SENTRY_TRANSPORT=winhttp
    -- SENTRY_BACKEND=crashpad
    -- SENTRY_LIBRARY_TYPE=SHARED

Steps To Reproduce

See #606 (comment)
What I did was commenting out these functions and then implementing them in a different library, that in turn getting successfully linked.
But on runtime, when sentry_free is called in

sentry-native/src/backends/sentry_backend_crashpad.cpp

Line 92 in 757a7b8

sentry_free(mpack);
with a custom free function on a pointer it doesn't recognize, it fails.
I cannot paste the exact code, as the allocator is specific to the game engine and I'm not sure if the behavior would be the same with all allocators.

Proposed fix

It seems that replacing these macros with sentry_ functions does fix my crash.
Inserting the changes above the only import of vendor/mpack.h I could find did not help, so I simply just did those somewhere at the top of my vendor/mpack.h:

#define MPACK_MALLOC sentry_malloc
#define MPACK_REALLOC sentry_realloc
#define MPACK_FREE sentry_free

Note that sentry_realloc didn't exist and I created it in my copy as well.
But creating sentry_realloc and defining MPACK_REALLOC isn't really needed, since the mpack header will just create its own realloc if it's missing, so you could do just fine skipping that one.
@Swatinem
Copy link
Member

Thanks for reaching out, I think using the defines to redirect to our own malloc/free is a good idea indeed.

@kahest kahest added the bug Something isn't working label Oct 13, 2023
@supervacuus supervacuus mentioned this issue Jul 19, 2024
Merged
@github-project-automation github-project-automation bot moved this from Needs Discussion to Done in Mobile & Cross Platform SDK Jul 23, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
Mobile & Cross Platform SDK
Archived in project
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: crashpad scope flushing synchronization getsentry/sentry-native
3 participants
@Swatinem @kahest @p0358