Open eric opened 3 months ago
Thanks for opening the issue, @eric. We also see this in our internal SDK crashes.
How critical is this issue, as we would like to update to the letest version and what triggers it?
@bb-git, we haven't investigated what causes this yet. We see that this has happened from time to time for all SDK versions since 8.3.3
. So, I guess updating to any version later than 8.3.3
shouldn't make much of a difference.
Hi, I have a customer experiencing the same crash. Here's the stacktrace:
Signal: SIGSEGV
EXC_BAD_ACCESS (SIGSEGV): EXC_BAD_ACCESS (SIGSEGV)
Sentry
sentry::profiling::backtrace(sentry::profiling::ThreadHandle const&, sentry::profiling::ThreadHandle const&, unsigned long*, sentry::profiling::StackBounds const&, bool*, unsigned long, unsigned long) (SentryBacktrace.cpp:85)
Sentry
sentry::profiling::backtrace(sentry::profiling::ThreadHandle const&, sentry::profiling::ThreadHandle const&, unsigned long*, sentry::profiling::StackBounds const&, bool*, unsigned long, unsigned long) (SentryBacktrace.cpp:66)
Sentry
sentry::profiling::enumerateBacktracesForAllThreads(std::__1::function<void (sentry::profiling::Backtrace const&)> const&, std::__1::shared_ptr<sentry::profiling::ThreadMetadataCache> const&) (SentryBacktrace.cpp:159)
Sentry
sentry::profiling::(anonymous namespace)::samplingThreadMain(void*) (SentrySamplingProfiler.cpp:54)
libsystem_pthread.dylib
_pthread_start + 136
The crash is affecting 0.2% of the users, mostly running on iPhone devices. Running Sentry React Native SDK 5.22.3
which runs cocoa 8.26.0
. We couldn't reproduce locally. Any advise on debugging?
@philipphofmann I have another customer experiencing a similar crash. Currently happening to a low number of users because Sentry is rolled out only to a low number of users, but concerned that this might grow significantly when Sentry is rolled out to all users.
// sentry.cocoa v 8.30.0
EXC_BAD_ACCESS
zeAnimation >
KERN_INVALID_ADDRESS at [...........].
signal: SIGSEGV (SEGV_NOOP)
Sentry sentry::profiling::backtrace(sentry::profiling::ThreadHandle const&, sentry::profiling::ThreadHandle const&, unsigned long*, sentry::profiling::StackBounds const&, bool*, unsigned long, unsigned long) (SentryBacktrace.cpp:85)
Sentry
sentry::profiling::enumerateBacktracesForAllThreads(std::__1::function<void (sentry::profiling::Backtrace const&)> const&, std::__1::shared_ptr<sentry::profiling::ThreadMetadataCache> const&) (SentryBacktrace.cpp:155)
Sentry
sentry::profiling::(anonymous namespace)::samplingThreadMain(void*) (SentrySamplingProfiler.cpp:67)
libsystem_pthread
_pthread_start
fyi @armcknight ^
Just to update on what is happening in this code: we get thread information from thread_get_state(...)
in mach/thread_act.h, which includes pointers to memory locations that contain the backtrace frame information for the thread. In some cases, that data is invalid, so when we dereference it in SentryBacktrace.cpp line 85 to get the next frame as we unwind, the program crashes.
We're still investigating how to better validate these pointers. Currently we just look at whether or not it lies within the stack boundaries. We could potentially do something more involved like testing whether the memory is actually readable, but even that may still not tell is whether the contents of that memory location actually match the structure we want to use.
Platform
iPadOS
Environment
TestFlight
Installed
CocoaPods
Version
8.26.0
Xcode Version
15.4
Did it work on previous versions?
No response
Steps to Reproduce
Eventually it crashes.
Expected Result
It not crash.
Actual Result
Are you willing to submit a PR?
No response
┆Issue is synchronized with this Jira Improvement by Unito