Consider using SafeHandle in Libgit2Object instead of void* - Githubissues

libgit2 / libgit2sharp

Git + .NET = ❤

http://libgit2.github.com

MIT License

3.18k stars 888 forks source link

Consider using SafeHandle in Libgit2Object instead of void* #2111

Open EgorBo opened 3 months ago

EgorBo commented 3 months ago

We've had a couple of bug reports against dotnet/runtime with rarely-reproduceable crashes coming from libgit2sharp. We believe that one possible reason could be an interop anti-pattern in Libgit2Object - void*/IntPtr representation of a native handle that can be freed in finalizer. E.g. in this case the finalizer in Libgit2Object may end up calling native free here (and other overloads).

The reason why it's called an anti-pattern can be explained by a short repro in this issue: https://github.com/dotnet/runtime/issues/103522 and a general solution is to use SafeHandle for such handles. Also, see https://learn.microsoft.com/en-us/dotnet/standard/native-interop/best-practices

Reproduction steps

Expected behavior

Actual behavior

Version of LibGit2Sharp (release number or SHA1)

Operating system(s) tested; .NET runtime tested

christian-clausen commented 3 days ago

We are seeing System.ExecutionEngineException also in dotnet 9 RC2 (9.0.100-rc.2.24474.11) when running our app in debug mode.