fix(batcher): fix deadlock on reinit (#1518)

* test(logs): add reinit deadlock test

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* test(metrics): add reinit deadlock test

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix(batcher): eliminate g_options_lock from flush path to prevent deadlock

When sentry_init() is called while a batcher thread is mid-flush,
a deadlock occurs: the main thread holds g_options_lock and waits
for the batcher thread to join, while the batcher thread tries to
acquire g_options_lock via SENTRY_WITH_OPTIONS during flush.

Store the options pointer in the batcher at startup and use it
directly during flush instead of going through SENTRY_WITH_OPTIONS.
Add sentry__envelope_new_with_dsn() to create envelopes without
locking, and sentry__options_get_user_consent() for lock-free
consent checks.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* ref(batcher): store individual fields instead of options pointer

Replace the raw options pointer with individual fields (dsn,
transport, run, user_consent) to avoid unsynchronized access to
options members from the batcher thread. The dsn is incref'd,
and user_consent is a pointer to the atomic field (NULL when
consent is not required).

Revert sentry__options_get_user_consent since it is no longer
needed.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs: add changelog entry for batcher deadlock fix

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix(envelope): hold DSN ref across sentry__envelope_new_with_dsn call

The DSN pointer was extracted under g_options_lock but used after
the lock was released, racing with sentry_close freeing it.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix(test): enable metrics instead of logs in metrics_reinit test

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix(batcher): release DSN ref when thread spawn fails

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

Author: jpnurmi

CHANGELOG.md

@@ -1,5 +1,11 @@
 # Changelog
 
+## Unreleased
+
+**Fixes**:
+
+- Fix deadlock when re-initializing the SDK while logs or metrics threads are mid-flush. ([#1518](https://github.com/getsentry/sentry-native/pull/1518))
+
 ## 0.12.7
 
 **Features**:

src/sentry_batcher.c

@@ -1,5 +1,4 @@
 #include "sentry_batcher.h"
-#include "sentry_core.h"
 #include "sentry_cpu_relax.h"
 #include "sentry_options.h"
 
@@ -116,19 +115,22 @@ sentry__batcher_flush(sentry_batcher_t *batcher, bool crash_safe)
             }
             sentry_value_set_by_key(logs, "items", log_items);
 
-            sentry_envelope_t *envelope = sentry__envelope_new();
+            sentry_envelope_t *envelope
+                = sentry__envelope_new_with_dsn(batcher->dsn);
             batcher->batch_func(envelope, logs);
 
-            SENTRY_WITH_OPTIONS (options) {
-                if (crash_safe) {
-                    // Write directly to disk to avoid transport queuing during
-                    // crash
-                    sentry__run_write_envelope(options->run, envelope);
-                    sentry_envelope_free(envelope);
-                } else {
-                    // Normal operation: use transport for HTTP transmission
-                    sentry__capture_envelope(options->transport, envelope);
-                }
+            if (crash_safe) {
+                // Write directly to disk to avoid transport queuing during
+                // crash
+                sentry__run_write_envelope(batcher->run, envelope);
+                sentry_envelope_free(envelope);
+            } else if (!batcher->user_consent
+                || sentry__atomic_fetch(batcher->user_consent)
+                    == SENTRY_USER_CONSENT_GIVEN) {
+                // Normal operation: use transport for HTTP transmission
+                sentry__transport_send_envelope(batcher->transport, envelope);
+            } else {
+                sentry_envelope_free(envelope);
             }
             sentry_value_decref(logs);
         }
@@ -282,8 +284,15 @@ batcher_thread_func(void *data)
 }
 
 void
-sentry__batcher_startup(sentry_batcher_t *batcher)
+sentry__batcher_startup(
+    sentry_batcher_t *batcher, const sentry_options_t *options)
 {
+    batcher->dsn = sentry__dsn_incref(options->dsn);
+    batcher->transport = options->transport;
+    batcher->run = options->run;
+    batcher->user_consent
+        = options->require_user_consent ? (long *)&options->user_consent : NULL;
+
     // Mark thread as starting before actually spawning so thread can transition
     // to RUNNING. This prevents shutdown from thinking the thread was never
     // started if it races with the thread's initialization.
@@ -303,6 +312,8 @@ sentry__batcher_startup(sentry_batcher_t *batcher)
         // storage (pthread_cond_t on POSIX and CONDITION_VARIABLE on Windows)
         sentry__atomic_store(
             &batcher->thread_state, (long)SENTRY_BATCHER_THREAD_STOPPED);
+        sentry__dsn_decref(batcher->dsn);
+        batcher->dsn = NULL;
     }
 }
 
@@ -338,6 +349,9 @@ sentry__batcher_shutdown_wait(sentry_batcher_t *batcher, uint64_t timeout)
     // Perform final flush to ensure any remaining items are sent
     sentry__batcher_flush(batcher, false);
 
+    sentry__dsn_decref(batcher->dsn);
+    batcher->dsn = NULL;
+
     sentry__thread_free(&batcher->batching_thread);
 }
 

src/sentry_batcher.h

@@ -2,8 +2,10 @@
 #define SENTRY_BATCHER_H_INCLUDED
 
 #include "sentry_boot.h"
+#include "sentry_database.h"
 #include "sentry_envelope.h"
 #include "sentry_sync.h"
+#include "sentry_transport.h"
 
 #ifdef SENTRY_UNITTEST
 #    define SENTRY_BATCHER_QUEUE_LENGTH 5
@@ -41,11 +43,16 @@ typedef struct {
     sentry_cond_t request_flush; // condition variable to schedule a flush
     sentry_threadid_t batching_thread; // the batching thread
     sentry_batch_func_t batch_func; // function to add items to envelope
+    sentry_dsn_t *dsn;
+    sentry_transport_t *transport;
+    sentry_run_t *run;
+    long *user_consent; // (atomic) NULL if consent not required
 } sentry_batcher_t;
 
 bool sentry__batcher_flush(sentry_batcher_t *batcher, bool crash_safe);
 bool sentry__batcher_enqueue(sentry_batcher_t *batcher, sentry_value_t item);
-void sentry__batcher_startup(sentry_batcher_t *batcher);
+void sentry__batcher_startup(
+    sentry_batcher_t *batcher, const sentry_options_t *options);
 bool sentry__batcher_shutdown_begin(sentry_batcher_t *batcher);
 void sentry__batcher_shutdown_wait(sentry_batcher_t *batcher, uint64_t timeout);
 void sentry__batcher_flush_crash_safe(sentry_batcher_t *batcher);

src/sentry_core.c

@@ -299,11 +299,11 @@ sentry_init(sentry_options_t *options)
     }
 
     if (options->enable_logs) {
-        sentry__logs_startup();
+        sentry__logs_startup(options);
     }
 
     if (options->enable_metrics) {
-        sentry__metrics_startup();
+        sentry__metrics_startup(options);
     }
 
     sentry__mutex_unlock(&g_options_lock);

src/sentry_envelope.c

@@ -181,6 +181,18 @@ sentry__envelope_set_header(
 
 sentry_envelope_t *
 sentry__envelope_new(void)
+{
+    sentry_dsn_t *dsn = NULL;
+    SENTRY_WITH_OPTIONS (options) {
+        dsn = sentry__dsn_incref(options->dsn);
+    }
+    sentry_envelope_t *rv = sentry__envelope_new_with_dsn(dsn);
+    sentry__dsn_decref(dsn);
+    return rv;
+}
+
+sentry_envelope_t *
+sentry__envelope_new_with_dsn(const sentry_dsn_t *dsn)
 {
     sentry_envelope_t *rv = SENTRY_MAKE(sentry_envelope_t);
     if (!rv) {
@@ -193,11 +205,9 @@ sentry__envelope_new(void)
     rv->contents.items.item_count = 0;
     rv->contents.items.headers = sentry_value_new_object();
 
-    SENTRY_WITH_OPTIONS (options) {
-        if (options->dsn && options->dsn->is_valid) {
-            sentry__envelope_set_header(rv, "dsn",
-                sentry_value_new_string(sentry_options_get_dsn(options)));
-        }
+    if (dsn && dsn->is_valid) {
+        sentry__envelope_set_header(
+            rv, "dsn", sentry_value_new_string(dsn->raw));
     }
 
     return rv;

src/sentry_envelope.h

@@ -9,6 +9,7 @@
 #include "sentry_ratelimiter.h"
 #include "sentry_session.h"
 #include "sentry_string.h"
+#include "sentry_utils.h"
 
 // https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits
 #define SENTRY_MAX_ENVELOPE_SESSIONS 100
@@ -20,6 +21,11 @@ typedef struct sentry_envelope_item_s sentry_envelope_item_t;
  */
 sentry_envelope_t *sentry__envelope_new(void);
 
+/**
+ * Create a new empty envelope with the given DSN header.
+ */
+sentry_envelope_t *sentry__envelope_new_with_dsn(const sentry_dsn_t *dsn);
+
 /**
  * This loads a previously serialized envelope from disk.
  */

src/sentry_logs.c

@@ -458,9 +458,9 @@ sentry_log_fatal(const char *message, ...)
 }
 
 void
-sentry__logs_startup(void)
+sentry__logs_startup(const sentry_options_t *options)
 {
-    sentry__batcher_startup(&g_batcher);
+    sentry__batcher_startup(&g_batcher, options);
 }
 
 bool

src/sentry_logs.h

@@ -9,7 +9,7 @@ log_return_value_t sentry__logs_log(
 /**
  * Sets up the logs timer/flush thread
  */
-void sentry__logs_startup(void);
+void sentry__logs_startup(const sentry_options_t *options);
 
 /**
  * Begin non-blocking shutdown of the logs timer/flush thread.

src/sentry_metrics.c

@@ -143,9 +143,9 @@ sentry_metrics_distribution(
 }
 
 void
-sentry__metrics_startup(void)
+sentry__metrics_startup(const sentry_options_t *options)
 {
-    sentry__batcher_startup(&g_batcher);
+    sentry__batcher_startup(&g_batcher, options);
 }
 
 bool

src/sentry_metrics.h

@@ -6,7 +6,7 @@
 /**
  * Sets up the metrics timer/flush thread
  */
-void sentry__metrics_startup(void);
+void sentry__metrics_startup(const sentry_options_t *options);
 
 /**
  * Begin non-blocking shutdown of the metrics timer/flush thread.