New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
7.81 Segmentation Fault #8282
Comments
It would be very helpful if you could provide us with source code that reproduces your issue. |
I write some simple code that can reproduces the issue.
|
Here's a quote the man page for
Yet, this is exactly what your callback does. If I remove that call, it doesn't seem to crash... |
But there's no problem before 7.81. So I never think about re-read man pages, nevertheless, even the example of man page of
I think |
... that you encountered. Recursively calling libcurl back with the same handles is very complicated and error-prone to handle. Mostly because of the local state that might have changed from underneath without notice when a callback returns. Back in 2018 (b46cfbc) we made libcurl detect and refuse to get called back from callbacks, but due to how the code was written a bunch of callbacks didn't set this protection: we accidentally still allowed it from the multi handle callbacks. But we discouraged the use of it in the documentation since already before 2018. Now I've proposed #8286 to prevent recursive function calls from these multi callbacks as well.
Yikes, that is bad. And wrong. I'll make sure those are corrected as well. |
If you cannot make this crash happen without calling libcurl recursively, then I think we will just let it be and I would encourage you to change your code flow to not call libcurl recursively. In next release that function call will return an error. |
May application work good with 7.80, after upgrade from 7.80 to 7.81 I got segmentation fault.
After some trace, I found it's becuase the position of
Curl_update_timer(multi)
incurl_multi_add_handle
changed.When I make connection, I call
curl_multi_add_handle
, in itCurl_update_timer
call mytime_cb
where I callcurl_multi_socket_action
, it callmulti_socket
,multi_runsingle
,Curl_pretransfer
, I use manually added dns resolve pair, so it callCurl_loadhostpairs
, inCurl_loadhostpairs
, it usedata->dns.hostcache
which is zero, so segmentation fault.For 7.80,
data->dns.hostcache
is assigned beforeCurl_update_timer(multi)
incurl_multi_add_handle
, but for 7.81,data->dns.hostcache
is assigned afterCurl_update_timer(multi)
because it's position changed. I moveCurl_update_timer(multi)
to the end ofcurl_multi_add_handle
like 7.80, everthing is ok now.Please put ``Curl_update_timer(multi)` in appropriate place in future version.
The text was updated successfully, but these errors were encountered: