cURL / Mailing Lists / curl-library / Single Mail

curl-library

gethostbyname_thread: Access Violation (fwd)

From: Daniel Stenberg <daniel-curl_at_haxx.se>
Date: Mon, 22 Aug 2005 09:20:11 +0200 (CEST)

Forwarding this issue to the appropriate libcurl mailing list. Please keep
follow-ups there.

-- 
  Commercial curl and libcurl Technical Support: http://haxx.se/curl.html
---------- Forwarded message ----------
Date: Mon, 22 Aug 2005 14:15:53 +0700
From: Igor Polyakov <ipolyakov_at_issart.com>
To: curl-users_at_cool.haxx.se
Subject: gethostbyname_thread: Access Violation
Hello, curl-users.
The following code produces an access violation:
=====
#include <cassert>
#include <curl/curl.h>
int main()
{
         CURLM * l_multi;
         CURL * l_easy;
         l_multi = curl_multi_init();
         assert(NULL != l_multi);
         l_easy = curl_easy_init();
         assert(NULL != l_easy);
         CURLMcode l_mcode = curl_multi_add_handle(l_multi, l_easy);
         assert(CURLM_OK == l_mcode);
         // There is no any listening socket on port 20000 on my
         // computer.
         CURLcode l_code = curl_easy_setopt(l_easy, CURLOPT_URL, "http://localhost:20000/");
         assert(CURLE_OK == l_code);
         int l_runningHandles;
         do
         {
                 l_mcode = curl_multi_perform(l_multi, &l_runningHandles);
         } while (CURLM_CALL_MULTI_PERFORM == l_mcode);
         assert(CURLM_OK == l_mcode);
         l_mcode = curl_multi_remove_handle(l_multi, l_easy);
         assert(CURLM_OK == l_mcode);
         curl_easy_cleanup(l_easy);
         l_mcode = curl_multi_cleanup(l_multi);
         assert(CURLM_OK == l_mcode);
         // During this sleep access violation appears within second
         // application thread (named gethostbyname_thread), created by libcurl internals.
         Sleep(100);
}
=====
Access violation appeared in several different places within
gethostbyname_thread, one of them has the following call stack:
=====
libcurl.dll!addrinfo_callback(void * arg=0x003a2178, int status=0, void * addr=0x00346680)  Line 126 + 0x3      C
libcurl.dll!Curl_addrinfo4_callback(void * arg=0x003a2178, int status=0, hostent * hostent=0x00346680)  Line 161 + 0x11 C
libcurl.dll!gethostbyname_thread(void * arg=0x003a2178)  Line 215 + 0xf C
libcurl.dll!_threadstartex(void * ptd=0x003a2958)  Line 241 + 0xd       C
kernel32.dll!7c80b50b()
kernel32.dll!7c8399f3()
=====
The source line where AV appears is:
=====
       if(data->share)
=====
I run this code in Debug version, so my environment sets all pointers
to "garbage" values after calls to free. So local variables of
addrinfo_callback has the following values:
=====
+       data    0xfeeefeee {hostcache=??? multi=??? share=??? ...}      SessionHandle *
+       ai      0x003a2a20 {ai_flags=0 ai_family=2 ai_socktype=1 ...}   Curl_addrinfo *
         arg     0x003a2178      void *
         status  0       int
         addr    0x00346680      void *
+       conn    0x003a2178 {data=0xfeeefeee {hostcache=??? multi=??? share=??? ...} connectindex=-17891602 protocol=-17891602 ...}      connectdata *
+       dns     0x00000000 {addr=??? timestamp=??? inuse=??? }  Curl_dns_entry *
         rc      CURLE_OK        CURLcode
=====
My configuration: Windows XP, SP2, MSVC 7.1, libcurl v7.14.0
As I understand, libcurl creates additional thread to resolve host
name on first calls to curl_multi_perform, but neither
curl_easy_cleanup, nor curl_multi_cleanup functions do not terminate
the thread. But these functions free memory allocated bu easy and
multi handles, so when thread tries to access this memory, this causes
access violation.
One more thing, this code produces AV only when I run it in the MSVC
debugger in Debug mode.
May be there is an incorrect use of libcurl API in this code, please
point me, where ? Or is it a bug in this version of libcurl ?
-- 
Best regards,
  Igor Polyakov                          mailto:ipolyakov_at_issart.com
Received on 2005-08-22