curl-library
libcurl: resolver with HAVE_ALARM not thread safe?!
Date: Mon, 22 Oct 2012 02:24:01 +0200
Hello,
on http://curl.haxx.se/libcurl/features.html we find:
"libcurl is designed and implemented entirely thread safe."
"libcurl uses certain system calls to obtain information. Some of the most
crucial ones are the name resoluition calls (the gethostby* family)."
i just debugged a problem in a multithreaded application
( https://github.com/volkszaehler/vzlogger , thread in german:
http://volkszaehler.org/pipermail/volkszaehler-users/2012-October/000619.html )
that appers to be caused by libcurl's (ab)use of alarm() to timeout
gethostbyname() not being thread-safe.
(as described here: https://bugzilla.redhat.com/show_bug.cgi?id=539809 ).
there appears to be a race-condition when two threads run requests
simultaneously, which reproducibly leads to a crash with
the logging function being called with an invalid buffer/file,
without any actual dns-timeout having occured.
(the application only accesses localhost, which is defined in /etc/hosts,
curiously the problem persists if a numeric IP is used.)
the problem disappeared when i compiled libcurl without HAVE_ALARM.
i'm not sure if this is a libcurl bug or just a documentation issue,
but it has cost us some time to track down...
- Thorben Thuermer
crash details:
(Linux 3.2.0 x86_64, ubuntu 12.04.1, libcurl 7.28.0)
(the data is copied from two different crashes, addresses don't match)
Program received signal SIGSEGV, Segmentation fault.
(gdb) bt full
#0 0x00007ffff6e52118 in addbyter (output=110, data=0x7ffff01b2580) at mprintf.c:1013
infop = 0x7ffff01b2580
outc = 110 'n'
1013 infop->buffer[0] = outc; /* store */
(gdb) p *(struct nsprintf *)data
$8 = {buffer = 0x899 <Address 0x899 out of bounds>, length = 0, max = 16384}
#1 0x00007ffff6e50e4c in dprintf_formatf (data=0x7ffff01b2580, stream=0x7ffff6e520df <addbyter>,
format=0x7ffff6e808f3 "name lookup timed out", ap_save=0x7ffff01b25d0) at mprintf.c:671
671 OUTCHAR(*f);
(gdb) p *stream
$6 = {int (int, FILE *)} 0x7ffff7050d23 <addbyter>
#2 0x00007ffff6e52198 in curl_mvsnprintf (
buffer=0x404a30 "\377M\211l$\020A\211D$\b1\300ë¸ hostip.c:611
keep_sigact = {__sigaction_handler = {sa_handler = 0x7ffff01b27e0,
#4 0x00007ffff70220e5 in Curl_resolv_timeout (conn=0x7ffff6d601cb,
hostname=0x1 <Address 0x1 out of bounds>, port=0, entry=0x0,
timeoutms=17) at hostip.c:620
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2012-10-22