cURL / Mailing Lists / curl-library / Single Mail


libcurl: resolver with HAVE_ALARM not thread safe?!

From: Thorben Thuermer <>
Date: Mon, 22 Oct 2012 02:24:01 +0200


on we find:
"libcurl is designed and implemented entirely thread safe."
"libcurl uses certain system calls to obtain information. Some of the most
 crucial ones are the name resoluition calls (the gethostby* family)."

i just debugged a problem in a multithreaded application
( , thread in german: )
that appers to be caused by libcurl's (ab)use of alarm() to timeout
gethostbyname() not being thread-safe.
(as described here: ).

there appears to be a race-condition when two threads run requests
simultaneously, which reproducibly leads to a crash with
the logging function being called with an invalid buffer/file,
without any actual dns-timeout having occured.
(the application only accesses localhost, which is defined in /etc/hosts,
 curiously the problem persists if a numeric IP is used.)

the problem disappeared when i compiled libcurl without HAVE_ALARM.

i'm not sure if this is a libcurl bug or just a documentation issue,
but it has cost us some time to track down...

- Thorben Thuermer

crash details:
(Linux 3.2.0 x86_64, ubuntu 12.04.1, libcurl 7.28.0)
(the data is copied from two different crashes, addresses don't match)
Program received signal SIGSEGV, Segmentation fault.
(gdb) bt full
#0 0x00007ffff6e52118 in addbyter (output=110, data=0x7ffff01b2580) at mprintf.c:1013
        infop = 0x7ffff01b2580
        outc = 110 'n'
1013 infop->buffer[0] = outc; /* store */
(gdb) p *(struct nsprintf *)data
$8 = {buffer = 0x899 <Address 0x899 out of bounds>, length = 0, max = 16384}

#1 0x00007ffff6e50e4c in dprintf_formatf (data=0x7ffff01b2580, stream=0x7ffff6e520df <addbyter>,
    format=0x7ffff6e808f3 "name lookup timed out", ap_save=0x7ffff01b25d0) at mprintf.c:671
671 OUTCHAR(*f);
(gdb) p *stream
$6 = {int (int, FILE *)} 0x7ffff7050d23 <addbyter>

#2 0x00007ffff6e52198 in curl_mvsnprintf (
    buffer=0x404a30 "\377M\211l$\020A\211D$\b1\300ë¸ hostip.c:611
          keep_sigact = {__sigaction_handler = {sa_handler = 0x7ffff01b27e0,

#4 0x00007ffff70220e5 in Curl_resolv_timeout (conn=0x7ffff6d601cb,
    hostname=0x1 <Address 0x1 out of bounds>, port=0, entry=0x0,
    timeoutms=17) at hostip.c:620

List admin:
Received on 2012-10-22