cURL / Mailing Lists / curl-library / Single Mail

curl-library

http client easy interface - crashes under load

From: Ferdinand de Boevere via curl-library <curl-library_at_cool.haxx.se>
Date: Sat, 8 Oct 2016 20:39:18 +0000 (UTC)

Hello,
I am struggling with a crash in libcurl under load using the easy interface.My application runs as a module inside Apache, but to rule out external potential causes, I have stripped down the code to a standalone C program (~ 150 lines, attached).I am sending POST requests to a (content validation) web server, and for this test, it returns 401 based on missing authentication, which is fine.

The easy interface is used in a multi-threaded environment.According to the documentation, curl_global_init() is not thread-safe and is therefore called before threads are created.Each thread gets a curl handle (curl_easy_init) and keeps using that for multiple requests (persistent connections, no cleanup is done).Requests are send to the server in a busy loop, request timeout is set to 3, and it takes about this much time till the program crashes.
I use curl-7.50.3 and have compiled it with the -g flag and optimization disabled (same for the tool); linking is static.

gcc -g curl_test.c -lpthread  <PATH>/libcurl.a -lldap -lrt

Environment Redhat 5.8GCC 4.1.2(yes the platform is outdated)

Running the tool with 100 connections/threads (a.out 100) causes it to crash after 3 seconds:The web server does not return anything relevant here since authentication is missing from the request.

The core file shows the following stack trace:
Core was generated by `./a.out 100'.
Program terminated with signal 11, Segmentation fault.
#0  0x000000000042e132 in addbyter (output=110, data=0x2b733e615170) at mprintf.c:976
976         infop->buffer[0] = outc; /* store */
(gdb)
(gdb) bt
#0  0x000000000042e132 in addbyter (output=110, data=0x2b733e615170) at mprintf.c:976
#1  0x000000000042d048 in dprintf_formatf (data=0x2b733e615170, stream=0x42e0f9 <addbyter>,
    format=0x45ff5c "name lookup timed out", ap_save=0x2b733e6151c0) at mprintf.c:624
#2  0x000000000042e1b7 in curl_mvsnprintf (buffer=0xdb3357 <Address 0xdb3357 out of bounds>, maxlength=16384,
    format=0x45ff5c "name lookup timed out", ap_save=0x2b733e6151c0) at mprintf.c:994
#3  0x0000000000419f85 in Curl_failf (data=0xdb2a4f, fmt=0x45ff5c "name lookup timed out") at sendf.c:234
#4  0x000000000040e3d5 in Curl_resolv_timeout (conn=0x2b733e6153c0, hostname=0x0, port=59, entry=0x46045a, timeoutms=4588634)
    at hostip.c:619
#5  0x000000000d3b6e00 in ?? ()
#6  0x00002b733e617000 in ?? ()
#7  0x00002b732aaaaaab in ?? ()
#8  0x0000000000000000 in ?? ()

The 'address out of bounds' message looks like an indication of something being wrong.I tried to insert a few log statements, but it changes the timing and it won't always crash at the same point.

Even though I double-checked the documentation, I am not 100% sure the tool is correct.Change the URL, before compiling it.

some help is appreciated

Regards,Ferdinand deBoevere

-------------------------------------------------------------------
List admin: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html

Received on 2016-10-08