php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #34420 curl_multi causes segfault
Submitted: 2005-09-08 06:47 UTC Modified: 2005-09-08 16:50 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: blucasco at gmail dot com Assigned:
Status: Closed Package: cURL related
PHP Version: 5CVS-2005-09-08 (CVS) OS: i386 SuSE 9.1 Pro
Private report: No CVE-ID:
 [2005-09-08 06:47 UTC] blucasco at gmail dot com
Description:
------------
This code causes seg fault on any version of PHP 5, including newest CVS build (php5-200509080230).

Are there threading issues?  Is curl_multi not reliable?

I seem unable to test with --enable-thread-safety or --enable-experimental-zts (doesn't compile in properly) so I can't confirm.

Reproduce code:
---------------
<?php
$connomains = array(
   "http://www.cnn.com/",
   "http://www.canada.com/",
   "http://www.yahoo.com/"
);
while(1) {
$mh = curl_multi_init();

foreach ($connomains as $i => $url) {
  $conn[$i] = curl_init($url);
  curl_setopt($conn[$i], CURLOPT_RETURNTRANSFER, 1);
  curl_multi_add_handle ($mh,$conn[$i]);
}

// start performing the request
do {
  $mrc = curl_multi_exec($mh, $active);
} while ($mrc == CURLM_CALL_MULTI_PERFORM);

while ($active and $mrc == CURLM_OK) {
  // wait for network
  if (curl_multi_select($mh) != -1) {
   // pull in any new data, or at least handle timeouts
   do {
     $mrc = curl_multi_exec($mh, $active);
   } while ($mrc == CURLM_CALL_MULTI_PERFORM);
  }
}

if ($mrc != CURLM_OK) {
  print "Curl multi read error $mrc\n";
}

// retrieve data
foreach ($connomains as $i => $url) {
  if (($err = curl_error($conn[$i])) == '') {
   $res[$i]=curl_multi_getcontent($conn[$i]);
  } else {
   print "Curl error on handle $i: $err\n";
  }
  curl_multi_remove_handle($mh,$conn[$i]);
  curl_close($conn[$i]);
}
curl_multi_close($mh);

print_r($res);
}
?>

Expected result:
----------------
Expected: continous loop after everything is properly closed.


Actual result:
--------------
Segmentation fault

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2005-09-08 06:54 UTC] blucasco at gmail dot com
Also, I have tried with both curl 7.13.x and 7.14.1 compiled in (separate builds) with the same type of seg-fault after several iterations.
 [2005-09-08 07:29 UTC] sniper@php.net
Thank you for this bug report. To properly diagnose the problem, we
need a backtrace to see what is happening behind the scenes. To
find out how to generate a backtrace, please read
http://bugs.php.net/bugs-generating-backtrace.php

Once you have generated a backtrace, please submit it to this bug
report and change the status back to "Open". Thank you for helping
us make PHP better.


 [2005-09-08 16:09 UTC] blucasco at gmail dot com
Second run (added CURLOPT_DNS_USE_GLOBAL_CACHE, 0):

Program received signal SIGSEGV, Segmentation fault.
0x0808ce0f in zif_curl_setopt (ht=3, return_value=0x86cbc8c, return_value_ptr=0x0, this_ptr=0x0, return_value_used=0)
    at /root/disks/src/php5-200509080230/ext/curl/interface.c:1066
1066                                    ch->handlers->write->method = PHP_CURL_RETURN;




First run (CURLOPT_DNS_USE_GLOBAL_CACHE, 1): 

Reading symbols from /lib/libcrypt.so.1...done.
Loaded symbols for /lib/libcrypt.so.1
Reading symbols from /lib/libz.so.1...done.
Loaded symbols for /lib/libz.so.1
Reading symbols from /lib/libresolv.so.2...done.
Loaded symbols for /lib/libresolv.so.2
Reading symbols from /lib/tls/libm.so.6...done.
Loaded symbols for /lib/tls/libm.so.6
Reading symbols from /lib/libdl.so.2...done.
Loaded symbols for /lib/libdl.so.2
Reading symbols from /lib/libnsl.so.1...done.
Loaded symbols for /lib/libnsl.so.1
Reading symbols from /usr/lib/libcurl.so.3...done.
Loaded symbols for /usr/lib/libcurl.so.3
Reading symbols from /usr/lib/libidn.so.11...done.
Loaded symbols for /usr/lib/libidn.so.11
Reading symbols from /usr/lib/libssl.so.0.9.7...done.
Loaded symbols for /usr/lib/libssl.so.0.9.7
Reading symbols from /usr/lib/libcrypto.so.0.9.7...done.
Loaded symbols for /usr/lib/libcrypto.so.0.9.7
Reading symbols from /usr/lib/libxml2.so.2...done.
Loaded symbols for /usr/lib/libxml2.so.2
Reading symbols from /lib/tls/libc.so.6...done.
Loaded symbols for /lib/tls/libc.so.6
Reading symbols from /lib/ld-linux.so.2...done.
Loaded symbols for /lib/ld-linux.so.2
Reading symbols from /lib/libnss_files.so.2...done.
Loaded symbols for /lib/libnss_files.so.2
Reading symbols from /lib/libnss_dns.so.2...done.
Loaded symbols for /lib/libnss_dns.so.2
#0  0x0808ce0f in zif_curl_setopt (ht=3, return_value=0x86cbae4, return_value_ptr=0x0, this_ptr=0x0, return_value_used=0)
    at /root/disks/src/php5-200509080230/ext/curl/interface.c:1066
1066                                    ch->handlers->write->method = PHP_CURL_RETURN;
 [2005-09-08 16:50 UTC] iliaa@php.net
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.


 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Sun Apr 20 20:02:01 2014 UTC