New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
lib/hostip.c: SCDynamicStoreCopyProxies is not safe to run in a fork #11252
Comments
stanhu
added a commit
to stanhu/curl
that referenced
this issue
Jun 5, 2023
curl#7121 introduced a macOS system call to `SCDynamicStoreCopyProxies`, which is invoked every time an IP address needs to be resolved. However, this system call is not thread-safe, and macOS will kill the process if the system call is run first in a fork. To make it possible for the parent process to call this once and prevent the crash, only invoke this system call in the global initialization routine. Closes curl#11252
We could move it to a global initialization function if that's what makes it safer. |
stanhu
added a commit
to stanhu/curl
that referenced
this issue
Jun 5, 2023
curl#7121 introduced a macOS system call to `SCDynamicStoreCopyProxies`, which is invoked every time an IP address needs to be resolved. However, this system call is not thread-safe, and macOS will kill the process if the system call is run first in a fork. To make it possible for the parent process to call this once and prevent the crash, only invoke this system call in the global initialization routine. Closes curl#11252
stanhu
added a commit
to stanhu/curl
that referenced
this issue
Jun 5, 2023
curl#7121 introduced a macOS system call to `SCDynamicStoreCopyProxies`, which is invoked every time an IP address needs to be resolved. However, this system call is not thread-safe, and macOS will kill the process if the system call is run first in a fork. To make it possible for the parent process to call this once and prevent the crash, only invoke this system call in the global initialization routine. Closes curl#11252
stanhu
added a commit
to stanhu/curl
that referenced
this issue
Jun 5, 2023
curl#7121 introduced a macOS system call to `SCDynamicStoreCopyProxies`, which is invoked every time an IP address needs to be resolved. However, this system call is not thread-safe, and macOS will kill the process if the system call is run first in a fork. To make it possible for the parent process to call this once and prevent the crash, only invoke this system call in the global initialization routine. Closes curl#11252
stanhu
added a commit
to stanhu/curl
that referenced
this issue
Jun 5, 2023
curl#7121 introduced a macOS system call to `SCDynamicStoreCopyProxies`, which is invoked every time an IP address needs to be resolved. However, this system call is not thread-safe, and macOS will kill the process if the system call is run first in a fork. To make it possible for the parent process to call this once and prevent the crash, only invoke this system call in the global initialization routine. Closes curl#11252
Ultimately it is a forking issue, but I'd argue that #11254 would be useful anyways because:
|
stanhu
added a commit
to stanhu/curl
that referenced
this issue
Jun 9, 2023
curl#7121 introduced a macOS system call to `SCDynamicStoreCopyProxies`, which is invoked every time an IP address needs to be resolved. However, this system call is not thread-safe, and macOS will kill the process if the system call is run first in a fork. To make it possible for the parent process to call this once and prevent the crash, only invoke this system call in the global initialization routine. In addition, this change is beneficial because it: 1. Avoids extra macOS system calls for every IP lookup. 2. Consolidates macOS-specific initialization in a separate file. Closes curl#11252
bch
pushed a commit
to bch/curl
that referenced
this issue
Jul 19, 2023
curl#7121 introduced a macOS system call to `SCDynamicStoreCopyProxies`, which is invoked every time an IP address needs to be resolved. However, this system call is not thread-safe, and macOS will kill the process if the system call is run first in a fork. To make it possible for the parent process to call this once and prevent the crash, only invoke this system call in the global initialization routine. In addition, this change is beneficial because it: 1. Avoids extra macOS system calls for every IP lookup. 2. Consolidates macOS-specific initialization in a separate file. Fixes curl#11252 Closes curl#11254
ptitSeb
pushed a commit
to wasix-org/curl
that referenced
this issue
Sep 25, 2023
curl#7121 introduced a macOS system call to `SCDynamicStoreCopyProxies`, which is invoked every time an IP address needs to be resolved. However, this system call is not thread-safe, and macOS will kill the process if the system call is run first in a fork. To make it possible for the parent process to call this once and prevent the crash, only invoke this system call in the global initialization routine. In addition, this change is beneficial because it: 1. Avoids extra macOS system calls for every IP lookup. 2. Consolidates macOS-specific initialization in a separate file. Fixes curl#11252 Closes curl#11254
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I did this
The Elasticsearch Ruby client uses the
Typhoeus
Ruby gem, which useslibcurl
. If you do something like this:The process crashes with this warning:
I expected the following
No error.
For simple applications, you can work around the problem by making the
libcurl
call outside of the fork:However, this doesn't always work. As discussed in the links below, these macOS system calls are not thread-safe. Under some circumstances calling
SCDynamicStoreCopyProxiesWithOptions
can crash with a backtrace as the following:This system call was introduced in #7121 by @zajdee. I'm wondering: can we avoid calling this system call more than once? For example, I'm wondering if we can move this into
curl_global_init()
instead.curl/libcurl version
operating system
macOS Ventura 13.4
The text was updated successfully, but these errors were encountered: