-
-
Notifications
You must be signed in to change notification settings - Fork 6.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
lib/hostip.c: SCDynamicStoreCopyProxies is not safe to run in a fork #11252
Comments
curl#7121 introduced a macOS system call to `SCDynamicStoreCopyProxies`, which is invoked every time an IP address needs to be resolved. However, this system call is not thread-safe, and macOS will kill the process if the system call is run first in a fork. To make it possible for the parent process to call this once and prevent the crash, only invoke this system call in the global initialization routine. Closes curl#11252
We could move it to a global initialization function if that's what makes it safer. |
curl#7121 introduced a macOS system call to `SCDynamicStoreCopyProxies`, which is invoked every time an IP address needs to be resolved. However, this system call is not thread-safe, and macOS will kill the process if the system call is run first in a fork. To make it possible for the parent process to call this once and prevent the crash, only invoke this system call in the global initialization routine. Closes curl#11252
curl#7121 introduced a macOS system call to `SCDynamicStoreCopyProxies`, which is invoked every time an IP address needs to be resolved. However, this system call is not thread-safe, and macOS will kill the process if the system call is run first in a fork. To make it possible for the parent process to call this once and prevent the crash, only invoke this system call in the global initialization routine. Closes curl#11252
curl#7121 introduced a macOS system call to `SCDynamicStoreCopyProxies`, which is invoked every time an IP address needs to be resolved. However, this system call is not thread-safe, and macOS will kill the process if the system call is run first in a fork. To make it possible for the parent process to call this once and prevent the crash, only invoke this system call in the global initialization routine. Closes curl#11252
curl#7121 introduced a macOS system call to `SCDynamicStoreCopyProxies`, which is invoked every time an IP address needs to be resolved. However, this system call is not thread-safe, and macOS will kill the process if the system call is run first in a fork. To make it possible for the parent process to call this once and prevent the crash, only invoke this system call in the global initialization routine. Closes curl#11252
Ultimately it is a forking issue, but I'd argue that #11254 would be useful anyways because:
|
curl#7121 introduced a macOS system call to `SCDynamicStoreCopyProxies`, which is invoked every time an IP address needs to be resolved. However, this system call is not thread-safe, and macOS will kill the process if the system call is run first in a fork. To make it possible for the parent process to call this once and prevent the crash, only invoke this system call in the global initialization routine. In addition, this change is beneficial because it: 1. Avoids extra macOS system calls for every IP lookup. 2. Consolidates macOS-specific initialization in a separate file. Closes curl#11252
curl#7121 introduced a macOS system call to `SCDynamicStoreCopyProxies`, which is invoked every time an IP address needs to be resolved. However, this system call is not thread-safe, and macOS will kill the process if the system call is run first in a fork. To make it possible for the parent process to call this once and prevent the crash, only invoke this system call in the global initialization routine. In addition, this change is beneficial because it: 1. Avoids extra macOS system calls for every IP lookup. 2. Consolidates macOS-specific initialization in a separate file. Fixes curl#11252 Closes curl#11254
curl#7121 introduced a macOS system call to `SCDynamicStoreCopyProxies`, which is invoked every time an IP address needs to be resolved. However, this system call is not thread-safe, and macOS will kill the process if the system call is run first in a fork. To make it possible for the parent process to call this once and prevent the crash, only invoke this system call in the global initialization routine. In addition, this change is beneficial because it: 1. Avoids extra macOS system calls for every IP lookup. 2. Consolidates macOS-specific initialization in a separate file. Fixes curl#11252 Closes curl#11254
The call to Postgres has a setting called But the issue with Then I thought, what if I create a hook for extensions to run code when backends are at steady-state. I could call At this point, I am currently out of ideas. Do y'all have any suggestions to work-around this terrible situation (where Apple is wholly to blame, not curl developers). |
I'm not quite sure what you're trying to do. Are you trying to write a PostgreSQL extension that loads |
Yes. Let me edit my message |
This sounds more like a question for the PostgreSQL mailing list, but I thought that the main process ( Once that server starts up, then the I would expect that these forked process would have the right state if |
Postgres has a check for I was reading this SO answer (https://stackoverflow.com/a/42679479/7572728) to understand the problem-space a little bit better. It sounds like there is a potential for problems, which may not exist in the context of this particular situation, but could in others. Anyway, I'll take this to the Postgres list. Thanks for your help :). |
I did this
The Elasticsearch Ruby client uses the
Typhoeus
Ruby gem, which useslibcurl
. If you do something like this:The process crashes with this warning:
I expected the following
No error.
For simple applications, you can work around the problem by making the
libcurl
call outside of the fork:However, this doesn't always work. As discussed in the links below, these macOS system calls are not thread-safe. Under some circumstances calling
SCDynamicStoreCopyProxiesWithOptions
can crash with a backtrace as the following:This system call was introduced in #7121 by @zajdee. I'm wondering: can we avoid calling this system call more than once? For example, I'm wondering if we can move this into
curl_global_init()
instead.curl/libcurl version
operating system
macOS Ventura 13.4
The text was updated successfully, but these errors were encountered: