[ Crash ] Curling an https url from a universal deb segfaults
lexidor opened this issue · comments
Lexidor Digital commented
Describe the bug
\curl_exec()
segfaults when given an https url when running in a universal deb.
Standalone code, or other way to reproduce the problem
<<__EntryPoint>>
function my_main(): void {
curl_and_print_length('http://example.com');
curl_and_print_length('https://example.com');
}
function curl_and_print_length(string $url): void {
$ch = \curl_init($url);
\curl_setopt($ch, CURLOPT_RETURNTRANSFER, "1");
$res = \curl_exec($ch);
invariant($res is string, "Curl exec did not return a string");
echo \strlen($res)."\n\n";
}
Steps to reproduce the behavior:
- Install a universal deb of hhvm (the release specific doesn't break).
- Execute
hhvm --no-config file.hack
- Observe segfault
Expected behavior
Script should print two positive integers and exit gracefully.
Actual behavior
$ hhvm --no-config file.hack
1256
Core dumped: Segmentation fault
Stack trace in /tmp/stacktrace.7261.log
Segmentation fault (core dumped)
Environment
- Operating system
Ubuntu 18.04
- Installation method
apt-get with dl.hhvm.com repository universal
- HHVM Version
HipHop VM 4.168.0 (rel) (non-lowptr)
Compiler: 1662768682_326508489
Repo schema: 7e56fd46b2e3c789c3f4aaa49d503ee5bf70da0d
hackc-8952dd02335e2750eccb75dc7ac331299f851c61-4.168.0
Additional context
The stacktrace.\d+.log file is not very meaningful. It is not possible to install hhvm-dbg
when using universal debs.
Thread 1 "hhvm" received signal SIGSEGV, Segmentation fault.
0x00000000032d80ab in HPHP::CurlResource::ssl_ctx_callback(void*, void*, void*) ()
(gdb) thread apply all bt
Thread 2 (LWP 7921):
#0 0x00007ffff3f5185c in sigtimedwait () from /nix/store/fz54faknl123dimzz6jsppw193lx2mip-glibc-2.35-163/lib/libc.so.6
#1 0x00007ffff3f50f7c in sigwait () from /nix/store/fz54faknl123dimzz6jsppw193lx2mip-glibc-2.35-163/lib/libc.so.6
#2 0x0000000003d7e4b7 in HPHP::(anonymous namespace)::handle_signals(void*) ()
#3 0x00007ffff3f9be86 in start_thread () from /nix/store/fz54faknl123dimzz6jsppw193lx2mip-glibc-2.35-163/lib/libc.so.6
#4 0x00007ffff4021e14 in clone () from /nix/store/fz54faknl123dimzz6jsppw193lx2mip-glibc-2.35-163/lib/libc.so.6
Thread 1 (LWP 7899):
#0 0x00000000032d80ab in HPHP::CurlResource::ssl_ctx_callback(void*, void*, void*) ()
#1 0x00007ffff5bd8a91 in ossl_connect_step1 () from /nix/store/g2ha6rdlbswqicpf9k971vs2ddjyccmh-curl-7.84.0/lib/libcurl.so.4
#2 0x00007ffff5bdb5b7 in ossl_connect_common () from /nix/store/g2ha6rdlbswqicpf9k971vs2ddjyccmh-curl-7.84.0/lib/libcurl.so.4
#3 0x00007ffff5bdc6d7 in Curl_ssl_connect_nonblocking () from /nix/store/g2ha6rdlbswqicpf9k971vs2ddjyccmh-curl-7.84.0/lib/libcurl.so.4
#4 0x00007ffff5b954f6 in Curl_http_connect () from /nix/store/g2ha6rdlbswqicpf9k971vs2ddjyccmh-curl-7.84.0/lib/libcurl.so.4
#5 0x00007ffff5bad124 in multi_runsingle () from /nix/store/g2ha6rdlbswqicpf9k971vs2ddjyccmh-curl-7.84.0/lib/libcurl.so.4
#6 0x00007ffff5bae28e in curl_multi_perform () from /nix/store/g2ha6rdlbswqicpf9k971vs2ddjyccmh-curl-7.84.0/lib/libcurl.so.4
#7 0x00007ffff5b85a03 in curl_easy_perform () from /nix/store/g2ha6rdlbswqicpf9k971vs2ddjyccmh-curl-7.84.0/lib/libcurl.so.4
#8 0x00000000032d5236 in HPHP::CurlResource::execute() ()
#9 0x00000000032dadbe in HPHP::f_curl_exec(HPHP::Resource const&) ()
#10 0x0000000008c00d8c in ?? ()
#11 0x0000000008c0005f in ?? ()
#12 0x0000000008aea6e0 in ?? ()
#13 0x0000000000000000 in ?? ()
Yang, Bo commented
I can reproduce the crash by running the test at hphp/test/slow/ext_curl/curl_close_in_callback.php