Bug 1043864 - Get some invalid read reports from valgrind while connect the hypervisor using TLS with SASL via ipv4
Summary: Get some invalid read reports from valgrind while connect the hypervisor usi...
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: libvirt
Version: 7.0
Hardware: Unspecified
OS: Unspecified
low
low
Target Milestone: rc
: ---
Assignee: Ján Tomko
QA Contact: Virtualization Bugs
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2013-12-17 11:37 UTC by zhenfeng wang
Modified: 2014-06-18 01:01 UTC (History)
4 users (show)

Fixed In Version: libvirt-1.1.1-16.el7
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2014-06-13 09:30:29 UTC
Target Upstream Version:

Attachments (Terms of Use)
The configuration of tls (2.17 KB, text/plain)
2013-12-17 11:42 UTC, zhenfeng wang 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Description zhenfeng wang 2013-12-17 11:37:49 UTC 
Description of problem:
Get some invalid read reports from valgrind while connect the hypervisor  using TLS with SASL via ipv4

Version-Release number of selected component (if applicable):
libvirt-1.1.1-15.el7.x86_64
kernel-3.10.0-60.el7.x86_64
qemu-kvm-rhev-1.5.3-21.el7.x86_64

How reproducible:
100%

Steps to Reproduce:
1.Configure the tls environment, you can reference the attachment for more details
2.Connect to the hypervisor running on host using TLS with SASL via ipv4
after connected, i could get some invalid read reports from valgrind

# valgrind -v --leak-check=full virsh -c qemu+tls://zhwang71/system list --all
=3712== Invalid read of size 1
==3712==    at 0x8004EBB: vfprintf (in /usr/lib64/libc-2.17.so)
==3712==    by 0x80C9414: __vasprintf_chk (in /usr/lib64/libc-2.17.so)
==3712==    by 0x4CB5075: virVasprintfInternal (stdio2.h:210)
==3712==    by 0x4C9A745: virLogVMessage (virlog.c:842)
==3712==    by 0x4C9AC26: virLogMessage (virlog.c:778)
==3712==    by 0x4D98BC4: virNetSASLSessionClientStep (virnetsaslcontext.c:460)
==3712==    by 0x4D819D5: doRemoteOpen (remote_driver.c:4131)
==3712==    by 0x4D81FE5: remoteConnectOpen (remote_driver.c:1027)
==3712==    by 0x4D2802C: do_open (libvirt.c:1239)
==3712==    by 0x4D2A898: virConnectOpenAuth (libvirt.c:1481)
==3712==    by 0x12BB99: vshReconnect (virsh.c:336)
==3712==    by 0x126DBA: main (virsh.c:2353)
==3712==  Address 0xd9a0f5e is 0 bytes after a block of size 126 alloc'd
==3712==    at 0x4A081D4: calloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==3712==    by 0x80E45A4: xdr_array (in /usr/lib64/libc-2.17.so)
==3712==    by 0x4D86251: xdr_remote_auth_sasl_start_ret (remote_protocol.c:3134)
==3712==    by 0x4D9729F: virNetMessageDecodePayload (virnetmessage.c:405)
==3712==    by 0x4D8DC6B: virNetClientProgramCall (virnetclientprogram.c:377)
==3712==    by 0x4D69391: callFull.isra.2 (remote_driver.c:5727)
==3712==    by 0x4D8190A: doRemoteOpen (remote_driver.c:5749)
==3712==    by 0x4D81FE5: remoteConnectOpen (remote_driver.c:1027)
==3712==    by 0x4D2802C: do_open (libvirt.c:1239)
==3712==    by 0x4D2A898: virConnectOpenAuth (libvirt.c:1481)
==3712==    by 0x12BB99: vshReconnect (virsh.c:336)
==3712==    by 0x126DBA: main (virsh.c:2353)
==3712== 
--3712-- REDIR: 0xffffffffff600000 (???) redirected to 0x380673e3 (???)
Please enter your authentication name: redhat
Please enter your password: 
--3712-- REDIR: 0x80526c0 (__stpcpy_sse2_unaligned) redirected to 0x4a0b260 (stpcpy)
--3712-- REDIR: 0x8053ed0 (__strcat_sse2_unaligned) redirected to 0x4a08fa0 (strcat)
 Id    Name                           State
----------------------------------------------------
 -     rhel                           shut off
 -     rhel6                          shut off
 -     rhel7                          shut off
 -     rhel7com                       shut off
 -     rhel7qcow2                     shut off
 -     rheltest2                      shut off
 -     test                           shut off
 -     win7                           shut off

--3712-- Discarding syms at 0x14b8e1e0-0x14b953cc in /usr/lib64/libnss_files-2.17.so due to munmap()
==3712== 
==3712== HEAP SUMMARY:
==3712==     in use at exit: 571,462 bytes in 2,303 blocks
==3712==   total heap usage: 18,641 allocs, 16,338 frees, 5,734,379 bytes allocated
==3712== 
==3712== Searching for pointers to 2,303 not-freed blocks
==3712== Checked 1,598,904 bytes
==3712== 
==3712== LEAK SUMMARY:
==3712==    definitely lost: 0 bytes in 0 blocks
==3712==    indirectly lost: 0 bytes in 0 blocks
==3712==      possibly lost: 0 bytes in 0 blocks
==3712==    still reachable: 571,462 bytes in 2,303 blocks
==3712==         suppressed: 0 bytes in 0 blocks
==3712== Reachable blocks (those to which a pointer was found) are not shown.
==3712== To see them, rerun with: --leak-check=full --show-leak-kinds=all
==3712== 
==3712== ERROR SUMMARY: 3 errors from 1 contexts (suppressed: 2 from 2)
==3712== 
==3712== 3 errors in context 1 of 1:
==3712== Invalid read of size 1
==3712==    at 0x8004EBB: vfprintf (in /usr/lib64/libc-2.17.so)
==3712==    by 0x80C9414: __vasprintf_chk (in /usr/lib64/libc-2.17.so)
==3712==    by 0x4CB5075: virVasprintfInternal (stdio2.h:210)
==3712==    by 0x4C9A745: virLogVMessage (virlog.c:842)
==3712==    by 0x4C9AC26: virLogMessage (virlog.c:778)
==3712==    by 0x4D98BC4: virNetSASLSessionClientStep (virnetsaslcontext.c:460)
==3712==    by 0x4D819D5: doRemoteOpen (remote_driver.c:4131)
==3712==    by 0x4D81FE5: remoteConnectOpen (remote_driver.c:1027)
==3712==    by 0x4D2802C: do_open (libvirt.c:1239)
==3712==    by 0x4D2A898: virConnectOpenAuth (libvirt.c:1481)
==3712==    by 0x12BB99: vshReconnect (virsh.c:336)
==3712==    by 0x126DBA: main (virsh.c:2353)
==3712==  Address 0xd9a0f5e is 0 bytes after a block of size 126 alloc'd
==3712==    at 0x4A081D4: calloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==3712==    by 0x80E45A4: xdr_array (in /usr/lib64/libc-2.17.so)
==3712==    by 0x4D86251: xdr_remote_auth_sasl_start_ret (remote_protocol.c:3134)
==3712==    by 0x4D9729F: virNetMessageDecodePayload (virnetmessage.c:405)
==3712==    by 0x4D8DC6B: virNetClientProgramCall (virnetclientprogram.c:377)
==3712==    by 0x4D69391: callFull.isra.2 (remote_driver.c:5727)
==3712==    by 0x4D8190A: doRemoteOpen (remote_driver.c:5749)
==3712==    by 0x4D81FE5: remoteConnectOpen (remote_driver.c:1027)
==3712==    by 0x4D2802C: do_open (libvirt.c:1239)
==3712==    by 0x4D2A898: virConnectOpenAuth (libvirt.c:1481)
==3712==    by 0x12BB99: vshReconnect (virsh.c:336)
==3712==    by 0x126DBA: main (virsh.c:2353)

Actual results:
as steps

Expected results:
shouldn't get the invalid read report

Additional info:
Comment 1 zhenfeng wang 2013-12-17 11:42:57 UTC 
Created attachment 837637 [details]
The configuration of tls
Comment 3 Ján Tomko 2013-12-17 15:14:26 UTC 
Fixed upstream by
commit 986900a5af6491d54f7779f6368f1fc41eb53690
Author:     Christophe Fergeau <cfergeau>
AuthorDate: 2013-11-22 17:54:53 +0100
Commit:     Christophe Fergeau <cfergeau>
CommitDate: 2013-11-26 11:52:58 +0100

    Fix invalid read in virNetSASLSessionClientStep debug log
    
    virNetSASLSessionClientStep logs the data that is going to be passed to
    sasl_client_step as input data. However, it tries to log it as a string,
    while there is no guarantee that this data is going to be nul-terminated.
    This leads to this valgrind log:
...
git describe: v1.2.0-rc1-4-g986900a contains: v1.2.0-rc2~12

Downstream patch posted:
http://post-office.corp.redhat.com/archives/rhvirt-patches/2013-December/msg00714.html
Comment 5 zhenfeng wang 2013-12-20 03:33:24 UTC 
Verify this bug with libvirt-1.1.1-16.el7. The invalid read reports from valgrind has gone while i  verify this bug with the comment 0 steps, so mark this bug verified.
Comment 6 Ludek Smid 2014-06-13 09:30:29 UTC 
This request was resolved in Red Hat Enterprise Linux 7.0.

Contact your manager or support representative in case you have further questions about the request.
Note You need to log in before you can comment on or make changes to this bug.