Bug 1479881 - curl leaks memory after update of nss-softokn
Summary: curl leaks memory after update of nss-softokn
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: nss-softokn
Version: 26
Hardware: i686
OS: Unspecified
high
high
Target Milestone: ---
Assignee: Daiki Ueno
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-08-09 15:55 UTC by Kamil Dudka
Modified: 2017-09-06 20:51 UTC (History)
5 users (show)

Fixed In Version: nss-softokn-3.32.0-1.2.fc26 nss-softokn-3.32.0-1.2.fc25
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-08-24 03:51:03 UTC
Type: Bug


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Mozilla Foundation 1389052 -- RESOLVED aligned_alloc emulation loses track of original allocation address 2020-02-13 03:32:35 UTC

Description Kamil Dudka 2017-08-09 15:55:06 UTC
Version-Release number of selected component (if applicable):
nss-3.31.0-1.1.fc26.i686
nss-pem-1.0.3-3.fc26.i686
nss-softokn-3.32.0-1.0.fc26.i686
nss-softokn-freebl-3.32.0-1.0.fc26.i686
nss-sysinit-3.31.0-1.1.fc26.i686
nss-tools-3.31.0-1.1.fc26.i686
nss-util-3.32.0-1.0.fc26.i686


Steps to Reproduce:
1. valgrind --leak-check=full curl -so/dev/null https://google.com


Actual results:
# valgrind --leak-check=full curl -so/dev/null https://google.com
[...]
HEAP SUMMARY:
    in use at exit: 5,214 bytes in 31 blocks
  total heap usage: 142,804 allocs, 142,773 frees, 12,229,522 bytes allocated

303 bytes in 1 blocks are definitely lost in loss record 14 of 20
   at 0x483302A: calloc (vg_replace_malloc.c:711)
   by 0x4AC7E43: PR_Calloc (prmem.c:443)
   by 0x4A91CBE: PORT_ZAlloc_Util (secport.c:114)
   by 0x645710A: ??? (in /usr/lib/libfreeblpriv3.so)
   by 0x6457F0A: ??? (in /usr/lib/libfreeblpriv3.so)
   by 0x63266A2: ???
   by 0x63281E4: ???
   by 0x4999974: PK11_Decrypt (pk11obj.c:923)
   by 0x48E30B1: ssl3_AESGCM (ssl3con.c:1871)
   by 0x48F3E5E: ssl3_UnprotectRecord (ssl3con.c:12385)
   by 0x48F3E5E: ssl3_HandleRecord (ssl3con.c:12608)
   by 0x48F5DD7: ssl3_GatherCompleteHandshake (ssl3gthr.c:514)
   by 0x48FDBEB: SSL_ForceHandshake (sslsecur.c:403)

429 bytes in 3 blocks are definitely lost in loss record 15 of 20
   at 0x483302A: calloc (vg_replace_malloc.c:711)
   by 0x4AC7E43: PR_Calloc (prmem.c:443)
   by 0x4A91CBE: PORT_ZAlloc_Util (secport.c:114)
   by 0x6455167: ??? (in /usr/lib/libfreeblpriv3.so)
   by 0x6457B1F: ??? (in /usr/lib/libfreeblpriv3.so)
   by 0x6457F48: ??? (in /usr/lib/libfreeblpriv3.so)
   by 0x63266A2: ???
   by 0x63281E4: ???
   by 0x4999974: PK11_Decrypt (pk11obj.c:923)
   by 0x48E30B1: ssl3_AESGCM (ssl3con.c:1871)
   by 0x48F3E5E: ssl3_UnprotectRecord (ssl3con.c:12385)
   by 0x48F3E5E: ssl3_HandleRecord (ssl3con.c:12608)
   by 0x48F5DD7: ssl3_GatherCompleteHandshake (ssl3gthr.c:514)

606 bytes in 2 blocks are definitely lost in loss record 17 of 20
   at 0x483302A: calloc (vg_replace_malloc.c:711)
   by 0x4AC7E43: PR_Calloc (prmem.c:443)
   by 0x4A91CBE: PORT_ZAlloc_Util (secport.c:114)
   by 0x645710A: ??? (in /usr/lib/libfreeblpriv3.so)
   by 0x6457F0A: ??? (in /usr/lib/libfreeblpriv3.so)
   by 0x63266A2: ???
   by 0x63281E4: ???
   by 0x4999974: PK11_Decrypt (pk11obj.c:923)
   by 0x48E30B1: ssl3_AESGCM (ssl3con.c:1871)
   by 0x48F3E5E: ssl3_UnprotectRecord (ssl3con.c:12385)
   by 0x48F3E5E: ssl3_HandleRecord (ssl3con.c:12608)
   by 0x48F5DD7: ssl3_GatherCompleteHandshake (ssl3gthr.c:514)
   by 0x48F65A5: ssl3_GatherAppDataRecord (ssl3gthr.c:592)

715 bytes in 5 blocks are definitely lost in loss record 19 of 20
   at 0x483302A: calloc (vg_replace_malloc.c:711)
   by 0x4AC7E43: PR_Calloc (prmem.c:443)
   by 0x4A91CBE: PORT_ZAlloc_Util (secport.c:114)
   by 0x6455167: ??? (in /usr/lib/libfreeblpriv3.so)
   by 0x6457B1F: ??? (in /usr/lib/libfreeblpriv3.so)
   by 0x6457F48: ??? (in /usr/lib/libfreeblpriv3.so)
   by 0x63266A2: ???
   by 0x6327884: ???
   by 0x4999B81: PK11_Encrypt (pk11obj.c:970)
   by 0x48E31AE: ssl3_AESGCM (ssl3con.c:1874)
   by 0x48E48A2: ssl3_CompressMACEncryptRecord (ssl3con.c:2439)
   by 0x48E5042: ssl_ProtectRecord (ssl3con.c:2578)

1,515 bytes in 5 blocks are definitely lost in loss record 20 of 20
   at 0x483302A: calloc (vg_replace_malloc.c:711)
   by 0x4AC7E43: PR_Calloc (prmem.c:443)
   by 0x4A91CBE: PORT_ZAlloc_Util (secport.c:114)
   by 0x645710A: ??? (in /usr/lib/libfreeblpriv3.so)
   by 0x6457F0A: ??? (in /usr/lib/libfreeblpriv3.so)
   by 0x63266A2: ???
   by 0x6327884: ???
   by 0x4999B81: PK11_Encrypt (pk11obj.c:970)
   by 0x48E31AE: ssl3_AESGCM (ssl3con.c:1874)
   by 0x48E48A2: ssl3_CompressMACEncryptRecord (ssl3con.c:2439)
   by 0x48E5042: ssl_ProtectRecord (ssl3con.c:2578)
   by 0x48E9E21: ssl3_SendRecord (ssl3con.c:2772)

LEAK SUMMARY:
   definitely lost: 3,568 bytes in 16 blocks
   indirectly lost: 0 bytes in 0 blocks
     possibly lost: 0 bytes in 0 blocks
   still reachable: 1,646 bytes in 15 blocks
        suppressed: 0 bytes in 0 blocks


Expected results:
Downgrade to nss-softokn-3.31.0-1.0.fc26.i686 fixes the problem:
# dnf install https://kojipkgs.fedoraproject.org//packages/nss-softokn/3.31.0/1.0.fc26/i686/nss-softokn-3.31.0-1.0.fc26.i686.rpm https://kojipkgs.fedoraproject.org//packages/nss-softokn/3.31.0/1.0.fc26/i686/nss-softokn-devel-3.31.0-1.0.fc26.i686.rpm https://kojipkgs.fedoraproject.org//packages/nss-softokn/3.31.0/1.0.fc26/i686/nss-softokn-freebl-3.31.0-1.0.fc26.i686.rpm https://kojipkgs.fedoraproject.org//packages/nss-softokn/3.31.0/1.0.fc26/i686/nss-softokn-freebl-devel-3.31.0-1.0.fc26.i686.rpm https://kojipkgs.fedoraproject.org//packages/nss-softokn/3.31.0/1.0.fc26/i686/nss-softokn-debuginfo-3.31.0-1.0.fc26.i686.rpm

# valgrind --leak-check=full curl -so/dev/null https://google.com
[...]
HEAP SUMMARY:
    in use at exit: 1,646 bytes in 15 blocks
  total heap usage: 142,832 allocs, 142,817 frees, 12,242,922 bytes allocated

LEAK SUMMARY:
   definitely lost: 0 bytes in 0 blocks
   indirectly lost: 0 bytes in 0 blocks
     possibly lost: 0 bytes in 0 blocks
   still reachable: 1,646 bytes in 15 blocks
        suppressed: 0 bytes in 0 blocks


Additional info:
This regression in stable Fedora delayed a release of curl security update:
https://koji.fedoraproject.org/koji/taskinfo?taskID=21127860

Comment 1 Kamil Dudka 2017-08-09 16:08:16 UTC
I forgot to upgrade nss-softokn-debuginfo while pasting valgrind's output.
Pasting now again with more symbols resolved:

# valgrind --leak-check=full curl -so/dev/null https://google.com
[...]
HEAP SUMMARY:
    in use at exit: 5,214 bytes in 31 blocks
  total heap usage: 142,807 allocs, 142,776 frees, 12,229,574 bytes allocated

303 bytes in 1 blocks are definitely lost in loss record 14 of 20
   at 0x483302A: calloc (vg_replace_malloc.c:711)
   by 0x4AC7E43: PR_Calloc (prmem.c:443)
   by 0x4A91CBE: PORT_ZAlloc_Util (secport.c:114)
   by 0x645710A: AES_AllocateContext (rijndael.c:1021)
   by 0x6457F0A: AES_CreateContext (rijndael.c:1238)
   by 0x63266A2: ???
   by 0x63281E4: ???
   by 0x4999974: PK11_Decrypt (pk11obj.c:923)
   by 0x48E30B1: ssl3_AESGCM (ssl3con.c:1871)
   by 0x48F3E5E: ssl3_UnprotectRecord (ssl3con.c:12385)
   by 0x48F3E5E: ssl3_HandleRecord (ssl3con.c:12608)
   by 0x48F5DD7: ssl3_GatherCompleteHandshake (ssl3gthr.c:514)
   by 0x48FDBEB: SSL_ForceHandshake (sslsecur.c:403)

429 bytes in 3 blocks are definitely lost in loss record 15 of 20
   at 0x483302A: calloc (vg_replace_malloc.c:711)
   by 0x4AC7E43: PR_Calloc (prmem.c:443)
   by 0x4A91CBE: PORT_ZAlloc_Util (secport.c:114)
   by 0x6455167: GCM_CreateContext (gcm.c:599)
   by 0x6457B1F: AES_InitContext (rijndael.c:1193)
   by 0x6457F48: AES_CreateContext (rijndael.c:1240)
   by 0x63266A2: ???
   by 0x63281E4: ???
   by 0x4999974: PK11_Decrypt (pk11obj.c:923)
   by 0x48E30B1: ssl3_AESGCM (ssl3con.c:1871)
   by 0x48F3E5E: ssl3_UnprotectRecord (ssl3con.c:12385)
   by 0x48F3E5E: ssl3_HandleRecord (ssl3con.c:12608)
   by 0x48F5DD7: ssl3_GatherCompleteHandshake (ssl3gthr.c:514)

606 bytes in 2 blocks are definitely lost in loss record 17 of 20
   at 0x483302A: calloc (vg_replace_malloc.c:711)
   by 0x4AC7E43: PR_Calloc (prmem.c:443)
   by 0x4A91CBE: PORT_ZAlloc_Util (secport.c:114)
   by 0x645710A: AES_AllocateContext (rijndael.c:1021)
   by 0x6457F0A: AES_CreateContext (rijndael.c:1238)
   by 0x63266A2: ???
   by 0x63281E4: ???
   by 0x4999974: PK11_Decrypt (pk11obj.c:923)
   by 0x48E30B1: ssl3_AESGCM (ssl3con.c:1871)
   by 0x48F3E5E: ssl3_UnprotectRecord (ssl3con.c:12385)
   by 0x48F3E5E: ssl3_HandleRecord (ssl3con.c:12608)
   by 0x48F5DD7: ssl3_GatherCompleteHandshake (ssl3gthr.c:514)
   by 0x48F65A5: ssl3_GatherAppDataRecord (ssl3gthr.c:592)

715 bytes in 5 blocks are definitely lost in loss record 19 of 20
   at 0x483302A: calloc (vg_replace_malloc.c:711)
   by 0x4AC7E43: PR_Calloc (prmem.c:443)
   by 0x4A91CBE: PORT_ZAlloc_Util (secport.c:114)
   by 0x6455167: GCM_CreateContext (gcm.c:599)
   by 0x6457B1F: AES_InitContext (rijndael.c:1193)
   by 0x6457F48: AES_CreateContext (rijndael.c:1240)
   by 0x63266A2: ???
   by 0x6327884: ???
   by 0x4999B81: PK11_Encrypt (pk11obj.c:970)
   by 0x48E31AE: ssl3_AESGCM (ssl3con.c:1874)
   by 0x48E48A2: ssl3_CompressMACEncryptRecord (ssl3con.c:2439)
   by 0x48E5042: ssl_ProtectRecord (ssl3con.c:2578)

1,515 bytes in 5 blocks are definitely lost in loss record 20 of 20
   at 0x483302A: calloc (vg_replace_malloc.c:711)
   by 0x4AC7E43: PR_Calloc (prmem.c:443)
   by 0x4A91CBE: PORT_ZAlloc_Util (secport.c:114)
   by 0x645710A: AES_AllocateContext (rijndael.c:1021)
   by 0x6457F0A: AES_CreateContext (rijndael.c:1238)
   by 0x63266A2: ???
   by 0x6327884: ???
   by 0x4999B81: PK11_Encrypt (pk11obj.c:970)
   by 0x48E31AE: ssl3_AESGCM (ssl3con.c:1874)
   by 0x48E48A2: ssl3_CompressMACEncryptRecord (ssl3con.c:2439)
   by 0x48E5042: ssl_ProtectRecord (ssl3con.c:2578)
   by 0x48E9E21: ssl3_SendRecord (ssl3con.c:2772)

LEAK SUMMARY:
   definitely lost: 3,568 bytes in 16 blocks
   indirectly lost: 0 bytes in 0 blocks
     possibly lost: 0 bytes in 0 blocks
   still reachable: 1,646 bytes in 15 blocks
        suppressed: 0 bytes in 0 blocks

Comment 2 Fedora Update System 2017-08-11 08:33:12 UTC
nspr-4.16.0-1.fc26 nss-3.32.0-1.0.fc26 nss-softokn-3.32.0-1.1.fc26 nss-util-3.32.0-1.0.fc26 has been submitted as an update to Fedora 26. https://bodhi.fedoraproject.org/updates/FEDORA-2017-3f11b3237a

Comment 3 Fedora Update System 2017-08-11 08:35:18 UTC
nspr-4.16.0-1.fc25 nss-3.32.0-1.0.fc25 nss-softokn-3.32.0-1.1.fc25 nss-util-3.32.0-1.0.fc25 has been submitted as an update to Fedora 25. https://bodhi.fedoraproject.org/updates/FEDORA-2017-bb07876a1c

Comment 4 Fedora Update System 2017-08-13 00:59:36 UTC
nspr-4.16.0-1.fc25, nss-3.32.0-1.0.fc25, nss-softokn-3.32.0-1.1.fc25, nss-util-3.32.0-1.0.fc25 has been pushed to the Fedora 25 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-bb07876a1c

Comment 5 Fedora Update System 2017-08-13 04:03:52 UTC
nspr-4.16.0-1.fc26, nss-3.32.0-1.0.fc26, nss-softokn-3.32.0-1.1.fc26, nss-util-3.32.0-1.0.fc26 has been pushed to the Fedora 26 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-3f11b3237a

Comment 6 Fedora Update System 2017-08-18 13:47:58 UTC
nspr-4.16.0-1.fc26 nss-3.32.0-1.1.fc26 nss-softokn-3.32.0-1.2.fc26 nss-util-3.32.0-1.0.fc26 has been submitted as an update to Fedora 26. https://bodhi.fedoraproject.org/updates/FEDORA-2017-3f11b3237a

Comment 7 Fedora Update System 2017-08-18 13:53:24 UTC
nspr-4.16.0-1.fc25 nss-3.32.0-1.1.fc25 nss-softokn-3.32.0-1.2.fc25 nss-util-3.32.0-1.0.fc25 has been submitted as an update to Fedora 25. https://bodhi.fedoraproject.org/updates/FEDORA-2017-bb07876a1c

Comment 8 Fedora Update System 2017-08-21 01:20:51 UTC
nspr-4.16.0-1.fc25, nss-3.32.0-1.1.fc25, nss-softokn-3.32.0-1.2.fc25, nss-util-3.32.0-1.0.fc25 has been pushed to the Fedora 25 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-bb07876a1c

Comment 9 Fedora Update System 2017-08-22 18:05:48 UTC
nspr-4.16.0-1.fc26, nss-3.32.0-1.1.fc26, nss-softokn-3.32.0-1.2.fc26, nss-util-3.32.0-1.0.fc26 has been pushed to the Fedora 26 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-3f11b3237a

Comment 10 Fedora Update System 2017-08-24 03:51:03 UTC
nspr-4.16.0-1.fc26, nss-3.32.0-1.1.fc26, nss-softokn-3.32.0-1.2.fc26, nss-util-3.32.0-1.0.fc26 has been pushed to the Fedora 26 stable repository. If problems still persist, please make note of it in this bug report.

Comment 11 Fedora Update System 2017-09-06 20:51:43 UTC
nspr-4.16.0-1.fc25, nss-3.32.0-1.1.fc25, nss-softokn-3.32.0-1.2.fc25, nss-util-3.32.0-1.0.fc25 has been pushed to the Fedora 25 stable repository. If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.