Bug 1479881 - curl leaks memory after update of nss-softokn
curl leaks memory after update of nss-softokn
Status: CLOSED ERRATA
Product: Fedora
Classification: Fedora
Component: nss-softokn (Show other bugs)
26
i686 Unspecified
high Severity high
: ---
: ---
Assigned To: Daiki Ueno
Fedora Extras Quality Assurance
: Regression
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2017-08-09 11:55 EDT by Kamil Dudka
Modified: 2017-09-06 16:51 EDT (History)
5 users (show)

See Also:
Fixed In Version: nss-softokn-3.32.0-1.2.fc26 nss-softokn-3.32.0-1.2.fc25
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2017-08-23 23:51:03 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
Mozilla Foundation 1389052 None None None 2017-08-10 08:14 EDT

  None (edit)
Description Kamil Dudka 2017-08-09 11:55:06 EDT
Version-Release number of selected component (if applicable):
nss-3.31.0-1.1.fc26.i686
nss-pem-1.0.3-3.fc26.i686
nss-softokn-3.32.0-1.0.fc26.i686
nss-softokn-freebl-3.32.0-1.0.fc26.i686
nss-sysinit-3.31.0-1.1.fc26.i686
nss-tools-3.31.0-1.1.fc26.i686
nss-util-3.32.0-1.0.fc26.i686


Steps to Reproduce:
1. valgrind --leak-check=full curl -so/dev/null https://google.com


Actual results:
# valgrind --leak-check=full curl -so/dev/null https://google.com
[...]
HEAP SUMMARY:
    in use at exit: 5,214 bytes in 31 blocks
  total heap usage: 142,804 allocs, 142,773 frees, 12,229,522 bytes allocated

303 bytes in 1 blocks are definitely lost in loss record 14 of 20
   at 0x483302A: calloc (vg_replace_malloc.c:711)
   by 0x4AC7E43: PR_Calloc (prmem.c:443)
   by 0x4A91CBE: PORT_ZAlloc_Util (secport.c:114)
   by 0x645710A: ??? (in /usr/lib/libfreeblpriv3.so)
   by 0x6457F0A: ??? (in /usr/lib/libfreeblpriv3.so)
   by 0x63266A2: ???
   by 0x63281E4: ???
   by 0x4999974: PK11_Decrypt (pk11obj.c:923)
   by 0x48E30B1: ssl3_AESGCM (ssl3con.c:1871)
   by 0x48F3E5E: ssl3_UnprotectRecord (ssl3con.c:12385)
   by 0x48F3E5E: ssl3_HandleRecord (ssl3con.c:12608)
   by 0x48F5DD7: ssl3_GatherCompleteHandshake (ssl3gthr.c:514)
   by 0x48FDBEB: SSL_ForceHandshake (sslsecur.c:403)

429 bytes in 3 blocks are definitely lost in loss record 15 of 20
   at 0x483302A: calloc (vg_replace_malloc.c:711)
   by 0x4AC7E43: PR_Calloc (prmem.c:443)
   by 0x4A91CBE: PORT_ZAlloc_Util (secport.c:114)
   by 0x6455167: ??? (in /usr/lib/libfreeblpriv3.so)
   by 0x6457B1F: ??? (in /usr/lib/libfreeblpriv3.so)
   by 0x6457F48: ??? (in /usr/lib/libfreeblpriv3.so)
   by 0x63266A2: ???
   by 0x63281E4: ???
   by 0x4999974: PK11_Decrypt (pk11obj.c:923)
   by 0x48E30B1: ssl3_AESGCM (ssl3con.c:1871)
   by 0x48F3E5E: ssl3_UnprotectRecord (ssl3con.c:12385)
   by 0x48F3E5E: ssl3_HandleRecord (ssl3con.c:12608)
   by 0x48F5DD7: ssl3_GatherCompleteHandshake (ssl3gthr.c:514)

606 bytes in 2 blocks are definitely lost in loss record 17 of 20
   at 0x483302A: calloc (vg_replace_malloc.c:711)
   by 0x4AC7E43: PR_Calloc (prmem.c:443)
   by 0x4A91CBE: PORT_ZAlloc_Util (secport.c:114)
   by 0x645710A: ??? (in /usr/lib/libfreeblpriv3.so)
   by 0x6457F0A: ??? (in /usr/lib/libfreeblpriv3.so)
   by 0x63266A2: ???
   by 0x63281E4: ???
   by 0x4999974: PK11_Decrypt (pk11obj.c:923)
   by 0x48E30B1: ssl3_AESGCM (ssl3con.c:1871)
   by 0x48F3E5E: ssl3_UnprotectRecord (ssl3con.c:12385)
   by 0x48F3E5E: ssl3_HandleRecord (ssl3con.c:12608)
   by 0x48F5DD7: ssl3_GatherCompleteHandshake (ssl3gthr.c:514)
   by 0x48F65A5: ssl3_GatherAppDataRecord (ssl3gthr.c:592)

715 bytes in 5 blocks are definitely lost in loss record 19 of 20
   at 0x483302A: calloc (vg_replace_malloc.c:711)
   by 0x4AC7E43: PR_Calloc (prmem.c:443)
   by 0x4A91CBE: PORT_ZAlloc_Util (secport.c:114)
   by 0x6455167: ??? (in /usr/lib/libfreeblpriv3.so)
   by 0x6457B1F: ??? (in /usr/lib/libfreeblpriv3.so)
   by 0x6457F48: ??? (in /usr/lib/libfreeblpriv3.so)
   by 0x63266A2: ???
   by 0x6327884: ???
   by 0x4999B81: PK11_Encrypt (pk11obj.c:970)
   by 0x48E31AE: ssl3_AESGCM (ssl3con.c:1874)
   by 0x48E48A2: ssl3_CompressMACEncryptRecord (ssl3con.c:2439)
   by 0x48E5042: ssl_ProtectRecord (ssl3con.c:2578)

1,515 bytes in 5 blocks are definitely lost in loss record 20 of 20
   at 0x483302A: calloc (vg_replace_malloc.c:711)
   by 0x4AC7E43: PR_Calloc (prmem.c:443)
   by 0x4A91CBE: PORT_ZAlloc_Util (secport.c:114)
   by 0x645710A: ??? (in /usr/lib/libfreeblpriv3.so)
   by 0x6457F0A: ??? (in /usr/lib/libfreeblpriv3.so)
   by 0x63266A2: ???
   by 0x6327884: ???
   by 0x4999B81: PK11_Encrypt (pk11obj.c:970)
   by 0x48E31AE: ssl3_AESGCM (ssl3con.c:1874)
   by 0x48E48A2: ssl3_CompressMACEncryptRecord (ssl3con.c:2439)
   by 0x48E5042: ssl_ProtectRecord (ssl3con.c:2578)
   by 0x48E9E21: ssl3_SendRecord (ssl3con.c:2772)

LEAK SUMMARY:
   definitely lost: 3,568 bytes in 16 blocks
   indirectly lost: 0 bytes in 0 blocks
     possibly lost: 0 bytes in 0 blocks
   still reachable: 1,646 bytes in 15 blocks
        suppressed: 0 bytes in 0 blocks


Expected results:
Downgrade to nss-softokn-3.31.0-1.0.fc26.i686 fixes the problem:
# dnf install https://kojipkgs.fedoraproject.org//packages/nss-softokn/3.31.0/1.0.fc26/i686/nss-softokn-3.31.0-1.0.fc26.i686.rpm https://kojipkgs.fedoraproject.org//packages/nss-softokn/3.31.0/1.0.fc26/i686/nss-softokn-devel-3.31.0-1.0.fc26.i686.rpm https://kojipkgs.fedoraproject.org//packages/nss-softokn/3.31.0/1.0.fc26/i686/nss-softokn-freebl-3.31.0-1.0.fc26.i686.rpm https://kojipkgs.fedoraproject.org//packages/nss-softokn/3.31.0/1.0.fc26/i686/nss-softokn-freebl-devel-3.31.0-1.0.fc26.i686.rpm https://kojipkgs.fedoraproject.org//packages/nss-softokn/3.31.0/1.0.fc26/i686/nss-softokn-debuginfo-3.31.0-1.0.fc26.i686.rpm

# valgrind --leak-check=full curl -so/dev/null https://google.com
[...]
HEAP SUMMARY:
    in use at exit: 1,646 bytes in 15 blocks
  total heap usage: 142,832 allocs, 142,817 frees, 12,242,922 bytes allocated

LEAK SUMMARY:
   definitely lost: 0 bytes in 0 blocks
   indirectly lost: 0 bytes in 0 blocks
     possibly lost: 0 bytes in 0 blocks
   still reachable: 1,646 bytes in 15 blocks
        suppressed: 0 bytes in 0 blocks


Additional info:
This regression in stable Fedora delayed a release of curl security update:
https://koji.fedoraproject.org/koji/taskinfo?taskID=21127860
Comment 1 Kamil Dudka 2017-08-09 12:08:16 EDT
I forgot to upgrade nss-softokn-debuginfo while pasting valgrind's output.
Pasting now again with more symbols resolved:

# valgrind --leak-check=full curl -so/dev/null https://google.com
[...]
HEAP SUMMARY:
    in use at exit: 5,214 bytes in 31 blocks
  total heap usage: 142,807 allocs, 142,776 frees, 12,229,574 bytes allocated

303 bytes in 1 blocks are definitely lost in loss record 14 of 20
   at 0x483302A: calloc (vg_replace_malloc.c:711)
   by 0x4AC7E43: PR_Calloc (prmem.c:443)
   by 0x4A91CBE: PORT_ZAlloc_Util (secport.c:114)
   by 0x645710A: AES_AllocateContext (rijndael.c:1021)
   by 0x6457F0A: AES_CreateContext (rijndael.c:1238)
   by 0x63266A2: ???
   by 0x63281E4: ???
   by 0x4999974: PK11_Decrypt (pk11obj.c:923)
   by 0x48E30B1: ssl3_AESGCM (ssl3con.c:1871)
   by 0x48F3E5E: ssl3_UnprotectRecord (ssl3con.c:12385)
   by 0x48F3E5E: ssl3_HandleRecord (ssl3con.c:12608)
   by 0x48F5DD7: ssl3_GatherCompleteHandshake (ssl3gthr.c:514)
   by 0x48FDBEB: SSL_ForceHandshake (sslsecur.c:403)

429 bytes in 3 blocks are definitely lost in loss record 15 of 20
   at 0x483302A: calloc (vg_replace_malloc.c:711)
   by 0x4AC7E43: PR_Calloc (prmem.c:443)
   by 0x4A91CBE: PORT_ZAlloc_Util (secport.c:114)
   by 0x6455167: GCM_CreateContext (gcm.c:599)
   by 0x6457B1F: AES_InitContext (rijndael.c:1193)
   by 0x6457F48: AES_CreateContext (rijndael.c:1240)
   by 0x63266A2: ???
   by 0x63281E4: ???
   by 0x4999974: PK11_Decrypt (pk11obj.c:923)
   by 0x48E30B1: ssl3_AESGCM (ssl3con.c:1871)
   by 0x48F3E5E: ssl3_UnprotectRecord (ssl3con.c:12385)
   by 0x48F3E5E: ssl3_HandleRecord (ssl3con.c:12608)
   by 0x48F5DD7: ssl3_GatherCompleteHandshake (ssl3gthr.c:514)

606 bytes in 2 blocks are definitely lost in loss record 17 of 20
   at 0x483302A: calloc (vg_replace_malloc.c:711)
   by 0x4AC7E43: PR_Calloc (prmem.c:443)
   by 0x4A91CBE: PORT_ZAlloc_Util (secport.c:114)
   by 0x645710A: AES_AllocateContext (rijndael.c:1021)
   by 0x6457F0A: AES_CreateContext (rijndael.c:1238)
   by 0x63266A2: ???
   by 0x63281E4: ???
   by 0x4999974: PK11_Decrypt (pk11obj.c:923)
   by 0x48E30B1: ssl3_AESGCM (ssl3con.c:1871)
   by 0x48F3E5E: ssl3_UnprotectRecord (ssl3con.c:12385)
   by 0x48F3E5E: ssl3_HandleRecord (ssl3con.c:12608)
   by 0x48F5DD7: ssl3_GatherCompleteHandshake (ssl3gthr.c:514)
   by 0x48F65A5: ssl3_GatherAppDataRecord (ssl3gthr.c:592)

715 bytes in 5 blocks are definitely lost in loss record 19 of 20
   at 0x483302A: calloc (vg_replace_malloc.c:711)
   by 0x4AC7E43: PR_Calloc (prmem.c:443)
   by 0x4A91CBE: PORT_ZAlloc_Util (secport.c:114)
   by 0x6455167: GCM_CreateContext (gcm.c:599)
   by 0x6457B1F: AES_InitContext (rijndael.c:1193)
   by 0x6457F48: AES_CreateContext (rijndael.c:1240)
   by 0x63266A2: ???
   by 0x6327884: ???
   by 0x4999B81: PK11_Encrypt (pk11obj.c:970)
   by 0x48E31AE: ssl3_AESGCM (ssl3con.c:1874)
   by 0x48E48A2: ssl3_CompressMACEncryptRecord (ssl3con.c:2439)
   by 0x48E5042: ssl_ProtectRecord (ssl3con.c:2578)

1,515 bytes in 5 blocks are definitely lost in loss record 20 of 20
   at 0x483302A: calloc (vg_replace_malloc.c:711)
   by 0x4AC7E43: PR_Calloc (prmem.c:443)
   by 0x4A91CBE: PORT_ZAlloc_Util (secport.c:114)
   by 0x645710A: AES_AllocateContext (rijndael.c:1021)
   by 0x6457F0A: AES_CreateContext (rijndael.c:1238)
   by 0x63266A2: ???
   by 0x6327884: ???
   by 0x4999B81: PK11_Encrypt (pk11obj.c:970)
   by 0x48E31AE: ssl3_AESGCM (ssl3con.c:1874)
   by 0x48E48A2: ssl3_CompressMACEncryptRecord (ssl3con.c:2439)
   by 0x48E5042: ssl_ProtectRecord (ssl3con.c:2578)
   by 0x48E9E21: ssl3_SendRecord (ssl3con.c:2772)

LEAK SUMMARY:
   definitely lost: 3,568 bytes in 16 blocks
   indirectly lost: 0 bytes in 0 blocks
     possibly lost: 0 bytes in 0 blocks
   still reachable: 1,646 bytes in 15 blocks
        suppressed: 0 bytes in 0 blocks
Comment 2 Fedora Update System 2017-08-11 04:33:12 EDT
nspr-4.16.0-1.fc26 nss-3.32.0-1.0.fc26 nss-softokn-3.32.0-1.1.fc26 nss-util-3.32.0-1.0.fc26 has been submitted as an update to Fedora 26. https://bodhi.fedoraproject.org/updates/FEDORA-2017-3f11b3237a
Comment 3 Fedora Update System 2017-08-11 04:35:18 EDT
nspr-4.16.0-1.fc25 nss-3.32.0-1.0.fc25 nss-softokn-3.32.0-1.1.fc25 nss-util-3.32.0-1.0.fc25 has been submitted as an update to Fedora 25. https://bodhi.fedoraproject.org/updates/FEDORA-2017-bb07876a1c
Comment 4 Fedora Update System 2017-08-12 20:59:36 EDT
nspr-4.16.0-1.fc25, nss-3.32.0-1.0.fc25, nss-softokn-3.32.0-1.1.fc25, nss-util-3.32.0-1.0.fc25 has been pushed to the Fedora 25 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-bb07876a1c
Comment 5 Fedora Update System 2017-08-13 00:03:52 EDT
nspr-4.16.0-1.fc26, nss-3.32.0-1.0.fc26, nss-softokn-3.32.0-1.1.fc26, nss-util-3.32.0-1.0.fc26 has been pushed to the Fedora 26 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-3f11b3237a
Comment 6 Fedora Update System 2017-08-18 09:47:58 EDT
nspr-4.16.0-1.fc26 nss-3.32.0-1.1.fc26 nss-softokn-3.32.0-1.2.fc26 nss-util-3.32.0-1.0.fc26 has been submitted as an update to Fedora 26. https://bodhi.fedoraproject.org/updates/FEDORA-2017-3f11b3237a
Comment 7 Fedora Update System 2017-08-18 09:53:24 EDT
nspr-4.16.0-1.fc25 nss-3.32.0-1.1.fc25 nss-softokn-3.32.0-1.2.fc25 nss-util-3.32.0-1.0.fc25 has been submitted as an update to Fedora 25. https://bodhi.fedoraproject.org/updates/FEDORA-2017-bb07876a1c
Comment 8 Fedora Update System 2017-08-20 21:20:51 EDT
nspr-4.16.0-1.fc25, nss-3.32.0-1.1.fc25, nss-softokn-3.32.0-1.2.fc25, nss-util-3.32.0-1.0.fc25 has been pushed to the Fedora 25 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-bb07876a1c
Comment 9 Fedora Update System 2017-08-22 14:05:48 EDT
nspr-4.16.0-1.fc26, nss-3.32.0-1.1.fc26, nss-softokn-3.32.0-1.2.fc26, nss-util-3.32.0-1.0.fc26 has been pushed to the Fedora 26 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-3f11b3237a
Comment 10 Fedora Update System 2017-08-23 23:51:03 EDT
nspr-4.16.0-1.fc26, nss-3.32.0-1.1.fc26, nss-softokn-3.32.0-1.2.fc26, nss-util-3.32.0-1.0.fc26 has been pushed to the Fedora 26 stable repository. If problems still persist, please make note of it in this bug report.
Comment 11 Fedora Update System 2017-09-06 16:51:43 EDT
nspr-4.16.0-1.fc25, nss-3.32.0-1.1.fc25, nss-softokn-3.32.0-1.2.fc25, nss-util-3.32.0-1.0.fc25 has been pushed to the Fedora 25 stable repository. If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.