curl / Mailing Lists / curl-library / Single Mail

curl-library

Re: Valgrind Reports Many Memory Errors on curl binary on Gentoo

From: Kamil Dudka via curl-library <curl-library_at_cool.haxx.se>
Date: Tue, 19 Feb 2019 10:17:49 +0100

On Tuesday, February 19, 2019 3:53:50 AM CET John Helmert III via curl-library
wrote:
> Valgrind reports an immense number of errors for me. Running valgrind like
> `valgrind curl https://example.com`. Tail end of that output:
>
> ==30282== Conditional jump or move depends on uninitialised value(s)
> ==30282== at 0x4E47689: Curl_pgrsUpdate (in /usr/lib64/libcurl.so.4.5.0)
> ==30282== by 0x4E47DD8: Curl_pgrsDone (in /usr/lib64/libcurl.so.4.5.0)
> ==30282== by 0x4E6AA57: multi_done (in /usr/lib64/libcurl.so.4.5.0)
> ==30282== by 0x4E6B016: multi_runsingle (in /usr/lib64/libcurl.so.4.5.0)
> ==30282== by 0x4E6C590: curl_multi_perform (in
> /usr/lib64/libcurl.so.4.5.0) ==30282== by 0x4E64B51: curl_easy_perform
> (in /usr/lib64/libcurl.so.4.5.0) ==30282== by 0x11D9EF: operate_do (in
> /usr/local/bin/curl)
> ==30282== by 0x11EEF9: operate (in /usr/local/bin/curl)
> ==30282== by 0x111343: main (in /usr/local/bin/curl)
> ==30282==
> ==30282== Conditional jump or move depends on uninitialised value(s)
> ==30282== at 0x4E477D8: Curl_pgrsUpdate (in /usr/lib64/libcurl.so.4.5.0)
> ==30282== by 0x4E47DD8: Curl_pgrsDone (in /usr/lib64/libcurl.so.4.5.0)
> ==30282== by 0x4E6AA57: multi_done (in /usr/lib64/libcurl.so.4.5.0)
> ==30282== by 0x4E6B016: multi_runsingle (in /usr/lib64/libcurl.so.4.5.0)
> ==30282== by 0x4E6C590: curl_multi_perform (in
> /usr/lib64/libcurl.so.4.5.0) ==30282== by 0x4E64B51: curl_easy_perform
> (in /usr/lib64/libcurl.so.4.5.0) ==30282== by 0x11D9EF: operate_do (in
> /usr/local/bin/curl)
> ==30282== by 0x11EEF9: operate (in /usr/local/bin/curl)
> ==30282== by 0x111343: main (in /usr/local/bin/curl)
> ==30282==
> ==30282==
> ==30282== HEAP SUMMARY:
> ==30282== in use at exit: 1,696 bytes in 50 blocks
> ==30282== total heap usage: 32,159 allocs, 32,109 frees, 2,818,764 bytes
> allocated ==30282==
> ==30282== LEAK SUMMARY:
> ==30282== definitely lost: 0 bytes in 0 blocks
> ==30282== indirectly lost: 0 bytes in 0 blocks
> ==30282== possibly lost: 0 bytes in 0 blocks
> ==30282== still reachable: 1,696 bytes in 50 blocks
> ==30282== suppressed: 0 bytes in 0 blocks
> ==30282== Rerun with --leak-check=full to see details of leaked memory
> ==30282==
> ==30282== Use --track-origins=yes to see where uninitialised values come
> from ==30282== For lists of detected and suppressed errors, rerun with: -s
> ==30282== ERROR SUMMARY: 4944 errors from 386 contexts (suppressed: 0 from
> 0)
>
> Running Gentoo x86-64, curl cloned from Github at commit 21b33b9 (latest at
> the time of writing this). Using gentoo-sources kernel 4.20.8 and
> glibc-2.28-r5
>
> Built/installed with:
>
> `./buildconf`
> `./configure`
> `make -j8`
> `sudo make install`
>
> Configure script output about configured environment:
>
> Host setup: x86_64-pc-linux-gnu
> Install prefix: /usr/local
> Compiler: gcc
> CFLAGS: -Werror-implicit-function-declaration -O2
> -Wno-system-headers -pthread CPPFLAGS:
> LDFLAGS:
> LIBS: -lnghttp2 -lidn2 -lssl -lcrypto -lssl -lcrypto -lldap
> -llber -lz
>
> curl version: 7.64.1-DEV
> SSL support: enabled (OpenSSL)
> SSH support: no (--with-libssh2)
> zlib support: enabled
> brotli support: no (--with-brotli)
> GSS-API support: no (--with-gssapi)
> TLS-SRP support: enabled
> resolver: POSIX threaded
> IPv6 support: enabled
> Unix sockets support: enabled
> IDN support: enabled (libidn2)
> Build libcurl: Shared=yes, Static=yes
> Built-in manual: enabled
> --libcurl option: enabled (--disable-libcurl-option)
> Verbose errors: enabled (--disable-verbose)
> Code coverage: disabled
> SSPI support: no (--enable-sspi)
> ca cert bundle: /etc/ssl/certs/ca-certificates.crt
> ca cert path: no
> ca fallback: no
> LDAP support: enabled (OpenLDAP)
> LDAPS support: enabled
> RTSP support: enabled
> RTMP support: no (--with-librtmp)
> metalink support: no (--with-libmetalink)
> PSL support: no (libpsl not found)
> HTTP2 support: enabled (nghttp2)
> Protocols: DICT FILE FTP FTPS GOPHER HTTP HTTPS IMAP IMAPS LDAP
> LDAPS POP3 POP3S RTSP SMB SMBS SMTP SMTPS TELNET TFTP Features: SSL
> IPv6 UnixSockets libz AsynchDNS IDN NTLM NTLM_WB TLS-SRP HTTP2 HTTPS-proxy
>
> How can this be fixed?

I bet they are coming out of OpenSSL. If I run the same command under
valgrind on my Gentoo system, I see much more noise about uninitialized
memory. You have only two _unsuppressed_ reports in the valgrind output.

So I guess you have valgrind suppressions installed for OpenSSL but it
does not cover the indirectly used uninitialized memory that comes out
from OpenSSL but that is actually read by libcurl.

Are you able to trigger those valgrind reports without linking OpenSSL
at all?

Kamil

-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2019-02-19