I'm getting crashes with a curl with cares, both latest CVS, when fetching
http://www.google.com/
Other sites I've tested work.
valgrind sometimes shows "Invalid free() / delete / delete[]", and
sometimes "Invalid write". Logs attached.
James
$ curl --version
curl 7.16.3-CVS (x86_64-unknown-linux-gnu) libcurl/7.16.3-CVS OpenSSL/0.9.8e
zlib/1.2.3 c-ares/1.4.0-CVS libidn/0.6.5
Protocols: tftp ftp telnet dict ldap http file https ftps
Features: AsynchDNS IDN IPv6 Largefile NTLM SSL libz
==4944== Memcheck, a memory error detector.
==4944== Copyright (C) 2002-2007, and GNU GPL'd, by Julian Seward et al.
==4944== Using LibVEX rev 1732, a library for dynamic binary translation.
==4944== Copyright (C) 2004-2007, and GNU GPL'd, by OpenWorks LLP.
==4944== Using valgrind-3.2.3-Debian, a dynamic binary instrumentation framework.
==4944== Copyright (C) 2000-2007, and GNU GPL'd, by Julian Seward et al.
==4944== For more details, rerun with: -v
==4944==
==4944== Invalid free() / delete / delete[]
==4944== at 0x4A2066A: free (vg_replace_malloc.c:233)
==4944== by 0x4B5BEFB: ares_free_hostent (ares_free_hostent.c:38)
==4944== by 0x4B585F7: end_hquery (ares_gethostbyname.c:190)
==4944== by 0x4B58CD7: host_callback (ares_gethostbyname.c:180)
==4944== by 0x4B5C21A: end_squery (ares_search.c:187)
==4944== by 0x4B5C282: search_callback (ares_search.c:180)
==4944== by 0x4B5C108: qcallback (ares_query.c:171)
==4944== by 0x4B5753B: end_query (ares_process.c:796)
==4944== by 0x4B58081: process_answer (ares_process.c:465)
==4944== by 0x4B5836B: read_udp_packets (ares_process.c:379)
==4944== by 0x4B5844B: ares_process_fd (ares_process.c:103)
==4944== by 0x4B53C78: ares_waitperform (hostares.c:182)
==4944== Address 0x560E124 is 4 bytes inside a block of size 16 free'd
==4944== at 0x4A2066A: free (vg_replace_malloc.c:233)
==4944== by 0x4B5BEFB: ares_free_hostent (ares_free_hostent.c:38)
==4944== by 0x4B585F7: end_hquery (ares_gethostbyname.c:190)
==4944== by 0x4B58CD7: host_callback (ares_gethostbyname.c:180)
==4944== by 0x4B5C21A: end_squery (ares_search.c:187)
==4944== by 0x4B5C282: search_callback (ares_search.c:180)
==4944== by 0x4B5C108: qcallback (ares_query.c:171)
==4944== by 0x4B5753B: end_query (ares_process.c:796)
==4944== by 0x4B58081: process_answer (ares_process.c:465)
==4944== by 0x4B5836B: read_udp_packets (ares_process.c:379)
==4944== by 0x4B5844B: ares_process_fd (ares_process.c:103)
==4944== by 0x4B53C78: ares_waitperform (hostares.c:182)
* About to connect() to www.google.com port 80 (#0)
* Trying 64.233.167.104... connected
* Connected to www.google.com (64.233.167.104) port 80 (#0)
> GET / HTTP/1.1
> User-Agent: curl/7.16.3-CVS (x86_64-unknown-linux-gnu) libcurl/7.16.3-CVS OpenSSL/0.9.8e zlib/1.2.3 c-ares/1.4.0-CVS libidn/0.6.5
> Host: www.google.com
> Accept: */*
>
< HTTP/1.1 200 OK
< Cache-Control: private
< Content-Type: text/html; charset=ISO-8859-1
< Set-Cookie: PREF=ID=638f8385e276ed81:TM=1180960086:LM=1180960086:S=cmAtjX2XsTt81bHr; expires=Sun, 17-Jan-2038 19:14:07 GMT; path=/; domain=.google.com
< Server: GWS/2.1
< Transfer-Encoding: chunked
< Date: Mon, 04 Jun 2007 12:28:06 GMT
<
{ [data not shown]
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 1102 0 1102 0 0 2918 0 --:--:-- --:--:-- --:--:-- 2918<html><head><meta http-equiv="content-type" content="text/html; charset=ISO-8859-1"><title>Google</title><style><!--
body,td,a,p,.h{font-family:arial,sans-serif}
.h{font-size:20px}
.h{color:#3366cc}
.q{color:#00c}
#gbar{float:left;height:22px}
#gbarl{border-top:1px solid #c9d7f1;font-size:0;height:1px;position:absolute;right:0;top:24px;width:110%}
#gbar a{color:#00c}
#gbar .gbard{background:#fff;border:1px solid;border-color:#c9d7f1 #36c #36c #a2bae7;display:none;font-size:13px;position:absolute;top:24px;z-index:1000}
#gbar .gbard a{display:block;padding:.2em .5em;text-decoration:none;white-space:nowrap}
#gbar .gbard a:hover{background:#36c;color:#fff}
#gbar td{font-size:13px;padding-right:1em}
#guser{font-size:13px;padding-bottom:7px !important;padding-top:0}
#gbarc{font-size:0;height:1px}
--></style>
<script>
<!--
function sf(){document.f.q.focus();}
window.gbar={};(function(){function n(a,b,c){var e="on"+b;if(a.addEventListener){a.addEventListener(b,c,false)}else if(a.attachEvent){a.attachEvent(e,c)}else{var d=a[e];a[e]=function(){var f=d.apply(this,arguments),g=c.apply(this,arguments);return f==undefined?g:(g==undefined?f:g&&f)}}};var h=window.gbar,l=["affdom","channel","client","hl","hs","ie","lr","ned","oe","og","rls","rlz"];function i(a){return a=="c"||a=="o"||a=="m"}h.getHtml=function(a){var b;for(var c=0;c<a.length;c++){if(a[c][2]==""){b=a[c][0]}}var e=i(b)?" target=_blank":"",d="<td nowrap>",f="<table border=0 cellpadding=0 cellspacing=0 style=margin-left:"+h.getPad(true)+"px><tr>"+d;for(var c=0;c<a.length;c++){if(a[c][0]==b){f+=a[c][1].bold()+d}else{f+=""+a[c][1]+" ▼<tr><td colspan="+c+"><td><iframe class=gbard id=gbarif style=border:0;z-index:999></iframe><div class=gbard id=gbardd onc
lick=gbar.stopB(event)>";d=""}else{f+=m(b,a[c][0],a[c][2])+e+" onclick=gbar.close(event)>"+a[c][1]+"</a>"+d}}}f+="</div></table>";return f};h.getPad=function(a){var b=-1,c=a?10:4,e=document.body.currentStyle,d=document.defaultView;if(e){b=a?e.marginLeft:e.marginTop}else if(d){b=a?d.getComputedStyle(document.body,"").marginLeft:d.getComputedStyle(document.body,"").marginTop}b=parseInt(b,10);return b>=0&&b<c?c-b:1};function m(a,b,c){var e=window.location.search.substring(1),d=e.match("q=[^&]*"),f=e.match("near=([^&]*)"),g=c+(c.match("[?]")?"&":"?");g+="tab="+a+b;if(i(b)&&window.location.protocol=="https:"){g=g.replace("http:","https:")}if(!i(b)&&!i(a)){for(var j=0;j<l.length;j++){var k=e.match(l[j]+"=[^&]*");if(k){g+="&"+k[0]}}if(d&&f&&a=="l"&&b!="l"){g+="&"+d[0]+"+"+f[0]}else if(d){g+="&"+d[0]}}return g}h.toggle=function(a){h.stopB(a);var b=document.getElementById("gbardd"),c=document.getElementById("gbarif");if(b&&c){b.style.display=b.style.display=="block"?"none":"block";c.width=b.offsetWidth;c.height=b.off
s
etHeight;c.style.display=b.style.display}return false};h.close=function(a){var b=document.getElementById("gbardd");if(b&&b.style.display=="block"){h.toggle(a)}};h.stopB=function(a){if(!a){a=window.event}a.cancelBubble=true};n(document,"click",h.close);})();// -->
</script>
</head><body bgcolor=#ffffff text=#000000 link=#0000cc vlink=#551a8b alink=#ff0000 onload="sf();if(document.images){new Image().src='/images/nav_logo3.png'}" topmargin=3 marginheight=3><div id=gbarl></div><div height=1 id=gbarc width=100%><img alt='' height=1 id=gbari width=1></div><div id=gbar></div><script>document.getElementById('gbarc').style.height=(document.getElementById('gbari').height=window.gbar.getPad())+'px';document.getElementById('gbar').innerHTML=window.gbar.getHtml([['w','Web','',1],['i','Images','http://images.google.com/imghp',1],['v','Video','http://video.google.com/',1],['n','News','http://news.google.com/nwshp',1],['l','Maps','http://maps.google.com/maps',1],['m','Gmail','http://mail.google.com/mail',1],['','more','#',3],['b','Blog Search','http://blogsearch.google.com/',2],['j','Blogger','http://www.blogger.com/',2],['p','Books','http://books.google.com/bkshp',2],['c','Calend
100 6364 0 6364 0 0 15570 0 --:--:-- --:--:-- --:--:-- 165k* Connection #0 to host www.google.com left intact
* Closing connection #0
ar','http://www.google.com/calendar',2],['o','Documents','http://docs.google.com/',2],['e','Finance','http://finance.google.com/finance',2],['g','Groups','http://groups.google.com/grphp',2],['z','Labs','http://labs.google.com/',2],['0','Orkut','http://www.orkut.com/',2],['t','Patents','http://www.google.com/ptshp',2],['q','Photos','http://picasaweb.google.com/home',2],['f','Products','http://www.google.com/prdhp',2],['y','Reader','http://www.google.com/reader',2],['s','Scholar','http://scholar.google.com/schhp',2]]);</script><noscript><div id=gbarl></div><div id=gbar><table style=margin-left:2px border=0 cellpadding=0 cellspacing=0><tr><td><a href=/webhp>Web</a><td><a href=/imghp>Images</a><td><a href=http://video.google.com/>Video</a><td><a href=/nwshp>News</a><td><a href=/maphp>Maps</a><td><a href=http://mail.google.com/?ui=html>Mail</a><td><a href=/options style=text-decoration:none><u>more</u> »</a></table></div></noscript><div align=right id=guser style="font-size:84%;padding-bottom:4px" width=100
%><nobr>iGoogle | Sign in</nobr></div><center><br id=lgpd><img alt="Google" height=110 src="/intl/en_ALL/images/logo.gif" width=276><br><br><form action="/search" name=f><table cellpadding=0 cellspacing=0><tr valign=top><td width=25%> </td><td align=center nowrap><input name=hl type=hidden value=en><input type=hidden name=ie value="ISO-8859-1"><input maxlength=2048 name=q size=55 title="Google Search" value=""><br><input name=btnG type=submit value="Google Search"><input name=btnI type=submit value="I'm Feeling Lucky"></td><td nowrap width=25%><font size=-2> <a href=/advanced_search?hl=en>Advanced Search</a><br> <a href=/preferences?hl=en>Preferences</a><br> <a href=/language_tools?hl=en>Language Tools</a></font></td></tr></table></form><br><br><font size=-1><
a
href="/intl/en/ads/">Advertising Programs</a> - Business Solutions - About Google</font><p><font size=-2>©2007 Google</font></p></center></body></html>==4944==
==4944== ERROR SUMMARY: 2 errors from 1 contexts (suppressed: 8 from 1)
==4944== malloc/free: in use at exit: 1,272 bytes in 11 blocks.
==4944== malloc/free: 3,009 allocs, 3,000 frees, 175,553 bytes allocated.
==4944== For counts of detected errors, rerun with: -v
==4944== searching for pointers to 11 not-freed blocks.
==4944== checked 282,224 bytes.
==4944==
==4944== LEAK SUMMARY:
==4944== definitely lost: 0 bytes in 0 blocks.
==4944== possibly lost: 0 bytes in 0 blocks.
==4944== still reachable: 1,272 bytes in 11 blocks.
==4944== suppressed: 0 bytes in 0 blocks.
==4944== Rerun with --leak-check=full to see details of leaked memory.
==4945== Memcheck, a memory error detector.
==4945== Copyright (C) 2002-2007, and GNU GPL'd, by Julian Seward et al.
==4945== Using LibVEX rev 1732, a library for dynamic binary translation.
==4945== Copyright (C) 2004-2007, and GNU GPL'd, by OpenWorks LLP.
==4945== Using valgrind-3.2.3-Debian, a dynamic binary instrumentation framework.
==4945== Copyright (C) 2000-2007, and GNU GPL'd, by Julian Seward et al.
==4945== For more details, rerun with: -v
==4945==
* Closing connection #0
* a timeout was reached
curl: (28) a timeout was reached
==4945== Invalid write of size 4
==4945== at 0x4B54067: addrinfo_callback (hostasyn.c:107)
==4945== by 0x4B585EA: end_hquery (ares_gethostbyname.c:188)
==4945== by 0x4B58CD7: host_callback (ares_gethostbyname.c:180)
==4945== by 0x4B5C21A: end_squery (ares_search.c:187)
==4945== by 0x4B5C282: search_callback (ares_search.c:180)
==4945== by 0x4B5C108: qcallback (ares_query.c:171)
==4945== by 0x4B5AB64: ares_destroy (ares_destroy.c:65)
==4945== by 0x4B40A0B: Curl_close (url.c:365)
==4945== by 0x405E49: main (main.c:4602)
==4945== Address 0x560CFC4 is 988 bytes inside a block of size 1,184 free'd
==4945== at 0x4A2066A: free (vg_replace_malloc.c:233)
==4945== by 0x4B3DC51: Curl_disconnect (url.c:1886)
==4945== by 0x4B4CCD7: Curl_perform (transfer.c:2330)
==4945== by 0x4074B7: main (main.c:4357)
==4945==
==4945== Invalid write of size 8
==4945== at 0x4B5406F: addrinfo_callback (hostasyn.c:140)
==4945== by 0x4B585EA: end_hquery (ares_gethostbyname.c:188)
==4945== by 0x4B58CD7: host_callback (ares_gethostbyname.c:180)
==4945== by 0x4B5C21A: end_squery (ares_search.c:187)
==4945== by 0x4B5C282: search_callback (ares_search.c:180)
==4945== by 0x4B5C108: qcallback (ares_query.c:171)
==4945== by 0x4B5AB64: ares_destroy (ares_destroy.c:65)
==4945== by 0x4B40A0B: Curl_close (url.c:365)
==4945== by 0x405E49: main (main.c:4602)
==4945== Address 0x560CFB8 is 976 bytes inside a block of size 1,184 free'd
==4945== at 0x4A2066A: free (vg_replace_malloc.c:233)
==4945== by 0x4B3DC51: Curl_disconnect (url.c:1886)
==4945== by 0x4B4CCD7: Curl_perform (transfer.c:2330)
==4945== by 0x4074B7: main (main.c:4357)
==4945==
==4945== Invalid write of size 1
==4945== at 0x4B54076: addrinfo_callback (hostasyn.c:145)
==4945== by 0x4B585EA: end_hquery (ares_gethostbyname.c:188)
==4945== by 0x4B58CD7: host_callback (ares_gethostbyname.c:180)
==4945== by 0x4B5C21A: end_squery (ares_search.c:187)
==4945== by 0x4B5C282: search_callback (ares_search.c:180)
==4945== by 0x4B5C108: qcallback (ares_query.c:171)
==4945== by 0x4B5AB64: ares_destroy (ares_destroy.c:65)
==4945== by 0x4B40A0B: Curl_close (url.c:365)
==4945== by 0x405E49: main (main.c:4602)
==4945== Address 0x560CFC0 is 984 bytes inside a block of size 1,184 free'd
==4945== at 0x4A2066A: free (vg_replace_malloc.c:233)
==4945== by 0x4B3DC51: Curl_disconnect (url.c:1886)
==4945== by 0x4B4CCD7: Curl_perform (transfer.c:2330)
==4945== by 0x4074B7: main (main.c:4357)
==4945==
==4945== ERROR SUMMARY: 3 errors from 3 contexts (suppressed: 8 from 1)
==4945== malloc/free: in use at exit: 1,272 bytes in 11 blocks.
==4945== malloc/free: 2,974 allocs, 2,963 frees, 173,375 bytes allocated.
==4945== For counts of detected errors, rerun with: -v
==4945== searching for pointers to 11 not-freed blocks.
==4945== checked 282,224 bytes.
==4945==
==4945== LEAK SUMMARY:
==4945== definitely lost: 0 bytes in 0 blocks.
==4945== possibly lost: 0 bytes in 0 blocks.
==4945== still reachable: 1,272 bytes in 11 blocks.
==4945== suppressed: 0 bytes in 0 blocks.
==4945== Rerun with --leak-check=full to see details of leaked memory.
Received on 2007-06-04