--- Begin Message ---
Subject: |
Guile-provided GMP allocators interfere with GnuTLS |
Date: |
Fri, 05 Feb 2021 17:59:51 +0100 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux) |
Fellow Debian hackers identified a bug causing memory corruption in
Nettle data structures used by GnuTLS when GnuTLS is used from Guile:
https://bugs.debian.org/964284
In a nutshell, Guile installs its own GMP memory allocation routines
(when ‘scm_install_gmp_memory_functions’ is true, which is the default)
so that GMP allocates via libgc. GnuTLS uses Nettle, which uses GMP, so
Nettle too ends up allocating via libgc; however, since pointers to that
memory are not scanned by libgc, they end up being reclaimed early.
In practice, memory corruption is relatively rare, to the point that we
did not notice it in Guix. In Debian, it would lead to a failure of the
‘tests/reauth.scm’ test in GnuTLS. With minor modifications to the
test, as noted in the thread above, I can reproduce it on Guix as well.
The thread above mentions possible workaround, but there’s nothing
satisfactory.
The longer-term solution is to use mini-GMP in Guile (which is also nice
as a way to reduce dependencies).
To be continued…
Ludo’.
--- End Message ---
--- Begin Message ---
Subject: |
Re: bug#46330: Guile-provided GMP allocators interfere with GnuTLS |
Date: |
Sun, 23 May 2021 16:47:40 +0200 |
Ludovic Courtès <ludo@gnu.org> skriver:
> Ludovic Courtès <ludo@gnu.org> skribis:
>
>> One of the solutions is to set:
>>
>> scm_install_gmp_memory_functions = 0;
>
> Done in a53f711422f63d7e32b8639b968cf00bcc69ffea, followed by an update
> of the ‘guix’ package in 63d4b74420563c4e2dbdfa29b3816d1dad9cd723.
>
> This mostly solves the problem on the Guix side, but the issue remains
> in GnuTLS. I practical terms, we could experience random test failures
> in the guile-gnutls test suite, like the Debian folks did.
>
> At the very least we’ll need to work around that possibility in
> ‘core-updates’. We could skip them, or add ‘gc-disable’ calls there.
> Or we could build GnuTLS against Nettle-with-mini-GMP when that becomes
> an option.
>
> The other option coming up is to build Guile against mini-GMP. Mike
> Gran just started looked into it and it may be that 3.0.6 will offer it.
>
> I’m keeping the bug open until this is sorted out.
I believe this was sorted with the mini-gmp in Guile 3.0.6. Please
reopen if I'm mistaken. :-)
signature.asc
Description: PGP signature
--- End Message ---