unofficial mirror of bug-guix@gnu.org 
 help / color / mirror / code / Atom feed
* bug#20145: (guix build download) leaks file descriptor on TLS connections
@ 2015-03-19 18:16 Ludovic Courtès
  2016-03-17 22:57 ` Ludovic Courtès
       [not found] ` <handler.20145.D20145.145825547831659.notifdone@debbugs.gnu.org>
  0 siblings, 2 replies; 5+ messages in thread
From: Ludovic Courtès @ 2015-03-19 18:16 UTC (permalink / raw)
  To: 20145

When opening an HTTPS connection, the file descriptor beneath the port
returned by ‘tls-wrap’ is leaked.

This is not a problem in most cases (downloads) because the process is
left as soon as the download is over.

This is more problematic for ‘guix lint’, which may open a large number
of HTTPS connections for the ‘source’ and ‘home-page’ checkers when
working on all the packages.

Ludo’.

^ permalink raw reply	[flat|nested] 5+ messages in thread
* bug#20145: (guix build download) leaks file descriptor on TLS connections
  2015-03-19 18:16 bug#20145: (guix build download) leaks file descriptor on TLS connections Ludovic Courtès
@ 2016-03-17 22:57 ` Ludovic Courtès
       [not found] ` <handler.20145.D20145.145825547831659.notifdone@debbugs.gnu.org>
  1 sibling, 0 replies; 5+ messages in thread
From: Ludovic Courtès @ 2016-03-17 22:57 UTC (permalink / raw)
  To: 20145-done

ludo@gnu.org (Ludovic Courtès) skribis:

> When opening an HTTPS connection, the file descriptor beneath the port
> returned by ‘tls-wrap’ is leaked.
>
> This is not a problem in most cases (downloads) because the process is
> left as soon as the download is over.
>
> This is more problematic for ‘guix lint’, which may open a large number
> of HTTPS connections for the ‘source’ and ‘home-page’ checkers when
> working on all the packages.

This is essentially solved by commits
14d6ca3e4dd23ee92adb5e2fcf58546e67534631 and
097a951e96718a037dbfa6d579e2d26f7dab3e82.

One still needs to be careful, though, for instance because closing a
chunked encoding port (which is a custom binary input port wrapped
around the real socket port) still fails to close the raw socket port
that’s behind the TLS session record port.

Ludo’.

^ permalink raw reply	[flat|nested] 5+ messages in thread
* bug#20145: (guix build download) leaks file descriptor on TLS connections
       [not found] ` <handler.20145.D20145.145825547831659.notifdone@debbugs.gnu.org>
@ 2020-01-02 23:19   ` Ludovic Courtès
  2020-01-03 12:25     ` Valentin Ignatev
  2020-01-03 15:12     ` Ludovic Courtès
  0 siblings, 2 replies; 5+ messages in thread
From: Ludovic Courtès @ 2020-01-02 23:19 UTC (permalink / raw)
  To: 20145; +Cc: Valentin Ignatev

Hi,

Back in 2015, I closed <https://issues.guix.gnu.org/issue/20145> saying:

> ludo@gnu.org (Ludovic Courtès) skribis:
>
>> When opening an HTTPS connection, the file descriptor beneath the port
>> returned by ‘tls-wrap’ is leaked.
>>
>> This is not a problem in most cases (downloads) because the process is
>> left as soon as the download is over.
>>
>> This is more problematic for ‘guix lint’, which may open a large number
>> of HTTPS connections for the ‘source’ and ‘home-page’ checkers when
>> working on all the packages.
>
> This is essentially solved by commits
> 14d6ca3e4dd23ee92adb5e2fcf58546e67534631 and
> 097a951e96718a037dbfa6d579e2d26f7dab3e82.
>
> One still needs to be careful, though, for instance because closing a
> chunked encoding port (which is a custom binary input port wrapped
> around the real socket port) still fails to close the raw socket port
> that’s behind the TLS session record port.

Unfortunately, the bug just reported by Valentin and by Ricardo are
instances of this problem (at least I checked with crates.io and it
uses chunked encoding, leading to a file descriptor leak):

  https://issues.guix.gnu.org/issue/38857
  https://issues.guix.gnu.org/issue/38836

To be continued…

Ludo’.

^ permalink raw reply	[flat|nested] 5+ messages in thread
* bug#20145: (guix build download) leaks file descriptor on TLS connections
  2020-01-02 23:19   ` Ludovic Courtès
@ 2020-01-03 12:25     ` Valentin Ignatev
  2020-01-03 15:12     ` Ludovic Courtès
  1 sibling, 0 replies; 5+ messages in thread
From: Valentin Ignatev @ 2020-01-03 12:25 UTC (permalink / raw)
  To: Ludovic Courtès; +Cc: 20145

Hey Ludo, thanks for providing more info! I understand that the best
way is to fix the leak for good, but I wonder if there's some possible
quick workaround to mitigate the issue in case of a recursive import?
Like giving package definitions for packages that were followed before
exception happened so the person who packages something can go on from
that point, or something like that.

Valentin.

^ permalink raw reply	[flat|nested] 5+ messages in thread
* bug#20145: (guix build download) leaks file descriptor on TLS connections
  2020-01-02 23:19   ` Ludovic Courtès
  2020-01-03 12:25     ` Valentin Ignatev
@ 2020-01-03 15:12     ` Ludovic Courtès
  1 sibling, 0 replies; 5+ messages in thread
From: Ludovic Courtès @ 2020-01-03 15:12 UTC (permalink / raw)
  To: 20145-done; +Cc: Valentin Ignatev

Hello again!

Ludovic Courtès <ludo@gnu.org> skribis:

> Back in 2015, I closed <https://issues.guix.gnu.org/issue/20145> saying:
>
>> ludo@gnu.org (Ludovic Courtès) skribis:
>>
>>> When opening an HTTPS connection, the file descriptor beneath the port
>>> returned by ‘tls-wrap’ is leaked.
>>>
>>> This is not a problem in most cases (downloads) because the process is
>>> left as soon as the download is over.
>>>
>>> This is more problematic for ‘guix lint’, which may open a large number
>>> of HTTPS connections for the ‘source’ and ‘home-page’ checkers when
>>> working on all the packages.
>>
>> This is essentially solved by commits
>> 14d6ca3e4dd23ee92adb5e2fcf58546e67534631 and
>> 097a951e96718a037dbfa6d579e2d26f7dab3e82.
>>
>> One still needs to be careful, though, for instance because closing a
>> chunked encoding port (which is a custom binary input port wrapped
>> around the real socket port) still fails to close the raw socket port
>> that’s behind the TLS session record port.
>
> Unfortunately, the bug just reported by Valentin and by Ricardo are
> instances of this problem (at least I checked with crates.io and it
> uses chunked encoding, leading to a file descriptor leak):
>
>   https://issues.guix.gnu.org/issue/38857
>   https://issues.guix.gnu.org/issue/38836

Commit f4cde9ac4aedb516c050a30fd999673da434bfa0 fixes it for good it
seems!  (You can monitor /proc/PID/fd while ‘guix refresh’ or ‘guix
import crate -r’ is running.  :-))

There was also a CRAN-specific FD leak fixed in
af0aefd8c10701fa32341506e36297e5105f6143.

Let me know is anything is amiss!

Ludo’.

^ permalink raw reply	[flat|nested] 5+ messages in thread
end of thread, other threads:[~2020-01-03 15:13 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-03-19 18:16 bug#20145: (guix build download) leaks file descriptor on TLS connections Ludovic Courtès
2016-03-17 22:57 ` Ludovic Courtès
     [not found] ` <handler.20145.D20145.145825547831659.notifdone@debbugs.gnu.org>
2020-01-02 23:19   ` Ludovic Courtès
2020-01-03 12:25     ` Valentin Ignatev
2020-01-03 15:12     ` Ludovic Courtès

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/guix.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).