From mboxrd@z Thu Jan 1 00:00:00 1970 From: Ludovic =?UTF-8?Q?Court=C3=A8s?= Subject: bug#20145: (guix build download) leaks file descriptor on TLS connections Date: Fri, 03 Jan 2020 16:12:11 +0100 Message-ID: <87png0poac.fsf@gnu.org> References: <87oaac1zme.fsf@gnu.org> <87619w6efb.fsf@gnu.org> <87png1qweg.fsf_-_@gnu.org> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Return-path: Received: from eggs.gnu.org ([2001:470:142:3::10]:34962) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1inOdM-0004Ch-KL for bug-guix@gnu.org; Fri, 03 Jan 2020 10:13:05 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1inOdL-0002ug-A8 for bug-guix@gnu.org; Fri, 03 Jan 2020 10:13:04 -0500 Received: from debbugs.gnu.org ([209.51.188.43]:35295) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1inOdL-0002sw-48 for bug-guix@gnu.org; Fri, 03 Jan 2020 10:13:03 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1inOdK-0004hn-0q for bug-guix@gnu.org; Fri, 03 Jan 2020 10:13:02 -0500 Sender: "Debbugs-submit" Resent-To: bug-guix@gnu.org Resent-Message-ID: In-Reply-To: <87png1qweg.fsf_-_@gnu.org> ("Ludovic \=\?utf-8\?Q\?Court\=C3\=A8s\?\= \=\?utf-8\?Q\?\=22's\?\= message of "Fri, 03 Jan 2020 00:19:19 +0100") List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org Sender: "bug-Guix" To: 20145-done@debbugs.gnu.org Cc: Valentin Ignatev Hello again! Ludovic Court=C3=A8s skribis: > Back in 2015, I closed saying: > >> ludo@gnu.org (Ludovic Court=C3=A8s) skribis: >> >>> When opening an HTTPS connection, the file descriptor beneath the port >>> returned by =E2=80=98tls-wrap=E2=80=99 is leaked. >>> >>> This is not a problem in most cases (downloads) because the process is >>> left as soon as the download is over. >>> >>> This is more problematic for =E2=80=98guix lint=E2=80=99, which may ope= n a large number >>> of HTTPS connections for the =E2=80=98source=E2=80=99 and =E2=80=98home= -page=E2=80=99 checkers when >>> working on all the packages. >> >> This is essentially solved by commits >> 14d6ca3e4dd23ee92adb5e2fcf58546e67534631 and >> 097a951e96718a037dbfa6d579e2d26f7dab3e82. >> >> One still needs to be careful, though, for instance because closing a >> chunked encoding port (which is a custom binary input port wrapped >> around the real socket port) still fails to close the raw socket port >> that=E2=80=99s behind the TLS session record port. > > Unfortunately, the bug just reported by Valentin and by Ricardo are > instances of this problem (at least I checked with crates.io and it > uses chunked encoding, leading to a file descriptor leak): > > https://issues.guix.gnu.org/issue/38857 > https://issues.guix.gnu.org/issue/38836 Commit f4cde9ac4aedb516c050a30fd999673da434bfa0 fixes it for good it seems! (You can monitor /proc/PID/fd while =E2=80=98guix refresh=E2=80=99 = or =E2=80=98guix import crate -r=E2=80=99 is running. :-)) There was also a CRAN-specific FD leak fixed in af0aefd8c10701fa32341506e36297e5105f6143. Let me know is anything is amiss! Ludo=E2=80=99.