bug#46709: 28.0.50; Emacs crash in gnutls_handshake

classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

bug#46709: 28.0.50; Emacs crash in gnutls_handshake

Robert Pluim

1. Disconnect your network cable
2. Set a static IP on your ethernet interface
3. Comment out the '(skip-unless internet-is-working)' line in
test/lisp/net/network-stream-tests.el
4. Run:
    cd test
    make network-stream-tests SELECTOR=connect-to-tls-ipv4-nowait

Output:

    make[1]: Entering directory '/home/rpluim/repos/emacs-real-master/test'
      GEN      lisp/net/network-stream-tests.log
    No DNS server configuration found
    Running 1 tests (2021-02-22 19:05:20+0100, selector `connect-to-tls-ipv4-nowait')
    gnutls-serv: HTTP Server listening on IPv4 0.0.0.0 port 44331...done

    make[1]: *** [Makefile:192: lisp/net/network-stream-tests.log] Error 141
    make[1]: Leaving directory '/home/rpluim/repos/emacs-real-master/test'
    make: *** [Makefile:258: lisp/net/network-stream-tests] Error 2

This is emacs crashing in gnutls_try_handshake at gnutls.c:629 the
second time we call gnutls_handshake. The first time we called it we
got -53 GNUTLS_E_PUSH_ERROR, which is not surprising, because the test
has deleted the listening gnutls-serv process.

My reading of
<https://gnutls.org/manual/gnutls.html#gnutls_005fhandshake> is that
after receiving a fatal error, we should not call gnutls_handshake
again. Iʼve tested the following patch successfully. We currently
check only for GNUTLS_E_INTERRUPTED, but the list of non-fatal error
codes is more than that, so perhaps more is needed.

diff --git a/src/gnutls.c b/src/gnutls.c
index aa245ee5c3..4d5a909db0 100644
--- a/src/gnutls.c
+++ b/src/gnutls.c
@@ -625,6 +625,8 @@ gnutls_try_handshake (struct Lisp_Process *proc)
 
   while ((ret = gnutls_handshake (state)) < 0)
     {
+      if (gnutls_error_is_fatal (ret))
+ return emacs_gnutls_handle_error (state, ret);
       do
  ret = gnutls_handshake (state);
       while (ret == GNUTLS_E_INTERRUPTED);



In GNU Emacs 28.0.50 (build 4, x86_64-pc-linux-gnu, GTK+ Version 3.24.5, cairo version 1.16.0)
 of 2021-02-21 built on rltb
Repository revision: d15a42ac453c47c4da8ba1a66170dee106541d63
Repository branch: master



Reply | Threaded
Open this post in threaded view
|

bug#46709: 28.0.50; Emacs crash in gnutls_handshake

Lars Ingebrigtsen
Robert Pluim <[hidden email]> writes:

> My reading of
> <https://gnutls.org/manual/gnutls.html#gnutls_005fhandshake> is that
> after receiving a fatal error, we should not call gnutls_handshake
> again. Iʼve tested the following patch successfully. We currently
> check only for GNUTLS_E_INTERRUPTED, but the list of non-fatal error
> codes is more than that, so perhaps more is needed.
>
> diff --git a/src/gnutls.c b/src/gnutls.c
> index aa245ee5c3..4d5a909db0 100644
> --- a/src/gnutls.c
> +++ b/src/gnutls.c
> @@ -625,6 +625,8 @@ gnutls_try_handshake (struct Lisp_Process *proc)
>
>    while ((ret = gnutls_handshake (state)) < 0)
>      {
> +      if (gnutls_error_is_fatal (ret))
> + return emacs_gnutls_handle_error (state, ret);

Yes, I think that this looks like the correct fix here.

--
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no



Reply | Threaded
Open this post in threaded view
|

bug#46709: 28.0.50; Emacs crash in gnutls_handshake

Robert Pluim
>>>>> On Wed, 24 Feb 2021 17:55:58 +0100, Lars Ingebrigtsen <[hidden email]> said:

    Lars> Robert Pluim <[hidden email]> writes:
    >> My reading of
    >> <https://gnutls.org/manual/gnutls.html#gnutls_005fhandshake> is that
    >> after receiving a fatal error, we should not call gnutls_handshake
    >> again. Iʼve tested the following patch successfully. We currently
    >> check only for GNUTLS_E_INTERRUPTED, but the list of non-fatal error
    >> codes is more than that, so perhaps more is needed.
    >>
    >> diff --git a/src/gnutls.c b/src/gnutls.c
    >> index aa245ee5c3..4d5a909db0 100644
    >> --- a/src/gnutls.c
    >> +++ b/src/gnutls.c
    >> @@ -625,6 +625,8 @@ gnutls_try_handshake (struct Lisp_Process *proc)
    >>
    >> while ((ret = gnutls_handshake (state)) < 0)
    >> {
    >> +      if (gnutls_error_is_fatal (ret))
    >> + return emacs_gnutls_handle_error (state, ret);

    Lars> Yes, I think that this looks like the correct fix here.

Except now the test suite fails. Back to the drawing board.

Robert



Reply | Threaded
Open this post in threaded view
|

bug#46709: 28.0.50; Emacs crash in gnutls_handshake

Robert Pluim
>>>>> On Wed, 24 Feb 2021 18:08:33 +0100, Robert Pluim <[hidden email]> said:

>>>>> On Wed, 24 Feb 2021 17:55:58 +0100, Lars Ingebrigtsen <[hidden email]> said:
    Lars> Yes, I think that this looks like the correct fix here.

    Robert> Except now the test suite fails. Back to the drawing board.

This really is the bug that keeps on giving. Turns out one of my
network cards (the fast one <sniff>) is buggy, in that it will say
itʼs passing packets when in fact itʼs not, so the patch is in fact ok
(but out of an excess of caution I won't push it till tomorrow, along
with some related test suite changes).

Robert



Reply | Threaded
Open this post in threaded view
|

bug#46709: 28.0.50; Emacs crash in gnutls_handshake

Lars Ingebrigtsen
Robert Pluim <[hidden email]> writes:

> This really is the bug that keeps on giving. Turns out one of my
> network cards (the fast one <sniff>) is buggy, in that it will say
> itʼs passing packets when in fact itʼs not, so the patch is in fact ok

:-)

--
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no



Reply | Threaded
Open this post in threaded view
|

bug#46709: 28.0.50; Emacs crash in gnutls_handshake

Robert Pluim
tags 46709 fixed
close 46709 28.1
quit

>>>>> On Thu, 25 Feb 2021 16:15:33 +0100, Lars Ingebrigtsen <[hidden email]> said:

    Lars> Robert Pluim <[hidden email]> writes:
    >> This really is the bug that keeps on giving. Turns out one of my
    >> network cards (the fast one <sniff>) is buggy, in that it will say
    >> itʼs passing packets when in fact itʼs not, so the patch is in fact ok

    Lars> :-)

Iʼve now beaten it into submission. All it took was a distro upgrade.

Committed as d84d69dfbc
Closing.

Eli, you might want to cherry-pick that to emacs-27, but Iʼve not
tested it there.

Robert



Reply | Threaded
Open this post in threaded view
|

bug#46709: 28.0.50; Emacs crash in gnutls_handshake

Eli Zaretskii
> From: Robert Pluim <[hidden email]>
> Date: Thu, 25 Feb 2021 17:04:44 +0100
> Cc: [hidden email]
>
> Eli, you might want to cherry-pick that to emacs-27, but Iʼve not
> tested it there.

Thanks, but I'd rather not put there anything that isn't well tested.