Patch Package: OTP 24.3.4.3 Git Tag: OTP-24.3.4.3 Date: 2022-08-18 Trouble Report Id: OTP-18044, OTP-18104, OTP-18162, OTP-18164, OTP-18169, OTP-18170, OTP-18172, OTP-18173, OTP-18175, OTP-18177, OTP-18182, OTP-18189, OTP-18190, OTP-18193, OTP-18195, OTP-18197, OTP-18198 Seq num: ERIERL-826, ERIERL-829, GH-6122, GH-6129, GH-6163, GH-6165, GH-6185 System: OTP Release: 24 Application: compiler-8.1.1.1, crypto-5.0.6.3, erts-12.3.2.3, inets-7.5.3.1, kernel-8.3.2.1, public_key-1.12.0.1, ssl-10.7.3.3 Predecessor: OTP 24.3.4.2 Check out the git tag OTP-24.3.4.3, and build a full OTP system including documentation. Apply one or more applications from this build as patches to your installation using the 'otp_patch_apply' tool. For information on install requirements, see descriptions for each application version below. --------------------------------------------------------------------- --- HIGHLIGHTS ------------------------------------------------------ --------------------------------------------------------------------- OTP-18172 Application(s): crypto Related Id(s): ERIERL-826 *** POTENTIAL INCOMPATIBILITY *** Changed the behaviour of the engine load/unload functions The engine load/unload functions have got changed semantics to get a more consistent behaviour and work correct when variables are garbage collected. The load functions now don't register the methods for the engine to replace. That will now be handled with the new functions engine_register/engine_unregister if needed. Some functions functions are removed from the documentation and therefor the API, but they are left in the code for compatibility. -- engine_load/4: is now the same as engine_load/3 -- engine_unload/2: is now the same as engine_unload/1 -- ensure_engine_loaded/3: is now the same as ensure_engine_loaded/2 -- ensure_engine_unloaded/1, ensure_engine_unloaded/2: is now the same as engine_unload/1 --------------------------------------------------------------------- --- POTENTIAL INCOMPATIBILITIES ------------------------------------- --------------------------------------------------------------------- OTP-18172 Application(s): crypto Related Id(s): ERIERL-826 *** HIGHLIGHT *** Changed the behaviour of the engine load/unload functions The engine load/unload functions have got changed semantics to get a more consistent behaviour and work correct when variables are garbage collected. The load functions now don't register the methods for the engine to replace. That will now be handled with the new functions engine_register/engine_unregister if needed. Some functions functions are removed from the documentation and therefor the API, but they are left in the code for compatibility. -- engine_load/4: is now the same as engine_load/3 -- engine_unload/2: is now the same as engine_unload/1 -- ensure_engine_loaded/3: is now the same as ensure_engine_loaded/2 -- ensure_engine_unloaded/1, ensure_engine_unloaded/2: is now the same as engine_unload/1 --------------------------------------------------------------------- --- compiler-8.1.1.1 ------------------------------------------------ --------------------------------------------------------------------- The compiler-8.1.1.1 application can be applied independently of other applications on a full OTP 24 installation. --- Fixed Bugs and Malfunctions --- OTP-18162 Application(s): compiler Related Id(s): PR-6102 The bin_opt_info and recv_opt_info options would cause the compiler to crash when attempting to compile generated code without location information. OTP-18182 Application(s): compiler Related Id(s): GH-6163 In rare circumstances involving floating point operations, the compiler could terminate with an internal consistency check failure. Full runtime dependencies of compiler-8.1.1.1: crypto-3.6, erts-11.0, kernel-7.0, stdlib-3.13 --------------------------------------------------------------------- --- crypto-5.0.6.3 -------------------------------------------------- --------------------------------------------------------------------- The crypto-5.0.6.3 application can be applied independently of other applications on a full OTP 24 installation. --- Fixed Bugs and Malfunctions --- OTP-18172 Application(s): crypto Related Id(s): ERIERL-826 *** HIGHLIGHT *** *** POTENTIAL INCOMPATIBILITY *** Changed the behaviour of the engine load/unload functions The engine load/unload functions have got changed semantics to get a more consistent behaviour and work correct when variables are garbage collected. The load functions now don't register the methods for the engine to replace. That will now be handled with the new functions engine_register/engine_unregister if needed. Some functions functions are removed from the documentation and therefor the API, but they are left in the code for compatibility. -- engine_load/4: is now the same as engine_load/3 -- engine_unload/2: is now the same as engine_unload/1 -- ensure_engine_loaded/3: is now the same as ensure_engine_loaded/2 -- ensure_engine_unloaded/1, ensure_engine_unloaded/2: is now the same as engine_unload/1 Full runtime dependencies of crypto-5.0.6.3: erts-9.0, kernel-5.3, stdlib-3.4 --------------------------------------------------------------------- --- erts-12.3.2.3 --------------------------------------------------- --------------------------------------------------------------------- Note! The erts-12.3.2.3 application *cannot* be applied independently of other applications on an arbitrary OTP 24 installation. On a full OTP 24 installation, also the following runtime dependency has to be satisfied: -- kernel-8.3 (first satisfied in OTP 24.3) --- Fixed Bugs and Malfunctions --- OTP-18104 Application(s): erts Related Id(s): OTP-18093 Fix faulty distribution encoding of terms with either -- a fun with bit-string or export-fun in its environment when encoded toward a not yet established (pending) connection -- or a fun with a binary/bitstring, in its environment, referring to an off-heap binary (larger than 64 bytes). The symptom could be failed decoding on the receiving side leading to aborted connection. Fix OTP-18093 is a workaround for theses bugs that makes the VM accepts such faulty encoded funs. The first encoding bug toward pending connection exists only in OTP 23 and 24, but the second one exists also on OTP 25. OTP-18164 Application(s): erts Related Id(s): PR-6114 Distributed exit signals could be lost under the following conditions: -- An exit signal from a parent process to a child process was lost if: -- the parent process terminated before the spawn request that created the child had completed, -- the spawn request set up a link between parent and child -- the spawn request was distributed, and -- the exit reason was larger than one machine word. -- Loss of a connection over which a not yet completed spawn request was ongoing could cause loss of exit signals. Such loss of exit signals was very rare. Besides the above described connection loss also the following conditions had to be satisfied: -- The spawn request that was interrupted by the connection loss also had to set up a link between the parent process and the child process. -- The parent process that issued the spawn request also had to be terminating while the spawn request was interrupted by the connection loss. -- The same parent process also had to have made other spawn requests to other nodes than to the node to which the connection was lost. -- These spawn requests to the other nodes also had to set up links. -- These spawn requests to the other nodes also had to be not yet completed at the time of the connection loss. That is, the spawn reply from the child process had not yet reached the parent process. If all the conditions above were met, exit signals to the children spawned due to the above described spawn requests to other nodes *could* be lost. The above bug also caused a significant memory leak when it was triggered since the destruction of the parent process never completed. OTP-18169 Application(s): erts Related Id(s): PR-6134 A race could cause process_info(Pid, message_queue_len) on other processes to return invalid results. OTP-18170 Application(s): erts Related Id(s): PR-6135 Fixed reduction counting for handling process system tasks. OTP-18175 Application(s): erts Related Id(s): PR-6142 Priority elevation of terminating processes did not work which could cause execution of such processes to be delayed. OTP-18177 Application(s): erts Related Id(s): PR-6150 An unlink operation made by a process that terminated before the unlink operation completed, i.e., before it had received an unlink-ack signal from the linked process, caused an exit signal to erroneously be sent from the terminating process to the process being unlinked. This exit signal would most often be ignored by the receiver, but if the receiver of the exit signal concurrently set up a new link, it could receive the exit signal with the actual exit reason of the terminating process instead of a noproc exit reason. It is however very hard to detect that this has happened and has no obvious negative consequences, so it should be considered harmless. A distributed unlink-ack signal received by a terminating process was also not properly removed which could cause a minor memory leak. OTP-18190 Application(s): erts Related Id(s): GH-6185, PR-6209 The monitor/3 BIF did not apply options to the created monitor if the target process or port did not exist. That is, the corresponding down message would get a `DOWN` tag even if a custom tag had been set, and the returned reference was not an alias even if the alias option had been passed. OTP-18197 Application(s): erts Related Id(s): GH-6165, PR-6213 The erlang:monotonic_time/1, erlang:system_time/1, erlang:time_offset/1, and os:system_time/1 BIFs erroneously failed when passed the argument native. Full runtime dependencies of erts-12.3.2.3: kernel-8.3, sasl-3.3, stdlib-3.13 --------------------------------------------------------------------- --- inets-7.5.3.1 --------------------------------------------------- --------------------------------------------------------------------- The inets-7.5.3.1 application can be applied independently of other applications on a full OTP 24 installation. --- Improvements and New Features --- OTP-18193 Application(s): inets Related Id(s): GH-6122 Remove documentation of no longer supported callback. Full runtime dependencies of inets-7.5.3.1: erts-6.0, kernel-3.0, mnesia-4.12, runtime_tools-1.8.14, ssl-5.3.4, stdlib-3.5 --------------------------------------------------------------------- --- kernel-8.3.2.1 -------------------------------------------------- --------------------------------------------------------------------- Note! The kernel-8.3.2.1 application *cannot* be applied independently of other applications on an arbitrary OTP 24 installation. On a full OTP 24 installation, also the following runtime dependency has to be satisfied: -- erts-12.3 (first satisfied in OTP 24.3) --- Fixed Bugs and Malfunctions --- OTP-18198 Application(s): kernel Related Id(s): GH-6129, PR-6216 A call to net_kernel:setopts(new, Opts) at the same time as a connection was being set up could cause a deadlock between the net_kernel process and the process setting up the connection. Full runtime dependencies of kernel-8.3.2.1: crypto-5.0, erts-12.3, sasl-3.0, stdlib-3.13 --------------------------------------------------------------------- --- public_key-1.12.0.1 --------------------------------------------- --------------------------------------------------------------------- The public_key-1.12.0.1 application can be applied independently of other applications on a full OTP 24 installation. --- Fixed Bugs and Malfunctions --- OTP-18189 Application(s): public_key Related Id(s): ERIERL-829 Correct asn1 typenames available in type pki_asn1_type() Full runtime dependencies of public_key-1.12.0.1: asn1-3.0, crypto-3.8, erts-6.0, kernel-3.0, stdlib-3.5 --------------------------------------------------------------------- --- ssl-10.7.3.3 ---------------------------------------------------- --------------------------------------------------------------------- Note! The ssl-10.7.3.3 application *cannot* be applied independently of other applications on an arbitrary OTP 24 installation. On a full OTP 24 installation, also the following runtime dependency has to be satisfied: -- public_key-1.11.3 (first satisfied in OTP 24.1.2) --- Fixed Bugs and Malfunctions --- OTP-18044 Application(s): ssl Reject unexpected application data in all relevant places for all TLS versions. Also, handle TLS-1.3 middlebox compatibility with more care. This will make malicious connections fail early and further, mitigate possible DoS attacks, that would be caught by the handshake timeout. Thanks to Aina Toky Rasoamanana and Olivier Levillain from Télécom SudParis for alerting us of the issues in our implementation. OTP-18173 Application(s): ssl The link to crypto:engine_load refered the function with wrong arity. OTP-18195 Application(s): ssl Make sure periodical refresh of CA certificate files repopulates cache properly. Full runtime dependencies of ssl-10.7.3.3: crypto-5.0, erts-10.0, inets-5.10.7, kernel-8.0, public_key-1.11.3, runtime_tools-1.15.1, stdlib-3.12 --------------------------------------------------------------------- --------------------------------------------------------------------- ---------------------------------------------------------------------