Your message dated Fri, 08 Jun 2018 20:53:08 +0000 with message-id <[email protected]> and subject line Bug#900445: fixed in camlzip 1.07-1 has caused the Debian Bug report #900445, regarding camlzip version 1.07 needed for zlib >= 1.2.9 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 900445: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900445 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: libzip-ocaml Version: 1.06-2+b1 I'd like to request that the Debian package of camlzip (libzip-ocaml) be updated at least to the latest numbered release, version 1.07. The reason this is significant is that older versions of camlzip up through 1.06 will no longer work reliably with recent versions of zlib (I think 1.2.9 and higher), such as version 1.2.11 now in testing. The problem can be subtle to reproduce, because it is related to garbage collection. camlzip versions <= 1.06 allocated a zlib stream object using OCaml's garbage-collected heap, which means that the object could be moved around in memory. Though this may have been contrary to the usual expectations of a C library, it was AFAIK not a practical problem with older zlib versions. However in more recent zlib versions, there is a sanity check that asserts that the back-pointer from the internal state object to the stream object is consistent with the stream object pointer passed to zlib interface routines. If the OCaml garbage collector has moved the object, the back-pointer is not updated because the OCaml GC does not know about the internal state object. Thus this check will fail, causing the interface routine to return an error code. The particular case I care about is a large application that uses camlzip to write compressed log files. The application works correctly on older systems, such as Ubuntu 16.04 which has camlzip 1.05 and zlib 1.2.8. It also works correctly when writing a small log file, as does a small test program, probably since in these small programs no garbage collection happens while the zlib stream is open. But in the larger program, in the midst of writing a longer stream of text to a compressed output stream, the program will die with the following uncaught exception: Fatal error: exception Gzip.Error("error during compression") The zlib error code is not exposed in the Gzip.Error exception message, but with a debugger I can see that it is Z_STREAM_ERROR, caused by the failure of the check "s->strm != strm" (i.e., "strm->state->strm != strm") in deflateStateCheck. This class of problems (which also affects decompression in other programs) is discussed on the upstream Github issue tracker at: https://github.com/xavierleroy/camlzip/issues/1 The other Github issues from other projects that reference that one give some indication of how this problem can lead to hard-to-debug failures in other OCaml-based programs. The fix is in upstream pull request #2; right after it was merged on January 23rd, 2017, the version number was incremented to 1.07. -- Stephen -- System Information: Debian Release: buster/sid APT prefers testing-debug APT policy: (500, 'testing-debug'), (500, 'oldoldstable'), (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.16.0-1-amd64 (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages libzip-ocaml depends on: ii libc6 2.27-3 ii ocaml-base-nox [ocaml-base-nox-4.05.0] 4.05.0-10+b1 ii zlib1g 1:1.2.11.dfsg-1
--- End Message ---
--- Begin Message ---Source: camlzip Source-Version: 1.07-1 We believe that the bug you reported is fixed in the latest version of camlzip, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Ralf Treinen <[email protected]> (supplier of updated camlzip package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Fri, 08 Jun 2018 21:23:26 +0200 Source: camlzip Binary: libzip-ocaml libzip-ocaml-dev Architecture: source Version: 1.07-1 Distribution: unstable Urgency: medium Maintainer: Debian OCaml Maintainers <[email protected]> Changed-By: Ralf Treinen <[email protected]> Description: libzip-ocaml - OCaml compression libraries (runtime libraries) libzip-ocaml-dev - OCaml compression libraries (development files) Closes: 900445 Changes: camlzip (1.07-1) unstable; urgency=medium . * New upstream release (closes: #900445) - refreshed patch 0003-Add-plain_uncompress.patch * updated debian/watch to github * updated homepage to github * updated Vcs-* fields to salsa * Standards-Version 4.1.4: - https in d/copyright format header * rewrite installation: - debian/rules: use install-findlib from upstream's makefile, and move manually dll* into stublibs - adjusted d/*.install.in accordingly - d/control: add build-dependency on ocaml-findlib - drop patch 0001-Build-system-for-Debian * d/rules: drop explicit building of zip.{cmxa,cmxs} since it is done now by the upstream Makefile * debhelper compat level 11 * Dropped patch 0002-Use-an-installed-camlzip-for-tests as we now have as-installed tests for that * Bumped version of build-dependency ocaml, following upstream instructions * Dropped build-dependency on dpkg-dev since it was constrained >= a version from 2006 Checksums-Sha1: 6096aa987878173214fe0db92489caad11a9c8a5 2131 camlzip_1.07-1.dsc dc6bf21fd12b527e06df2e3f5ee9655585e46a44 26652 camlzip_1.07.orig.tar.gz 0811796fa69afcd68b8fc9e81a5a7955e416786b 6160 camlzip_1.07-1.debian.tar.xz 445a82039e2c2b7fe0bc7f9c1c2d1e64e19054a4 5872 camlzip_1.07-1_source.buildinfo Checksums-Sha256: e790f6a18bb92b2dd2115016f6ea32090a2995ad8780c5619e5851bead88b035 2131 camlzip_1.07-1.dsc 2f4df4df258b8bca89176a5c4200a6920eccb3134f3df70d61a67e16fd1fbfdd 26652 camlzip_1.07.orig.tar.gz 602ecdaa6bca56d25d9c46029b939a2a5d05bac01a163144cb4b32dbc7a3833b 6160 camlzip_1.07-1.debian.tar.xz 1461ccd4d6f695af886ec14f002a07dc562a6998e44a786d723238f180fec0eb 5872 camlzip_1.07-1_source.buildinfo Files: 441bf9b0bc7b4aeba62721788b36bac2 2131 ocaml optional camlzip_1.07-1.dsc 8babccb584dfd4eb7b98901122e818a9 26652 ocaml optional camlzip_1.07.orig.tar.gz 6e25517e7b65a3406872d6025652ad50 6160 ocaml optional camlzip_1.07-1.debian.tar.xz 81749e879cc76eeb62989ff5fafd5f72 5872 ocaml optional camlzip_1.07-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEAgVIKeEtDyqOZI5idFxHZtTKzf8FAlsa3KAACgkQdFxHZtTK zf9rDhAAoY3aoSLpVfGinR/kk7ElEPsuDQ7ijG3eWBJ4zsgkxb2yOzOjQWl89b/a HuWApJgWvA4dJiKgEIL6S12SKKW2ARnYp6+c9SCyeCYKvIndSRZtjc536D6MHbJH egtNwoit6mWrfNVZWJ+DIUAm2A9Tt4MRa7VDkyHp+GlT4CIZhjBjgq10P3IZtQzB A/wDo7toz4oc+btR+D2+fOBdl/ObxjCu0zT/Ci7onDBB7KOEDR0s5pLrWUZcz5y9 PNtQOpowPOBj0d7JLVfPJZMTY1pkTNx5tDE33ol+bLCOURYxMqIhwensyJTGNSZg 9NEn/kenmStqDUXuza2gP7jBCsBt2z5nUifZUt8QxUFr3olw+et+qgdnMLGJke5t FeGzTwWu0lvPvUmhb3j4D2yEE1+Fk9Qeti7+B+G9FljGYmjMHa9049/MLBHcXK+N ALcQOZXGFzfcCdyUZntuy/GCwrMZLRSpLNjNRXIjgNToMJYOVGyK4QEFM6pIEcPG 6VLYHDJ1mZc31agDFfiYFEAaW7nH/qUjleP8Yaz8ZAcuInnVlHo8t09hHMynR2iK XjrGuPuYFv+D0y7EJPHS2H83IoP2wvO6Pdzxx50Jlx2wqFOiGXKTcbJjpf3JPmtr QnqmkW4Jfj1HUVX06cZm8HegqARMYEU/DpgLhk8/8hNs6t9S/W4= =xGwT -----END PGP SIGNATURE-----
--- End Message ---
