Erlang/OTP 17.5

This release of Erlang/OTP can be built from source or installed using pre-built packages for your OS or third-party tools (such as kerl or asdf).

docker run -it erlang:17.5

asn1-3.0.4 #

The asn1-3.0.4 application can be applied independently of other applications on a full OTP 17 installation.

OTP-12546
Application(s):
asn1
Related Id(s):
seq12815

The ASN.1 compiler would crash if a SEQUENCE ended with a double set of ellipses (...).

Full runtime dependencies of asn1-3.0.4: erts-6.0, kernel-3.0, stdlib-2.0

common_test-1.10 #

Note! The common_test-1.10 application can *not* be applied independently of other applications on an arbitrary OTP 17 installation. On a full OTP 17 installation, also the following runtime dependency has to be satisfied: -- test_server-3.7.1 (first satisfied in OTP 17.1)

OTP-11400
Application(s):
common_test

The tests overview file, index.html, did not always get updated correctly after a new test run. This was because of a bug in the Common Test log cache mechanism which has now been corrected.

OTP-12279
Application(s):
common_test
Related Id(s):
seq12737 , OTP-12531

*** POTENTIAL INCOMPATIBILITY ***

When a successful test case returns, Common Test should, according to the documentation, send a tc_done event to the event handlers with Result = ok in the data field. However, Common Test sets Result to the return value of the test case instead. Common Test has been modified now to comply with the documentation.

OTP-12335
Application(s):
common_test

A ct_telnet:expect/3 call could never be aborted before an idle_timeout, even if total_timeout had been set to a lower value (i.e. a shorter time). This problem has been fixed.

OTP-12359
Application(s):
common_test
Related Id(s):
seq12760

*** POTENTIAL INCOMPATIBILITY ***

The undocumented return value {skipped,Reason} from config functions and test cases was handled inconsistently. Test cases were e.g. reported as "skipped" to CT Hook functions, but "successful" to event handlers. Now, the above return value is consistently handled the same way as {skip,Reason} and this has also been documented.

OTP-12419
Application(s):
common_test

The Erlang source code to HTML generator would sometimes fail because epp:parse_erl_form/1 could not find and expand required macros in included header files. The problem has been solved by making sure common_test always passes the full include path to epp. Also, a bug that could cause erl_syntax:revert/1 to fail because of a badly formed syntax tree has been corrected.

OTP-12433
Application(s):
common_test
Related Id(s):
seq12788

A missing group option in the ct_run help text has been added.

OTP-12468
Application(s):
common_test, test_server

Printouts by means of ct:log/2/3 or ct:pal/2/3 from the hook functions on_tc_fail/2 and on_tc_skip/2 would (quite unexpectedly) end up in the "unexpected i/o" log file instead of in the test case log file. This behaviour has been changed so that now, all printouts (including stdio printouts) from these hook functions will be routed to the test case log file.

OTP-12491
Application(s):
common_test
Related Id(s):
seq12797

ct_netconfc:action/3 will now - if the return type is void - accept an RPC reply on the form {ok,[simple_xml()]}, and in this event return only the atom ok.

OTP-12498
Application(s):
common_test
Related Id(s):
OTP-11971

OTP-11971 erroneously changed the handling of relative paths for incl_dirs specified in the cover spec file. This is now corrected so these are expected to be relative to the directory where the cover spec file itself is stored

OTP-12574
Application(s):
common_test

Some test cases have been updated to use ct:sleep/1 instead of timer:sleep/1. The reason being that the sleep times need to be scaled to compensate for slow execution (e.g. when cover is running).

OTP-12506
Application(s):
common_test
Related Id(s):
seq12802

Common Test now exports a function, ct:get_event_mgr_ref/0, that returns the name of the Common Test event manager. This makes it possible to plug in event handlers to the event manager while tests are running (using the gen_event API).

OTP-12531
Application(s):
common_test
Related Id(s):
OTP-12279

*** POTENTIAL INCOMPATIBILITY ***

When a test case (or configuration function) fails because of an exit signal from a linked process, Common Test previously passed only the reason for process termination to the CT post hook functions and the event handlers (in the tc_done event). This has been changed so that now the tuple {'EXIT',ReasonForProcessTermination} is passed instead. This makes it much easier in the CT post hook functions to distinguish a failure of this sort from other types of errors and from the return value of a successful test case.

OTP-12627
Application(s):
common_test

A new feature has been introduced in ct_telnet:get_data/1 that makes it possible to automatically poll the telnet connection in case an incomplete string (one that has not yet been terminated by a newline) remains in the receive buffer. The polling is controlled by two new telnet config values, which are documented in the ct_telnet reference manual. The polling mechanism is disabled by default (making the get_data/1 function backwards compatible).

Full runtime dependencies of common_test-1.10: compiler-5.0, crypto-3.3, debugger-4.0, erts-6.0, inets-5.10, kernel-3.0, runtime_tools-1.8.14, sasl-2.4, snmp-4.25.1, ssh-3.0.1, stdlib-2.0, test_server-3.7.1, tools-2.6.14, webtool-0.8.10, xmerl-1.3.7

compiler-5.0.4 #

The compiler-5.0.4 application can be applied independently of other applications on a full OTP 17 installation.

OTP-12402
Application(s):
compiler

Matching out a map from a record and then updating the record could cause a 'badarg' exception at run-time. (Thanks to Dmitry Aleksandrov for reporting this bug.)

OTP-12410
Application(s):
compiler

The compiler would crash when compiling some complex, nonsensical guards such as:

... when {{X}}, -X...

OTP-12414
Application(s):
compiler

In rare circumstances, using binary pattern in the value part of a map pattern would cause the compiler to crash.

OTP-12451
Application(s):
compiler

Case expressions where a map was wrapped in a tuple or list such as:

case {a,Map} of
{a,#{k:=_}}=Tuple -> Tuple
end.

would be unsafely "optimized" to either cause an exception at run-time or would return an empty map.

OTP-12456
Application(s):
compiler

When a variable was compared to a literal map using the '==' operator, the compiler would change the operator to '=:=' since it is more efficient. However, this optimization is not safe if the map literal has numeric keys or values. The compiler will now only do the optimization if all keys and values are non-numeric.

Full runtime dependencies of compiler-5.0.4: crypto-3.3, erts-6.0, hipe-3.10.3, kernel-3.0, stdlib-2.0

crypto-3.5 #

The crypto-3.5 application can be applied independently of other applications on a full OTP 17 installation.

OTP-12467
Application(s):
crypto

Extend block_encrypt/decrypt for aes_cfb8 and aes_cfb128 to accept keys of length 128, 192 and 256 bits. Before only 128 bit keys were accepted.

Full runtime dependencies of crypto-3.5: erts-6.0, kernel-3.0, stdlib-2.0

debugger-4.0.3 #

The debugger-4.0.3 application can be applied independently of other applications on a full OTP 17 installation.

OTP-12378
Application(s):
debugger

Fix save state which did not work on Mac.

Full runtime dependencies of debugger-4.0.3: compiler-5.0, erts-6.0, kernel-3.0, stdlib-2.0, wx-1.2

dialyzer-2.7.4 #

The dialyzer-2.7.4 application can be applied independently of other applications on a full OTP 17 installation.

OTP-12472
Application(s):
dialyzer

A bug concerning map() types has been fixed.

Full runtime dependencies of dialyzer-2.7.4: compiler-5.0, erts-6.0, hipe-3.10.3, kernel-3.0, stdlib-2.0, syntax_tools-1.6.14, wx-1.2

diameter-1.9 #

The diameter-1.9 application can be applied independently of other applications on a full OTP 17 installation.

OTP-11492
Application(s):
diameter

Don't discard outgoing answers unnecessarily.

Answers missing a Result-Code AVP or setting an E-bit inappropriately were discarded even if encode was successful.

OTP-12412
Application(s):
diameter

Increase supervision timeouts.

At diameter application shutdown, DPR could be omitted on open peer connections because of short supervision timeouts.

OTP-12415
Application(s):
diameter

Fix retransmission of messages sent as header/avps list.

Extracting End-to-End and Hop-by-Hop Identifiers resulted in a function clause error, resulting in a handle_error callback.

OTP-12475
Application(s):
diameter

Fix diameter_avp decode of Grouped AVPs having decode errors.

Components of such an AVP were not extracted, causing it to be represented by a single diameter_avp record instead of the intended list.

Dictionary files must be recompiled for the fix to have effect.

OTP-12551
Application(s):
diameter

Fix ordering of AVPs in relayed messages.

The order was reversed relative to the received order, with a Route-Record AVP prepended.

Thanks to Andrzej TrawiƄski.

OTP-12589
Application(s):
diameter

Fix issues with DiameterURI encode/decode.

RFC 6773 changed the default port and transport, but the RFC 3588 defaults were used even if the RFC 6733 common dictionary was in use. The RFC 3588 defaults are now only used when the common dictionary is diameter_gen_base_rfc3588.

Both RFC 3588 and 6733 disallow transport=udp;protocol=diameter. Encode of the combination now fails.

Decode of ports numbers outside the range 0-65535 and fully qualified domain names longer than 255 octets now fails.

Note that RFC 3588 is obsolete, and that there is a diameter_gen_base_rfc6733. The change in defaults is a potential interoperability problem when moving to RFC 6733 with peers that do not send all URI components. The fact that 6733 allows 5xxx result codes in answer messages setting the E-bit, which RFC 3588 doesn't, is another.

OTP-11952
Application(s):
diameter

Add service_opt() string_decode.

To disable the decode of potentially large binaries to string. This prevents large strings from being copied when incoming Diameter messages are passed between processes, a vulnerability that can lead to memory being exhausted given sufficiently malicious peers.

The value is a boolean(), true being the default for backwards compatibility. Setting false causes both diameter_caps records and decoded messages to contain binary() in relevant places that previously had string(): diameter_app(3) callbacks need to be prepared for the change.

The Diameter types affected are OctetString and the derived types UTF8String, DiameterIdentity, DiameterURI, IPFilterRule, and QoSFilterRule. Time and Address are unaffected.

OTP-12428
Application(s):
diameter

Add transport_opt() pool_size.

To allow for pools of accepting transport processes, which can better service multiple simultaneous peer connections. The option can also be used with connecting transports, to establish multiple connections to the same peer without having to configure multiple transports.

OTP-12542
Application(s):
diameter

Allow DPR to be sent with diameter:call/4.

It has been possible to send, but the answer was regarded as unsolicited and discarded. DPA now causes the transport process in question to be terminated, as for DPR that diameter itself sends.

OTP-12543
Application(s):
diameter

Discard requests after DPR.

RFC 6733 is imprecise, but the tone is that messages received after DPR are an exception to be dealt with only because of the possibility of unordered delivery over SCTP. As a consequence, and because a request following DPR is unlikely to be answered due to the impending loss of the peer connection, discard outgoing requests following an outgoing or incoming DPR. Incoming requests are also discarded, with the exception of DPR itself. Answers are sent and received as usual.

OTP-12609
Application(s):
diameter

Add transport_opt() dpr_timeout.

To cause a peer connection to be closed following an outgoing DPA when the peer fails to do so. It is the recipient of DPA that should close the connection according to RFC 6733.

OTP-12628
Application(s):
diameter

Add service_opt() incoming_maxlen.

To bound the expected size of incoming Diameter messages. Messages larger than the specified number of bytes are discarded, to prevent a malicious peer from generating excessive load.

Full runtime dependencies of diameter-1.9: erts-6.0, kernel-3.0, ssl-5.3.4, stdlib-2.0

eldap-1.1.1 #

The eldap-1.1.1 application can be applied independently of other applications on a full OTP 17 installation.

OTP-12349
Application(s):
eldap

Corrects that eldap:close/1 returned a tuple instead of the specified atom ok.

OTP-12354
Application(s):
eldap

Clarification in the reference manual for eldap:modify_dn/5, eldap:search/2 and eldap:start_tls/3.

OTP-12355
Application(s):
eldap

The eldap test suites are extended and re-organized.

Full runtime dependencies of eldap-1.1.1: asn1-3.0, erts-6.0, kernel-3.0, ssl-5.3.4, stdlib-2.0

erts-6.4 #

The erts-6.4 application can be applied independently of other applications on a full OTP 17 installation.

OTP-12388
Application(s):
erts

Fix missing quotation in the LM_FIND_EMU_CC autoconf macro which could cause build failures.

OTP-12537
Application(s):
erts

Fix erroneous printout of monitors in crashdump file.

OTP-12544
Application(s):
erts
Related Id(s):
seq12777

The runtime system without SMP support could crash in the BIF port_control/3 if the port that was being accessed died during the call to the BIF.

OTP-12556
Application(s):
erts

Avoid corrupt oversized integer to be created from binary matching. Instead throw system_limit exception which is the correct behavior. A peculiar symptom of this bug was that bitwise operations (band, bor, bxor) on such oversized integers could return the empty list []. Credit: Mikael Pettersson, Nico Kruber

OTP-12587
Application(s):
erts

A race condition when calling port_info/1 could cause a memory fault has been fixed.

OTP-12623
Application(s):
erts

Fix comparison of exact terms. An overflow that could cause faulty comparisons has been fixed. Comparison of exact terms is exclusively used within Maps.

OTP-12624
Application(s):
erts

Fix bug in list_to_integer/1 for very long lists that could cause VM crash.

OTP-12351
Application(s):
erts

Introduced a runtime system internal 64-bit API for atomic memory operations.

OTP-12535
Application(s):
erts
Related Id(s):
seq12809

Add command line argument option for the initial size of process dictionaries.

Use '+hpds <size>' to set initial process dictionary size for spawned processes.

OTP-12545
Application(s):
erts

Fix documentation on $char for Unicode

Full runtime dependencies of erts-6.4: kernel-3.0, sasl-2.4, stdlib-2.0

hipe-3.11.3 #

The hipe-3.11.3 application can be applied independently of other applications on a full OTP 17 installation.

OTP-12405
Application(s):
hipe

Fix HiPE for ARM when Erlang VM is compiled for Thumb execution mode. This was a problem on e.g. Ubuntu which configures its system GCC to generate Thumb by default.

OTP-12557
Application(s):
hipe

Reduced lock contention of dynamic function lookups (like apply) from hipe compiled code.

OTP-12413
Application(s):
hipe

Fix two bugs in HiPE compiler regarding floating-points, both leading to crash during compilation. The target-specific code generators failed to handle integer to floating-point conversion instructions with constant operands. The middle-end could use an incorrect representation for copies between floating-point registers.

OTP-12448
Application(s):
hipe

Improved error handling when memory allocation for HiPE code fails.

Full runtime dependencies of hipe-3.11.3: compiler-5.0, erts-6.0, kernel-3.0, stdlib-2.0, syntax_tools-1.6.14

inets-5.10.6 #

The inets-5.10.6 application can be applied independently of other applications on a full OTP 17 installation.

OTP-12455
Application(s):
inets

inets: parse correctly 'Set-Cookie' header with empty value

httpc_cookie should parse cookies with empty values and no attributes set in the 'Set-Cookie' headers.

OTP-12398
Application(s):
inets

Add parsing of URI fragments to http_uri:parse

This fixes a bug in httpc where redirection URIs could lead to bad requests if they contained fragments.

OTP-12430
Application(s):
inets

httpc: http client now ignores invalid set-cookie headers

Full runtime dependencies of inets-5.10.6: erts-6.0, kernel-3.0, mnesia-4.12, runtime_tools-1.8.14, ssl-5.3.4, stdlib-2.0

kernel-3.2 #

Note! The kernel-3.2 application can *not* be applied independently of other applications on an arbitrary OTP 17 installation. On a full OTP 17 installation, also the following runtime dependency has to be satisfied: -- erts-6.1.2 (first satisfied in OTP 17.1.2)

OTP-12133
Application(s):
kernel

A bug causing an infinite loop in hostname resolving has been corrected. To trigger this bug you would have to enter an bogus search method from a configuration file e.g .inetrc.

Bug pinpointed by Emil Holmström

OTP-12424
Application(s):
kernel

The standard_error process now handles the getopts I/O protocol request correctly and stores its encoding in the same way as standard_io.

Also, io:put_chars(standard_error, [oops]) could previously crash the standard_error process. This is now corrected.

OTP-12476
Application(s):
kernel
Related Id(s):
OTP-12476

Configuration parameters for the Kernel application that allows setting socket options for the distribution sockets have been added. See the application Kernel documentation; parameters 'inet_dist_listen_options' and 'inet_dist_connect_options'.

Full runtime dependencies of kernel-3.2: erts-6.1.2, sasl-2.4, stdlib-2.0

mnesia-4.12.5 #

The mnesia-4.12.5 application can be applied independently of other applications on a full OTP 17 installation.

OTP-12473
Application(s):
mnesia

Fixed race condition in protocol negotiation.

OTP-12400
Application(s):
mnesia

Grammar corrections. (Thanks to Derek Brown)

Full runtime dependencies of mnesia-4.12.5: erts-6.0, kernel-3.0, stdlib-2.0

observer-2.0.4 #

The observer-2.0.4 application can be applied independently of other applications on a full OTP 17 installation.

OTP-12634
Application(s):
observer

Fix crash when opening a process information window.

Full runtime dependencies of observer-2.0.4: erts-6.0, et-1.5, inets-5.10, kernel-3.0, runtime_tools-1.8.14, stdlib-2.0, wx-1.2

os_mon-2.3.1 #

The os_mon-2.3.1 application can be applied independently of other applications on a full OTP 17 installation.

OTP-12581
Application(s):
os_mon

Do not crash with badmatch when integer part of loadavg has more than 2 digits.

OTP-12404
Application(s):
os_mon

Fix compilation of memsup on OpenBSD.

Full runtime dependencies of os_mon-2.3.1: erts-6.0, kernel-3.0, mnesia-4.12, otp_mibs-1.0.9, sasl-2.4, snmp-4.25.1, stdlib-2.0

public_key-0.23 #

The public_key-0.23 application can be applied independently of other applications on a full OTP 17 installation.

OTP-12547
Application(s):
public_key
Related Id(s):
OTP-10362

Improve/extend support for CRL handling.

Full runtime dependencies of public_key-0.23: asn1-3.0, crypto-3.3, erts-6.0, kernel-3.0, stdlib-2.0

runtime_tools-1.8.16 #

The runtime_tools-1.8.16 application can be applied independently of other applications on a full OTP 17 installation.

OTP-12517
Application(s):
runtime_tools

The trace process started by dbg would not always terminate when dbg:stop/0 was called.

Full runtime dependencies of runtime_tools-1.8.16: erts-6.0, kernel-3.0, mnesia-4.12, stdlib-2.0

ssh-3.2 #

Note! The ssh-3.2 application can *not* be applied independently of other applications on an arbitrary OTP 17 installation. On a full OTP 17 installation, also the following runtime dependency has to be satisfied: -- stdlib-2.3 (first satisfied in OTP 17.4)

OTP-12369
Application(s):
ssh

Bug that causes ssh:connect to return {error,int()} instead of {error,timeout} when ssh handshake takes too long time.

OTP-12558
Application(s):
ssh

Example of ssh_connection:exec added.

Full runtime dependencies of ssh-3.2: crypto-3.3, erts-6.0, kernel-3.0, public_key-0.22, stdlib-2.3

ssl-6.0 #

The ssl-6.0 application can be applied independently of other applications on a full OTP 17 installation.

OTP-12449
Application(s):
ssl

Exclude self-signed trusted anchor certificates from certificate prospective certification path according to RFC 3280.

This will avoid some unnecessary certificate processing.

OTP-11365
Application(s):
ssl

Separate client and server session cache internally.

Avoid session table growth when client starts many connections in such a manner that many connections are started before session reuse is possible. Only save a new session in client if there is no equivalent session already stored.

OTP-12391
Application(s):
ssl

The PEM cache is now validated by a background process, instead of always keeping it if it is small enough and clearing it otherwise. That strategy required that small caches where cleared by API function if a file changes on disk.

However export the API function to clear the cache as it may still be useful.

OTP-12420
Application(s):
ssl

*** POTENTIAL INCOMPATIBILITY ***

Add padding check for TLS-1.0 to remove Poodle vulnerability from TLS 1.0, also add the option padding_check. This option only affects TLS-1.0 connections and if set to false it disables the block cipher padding check to be able to interoperate with legacy software.

OTP-12458
Application(s):
ssl

Add support for TLS_FALLBACK_SCSV used to prevent undesired TLS version downgrades. If used by a client that is vulnerable to the POODLE attack, and the server also supports TLS_FALLBACK_SCSV, the attack can be prevented.

Full runtime dependencies of ssl-6.0: crypto-3.3, erts-6.0, kernel-3.0, public_key-0.22, stdlib-2.0

stdlib-2.4 #

Note! The stdlib-2.4 application can *not* be applied independently of other applications on an arbitrary OTP 17 installation. On a full OTP 17 installation, also the following runtime dependencies have to be satisfied: -- erts-6.2 (first satisfied in OTP 17.3) -- kernel-3.0.2 (first satisfied in OTP 17.1.2)

OTP-12521
Application(s):
stdlib

Behaviour of character types \d, \w and \s has always been to not match characters with value above 255, not 128, i.e. they are limited to ISO-Latin-1 and not ASCII

OTP-12500
Application(s):
stdlib

c:m/1 now displays the module's MD5 sum.

OTP-12550
Application(s):
stdlib

Make ets:i/1 handle binary input from IO server.

Full runtime dependencies of stdlib-2.4: compiler-5.0, crypto-3.3, erts-6.2, kernel-3.0.2, sasl-2.4

syntax_tools-1.6.18 #

The syntax_tools-1.6.18 application can be applied independently of other applications on a full OTP 17 installation.

OTP-12406
Application(s):
syntax_tools

Fix bad format of error in epp_dodger:parse_file/3

Full runtime dependencies of syntax_tools-1.6.18: erts-6.0, kernel-3.0, stdlib-2.0

test_server-3.8 #

Note! The test_server-3.8 application can *not* be applied independently of other applications on an arbitrary OTP 17 installation. On a full OTP 17 installation, also the following runtime dependency has to be satisfied: -- syntax_tools-1.6.16 (first satisfied in OTP 17.1.1)

OTP-11441
Application(s):
test_server

When installing test suites in a cross compilation environment, ts_install was not able to read the values of the environment variables specified in the configuration file. This has been fixed.

OTP-12468
Application(s):
common_test, test_server

Printouts by means of ct:log/2/3 or ct:pal/2/3 from the hook functions on_tc_fail/2 and on_tc_skip/2 would (quite unexpectedly) end up in the "unexpected i/o" log file instead of in the test case log file. This behaviour has been changed so that now, all printouts (including stdio printouts) from these hook functions will be routed to the test case log file.

OTP-12518
Application(s):
test_server
Related Id(s):
seq12808

The format of the information printed on top of the test case (and configuration function) log file has been slightly modified, mainly in order to make the start configuration data easier to read and interpret.

Full runtime dependencies of test_server-3.8: erts-6.0, inets-5.10, kernel-3.0, observer-2.0, runtime_tools-1.8.14, stdlib-2.0, syntax_tools-1.6.16, tools-2.6.14

tools-2.7.2 #

The tools-2.7.2 application can be applied independently of other applications on a full OTP 17 installation.

OTP-12364
Application(s):
tools

Fix lcnt sorting and printout of histograms.

OTP-12567
Application(s):
tools

Fix a Unicode bug in the tags module.

OTP-12583
Application(s):
tools

Fix tags completion in erlang.el for GNU Emacs 23+

Full runtime dependencies of tools-2.7.2: compiler-5.0, erts-6.0, inets-5.10, kernel-3.0, runtime_tools-1.8.14, stdlib-2.0, webtool-0.8.10

wx-1.3.3 #

The wx-1.3.3 application can be applied independently of other applications on a full OTP 17 installation.

OTP-12374
Application(s):
wx

Fix timing related crash during wx application stop.

Full runtime dependencies of wx-1.3.3: erts-6.0, kernel-3.0, stdlib-2.0

Thanks To #

0xAX, Alex Wilson, Andy Ledvina, Anthony Ramine, Cian Synnott, Daniel Kempkens, David Haguenauer, Derek Brown, Dmitry Ivanov, James Fish, Jean-Sébastien Pédron, Johan Claesson, José Valim, Kelly McLaughlin, Kirill Zaborsky, Kirilll Zaborsky, Leo Liu, Linus.yuan, Loïc Hoguin, Mikael Pettersson, Nick Mills, Rafal Studnicki, Richard Carlsson, Simon Cornish, Sina Samavati, Steven Danna, Tom Benner, Viacheslav V. Kovalev, Wasif Malik, Yuki Ito, crownedgrouse, jeffweiss, yannayl