Bug#1009196: [Dev-luatex] Bug#1009196: texlive-binaries: Reproducible content of .fmt files
On 4/11/2022 6:56 AM, Norbert Preining wrote:
Hi Luigi, hi all luatex devs,
here at Debian we got a bug report about reproducability of luatex
format dumps. It contains a patch to make the hyphenation exception list
sorted. (I attach the patch)
Could you please take a look whether this is still relevant for the
latest release of luatex.
it actually defeats one of the security properties of lua (which was
explicitly introduced at some point: make sure that hashes have random
order each run so that it's harder to retrieve sensitive data from mem)
that said, it means that as soon as something gets stored in the format
otherwise (than exceptions) one can face the same issue (although one
can work around that by sorting etc)
if you want reproducibility for some testing, mess with this instead:
#if !defined(luai_makeseed)
#include <time.h>
#define luai_makeseed() cast(unsigned int, time(NULL))
#endif
anyway, formats with embedded lua data (serialized or bytecode is never
guaranteed the same unless one does soem effort)
fwiw: the easiest solution is to not store patterns and exceptions in
the format and just load them runtime which is just as fast (in
retrospect not a good idea to store it but it was needed for some plain
compatibility testing)
Hans
(who in the past has been bitten by this 'random feature' when we made
the switch to 5.3, or maybe it was even 5.2; it used to be 'random per
binary' and became 'random per run' but we decided to stick with
official lua)
-----------------------------------------------------------------
Hans Hagen | PRAGMA ADE
Ridderstraat 27 | 8061 GH Hasselt | The Netherlands
tel: 038 477 53 69 | www.pragma-ade.nl | www.pragma-pod.nl
-----------------------------------------------------------------
Reply to: