fix off-by-one in dup2

Eric Blake eblake@redhat.com
Thu Dec 5 13:45:00 GMT 2013 

On 12/04/2013 10:51 AM, Christopher Faylor wrote:

>>>> One question, though.  Assuming start is == size, then the current code
>>>> in CVS extends the fd table by only 1.  If that happens often, the
>>>> current code would have to call ccalloc/memcpy/cfree a lot.  Wouldn't
>>>> it in fact be better to extend always by at least NOFILE_INCR, and to
>>>> extend by (1 + start - size) only if start is > size + NOFILE_INCR?
>>>> Something like
>>>>
>>>>  size_t extendby = (start >= size + NOFILE_INCR) ? 1 + start - size : NOFILE_INCR;
>>>>

Always increasing by a minimum of NOFILE_INCR is wrong in one case - we
should never increase beyond OPEN_MAX_MAX (currently 3200).  dup2(0,
3199) should succeed (unless it fails with EMFILE due to rlimit, but we
already know that our handling of setrlimit(RLIMIT_NOFILE) is still a
bit awkward); but dup2(0, 3200) must always fail with EBADF.  I think
the code in CVS is still wrong: we want to increase to the larger of the
value specified by the user or NOFILE_INCR to minimize repeated calloc,
but we also need to cap the increase to be at most OPEN_MAX_MAX
descriptors, to avoid having a table larger than what the rest of our
code base will support.

Not having NOFILE_INCR free slots after a user allocation is not fatal;
it means that the first allocation to a large number will not have tail
padding, but the next allocation to fd+1 will allocate NOFILE_INCR slots
rather than just one.  My original idea of MAX(NOFILE_INCR, start -
size) expresses that.

>>
>> That might be helpful.  Tcsh, for instance, always dup's it's std
>> descriptors to the new fds 15-19.  If it does so in this order, it would
>> have to call extend 5 times.
> 
> dtable.h:#define NOFILE_INCR    32
> 
> It shouldn't extend in that scenario.  The table starts with 32
> elements.

Rather, the table starts with 256 elements; which is why dup2 wouldn't
crash until dup'ing to 256 or greater before I started touching this.

-- 
Eric Blake   eblake redhat com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 621 bytes
Desc: OpenPGP digital signature
URL: <http://cygwin.com/pipermail/cygwin-patches/attachments/20131205/38add733/attachment.sig>

More information about the Cygwin-patches mailing list