From 64d20fc9e0a914ad2fe03d74972b56baaf54b90f Mon Sep 17 00:00:00 2001 From: Willy Tarreau Date: Fri, 19 Apr 2024 16:52:32 +0200 Subject: [PATCH] BUG/MINOR: fd: my_closefrom() on Linux could skip contiguous series of sockets We got a detailed report analysis showing that our optimization consisting in using poll() to detect already closed FDs within a 1024 range has an issue with the case where 1024 consecutive FDs are open (hence do not show POLLNVAL) and none of them has any activity report. In this case poll() returns zero update and we would just skip the loop that inspects all the FDs to close the valid ones. One visible effect is that the called programs might occasionally see some FDs being exposed in the low range of their fd space, possibly making the process run out of FDs when trying to open a file for example. Note that this is actually a fix for commit b8e602cb1b ("BUG/MINOR: fd: make sure my_closefrom() doesn't miss some FDs") that already faced a more common form of this problem (incomplete but non-empty FDs reported). This can be backported up to 2.0. --- src/fd.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/fd.c b/src/fd.c index 9d34315cb..0feebfce6 100644 --- a/src/fd.c +++ b/src/fd.c @@ -981,8 +981,8 @@ void my_closefrom(int start) break; } while (errno == EAGAIN || errno == EWOULDBLOCK || errno == EINTR || errno == ENOMEM); - if (ret) - ret = fd - start; + /* always check the whole range */ + ret = fd - start; for (idx = 0; idx < ret; idx++) { if (poll_events[idx].revents & POLLNVAL)