Subject: kern/17507: poll(2) makes an erroneous assumption
To: None <gnats-bugs@gnats.netbsd.org>
From: None <kalt@taranis.org>
List: netbsd-bugs
Date: 07/07/2002 13:59:56
>Number: 17507
>Category: kern
>Synopsis: poll(2) ignores
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: kern-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Sun Jul 07 11:00:00 PDT 2002
>Closed-Date:
>Last-Modified:
>Originator: Christophe Kalt
>Release: NetBSD 1.6_BETA4
>Organization:
>Environment:
System: NetBSD bzz.taranis.org 1.6_BETA4 NetBSD 1.6_BETA4 (bzz) #4: Wed Jul 3 20:33:50 EDT 2002 root@bzz.taranis.org:/scratch/NetBSD/1.6.x/obj/scratch/NetBSD/1.6.x/src/sys/arch/sparc/compile/bzz sparc
Architecture: sparc
Machine: sparc
>Description:
This was previously discussed on tech-userlevel, so you may want to check
the archives for posts starting July 7, 2002 with subject "poll(2) oddity".
Basically, poll() takes two (main) arguments: a set of struct pollfd
and the size of the set. Unfortunately, the first thing sys_poll() does
is the following:
if (SCARG(uap, nfds) > p->p_fd->fd_nfiles) {
/* forgiving; slightly wrong */
SCARG(uap, nfds) = p->p_fd->fd_nfiles;
}
Effectively, this may truncate the set, resulting in part of it being
ignored.
>How-To-Repeat:
Compile the following snippet:
#include <sys/types.h>
#include <poll.h>
main()
{
struct pollfd pfd[21];
int i;
for (i=0; i<21; i++)
{
pfd[i].fd = -1;
pfd[i].events = 0;
}
pfd[20].fd = 0;
pfd[20].events = POLLIN;
printf("%d\n", poll(pfd, 21, 1000));
}
no, if you run this with "echo foo | ./a.out" you should get 1, but you
never do. try changing 20 to anything below and you do.
20 seems to be the default for fd_nflies (according to Ben Harris who
shed some light on this for me).
>Fix:
Get rid of the code included in the description, but i imagine it's there
for a reason and needs to be replaced with something better.
>Release-Note:
>Audit-Trail:
>Unformatted: