xiaoxiang781216 commented on code in PR #16326:
URL: https://github.com/apache/nuttx/pull/16326#discussion_r2076661087
##########
fs/inode/fs_files.c:
##########
@@ -317,11 +331,36 @@ static int nx_dup3_from_tcb(FAR struct tcb_s *tcb, int
fd1, int fd2,
return -EBADF;
}
+ /* dup3() and dup2() dictate that fd2 must be closed prior to reuse */
+
+ filep = files_fget(list, fd2);
+ if (filep)
+ {
+ /* The file exists and is open, close it here */
+
+ fs_putfilep(filep);
+ file_close_wait(filep);
+ }
+
+ /* This should not fail now */
+
filep = files_fget_by_index(list,
fd2 / CONFIG_NFILE_DESCRIPTORS_PER_BLOCK,
fd2 % CONFIG_NFILE_DESCRIPTORS_PER_BLOCK,
&new);
+ /* If return value is NULL, it means the file is partially open. This means
+ * the userspace is racing against itself. To prevent the kernel from
+ * crashing due to access to invalid file pointer, just make the user try
Review Comment:
But my understand is that the fail should come from the file system self,
not vfs layer. At least, we should:
1. retry the duplication either inside nx_dup3_from_tcb or dup3 in this
specific race condition
2. or add the lock between file_close_wait and files_fget_by_index to remove
the race.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscr...@nuttx.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
