<div dir="ltr">Ah, I see. Even with the fds that CRIU adds, it's still possible to fit below 64 or even 32.<div>I've reverted the patch to the version you suggested and attached it below - I presume this is the code review process for CRIU, right? </div><div><div class="gmail_extra"><br></div><div class="gmail_extra">BTW, if you want to make any changes to the patch before merging it - feel free to do so :)</div><div class="gmail_extra">It will be faster than us two iterating over the email.</div><div class="gmail_extra"><br></div><div class="gmail_extra">Thanks!</div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Apr 9, 2018 at 6:03 PM, Kirill Tkhai <span dir="ltr"><<a href="mailto:ktkhai@virtuozzo.com" target="_blank">ktkhai@virtuozzo.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><span class="gmail-">On 09.04.2018 17:57, Radoslaw Burny wrote:<br>
> From: Radoslaw Burny <<a href="mailto:rburny@google.com">rburny@google.com</a>><br>
><br>
> Subject: [PATCH] Fix UB in choose_service_fd_base.<br>
><br>
> Signed-off-by: Radoslaw Burny <<a href="mailto:rburny@google.com">rburny@google.com</a>><br>
><br>
> ---<br>
> criu/util.c | 4 ++--<br>
> 1 file changed, 2 insertions(+), 2 deletions(-)<br>
><br>
> diff --git a/criu/util.c b/criu/util.c<br>
> index b19bf517..48ba09a8 100644<br>
> --- a/criu/util.c<br>
> +++ b/criu/util.c<br>
> @@ -588,9 +588,9 @@ static int choose_service_fd_base(struct pstree_item<br>
> *me)<br>
> nr += 16; /* Safety pad */<br>
> real_nr = nr;<br>
><br>
> - nr /= (1024 / sizeof(void *));<br>
> + /* Align nr to the power of 2 for easier debugging */<br>
> + BUG_ON(nr <= 0);<br>
> nr = 1 << (32 - __builtin_clz(nr));<br>
> - nr *= (1024 / sizeof(void *));<br>
><br>
> if (nr > service_fd_rlim_cur) {<br>
> /* Right border is bigger, than rlim. OK, then just aligned<br>
> value is enough */<br>
<br>
</span>It's not a round up power of 2, it's round up power of 2 rounded to 128.<br>
This goes from kernel: <a href="https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/fs/file.c#n85" rel="noreferrer" target="_blank">https://git.kernel.org/pub/<wbr>scm/linux/kernel/git/torvalds/<wbr>linux.git/tree/fs/file.c#n85</a><br>
<br>
#include <limits.h><br>
int main(void)<br>
{<br>
unsigned int i, was, nr;<br>
<br>
for (i = 0; i < INT_MAX; i++) {<br>
nr = i;<br>
<span class="gmail-"> nr /= (1024 / sizeof(void *));<br>
</span> if (nr)<br>
<span class="gmail-"> nr = 1 << (32 - __builtin_clz(nr));<br>
</span> else<br>
nr = 1;<br>
<span class="gmail-"> nr *= (1024 / sizeof(void *));<br>
<br>
</span> printf("nr=%d, i=%d\n", nr, i);<br>
if (nr < i || (nr-1) & nr) {<br>
printf("error\n");<br>
exit(1);<br>
}<br>
}<br>
<br>
return 0;<br>
<br>
}<br>
<br>
nr=128, i=16<br>
nr=128, i=17<br>
nr=128, i=18<br>
nr=128, i=19<br>
nr=128, i=20<br>
nr=128, i=21<br>
nr=128, i=22<br>
nr=128, i=23<br>
nr=128, i=24<br>
nr=128, i=25<br>
nr=128, i=26<br>
nr=128, i=27<br>
nr=128, i=28<br>
nr=128, i=29<br>
nr=128, i=30<br>
</blockquote></div><br></div><div class="gmail_extra"><br></div><div class="gmail_extra"><br></div><div class="gmail_extra"><div class="gmail_extra">From: Radoslaw Burny <rburny at <a href="http://google.com">google.com</a>> </div><div class="gmail_extra"> </div><div class="gmail_extra">Subject: [PATCH] Fix UB in choose_service_fd_base (rev 2). </div><div class="gmail_extra">Signed-off-by: Radoslaw Burny <rburny at <a href="http://google.com">google.com</a>> </div><div class="gmail_extra"> </div><div class="gmail_extra">--- </div><div class="gmail_extra"> criu/util.c | 5 ++++- </div><div class="gmail_extra"> 1 file changed, 4 insertions(+), 1 deletion(-) </div><div class="gmail_extra"> </div><div class="gmail_extra">diff --git a/criu/util.c b/criu/util.c </div><div class="gmail_extra">index b19bf517..56a1683e 100644 </div><div class="gmail_extra">--- a/criu/util.c </div><div class="gmail_extra">+++ b/criu/util.c </div><div class="gmail_extra">@@ -589,7 +589,10 @@ static int choose_service_fd_base(struct pstree_item *me)</div><div class="gmail_extra"> real_nr = nr; </div><div class="gmail_extra"> </div><div class="gmail_extra"> nr /= (1024 / sizeof(void *)); </div><div class="gmail_extra">- nr = 1 << (32 - __builtin_clz(nr)); </div><div class="gmail_extra">+ if (nr != 0) </div><div class="gmail_extra">+ nr = 1 << (32 - __builtin_clz(nr)); </div><div class="gmail_extra">+ else </div><div class="gmail_extra">+ nr = 1; </div><div class="gmail_extra"> nr *= (1024 / sizeof(void *)); </div><div class="gmail_extra"> </div><div class="gmail_extra"> if (nr > service_fd_rlim_cur) { </div><div class="gmail_extra">-- </div><div class="gmail_extra">2.17.0.484.g0c8726318c-goog </div></div></div></div>