Bug#429021: libc6: fputs can lose data in buffer on signal

To: Pierre Habouzit <madcoder@debian.org>
Cc: Daniel Jacobowitz <drow@false.org>, 429021@bugs.debian.org
Subject: Bug#429021: libc6: fputs can lose data in buffer on signal
From: Dmitry Potapov <dpotapov@gmail.com>
Date: Mon, 18 Jun 2007 12:44:02 +0400
Message-id: <[🔎] 20070618084402.GA23219@potapov>
Reply-to: Dmitry Potapov <dpotapov@gmail.com>, 429021@bugs.debian.org
In-reply-to: <[🔎] 20070615164754.GA3636@artemis.intersec.eu>
References: <[🔎] 20070615131059.32618.19942.reportbug@localhost> <20070615160942.GD28554@artemis.intersec.eu> <[🔎] 20070615163340.GA13789@caradoc.them.org> <[🔎] 20070615164754.GA3636@artemis.intersec.eu>

On Fri, Jun 15, 2007 at 06:47:55PM +0200, Pierre Habouzit wrote:
>   Nothing in POSIX says what happens wrt to fwrite and signals. At least
> it's very unclear. But indeed the fact that SA_RESTART is the default
> value for linux does not seem to be a POSIX requirement either.

I have studied the source today, and it turned out that the problem
is not signal specific, but how glibc treats any error on writing.
Unfortunately, it loses all data stored in the buffer. Probably,
it does not matter for fatal errors, because you will not able to
write more anyway, but for recoverable errors like EINTR or ENOSPC,
it is not a smart thing to do. Here is a small patch that corrects
this problem:

--- glibc-2.3.6/libio/fileops.c.orig	2004-12-07 01:36:56.000000000 +0300
+++ glibc-2.3.6/libio/fileops.c	2007-06-18 12:29:50.739890036 +0400
@@ -516,10 +516,19 @@ new_do_write (fp, data, to_do)
     fp->_cur_column = INTUSE(_IO_adjust_column) (fp->_cur_column - 1, data,
 						 count) + 1;
   _IO_setg (fp, fp->_IO_buf_base, fp->_IO_buf_base, fp->_IO_buf_base);
-  fp->_IO_write_base = fp->_IO_write_ptr = fp->_IO_buf_base;
-  fp->_IO_write_end = (fp->_mode <= 0
+  if (__builtin_expect (count == to_do, 1))
+    {
+      fp->_IO_write_base = fp->_IO_write_ptr = fp->_IO_buf_base;
+      fp->_IO_write_end = (fp->_mode <= 0
 		       && (fp->_flags & (_IO_LINE_BUF+_IO_UNBUFFERED))
 		       ? fp->_IO_buf_base : fp->_IO_buf_end);
+    }
+  else if (count > 0 && fp->_IO_write_base == data)
+    {
+      memmove (data, data+count, 
+               fp->_IO_write_ptr - fp->_IO_write_base - count);
+      fp->_IO_write_ptr -= count;
+    }
   return count;
 }

The patch does not change the behavior of new_do_write in the case
of success, but when an error happens, I do not emptify the output
buffer. In fact, in the case when data were partly written (count>0)
and data were from the output buffer (fp->_IO_write_base == data),
I remove written data from the buffer and adjust the write pointer
accordingly.

Warning: I have not tested this patch, but it seems trivial, so
I hope it works.

Also, I should note that though this patch prevents losing buffer
on error, it does not prevent the possibility that fputs can return
an error, while a part of the given string was written, but it is
restriction of the interface. So using fputs with non-restartable
signals is not a good idea anyway, still fwrite can be used in
this way for writing bytes if this bug with losing data in buffer
is fixed.

Thanks,
Dmitry

Reply to:

References:
- Bug#429021: libc6: fputs can lose data in buffer on signal
  - From: Dmitry Potapov <dpotapov@gmail.com>
- Bug#429021: libc6: fputs can lose data in buffer on signal
  - From: Daniel Jacobowitz <drow@false.org>
- Bug#429021: libc6: fputs can lose data in buffer on signal
  - From: Pierre Habouzit <madcoder@debian.org>

Prev by Date: r2373 - glibc-package/branches/glibc-2.6/debian
Next by Date: Processed: closing 419103
Previous by thread: Processed: Re: Bug#429021: libc6: fputs can lose data in buffer on signal
Next by thread: Bug#167423: is it you? tabitha here
Index(es):
- Date
- Thread