This is an archive of the discontinued LLVM Phabricator instance.

[Support] fix TempFile infinite loop and permission denied errors
ClosedPublic

Authored by inglorion on Jul 31 2018, 7:23 PM.

Download Raw Diff

Details

Reviewers

pcc
rnk
zturner

Commits

rG9b36f51ae761: [Support] fix TempFile infinite loop and permission denied errors
rL338745: [Support] fix TempFile infinite loop and permission denied errors

Summary

On Windows, TempFile::create() was prone to failing with permission
denied errors when a process created many tempfiles without providing
a model large enough to accommodate them. There was also a problem
with createUniqueEntity getting into an infinite loop when all names
permitted by the model are in use. This change fixes both of these
problems and adds a unit test for them.

Diff Detail

Build Status

Buildable 20943
Build 20943: arc lint + arc unit

Event Timeline

inglorion created this revision.Jul 31 2018, 7:23 PM

Herald added a subscriber: hiraditya. · View Herald TranscriptJul 31 2018, 7:23 PM

Harbormaster completed remote builds in B20943: Diff 158454.Jul 31 2018, 7:24 PM

inglorion added a child revision: D50127: [Support] use larger character set for creating unique filenames.Jul 31 2018, 8:17 PM

How could 16 characters not be enough? That’s 35^16 unique file names?

@zturner, the models we use here are 6 characters. Chosen from a set of 16 characters gives 16M possibilities. Randomly generating them gives a 50%+ probability of a collision after 5000 names or so. I have another patch up (D50127) to use a 32-character set instead, which means the same 6 character model gives about a billion possible names and you need to generate about 40,000 of them before you have a 50% probability of a collision.

This diff fixes a problem where, on Windows, TempFile::create() would immediately fail when the same name is tried again before the first file with that name is gone. That makes collisions less of an issue, because we can actually use more of the available names before we give up. It also fixes a problem where trying to create a tempfile when all available names are taken would lead to an infinite loop.

Is this good to go?

zturner accepted this revision.Aug 2 2018, 10:36 AM

This revision is now accepted and ready to land.Aug 2 2018, 10:36 AM

No, I have comments.

This revision now requires changes to proceed.Aug 2 2018, 10:38 AM

This revision was not accepted when it landed; it landed in state Needs Revision.Aug 2 2018, 10:42 AM

Closed by commit rL338745: [Support] fix TempFile infinite loop and permission denied errors (authored by inglorion). · Explain Why

This revision was automatically updated to reflect the committed changes.

pcc added inline comments.Aug 2 2018, 10:57 AM

llvm/lib/Support/Path.cpp
194	This is unlikely to be the problem given the number of % characters typically in a model. It's more likely to be the case that we're getting permission denied because we don't actually have permission. That's what I'd say in the comment here.

Sorry, Peter. Saw your reply after I had already pushed the change. Would:

// Limit the number of attempts we make, so that we don't infinite loop. E.g.
// "permission denied" could be for a specific file (so we retry with a
// different name) or for the whole directory (retry would always fail).
// Checking which is racy, so we try a number of times, then give up.

be a better comment? If so, I'll land that as a follow-up.

Looks great, thanks.

inglorion mentioned this in rL338755: [Support] [NFC] change comment about retries in createUniqueEntity.Aug 2 2018, 11:27 AM

Comment changed in rL338755.

The test introduced here seems to be invalid.
It assumes that 16*128 attempts to choose a random hex number will cover all 16 available numbers.
Obviously, the chance for this test to fail is rather low but it is not 0.

(and yes, today it failed in my test run)

Herald added a subscriber: kristina. · View Herald TranscriptNov 19 2018, 1:48 PM

@fedor.sergeev: You're right, thanks for pointing that out. Sent D56336 to fix that.

Revision Contents

Path

Size

llvm/

lib/

Support/

Path.cpp

77 lines

unittests/

Support/

Path.cpp

31 lines

Diff 158454

llvm/lib/Support/Path.cpp

Show First 20 Lines • Show All 184 Lines • ▼ Show 20 Lines	createUniqueEntity(const Twine &Model, int &ResultFD,

// From here on, DO NOT modify model. It may be needed if the randomly chosen		// From here on, DO NOT modify model. It may be needed if the randomly chosen
// path already exists.		// path already exists.
ResultPath = ModelStorage;		ResultPath = ModelStorage;
// Null terminate.		// Null terminate.
ResultPath.push_back(0);		ResultPath.push_back(0);
ResultPath.pop_back();		ResultPath.pop_back();

retry_random_path:		// Limit the number of attempts we make, so that we don't infinite loop when
		// we run out of filenames that fit the model.
		pccUnsubmitted Not Done Reply Inline Actions This is unlikely to be the problem given the number of % characters typically in a model. It's more likely to be the case that we're getting permission denied because we don't actually have permission. That's what I'd say in the comment here. pcc: This is unlikely to be the problem given the number of % characters typically in a model. It's…
		std::error_code EC;
		for (int Retries = 128; Retries > 0; --Retries) {
// Replace '%' with random chars.		// Replace '%' with random chars.
for (unsigned i = 0, e = ModelStorage.size(); i != e; ++i) {		for (unsigned i = 0, e = ModelStorage.size(); i != e; ++i) {
if (ModelStorage[i] == '%')		if (ModelStorage[i] == '%')
ResultPath[i] = "0123456789abcdef"[sys::Process::GetRandomNumber() & 15];		ResultPath[i] =
		"0123456789abcdef"[sys::Process::GetRandomNumber() & 15];
}		}

// Try to open + create the file.		// Try to open + create the file.
switch (Type) {		switch (Type) {
case FS_File: {		case FS_File: {
if (std::error_code EC =		EC = sys::fs::openFileForReadWrite(Twine(ResultPath.begin()), ResultFD,
sys::fs::openFileForReadWrite(Twine(ResultPath.begin()), ResultFD,		sys::fs::CD_CreateNew, Flags, Mode);
sys::fs::CD_CreateNew, Flags, Mode)) {		if (EC) {
if (EC == errc::file_exists)		// errc::permission_denied happens on Windows when we try to open a file
goto retry_random_path;		// that has been marked for deletion.
		if (EC == errc::file_exists \|\| EC == errc::permission_denied)
		continue;
return EC;		return EC;
}		}

return std::error_code();		return std::error_code();
}		}

case FS_Name: {		case FS_Name: {
std::error_code EC =		EC = sys::fs::access(ResultPath.begin(), sys::fs::AccessMode::Exist);
sys::fs::access(ResultPath.begin(), sys::fs::AccessMode::Exist);
if (EC == errc::no_such_file_or_directory)		if (EC == errc::no_such_file_or_directory)
return std::error_code();		return std::error_code();
if (EC)		if (EC)
return EC;		return EC;
goto retry_random_path;		continue;
}		}

case FS_Dir: {		case FS_Dir: {
if (std::error_code EC =		EC = sys::fs::create_directory(ResultPath.begin(), false);
sys::fs::create_directory(ResultPath.begin(), false)) {		if (EC) {
if (EC == errc::file_exists)		if (EC == errc::file_exists)
goto retry_random_path;		continue;
return EC;		return EC;
}		}
return std::error_code();		return std::error_code();
}		}
}		}
llvm_unreachable("Invalid Type");		llvm_unreachable("Invalid Type");
}		}
		return EC;
		}

namespace llvm {		namespace llvm {
namespace sys {		namespace sys {
namespace path {		namespace path {

const_iterator begin(StringRef path, Style style) {		const_iterator begin(StringRef path, Style style) {
const_iterator i;		const_iterator i;
i.Path = path;		i.Path = path;
▲ Show 20 Lines • Show All 991 Lines • Show Last 20 Lines

llvm/unittests/Support/Path.cpp

Show First 20 Lines • Show All 675 Lines • ▼ Show 20 Lines	const char *Path216 =
"abcdefghijklmnopqrstuvwxyz5abcdefghijklmnopqrstuvwxyz4"		"abcdefghijklmnopqrstuvwxyz5abcdefghijklmnopqrstuvwxyz4"
"abcdefghijklmnopqrstuvwxyz3abcdefghijklmnopqrstuvwxyz2"		"abcdefghijklmnopqrstuvwxyz3abcdefghijklmnopqrstuvwxyz2"
"abcdefghijklmnopqrstuvwxyz1abcdefghijklmnopqrstuvwxyz0";		"abcdefghijklmnopqrstuvwxyz1abcdefghijklmnopqrstuvwxyz0";
ASSERT_NO_ERROR(fs::createTemporaryFile(Path216, "", TempPath));		ASSERT_NO_ERROR(fs::createTemporaryFile(Path216, "", TempPath));
ASSERT_NO_ERROR(fs::remove(Twine(TempPath)));		ASSERT_NO_ERROR(fs::remove(Twine(TempPath)));
#endif		#endif
}		}

		TEST_F(FileSystemTest, TempFileCollisions) {
		SmallString<128> TestDirectory;
		ASSERT_NO_ERROR(
		fs::createUniqueDirectory("CreateUniqueFileTest", TestDirectory));
		FileRemover Cleanup(TestDirectory);
		SmallString<128> Model = TestDirectory;
		path::append(Model, "%.tmp");
		SmallString<128> Path;
		std::vector<fs::TempFile> TempFiles;

		auto TryCreateTempFile = [&]() {
		Expected<fs::TempFile> T = fs::TempFile::create(Model);
		if (T) {
		TempFiles.push_back(std::move(*T));
		return true;
		} else {
		logAllUnhandledErrors(T.takeError(), errs(),
		"Failed to create temporary file: ");
		return false;
		}
		};

		// We should be able to create exactly 16 temporary files.
		for (int i = 0; i < 16; ++i)
		EXPECT_TRUE(TryCreateTempFile());
		EXPECT_FALSE(TryCreateTempFile());

		for (fs::TempFile &T : TempFiles)
		cantFail(T.discard());
		}

TEST_F(FileSystemTest, CreateDir) {		TEST_F(FileSystemTest, CreateDir) {
ASSERT_NO_ERROR(fs::create_directory(Twine(TestDirectory) + "foo"));		ASSERT_NO_ERROR(fs::create_directory(Twine(TestDirectory) + "foo"));
ASSERT_NO_ERROR(fs::create_directory(Twine(TestDirectory) + "foo"));		ASSERT_NO_ERROR(fs::create_directory(Twine(TestDirectory) + "foo"));
ASSERT_EQ(fs::create_directory(Twine(TestDirectory) + "foo", false),		ASSERT_EQ(fs::create_directory(Twine(TestDirectory) + "foo", false),
errc::file_exists);		errc::file_exists);
ASSERT_NO_ERROR(fs::remove(Twine(TestDirectory) + "foo"));		ASSERT_NO_ERROR(fs::remove(Twine(TestDirectory) + "foo"));

#ifdef LLVM_ON_UNIX		#ifdef LLVM_ON_UNIX
▲ Show 20 Lines • Show All 1,001 Lines • Show Last 20 Lines