failtest: don't assume FD_SETSIZE is maximum runtime fd.

This breaks when rlimit is less.  Unfortunately, valgrind (32 bit x86,
3.7.0.SVN, Ubuntu) fails to set the file limit properly on the test:
reducing it to the obvious getrlimit/setrlimit/getrlimit works fine,
so leaving diagnostics for another day.

ccan/failtest/_info

@@ -54,6 +54,9 @@
  *
  * License: LGPL
  * Author: Rusty Russell <rusty@rustcorp.com.au>
+ * Ccanlint:
+ *	// valgrind seems to mess up rlimit.
+ *	tests_pass_valgrind test/run-with-fdlimit.c:FAIL
  */
 int main(int argc, char *argv[])
 {

ccan/failtest/failtest.c

@@ -14,6 +14,7 @@
 #include <sys/stat.h>
 #include <sys/time.h>
 #include <sys/mman.h>
+#include <sys/resource.h>
 #include <signal.h>
 #include <assert.h>
 #include <ccan/time/time.h>
@@ -194,11 +195,21 @@ static struct failtest_call *add_history_(enum failtest_call_type type,
 static int move_fd_to_high(int fd)
 {
 	int i;
+	struct rlimit lim;
+	int max;
 
-	for (i = FD_SETSIZE - 1; i >= 0; i--) {
+	if (getrlimit(RLIMIT_NOFILE, &lim) == 0) {
+		max = lim.rlim_cur;
+		printf("Max is %i\n", max);
+	} else
+		max = FD_SETSIZE;
+
+	for (i = max - 1; i > fd; i--) {
 		if (fcntl(i, F_GETFL) == -1 && errno == EBADF) {
-			if (dup2(fd, i) == -1)
-				err(1, "Failed to dup fd %i to %i", fd, i);
+			if (dup2(fd, i) == -1) {
+				warn("Failed to dup fd %i to %i", fd, i);
+				continue;
+			}
 			close(fd);
 			return i;
 		}

ccan/failtest/test/run-with-fdlimit.c

@@ -0,0 +1,51 @@
+/* Include the C files directly. */
+#include <ccan/failtest/failtest.c>
+#include <stdlib.h>
+#include <err.h>
+#include <ccan/tap/tap.h>
+
+int main(void)
+{
+	int fd, pfd[2], ecode;
+	struct rlimit lim;
+
+	if (getrlimit(RLIMIT_NOFILE, &lim) != 0)
+		err(1, "getrlimit RLIMIT_NOFILE fail?");
+
+	printf("rlimit = %lu/%lu (inf=%lu)\n",
+	       (long)lim.rlim_cur, (long)lim.rlim_max,
+	       (long)RLIM_INFINITY);
+	lim.rlim_cur /= 2;
+	if (lim.rlim_cur < 8)
+		errx(1, "getrlimit limit %li too low", (long)lim.rlim_cur);
+	if (setrlimit(RLIMIT_NOFILE, &lim) != 0)
+		err(1, "setrlimit RLIMIT_NOFILE (%li/%li)",
+		    (long)lim.rlim_cur, (long)lim.rlim_max);
+
+	plan_tests(2);
+	failtest_init(0, NULL);
+
+	if (pipe(pfd))
+		abort();
+
+	fd = failtest_open("run-with-fdlimit-scratch", "run-with_fdlimit.c", 1,
+			   O_RDWR|O_CREAT, 0600);
+	if (fd == -1) {
+		/* We are the child: write error code for parent to check. */
+		ecode = errno;
+		if (write(pfd[1], &ecode, sizeof(ecode)) != sizeof(ecode))
+			abort();
+		failtest_exit(0);
+	}
+
+	/* Check child got correct errno. */
+	ok1(read(pfd[0], &ecode, sizeof(ecode)) == sizeof(ecode));
+	ok1(ecode == EACCES);
+
+	/* Clean up. */
+	failtest_close(fd, "run-open.c", 1);
+	close(pfd[0]);
+	close(pfd[1]);
+
+	return exit_status();
+}