DEV Community: Sandesh Ojha

I built a Redis clone in C: From blocking I/O to epoll to crash safe persistence

Sandesh Ojha — Sat, 23 May 2026 03:21:47 +0000

I had been hearing about sockets, TCP connections, and networking for years without truly understanding what any of it meant at the code level. Building C-dis changed that. I learned the full socket lifecycle, what happens on both sides of a connection, how the kernel manages buffers, and how to handle non-blocking I/O states inside a manual event loop.What surprised me most was that a single-threaded architecture using epoll could handle tens of thousands of requests per second: no threads, no locking, no complexity. Architectural efficiency beats brute-force processing more often than people realize.The problem: One client at a timeMy first version was a simple blocking server. It worked, but the limitation became obvious immediately.

while (1) {    
    int client_fd = accept(server_fd, (struct sockaddr *)&client_addr, &client_len);    

    // Server is completely frozen here until this client finishes
    handle_client(client_fd, ht);    
    close(client_fd);
}

c
While handle_client is running, the server cannot accept new connections, cannot read from other clients, and cannot do anything else. One client holds the entire server hostage. A second client connecting during this time sits in the kernel's backlog queue, waiting silently with no feedback. In production, this means a slow client degrades the experience for every other user on the server.The fix isn't to add threads. The fix is to stop blocking.The data engine: Building a hash table from scratchBefore writing the network layer, I needed somewhere to store data. The obvious choice was a simple array with linear search, but that is O(n) lookup. For a database, that is unacceptable.I looked at how Redis 2.0 approached this. Hash tables. O(1) average lookup, regardless of how many keys are stored. I implemented one from scratch using the djb2 hash function:

static unsigned int hash(const char *key) {    
    unsigned long int hashval = 5381;    
    int c;    

    while ((c = *key++))        
        hashval = ((hashval << 5) + hashval) + c;    

    return hashval & (HASH_SIZE - 1);
}

The (hashval << 5) + hashval is equivalent to hashval * 33, a multiplier chosen because it distributes keys evenly across buckets with minimal clustering. The & (HASH_SIZE - 1) replaces modulo with a bitwise AND, which is faster when the table size is a power of two.When two keys hash to the same bucket (a collision) they chain together in a linked list.

Lookup walks the chain comparing keys until it finds a match or hits NULL. With a good hash function and a reasonable load factor, chains stay short and lookup stays effectively O(1).select vs epoll: The architecture that makes this fast to handle multiple clients without threads, I needed I/O multiplexing: a way to ask the kernel "which of these sockets has data ready?" and act only on those.I implemented select first, then replaced it with epoll. The difference taught me more about systems design than any other part of this project.The problem with select:Every time you call select, you rebuild the entire watch list from scratch and hand it to the kernel. The kernel scans every file descriptor in the set (whether active or idle) and returns a modified bitmask showing which ones are ready. With 1,000 connected clients and only 1 active, the kernel scans all 1,000 every time. That is O(n) per event loop iteration.

while (1) {    
    fd_set readfds;    
    FD_ZERO(&readfds);    
    FD_SET(server_fd, &readfds);    

    for (int i = 0; i < MAX_CLIENTS; i++)        
        if (clients[i] != -1)            
            FD_SET(clients[i], &readfds);  // rebuild every iteration    

    select(max_fd + 1, &readfds, NULL, NULL, NULL);    
    // now scan all fds again to find which ones triggered
}

How epoll fixes it:epoll moves the interest list into the kernel permanently. You register a file descriptor once with epoll_ctl. The kernel maintains it. When you call epoll_wait, it returns only the file descriptors that are actually ready, not all of them.
C

// register once
epoll_ctl(epfd, EPOLL_CTL_ADD, client_fd, &ev);

// wait: returns only ready fds
int n = epoll_wait(epfd, events, 64, -1);
for (int i = 0; i < n; i++) {    
    // every event here is guaranteed ready    
    handle(events[i].data.fd);
}

This is a synchronous benchmark. Each command waits for a response before sending the next. It measures worst case single client throughput. Pipelining multiple commands per connection would push this significantly higher.Zero memory leaks across 40,000 operations verified with valgrind --leak-check=full. Every malloc in the hash table has a matching free in ht_destroy.What is nextThe next project is a container runtime: implementing Linux namespaces, cgroups, and pivot_root in C to build a minimal docker run from scratch. Understanding how containers actually work at the kernel level, not just how to use them.The code for C-dis is on GitHub. If you are building something similar or have questions about the epoll implementation, I am happy to talk through it in the comments below!

SHELL PROJECT - LEXER

Sandesh Ojha — Thu, 23 Apr 2026 16:28:55 +0000

I've spent the past few weeks going deep on Unix and Linux systems programming — reading TLPI, working through CS:APP, writing C daily. Today I started the project that ties it all together: building a shell from scratch in C.
The shell has a modular structure. Each component has one job. The first component I wrote today is the lexer.
**
What a lexer does**
The user types a string. Your program needs structured data. The lexer bridges that gap.
It takes a raw input string like:
'''bash
ls -la | grep txt > out.txt
'''
And converts it into an array of typed tokens:

[WORD:"ls"] [WORD:"-la"] [PIPE] [WORD:"grep"] [WORD:"txt"] [REDIR_OUT] [WORD:"out.txt"] [EOF]

Each token has a type and a value string for word tokens. The parser takes this token array and figures out what it means.

The implementation
The lexer is a state machine. It reads characters one at a time and decides what to do:

whitespace — finish any word in progress, skip
| — emit a PIPE token
> — peek at the next character: >> emits REDIR_APPEND, > alone emits REDIR_OUT
< — emit REDIR_IN
anything else — accumulate into the current word

#include "shell.h"

int lexer(const char *input, Token *tokens, int max_tokens) {
    int  i = 0;
    int  t = 0;
    int  w = 0;
    char word[MAX_INPUT];

    while (input[i] != '\0' && t < max_tokens - 1) {

        if (input[i] == ' ' || input[i] == '\t') {
            if (w > 0) {
                word[w] = '\0';
                tokens[t].type = TOKEN_WORD;
                strncpy(tokens[t].value, word, MAX_INPUT - 1);
                t++;
                w = 0;
            }
            i++;
            continue;
        }

        if (input[i] == '|') {
            if (w > 0) {
                word[w] = '\0';
                tokens[t].type = TOKEN_WORD;
                strncpy(tokens[t].value, word, MAX_INPUT - 1);
                t++;
                w = 0;
            }
            tokens[t].type     = TOKEN_PIPE;
            tokens[t].value[0] = '\0';
            t++;
            i++;
            continue;
        }

        if (input[i] == '>') {
            if (w > 0) {
                word[w] = '\0';
                tokens[t].type = TOKEN_WORD;
                strncpy(tokens[t].value, word, MAX_INPUT - 1);
                t++;
                w = 0;
            }
            if (input[i + 1] == '>') {
                tokens[t].type = TOKEN_REDIR_APPEND;
                i += 2;
            } else {
                tokens[t].type = TOKEN_REDIR_OUT;
                i++;
            }
            tokens[t].value[0] = '\0';
            t++;
            continue;
        }

        if (input[i] == '<') {
            if (w > 0) {
                word[w] = '\0';
                tokens[t].type = TOKEN_WORD;
                strncpy(tokens[t].value, word, MAX_INPUT - 1);
                t++;
                w = 0;
            }
            tokens[t].type     = TOKEN_REDIR_IN;
            tokens[t].value[0] = '\0';
            t++;
            i++;
            continue;
        }

        word[w++] = input[i++];
    }

    if (w > 0) {
        word[w] = '\0';
        tokens[t].type = TOKEN_WORD;
        strncpy(tokens[t].value, word, MAX_INPUT - 1);
        t++;
    }

    tokens[t].type     = TOKEN_EOF;
    tokens[t].value[0] = '\0';
    t++;

    return t;
}

Why separate lexer from the parser?
While designing, i learned about splitting responsibilities.

The lexer only cares about about the character or sequence. It knows nothing about a valid structure. That is the parser's problem.

The parser inquires about what the token or sequence mean and not about the raw characters.

If you combine them into one function you get something complex and hard to test. Separate them and each is small enough to hold in your head at once. I can test the lexer by printing its output before the parser ever runs.

I wrote 1 byte to a 10GB file and used almost no disk space

Sandesh Ojha — Sun, 19 Apr 2026 14:03:05 +0000

I used to think of a file as a solid block of data. 10GB file, 10GB on disk. That's just something you'd normally assume, right?
I was wrong.
I'm a CS student currently going deep on systems programming — reading TLPI, writing C daily, learning how the OS actually works under the hood. This week I was working through file I/O and had one of those moments where something you thought you understood turns out to be completely different one level down.
You can seek past the end of a file and write there. The filesystem won't fill the gap with real data. It just remembers that the gap exists.

#include <fcntl.h>
#include <unistd.h>
#include <stdio.h>
#include <stdlib.h>

int main() {
    int fd = open("huge_file", O_WRONLY | O_CREAT | O_TRUNC, 0644);
    if (fd == -1) { perror("open"); exit(1); }

    // seek to the 10GB mark without writing anything
    if (lseek(fd, 10LL * 1024 * 1024 * 1024, SEEK_SET) == -1) {
        perror("lseek"); exit(1);
    }

    // write exactly one byte
    if (write(fd, "X", 1) == -1) {
        perror("write"); exit(1);
    }

    close(fd);
    return 0;
}

Run this and check the file two different ways:

ls -lh huge_file    # 10G
du -h huge_file     # 4.0K

The file reports 10GB in size. It uses 4KB of actual disk. Both numbers are telling the truth.
ls -lh shows the logical size — where the last byte lives relative to the start of the file. The filesystem knows the file is 10GB in the sense that if you read from byte 0, you'll eventually reach byte 10GB.
du -h shows allocated blocks — the physical disk space actually consumed. There's one 4KB block holding your single X. Everything before it is a hole: a range of offsets the filesystem tracks in metadata without backing it with real storage. Reading from a hole returns zero bytes. No disk access needed — there's nothing to read.

This isn't just a curiosity. It's the mechanism behind tools you use every day.
When you create a virtual machine in VirtualBox or QEMU and tell it "this VM gets a 100GB disk," you're not consuming 100GB immediately. The disk image is a sparse file. It grows as the VM writes data. The "100GB" is just a ceiling.
Docker layers work on the same idea — copy-on-write means a layer only allocates blocks when data actually changes. Database engines use sparse files for pre-allocated tables that fill in over time without ever needing to write zeros to reserve space.

The thing that stuck with me isn't the trick itself. It's what it reveals about how the filesystem actually thinks.
A file isn't a sequence of bytes on disk. It's a mapping from logical offsets to physical blocks — and some offsets don't map to anything. The OS constructs the illusion of a contiguous sequence on demand.
Once you see that, other things start clicking too. Why copying a sparse file with plain cp can suddenly consume far more disk than the original — it materializes the holes. Why rsync has a --sparse flag. Why checking disk usage with ls alone will mislead you.
Systems programming keeps doing this to me. I think I understand something, and then one level lower the actual mechanism is completely different from the abstraction I was using. The abstraction is useful. But knowing what's underneath makes you a better engineer, not just someone who knows how to use the tools.