Subject: Re: pipe(2) and invalid fildes
To: None <tech-kern@netbsd.org, tech-userlevel@netbsd.org>
From: der Mouse <mouse@Rodents.Montreal.QC.CA>
List: tech-userlevel
Date: 10/07/2001 16:12:19
>> If the manpage is the correct interface definition for pipe(2), then
>> our implementation is imply *broken*, because if you pass an invalid
>> pointer, you *don't* get EFAULT back - you get a VM signal in libc.
> Aren't you supposed to get EFAULT back instead of a core signal on
> system calls?

For most of them, yes.  That is the basis on which one could argue that
the present semantics for pipe, when passed an invalid address, are
wrong.

Whether this is part of the spec (to the extent that "the spec" exists)
I don't know.

Whether, compatability aside, getting EFAULT is *right*, that's another
story.  I would argue it's not, that EFAULT is an accident of the
original implementation, where doing that was easier than generating
the signal, and has been propagated down through the years since then.
But changing it now would mean a fairly extensive overhaul of the
syscall-interface code in the kernel, since a lot of calls can return
EFAULT, and they'd all need to be changed under this paradigm.

>> [...] I would say that _all_ EFAULT returns, with the possible
>> exception of any that are actually overloading EFAULT to indicate
>> some other error, [...]

> ...what else would you use EFAULT for?

I have no specific examples, or I would quote some.  But I've often
enough seen stuff like
                /*
                 * We only allow the filesystem to be reloaded if it
                 * is currently mounted read-only.
                 */
                if ((SCARG(uap, flags) & MNT_RELOAD) &&
                    ((mp->mnt_flag & MNT_RDONLY) == 0)) {
                        vput(vp);
                        return (EOPNOTSUPP);    /* Needs translation */
                }
and it wouldn't surprise me if someone used EFAULT in a way like that
somewhere.

> ...and if EFAULT is not used to indicate something that would, in
> userland, generate a SIGBUS or SIGSEGV, do we need to keep the errno?

If we convert them all over to actually generate the signal instead,
IMO no, we don't.

I'd be astonished if that were to happen in the foreseeable future.

/~\ The ASCII				der Mouse
\ / Ribbon Campaign
 X  Against HTML	       mouse@rodents.montreal.qc.ca
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B