Does EFAULT still make sense as an error return?

Thu Nov 14 19:42:45 AEST 1985

Date: Sun, 10 Nov 85 16:19:03 PST
From: mordor!lll-crg!sun!guy (Guy Harris)

> [ System V Release 2 claims to return EFAULT in most of these
> cases, including time() and wait().  (I don't know if it really
> does.)  Clearly this is what one would want to have happen.
> If a signal occurred instead, and the user signal catcher
> returned normally, how would one then complete the system
> call?  Surely not by returning EINTR :-)  -Gwyn ]

Normally, one wouldn't *want* to complete the system call in this case; how
do you complete a call to "time" where the pointer points into some
nonexistent or non-writable location?  The only case where this would be
useful is in something like (aargh) the Bourne shell, where the signal
catcher would grow the data space to make that pointer valid.  This would
only work with 4.xBSD-style restartable system calls; the system call should
*not* be completed, but re-executed.

> [ Isn't u.u_error available for the copyout() code?  Setting it
> to EFAULT instead of posting a signal seems a trivial change.  -Gwyn ]

"copyout" isn't being used here; the copying of the data from the registers
it's usually returned in (for calls like "wait", "time", and "pipe") into
the location pointed to by the argument to the system call is done by
user-mode code, and it'd have to catch SIGSEGV in order to make the system
call return EFAULT in that particular case (oh yes, and in the cases of
"wait" and "pipe", you couldn't re-execute the call).

> I would add the following sentence to the definition of EFAULT in
> section 2.3 [ of Draft 4; Section 2.4 of Draft 5 -jsq ]:

> 	This condition may generate a signal; the error is returned
> 	if the signal is not generated, or is ignored.

> [ I'm not sure this is the proper action.  This may cause currently
> working programs to break.  -Kretsch ]

1) The P1003 standard *already* breaks currently working programs; no UNIX
which is currently available returns -1 and sets "errno" to EAGAIN on
no-delay reads or writes - either it returns 0 (S3, S5) or returns -1 and
sets "errno" to EWOULDBLOCK.

2) It's not clear that *reasonable* existing programs would be broken - what
can you do with an EFAULT except print an error message and exit?  Getting a
SIGSEGV would do both of the above, at least with a reasonable parent
process (like a shell), and would have the added advantage of giving you a
core dump so you can debug the problem more easily (if a system call gets
EFAULT, there is buggy code somewhere).

> I would actually prefer if new kernel implementations could dispense
> with EFAULT entirely, and send a SIGSEGV instead (returning EFAULT
> only if the signal is ignored).

YES.  V6 (!) did this; EFAULT was added subsequent to the release of V6, and
appeared in PWB/UNIX 1.0, V7, and its successors (4.xBSD, S3, S5, ...).  I
am at a loss to figure out why this was done.

Volume-Number: Volume 3, Number 15