On Sat, Dec 02, 2017 at 11:05:17AM -0700, Theo de Raadt wrote: > > TL;DR: POSIX.1-2008 says gettimeofday(2) can't return anything but 0, > > but we return -1 on invalid input. > > It must return -1 to indicate the tp pointer is to invalid memory. > All system calls indicate invalid pointer arguments in that way, and > this one is not special. > > [EFAULT] An argument address referenced invalid memory. > > > We claim that our gettimeofday(2) conforms to POSIX.1-2008. Is > > something off here? > > POSIX appears to be wrong. > > Yes there are people doing VDSO things, which may not be able to > indicate a fault, and the process will crash instead when it fondles > it's own missing memory. But I don't see any way that gives the > commitee latitude to remove historic behaviour. > > > Also, gettimeofday(2) is an XSI extension, so I think at a > > minimum the STANDARDS section needs to be tweaked (attached). > > As a general rule we don't speak of XSI unless it exposes programmers > to problems.
Ah, okay. > Mentioning XSI in the way you propose doesn't actually > help anyone write better code since noone knows what XSI is. So in > this case, I don't think XSI should be mentioned, the words perform > no educational function. Alrighty. > > Long version: > > > > POSIX.1-2008 [1] says: > > > > > The gettimeofday() function shall return 0 and no value shall > > > be reserved to indicate an error. > > Wouldn't be the first error in POSIX. The documents have gotten > sloppier. I think this is due to their commitee not acquiring any > sensible young blood. fwiw, the "return zero and only zero" behavior traces back at least as far as here (SUSv2, I think): http://pubs.opengroup.org/onlinepubs/7908799/xsh/gettimeofday.html so if it's an error it isn't a "new" error. > > Does this make our implementation non-conforming and does something > > in the manpage need to change? > > I don't think anything should change. Okay. Appreciate the quick reply! -- Scott Cheloha
