From owner-svn-src-all@freebsd.org  Wed Oct  2 10:16:23 2019
Return-Path: <owner-svn-src-all@freebsd.org>
Delivered-To: svn-src-all@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 7988012A4DF;
 Wed,  2 Oct 2019 10:16:23 +0000 (UTC)
 (envelope-from brde@optusnet.com.au)
Received: from mail104.syd.optusnet.com.au (mail104.syd.optusnet.com.au
 [211.29.132.246])
 by mx1.freebsd.org (Postfix) with ESMTP id 46jsVY48mCz4BP8;
 Wed,  2 Oct 2019 10:16:20 +0000 (UTC)
 (envelope-from brde@optusnet.com.au)
Received: from [192.168.0.102] (c110-21-101-228.carlnfd1.nsw.optusnet.com.au
 [110.21.101.228])
 by mail104.syd.optusnet.com.au (Postfix) with ESMTPS id B8B5B43E843;
 Wed,  2 Oct 2019 20:16:16 +1000 (AEST)
Date: Wed, 2 Oct 2019 20:16:07 +1000 (EST)
From: Bruce Evans <brde@optusnet.com.au>
X-X-Sender: bde@besplex.bde.org
To: Ed Maste <emaste@freebsd.org>
cc: Brooks Davis <brooks@freebsd.org>, 
 src-committers <src-committers@freebsd.org>, 
 svn-src-all <svn-src-all@freebsd.org>, 
 svn-src-head <svn-src-head@freebsd.org>
Subject: Re: svn commit: r352795 - head/lib/libc/sys
In-Reply-To: <CAPyFy2Axzse5fw0A+Vzc-Eho6ZePNP4NRVAhZ2CKD=dFWmW7dg@mail.gmail.com>
Message-ID: <20191002194708.L1083@besplex.bde.org>
References: <201909271611.x8RGBl0H036116@repo.freebsd.org>
 <CAGudoHF454hyHeS_HayGRJYRpSfo9B9wwU4hVBxjcmAk0HEeJg@mail.gmail.com>
 <20190927184623.GM44691@kib.kiev.ua>
 <CAGudoHFhMRFm_qvXHZ4MsHGtv74w0_CLdOG3QojeC=ZxDTYZvQ@mail.gmail.com>
 <CANCZdfonqN9oRnqbjktW1Kc-oKMbcus-cL3x2Nh=dZDDWYdMDw@mail.gmail.com>
 <20190928072548.GN44691@kib.kiev.ua>
 <20191001162305.GM93439@spindle.one-eyed-alien.net>
 <CAPyFy2Axzse5fw0A+Vzc-Eho6ZePNP4NRVAhZ2CKD=dFWmW7dg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
X-Optus-CM-Score: 0
X-Optus-CM-Analysis: v=2.2 cv=P6RKvmIu c=1 sm=1 tr=0
 a=PalzARQSbocsUSjMRkwAPg==:117 a=PalzARQSbocsUSjMRkwAPg==:17
 a=jpOVt7BSZ2e4Z31A5e1TngXxSK0=:19 a=kj9zAlcOel0A:10 a=6I5d2MoRAAAA:8
 a=8TGUAoZBcfcHxPI8voQA:9 a=CjuIK1q_8ugA:10 a=IjZwj45LgO3ly-622nXo:22
X-Rspamd-Queue-Id: 46jsVY48mCz4BP8
X-Spamd-Bar: --
Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none;
 spf=pass (mx1.freebsd.org: domain of brde@optusnet.com.au designates
 211.29.132.246 as permitted sender) smtp.mailfrom=brde@optusnet.com.au
X-Spamd-Result: default: False [-2.30 / 15.00]; ARC_NA(0.00)[];
 NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; RCVD_COUNT_TWO(0.00)[2];
 FROM_EQ_ENVFROM(0.00)[]; FROM_HAS_DN(0.00)[];
 R_SPF_ALLOW(-0.20)[+ip4:211.29.132.0/23];
 FREEMAIL_FROM(0.00)[optusnet.com.au];
 MIME_GOOD(-0.10)[text/plain]; TO_MATCH_ENVRCPT_ALL(0.00)[];
 DMARC_NA(0.00)[optusnet.com.au]; IP_SCORE_FREEMAIL(0.00)[];
 RCPT_COUNT_FIVE(0.00)[5]; NEURAL_HAM_LONG(-1.00)[-1.000,0];
 IP_SCORE(0.00)[ip: (-7.08), ipnet: 211.28.0.0/14(-3.26), asn: 4804(-2.40),
 country: AU(0.01)]; TO_DN_ALL(0.00)[];
 RCVD_NO_TLS_LAST(0.10)[];
 RCVD_IN_DNSWL_LOW(-0.10)[246.132.29.211.list.dnswl.org : 127.0.5.1];
 R_DKIM_NA(0.00)[]; FREEMAIL_ENVFROM(0.00)[optusnet.com.au];
 ASN(0.00)[asn:4804, ipnet:211.28.0.0/14, country:AU];
 MIME_TRACE(0.00)[0:+];
 RWL_MAILSPIKE_POSSIBLE(0.00)[246.132.29.211.rep.mailspike.net : 127.0.0.17]
X-BeenThere: svn-src-all@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "SVN commit messages for the entire src tree \(except for &quot;
 user&quot; and &quot; projects&quot; \)" <svn-src-all.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-all/>
List-Post: <mailto:svn-src-all@freebsd.org>
List-Help: <mailto:svn-src-all-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Oct 2019 10:16:23 -0000

On Tue, 1 Oct 2019, Ed Maste wrote:

> On Tue, 1 Oct 2019 at 12:23, Brooks Davis <brooks@freebsd.org> wrote:
>>
>> This isn't true with CHERI and as a result I've moved the variadic
>> argument handling (except for syscall() and __syscall()) into libc.
>
> My grep found: open, openat, fcntl, semsys, msgsys, shmsys
> Is that the full list?

I already wrote that this is quite broken for open and fcntl in POSIX.
hecking some details shows that it is more fundamentally broken than I
thought:
- for open(), the type of the mode argument passed by the caller is
   unspecified.  Whatever it is, it is "taken" as type mode_t, whatevr
   "taking" is.  Since historical mode_t has only 16 bits, it can be
   represented by int even on systems with 16-bit ints, so the caller
   can start with either mode_t or int provided mode_t is no larger than
   historical mode_t and ints are either larger than 16 bits or 16 bits
   and not too exotic (the sign bit might cause problems if not 2's
   complement)
- for fcntl() with F_SETOWN, the type of the pid argument passed by the
   caller is unspecified.  Whatever it is, it is "taken" as type int.
   Thus if pid_t is larger than int, passing all possible values of
   pid_t is impossible.  If also PID_MAX <= INT_MAX and all values of
   pid_t are actually <= PID_MAX, then all possible (positive) values
   can be passed, but the iplementation may have to do extra work to
   properly break a passed __default_promotion_of(pid_t) type by "taking"
   it as an int.

   This was discussed on the POSIX list recently.  IMO it is too late and
   not useful to change the old specification to "take" the arg as anything
   except int.  So pid_t might as well be specified as being a signed integer
   type whose default promotion is int.  It is currently specified as being
   a signed integer type (with any size or exoticness).

Bruce