Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add a signed version of ptraddr_t #11

Open
jrtc27 opened this issue Feb 8, 2021 · 2 comments
Open

Add a signed version of ptraddr_t #11

jrtc27 opened this issue Feb 8, 2021 · 2 comments

Comments

@jrtc27
Copy link
Member

jrtc27 commented Feb 8, 2021

This is sometimes needed as a useful way to express "signed machine word" (which ssize_t and ptrdiff_t are not required to be, even if in practice they are, nor does long suffice due to Windows's LLP64 which presumably would be LL64PC128 for CHERI) or as a way to deal with sentinel values like -1 similar to ssize_t, and also to be able to perform signed comparisons against addresses to distinguish between kernel and user addresses. The general consensus seems to be that sptraddr_t is the best name for it. See #8 for earlier discussions.
@arichardson
Copy link
Member

arichardson commented Feb 8, 2021
edited
Loading

Doesn't sptraddr_t suffer from the same theoretical issues as ssize_t/ptrdiff_t if you want it to be a "signed machine word"? In practise it will almost always be the same as the "signed machine word", but for something such as MIPSn32/x32/etc. a machine word is 64 bit whereas ptraddr_t would be 32 bits.

I'm not opposed to adding this type since the signed kernel address comparison is a valid use case (while you could also do unsigned comparisons that may require changing more code). Maybe we also need a "signed machine word" type?

@jrtc27
Copy link
Member Author

jrtc27 commented Feb 8, 2021
edited
Loading

Doesn't sptraddr_t suffer from the same theoretical issues as ssize_t/ptrdiff_t if you want it to be a "signed machine word"? In practise it will almost always be the same as the "signed machine word", but for something such as MIPSn32/x32/etc. a machine word is 64 bit whereas ptraddr_t would be 32 bits.

I'm not opposed to adding this type since the signed kernel address comparison is a valid use case, but maybe we also need a "signed machine word" type?

Well, "signed ABI word" then. The problem with ssize_t/ptrdiff_t is not n32/x32/ilp32 but that they're permitted to be only as big as the largest allocation you support, either because you set an arbitrary limit or because you have a segmented architecture (e.g. 32-bit segment number and 32-bit segment offset would be a valid pointer representation and give a 64-bit ptraddr_t/uintptr_t (without CHERI) but permit a 32-bit size_t/ssize_t/ptrdiff_t). In practice that's not true and size_t is always an "unsigned ABI word", but ssize_t isn't as helpful as the only negative number it's required to support is -1.

@jacobbramley jacobbramley mentioned this issue Jun 10, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jrtc27 @arichardson