Why should that fail? You're accessing a kernel space address here and no
user space address.
Indeed it does fail with an Oops on s390 since we enable low address
protection in the kernel so we get an exception if something within the
kernel writes to the first 512 bytes of the kernel address space.
Otherwise it would have silently passed the test...
--

Hrm, people have suddenly started removing me from the cc's on mm-commits
replies.  Please don't, else I'll end up sending dud patches into mainline.

More than usual, that is.

Thanks.
--

Ah.. not a bug but a feature: your mails sent via mm-commit have you as
sender but also

Reply-to: linux-kernel@vger.kernel.org

in the mail header. That's why this happens.
--

Sorry.. I didn't remove you at all. That seems to be a bug in my mail client,
for some reason it removes you from the To:/Cc: list when I hit "g" for
reply-to-all on all mails that come via mm-commits.
Strange.
--

NULL pointer dereferencing faults on all architectures, at least it
should, but we explicitely disable pagefaults and recover via the
extable fixup, which is in S390 as well. That returns -EFAULT and
signals that there is a working implementation, while those which have
no support return -ENOSYS, which keeps the robust/pi stuff disabled.

Thanks,

	tglx
--

...one of our exception table entries has an off-by-one bug.
Never mind, I'll go and fix our own stuff instead ;)
--

Maybe we should do such tests on all exception table protected
assembler constructs :)

Thanks,

	tglx
--

To be more precise: dereferencing alone won't cause an exception for
NULL pointers on s390. Only writes will do so.
That is very architecture specific since we cannot unmap page 0,
it contains per-cpu data -- like exception pointers and all such stuff
that the cpu needs.
Just in case there is any code that relies on the fact that also reads
via a NULL pointer are supposed to failed.
--

Hmm, not sure whether there is such code, but then it would be not too bad
to add

   if (!p)
      return -EFAULT;

to the S390 implementations which only read data and have an exception
fixup.

Thanks,

	tglx
--

I have a different problem on some embedded powerpc's where the TLB miss
code isn't checking for the cached pgdir pointer being NULL (which
happens because we are early at boot and haven't activated an mm). So we
end up either taking recursive faults or going into lalaland walking
the page tables.

It happens on some unreleased code, I'll verify if it happens on
8xx/4xx/etc... in a minute, and will cook a patch if it does.

Cheers,
Ben.

--

Ok, so everything released seems to be fine. It will use swapper_pg_dir
which on 32 bits will do the right thing. Pfiew ! So only some stuff I'm
still working on breaks, I'll fix it.

Cheers,
Ben.


--

I try to test at least the -rc releases on 4xx as they come out, if not
a daily git update, and this never bit on 4xx for the reasons you
stated.  Glad we have similar results.

josh

--