After inspecting a strange case in the mips64 kernel with address errors, I'm starting to think there's a problem in the do_ade() implementation. I think the 32-bit kernel may have a similar problem, but I haven't really inspected it. The issue is where the kernel's emulation of an address error causes another address error (NOT a page fault). Basically, I don't see how the exception table stuff in emulate_load_store_insn is going to work. Consider this scenario: - user process does a 'sw' (for example) to an illegal address above xuseg but below xsseg - do_ade calls emulate_load_store_insn, which tries swl/swr - the swl again hits an illegal address, this time in the kernel's context - do_ade does NOT check the exception table for the swl - emulate_load_store_insn goes to the 'swl' part of the switch - die_if_kernel DOES __die before the SIGBUS is delivered. So I don't see how the ex_table stuff is useful at all. Shouldn't do_ade() do the exception table grovelling before calling emulate_load_store_insn? Kip
