[net.unix-wizards] Dereferencing NULL pointers

kinch (01/18/83)

Tichy's revision control system, RCS, uses dereferencing of NULL pointers,
at least in the version distributed last August--and it's supposed to be
int 4.2bsd!

tjt@kobold.UUCP (T.J.Teixeira) (11/25/83)

The Masscomp 68K port "allows" dereferencing null pointers. i.e. the
address space is the same as UNIX on PDP-11's and VAX's, with the
obvious changes for differences in memory management (our page size is
4K bytes).  The separate mapping for user and kernel space does not
slow up system calls per se, but does make moving data between user and
system space more expensive (Without the 68010 instructions for
accessing different address spaces, portions of the user address space
must be mapped into kernel space first.  This sounds expensive, but is
actually quite simple: just copy one entry from the user page table to
the system page table).

We had considered mapping page 0 out of the address space but decided
not to do that as long as most UNIX systems implicitly rely on the
virtual address space beginning at 0.
-- 
	Tom Teixeira,  Massachusetts Computer Corporation.  Westford MA
	...!{ihnp4,harpo,decvax,ucbcad,tektronix}!masscomp!tjt   (617) 692-6200

gnu@sun.UUCP (John Gilmore) (11/26/83)

With a memory map which separates supervisor and user address spaces
(or a 68010, using the Vector Base Register), it is possible to make a
68000 version of Unix which allows full user access to page 0.

There is another possibility, which was reportedly used in early
releases of Xenix for the 68000 -- make page zero readable by the user
even though they can't write it.  If you put a zero in RAM location 0
(OK since the only time the 68000 uses it is after a RESET, when it's
probably fetching from PROM instead of RAM), it makes most buggy Vax
programs work, since they mostly assume that a zero pointer points to a
zero (eg, a null character).  Microsoft reportedly did this because
they didn't have time in the early releases to fix all the *0 bugs in
all the user programs; they have presumably fixed the user programs
since then.

Sun Unix 1.0 puts the kernel in a separate address space, but, to catch
bugs, does not make page zero of the user address space accessible.

thomas@utah-gr.UUCP (Spencer W. Thomas) (12/05/83)

One of my pet peeves is people who use NULL to mean the character '\0',
as well as the zero pointer.

=Spencer

boyd@munnari.SUN (Boyd Roberts) (12/06/83)

What we have here is a failure to differentiate between objects and values.

henry@utzoo.UUCP (Henry Spencer) (12/08/83)

There is an unfortunate naming clash in C's use of NULL for the zero
pointer, since the ASCII standard specifies that NUL (note one L) is
the name for '\0'.  It would have been better to use a different name
for the zero pointer, perhaps NIL as in Pascal.
-- 
				Henry Spencer @ U of Toronto Zoology
				{allegra,ihnp4,linus,decvax}!utzoo!henry

rpw3@fortune.UUCP (12/17/83)

#R:rlgvax:-142700:fortune:11600028:000:489
fortune!rpw3    Dec 17 00:25:00 1983

The Fortune 32:16 has has a segment-based MMU, and in user mode the
first location of the text-seg is 0, so deref'd NULL is whatever the
beginning of the text is (usually crt.0). But if the program is "split
I/D", i.e. shared text, the first location of the DATA seg is 0x200000,
which is amusing to some old programs.

Rob Warnock

UUCP:	{sri-unix,amd70,hpda,harpo,ihnp4,allegra}!fortune!rpw3
DDD:	(415)595-8444
USPS:	Fortune Systems Corp, 101 Twin Dolphins Drive, Redwood City, CA 94065