What happens with a processor when it tries to access a nonexistent physical address?

8
votes

Imagine a 32-bit x86 computer with less than 3 gigabytes of memory with CPU set up with disabled paging and flat segment descriptors (0x0 as base, 0xffffffff as an effective limit for both data and code).

What happens when an instruction in ring0 tries to use a mov instruction to reference a physical address that is not backed by any memory address?

QEMU emulation just stalls with an error like "fatal: Trying to execute code outside RAM or ROM".

These exceptions are related to memory issues:

  1. It shouldn't be "Segment Not Present (#NP)": it only happens when segment registers are loaded, but I can actually load flat segments without problems.
  2. "Stack Fault (#SS)" should not be generated, because the code doesn't reference stack.
  3. "General Protection (#GP)" shouldn't happen because the code is running in ring-0 and segments are set up to allow access to every physical address.
  4. Paging is disabled, so it's not a "Page Fault (#PF)" either.
  5. And it's not an alignment problem, so it shouldn't trigger "Alignment Check (#AC)".

I ran out of options and I don't know what should happen.

2
assemblyx86ramosdevaddress-space
What is your programming problem? The correct answer from a programming standpoint is "Don't do that."Raymond Chen
Note that physical address space includes an MMIO region where devices have their MMIO registers. e.g. on a PC typically between 768MiB and 1GiB, IIRC. As well as ROM. So "nonexistant phys address" means not RAM, ROM, or MMIO.Peter Cordes

2 Answers

6
votes

If paging is disabled and the current segment's limit is 4GiB (in 32-bit mode) there are no "nonexisting" addresses:

All 2^32 possible addresses exist in this case and can be read and written.

What happens if a read or write operation to an address where no RAM, ROM, etc is located is done depends on the hardware outside the CPU and not on the CPU itself.

A write operation to such an address will typically be ignored and a read operation will typically result in a non-sense value (on most PCs the "all-ones" value like 0xFF, 0xFFFF, 0xFFFFFFFF).

Theoretically such an address access may cause an interrupt or even crash the computer depending on the address. However this is not done by the CPU itself but by other hardware components.

Execution of code on such an address is basically nothing but a read access from that address.

5
votes

My understanding is that non-paged memory accesses go directly to bus, leading to undefined behavior (depends on the chipset, bus type etc.) -- See Manual Probing

Note: You will never get an error from trying to read/write memory that does not exist -- this is important to understand: you will not get valid results, but you won't get an error, either.