General protection fault

From Wikipedia, the free encyclopedia

This article is about the error. For the webcomic, see General Protection Fault (comic).

A General Protection Fault (GPF) in the Intel x86 and AMD x86-64 architectures, and other unrelated architectures, is a fault (a type of interrupt) which can encompass several cases where protection mechanisms within the processor architecture are violated by any of the programs that are running, whether it be the kernel or user program. The mechanism is first described in section 9.8.13 in Intel 80386 Programmer's reference manual from 1986. The General Protection Fault is implemented as an interrupt (vector number 13) in both x86 and AMD64-architectures.

If the processor detects a protection violation it stops executing the code and sends a General Protection Fault interrupt. In most cases the operating system will simply remove the failing process from the execution queue, signal the user and continue executing another program. If however the operating system fails to catch the General Protection Fault, i.e. another protection violation occurs before the operating system returns from the previous General Protection Fault-interrupt, the processor will signal a double fault (interrupt vector 8, a typical BSOD scenario). If yet another failure occurs, the processor will shut down. It will then only respond to a reset or init (that is, pressing the reset-button, or rebooting the entire system) and NMI-interrupts (unless it has previously failed when handing NMI-interrupts, in which case it will ignore these too).

Contents 1 Behaviour in specific operating systems 2 Memory errors 3 Privilege errors 4 Technical causes for faults 5 Notes and references 6 See also 6.1 References

[edit] Behaviour in specific operating systems

In some versions of Microsoft Windows, the general protection fault is indeed reported as a "general protection fault". However, in other versions, the errors may be reported by other messages such as:

• Unrecoverable Application Error. (Windows 3.0)
• [Program Name] has caused a General Protection Fault in module [module name] at [debug code]. (Win 3.xx)
• This program has performed an illegal operation and will be shut down. (Windows 9x)
• [Program Name] has generated errors and will be closed by Windows. (Windows 2000)
• [Program Name] has caused an error in [Module Name]. [Program Name] will now close. (Windows Me)
• [Program Name/Description] has encountered a problem and needs to close. We are sorry for the inconvenience. (Windows XP)
• [Program Name/Description] has stopped working. (Windows Vista)

In systems such as Unix and Linux, the errors are reported separately (e.g. segmentation fault for memory errors).

[edit] Memory errors

In the case of a memory error, the program attempts to perform an action which would result in accessing a portion of memory which should not be accessed. This can include:

• Writing to a read-only portion of memory
• Attempting to execute bytes in memory which are not designated as instructions
• Attempting to read as data bytes in memory which are designated as instructions
• Other miscellaneous conflicts between the designation of a part of memory and its use

However, in the case of operating systems that utilize paging instead of segmentation for controlling accesses to memory, most invalid memory references are actually reported via a page fault exception as opposed to a general protection fault. Many modern operating systems implement their memory access-control schemes via paging instead of segmentation, so it is often the case that invalid memory references in operating systems such as Windows are reported via page faults instead of general protection faults. Operating systems typically provide an abstraction layer (such as exception handling or signals) that hides whatever internal processor mechanism was used to raise a memory access error from a program, for the purposes of providing a standard interface for handling many different types of processor-generated error conditions.

In terms of the x86 architecture, general protection faults are specific to segmentation-based protection when it comes to memory accesses. However, general protection faults are still used to report other protection violations (aside from memory access violations) when paging is used, such as the use of instructions not accessible from the current privilege level.

While it is theoretically possible for an operating system to utilize both paging and segmentation, for the most part, common operating systems typically rely on paging for the bulk of their memory access control needs.

[edit] Privilege errors

There are some things on a computer which are reserved for the exclusive use of the operating system. If a program which is not part of the operating system attempts to use one of these features, it may cause a general protection fault.

Additionally, there are storage locations which are reserved both for the operating system and the processor itself. As a consequence of their reservation, they are read-only and an attempt to write data to them by an unprivileged program is an error.

[edit] Technical causes for faults

General protection faults can occur for several reasons, including:

• Segment limits exceeded
  • with CS, DS, ES, FS, or GS
  • accessing descriptor tables (such as the GDT/IDT/LDT)

• Segment permissions violated
  • jumping to nonexecutable segments
  • writing to code or read only segments
  • reading execute-only segments

• Segments illegally loaded
  • stack segment (SS) loaded with a segment selector for a read only, executable, or null segment
  • code segment (CS) loaded with a segment selector for a data or null segment
  • SS, DS, ES, FS, GS, loaded with a segment selector for a system segment
  • SS, DS, ES, FS, GS, loaded with a segment selector for an execute-only code segment

• Accessing memory using DS, ES, FS, or GS, when they contain a null selector

• Switching (TSS)
  • switching to a busy task during a call or jump
  • switching to an available task during IRET
  • using a segment selector on switch pointing to a TSS descriptor in the LDT

• Miscellaneous
  • attempting to access an interrupt/exception handler from v86 mode when the handler's code segment DPL is greater than 0
  • attempting to write a 1 into the reserved bits of CR4
  • attempting to execute privileged instructions when the current privilege level (CPL) is not zero
  • writing to a reserved bit in an MSR
  • accessing a gate containing a null segment selector
  • executing a software interrupt when the CPL is greater than the DPL set for the interrupt gate
  • the segment selector in a call, interrupt or trap gate does not point to a code segment
  • exceeding the instruction length of 15 bytes
  • violating privilege rules
  • enabling paging whilst disabling protection
  • referencing IDT following an interrupt or exception that is not an interrupt, trap, or task gate

[edit] Notes and references

• Intel Architecture Software Developer's Manual–Volume 3: System Programming

[edit] See also

• Segmentation fault

[edit] References

v • d • e Operating system Kernel Microkernel, Monolithic kernel, Hybrid kernel, Kernel space, Loadable kernel module, Nanokernel, device driver, User space, Userland (computing) Process management Process (computing), Multiprogramming, Interrupt, Protected mode, Supervisor mode, Computer multitasking, Process management (computing), Scheduling (computing), Context switch, Cooperative multitasking, Preemptive multitasking, CPU modes Memory management Memory protection, Segmentation, Paging, Memory management unit, Segmentation fault, General protection fault Examples AmigaOS, Microsoft Windows, Linux, GNU, UNIX, Mac OS, MS-DOS Miscellaneous concepts Boot loader, API, VFS, Computer network, GUI, History of operating systems, HAL