General protection fault
Encyclopedia
A general protection fault (GPF) in the Intel x86 and AMD x86-64
architectures, and other unrelated architectures, is a fault
(a type of interrupt
) that can encompass several cases in which protection mechanisms within the processor architecture are violated by any of the programs that are running, either the kernel
or a user program. The mechanism is first described in section 9.8.13 in the Intel 80386 programmer's reference manual from 1986. A general protection fault is implemented as an interrupt
(vector
number 13 in decimal
) in both x86 and AMD64 architectures.
If the processor detects a protection violation, it stops executing the code and sends a GPF interrupt. In most cases the operating system will simply remove the failing process from the execution queue, signal the user, and continue executing another program. If however the operating system fails to catch the general protection fault, i.e. another protection violation occurs before the operating system
returns from the previous GPF interrupt, the processor will signal a double fault
(interrupt vector
8, a typical BSOD
scenario). If yet another failure occurs, the processor will shut down (see triple fault
). It will then only respond to a reset (that is, pressing the reset-button) or init (rebooting the entire system) and non-maskable interrupt
s (unless it has previously failed when handling NM
interrupts, in which case it will ignore these too).
, the general protection fault is indeed reported as a "general protection fault". However, in other versions, the errors may be reported by other messages such as:
In systems such as Unix
and Linux
, the errors are reported separately (e.g. segmentation fault
for memory errors).
which should not be accessed. This can include:
However, many modern operating systems implement their memory access-control schemes via paging
instead of segmentation, so it is often the case that invalid memory references in operating systems such as Windows
are reported via page faults instead of general protection faults. Operating systems typically provide an abstraction layer (such as exception handling
or signals
) that hides whatever internal processor mechanism was used to raise a memory access error from a program, for the purposes of providing a standard interface for handling many different types of processor-generated error conditions.
In terms of the x86 architecture, general protection faults are specific to segmentation-based protection when it comes to memory accesses. However, general protection faults are still used to report other protection violations (aside from memory access violations) when paging is used, such as the use of instructions not accessible from the current privilege level.
While it is theoretically possible for an operating system to utilize both paging and segmentation, for the most part, common operating systems typically rely on paging for the bulk of their memory access control needs.
. If a program which is not part of the operating system attempts to use one of these features, it may cause a general protection fault.
Additionally, there are storage locations which are reserved both for the operating system and the processor itself. As a consequence of their reservation, they are read-only and an attempt to write data
to them by an unprivileged program is an error.
General protection faults are caught and handled by modern operating systems. Generally, if the fault originated in a user-mode program, the user-mode program is terminated. If, however, the fault originated in a core system driver or the operating system itself, the operating system usually saves diagnostic information either to a file or to the screen, and then either causes a blue screen of death
or restarts the computer.
X86-64
x86-64 is an extension of the x86 instruction set. It supports vastly larger virtual and physical address spaces than are possible on x86, thereby allowing programmers to conveniently work with much larger data sets. x86-64 also provides 64-bit general purpose registers and numerous other...
architectures, and other unrelated architectures, is a fault
Fault (technology)
In document ISO/CD 10303-226, a fault is defined as an abnormal condition or defect at the component, equipment, or sub-system level which may lead to a failure....
(a type of interrupt
Interrupt
In computing, an interrupt is an asynchronous signal indicating the need for attention or a synchronous event in software indicating the need for a change in execution....
) that can encompass several cases in which protection mechanisms within the processor architecture are violated by any of the programs that are running, either the kernel
Kernel (computing)
In computing, the kernel is the main component of most computer operating systems; it is a bridge between applications and the actual data processing done at the hardware level. The kernel's responsibilities include managing the system's resources...
or a user program. The mechanism is first described in section 9.8.13 in the Intel 80386 programmer's reference manual from 1986. A general protection fault is implemented as an interrupt
Interrupt
In computing, an interrupt is an asynchronous signal indicating the need for attention or a synchronous event in software indicating the need for a change in execution....
(vector
Interrupt vector
An interrupt vector is the memory address of an interrupt handler, or an index into an array called an interrupt vector table that contains the memory addresses of interrupt handlers...
number 13 in decimal
Decimal
The decimal numeral system has ten as its base. It is the numerical base most widely used by modern civilizations....
) in both x86 and AMD64 architectures.
If the processor detects a protection violation, it stops executing the code and sends a GPF interrupt. In most cases the operating system will simply remove the failing process from the execution queue, signal the user, and continue executing another program. If however the operating system fails to catch the general protection fault, i.e. another protection violation occurs before the operating system
Operating system
An operating system is a set of programs that manage computer hardware resources and provide common services for application software. The operating system is the most important type of system software in a computer system...
returns from the previous GPF interrupt, the processor will signal a double fault
Double fault
On the x86 architecture, a double fault exception occurs if the processor encounters a problem while trying to service a pending interrupt or exception. An example situation when a double fault would occur is when an interrupt is triggered but the segment in which the interrupt handler resides is...
(interrupt vector
Interrupt vector
An interrupt vector is the memory address of an interrupt handler, or an index into an array called an interrupt vector table that contains the memory addresses of interrupt handlers...
8, a typical BSOD
BSoD
BSoD is an initialism. It may stand for:* Blue Screen of Death* Black Screen of Death...
scenario). If yet another failure occurs, the processor will shut down (see triple fault
Triple fault
A triple fault is a special kind of exception generated by the CPU when an exception occurs while the CPU is trying to invoke the double fault exception handler, which itself handles exceptions occurring while trying to invoke a regular exception handler....
). It will then only respond to a reset (that is, pressing the reset-button) or init (rebooting the entire system) and non-maskable interrupt
Non-Maskable interrupt
A non-maskable interrupt is a computer processor interrupt that cannot be ignored by standard interrupt masking techniques in the system. It is typically used to signal attention for non-recoverable hardware errors...
s (unless it has previously failed when handling NM
Non-Maskable interrupt
A non-maskable interrupt is a computer processor interrupt that cannot be ignored by standard interrupt masking techniques in the system. It is typically used to signal attention for non-recoverable hardware errors...
interrupts, in which case it will ignore these too).
Behaviour in specific operating systems
In some versions of Microsoft WindowsMicrosoft Windows
Microsoft Windows is a series of operating systems produced by Microsoft.Microsoft introduced an operating environment named Windows on November 20, 1985 as an add-on to MS-DOS in response to the growing interest in graphical user interfaces . Microsoft Windows came to dominate the world's personal...
, the general protection fault is indeed reported as a "general protection fault". However, in other versions, the errors may be reported by other messages such as:
- Unrecoverable Application Error. (Windows 3.0Windows 3.0Windows 3.0, a graphical environment, is the third major release of Microsoft Windows, and was released on 22 May 1990. It became the first widely successful version of Windows and a rival to Apple Macintosh and the Commodore Amiga on the GUI front...
) - [Program Name] has caused a General Protection Fault in module [module name] at [memory address]. (Windows 3.1 and 3.1xWindows 3.1xWindows 3.1x is a series of 16-bit operating systems produced by Microsoft for use on personal computers. The series began with Windows 3.1, which was first sold during March 1992 as a successor to Windows 3.0...
) - This program has performed an illegal operation and will be shut down. If the problem persists,contact the program vendor. (Windows 9xWindows 9xWindows 9x is a generic term referring to a series of Microsoft Windows computer operating systems produced since 1995, which were based on the original and later modified Windows 95 kernel...
& Windows NT 4.0Windows NT 4.0Windows NT 4.0 is a preemptive, graphical and business-oriented operating system designed to work with either uniprocessor or symmetric multi-processor computers. It was the next release of Microsoft's Windows NT line of operating systems and was released to manufacturing on 31 July 1996...
) - [Program Name] has generated errors and will be closed by Windows. (Windows 2000Windows 2000Windows 2000 is a line of operating systems produced by Microsoft for use on personal computers, business desktops, laptops, and servers. Windows 2000 was released to manufacturing on 15 December 1999 and launched to retail on 17 February 2000. It is the successor to Windows NT 4.0, and is the...
) - [Program Name] has caused an error in [Module Name]. [Program Name] will now close. (Windows MeWindows MeWindows Millennium Edition, or Windows Me , is a graphical operating system released on September 14, 2000 by Microsoft, and was the last operating system released in the Windows 9x series. Support for Windows Me ended on July 11, 2006....
) - [Program Name/Description] has encountered a problem and needs to close. We are sorry for the inconvenience. (Windows XPWindows XPWindows XP is an operating system produced by Microsoft for use on personal computers, including home and business desktops, laptops and media centers. First released to computer manufacturers on August 24, 2001, it is the second most popular version of Windows, based on installed user base...
) - [Program Name/Description] has stopped working. (Windows VistaWindows VistaWindows Vista is an operating system released in several variations developed by Microsoft for use on personal computers, including home and business desktops, laptops, tablet PCs, and media center PCs...
and Windows 7)
In systems such as Unix
Unix
Unix is a multitasking, multi-user computer operating system originally developed in 1969 by a group of AT&T employees at Bell Labs, including Ken Thompson, Dennis Ritchie, Brian Kernighan, Douglas McIlroy, and Joe Ossanna...
and Linux
Linux
Linux is a Unix-like computer operating system assembled under the model of free and open source software development and distribution. The defining component of any Linux system is the Linux kernel, an operating system kernel first released October 5, 1991 by Linus Torvalds...
, the errors are reported separately (e.g. segmentation fault
Segmentation fault
A segmentation fault , bus error or access violation is generally an attempt to access memory that the CPU cannot physically address. It occurs when the hardware notifies an operating system about a memory access violation. The OS kernel then sends a signal to the process which caused the exception...
for memory errors).
Memory errors
In the case of a memory error, the program attempts to perform an action which would result in accessing a portion of memoryComputer memory
In computing, memory refers to the physical devices used to store programs or data on a temporary or permanent basis for use in a computer or other digital electronic device. The term primary memory is used for the information in physical systems which are fast In computing, memory refers to the...
which should not be accessed. This can include:
- Writing to a read-onlyRead-only memoryRead-only memory is a class of storage medium used in computers and other electronic devices. Data stored in ROM cannot be modified, or can be modified only slowly or with difficulty, so it is mainly used to distribute firmware .In its strictest sense, ROM refers only...
portion of memory - Attempting to execute byteByteThe byte is a unit of digital information in computing and telecommunications that most commonly consists of eight bits. Historically, a byte was the number of bits used to encode a single character of text in a computer and for this reason it is the basic addressable element in many computer...
s in memory which are not designated as instructions - Attempting to read as data bytes in memory which are designated as instructions
- Other miscellaneous conflicts between the designation of a part of memory and its use
However, many modern operating systems implement their memory access-control schemes via paging
Paging
In computer operating systems, paging is one of the memory-management schemes by which a computer can store and retrieve data from secondary storage for use in main memory. In the paging memory-management scheme, the operating system retrieves data from secondary storage in same-size blocks called...
instead of segmentation, so it is often the case that invalid memory references in operating systems such as Windows
Microsoft Windows
Microsoft Windows is a series of operating systems produced by Microsoft.Microsoft introduced an operating environment named Windows on November 20, 1985 as an add-on to MS-DOS in response to the growing interest in graphical user interfaces . Microsoft Windows came to dominate the world's personal...
are reported via page faults instead of general protection faults. Operating systems typically provide an abstraction layer (such as exception handling
Exception handling
Exception handling is a programming language construct or computer hardware mechanism designed to handle the occurrence of exceptions, special conditions that change the normal flow of program execution....
or signals
Signal (computing)
A signal is a limited form of inter-process communication used in Unix, Unix-like, and other POSIX-compliant operating systems. Essentially it is an asynchronous notification sent to a process in order to notify it of an event that occurred. When a signal is sent to a process, the operating system...
) that hides whatever internal processor mechanism was used to raise a memory access error from a program, for the purposes of providing a standard interface for handling many different types of processor-generated error conditions.
In terms of the x86 architecture, general protection faults are specific to segmentation-based protection when it comes to memory accesses. However, general protection faults are still used to report other protection violations (aside from memory access violations) when paging is used, such as the use of instructions not accessible from the current privilege level.
While it is theoretically possible for an operating system to utilize both paging and segmentation, for the most part, common operating systems typically rely on paging for the bulk of their memory access control needs.
Privilege errors
There are some things on a computer which are reserved for the exclusive use of the operating systemOperating system
An operating system is a set of programs that manage computer hardware resources and provide common services for application software. The operating system is the most important type of system software in a computer system...
. If a program which is not part of the operating system attempts to use one of these features, it may cause a general protection fault.
Additionally, there are storage locations which are reserved both for the operating system and the processor itself. As a consequence of their reservation, they are read-only and an attempt to write data
Data
The term data refers to qualitative or quantitative attributes of a variable or set of variables. Data are typically the results of measurements and can be the basis of graphs, images, or observations of a set of variables. Data are often viewed as the lowest level of abstraction from which...
to them by an unprivileged program is an error.
Technical causes for faults
General protection faults are raised by the processor when a protected instruction is encountered which exceeds the permission level of the currently executing task - either because a user-mode program is attempting a protected instruction, or because the operating system has issued a request which would put the processor into an undefined state.General protection faults are caught and handled by modern operating systems. Generally, if the fault originated in a user-mode program, the user-mode program is terminated. If, however, the fault originated in a core system driver or the operating system itself, the operating system usually saves diagnostic information either to a file or to the screen, and then either causes a blue screen of death
Blue Screen of Death
To forse a BSOD Open regedit.exe,Then search: HKLM\SYSTEM\CurrentControlSet\services\i8042prt\ParametersThen make a new DWORD called "CrashOnCtrlScroll" And set the value to 1....
or restarts the computer.
Segment limits exceeded
Segment limits can be exceeded:- with code segmentCode segmentIn computing, a code segment, also known as a text segment or simply as text, is one of the sections of a program in an object file or in memory, which contains executable instructions....
(CS), data segmentData segmentA data segment is a portion of virtual address space of a program, which contains the global variables and static variables that are initialized by the programmer...
(DS), or ES, FS, or GS (extra segment) registers; or - accessing descriptor tables such as the Global Descriptor TableGlobal Descriptor TableThe Global Descriptor Table or GDT is a data structure used by Intel x86-family processors starting with the 80286 in order to define the characteristics of the various memory areas used during program execution, including the base address, the size and access privileges like executability and...
(GDT), the Interrupt descriptor tableInterrupt descriptor tableThe Interrupt Descriptor Table is a data structure used by the x86 architecture to implement an interrupt vector table. The IDT is used by the processor to determine the correct response to interrupts and exceptions....
(IDT) and the Local Descriptor TableLocal Descriptor TableThe Local Descriptor Table is a memory table used in the x86 architecture in protected mode and containing memory segment descriptors: start in linear memory, size, executability, writability, access privilege, actual presence in memory, etc....
(LDT).
Segment permissions violated
Segment permissions can be violated by:- jumping to non-executable segments
- writing to code segments, or read only segments
- reading execute-only segments
Segments illegally loaded
This can occur when:- a stack segment (SS) is loaded with a segment selector for a read only, executable, null segment, or segment with descriptor privilege not matching the current privilege in CS
- a code segment (CS) loaded with a segment selector for a data, system, or null segment
- SS, DS, ES, FS, or GS are segments loaded with a segment selector for a system segment
- SS, DS, ES, FS, or GS are segments loaded with a segment selector for an execute-only code segment
- accessing memory using DS, ES, FS, or GS registers, when they contain a null selector
Switching
Faults can occur in the task state segment (TSS) structure when:- switching to a busy task during a call or jump instruction
- switching to an available task during an interrupt return (IRET) instruction
- using a segment selector on a switch pointing to a TSS descriptor in the LDT
Miscellaneous
Other causes of general protection faults are:- attempting to access an interrupt/exception handler from v86 mode when the handler's code segment descriptor privilege levelPrivilege levelA privilege level in the x86 instruction set controls the access of the program currently running on the processor to resources such as memory regions, I/O ports, and special instructions. There are 4 privilege levels ranging from 0 which is the most privileged, to 3 which is least privileged...
(DPL) is greater than zero - attempting to write a one into the reserved bits of CR4Control registerA control register is a processor register which changes or controls the general behavior of a CPU or other digital device. Common tasks performed by control registers include interrupt control, switching the addressing mode, paging control, and coprocessor control.-CR0:The CR0 register is 32 bits...
- attempting to execute privileged instructions when the current privilege level (CPL) is not zero
- writing to a reserved bit in an MSR instruction
- accessing a gate containing a null segment selector
- executing a software interrupt when the CPL is greater than the DPL set for the interrupt gate
- the segment selector in a call, interrupt or trap gate does not point to a code segment
- exceeding the instruction length of 15 bytes
- violating privilege rules
- enabling paging whilst disabling protection
- referencing the interrupt descriptor table following an interrupt or exception that is not an interrupt, trap, or a task gate