load overflow topmost address on x86


What would happen when an unaligned load overflows the topmost address on x86? For example, what would happen when loading a 4-byte integer at address 0xfffffffe on 32-bit x86 processor? Of course, the topmost page (0xfffff000-0xffffffff) is mapped to some physical memory and the page is readable/writable, and the current loading program is in operating system kernel in Ring0. You can assume that loading 4-byte at 0xfffffffc is legal for simplicity.

Will such loading generate a page-fault?

asked on Stack Overflow May 1, 2015 by writalnaie

1 Answer


It would generate a general protection (#GP) fault due to the limit checking in segments. The processor checks the segment limit when data is accessed with DS segment register which is usual case. The default segment limit of DS segment register is [0,0xffffffff).

The processor causes a general-protection exception any time an attempt is made to access the following addresses in a segment:

  • A byte at an offset greater than the effective limit
  • A word at an offset greater than the (effective-limit – 1)
  • A doubleword at an offset greater than the (effective-limit – 3)
  • A quadword at an offset greater than the (effective-limit – 7)

According to the Intel x86 spec, "explicitly unaligned" accesses (regardless of whether they're at the edge of your address space) can also cause general protection faults for AVX, FME, VEX, or SSE instructions.

Interestingly, the lowest and highest addresses are not the only boundaries in your address space where this could happen. More boundaries show up in x86_64 address spaces, where there is a sparse / unaddressable space in the middle which your processor can't use (because this way processor manufacturers can cut down the number of bits required for many processor internals -- after all, nobody is using a full 64 bit address space yet).

answered on Stack Overflow May 6, 2015 by Dan • edited May 8, 2015 by Dan

User contributions licensed under CC BY-SA 3.0