Jump to content
Main menu
Main menu
move to sidebar
hide
Navigation
Main page
Recent changes
Random page
Help about MediaWiki
Special pages
Niidae Wiki
Search
Search
Appearance
Create account
Log in
Personal tools
Create account
Log in
Pages for logged out editors
learn more
Contributions
Talk
Editing
X86 memory segmentation
(section)
Page
Discussion
English
Read
Edit
View history
Tools
Tools
move to sidebar
hide
Actions
Read
Edit
View history
General
What links here
Related changes
Page information
Appearance
move to sidebar
hide
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
== Practices == Logical addresses can be explicitly specified in [[x86 assembly language]], e.g. (AT&T syntax): {{codett|movl $42, %fs:(%eax) ; Equivalent to M[fs:eax]<-42) in|asm}} [[Register Transfer Language|RTL]] or in [[Intel syntax]]: <syntaxhighlight lang="nasm"> mov dword [fs:eax], 42 </syntaxhighlight> However, segment registers are usually used implicitly. * All CPU instructions are implicitly fetched from the ''[[code segment]]'' specified by the segment selector held in the CS register. * Most memory references come from the ''[[data segment]]'' specified by the segment selector held in the DS register. These may also come from the extra segment specified by the segment selector held in the ES register, if a segment-override prefix precedes the instruction that makes the memory reference. Most, but not all, instructions that use DS by default will accept an ES override prefix.{{fact|date=April 2025}} * Processor [[run-time stack|stack]] references, either implicitly (e.g. '''push''' and '''pop''' instructions) or explicitly ([[stack-based memory allocation|memory accesses using the (E)SP or (E)BP registers]]) use the ''stack segment'' specified by the segment selector held in the SS register. For explicit references, the segment can be overridden. * [[x86 string instructions|String instructions]] (e.g. '''stos''', '''movs'''), along with data segment, also use the ''extra segment'' specified by the segment selector held in the ES register. Segmentation cannot be turned off on x86-32 processors (this is true for 64-bit mode as well, but beyond the scope of discussion), so many 32-bit operating systems simulate a [[flat memory model]] by setting all segments' bases to 0 in order to make segmentation neutral to programs. For instance, the [[Linux kernel]] sets up only 4 general purpose segments: {| class="wikitable" |- ! Name !! Description !! Base !! Limit !! [[Descriptor Privilege Level|DPL]] |- | __KERNEL_CS || Kernel code segment || 0 || 4 GiB || 0 |- | __KERNEL_DS || Kernel data segment || 0 || 4 GiB || 0 |- | __USER_CS || User code segment || 0 || 4 GiB || 3 |- | __USER_DS || User data segment || 0 || 4 GiB || 3 |} Since the base is set to 0 in all cases and the limit 4 GiB, the segmentation unit does not affect the addresses the program issues before they arrive at the [[paging]] unit. (This, of course, refers to 80386 and later processors, as the earlier x86 processors do not have a paging unit.) Current Linux also uses GS to point to [[thread-local storage]]. Segments can be defined to be either code, data, or system segments. Additional permission bits are present to make segments read only, read/write, execute, etc. In protected mode, code may always modify all segment registers ''except'' CS (the [[code segment]] selector). This is because the current privilege level (CPL) of the processor is stored in the lower 2 bits of the CS register. The only ways to raise the processor privilege level (and reload CS) are through the '''lcall''' (far call) and [[INT (x86 instruction)|'''int''' (interrupt)]] instructions. Similarly, the only ways to lower the privilege level (and reload CS) are through '''lret''' (far return) and '''iret''' (interrupt return) instructions. In real mode, code may also modify the CS register by making a far jump (or using an undocumented <code>POP CS</code> instruction on the 8086 or 8088).<ref><code>POP CS</code> must be used with extreme care and has limited usefulness, because it immediately changes the effective address that will be computed from the instruction pointer to fetch the next instruction. Generally, a far jump is much more useful. The existence of <code>POP CS</code> is probably an accident, as it follows a pattern of PUSH and POP instruction opcodes for the four segment registers on the 8086 and 8088.</ref> Of course, in real mode, there are no privilege levels; all programs have absolute unchecked access to all of memory and all CPU instructions. For more information about segmentation, see the [[IA-32]] manuals freely available on the [[AMD]] or [[Intel]] websites.
Summary:
Please note that all contributions to Niidae Wiki may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see
Encyclopedia:Copyrights
for details).
Do not submit copyrighted work without permission!
Cancel
Editing help
(opens in new window)
Search
Search
Editing
X86 memory segmentation
(section)
Add topic
