What exactly are null segment selectors?

[chrstrbrts]

Hello,

From Intel's manual about IA-32e mode:

On privilege level changes, stack segment selectors are not read from the TSS. Instead, they are set to NULL.

What does it mean to set a segment selector to null?

Does it mean that you set the segment selector in the segment register to point to the first descriptor in the GDT, the null descriptor?

Or, does it mean that you put some special value in the segment register?

If so, what is this special value?

Earlier in the manual, it says this about loading segment registers with selectors in protected mode:

Loading the CS or SS register with a null segment selector causes a general-protection exception (#GP) to be generated.

So, how can we do both?

How can we put a null segment selector in the SS register if doing so will throw an exception?

Is the above restriction lifted in IA-32e mode?

Thanks.

 

[Schmide]

Hello,

From Intel's manual about IA-32e mode:

On privilege level changes, stack segment selectors are not read from the TSS. Instead, they are set to NULL.

What does it mean to set a segment selector to null?

It means in the TSS structure they are set to null. Only the SS0, ESP0 and IOPB mean anything in a protected mode task switch.

Does it mean that you set the segment selector in the segment register to point to the first descriptor in the GDT, the null descriptor?

Or, does it mean that you put some special value in the segment register?

If so, what is this special value?

Earlier in the manual, it says this about loading segment registers with selectors in protected mode:

Loading the CS or SS register with a null segment selector causes a general-protection exception (#GP) to be generated.

So, how can we do both?

How can we put a null segment selector in the SS register if doing so will throw an exception?

Is the above restriction lifted in IA-32e mode?

Thanks.

Simply put. The remaining segments and registers are inherited from the GDT.

 

[chrstrbrts]

It means in the TSS structure they are set to null.

Yes, but that's my question: What does it mean to set a selector to null?

Only the SS0, ESP0 and IOPB mean anything in a protected mode task switch.

In protected mode, the SS selectors for the different privilege levels are used and are not set to null.

I was asking about IA-32e mode.

Simply put. The remaining segments and registers are inherited from the GDT.

Can you explain further, please?

 

[Schmide]

Yes, but that's my question: What does it mean to set a selector to null?

Other than real mode, it means don't do that. It is not allowed.

In protected mode, the SS selectors for the different privilege levels are used and are not set to null.

I was asking about IA-32e mode.

Can you explain further, please?

Please use x86-64 to refer to IA-32e. No one says IA-32e.

It's all generally the same after real mode. Compatibility mode, the 32/16bit environments of Long Mode (64 bit) run protected mode code.

Edit: The basis of your question - "What does it mean to set a selector to null?" Is not valid. You can't do it so let it go.

 

[chrstrbrts]

Other than real mode, it means don't do that. It is not allowed.
Edit: The basis of your question - "What does it mean to set a selector to null?" Is not valid. You can't do it so let it go.

OK, you can't do it yourself as a programmer.

But the system does it for you.

Again, the quote from Intel's manual:
On privilege level changes, stack segment selectors are not read from the TSS. Instead, they are set to NULL.

Let me ask the question another way:

In x86-64 mode, if I switch privilege levels and then read the SS register, what value will I see?

 

[Schmide]

Let me ask the question another way:

In x86-64 mode, if I switch privilege levels and then read the SS register, what value will I see?

I did not know this but apparently when you go into long mode (x64) segments are cleared, not just disabled. Except for ES and GS. So you can have a zero segment in both real and x64 long mode. The processor also does not do segment limit checks.

So not if you switch privilege levels, if you are in x64 mode and read the ss register, it will be zero.

 

[chrstrbrts]

I did not know this but apparently when you go into long mode (x64) segments are cleared, not just disabled. Except for ES and GS. So you can have a zero segment in both real and x64 long mode. The processor also does not do segment limit checks.

Yes, I'm aware of this already.

The processor considers the value of the base of the segment as zero regardless of what's listed in the descriptor.

This affects the base address of the segment, not the value that's stored in the segment registers.

The segment registers hold a pointer that points into the GDT and points to a descriptor for the segment.

So not if you switch privilege levels, if you are in x64 mode and read the ss register, it will be zero.

The base of the stack segment will be zero for sure.

But, what will be in the segment register?

Where does the SS register point to in x86-64 mode when switching privilege levels and the value it's supposed to hold is null?