Assembly qemu-system-i386: Trying to execute code outside RAM

Question

I got this error while I was playing with qemu, "qemu-system-i386: Trying to execute code outside RAM".

And on gdb, I got this, so it stays at the movl and when I execute an stepi, all crashes:

=> 0xf010002c <relocated>:      add    %al,(%eax)
relocated () at kern/entry.S:74
74              movl    $0x0,%ebp                       # nuke frame pointer
(gdb) stepi
Remote connection closed

This happened when I commented the line of kern/entry.S that executes:

movl    %eax, %cr0

What is the real explanation of this? Because the part of the code says a lot of things that do, but I really don't understand why, if I comment that line of code, it explodes.

entry:
movw    $0x1234,0x472           # warm boot


movl    $(RELOC(entry_pgdir)), %eax
movl    %eax, %cr3
# Turn on paging.
movl    %cr0, %eax
orl $(CR0_PE|CR0_PG|CR0_WP), %eax
movl    %eax, %cr0

mov $relocated, %eax
jmp *%eax

Answer 1

That QEMU error means "your guest program just jumped off into some invalid location"; it is pretty much always the result of a buggy guest program, but it was previously something QEMU's emulation wasn't able to handle. In newer versions of QEMU (starting with 3.1, which isn't yet released) we will be able to handle execution from something other than RAM, so we'll be able to continue emulating the guest. Of course since execution from random unmapped memory makes no sense, the chances are the guest will then just sit in a loop taking exceptions or otherwise sit there apparently doing nothing.

In this particular case, you've commented out the line of code that enables the MMU, so the code immediately following it that jumps to a virtual address on the assumption that paging is enabled will crash when it tries to execute the instruction at the jump target, because without the MMU enabled there is nothing at that address.