Subject: Re: memtest86 in bochs
To: Ben Collver <collver1@comcast.net>
From: Joseph Sarkes <jsarkes@mac.com>
List: port-i386
Date: 01/06/2004 13:15:48
On Jan 5, 2004, at 9:56 AM, Ben Collver wrote:
> On Sun, Jan 04, 2004 at 11:14:56PM +0000, David Laight wrote:
>>> There already is a '.code 16' in query_pcbios() at line 688 of
>>> head.S, and
>>> there are no calls and no '.code 32' before the odd behavior I see
>>> at line
>>> 730.
>>
>> The trace on your post to the bochs list does show 16bit code.
>> Can you single-step any other instructions?
>>
>> Maybe the code is continuing from 0:0 after the breakpoint...
>
> Yes, I can single-step other instructions. I said earlier that IP is
> set
> to 0 at the "xor EAX, EAX" instruction. From single-stepping this
> morning
> it looks like it is actually happening at the "mov [DS:0000], EAX"
> instruction. Perhaps it is indeterminate.
>
As I recall, there are some i386 instructions, especially ones that
affect
the stack registers in 16 bit operation do two instructions in an
un-interruptable
manner to allow loading stack segment and stack pointer registers
without
intervening interrupts that corrupt things. Perhaps you are running into
something of this nature??
> It is hard for me to believe the code is supposed to continue at 0:0
> because that range of memory is all zeroed out.
>
> Thank you for the help,
>
> Ben
> --
> A hacker does for love what others would not do for money.
>
>
>> b 0x2626
>> c
> (0) Breakpoint 6, 0x2626 in ?? ()
> (0) [0x00002626] 0010:00002626 (unk. ctxt): jmp 0020:0000062d ;
> ea2d0600002000
>> s
> (0) [0x0000262d] 0020:062d (unk. ctxt): mov EAX, CR0 ; 0f20c0
> # Above is the first instruction in 16-bit mode.
>> disassemble 0x262d 0x2670
> 0000262d: mov EAX, CR0 ; 0f20c0
> 00002630: and EAX, 7ffffffe ; 6625feffff7f
> 00002636: mov CR0, EAX ; 0f22c0
> 00002639: jmp DS:0750 ; ff2e5007
> 0000263d: mov AX, CS ; 8cc8
> 0000263f: mov DS, AX ; 8ed8
> 00002641: mov ES, AX ; 8ec0
> 00002643: mov FS, AX ; 8ee0
> 00002645: mov GS, AX ; 8ee8
> 00002647: mov SS, AX ; 8ed0
> 00002649: mov EAX, ECX ; 6689c8
> 0000264c: shr EAX, 04 ; 66c1e804
> 00002650: mov SS, AX ; 8ed0
> 00002652: sub ESP, ECX ; 6629cc
> 00002655: push EBX ; 6653
> 00002657: shr EDI, 04 ; 66c1ef04
> 0000265b: mov DS, DI ; 8edf
> 0000265d: sti ; fb
> 0000265e: xor EAX, EAX ; 6631c0
> 00002661: mov [DS:0000], EAX ; 66a30000
> 00002665: mov [DS:0004], EAX ; 66a30400
> 00002669: mov [DS:0008], EAX ; 66a30800
> 0000266d: xor EBX, EBX ; 6631db
>> s
> (0) [0x00002630] 0020:0630 (unk. ctxt): and EAX, 7ffffffe ;
> 6625feffff7f
>> s
> (0) [0x00002636] 0020:0636 (unk. ctxt): mov CR0, EAX ; 0f22c0
>> s
> (0) [0x00002639] 0020:0639 (unk. ctxt): jmp DS:0750 ;
> ff2e5007
>> s
> (0) [0x0000263d] 0200:063d (unk. ctxt): mov AX, CS ; 8cc8
>> s
> (0) [0x0000263f] 0200:063f (unk. ctxt): mov DS, AX ; 8ed8
>> s
> (0) [0x00002641] 0200:0641 (unk. ctxt): mov ES, AX ; 8ec0
>> s
> (0) [0x00002643] 0200:0643 (unk. ctxt): mov FS, AX ; 8ee0
>> s
> (0) [0x00002645] 0200:0645 (unk. ctxt): mov GS, AX ; 8ee8
>> s
> (0) [0x00002647] 0200:0647 (unk. ctxt): mov SS, AX ; 8ed0
>> s
> (0) [0x00002649] 0200:0649 (unk. ctxt): mov EAX, ECX ; 6689c8
>> s
> (0) [0x0000264c] 0200:064c (unk. ctxt): shr EAX, 04 ;
> 66c1e804
>> s
> (0) [0x00002650] 0200:0650 (unk. ctxt): mov SS, AX ; 8ed0
>> s
> (0) [0x00002652] 0200:0652 (unk. ctxt): sub ESP, ECX ; 6629cc
>> s
> (0) [0x00002655] 0200:0655 (unk. ctxt): push EBX ; 6653
>> s
> (0) [0x00002657] 0200:0657 (unk. ctxt): shr EDI, 04 ;
> 66c1ef04
>> s
> (0) [0x0000265b] 0200:065b (unk. ctxt): mov DS, DI ; 8edf
>> s
> (0) [0x0000265d] 0200:065d (unk. ctxt): sti ; fb
>> s
> (0) [0x0000265e] 0200:065e (unk. ctxt): xor EAX, EAX ; 6631c0
>> info registers
> eax 0x132a 4906
> ecx 0x132a0 78496
> edx 0x0 0
> ebx 0x13110 78096
> esp 0xfb8 0xfb8
> ebp 0x1c3 0x1c3
> esi 0x2000 8192
> edi 0x1203 4611
> eip 0x65e 0x65e
> eflags 0x206 518
> cs 0x200 512
> ss 0x132a 4906
> ds 0x1203 4611
> es 0x200 512
> fs 0x200 512
> gs 0x200 512
>> s
> (0) [0x00002661] 0200:0661 (unk. ctxt): mov [DS:0000], EAX ;
> 66a30000
>> info registers
> eax 0x0 0
> ecx 0x132a0 78496
> edx 0x0 0
> ebx 0x13110 78096
> esp 0xfb8 0xfb8
> ebp 0x1c3 0x1c3
> esi 0x2000 8192
> edi 0x1203 4611
> eip 0x661 0x661
> eflags 0x206 518
> cs 0x200 512
> ss 0x132a 4906
> ds 0x1203 4611
> es 0x200 512
> fs 0x200 512
> gs 0x200 512
> # notice that eax is zeroed out here, and eip is not.
>> s
> (0) [0x00000002] 0000:0002 (unk. ctxt): add DS:[BX+SI], AL ;
> 0000
>> info registers
> eax 0x0 0
> ecx 0x132a0 78496
> edx 0x0 0
> ebx 0x13110 78096
> esp 0xfb2 0xfb2
> ebp 0x1c3 0x1c3
> esi 0x2000 8192
> edi 0x1203 4611
> eip 0x2 0x2
> eflags 0x46 70
> cs 0x0 0
> ss 0x132a 4906
> ds 0x1203 4611
> es 0x200 512
> fs 0x200 512
> gs 0x200 512
> # but here eip is set to 2, and ds is not set to zero
>> x /64wx 0x0
> [bochs]:
> 0x0 <bogus+0>: 0x00000000 0x00000000 0x00000000
> 0x00000000
> 0x10 <bogus+16>: 0x00000000 0x00000000 0x00000000
> 0x00000000
> 0x20 <bogus+32>: 0x00000000 0x00000000 0x00000000
> 0x00000000
> 0x30 <bogus+48>: 0x00000000 0x00000000 0x00000000
> 0x00000000
> 0x40 <bogus+64>: 0x00000000 0x00000000 0x00000000
> 0x00000000
> 0x50 <bogus+80>: 0x00000000 0x00000000 0x00000000
> 0x00000000
> 0x60 <bogus+96>: 0x00000000 0x00000000 0x00000000
> 0x00000000
> 0x70 <bogus+112>: 0x00000000 0x00000000 0x00000000
> 0x00000000
> 0x80 <bogus+128>: 0x00000000 0x00000000 0x00000000
> 0x00000000
> 0x90 <bogus+144>: 0x00000000 0x00000000 0x00000000
> 0x00000000
> 0xa0 <bogus+160>: 0x00000000 0x00000000 0x00000000
> 0x00000000
> 0xb0 <bogus+176>: 0x00000000 0x00000000 0x00000000
> 0x00000000
> 0xc0 <bogus+192>: 0x00000000 0x00000000 0x00000000
> 0x00000000
> 0xd0 <bogus+208>: 0x00000000 0x00000000 0x00000000
> 0x00000000
> 0xe0 <bogus+224>: 0x00000000 0x00000000 0x00000000
> 0x00000000
> 0xf0 <bogus+240>: 0x00000000 0x00000000 0x00000000
> 0x00000000
>