GPF on iretq - Bochs problem?

cg123 · Post by **cg123** » Fri Nov 23, 2007 12:29 am

I've run into an odd problem - when an iretq instruction is executed, Bochs claims that ss is not a writeable data segment. I inserted some code into Bochs to print the raw and parsed values of the segment it popped from the stack, and it is, in fact, a writeable data segment - 0x10.

I believe the problem lies somewhere in here:

Code: Select all

// descriptor.h
#define IS_DATA_SEGMENT_WRITEABLE (Is64BitMode() || (((type) >> 1) & 0x1))

// iret.cc
/* AR byte must indicate a writable data segment,
       * else #GP(SS selector) */
      if (ss_descriptor.valid==0 || ss_descriptor.segment==0 ||
          IS_CODE_SEGMENT(ss_descriptor.type))// ||
         !IS_DATA_SEGMENT_WRITEABLE(ss_descriptor.type)) // <---
      {
        BX_ERROR(("iret64: SS AR byte not writable code segment"));
        exception(BX_GP_EXCEPTION, raw_ss_selector & 0xfffc, 0);
      }

It seems that IS_DATA_SEGMENT_WRITEABLE is returning false, despite the fact that the processor is running in long mode.

Regardless, I've got to wonder why it's checking it at all - according to the AMD64 Architecture Programmer's Manual, the 'writeable' attribute is ignored.

I've fixed the problem for now, but I just want to make sure it's not something dumb I've done. Is there something I've overlooked?

didroe · Post by **didroe** » Mon Dec 03, 2007 4:50 pm

I had this issue in 64 bit mode, are you in compatibility mode? I looked around on the Bochs mailing list and someone has patched Bochs to fix issues in this area. Their fix didn't work properly for me though, I'm guessing it's only been tested in compatibility mode. I've created a patch for Bochs that seems to work for me, I'm going to submit it to them so hopefully there will be a fix in their CVS tree sometime soon.