I am writing a simple program in NASM that starts from MS-DOS (installed in QEMU), sets up GDT, IDT, LDT, TSS, etc and then switches to protected mode; now I am trying to use this program to test debug registers DR0, DR!, etc.
I decided to use QEMU because it is one of the few emulators/virtual machines that supports 80386 debug registers.
In the data segment (DATASEG32) there is a 32 bit variable, named var32a; so, in the code segment (CODESEG32) I add this code:
Code: Select all
xor eax, eax ; EAX = 0
mov ax, DATASEG32 ; AX = 16 bit segment
shl eax, 4 ; Base Address = DATASEG32 * 16
add eax, offset var32a ; physical addr. = Base + Offset
mov dr0, eax ; DR0 = var32a physical address
xor eax, eax ; EAX = 0
mov dr6, eax ; clear DR6
; break on data writes, length=4 bytes, L0=1, LE=1
mov eax, 00000000000011010000000100000001b
mov dr7, eax
Code: Select all
mov [var32a], eaxNow consider this code that enables a code breakpoint in CODESEG32 at a label named brk_point:
Code: Select all
xor eax, eax ; EAX = 0
mov ax, CODESEG32 ; AX = 16 bit segment
shl eax, 4 ; Base Address = CODESEG32 * 16
add eax, offset brk_point ; physical addr. = Base + Offset
mov dr0, eax ; DR0 = brk_point label physical address
xor eax, eax ; EAX = 0
mov dr6, eax ; clear DR6
; break on instruction execution, length=1 byte, L0=1, LE=1
mov eax, 00000000000000000000000100000001b
mov dr7, eax
GDB says that the program gets stuck exactly at the brk_point label; so, the interrupt service routine is never called.
Does anyone know what's happening?
P.S. I know that there is a QEMU mailing list, but it is too difficult to get an account.
