help by unreal mode

[amirsadig]

I have assembled the 16 bit code in seperated file and added it using module (GRUB). before I call it I have copied it to that address 0x1000.

Code: Select all

org     0x1000  

[BITS 16]
; ------ Disable protected mode; jump to real-mode segment.
 main:   
   .2:
      mov   eax, cr0
                and   eax, 0xFE
                mov   cr0, eax
                jmp   word 0x00:.3
; ------ Load stack- and data-segment registers
; ------ with proper real-mode segment numbers.
   .3:   xor   ax, ax
      mov   ds, ax
      mov   es, ax
      mov   fs, ax
      mov   gs, ax
      mov   ss, ax

; ------ Enable A20 line (and thus high memory).
; ------ [http://www.karig.net/0003.html]
      mov   al, 0xD1
      out   0x64, al
      mov   al, 0x03
      out   0x60, al

      sti

testcode:
      mov ax,4F02h                    ; Set VBE Mode
      mov bx,0C100h                   ; Mode : 640x400, 256 colours, linear/flat, don't clear display
      int 10h                         ; Do it!


; ------ Halt computer.
      jmp   $

i call it within this code

Code: Select all

testrealmode:
      cli
; ------ Ensure that code- and stack-segment limits are 64KB.
      mov   eax, ds16
      mov   ss, eax
      jmp   dword cs16:0x1000
      retn

I could jump to 0x1000 and execute those code until execute int 10h here I receive stack fault (and then reboot). is that mean I am not in unrealmode?

bochs debug:

Code: Select all

(0) [0x00001000] 0038:00001000 (unk. ctxt): mov eax, cr0              ; 0f20c0
(0) [0x00001003] 0038:00001003 (unk. ctxt): opsize and eax, 0xfe      ; 6625fe00
0000
(0) [0x00001009] 0038:00001009 (unk. ctxt): mov cr0, eax              ; 0f22c0
(0) [0x0000100c] 0038:100c (unk. ctxt): jmp 0000:1011             ; ea11100000
(0) [0x00001011] 0000:1011 (unk. ctxt): xor ax, ax                ; 31c0
(0) [0x00001013] 0000:1013 (unk. ctxt): mov ds, ax                ; 8ed8
(0) [0x00001015] 0000:1015 (unk. ctxt): mov es, ax                ; 8ec0
(0) [0x00001017] 0000:1017 (unk. ctxt): mov fs, ax                ; 8ee0
(0) [0x00001019] 0000:1019 (unk. ctxt): mov gs, ax                ; 8ee8
(0) [0x0000101b] 0000:101b (unk. ctxt): mov ss, ax                ; 8ed0
(0) [0x0000101d] 0000:101d (unk. ctxt): mov al, 0xd1              ; b0d1
(0) [0x0000101f] 0000:101f (unk. ctxt): out 0x64, al              ; e664
(0) [0x00001021] 0000:1021 (unk. ctxt): mov al, 0x3               ; b003
(0) [0x00001023] 0000:1023 (unk. ctxt): out 0x60, al              ; e660
(0) [0x00001025] 0000:1025 (unk. ctxt): sti                       ; fb
(0) [0x00001026] 0000:1026 (unk. ctxt): mov ax, 0x4f02            ; b8024f
(0) [0x00001029] 0000:1029 (unk. ctxt): mov bx, 0xc100            ; bb00c1
(0) [0x00000524] 0018:03a4 (unk. ctxt): add byte ptr ds:[bx+si], al ; 0000
(0) [0x00000526] 0018:03a6 (unk. ctxt): add byte ptr ds:[bx+si], al ; 0000
========================================================================
Bochs is exiting with the following message:
[CPU  ] CPU shutting down due to lack of stack space, SP==1
========================================================================

[pini]

I don't see the "int 10h" line in the bochs debug. Does this mean that it is the "mov ebx,..." instructions that causes a fault.

As you can see, there's a jump from physical 0x1029 (your code) to 0x524, which may mean that a fault occur (but why would a fault occur int your "mov ebx," ? I don't know.)

Try using "info cpu" before executing that "mov" and look what is value of ESP. If it is really a value of 1, then you must have a pb with your stack (maybe starting SS at 0 is not a good idea ?)

Another question : why are you setting SS to ds16 before your jump and then set it back to 0 inside your 16-bits code ?
What is the value of ds16 ?
Don't you need to modify ESP in your 16-bit code to be sure your stack is correctly modified ?

[amirsadig]

Another question : why are you setting SS to ds16 before your jump and then set it back to 0 inside your 16-bits code ?
What is the value of ds16 ?

ds16 is segment selector which point to Segment Describtor in GDT (data segment but with 64K limit and 16 bit)

i use it to load ss with 16 bit selector for the next call ( jump to 0x1000). I still in PMode but 16 bit.

now I have tried to load ss with 0x1000

Code: Select all

      mov   ax, 0x1000
      mov   ss, ax

Code: Select all

(0) [0x0000102b] 0000:102b (unk. ctxt): mov bx, 0xc100            ; bb00c1
<bochs:41>
Next at t=124972123
(0) [0x0000102e] 0000:102e (unk. ctxt): int 0x10                  ; cd10
<bochs:42>
Next at t=124972124
(0) [0x000003f2] 0018:0272 (unk. ctxt): add al, dh                ; 00f0
<bochs:43>
Next at t=124972125
(0) [0x000003f4] 0018:0274 (unk. ctxt): push bx                   ; 53
<bochs:44>
Next at t=124972126
(0) [0x000003f5] 0018:0275 (unk. ctxt): inc word ptr ds:[bx+si]   ; ff00
<bochs:45>
Next at t=124972127
(0) [0x000003f7] 0018:0277 (unk. ctxt): lock push bx              ; f053
<bochs:46>
Next at t=124972128
(0) [0x00000335] 0018:01b5 (unk. ctxt): inc word ptr ds:[bx+si]   ; ff00
<bochs:47>
Next at t=124972129
(0) [0x00000337] 0018:01b7 (unk. ctxt): lock push bx              ; f053
<bochs:48>
Next at t=124972130
(0) [0x00000335] 0018:01b5 (unk. ctxt): inc word ptr ds:[bx+si]   ; ff00
<bochs:49>
Next at t=124972131
(0) [0x00000337] 0018:01b7 (unk. ctxt): lock push bx              ; f053
<bochs:50>
Next at t=124972132
(0) [0x00000337] 0018:01b7 (unk. ctxt): lock push bx              ; f053
<bochs:51>
Next at t=124972133
(0) [0x00000337] 0018:01b7 (unk. ctxt): lock push bx              ; f053
<bochs:52>

now I can see int 10h, but cpu stop in "lock push", I dont know what is that.

[Pype.Clicker]

Code: Select all

; ------ Enable A20 line (and thus high memory).
; ------ [http://www.karig.net/0003.html]
      mov   al, 0xD1
      out   0x64, al
      mov   al, 0x03
      out   0x60, al

Since you're coming from GRUB-enabled protected mode, A20 line is ON. You needen't that code which (iirc) lacks the appropriated status polling.

Code: Select all

      sti

See it ?? See it ?? a STI! in irreal mode! you shouldn't enable interrupts unless you revert the IVT instead of your IDT, imho.

Moreover, as pini pointed out, there are chances that your stack pointer is larger than 16 bits and you don't reset it to a proper value, so as soon as an interrupt will arise, you'll get a stack fault for going beyond the 64KB barrier of SS...

[amirsadig]

See it ?? See it ?? a STI! in irreal mode! you shouldn't enable interrupts unless you revert the IVT instead of your IDT, imho.

I have notice that my problem was here in this instruction "sti". then remembered that idt table has been updated with for my PM kernel. so I have changed back to base 0 and 0xFFFF. aaaaaaaand work, I could change the Video mode.

now I should thinking how to return back to PM and to my calling function which call the code at 0x1000. notice I have changed testrealmode function to :

Code: Select all

testrealmode:
      cli
; ------ Ensure that code- and stack-segment limits are 64KB.
      mov  eax, ds16
      mov  ss, eax
      call dword cs16:0x1000
      retn

so I should have the returnig EIP in the stack. so I could enable PM and make a "ret".

[Pype.Clicker]

still, as you don't need hardware interrupts while setting video mode, i would try leaving the IDT set up and keeping a CLI if i were you.

Chances are that 'INT nn' will correctly use the real mode IVT while exceptions use the IDTR descriptions. Such things *do* occur in unreal mode and i've seen (in my demo-coder newbie times) unreal mode TSRs that were re-installing unreal mode on 'segmentation fault' exception ...

[amirsadig]

but without change the IDTR my code does not functioned even without sti.
the Video mode could be change without sti but by loading idtr with prober value.

[Pype.Clicker]

good thing to know ...

[amirsadig]

Code: Select all

mov   eax, cr0
   or   al, 1
   mov   cr0, eax
   lidt [idt_ptr1]
   mov ax,10h
   mov ds,ax
   mov es,ax
   mov ss,ax
   mov fs,ax
   mov gs,ax     
        retf

with this code I want to return back to PM and make far ret.
the stack save the EIP and CS of the calling procedure

Code: Select all

0x00116fb4 <bogus+       0>:    0x0010272b      0x00000018

correctly "x /30xw 0x116fb4"

but as retn executed I receive GPF

Code: Select all

Exception #13 (GPF)]
EDI=0010E80E ESI=00102742 EBP=00116FF4 ESP=00116F90
EBX=0002BCC0 EDX=FFFFFFFF ECX=0011B069 EAX=00000010
 DS=00000010  ES=00000010  FS=00000010  GS=00000010
int=0000000D err=00000010 EIP=00001058  CS=00000000
uSP=0010272B uSS=00000018
 CR2 = 0x0 : CR3: 0x0 , CR4: 0x0
 TASK PID -268370093
Goodbye (system halted, use reset button to end)

instruction 0x1058 is "retf".

to test return to PM I do not change the video mode, so that I can see page fault when occure.

[Pype.Clicker]

what about returning to a 'safe' esp location before you do the RETF ?

[amirsadig]

I don't know what did you mean, but I have solve it.

code of kernel, which call 0x1000

Code: Select all

testrealmode:
??????;cli
; ------ Ensure that code- and stack-segment limits are 64KB.
??????push eax
??????mov???eax, retvalue
??????push eax
??????jmp???0x18:0x1000
??????
retvalue:
??????pop eax
??????pop eax
??????sti
??????retn

code of unreal mode, which loaded at 0x1000

Code: Select all

org     0x1000  
SECTION .text

[BITS 32]
testrealmode:
??????push eax
??????cli
; ------ Ensure that code- and stack-segment limits are 64KB.
??????mov???eax, 40h
??????mov???ss, eax
??????jmp???dword 38h:return.2
return:
??????pop eax
??????jmp eax
[BITS 16]
; ------ Disable protected mode; jump to real-mode segment.
 ???.2:
??????mov   eax, cr0
                and   eax, 0xFE
                mov   cr0, eax
                jmp   word 0x00:.3
; ------ Load stack- and data-segment registers
; ------ with proper real-mode segment numbers.
   .3:   ???
   ??????xor   ax, ax
???      mov   ds, ax
???      mov   es, ax
???      mov   fs, ax
???      mov   gs, ax
???      ;mov   ax, 0x1000
???      mov   ss, ax
???      ;mov sp,0xFFF8      ; Load IP SI DI SP BP
???      ;xor bp,bp
???      sidt [idt_ptr1]
???      lidt [idt_ptr]



; ------ Enable A20 line (and thus high memory).
; ------ [http://www.karig.net/0003.html]
      mov   al, 0xD1
      out   0x64, al
      mov   al, 0x03
      out   0x60, al
     

      ;mov ax,4F02h                    ; Set VBE Mode
      ;mov bx,04143h                   ; Mode : 800x600, 32bit colours, linear/flat, don't clear display
      ;int 10h                         ; Do it!

; return to PM

???mov???eax, cr0
???or???al, 1
???mov???cr0, eax
???lidt [idt_ptr1]
???mov ax,10h
???mov ds,ax
???mov es,ax
???mov ss,ax
???mov fs,ax
???mov gs,ax
???;mov eax, [ptr_code]
        jmp 0x18:return
      
SECTION .data      
idt_ptr:
???dw 0xFFFF??????; IDT limit
???dd 0
idt_ptr1:
???dw 0xFFFF??????; IDT limit
???dd 0
 

as you see I solve it with jmp, why far return does not work? I don't know.

[pini]

ds16 is segment selector which point to Segment Describtor in GDT (data segment but with 64K limit and 16 bit)

i use it to load ss with 16 bit selector for the next call ( jump to 0x1000). I still in PMode but 16 bit.

Stack is not needed for a jump, but only for a call instruction.

Anyway, Pype was right about the "sti" (damn, I should have seen it...

[amirsadig]

if you mean using "sti", i don not use sti now, because I call the unreal mode before I enable hardware interrupt.

I have test my kernel in bochs and it run fine, but in VMWare or real PC, when I activating only the Video mode, it does not work correctly - hardware initializing does not work (flopyy driver has not been initialized correctly -. when only getting the VESA mode info for a mode, the kernel work in text mode without problem.

[amirsadig]

it seem to be in the timer, which does not work some reason.

keyboard IRQ and FLOPPY IRQ work, but because Floppy need timer to work correctly it waiting for timer interrupt. therefor my OS hange up on initializing floppy driver.
why timer does not work I did not know until now?
what is the relation between calling bios (real mode) and my interrupt vector table ?
why some of my interrupt work and others not? these question
I anylizing it.
if someone have to idea, which help me anylizing this problem.

notice that my real mode code, do the following (as in code above):
* set the video mode 0x140(VMware) or 0x143 (bochs)
* get mode info for 0x140 or 0x143 structure and save it at 0x2000
when I does not set the video mode and only getting mode info structure - that mean working text mode - my OS work fine, which do get the mode info from 0x2000 and check if framebuffer exist, when yes the clear it with black color and then load the bitmap file and draw it.
when video mode does not activated I will not see the bitmap, but my OS does not hange up on initializing Floppy. I can run my small shell and execute some prgramm on my floppy disk.

[amirsadig]

my problem still not solved :'(.
here is the part of the code which call bios.

Code: Select all

;mov ax,4F02h                    ; Set VBE Mode
      ;mov bx,04140h                   ; Mode : 800x600, 32bit colours, linear/flat, clear display
      ;int 10h                         ; Do it!
      mov ax, 4F01h
      mov cx, 140h
      mov di, 2000h
      int 10h

as I said , when not setting Video Mode, the code work and I can access the framebuffer.
what make the video setting , so that my OS does not work as expected?