triple fault on stack operation
Posted: Wed Apr 20, 2011 4:53 pm
Ok, So I've just entered pmode, I loaded a GDT with 3 entries, as below:
I set cs to 0x8 with a far jump, this worked fine, then I set DS, ES and SS to 0x10. so far so good. Then I tried to push a register. Bochs kindly triple faulted for me, producing this error dump (An IDT was loaded, but it's full of nulls at this point in my development):
Code: Select all
gdt_start:
times 8 db 0 ; null segment
; ---- KERNEL CODE SEGMENT ----
kcode_limlo: dw 0x07FF
kcode_baselo: dw 0x0000
kcode_basemid: db 0
kcode_access: db 10011100b
kcode_flgs: db 0xC0
kcode_basehi: dw 0
; ---- KERNEL DATA SEGMENT ----
kdata_limlo: dw 0x7FF
kdata_baselo: dw 0
kdata_basemid: db 0
kcode_access: db 10010100b
kcode_flgs: db 0xC0
kcode_basehi: dw 0
; ---- REST ----
gdt_end:
this seems to happen as soon as i try to do anything with the stack, push/pop/call. The other thing I noticed when looking at the segment registers is this:(0) [0x000000000000be94] 0008:000000000000be94 (unk. ctxt): push ax
; 6650
<bochs:2> s
00015381424e[CPU0 ] write_virtual_checks(): write beyond limit, r/w ED
00015381424e[CPU0 ] interrupt(): gate descriptor is not valid sys seg (vector=0x
0c)
00015381424e[CPU0 ] interrupt(): gate descriptor is not valid sys seg (vector=0x
08)
00015381424i[CPU0 ] CPU is in protected mode (active)
00015381424i[CPU0 ] CS.d_b = 32 bit
00015381424i[CPU0 ] SS.d_b = 32 bit
00015381424i[CPU0 ] EFER = 0x00000000
00015381424i[CPU0 ] | RAX=0000000000000010 RBX=0000000000004c00
00015381424i[CPU0 ] | RCX=0000000000000000 RDX=0000000000000fff
00015381424i[CPU0 ] | RSP=000000000000ffff RBP=0000000000000000
00015381424i[CPU0 ] | RSI=00000000000ec700 RDI=000000000000102c
00015381424i[CPU0 ] | R8=0000000000000000 R9=0000000000000000
00015381424i[CPU0 ] | R10=0000000000000000 R11=0000000000000000
00015381424i[CPU0 ] | R12=0000000000000000 R13=0000000000000000
00015381424i[CPU0 ] | R14=0000000000000000 R15=0000000000000000
00015381424i[CPU0 ] | IOPL=0 id vip vif ac vm RF nt of df if tf sf zf af PF cf
00015381424i[CPU0 ] | SEG selector base limit G D
00015381424i[CPU0 ] | SEG sltr(index|ti|rpl) base limit G D
00015381424i[CPU0 ] | CS:0008( 0001| 0| 0) 00000000 007fffff 1 1
00015381424i[CPU0 ] | DS:0010( 0002| 0| 0) 00000000 007fffff 1 1
00015381424i[CPU0 ] | SS:0010( 0002| 0| 0) 00000000 007fffff 1 1
00015381424i[CPU0 ] | ES:0010( 0002| 0| 0) 00000000 007fffff 1 1
00015381424i[CPU0 ] | FS:0000( 0005| 0| 0) 00000000 0000ffff 0 0
00015381424i[CPU0 ] | GS:0000( 0005| 0| 0) 00000000 0000ffff 0 0
00015381424i[CPU0 ] | MSR_FS_BASE:0000000000000000
00015381424i[CPU0 ] | MSR_GS_BASE:0000000000000000
00015381424i[CPU0 ] | RIP=000000000000be94 (000000000000be94)
00015381424i[CPU0 ] | CR0=0x60000011 CR2=0x0000000000000000
00015381424i[CPU0 ] | CR3=0x00000000 CR4=0x00000000
(0).[15381424] [0x000000000000be94] 0008:000000000000be94 (unk. ctxt): push ax
; 6650
00015381424p[CPU0 ] >>PANIC<< exception(): 3rd (13) exception with no resolution
The data segment does not appear to be 32 bit pmode. Or is this merely because it is a data segment descriptor? what is the correct value for sz here?<bochs:2> sreg
es:0x0010, dh=0x00c09700, dl=0x000007ff, valid=1
Data segment, base=0x00000000, limit=0x007fffff, Read/Write, Expand-down
, Accessed
cs:0x0008, dh=0x00c09f00, dl=0x000007ff, valid=1
Code segment, base=0x00000000, limit=0x007fffff, Execute/Read, Conformin
g, Accessed, 32-bit
ss:0x0010, dh=0x00c09700, dl=0x000007ff, valid=1
Data segment, base=0x00000000, limit=0x007fffff, Read/Write, Expand-down
, Accessed
ds:0x0010, dh=0x00c09700, dl=0x000007ff, valid=1
Data segment, base=0x00000000, limit=0x007fffff, Read/Write, Expand-down
, Accessed
fs:0x0000, dh=0x00009300, dl=0x0000ffff, valid=1
Data segment, base=0x00000000, limit=0x0000ffff, Read/Write, Accessed
gs:0x0000, dh=0x00009300, dl=0x0000ffff, valid=1
Data segment, base=0x00000000, limit=0x0000ffff, Read/Write, Accessed
ldtr:0x0000, dh=0x00008200, dl=0x0000ffff, valid=1
tr:0x0000, dh=0x00008b00, dl=0x0000ffff, valid=1
gdtr:base=0x0000000000000800, limit=0x17
idtr:base=0x0000000000000000, limit=0x7ff