Page 1 of 1
V8086 related questions
Posted: Sat Mar 11, 2017 4:50 pm
by Agola
Hi, OSDevers. I finished my V8086 monitor and V8086 task support recently. Everything works great.
Except, ehm... one thing. The out and in instructions. They work too, but I confused at somehting.
EC IN AL DX Input from Port
ED IN eAX DX Input from Port
EE OUT DX AL Output to Port
EF OUT DX eAX Output to Port
These are the out and in opcodes. For a protected mode i386, EC is inb, ED is inl, EE is outb and EF is outl. But what happens in V8086 mode? Should I use %eax or %ax, 32-bit values or 16-bit values? And there are only outb and outl, how does outw work in assembly? I used a x86 online assembler, and looks it uses 66 operand size override prefix. But in V8086 mode the processor doesn't GPF for the operand size override prefix. So I can't test it is an outw or outl.
What should I do in V8086 mode? Which length should I handle in ED and EF, outw or outl?
And how can I know it has a 66 operand size override prefix or not? How should I handle Port IOs correctly?
Thanks in advance.
Re: V8086 related questions
Posted: Sat Mar 11, 2017 5:09 pm
by alexfru
Is there anything unclear in the manual?:
when accessing a 16- and 32-bit I/O port, the operand-size attribute determines the port size.
When operating in real-address mode, the default addressing and operand size is 16 bits.
Re: V8086 related questions
Posted: Sun Mar 12, 2017 1:43 am
by Agola
alexfru wrote:Is there anything unclear in the manual?:
when accessing a 16- and 32-bit I/O port, the operand-size attribute determines the port size.
When operating in real-address mode, the default addressing and operand size is 16 bits.
Wow, I see it first time in the manual. Which volume is it? I usually use Volume 3-A as usually it explains what I need. And port IO sizes in manual looks everything is like I thought. I was using 16 bit IOs for these opcodes, too.
But the processor doesnt trigger #GP for operand size override prefix, what should I do for it? Could acessing and testing CS:(EIP-1) with operand size override prefix work, as opcode prefixes are just before the opcode?
Thanks in advance.
Re: V8086 related questions
Posted: Sun Mar 12, 2017 3:14 am
by alexfru
Agola wrote:alexfru wrote:Is there anything unclear in the manual?:
when accessing a 16- and 32-bit I/O port, the operand-size attribute determines the port size.
When operating in real-address mode, the default addressing and operand size is 16 bits.
Wow, I see it first time in the manual. Which volume is it? I usually use Volume 3-A as usually it explains what I need. And port IO sizes in manual looks everything is like I thought. I was using 16 bit IOs for these opcodes, too.
Intel® 64 and IA-32 Architectures Software Developer’s Manual
Combined Volumes: 1, 2A, 2B, 3A and 3B (May 2011 version)
Vol 1, section 3.3.5, 32-Bit and 16-Bit Address and Operand Sizes.
Vol 2A, section IN—Input from Port.
Learn to use the table of context and search.
Agola wrote:But the processor doesnt trigger #GP for operand size override prefix, what should I do for it?
If you have a correctly encoded instruction (with a prefix or without) not trying to violate any protection, why should it?
Agola wrote:Could acessing and testing CS:(EIP-1) with operand size override prefix work, as opcode prefixes are just before the opcode?
Bad idea. It can be the last byte of the preceding instruction or even data. Don't do that. If you get a real exception, the code address will point at the beginning of the offending instruction, not its middle. And then you parse the instruction, noting all of its prefixes, ModR/M, SIB and imm bytes and (d)words... I know, parsing x86 instructions sucks. If you're using a library to parse instructions, find out how to extract this info from it. It must be there or it wouldn't make sense to just tell you to emulate access without telling you the location or the size or both.
Re: V8086 related questions
Posted: Sun Mar 12, 2017 3:25 am
by Brendan
Hi,
alexfru wrote:Agola wrote:Could acessing and testing CS:(EIP-1) with operand size override prefix work, as opcode prefixes are just before the opcode?
Bad idea. It can be the last byte of the preceding instruction or even data. Don't do that. If you get a real exception, the code address will point at the beginning of the offending instruction, not its middle. And then you parse the instruction, noting all of its prefixes, ModR/M, SIB and imm bytes and (d)words... I know, parsing x86 instructions sucks. If you're using a library to parse instructions, find out how to extract this info from it. It must be there or it wouldn't make sense to just tell you to emulate access without telling you the location or the size or both.
Also note that you can use the "IO permission bitmap" (in the TSS) to give a Virtual8086 task permission to use specific IO ports (without causing any general protection fault). You can also set "IOPL =3" if you want to give a Virtual8086 task full access to all IO ports (e.g. if you're writing a DOS extender or something and not writing an OS).
Cheers,
Brendan
Re: V8086 related questions
Posted: Sun Mar 12, 2017 3:40 am
by alexfru
Brendan wrote:
Also note that you can use the "IO permission bitmap" (in the TSS) to give a Virtual8086 task permission to use specific IO ports (without causing any general protection fault). You can also set "IOPL =3" if you want to give a Virtual8086 task full access to all IO ports (e.g. if you're writing a DOS extender or something and not writing an OS).
Right, and then there are "Virtual 8086 Mode Extensions". But, I think, to each thing its time.
Re: V8086 related questions
Posted: Sun Mar 12, 2017 3:47 am
by Agola
alexfru wrote:Intel® 64 and IA-32 Architectures Software Developer’s Manual
Combined Volumes: 1, 2A, 2B, 3A and 3B (May 2011 version)
Vol 1, section 3.3.5, 32-Bit and 16-Bit Address and Operand Sizes.
Vol 2A, section IN—Input from Port.
Learn to use the table of context and search.
Agola wrote:But the processor doesnt trigger #GP for operand size override prefix, what should I do for it?
If you have a correctly encoded instruction (with a prefix or without) not trying to violate any protection, why should it?
Agola wrote:Could acessing and testing CS:(EIP-1) with operand size override prefix work, as opcode prefixes are just before the opcode?
Bad idea. It can be the last byte of the preceding instruction or even data. Don't do that. If you get a real exception, the code address will point at the beginning of the offending instruction, not its middle. And then you parse the instruction, noting all of its prefixes, ModR/M, SIB and imm bytes and (d)words... I know, parsing x86 instructions sucks. If you're using a library to parse instructions, find out how to extract this info from it. It must be there or it wouldn't make sense to just tell you to emulate access without telling you the location or the size or both.
"If you have a correctly encoded instruction (with a prefix or without) not trying to violate any protection, why should it?"
Yes, it shouldn't. That's the problem.
"Bad idea. It can be the last byte of the preceding instruction or even data. Don't do that. If you get a real exception, the code address will point at the beginning of the offending instruction, not its middle. And then you parse the instruction, noting all of its prefixes, ModR/M, SIB and imm bytes and (d)words... I know, parsing x86 instructions sucks. If you're using a library to parse instructions, find out how to extract this info from it. It must be there or it wouldn't make sense to just tell you to emulate access without telling you the location or the size or both."
Thanks, I'm going to start reading the Volume 2 also. My computer is really slow, so I can't use combined volumes, also scrolling is really hard. That is why I can't use table of content, as I only use the Volume 3-A. I also tried printing all of Intel documentation, but it's over 3000 pages, as you know. Maybe I need a lightweight and fast PDF viewer instead of browser's built-in PDF viewer. And my tests in V8086 shows code address points really in middle. 66 ED causes a GPF, but CS:IP points ED instead of 66.
Re: V8086 related questions
Posted: Sun Mar 12, 2017 3:59 am
by alexfru
Agola wrote:My computer is really slow, so I can't use combined volumes, also scrolling is really hard. That is why I can't use table of content, as I only use the Volume 3-A. I also tried printing all of Intel documentation, but it's over 3000 pages, as you know. Maybe I need a lightweight and fast PDF viewer instead of browser's built-in PDF viewer.
Then get yourself INTEL 80386 PROGRAMMER'S REFERENCE MANUAL 1986. It's a text file, less than 1MB in size and it has everything you need right now.
Agola wrote:And my tests in V8086 shows code address points really in middle. 66 ED causes a GPF, but CS:IP points ED instead of 66.
Then you have bugs in your code or someone else's code you're using (including any VM software in which you're making your OS experiments).
Re: V8086 related questions
Posted: Sun Mar 12, 2017 4:09 am
by Agola
alexfru wrote:Agola wrote:My computer is really slow, so I can't use combined volumes, also scrolling is really hard. That is why I can't use table of content, as I only use the Volume 3-A. I also tried printing all of Intel documentation, but it's over 3000 pages, as you know. Maybe I need a lightweight and fast PDF viewer instead of browser's built-in PDF viewer.
Then get yourself INTEL 80386 PROGRAMMER'S REFERENCE MANUAL 1986. It's a text file, less than 1MB in size and it has everything you need right now.
Agola wrote:And my tests in V8086 shows code address points really in middle. 66 ED causes a GPF, but CS:IP points ED instead of 66.
Then you have bugs in your code or someone else's code you're using (including any VM software in which you're making your OS experiments).
INTEL 80386 PROGRAMMER'S REFERENCE MANUAL 1986 looks good for me. Its much easier than scrolling in Combined Volumes 1-2-3.
I understand using only Volume 3-A doesn't enough for me. It explains much of things like processor modes, protection, paging, descriptor tables, tasks and multiprocessor handling. But it still don't have some important things required for proper development.
And, I don't use "example codes" in my os. I learn everything using manuals or other resources and write them myself. I hate asking someone for the "example code" and just copy+pasting that, not learning anything about it. The VM softwares I'm making my OS experiments in are Bochs, QEMU and VMWare. This is hard to tell they all have the same bug in their code.