Page 2 of 3
Posted: Tue Mar 06, 2007 3:27 pm
by Candy
oscoder wrote:pcmattman wrote:No, that's something only the pig-headed freaks over at Apple would try, and even then they might have the common sense (
) to not do it...
Shouldn't that be 'pig-headed
phreaks'?
Not unless they abuse the phone system while displaying a red screen of death...
Posted: Tue Mar 06, 2007 3:35 pm
by Brynet-Inc
Candy wrote:oscoder wrote:pcmattman wrote:No, that's something only the pig-headed freaks over at Apple would try, and even then they might have the common sense (
) to not do it...
Shouldn't that be 'pig-headed
phreaks'?
Not unless they abuse the phone system while displaying a red screen of death...
I'm going guess he might of been joking about the two
Apple founders history in phone phreaking.
Learn your history Candy.
The Web! wrote:Steve Wozniak - a.k.a. "Woz". One of the "Two Steve's" who founded Apple Computer and sold Blue Boxes at University. Claims he grew out of phreaking and hacking (true hacking) when he started Apple with Steve Jobs. He no longer works at Apple..
Steve Wozniak & Steve Jobs were both best friends.. I'm guessing Steve also dabbled in the dark arts.. or was probably hanging out with "Woz" while he sold them.. (Or built them..)..
http://www.woz.org/ --A picture of Steve Wozniak & Jobs building a Blue Box is on the front page of Steve Wozniak's site..
Posted: Mon Jun 25, 2007 8:05 am
by inflater
Old Topic reincarnation:
Do you see how my brand new floppy driver works?
(At least everything listed in the SoD is correct, except the EFLAGS, which should be 0x202
)
- The SoD can be blue, green, magenta, red, dark gray
,... etc. - it is configurable, at least, in the source code by changing one variable.
For now, this halts the system completely, even if it is only a little error like divide by zero or unhandled INT. And, a little stack listing will be displayed too.
inflater
Posted: Mon Jun 25, 2007 8:07 am
by AJ
You should put that Mr Bean pic as the backdrop
Posted: Mon Jun 25, 2007 8:10 am
by inflater
AJ wrote:You should put that Mr Bean pic as the backdrop
Hehe, that may be possible
inflater
Posted: Mon Jun 25, 2007 1:56 pm
by Speewave
an idea i had was find the Vista Logo as a background and say " This Operating System has taken a dump:"
(Hex Dumps here)
i callit VSOD (the Vista Screen Of Death!)
Posted: Tue Jun 26, 2007 10:49 am
by inflater
I've updated my BSOD.
Note: If the exception is GPF (INT 0x0D), ALL registers, except SS:ESP and ES, FS, GS and DS, are having wrong values, which is really weird
unlike the "unhandled int" and other exceptions. Weird.
So, take a look:
For example, CS should be 0x10, EFLAGS 0x202, notice the weird GDT and IDT...
//EDIT: Sorry AJ, no Mr. Bean now...
This is my 300th post, hurray!
inflater
Posted: Tue Jun 26, 2007 1:09 pm
by frank
@inflater
Have you accounted for the error code that a gpf pushes on the stack?
Posted: Wed Jun 27, 2007 8:20 am
by inflater
frank wrote:@inflater
Have you accounted for the error code that a gpf pushes on the stack?
Of course, I absolutely do not use something like
mov ax,cs
for the three values pushed on the stack (EIP,CS,EFLAGS - downwards) because I don't want to get CS:EIP of the BSOD code, but CS:EIP where exactly the error was
I use them like this:
I will save the original values of EAX, BX and ECX to some variables declared in code. Then, I will
Code: Select all
pop eax ;get the EIP (32bit no.)
pop bx ;get the CS (16bit no.)
pop ecx ;get eflags (32bit no.)
, store EAX to the [EIPValue] variable, the same with BX to the [CSValue] variable, etc. and then, I will restore the original values of these registers (they are not pushed on the stack but saved on the variables EIPValue etc.) and I will push them back to stack, like this:
because I want sometime to resume execution of the OS (if it was only a little error, like, e.g. unhandled int, or divide by zero).
This technique works with the unhandled int exception, like show'd in the screen above (except eflags). But I wonder why this doesn't work with GPF fault handler (they are all the same...)
Regards,
inflater
Posted: Wed Jun 27, 2007 12:00 pm
by JAAman
inflater wrote:
But I wonder why this doesn't work with GPF fault handler
because you are not accounting for the error code (at least your last post gave nothing to indicate that you did)
when a #GP is triggered, the CPU pushes a special code to the top of the stack -- this code helps you to discover why the GPF occured
before removing any of the other values from the stack (like CS:EIP, SS:ESP, or EFLAGS) you must first remove this code (reference: 3A:5.13 and 3A:fig.5-4)
Posted: Wed Jun 27, 2007 12:13 pm
by Aali
if i remember correctly, CS is 32 bits in an interrupt stack frame
and i dont see why in the world it would be 16 bits
Posted: Wed Jun 27, 2007 12:25 pm
by inflater
@JAAman:
Thank you for your response, I will look into the intel manuals for help. (I just entered the "world of pmode" so excuse me for any old realmode mistakes in protected mode.)
//EDIT: Sorry JAAman, when reading other post, I confused the words "GPF code" with other things...
@Aali:
CS is 32-bits, you are right, but I never seen it's value above 0xFFFF, so I'm treating CS's value as a 16-bit number. (Trying to not confuse real mode segmentation again...)
Regards
inflater
Posted: Thu Jun 28, 2007 7:38 am
by Aali
of course, the CS selector itself is only 16 bits, but its still 32 bits in the stack frame, which means you cant do this:
Code: Select all
pop eax ;get the EIP (32bit no.)
pop bx ;get the CS (16bit no.)
pop ecx ;get eflags (32bit no.)
actually, you should never, ever use 16bit stack operations (push/pop) on a 32bit stack, since it will screw up alignment
Posted: Thu Jun 28, 2007 4:17 pm
by Edwin
??
As far as I know, any push or pop in 32-bit execution mode will decrement or increment esp by 4..
Posted: Thu Jun 28, 2007 4:52 pm
by Aali
Edwin wrote:??
As far as I know, any push or pop in 32-bit execution mode will decrement or increment esp by 4..
well, we ARE talking about x86 here
its been proven over and over that there is just no limit to how much braindamage you can cram into one architecture