2011-12-13-2055Z

Something strange going on here...

<bochs:20> r
eax: 0x00000003 3
ecx: 0x00094144 606532
edx: 0x000f03fb 984059
ebx: 0xe0004144 -536854204
esp: 0x0009fffc 655356
ebp: 0x00000f9a 3994
esi: 0x0009f400 652288
edi: 0x00200200 2097664
eip: 0x0020028e
eflags 0x00000046: id vip vif ac vm rf nt IOPL=0 of df if tf sf ZF af PF cf
<bochs:21> s
Next at t=123858401
(0) [0x0000000000200291] 0008:00200291 (unk. ctxt): out dx, al                ; ee
<bochs:22> r
eax: 0x00000003 3
ecx: 0x00094144 606532
edx: 0x000f03f8 984056
ebx: 0xe0004144 -536854204
esp: 0x0009fffc 655356
ebp: 0x00000f9a 3994
esi: 0x0009f400 652288
edi: 0x00200200 2097664
eip: 0x00200291
eflags 0x00000082: id vip vif ac vm rf nt IOPL=0 of df if tf SF zf af pf cf
<bochs:23>

Why the hell is PF dropping? Same in Qemu with the GDB stub:

(gdb) si
0x0020028e in ?? ()
=> 0x0020028e:	80 ea 03	sub    $0x3,%dl
12: /x $eax = 0x3
11: /x $ebx = 0xfe004144
10: /x $ecx = 0x4144
9: /x $edx = 0x3fb
8: /x $esi = 0x9f400
7: /x $edi = 0x200200
6: /x $ebp = 0xf9a
5: /x $esp = 0x9fffc
4: /x $es = 0x10
3: /x $ds = 0x10
2: /x $cs = 0x8
1: /x $ss = 0x10
(gdb) info reg
eax            0x3	3
ecx            0x4144	16708
edx            0x3fb	1019
ebx            0xfe004144	-33537724
esp            0x9fffc	0x9fffc
ebp            0xf9a	0xf9a
esi            0x9f400	652288
edi            0x200200	2097664
eip            0x20028e	0x20028e
eflags         0x46	[ PF ZF ]
cs             0x8	8
ss             0x10	16
ds             0x10	16
es             0x10	16
fs             0x0	0
gs             0xb800	47104
(gdb) si
0x00200291 in ?? ()
=> 0x00200291:	ee	out    %al,(%dx)
12: /x $eax = 0x3
11: /x $ebx = 0xfe004144
10: /x $ecx = 0x4144
9: /x $edx = 0x3f8
8: /x $esi = 0x9f400
7: /x $edi = 0x200200
6: /x $ebp = 0xf9a
5: /x $esp = 0x9fffc
4: /x $es = 0x10
3: /x $ds = 0x10
2: /x $cs = 0x8
1: /x $ss = 0x10
(gdb) info reg
eax            0x3	3
ecx            0x4144	16708
edx            0x3f8	1016
ebx            0xfe004144	-33537724
esp            0x9fffc	0x9fffc
ebp            0xf9a	0xf9a
esi            0x9f400	652288
edi            0x200200	2097664
eip            0x200291	0x200291
eflags         0x82	[ SF ]
cs             0x8	8
ss             0x10	16
ds             0x10	16
es             0x10	16
fs             0x0	0
gs             0xb800	47104

Real hardware is crashing too, but not sure if it's due to this or not. Note that it doesn't crash right here; it crashes later, when I'm trying to jump back into 16-bit protected mode with a far ret. Then it triple-faults.

Back to blog or home page

last updated 2011-12-13 16:12:10. served from tektonic.jcomeau.com