IDE CD-ROM driver on a IBM PC AT 80286? \ VOGONS

Reply 1 of 38, by Jorpho

Posted on 2016-11-25, 14:25

Jorpho Offline

Rank l33t++

Rank: l33t++
Posts: 8168
Joined: 2003-02-14, 19:50
Location: Canada

What's wrong with OAKCDROM.SYS?

Reply 2 of 38, by superfury

Posted on 2016-11-29, 14:31

superfury Offline

Rank l33t++

Rank: l33t++
Posts: 5455
Joined: 2014-03-08, 11:25
Location: Netherlands

I've just tried running OAKCDROM.SYS on UniPCemu's 80286 emulation: it hangs because of an #UD of opcode 66h at 142E:0DFF.
DS: 142E; ES: 0B61
SS: 9047
AX: 0041; BX: 03E6
CX: 0000; DX: 0000
SP: 0578; BP: 001C
SI: 0010; DI: 01A0
CR0: FFF0
Flags: 0216

All values are in hex.

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 3 of 38, by vladstamate

Posted on 2016-11-29, 14:53

vladstamate Offline

Rank Oldbie

Rank: Oldbie
Posts: 967
Joined: 2015-08-23, 01:43

That means it requires 32bit processor (386+) as 0x66 is the operand size override opcode.

YouTube channel: https://www.youtube.com/channel/UC7HbC_nq8t1S9l7qGYL0mTA
Collection: http://www.digiloguemuseum.com/index.html
Emulator: https://sites.google.com/site/capex86/
Raytracer: https://sites.google.com/site/opaqueraytracer/

Reply 4 of 38, by Jorpho

Posted on 2016-11-29, 16:45

Jorpho Offline

Rank l33t++

Rank: l33t++
Posts: 8168
Joined: 2003-02-14, 19:50
Location: Canada

Huh. I did a Google search and came up with ATAPI CDROM trouble on 286 , which suggests it should run on a 286 – well, unless the subject line is completely wrong. Maybe you need an older version?

That thread also suggests VIDE-CDD.SYS .

Reply 5 of 38, by superfury

Posted on 2016-11-29, 21:08

superfury Offline

Rank l33t++

Rank: l33t++
Posts: 5455
Joined: 2014-03-08, 11:25
Location: Netherlands

So the #UD problem is actually caused by my CPU emulation having bugs? The problem is: I haven't gotten a clue as to what's going wrong. The 808X CPU emulation seems to be bug free mostly, except for Prince of Persia having buggy behaviour during the startup animation with the princess and the wizard for some reason(right half of the screen only, filled with garbage pixels). The 80186 testsuite fully checks out without detected errors. It's still in real mode, though.

The 80286 just adds a few instruction opcodes and 0F opcodes to it, as well as 286+ segmentation being enabled using software segment descriptors(checks ignored on 80(1)8X emulation).

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 6 of 38, by vladstamate

Posted on 2016-11-29, 21:46

vladstamate Offline

Rank Oldbie

Rank: Oldbie
Posts: 967
Joined: 2015-08-23, 01:43

No, this is not due to bugs. Just unsupported features. 66h is the prefix for using 32bit registers. That was introduced in 386 (which I guess you do not support yet). Like Jorpho suggested try looking for an older version. Or the VIDE-CDD.SYS.

YouTube channel: https://www.youtube.com/channel/UC7HbC_nq8t1S9l7qGYL0mTA
Collection: http://www.digiloguemuseum.com/index.html
Emulator: https://sites.google.com/site/capex86/
Raytracer: https://sites.google.com/site/opaqueraytracer/

Reply 7 of 38, by superfury

Posted on 2016-11-30, 08:37

superfury Offline

Rank l33t++

Rank: l33t++
Posts: 5455
Joined: 2014-03-08, 11:25
Location: Netherlands

I've just tried the VIDE-CDD.SYS on my 80286 AT emulation. It says it can't install on PC/XT machines.

For some reason, the screen capture messes up somehow? I've yet to figure out why, though.
Edit: Fixed the screen capture support to properly use the used buffer pitch specified in the defines, instead of maximum resolution width in pixels.

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 8 of 38, by superfury

Posted on 2016-11-30, 12:18

superfury Offline

Rank l33t++

Rank: l33t++
Posts: 5455
Joined: 2014-03-08, 11:25
Location: Netherlands

I've just tried CheckIt! Diagnostics on UniPCemu's IBM AT 286 emulation. It, for some reason, detects the CPU as a 80186 XT class? Why doesn't it detect the 80286 AT properly?

Edit: Just inspected the PUSH SP behaviour. It write the decremented SP value on the 80286 stack as well. It now uses the same behaviour as 80386+(pushing the original SP value before the value is decremented). Now CheckIt! Diagnostics properly detects the emulated IBM PC AT as a 80286 AT class CPU.

The VIDE-CDD.SYS now crashes during execution.

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 9 of 38, by vladstamate

Posted on 2016-11-30, 17:40

vladstamate Offline

Rank Oldbie

Rank: Oldbie
Posts: 967
Joined: 2015-08-23, 01:43

superfury wrote:
I've just tried CheckIt! Diagnostics on UniPCemu's IBM AT 286 emulation. It, for some reason, detects the CPU as a 80186 XT class? Why doesn't it detect the 80286 AT properly?

Edit: Just inspected the PUSH SP behaviour. It write the decremented SP value on the 80286 stack as well. It now uses the same behaviour as 80386+(pushing the original SP value before the value is decremented). Now CheckIt! Diagnostics properly detects the emulated IBM PC AT as a 80286 AT class CPU.

The VIDE-CDD.SYS now crashes during execution.

The main differences are that

8088/86 or the flags with 0xF000 and do not do a modulus of 32 (& 0x1F) for the shift/rotate counts
80188/186 do a modulus for the shift/rotate counts (and therefore first & 0x1F to the count) and also do not set top 4 bits in the flags registers on PUSHF.
80286 does the decrement SP after the stack push (for PUSH SP).

Also I always see those crashes as a blessing in disguise because it means I know found yet another software to unveil one of my bugs.

One thing worth mentioning is how are you loading the VIDE-CDD.SYS? HIMEM? Is that set up properly (in both CONFIG.SYS and your emulator?)

YouTube channel: https://www.youtube.com/channel/UC7HbC_nq8t1S9l7qGYL0mTA
Collection: http://www.digiloguemuseum.com/index.html
Emulator: https://sites.google.com/site/capex86/
Raytracer: https://sites.google.com/site/opaqueraytracer/

Reply 10 of 38, by superfury

Posted on 2016-11-30, 17:51

superfury Offline

Rank l33t++

Rank: l33t++
Posts: 5455
Joined: 2014-03-08, 11:25
Location: Netherlands

I'm using MS-DOS 5.0a with the following config.sys:

1rem DEVICE=MSDOS\LTEMM.EXE
2DEVICE=MSDOS\VIDE-CDD.SYS /D:banana

That's all it contains.

I'm loading the VIDE-CDD.SYS and CONFIG.SYS into my emulator by using the XT NECV30 emulation to copy the files to the harddisk, then closing the emulator and booting the system with AT 286 settings.

After copying the files over again, I end up here:

1Command: NEC V20/V30 #UD
2OP: FE, ROP: FE
3CS:IP=0B61:11A8
4DS: 0B61; ES: 0000
5SS: 9047
6AX: 0001; BX: 0170
7CX: 0003; DX: 0175
8SP: 0558; BP: 0024
9SI: 0F45; DI: 0000
10CR0: FFF0
11Flags: 0202

Is this normal behaviour? Is it even supposed to get to that point? (OP=First opcode byte, ROP=Opcode byte actually executed(e.g. 0F 01 becomes OP 0F; ROP 01. OP can be prefixes as well, ROP is always the opcode looked up in the normal or 0F opcode jumptable)).

It seems to be the opcode FEE8 it's trying to execute, according to the debugger logs.

1(Start of #UD handler)
200:08:24:56.01504: Writing to memory: 000909C0=01 ()
300:08:24:56.01504: Writing to memory: 000909C1=00 ( )
400:08:24:56.01536: F000:1BD0 (50)PUSH AX
500:08:24:56.01536: Registers:
600:08:24:56.01536: AX: 0001, BX: 0170, CX: 0003, DX: 0175
700:08:24:56.01536: CS: F000, DS: 0B61, ES: 0000, SS: 9047
800:08:24:56.01536: SP: 0552, BP: 0024, SI: 0F45, DI: 0000
900:08:24:56.01536: IP: 1BD0, FLAGS: 0002
1000:08:24:56.01536: CR0: FFF0
1100:08:24:56.01536: FLAGSINFO:c1p0a0zstido00n0 
1200:08:24:56.01568: Interrupt status: 0000000000000000
1300:08:24:56.01568: VGA@806,301(CRT:0,335)
1400:08:24:56.02304: Display=801,446
15
1600:08:25:03.01488: Writing to memory: 000909BE=70 (p)
1700:08:25:03.01488: Writing to memory: 000909BF=01 ()
1800:08:25:03.01520: F000:1BD1 (53)PUSH BX
1900:08:25:03.01520: Registers:
2000:08:25:03.01520: AX: 0001, BX: 0170, CX: 0003, DX: 0175
2100:08:25:03.01520: CS: F000, DS: 0B61, ES: 0000, SS: 9047
2200:08:25:03.02128: SP: 0550, BP: 0024, SI: 0F45, DI: 0000
2300:08:25:03.02192: IP: 1BD1, FLAGS: 0002
2400:08:25:03.02192: CR0: FFF0
2500:08:25:03.02224: FLAGSINFO:c1p0a0zstido00n0 
2600:08:25:03.02224: Interrupt status: 0000000000000000
2700:08:25:03.02224: VGA@873,301(CRT:0,335)
2800:08:25:03.02256: Display=801,446
29
3000:08:25:32.01440: F000:1BD2 (B00B)MOVB AL, 0B
3100:08:25:32.01472: Registers:
3200:08:25:32.01472: AX: 0001, BX: 0170, CX: 0003, DX: 0175
3300:08:25:32.01472: CS: F000, DS: 0B61, ES: 0000, SS: 9047
3400:08:25:32.01472: SP: 054E, BP: 0024, SI: 0F45, DI: 0000
3500:08:25:32.01472: IP: 1BD2, FLAGS: 0002
3600:08:25:32.01472: CR0: FFF0
3700:08:25:32.01472: FLAGSINFO:c1p0a0zstido00n0 
3800:08:25:32.02048: Interrupt status: 0000000000000000
3900:08:25:32.02048: VGA@887,301(CRT:14,335)
4000:08:25:32.02048: Display=801,446
41
4200:08:25:55.01488: F000:1BD4 (E620)OUT 20,AL
4300:08:25:55.01488: Registers:
4400:08:25:55.01520: AX: 000B, BX: 0170, CX: 0003, DX: 0175
4500:08:25:55.01520: CS: F000, DS: 0B61, ES: 0000, SS: 9047
4600:08:25:55.01520: SP: 054E, BP: 0024, SI: 0F45, DI: 0000
4700:08:25:55.01520: IP: 1BD4, FLAGS: 0002
4800:08:25:55.01520: CR0: FFF0
4900:08:25:55.02064: FLAGSINFO:c1p0a0zstido00n0 
5000:08:25:55.02096: Interrupt status: 0000000000000000
5100:08:25:55.02096: VGA@19,301(CRT:46,335)
5200:08:25:55.02096: Display=801,446
53
5400:08:25:83.01488: F000:1BD6 (EB00)JMP 1BD8
5500:08:25:83.01488: Registers:
5600:08:25:83.01488: AX: 000B, BX: 0170, CX: 0003, DX: 0175
5700:08:25:83.01488: CS: F000, DS: 0B61, ES: 0000, SS: 9047
5800:08:25:83.01520: SP: 054E, BP: 0024, SI: 0F45, DI: 0000
5900:08:25:83.01520: IP: 1BD6, FLAGS: 0002
6000:08:25:83.01520: CR0: FFF0

…Show last 240 lines

6100:08:25:83.02032: FLAGSINFO:c1p0a0zstido00n0 
6200:08:25:83.02064: Interrupt status: 0000000000000000
6300:08:25:83.02064: VGA@29,301(CRT:56,335)
6400:08:25:83.02064: Display=801,446
65
6600:08:26:07.01488: F000:1BD8 (E420)IN AL, 20
6700:08:26:07.01488: Registers:
6800:08:26:07.01488: AX: 000B, BX: 0170, CX: 0003, DX: 0175
6900:08:26:07.01520: CS: F000, DS: 0B61, ES: 0000, SS: 9047
7000:08:26:07.01520: SP: 054E, BP: 0024, SI: 0F45, DI: 0000
7100:08:26:07.01520: IP: 1BD8, FLAGS: 0002
7200:08:26:07.02096: CR0: FFF0
7300:08:26:07.02128: FLAGSINFO:c1p0a0zstido00n0 
7400:08:26:07.02128: Interrupt status: 0000000000000000
7500:08:26:07.02160: VGA@30,301(CRT:57,335)
7600:08:26:07.02160: Display=801,446
77
7800:08:26:31.01520: F000:1BDA (8AE0)MOVB AH,AL
7900:08:26:31.01520: Registers:
8000:08:26:31.01520: AX: 0000, BX: 0170, CX: 0003, DX: 0175
8100:08:26:31.01520: CS: F000, DS: 0B61, ES: 0000, SS: 9047
8200:08:26:31.01520: SP: 054E, BP: 0024, SI: 0F45, DI: 0000
8300:08:26:31.01520: IP: 1BDA, FLAGS: 0002
8400:08:26:31.01520: CR0: FFF0
8500:08:26:31.01552: FLAGSINFO:c1p0a0zstido00n0 
8600:08:26:31.02032: Interrupt status: 0000000000000000
8700:08:26:31.02032: VGA@62,301(CRT:89,335)
8800:08:26:31.02032: Display=801,446
89
9000:08:26:59.03856: F000:1BDC (0AC4)ORB AL,AH
9100:08:26:59.03856: Registers:
9200:08:26:59.03856: AX: 0000, BX: 0170, CX: 0003, DX: 0175
9300:08:26:59.03856: CS: F000, DS: 0B61, ES: 0000, SS: 9047
9400:08:26:59.03856: SP: 054E, BP: 0024, SI: 0F45, DI: 0000
9500:08:26:59.03888: IP: 1BDC, FLAGS: 0002
9600:08:26:59.03888: CR0: FFF0
9700:08:26:59.03888: FLAGSINFO:c1p0a0zstido00n0 
9800:08:26:59.03888: Interrupt status: 0000000000000000
9900:08:26:59.04496: VGA@73,301(CRT:100,335)
10000:08:26:59.04528: Display=801,446
101
10200:08:26:83.01456: F000:1BDE (7504)JNZ 1BE4
10300:08:26:83.01456: Registers:
10400:08:26:83.01456: AX: 0000, BX: 0170, CX: 0003, DX: 0175
10500:08:26:83.01456: CS: F000, DS: 0B61, ES: 0000, SS: 9047
10600:08:26:83.01488: SP: 054E, BP: 0024, SI: 0F45, DI: 0000
10700:08:26:83.01488: IP: 1BDE, FLAGS: 0046
10800:08:26:83.01488: CR0: FFF0
10900:08:26:83.01488: FLAGSINFO:c1P0a0Zstido00n0 
11000:08:26:83.01488: Interrupt status: 0000000000000000
11100:08:26:83.02032: VGA@74,301(CRT:101,335)
11200:08:26:83.02032: Display=801,446
113
11400:08:27:08.01504: F000:1BE0 (B4FF)MOVB AH, FF
11500:08:27:08.01504: Registers:
11600:08:27:08.01504: AX: 0000, BX: 0170, CX: 0003, DX: 0175
11700:08:27:08.01504: CS: F000, DS: 0B61, ES: 0000, SS: 9047
11800:08:27:08.01536: SP: 054E, BP: 0024, SI: 0F45, DI: 0000
11900:08:27:08.01536: IP: 1BE0, FLAGS: 0046
12000:08:27:08.01536: CR0: FFF0
12100:08:27:08.01536: FLAGSINFO:c1P0a0Zstido00n0 
12200:08:27:08.02112: Interrupt status: 0000000000000000
12300:08:27:08.02112: VGA@113,301(CRT:140,335)
12400:08:27:08.02112: Display=801,446
125
12600:08:27:33.01488: F000:1BE2 (EB2F)JMP 1C13
12700:08:27:33.01488: Registers:
12800:08:27:33.01488: AX: FF00, BX: 0170, CX: 0003, DX: 0175
12900:08:27:33.01488: CS: F000, DS: 0B61, ES: 0000, SS: 9047
13000:08:27:33.01488: SP: 054E, BP: 0024, SI: 0F45, DI: 0000
13100:08:27:33.01488: IP: 1BE2, FLAGS: 0046
13200:08:27:33.01488: CR0: FFF0
13300:08:27:33.01520: FLAGSINFO:c1P0a0Zstido00n0 
13400:08:27:33.01520: Interrupt status: 0000000000000000
13500:08:27:33.02000: VGA@124,301(CRT:151,335)
13600:08:27:33.02000: Display=801,446
137
13800:08:27:59.03664: Read from memory: 000909BE=70 (p)
13900:08:27:59.03664: Read from memory: 000909BF=01 ()
14000:08:27:59.03664: F000:1C13 (5B)POP BX
14100:08:27:59.03664: Registers:
14200:08:27:59.03664: AX: FF00, BX: 0170, CX: 0003, DX: 0175
14300:08:27:59.03664: CS: F000, DS: 0B61, ES: 0000, SS: 9047
14400:08:27:59.03664: SP: 054E, BP: 0024, SI: 0F45, DI: 0000
14500:08:27:59.03664: IP: 1C13, FLAGS: 0046
14600:08:27:59.03696: CR0: FFF0
14700:08:27:59.04272: FLAGSINFO:c1P0a0Zstido00n0 
14800:08:27:59.04304: Interrupt status: 0000000000000000
14900:08:27:59.04304: VGA@125,301(CRT:152,335)
15000:08:27:59.04304: Display=801,446
151
15200:08:27:83.01488: Writing to memory: 000909BE=61 (a)
15300:08:27:83.01488: Writing to memory: 000909BF=0B ()
15400:08:27:83.01488: F000:1C14 (1E)PUSH DS
15500:08:27:83.01488: Registers:
15600:08:27:83.01488: AX: FF00, BX: 0170, CX: 0003, DX: 0175
15700:08:27:83.01488: CS: F000, DS: 0B61, ES: 0000, SS: 9047
15800:08:27:83.01520: SP: 0550, BP: 0024, SI: 0F45, DI: 0000
15900:08:27:83.01520: IP: 1C14, FLAGS: 0046
16000:08:27:83.01520: CR0: FFF0
16100:08:27:83.02032: FLAGSINFO:c1P0a0Zstido00n0 
16200:08:27:83.02032: Interrupt status: 0000000000000000
16300:08:27:83.02064: VGA@185,301(CRT:212,335)
16400:08:27:83.02064: Display=801,446
165
16600:08:28:18.01472: Writing to memory: 000909BC=18 ()
16700:08:28:18.01472: Writing to memory: 000909BD=1C ()
16800:08:28:18.01472: F000:1C15 (E861FD)CALL 1979
16900:08:28:18.01472: Registers:
17000:08:28:18.01472: AX: FF00, BX: 0170, CX: 0003, DX: 0175
17100:08:28:18.01504: CS: F000, DS: 0B61, ES: 0000, SS: 9047
17200:08:28:18.02080: SP: 054E, BP: 0024, SI: 0F45, DI: 0000
17300:08:28:18.02112: IP: 1C15, FLAGS: 0046
17400:08:28:18.02112: CR0: FFF0
17500:08:28:18.02112: FLAGSINFO:c1P0a0Zstido00n0 
17600:08:28:18.02112: Interrupt status: 0000000000000000
17700:08:28:18.02112: VGA@220,301(CRT:247,335)
17800:08:28:18.02112: Display=801,446
179
18000:08:28:48.01504: Read from memory: 000F197F=40 (@)
18100:08:28:48.01504: Read from memory: 000F1980=00 ( )
18200:08:28:48.01504: ModR/M address: F000:197F=000F197F
18300:08:28:48.01504: F000:1979 (2E8E1E7F19)MOVW DS,[CS:197F]
18400:08:28:48.01504: Registers:
18500:08:28:48.01536: AX: FF00, BX: 0170, CX: 0003, DX: 0175
18600:08:28:48.02048: CS: F000, DS: 0B61, ES: 0000, SS: 9047
18700:08:28:48.02080: SP: 054C, BP: 0024, SI: 0F45, DI: 0000
18800:08:28:48.02080: IP: 1979, FLAGS: 0046
18900:08:28:48.02080: CR0: FFF0
19000:08:28:48.02080: FLAGSINFO:c1P0a0Zstido00n0 
19100:08:28:48.02080: Interrupt status: 0000000000000000
19200:08:28:48.02080: VGA@232,301(CRT:259,335)
19300:08:28:48.02112: Display=801,446
194
19500:08:28:99.03600: Read from memory: 000909BC=18 ()
19600:08:28:99.03600: Read from memory: 000909BD=1C ()
19700:08:28:99.03632: F000:197E (C3)RET
19800:08:28:99.03632: Registers:
19900:08:28:99.03632: AX: FF00, BX: 0170, CX: 0003, DX: 0175
20000:08:28:99.03632: CS: F000, DS: 0040, ES: 0000, SS: 9047
20100:08:28:99.03632: SP: 054C, BP: 0024, SI: 0F45, DI: 0000
20200:08:28:99.03632: IP: 197E, FLAGS: 0046
20300:08:28:99.04112: CR0: FFF0
20400:08:28:99.04112: FLAGSINFO:c1P0a0Zstido00n0 
20500:08:28:99.04112: Interrupt status: 0000000000000000
20600:08:28:99.04144: VGA@234,301(CRT:261,335)
20700:08:28:99.04144: Display=801,446
208
20900:08:29:30.01504: Writing to memory: 0000046B=FF (ÿ)
21000:08:29:30.01536: ModR/M address: 0040:006B=0000046B
21100:08:29:30.01536: F000:1C18 (88266B00)MOVB [DS:006B],AH
21200:08:29:30.01536: Registers:
21300:08:29:30.01536: AX: FF00, BX: 0170, CX: 0003, DX: 0175
21400:08:29:30.01536: CS: F000, DS: 0040, ES: 0000, SS: 9047
21500:08:29:30.01536: SP: 054E, BP: 0024, SI: 0F45, DI: 0000
21600:08:29:30.02112: IP: 1C18, FLAGS: 0046
21700:08:29:30.02112: CR0: FFF0
21800:08:29:30.02112: FLAGSINFO:c1P0a0Zstido00n0 
21900:08:29:30.02112: Interrupt status: 0000000000000000
22000:08:29:30.02112: VGA@315,301(CRT:342,335)
22100:08:29:30.02112: Display=801,446
222
22300:08:29:78.01472: Read from memory: 000909BE=61 (a)
22400:08:29:78.01472: Read from memory: 000909BF=0B ()
22500:08:29:78.01472: F000:1C1C (1F)POP DS
22600:08:29:78.01472: Registers:
22700:08:29:78.01472: AX: FF00, BX: 0170, CX: 0003, DX: 0175
22800:08:29:78.01472: CS: F000, DS: 0040, ES: 0000, SS: 9047
22900:08:29:78.01504: SP: 054E, BP: 0024, SI: 0F45, DI: 0000
23000:08:29:78.01504: IP: 1C1C, FLAGS: 0046
23100:08:29:78.01504: CR0: FFF0
23200:08:29:78.02144: FLAGSINFO:c1P0a0Zstido00n0 
23300:08:29:78.02176: Interrupt status: 0000000000000000
23400:08:29:78.02176: VGA@331,301(CRT:358,335)
23500:08:29:78.02176: Display=801,446
236
23700:08:30:27.01488: Read from memory: 000909C0=01 ()
23800:08:30:27.01488: Read from memory: 000909C1=00 ( )
23900:08:30:27.01488: F000:1C1D (58)POP AX
24000:08:30:27.01488: Registers:
24100:08:30:27.01488: AX: FF00, BX: 0170, CX: 0003, DX: 0175
24200:08:30:27.01488: CS: F000, DS: 0B61, ES: 0000, SS: 9047
24300:08:30:27.01520: SP: 0550, BP: 0024, SI: 0F45, DI: 0000
24400:08:30:27.01520: IP: 1C1D, FLAGS: 0046
24500:08:30:27.01520: CR0: FFF0
24600:08:30:27.02096: FLAGSINFO:c1P0a0Zstido00n0 
24700:08:30:27.02096: Interrupt status: 0000000000000000
24800:08:30:27.02096: VGA@334,301(CRT:361,335)
24900:08:30:27.02096: Display=801,446
250
25100:08:30:67.01488: Read from memory: 000909C2=A8 (¨)
25200:08:30:67.01520: Read from memory: 000909C3=11 ()
25300:08:30:67.01520: Read from memory: 000909C4=61 (a)
25400:08:30:67.01520: Read from memory: 000909C5=0B ()
25500:08:30:67.01520: Read from memory: 000909C6=02 ()
25600:08:30:67.01520: Read from memory: 000909C7=02 ()
25700:08:30:67.02192: F000:1C1E (CF)IRET
25800:08:30:67.02192: Registers:
25900:08:30:67.02256: AX: 0001, BX: 0170, CX: 0003, DX: 0175
26000:08:30:67.02256: CS: F000, DS: 0B61, ES: 0000, SS: 9047
26100:08:30:67.02256: SP: 0552, BP: 0024, SI: 0F45, DI: 0000
26200:08:30:67.02256: IP: 1C1E, FLAGS: 0046
26300:08:30:67.02256: CR0: FFF0
26400:08:30:67.02256: FLAGSINFO:c1P0a0Zstido00n0 
26500:08:30:67.02288: Interrupt status: 0000000000000000
26600:08:30:67.02288: VGA@394,301(CRT:421,335)
26700:08:30:67.02288: Display=801,446
268
26900:08:30:95.01456: Writing to memory: 000909C6=02 ()
27000:08:30:95.01488: Writing to memory: 000909C7=02 ()
27100:08:30:95.01488: Writing to memory: 000909C4=61 (a)
27200:08:30:95.01488: Writing to memory: 000909C5=0B ()
27300:08:30:95.01488: Writing to memory: 000909C2=A8 (¨)
27400:08:30:95.01488: Writing to memory: 000909C3=11 ()
27500:08:30:95.01968: 0B61:11A8 (FEE8)<NECV20/V30+ #UD>
27600:08:30:95.01968: Registers:
27700:08:30:95.02000: AX: 0001, BX: 0170, CX: 0003, DX: 0175
27800:08:30:95.02000: CS: 0B61, DS: 0B61, ES: 0000, SS: 9047
27900:08:30:95.02000: SP: 0558, BP: 0024, SI: 0F45, DI: 0000
28000:08:30:95.02000: IP: 11A8, FLAGS: 0202
28100:08:30:95.02000: CR0: FFF0
28200:08:30:95.02032: FLAGSINFO:c1p0a0zstIdo00n0 
28300:08:30:95.02032: Interrupt status: 0000000000000000
28400:08:30:95.02032: VGA@427,301(CRT:454,335)
28500:08:30:95.02064: Display=801,446
286
287(Start of #UD handler)
28800:08:32:84.01472: Writing to memory: 000909C0=01 ()
28900:08:32:84.01472: Writing to memory: 000909C1=00 ( )
29000:08:32:84.01472: F000:1BD0 (50)PUSH AX
29100:08:32:84.01472: Registers:
29200:08:32:84.01504: AX: 0001, BX: 0170, CX: 0003, DX: 0175
29300:08:32:84.01504: CS: F000, DS: 0B61, ES: 0000, SS: 9047
29400:08:32:84.01504: SP: 0552, BP: 0024, SI: 0F45, DI: 0000
29500:08:32:84.01504: IP: 1BD0, FLAGS: 0002
29600:08:32:84.02048: CR0: FFF0
29700:08:32:84.02080: FLAGSINFO:c1p0a0zstido00n0 
29800:08:32:84.02080: Interrupt status: 0000000000000000
29900:08:32:84.02080: VGA@439,301(CRT:466,335)
30000:08:32:84.02080: Display=801,446

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 11 of 38, by superfury

Posted on 2016-11-30, 19:49

superfury Offline

Rank l33t++

Rank: l33t++
Posts: 5455
Joined: 2014-03-08, 11:25
Location: Netherlands

I've made a little log of the boot procedure, until the program starts executing(Should be segment 0B61h). A warning though: the debugger log is huge(1.78GB for only a few seconds of execution data).

https://www.dropbox.com/s/tsz52s6lnjmvqw3/deb … _cdrom.zip?dl=0

Anyone can see what's going wrong?

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 12 of 38, by vladstamate

Posted on 2016-11-30, 23:10

vladstamate Offline

Rank Oldbie

Rank: Oldbie
Posts: 967
Joined: 2015-08-23, 01:43

That looks like a bogus instruction as it would give operation 5 which is not legal with opcode 0xFE (it is neither INC nor DEC 8bit). My guess is you are not executing proper code for a while but just got lucky with legal instructions until this one. Look upwards from that instruction in the log and see if you can spot anything dubious. Should not have to go far.

YouTube channel: https://www.youtube.com/channel/UC7HbC_nq8t1S9l7qGYL0mTA
Collection: http://www.digiloguemuseum.com/index.html
Emulator: https://sites.google.com/site/capex86/
Raytracer: https://sites.google.com/site/opaqueraytracer/

Reply 13 of 38, by vladstamate

Posted on 2016-11-30, 23:13

vladstamate Offline

Rank Oldbie

Rank: Oldbie
Posts: 967
Joined: 2015-08-23, 01:43

Actually it is right there. I think your IRET is just not returning to the right place. Does it looks like you are at the same instruction pointer/segment as you were when the respective INT instruction was executed (that had the last IRET)? I am guessing you are somewhere in the bushes after that IRET.

YouTube channel: https://www.youtube.com/channel/UC7HbC_nq8t1S9l7qGYL0mTA
Collection: http://www.digiloguemuseum.com/index.html
Emulator: https://sites.google.com/site/capex86/
Raytracer: https://sites.google.com/site/opaqueraytracer/

Reply 14 of 38, by Robin4

Posted on 2016-12-01, 00:14

Robin4 Offline

Rank l33t

Rank: l33t
Posts: 2418
Joined: 2011-04-04, 09:52
Location: The Netherlands

superfury wrote:
I've just tried the VIDE-CDD.SYS on my 80286 AT emulation. It says it can't install on PC/XT machines. […]
Show full quote
I've just tried the VIDE-CDD.SYS on my 80286 AT emulation. It says it can't install on PC/XT machines.

303-VIDE-CDD.SYS_IBMPCAT286.jpg

For some reason, the screen capture messes up somehow? I've yet to figure out why, though.
Edit: Fixed the screen capture support to properly use the used buffer pitch specified in the defines, instead of maximum resolution width in pixels.

I think its because of your harddisk controller.. Its set as XT... So the Cd-rom drivers think your computer is an XT.. Remove that hdd controller and use a regular 16-bit one..

~ At least it can do black and white~

Reply 15 of 38, by superfury

Posted on 2016-12-01, 06:05

superfury Offline

Rank l33t++

Rank: l33t++
Posts: 5455
Joined: 2014-03-08, 11:25
Location: Netherlands

Robin4, that XT problem isn't the case. If you look at the XT-IDE BIOS it clearly says it's the AT version, so it cannot be an XT HDD BIOS. Also, the reporting of an XT in use was because the PUSH SP pushed the decremented value on the stack, causing a CPU misidentification(80186 instead of 80286 CPU detected). This has been fixed already in the log.

Edit: Also, if the IRET was bugged, MS-DOS and the BIOS wouldn't even be able to finish booting the OS(without the CD-ROM driver loaded).

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 16 of 38, by vladstamate

Posted on 2016-12-01, 15:36

vladstamate Offline

Rank Oldbie

Rank: Oldbie
Posts: 967
Joined: 2015-08-23, 01:43

No, I am not saying IRET handling is bugged. But that something happens before IRET such that the stack is corrupted so when IRET is popping CS:IP they are not the correct ones. That can happen for various reasons (like the code doing some math on the SS or SP that you might not handle properly). The best way to confirm (or deny) this hypothesis is like I said to look at the paired INT instruction higher in the log and see if the CS:IP before the INT matches the CS:IP after IRET.

YouTube channel: https://www.youtube.com/channel/UC7HbC_nq8t1S9l7qGYL0mTA
Collection: http://www.digiloguemuseum.com/index.html
Emulator: https://sites.google.com/site/capex86/
Raytracer: https://sites.google.com/site/opaqueraytracer/

Reply 17 of 38, by superfury

Posted on 2016-12-01, 19:44

superfury Offline

Rank l33t++

Rank: l33t++
Posts: 5455
Joined: 2014-03-08, 11:25
Location: Netherlands

I implemented the IRET log as well as re-enabled the interrupt log return addresses and causing instruction:

Filename: cpu_log_20161201_2050_interrupts_and_iret.zip
File size: 545.91 KiB
Downloads: 121 downloads
File comment: Log of interrupts and IRET addresses and instructions causing it.
File license: Fair use/fair dealing exception

Can you see something strange happening?

Btw the FFFFFFFF error code is actually -1 values(Meaning no error code is present: it's a normal INT instruction or instruction without error code).

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 18 of 38, by superfury

Posted on 2016-12-02, 10:58

superfury Offline

Rank l33t++

Rank: l33t++
Posts: 5455
Joined: 2014-03-08, 11:25
Location: Netherlands

I've fixed those -1 values now being properly reported as -1, as well as the debugger having the bug of not generating debugger information(executed opcode disassembly) when protection errors are raised because of memory faults during GRP1-5 opcodes(it didn't generate the required instruction disassembly in that case, reporting an invalid #UD due to missing disassembly generation).

Edit: The updated logs, as well as the debugger log of executed instructions while booting MS-DOS up until the #UD occurs:
https://www.dropbox.com/s/sv6ywre7bd7o0nq/cpu … d_iret.zip?dl=0

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 19 of 38, by vladstamate

Posted on 2016-12-03, 14:50

vladstamate Offline

Rank Oldbie

Rank: Oldbie
Posts: 967
Joined: 2015-08-23, 01:43

Unfortunately the log is hard to read because it has a lot of info that is not relevant to this problem. All we need is the list of instructions (maybe accompanied by what is written to memory and what not). There are a lot of INT inside INT so it is hard to find out which is related to the faulty IRET. Oh and you definitely need the CS:IP in the log.

YouTube channel: https://www.youtube.com/channel/UC7HbC_nq8t1S9l7qGYL0mTA
Collection: http://www.digiloguemuseum.com/index.html
Emulator: https://sites.google.com/site/capex86/
Raytracer: https://sites.google.com/site/opaqueraytracer/

Main menu

Common searches