VOGONS


Compaq Deskpro 386 CPU emulation issues?

Topic actions

Reply 100 of 163, by superfury

User metadata
Rank l33t++
Rank
l33t++

Something odd is happening with doing CheckIt! Diagnostics 3.0 Protected mode test? It seems to be crashing running the test (The #UD)?

The log(without the registers being dumped):

Filename
debugger_CheckItDiagnostics_ProtectedModeTest_UniPCemu_20180405_1159.zip
File size
570.51 KiB
Downloads
71 downloads
File comment
Simplified log, common log format, no registers
File license
Fair use/fair dealing exception

it seems to be going wrong somewhere after finishing the loop, executing a call which ends up incorrectly into an #UD for some reason? It seems to try execute a LDS with a register argument instead of the required memory argument?

I'm running CheckIt Diagnostics 3.0 on the 80286 CPU.

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 101 of 163, by superfury

User metadata
Rank l33t++
Rank
l33t++

Just tried the Supersoft/Landmark AT Diagnostics BIOS again. Apparently, behaviour has changed: it's now trying to load a NULL(0x0000) segment into CS during an IRET? So that's progress compared to the old 0xAAAA segment(which was even worse)?

Last edited by superfury on 2018-04-10, 09:09. Edited 1 time in total.

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 102 of 163, by superfury

User metadata
Rank l33t++
Rank
l33t++

Managed to test and verify the crashing of the app on Android happening in two cases(both restarting the emulation): CPU changes(8086/80186/80286/80386/80486 change) and Video card changes(atm only Tseng changing to/from other video cards, but that's a bug(since others need reboot, which they don't currently)). All other hardware can be modified(requiring reboot) without the app crashing on Android.

Edit: It seems to be running without crashing again, with the latest bugfixes! 😁

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 103 of 163, by superfury

User metadata
Rank l33t++
Rank
l33t++

Stepping through the executed opcodes(removing their breakpoints once verified) with the Visual Studio debugger reveals no errors(except the invalid segment load that was happening during protected mode). Even after fixing this(currently done until the XTIDE BIOS starts running on the AT emulation), one 'error' is observed(although not observed in the execution of instruction substeps): CGA and MDA somehow stop after checking the memory(and the recount that happens after that), never getting to continue on to the display of invalid BIOS checksum/uninitialized settings message and press F1 to continue? Maybe a hardware bug somehow(Motorola chip emulation on VGA base module bug?)? VGA continues properly, as do the Tseng video cards?

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 104 of 163, by superfury

User metadata
Rank l33t++
Rank
l33t++

I'm just wondering(having checked the whole 8086 instruction set, except DEC SP(opcode 4C), POP SP(opcode 5C), INTO(opcode CE) and IN AX,imm8(opcode E5), without finding any errors during it's execution(assuming the flag calculations are working correctly)), could there possibly be a problem with the ModR/M fetching and/or calculations somehow?

ModR/M fetching/decoding support(look at modrm_decode8/16/32(for the decoding) and modrm_readparams(for the fetching, which also calls the decoding part when finished, the BIU functions are the actually 8086+ 8/16/32 bit bus/register I/O access functions)):
https://bitbucket.org/superfury/unipcemu/src/ … drm.c?at=master

Anyone can see something going wrong? Or is it 100% accurate?

One 8086 software seems to crash: california games, when running on the 80286(8086 probably as well, since it's just a few new instructions) when entering the player's name #1?

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 105 of 163, by superfury

User metadata
Rank l33t++
Rank
l33t++

Just found a bug within the x86 task switching: NT of the incoming task wasn't cleared when executing a JMP instruction triggering the task switch. So, a JMP to the current task only has the effect of clearing the NT bit, thus unable to return to any parent task(through CALL/IRET combination) after doing so? So in other words, it kills the backlink to the parent task?

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 106 of 163, by superfury

User metadata
Rank l33t++
Rank
l33t++

I've made a little log of the Landmark/Supersoft AT BIOS running in protected mode. Can anyone see what's going wrong? Why is it using an IRET to the wrong location?

Filename
debugger_landmarksupersoftBIOS_protectedmode.7z
File size
333.95 KiB
Downloads
67 downloads
File comment
Log of the Landmark/Supersoft AT BIOS running in protected mode, from the point of enteirng protected mode until leaving protected mode for error handling.
File license
Fair use/fair dealing exception

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 107 of 163, by superfury

User metadata
Rank l33t++
Rank
l33t++

I've found some kind of EMM386 driver code at https://github.com/lpproj/emm386.nec/tree/mas … r/source/emm386 , but the downloads at ftp://ftp.devoresoftware.com/downloads/emm386 seems to have confusing filenames. Which one is the build for the IBM PC 386 compatibles? That way, I would at least have a documented EMM386 to test my new CPU emulation with.

Edit: Running in protected mode, switching tasks seems to crash writing offset 0x20 from the TSS, causing a #GP fault? AccessRights=0x8B, limit=0x00068?
Edit: It doesn't seem to be the limit: it's the Access Rights being interpreted as a System segment(code/data segment), which causes a #GP fault because it's invalid(it's assuming TSS.S==0 without checking for it)... Whoops:S

Edit: Hmmmm... Loading descriptor 0x38(#7 from the LDT) into CS fails?
Edit: Strange: The CPL is 0x38 somehow? That shouldn't happen?

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 108 of 163, by superfury

User metadata
Rank l33t++
Rank
l33t++

Trying to use the FreeDOS EMM386.EXE from the Floppy disk version on the 80386 emulation seems to triple fault because of nested #PF faults at address 0x113630->0x113660->0x113630=triple fault? The final address being the triple faul itself instead of a page fault?

Edit: It seems to correctly retrieve the PDE and PTE for said entry, then page faults on the IDT entry being retrieved, because the CPL has a mismatch? The fetches for the IDT and GDT are triggered at user level(because CPL is 3), while being reads(since they're IDT fetches by the interrupt handling mechanism). Is that correct behaviour? Is the paging unit used at user level(because CPL is 3) when fetching and storing IDT or GDT entries for any purpose?

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 109 of 163, by crazyc

User metadata
Rank Member
Rank
Member
superfury wrote:

Trying to use the FreeDOS EMM386.EXE from the Floppy disk version on the 80386 emulation seems to triple fault because of nested #PF faults at address 0x113630->0x113660->0x113630=triple fault? The final address being the triple faul itself instead of a page fault?

This should only happen when there's a page fault accessing the page fault handler or a page fault loading the IDT/GDT entry for the page fault handler (and the second would be a double fault anyway).

superfury wrote:

Edit: It seems to correctly retrieve the PDE and PTE for said entry, then page faults on the IDT entry being retrieved, because the CPL has a mismatch? The fetches for the IDT and GDT are triggered at user level(because CPL is 3), while being reads(since they're IDT fetches by the interrupt handling mechanism). Is that correct behaviour? Is the paging unit used at user level(because CPL is 3) when fetching and storing IDT or GDT entries for any purpose?

I believe that implicit table access should occur at CPL 0 because if it didn't tons of stuff wouldn't work.

Reply 110 of 163, by superfury

User metadata
Rank l33t++
Rank
l33t++

OK. I've modified the CPL for normal memory accesses(which includes TSS accesses) to be used, while all descriptor accesses by the CPU all execute at CPL 0(IDT/GDT/LDT reads and writes). That should fix that problem.

Oddly enough, nothing is stated about such behaviour in any documentation I can find?

Edit: TSS loading and saving has always been performed at CPL 0, although the CPL is applied to all other required privilege checks when task switching(e.g. the TSS descriptor DPL checking against RPL and CPL).

Edit: Having adjusted that, it's now still oddly triple faulting on the JEMM386.EXE I've taken from the floppy disk version of FreeDOS. It seems to be in Virtual 8086 mode, causing a fault because of some interrupt(Visual Studio won't let me know exactly where, just pointing to the end of the main interrupt function), the call stack giving a subfunction that's not called by the function directly(there's usually at least two sublayers in between(main interrupt handling -> CPU_GP, which either calls the triple fault handler(when combining invalid faults) or calls CPU_executionphase_startinterrupt, which calls CPU_OP, which starts a new interrupt phase and continues to call the new interrupt(back to the first step).

It's kind of odd that I don't see the actual fault being raised, thus unknown what's going wrong(I expect CPU_GP is called with error code 9, as that is what the interrupt error code within CPU_OP is reporting). So it's not an interrupt vector fault, but actually a CS load fault(as the stack switches are handled by another subfunction, which shouldn't have been optimized away afaik). So said CS which is using descriptor selector 0009h is causing a fault when loaded? But it's unknown why?

Edit: It seems the JEMM386.EXE Virtual 8086 monitor uses a flat 32-bit CS segment register, which wasn't supported yet in the limit checks on the resulting CS:EIP address. Having fixed that, the OS continues booting correctly(at least with JEMM386). 😁

Just tried actually using the EMS memory by running the NO$GMB emulator after loading the JEMM386 executable(and loading the VIDE-CDD CD-ROM drivers). Disk access itself(using simple DIR commands) seems to work properly, but running the emulator seems to crash it into hanging the CPU trying to load the C000(VGA ROM) segment in protected mode(by the Virtual 8086 Monitor itself)?

Edit: Also, the emulation speed drops dramatically(from ~14% to 2%) once having loaded the command prompt and/or CD-ROM drivers? Maybe something to do with the protected-mode interrupt handling being that slow?

Edit: It seems that was mainly because of Visual Studio's breakpoints(disabling them speeds it back up to 10%).

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 111 of 163, by superfury

User metadata
Rank l33t++
Rank
l33t++

Just ran the emstest.com program (Lo-tech EMS Board Test Utility from https://www.lo-tech.co.uk/wiki/Lo-tech_2MB_EMS_Board ) to test the EMS using the JEMM386.EXE . It checks out completely 😁 (The general write failure was due to me having the disk set to read-only)

483_EMS testing on Compaq Deskpro 386 having JEMM386.EXE loaded as a driver(no parameters)..jpg
Filename
483_EMS testing on Compaq Deskpro 386 having JEMM386.EXE loaded as a driver(no parameters)..jpg
File size
66.72 KiB
Views
1849 views
File comment
JEMM386 testing results
File license
Fair use/fair dealing exception

Just tried running Wolfenstein 3D with JEMM386.EXE on the Compaq Deskpro 386 emulation. Slow, but running(at 11% speed).

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 112 of 163, by superfury

User metadata
Rank l33t++
Rank
l33t++

The only V86-error that seems to remain is using the Microsoft EMM386.EXE/SYS: when using it, after loading the CD-ROM drivers and starting the command prompt, it faults on itself executing a HLT instruction within the VM-monitor? That seems to happen at offset 6666h within the monitor? Anyone knows something about that? Oddly enough, that would mean that either the monitor detects the HLT instruction of MS-DOS incorrectly, or that it itself is somehow running at ring 3(loading into ring 0 from V86 mode, then far jump/retf to ring 3)?

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 113 of 163, by superfury

User metadata
Rank l33t++
Rank
l33t++

It seems to be trying to execute a F0F4(locked HLT) from protected mode? That shouldn't be in there(as HLT isn't allowed to be locked), thus some invalid jump must be executed?

I remember the emm386 jumping there(0048:6667) from it's monitor using the ECX register with an rediculously high index? Maybe time to add a simple debugger mode that skips the debugger itself when keep running, to allow some logging during protected mode only(instead of single-stepping)...
Edit: Implemented said function(essentially the normal keep running debugger mode, but with the debugger interface itself disabled(to allow logging(if enabled), but without it keep firing up the debugger and display it on the screen)).

That will now allow me to actually log the VM monitor only, looking at what it's actually doing(without looking at the normal OS running within the VM).

Filename
debugger_EMM386_Virtual8086monitor_HLT_UD.7z
File size
516.7 KiB
Downloads
65 downloads
File comment
Virtual 8086 monitor faulting, full log since MS-DOS 5.0a boot.
File license
Fair use/fair dealing exception

It seems to be handling some INT 21h before it's crashing?

00:14:06:58.09568: Starting V86 interrupt/fault: INT 21(CD(0F:00)),immb:21,AX=5000)
RAM(r):00127ED4=00( ); Physical(r):00127ED4=00( ); Paged(r):00127ED4=00( ); Normal(r):00127ED4=00( ); RAM(r):00127ED5=00( ); Physical(r):00127ED5=00( ); Paged(r):00127ED5=00( ); Normal(r):00127ED5=00( ); RAM(r):00118003=00( ); Physical(r):00118003=00( ); Paged(r):00118003=00( ); RAM(r):00118002=11(); Physical(r):00118002=11(); Paged(r):00118002=11(); RAM(r):00118001=C0(À); Physical(r):00118001=C0(À); Paged(r):00118001=C0(À); RAM(r):00118000=67(g); Physical(r):00118000=67(g); Paged(r):00118000=67(g); RAM(r):0011C48B=00( ); Physical(r):0011C48B=00( ); Paged(r):0011C48B=00( ); RAM(r):0011C48A=12(); Physical(r):0011C48A=12(); Paged(r):0011C48A=12(); RAM(r):0011C489=20( ); Physical(r):0011C489=20( ); Paged(r):0011C489=20( ); RAM(r):0011C488=67(g); Physical(r):0011C488=67(g); Paged(r):0011C488=67(g)
RAM(r):00122300=66(f); Physical(r):00122300=66(f); Paged(r):00122300=66(f); RAM(r):00122301=55(U); Physical(r):00122301=55(U); Paged(r):00122301=55(U); RAM(r):00122302=8B(‹); Physical(r):00122302=8B(‹); Paged(r):00122302=8B(‹); RAM(r):00122303=EC(ì); Physical(r):00122303=EC(ì); Paged(r):00122303=EC(ì)
RAM(r):00118003=00( ); Physical(r):00118003=00( ); Paged(r):00118003=00( ); RAM(r):00118002=11(); Physical(r):00118002=11(); Paged(r):00118002=11(); RAM(r):00118001=C0(À); Physical(r):00118001=C0(À); Paged(r):00118001=C0(À); RAM(r):00118000=67(g); Physical(r):00118000=67(g); Paged(r):00118000=67(g); RAM(r):0011C4AF=00( ); Physical(r):0011C4AF=00( ); Paged(r):0011C4AF=00( ); RAM(r):0011C4AE=12(); Physical(r):0011C4AE=12(); Paged(r):0011C4AE=12(); RAM(r):0011C4AD=B0(°); Physical(r):0011C4AD=B0(°); Paged(r):0011C4AD=B0(°); RAM(r):0011C4AC=67(g); Physical(r):0011C4AC=67(g); Paged(r):0011C4AC=67(g)
RAM(r):00122304=6A(j); Physical(r):00122304=6A(j); Paged(r):00122304=6A(j); RAM(r):00122305=21(!); Physical(r):00122305=21(!); Paged(r):00122305=21(!); RAM(r):00122306=68(h); Physical(r):00122306=68(h); Paged(r):00122306=68(h); RAM(r):00122307=C0(À); Physical(r):00122307=C0(À); Paged(r):00122307=C0(À)
RAM(r):00122308=00( ); Physical(r):00122308=00( ); Paged(r):00122308=00( ); RAM(r):00122309=0F(); Physical(r):00122309=0F(); Paged(r):00122309=0F(); RAM(r):0012230A=A9(©); Physical(r):0012230A=A9(©); Paged(r):0012230A=A9(©); RAM(r):0012230B=65(e); Physical(r):0012230B=65(e); Paged(r):0012230B=65(e)
Paged(w):0012BED8=1C(); Physical(w):0012BED8=1C(); RAM(w):0012BED8=1C(); Paged(w):0012BED9=09( ); Physical(w):0012BED9=09( ); RAM(w):0012BED9=09( ); Paged(w):0012BEDA=00( ); Physical(w):0012BEDA=00( ); RAM(w):0012BEDA=00( ); Paged(w):0012BEDB=00( ); Physical(w):0012BEDB=00( ); RAM(w):0012BEDB=00( )
0048:00000f00 66 55 push ebp RAM(r):0012230C=0F(); Physical(r):0012230C=0F(); Paged(r):0012230C=0F(); RAM(r):0012230D=BA(º); Physical(r):0012230D=BA(º); Paged(r):0012230D=BA(º); RAM(r):0012230E=36(6); Physical(r):0012230E=36(6); Paged(r):0012230E=36(6); RAM(r):0012230F=C2(Â); Physical(r):0012230F=C2(Â); Paged(r):0012230F=C2(Â)
Registers:
EAX: 00005000 EBX: 00080787 ECX: 000000ff EDX: 00000787
ESP: 00000fdc EBP: 0000091c ESI: 00110100 EDI: 0011fffe
CS: 0048 DS: 0000 ES: 0000 FS: 0000 GS: 0000 SS: 0058 TR: 0028 LDTR: 0000
EIP: 00000f00 EFLAGS: 00003002
CR0: 8000fff1 CR1: 00000000 CR2: 00000000 CR3: 00118000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 00000012c7800177 IDTR: 00000012bf8007ff
FLAGSINFO: 00000000000000vr0n11oditsz0a0p1c
0048:00000f02 8B EC mov bp,sp RAM(r):00127ED4=00( ); Physical(r):00127ED4=00( ); Paged(r):00127ED4=00( ); Normal(r):00127ED4=00( ); RAM(r):00127ED5=00( ); Physical(r):00127ED5=00( ); Paged(r):00127ED5=00( ); Normal(r):00127ED5=00( )
Registers:
EAX: 00005000 EBX: 00080787 ECX: 000000ff EDX: 00000787
ESP: 00000fd8 EBP: 0000091c ESI: 00110100 EDI: 0011fffe
CS: 0048 DS: 0000 ES: 0000 FS: 0000 GS: 0000 SS: 0058 TR: 0028 LDTR: 0000
EIP: 00000f02 EFLAGS: 00003002
CR0: 8000fff1 CR1: 00000000 CR2: 00000000 CR3: 00118000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 00000012c7800177 IDTR: 00000012bf8007ff
FLAGSINFO: 00000000000000vr0n11oditsz0a0p1c
RAM(r):00122310=08(); Physical(r):00122310=08(); Paged(r):00122310=08(); RAM(r):00122311=06(); Physical(r):00122311=06(); Paged(r):00122311=06(); RAM(r):00122312=0F(); Physical(r):00122312=0F(); Paged(r):00122312=0F(); RAM(r):00122313=82(‚); Physical(r):00122313=82(‚); Paged(r):00122313=82(‚)
RAM(r):00127ED4=00( ); Physical(r):00127ED4=00( ); Paged(r):00127ED4=00( ); Normal(r):00127ED4=00( ); RAM(r):00127ED5=00( ); Physical(r):00127ED5=00( ); Paged(r):00127ED5=00( ); Normal(r):00127ED5=00( ); Paged(w):0012BED6=21(!); Paged(w):0012BED7=00( ); Physical(w):0012BED6=21(!); RAM(w):0012BED6=21(!); Physical(w):0012BED7=00( ); RAM(w):0012BED7=00( )
0048:00000f04 6A 21 push 21
Registers:
EAX: 00005000 EBX: 00080787 ECX: 000000ff EDX: 00000787
ESP: 00000fd8 EBP: 00000fd8 ESI: 00110100 EDI: 0011fffe
CS: 0048 DS: 0000 ES: 0000 FS: 0000 GS: 0000 SS: 0058 TR: 0028 LDTR: 0000
EIP: 00000f04 EFLAGS: 00003002
CR0: 8000fff1 CR1: 00000000 CR2: 00000000 CR3: 00118000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 00000012c7800177 IDTR: 00000012bf8007ff
FLAGSINFO: 00000000000000vr0n11oditsz0a0p1c
RAM(r):00127ED4=00( ); Physical(r):00127ED4=00( ); Paged(r):00127ED4=00( ); Normal(r):00127ED4=00( ); RAM(r):00127ED5=00( ); Physical(r):00127ED5=00( ); Paged(r):00127ED5=00( ); Normal(r):00127ED5=00( ); Paged(w):0012BED4=C0(À); Paged(w):0012BED5=00( ); Physical(w):0012BED4=C0(À); RAM(w):0012BED4=C0(À); Physical(w):0012BED5=00( ); RAM(w):0012BED5=00( )
RAM(r):00122314=74(t); Physical(r):00122314=74(t); Paged(r):00122314=74(t); RAM(r):00122315=00( ); Physical(r):00122315=00( ); Paged(r):00122315=00( ); RAM(r):00122316=65(e); Physical(r):00122316=65(e); Paged(r):00122316=65(e); RAM(r):00122317=0F(); Physical(r):00122317=0F(); Paged(r):00122317=0F()
0048:00000f06 68 C0 00 push 00c0
Registers:
EAX: 00005000 EBX: 00080787 ECX: 000000ff EDX: 00000787
ESP: 00000fd6 EBP: 00000fd8 ESI: 00110100 EDI: 0011fffe
CS: 0048 DS: 0000 ES: 0000 FS: 0000 GS: 0000 SS: 0058 TR: 0028 LDTR: 0000
EIP: 00000f06 EFLAGS: 00003002
CR0: 8000fff1 CR1: 00000000 CR2: 00000000 CR3: 00118000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 00000012c7800177 IDTR: 00000012bf8007ff
FLAGSINFO: 00000000000000vr0n11oditsz0a0p1c
RAM(r):00127ED4=00( ); Physical(r):00127ED4=00( ); Paged(r):00127ED4=00( ); Normal(r):00127ED4=00( ); RAM(r):00127ED5=00( ); Physical(r):00127ED5=00( ); Paged(r):00127ED5=00( ); Normal(r):00127ED5=00( ); RAM(r):0012BED4=C0(À); Physical(r):0012BED4=C0(À); Paged(r):0012BED4=C0(À); RAM(r):0012BED5=00( ); Physical(r):0012BED5=00( ); Paged(r):0012BED5=00( )
Reading from RAM: 0012C840=FF (ÿ)
Reading from physical memory: 0012C840=FF (ÿ)
Reading from paged memory: 0012C840=FF (ÿ)
Reading from RAM: 0012C841=FF (ÿ)
Show last 202 lines
Reading from physical memory: 0012C841=FF (ÿ)
Reading from paged memory: 0012C841=FF (ÿ)
Reading from RAM: 0012C842=80 (€)
Reading from physical memory: 0012C842=80 (€)
Reading from paged memory: 0012C842=80 (€)
Reading from RAM: 0012C843=2A (*)
Reading from physical memory: 0012C843=2A (*)
Reading from paged memory: 0012C843=2A (*)
Reading from RAM: 0012C844=00 ( )
Reading from physical memory: 0012C844=00 ( )
Reading from paged memory: 0012C844=00 ( )
Reading from RAM: 0012C845=92 (’)
Reading from physical memory: 0012C845=92 (’)
Reading from paged memory: 0012C845=92 (’)
Reading from RAM: 0012C846=00 ( )
Reading from physical memory: 0012C846=00 ( )
Reading from paged memory: 0012C846=00 ( )
Reading from RAM: 0012C847=00 ( )
Reading from physical memory: 0012C847=00 ( )
Reading from paged memory: 0012C847=00 ( )
0048:00000f09 0F A9 pop gs
Registers:
EAX: 00005000 EBX: 00080787 ECX: 000000ff EDX: 00000787
ESP: 00000fd4 EBP: 00000fd8 ESI: 00110100 EDI: 0011fffe
CS: 0048 DS: 0000 ES: 0000 FS: 0000 GS: 0000 SS: 0058 TR: 0028 LDTR: 0000
EIP: 00000f09 EFLAGS: 00003002
CR0: 8000fff1 CR1: 00000000 CR2: 00000000 CR3: 00118000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 00000012c7800177 IDTR: 00000012bf8007ff
FLAGSINFO: 00000000000000vr0n11oditsz0a0p1c
RAM(r):00127ED4=00( ); Physical(r):00127ED4=00( ); Paged(r):00127ED4=00( ); Normal(r):00127ED4=00( ); RAM(r):00127ED5=00( ); Physical(r):00127ED5=00( ); Paged(r):00127ED5=00( ); Normal(r):00127ED5=00( ); RAM(r):00118003=00( ); Physical(r):00118003=00( ); Paged(r):00118003=00( ); RAM(r):00118002=11(); Physical(r):00118002=11(); Paged(r):00118002=11(); RAM(r):00118001=C0(À); Physical(r):00118001=C0(À); Paged(r):00118001=C0(À); RAM(r):00118000=67(g); Physical(r):00118000=67(g); Paged(r):00118000=67(g); RAM(r):0011C00F=00( ); Physical(r):0011C00F=00( ); Paged(r):0011C00F=00( ); RAM(r):0011C00E=00( ); Physical(r):0011C00E=00( ); Paged(r):0011C00E=00( ); RAM(r):0011C00D=30(0); Physical(r):0011C00D=30(0); Paged(r):0011C00D=30(0); RAM(r):0011C00C=67(g); Physical(r):0011C00C=67(g); Paged(r):0011C00C=67(g); RAM(r):00118003=00( ); Physical(r):00118003=00( ); Paged(r):00118003=00( ); RAM(r):00118002=11(); Physical(r):00118002=11(); Paged(r):00118002=11(); RAM(r):00118001=C0(À); Physical(r):00118001=C0(À); Paged(r):00118001=C0(À); RAM(r):00118000=67(g); Physical(r):00118000=67(g); Paged(r):00118000=67(g); RAM(r):0011C00F=00( ); Physical(r):0011C00F=00( ); Paged(r):0011C00F=00( ); RAM(r):0011C00E=00( ); Physical(r):0011C00E=00( ); Paged(r):0011C00E=00( ); RAM(r):0011C00D=30(0); Physical(r):0011C00D=30(0); Paged(r):0011C00D=30(0); RAM(r):0011C00C=67(g); Physical(r):0011C00C=67(g); Paged(r):0011C00C=67(g); RAM(r):00003342=40(@); Physical(r):00003342=40(@); Paged(r):00003342=40(@); RAM(r):00003343=00( ); Physical(r):00003343=00( ); Paged(r):00003343=00( )
RAM(r):00122318=BA(º); Physical(r):00122318=BA(º); Paged(r):00122318=BA(º); RAM(r):00122319=36(6); Physical(r):00122319=36(6); Paged(r):00122319=36(6); RAM(r):0012231A=C2(Â); Physical(r):0012231A=C2(Â); Paged(r):0012231A=C2(Â); RAM(r):0012231B=08(); Physical(r):0012231B=08(); Paged(r):0012231B=08()
RAM(r):0012231C=07(); Physical(r):0012231C=07(); Paged(r):0012231C=07(); RAM(r):0012231D=0F(); Physical(r):0012231D=0F(); Paged(r):0012231D=0F(); RAM(r):0012231E=82(‚); Physical(r):0012231E=82(‚); Paged(r):0012231E=82(‚); RAM(r):0012231F=19(); Physical(r):0012231F=19(); Paged(r):0012231F=19()
0048:00000f0b 65 0F BA 36 C2 08 06 btr word gs:[08c2],06
Registers:
EAX: 00005000 EBX: 00080787 ECX: 000000ff EDX: 00000787
ESP: 00000fd6 EBP: 00000fd8 ESI: 00110100 EDI: 0011fffe
CS: 0048 DS: 0000 ES: 0000 FS: 0000 GS: 00c0 SS: 0058 TR: 0028 LDTR: 0000
EIP: 00000f0b EFLAGS: 00003002
CR0: 8000fff1 CR1: 00000000 CR2: 00000000 CR3: 00118000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 00000012c7800177 IDTR: 00000012bf8007ff
FLAGSINFO: 00000000000000vr0n11oditsz0a0p1c
0048:00000f12 0F 82 74 00 jnae 00000f8a RAM(r):00127ED4=00( ); Physical(r):00127ED4=00( ); Paged(r):00127ED4=00( ); Normal(r):00127ED4=00( ); RAM(r):00127ED5=00( ); Physical(r):00127ED5=00( ); Paged(r):00127ED5=00( ); Normal(r):00127ED5=00( ); RAM(r):0012238A=E8(è); Physical(r):0012238A=E8(è); Paged(r):0012238A=E8(è); RAM(r):0012238B=97(—); Physical(r):0012238B=97(—); Paged(r):0012238B=97(—); RAM(r):0012238C=51(Q); Physical(r):0012238C=51(Q); Paged(r):0012238C=51(Q); RAM(r):0012238D=83(ƒ); Physical(r):0012238D=83(ƒ); Paged(r):0012238D=83(ƒ)
Registers:
EAX: 00005000 EBX: 00080787 ECX: 000000ff EDX: 00000787
ESP: 00000fd6 EBP: 00000fd8 ESI: 00110100 EDI: 0011fffe
CS: 0048 DS: 0000 ES: 0000 FS: 0000 GS: 00c0 SS: 0058 TR: 0028 LDTR: 0000
EIP: 00000f12 EFLAGS: 00003003
CR0: 8000fff1 CR1: 00000000 CR2: 00000000 CR3: 00118000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 00000012c7800177 IDTR: 00000012bf8007ff
FLAGSINFO: 00000000000000vr0n11oditsz0a0p1C
RAM(r):0012238E=C4(Ä); Physical(r):0012238E=C4(Ä); Paged(r):0012238E=C4(Ä); RAM(r):0012238F=02(); Physical(r):0012238F=02(); Paged(r):0012238F=02(); RAM(r):00122390=66(f); Physical(r):00122390=66(f); Paged(r):00122390=66(f); RAM(r):00122391=5D(]); Physical(r):00122391=5D(]); Paged(r):00122391=5D(])
RAM(r):00122392=66(f); Physical(r):00122392=66(f); Paged(r):00122392=66(f); RAM(r):00122393=CF(Ï); Physical(r):00122393=CF(Ï); Paged(r):00122393=CF(Ï); RAM(r):00122394=66(f); Physical(r):00122394=66(f); Paged(r):00122394=66(f); RAM(r):00122395=55(U); Physical(r):00122395=55(U); Paged(r):00122395=55(U)
RAM(r):00122396=8B(‹); Physical(r):00122396=8B(‹); Paged(r):00122396=8B(‹); RAM(r):00122397=EC(ì); Physical(r):00122397=EC(ì); Paged(r):00122397=EC(ì); RAM(r):00122398=6A(j); Physical(r):00122398=6A(j); Paged(r):00122398=6A(j); RAM(r):00122399=25(%); Physical(r):00122399=25(%); Paged(r):00122399=25(%)
RAM(r):00127ED4=00( ); Physical(r):00127ED4=00( ); Paged(r):00127ED4=00( ); Normal(r):00127ED4=00( ); RAM(r):00127ED5=00( ); Physical(r):00127ED5=00( ); Paged(r):00127ED5=00( ); Normal(r):00127ED5=00( ); Paged(w):0012BED4=8D(); Paged(w):0012BED5=0F(); Physical(w):0012BED4=8D(); RAM(w):0012BED4=8D(); Physical(w):0012BED5=0F(); RAM(w):0012BED5=0F()
0048:00000f8a E8 97 51 call 00006124 RAM(r):00127524=6A(j); Physical(r):00127524=6A(j); Paged(r):00127524=6A(j); RAM(r):00127525=50(P); Physical(r):00127525=50(P); Paged(r):00127525=50(P); RAM(r):00127526=1F(); Physical(r):00127526=1F(); Paged(r):00127526=1F(); RAM(r):00127527=67(g); Physical(r):00127527=67(g); Paged(r):00127527=67(g)
Registers:
EAX: 00005000 EBX: 00080787 ECX: 000000ff EDX: 00000787
ESP: 00000fd6 EBP: 00000fd8 ESI: 00110100 EDI: 0011fffe
CS: 0048 DS: 0000 ES: 0000 FS: 0000 GS: 00c0 SS: 0058 TR: 0028 LDTR: 0000
EIP: 00000f8a EFLAGS: 00003003
CR0: 8000fff1 CR1: 00000000 CR2: 00000000 CR3: 00118000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 00000012c7800177 IDTR: 00000012bf8007ff
FLAGSINFO: 00000000000000vr0n11oditsz0a0p1C
RAM(r):00127528=2E(.); Physical(r):00127528=2E(.); Paged(r):00127528=2E(.); RAM(r):00127529=FF(ÿ); Physical(r):00127529=FF(ÿ); Paged(r):00127529=FF(ÿ); RAM(r):0012752A=14(); Physical(r):0012752A=14(); Paged(r):0012752A=14(); RAM(r):0012752B=4D(M); Physical(r):0012752B=4D(M); Paged(r):0012752B=4D(M)
RAM(r):0012752C=00( ); Physical(r):0012752C=00( ); Paged(r):0012752C=00( ); RAM(r):0012752D=61(a); Physical(r):0012752D=61(a); Paged(r):0012752D=61(a); RAM(r):0012752E=00( ); Physical(r):0012752E=00( ); Paged(r):0012752E=00( ); RAM(r):0012752F=00( ); Physical(r):0012752F=00( ); Paged(r):0012752F=00( )
RAM(r):00127530=C3(Ã); Physical(r):00127530=C3(Ã); Paged(r):00127530=C3(Ã); RAM(r):00127531=C3(Ã); Physical(r):00127531=C3(Ã); Paged(r):00127531=C3(Ã); RAM(r):00127532=80(€); Physical(r):00127532=80(€); Paged(r):00127532=80(€); RAM(r):00127533=3E(>); Physical(r):00127533=3E(>); Paged(r):00127533=3E(>)
RAM(r):00127ED4=00( ); Physical(r):00127ED4=00( ); Paged(r):00127ED4=00( ); Normal(r):00127ED4=00( ); RAM(r):00127ED5=00( ); Physical(r):00127ED5=00( ); Paged(r):00127ED5=00( ); Normal(r):00127ED5=00( )
Paged(w):0012BED2=50(P); Physical(w):0012BED2=50(P); RAM(w):0012BED2=50(P); Paged(w):0012BED3=00( ); Physical(w):0012BED3=00( ); RAM(w):0012BED3=00( )
0048:00006124 6A 50 push 50
Registers:
EAX: 00005000 EBX: 00080787 ECX: 000000ff EDX: 00000787
ESP: 00000fd4 EBP: 00000fd8 ESI: 00110100 EDI: 0011fffe
CS: 0048 DS: 0000 ES: 0000 FS: 0000 GS: 00c0 SS: 0058 TR: 0028 LDTR: 0000
EIP: 00006124 EFLAGS: 00003003
CR0: 8000fff1 CR1: 00000000 CR2: 00000000 CR3: 00118000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 00000012c7800177 IDTR: 00000012bf8007ff
FLAGSINFO: 00000000000000vr0n11oditsz0a0p1C
RAM(r):00127ED4=00( ); Physical(r):00127ED4=00( ); Paged(r):00127ED4=00( ); Normal(r):00127ED4=00( ); RAM(r):00127ED5=00( ); Physical(r):00127ED5=00( ); Paged(r):00127ED5=00( ); Normal(r):00127ED5=00( )
RAM(r):0012BED2=50(P); Physical(r):0012BED2=50(P); Paged(r):0012BED2=50(P); RAM(r):0012BED3=00( ); Physical(r):0012BED3=00( ); Paged(r):0012BED3=00( )
Reading from RAM: 0012C7D0=FF (ÿ)
Reading from physical memory: 0012C7D0=FF (ÿ)
Reading from paged memory: 0012C7D0=FF (ÿ)
Reading from RAM: 0012C7D1=FF (ÿ)
Reading from physical memory: 0012C7D1=FF (ÿ)
Reading from paged memory: 0012C7D1=FF (ÿ)
Reading from RAM: 0012C7D2=00 ( )
Reading from physical memory: 0012C7D2=00 ( )
Reading from paged memory: 0012C7D2=00 ( )
Reading from RAM: 0012C7D3=78 (x)
Reading from physical memory: 0012C7D3=78 (x)
Reading from paged memory: 0012C7D3=78 (x)
Reading from RAM: 0012C7D4=12 ()
Reading from physical memory: 0012C7D4=12 ()
Reading from paged memory: 0012C7D4=12 ()
Reading from RAM: 0012C7D5=92 (’)
Reading from physical memory: 0012C7D5=92 (’)
Reading from paged memory: 0012C7D5=92 (’)
Reading from RAM: 0012C7D6=00 ( )
Reading from physical memory: 0012C7D6=00 ( )
Reading from paged memory: 0012C7D6=00 ( )
Reading from RAM: 0012C7D7=00 ( )
Reading from physical memory: 0012C7D7=00 ( )
Reading from paged memory: 0012C7D7=00 ( )
0048:00006126 1F pop ds
Registers:
EAX: 00005000 EBX: 00080787 ECX: 000000ff EDX: 00000787
ESP: 00000fd2 EBP: 00000fd8 ESI: 00110100 EDI: 0011fffe
CS: 0048 DS: 0000 ES: 0000 FS: 0000 GS: 00c0 SS: 0058 TR: 0028 LDTR: 0000
EIP: 00006126 EFLAGS: 00003003
CR0: 8000fff1 CR1: 00000000 CR2: 00000000 CR3: 00118000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 00000012c7800177 IDTR: 00000012bf8007ff
FLAGSINFO: 00000000000000vr0n11oditsz0a0p1C
RAM(r):00127ED4=00( ); Physical(r):00127ED4=00( ); Paged(r):00127ED4=00( ); Normal(r):00127ED4=00( ); RAM(r):00127ED5=00( ); Physical(r):00127ED5=00( ); Paged(r):00127ED5=00( ); Normal(r):00127ED5=00( ); RAM(r):001276FE=67(g); Physical(r):001276FE=67(g); Paged(r):001276FE=67(g); RAM(r):001276FF=66(f); Physical(r):001276FF=66(f); Paged(r):001276FF=66(f)
RAM(r):00127534=63(c); Physical(r):00127534=63(c); Paged(r):00127534=63(c); RAM(r):00127535=2B(+); Physical(r):00127535=2B(+); Paged(r):00127535=2B(+); RAM(r):00127536=01(); Physical(r):00127536=01(); Paged(r):00127536=01(); RAM(r):00127537=75(u); Physical(r):00127537=75(u); Paged(r):00127537=75(u)
RAM(r):00127538=0F(); Physical(r):00127538=0F(); Paged(r):00127538=0F(); RAM(r):00127539=3B(;); Physical(r):00127539=3B(;); Paged(r):00127539=3B(;); RAM(r):0012753A=16(); Physical(r):0012753A=16(); Paged(r):0012753A=16(); RAM(r):0012753B=64(d); Physical(r):0012753B=64(d); Paged(r):0012753B=64(d)
RAM(r):0012753C=2B(+); Physical(r):0012753C=2B(+); Paged(r):0012753C=2B(+); RAM(r):0012753D=72(r); Physical(r):0012753D=72(r); Paged(r):0012753D=72(r); RAM(r):0012753E=0F(); Physical(r):0012753E=0F(); Paged(r):0012753E=0F(); RAM(r):0012753F=C6(Æ); Physical(r):0012753F=C6(Æ); Paged(r):0012753F=C6(Æ)
Paged(w):0012BED2=30(0); Physical(w):0012BED2=30(0); RAM(w):0012BED2=30(0); Paged(w):0012BED3=61(a); Physical(w):0012BED3=61(a); RAM(w):0012BED3=61(a)
0048:00006127 67 2E FF 14 4D 00 61 00 00 call word cs:[00006100+ecx*2] RAM(r):00127A67=F0(ð); Physical(r):00127A67=F0(ð); Paged(r):00127A67=F0(ð); RAM(r):00127A68=F4(ô); Physical(r):00127A68=F4(ô); Paged(r):00127A68=F4(ô); RAM(r):00127A69=06(); Physical(r):00127A69=06(); Paged(r):00127A69=06(); RAM(r):00127A6A=70(p); Physical(r):00127A6A=70(p); Paged(r):00127A6A=70(p)
Registers:
EAX: 00005000 EBX: 00080787 ECX: 000000ff EDX: 00000787
ESP: 00000fd4 EBP: 00000fd8 ESI: 00110100 EDI: 0011fffe
CS: 0048 DS: 0050 ES: 0000 FS: 0000 GS: 00c0 SS: 0058 TR: 0028 LDTR: 0000
EIP: 00006127 EFLAGS: 00003003
CR0: 8000fff1 CR1: 00000000 CR2: 00000000 CR3: 00118000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 00000012c7800177 IDTR: 00000012bf8007ff
FLAGSINFO: 00000000000000vr0n11oditsz0a0p1C
RAM(r):00127A6B=00( ); Physical(r):00127A6B=00( ); Paged(r):00127A6B=00( ); RAM(r):00127A6C=F4(ô); Physical(r):00127A6C=F4(ô); Paged(r):00127A6C=F4(ô); RAM(r):00127A6D=06(); Physical(r):00127A6D=06(); Paged(r):00127A6D=06(); RAM(r):00127A6E=70(p); Physical(r):00127A6E=70(p); Paged(r):00127A6E=70(p)
RAM(r):00127A6F=00( ); Physical(r):00127A6F=00( ); Paged(r):00127A6F=00( ); RAM(r):00127A70=54(T); Physical(r):00127A70=54(T); Paged(r):00127A70=54(T); RAM(r):00127A71=FF(ÿ); Physical(r):00127A71=FF(ÿ); Paged(r):00127A71=FF(ÿ); RAM(r):00127A72=00( ); Physical(r):00127A72=00( ); Paged(r):00127A72=00( )
RAM(r):00127A73=F0(ð); Physical(r):00127A73=F0(ð); Paged(r):00127A73=F0(ð); RAM(r):00127A74=A0( ); Physical(r):00127A74=A0( ); Paged(r):00127A74=A0( ); RAM(r):00127A75=95(•); Physical(r):00127A75=95(•); Paged(r):00127A75=95(•); RAM(r):00127A76=00( ); Physical(r):00127A76=00( ); Paged(r):00127A76=00( )
Reading from RAM: 0012BFB0=66 (f)
Reading from physical memory: 0012BFB0=66 (f)
Reading from paged memory: 0012BFB0=66 (f)
Reading from RAM: 0012BFB1=01 ()
Reading from physical memory: 0012BFB1=01 ()
Reading from paged memory: 0012BFB1=01 ()
Reading from RAM: 0012BFB2=48 (H)
Reading from physical memory: 0012BFB2=48 (H)
Reading from paged memory: 0012BFB2=48 (H)
Reading from RAM: 0012BFB3=00 ( )
Reading from physical memory: 0012BFB3=00 ( )
Reading from paged memory: 0012BFB3=00 ( )
Reading from RAM: 0012BFB4=00 ( )
Reading from physical memory: 0012BFB4=00 ( )
Reading from paged memory: 0012BFB4=00 ( )
Reading from RAM: 0012BFB5=8E (Ž)
Reading from physical memory: 0012BFB5=8E (Ž)
Reading from paged memory: 0012BFB5=8E (Ž)
Reading from RAM: 0012BFB6=00 ( )
Reading from physical memory: 0012BFB6=00 ( )
Reading from paged memory: 0012BFB6=00 ( )
Reading from RAM: 0012BFB7=00 ( )
Reading from physical memory: 0012BFB7=00 ( )
Reading from paged memory: 0012BFB7=00 ( )
Reading from RAM: 0012C7C8=FF (ÿ)
Reading from physical memory: 0012C7C8=FF (ÿ)
Reading from paged memory: 0012C7C8=FF (ÿ)
Reading from RAM: 0012C7C9=FF (ÿ)
Reading from physical memory: 0012C7C9=FF (ÿ)
Reading from paged memory: 0012C7C9=FF (ÿ)
Reading from RAM: 0012C7CA=00 ( )
Reading from physical memory: 0012C7CA=00 ( )
Reading from paged memory: 0012C7CA=00 ( )
Reading from RAM: 0012C7CB=14 ()
Reading from physical memory: 0012C7CB=14 ()
Reading from paged memory: 0012C7CB=14 ()
Reading from RAM: 0012C7CC=12 ()
Reading from physical memory: 0012C7CC=12 ()
Reading from paged memory: 0012C7CC=12 ()
Reading from RAM: 0012C7CD=9A (š)
Reading from physical memory: 0012C7CD=9A (š)
Reading from paged memory: 0012C7CD=9A (š)
Reading from RAM: 0012C7CE=00 ( )
Reading from physical memory: 0012C7CE=00 ( )
Reading from paged memory: 0012C7CE=00 ( )
Reading from RAM: 0012C7CF=00 ( )
Reading from physical memory: 0012C7CF=00 ( )
Reading from paged memory: 0012C7CF=00 ( )
0048:00006667 F0 F4 <necv20/v30+ #ud(possible cause:)> RAM(r):00127ED4=00( ); Physical(r):00127ED4=00( ); Paged(r):00127ED4=00( ); Normal(r):00127ED4=00( ); RAM(r):00127ED5=00( ); Physical(r):00127ED5=00( ); Paged(r):00127ED5=00( ); Normal(r):00127ED5=00( ); Normal(w):0012BECE=03(); Paged(w):0012BECE=03(); Normal(w):0012BECF=30(0); Paged(w):0012BECF=30(0); Normal(w):0012BED0=00( ); Paged(w):0012BED0=00( ); Normal(w):0012BED1=00( ); Paged(w):0012BED1=00( ); Normal(w):0012BECA=48(H); Paged(w):0012BECA=48(H); Normal(w):0012BECB=00( ); Paged(w):0012BECB=00( ); Normal(w):0012BECC=00( ); Paged(w):0012BECC=00( ); Normal(w):0012BECD=00( ); Paged(w):0012BECD=00( ); Normal(w):0012BEC6=67(g); Paged(w):0012BEC6=67(g); Normal(w):0012BEC7=66(f); Paged(w):0012BEC7=66(f); Normal(w):0012BEC8=00( ); Paged(w):0012BEC8=00( ); Normal(w):0012BEC9=00( ); Paged(w):0012BEC9=00( ); Physical(w):0012BECE=03(); RAM(w):0012BECE=03(); Physical(w):0012BECF=30(0); RAM(w):0012BECF=30(0); Physical(w):0012BED0=00( ); RAM(w):0012BED0=00( ); Physical(w):0012BED1=00( ); RAM(w):0012BED1=00( ); Physical(w):0012BECA=48(H); RAM(w):0012BECA=48(H); Physical(w):0012BECB=00( ); RAM(w):0012BECB=00( ); Physical(w):0012BECC=00( ); RAM(w):0012BECC=00( ); Physical(w):0012BECD=00( ); RAM(w):0012BECD=00( ); Physical(w):0012BEC6=67(g); RAM(w):0012BEC6=67(g); Physical(w):0012BEC7=66(f); RAM(w):0012BEC7=66(f); Physical(w):0012BEC8=00( ); RAM(w):0012BEC8=00( ); Physical(w):0012BEC9=00( ); RAM(w):0012BEC9=00( )
Registers:
EAX: 00005000 EBX: 00080787 ECX: 000000ff EDX: 00000787
ESP: 00000fd2 EBP: 00000fd8 ESI: 00110100 EDI: 0011fffe
CS: 0048 DS: 0050 ES: 0000 FS: 0000 GS: 00c0 SS: 0058 TR: 0028 LDTR: 0000
EIP: 00006667 EFLAGS: 00003003
CR0: 8000fff1 CR1: 00000000 CR2: 00000000 CR3: 00118000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 00000012c7800177 IDTR: 00000012bf8007ff
FLAGSINFO: 00000000000000vr0n11oditsz0a0p1C

Anyone can see what's going wrong? Why is it ending up at that odd location?

Edit: According to Ralf Brown's interrupt list, it's "DOS 2+ internal - SET CURRENT PROCESS ID (SET PSP ADDRESS)"? http://www.ctyme.com/intr/rb-2980.htm

Edit: Strangely using ECX(which isn't part of the call) to make some invalid call? Maybe a modr/m decoding bug?

Edit: Hmmmm... That BTR instruction doesn't have any writeback? Odd...
Edit: Whoops. The memory operands of any bit test(and clear/set/complement) skip writeback and timing because of memory operands aborting without clearing the executed flag(to continue the instruction processing).
Edit: Having fixed said bugs(all bit string instructions: the bit scan instructions and bit test instructions), EMM386 continues loading MS-DOS(no text is displayed).

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 114 of 163, by superfury

User metadata
Rank l33t++
Rank
l33t++

Just finished testing with the EMS testsuite. It checks out 100%, so the EMM386.EXE from MS-DOS 6.22 must be working! Since FreeDOS's JEMM386.EXE was already working, that pretty much confirms the basic V86 mode and virtual EMS is working properly! 😁

Edit: Just fired up No$GMB running Pokémon Yellow to verify EMS being used. The game (game running in an emulator(no$gmb) running inside UniPCemu's Virtual 8086 mode running within Protected mode on an emulated CPU... How many emulation layers did you say it uses? 🤣) runs without any known problems:D No$GMB indicates it running at ~10%, while UniPCemu itself indicates emulation running at ~10%. So that's pretty good for such a nested emulation, isn't it? (And with cycle-accuracy where possible, no less!)

Edit: Wolfenstein 3D seems to run with 1MB EMS and 100KB extended memory? Runs without visible problems.
Checkit Diagnostics fails the final block of EMS somehow(using MS-DOS 6.22 EMM386.EXE driver without parameters)? Maybe because of that final 100KB extended memory somehow reported by Wolfenstein 3D? Currently reporting EMS Ver Bullets and then failing the high address lines test?

486-EMM386 memory test failing.jpg
Filename
486-EMM386 memory test failing.jpg
File size
111.54 KiB
Views
1808 views
File comment
Memory test and address line test reporting to fail?
File license
Fair use/fair dealing exception
487-EMM386 memory test results failing.jpg
Filename
487-EMM386 memory test results failing.jpg
File size
116.62 KiB
Views
1808 views
File comment
Results page of failing memory tests.
File license
Fair use/fair dealing exception

Anyone knows of this problem? Or is this a CPU problem?

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 115 of 163, by superfury

User metadata
Rank l33t++
Rank
l33t++

Just tried Windows 3.0 setup from the current EMM386.SYS(from Windows 3.0 installation directory). Once it starts the kernel(after finishing to copy the files to the Windows directory), it seems to try to execute a BOUND instruction, which fails because index 0x0000 isn't between 0x4C10 and 0x5404? Anyone knows what the cause of this CPU bug might be?

The segment that it loads the bound offsets from is oddly enough 0xC0, which is also one of the segment selectors used in the Virtual 8086 monitor?

Edit: Odd. Windows 3.0 setup starting up the kernel.exe seems to hang when EMM386.SYS is running(Virtual 8086 mode), but continues on when it isn't loaded(Real mode)?

Edit: It goes fine until the first protected-mode IRET to address 0059:09FE? That one will fault because the MAX(CPL(0),RPL(0059)) vs segment descriptor DPL(1) or the very first interrupt after that?
Edit: Having fixed said problem, now Windows 3.0 is properly in protected mode, but keep tries loading segment 0x5800, which fails due to being non-present(all fields but limit field are 0x00, but limit is 0x5808)?

But at least no triple faults occur! 😁
This 0x5800 descriptor being loaded with CPL=1 of course faults with a #GP fault, but it just executes the whole thing again until infinity?
Edit: This descriptor keeps triggering the #NP handler, which itself eventually loads it, causing itself to fault(ringing the fault)?

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 116 of 163, by superfury

User metadata
Rank l33t++
Rank
l33t++

Anyone from e.g. the Dosbox crew can shed any light on this(since it concerns Windows 3.0)?

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 117 of 163, by superfury

User metadata
Rank l33t++
Rank
l33t++

After a bit of twiddling with the way faults are handled(in particular IRET and RETF, as well as fixing bugs in the far CALL through CALL gate mechanism), I don't see it going until infinity anymore!

I do still see the 0xB exception, but only once. Eventually it's a #GP exception because a limit has been faulted?
Edit: It seems eventually an INT1 occurs somehow?

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 118 of 163, by superfury

User metadata
Rank l33t++
Rank
l33t++

After fixing the protected-mode debugger(only triggering TSS T-bit fault when seeing it being set when a task switch is completed), I now see it faulting in interrupt 08h? Maybe the timer interrupt(IRQ8-15) isn't reprogrammed correctly?

Edit: It seems to be triple faulting on a INT 21h call eventually(probably from HIMEM.SYS or the MS-DOS kernel)? Oddly enough, the IDTR is reset to a base of 0 and limit of 0xFFFF?
Edit: Strange, I see a LGDT from CPL=0, after windows starts and enters protected mode, which loads base 0 and limit 0xFFFF? Then INT 21h is called, which triple faults?

Edit: Hmmmm... I see a MOV to CR0 without CR0 changing?

RAM(r):0000A12A=FF(ÿ); Physical(r):0000A12A=FF(ÿ); Paged(r):0000A12A=FF(ÿ); RAM(r):0000A12B=FF(ÿ); Physical(r):0000A12B=FF(ÿ); Paged(r):0000A12B=FF(ÿ); RAM(r):0000D59C=C0(À); Physical(r):0000D59C=C0(À); Paged(r):0000D59C=C0(À); RAM(r):0000D59D=EA(ê); Physical(r):0000D59D=EA(ê); Paged(r):0000D59D=EA(ê); RAM(r):0000D59E=D2(Ò); Physical(r):0000D59E=D2(Ò); Paged(r):0000D59E=D2(Ò); RAM(r):0000D59F=0A( ); Physical(r):0000D59F=0A( ); Paged(r):0000D59F=0A( )
RAM(r):0000A12C=00( ); Physical(r):0000A12C=00( ); Paged(r):0000A12C=00( ); RAM(r):0000A12D=00( ); Physical(r):0000A12D=00( ); Paged(r):0000A12D=00( )
RAM(r):0000A12E=00( ); Physical(r):0000A12E=00( ); Paged(r):0000A12E=00( ); RAM(r):0000A12F=00( ); Physical(r):0000A12F=00( ); Paged(r):0000A12F=00( )
0110:00000abc 0F 01 1E 1A 00 lidt word ds:[001a]
Registers:
EAX: 000022dc EBX: 000003c9 ECX: 00000007 EDX: 00000a11
ESP: 00002932 EBP: 0000091c ESI: 00001978 EDI: 00000eff
CS: 0110 DS: 0049 ES: 0049 FS: 0000 GS: 0308 SS: 0108 TR: 0068 LDTR: 0078
EIP: 00000abc EFLAGS: 00003046
CR0: 0000fff1 CR1: 00000000 CR2: 00000000 CR3: 00000000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 000000110000ffef IDTR: 00000012000007ff
FLAGSINFO: 00000000000000vr0n11oditsZ0a0P1c
0110:00000ac1 0F 20 C0 mov eax,cr0 RAM(r):0000D5A0=AD(­); Physical(r):0000D5A0=AD(­); Paged(r):0000D5A0=AD(­); RAM(r):0000D5A1=0C(); Physical(r):0000D5A1=0C(); Paged(r):0000D5A1=0C(); RAM(r):0000D5A2=8E(Ž); Physical(r):0000D5A2=8E(Ž); Paged(r):0000D5A2=8E(Ž); RAM(r):0000D5A3=D2(Ò); Physical(r):0000D5A3=D2(Ò); Paged(r):0000D5A3=D2(Ò)
Registers:
EAX: 000022dc EBX: 000003c9 ECX: 00000007 EDX: 00000a11
ESP: 00002932 EBP: 0000091c ESI: 00001978 EDI: 00000eff
CS: 0110 DS: 0049 ES: 0049 FS: 0000 GS: 0308 SS: 0108 TR: 0068 LDTR: 0078
EIP: 00000ac1 EFLAGS: 00003046
CR0: 0000fff1 CR1: 00000000 CR2: 00000000 CR3: 00000000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 000000110000ffef IDTR: 000000000000ffff
FLAGSINFO: 00000000000000vr0n11oditsZ0a0P1c
0110:00000ac4 66 25 FE FF FF 7F and eax,7ffffffe RAM(r):0000D5A4=8E(Ž); Physical(r):0000D5A4=8E(Ž); Paged(r):0000D5A4=8E(Ž); RAM(r):0000D5A5=DA(Ú); Physical(r):0000D5A5=DA(Ú); Paged(r):0000D5A5=DA(Ú); RAM(r):0000D5A6=8E(Ž); Physical(r):0000D5A6=8E(Ž); Paged(r):0000D5A6=8E(Ž); RAM(r):0000D5A7=C2(Â); Physical(r):0000D5A7=C2(Â); Paged(r):0000D5A7=C2(Â)
Registers:
EAX: 0000fff1 EBX: 000003c9 ECX: 00000007 EDX: 00000a11
ESP: 00002932 EBP: 0000091c ESI: 00001978 EDI: 00000eff
CS: 0110 DS: 0049 ES: 0049 FS: 0000 GS: 0308 SS: 0108 TR: 0068 LDTR: 0078
EIP: 00000ac4 EFLAGS: 00003046
CR0: 0000fff1 CR1: 00000000 CR2: 00000000 CR3: 00000000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 000000110000ffef IDTR: 000000000000ffff
FLAGSINFO: 00000000000000vr0n11oditsZ0a0P1c
0110:00000aca 0F 22 C0 mov cr0,eax RAM(r):0000D5A8=66(f); Physical(r):0000D5A8=66(f); Paged(r):0000D5A8=66(f); RAM(r):0000D5A9=58(X); Physical(r):0000D5A9=58(X); Paged(r):0000D5A9=58(X); RAM(r):0000D5AA=5A(Z); Physical(r):0000D5AA=5A(Z); Paged(r):0000D5AA=5A(Z); RAM(r):0000D5AB=C3(Ã); Physical(r):0000D5AB=C3(Ã); Paged(r):0000D5AB=C3(Ã)
Registers:
EAX: 0000fff0 EBX: 000003c9 ECX: 00000007 EDX: 00000a11
ESP: 00002932 EBP: 0000091c ESI: 00001978 EDI: 00000eff
CS: 0110 DS: 0049 ES: 0049 FS: 0000 GS: 0308 SS: 0108 TR: 0068 LDTR: 0078
EIP: 00000aca EFLAGS: 00003006
CR0: 0000fff1 CR1: 00000000 CR2: 00000000 CR3: 00000000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 000000110000ffef IDTR: 000000000000ffff
FLAGSINFO: 00000000000000vr0n11oditsz0a0P1c
RAM(r):0000A13A=01(); Physical(r):0000A13A=01(); Paged(r):0000A13A=01(); RAM(r):0000A13B=0A( ); Physical(r):0000A13B=0A( ); Paged(r):0000A13B=0A( ); RAM(r):0000CC33=21(!); Physical(r):0000CC33=21(!); Paged(r):0000CC33=21(!); RAM(r):0000CC34=BA(º); Physical(r):0000CC34=BA(º); Paged(r):0000CC34=BA(º); RAM(r):0000CC35=05(); Physical(r):0000CC35=05(); Paged(r):0000CC35=05(); RAM(r):0000CC36=11(); Physical(r):0000CC36=11(); Paged(r):0000CC36=11()
0cad:00000155 8B 1E 2A 00 mov bx,word ds:[002a]
Registers:
EAX: 0000fff3 EBX: 00000000 ECX: 00000000 EDX: 00000001
ESP: 00002920 EBP: 0000091b ESI: 00000000 EDI: 00000301
CS: 0cad DS: 0a11 ES: 0a11 FS: 0000 GS: 0308 SS: 1fff TR: 0068 LDTR: 0078
EIP: 00000155 EFLAGS: 00003086
CR0: 0000fff3 CR1: 00000000 CR2: 00000000 CR3: 00000000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 000000110000ffef IDTR: 000000000000ffff
FLAGSINFO: 00000000000000vr0n11oditSz0a0P1c

Even more stange: both change from FFF0 and FFF1 to FFF3?

Edit: It just looks like this because it's only logging protected mode. I'll need to adjust my settings to log everything until the triple fault...

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 119 of 163, by superfury

User metadata
Rank l33t++
Rank
l33t++

This is what currently happens when I try to start Windows 3.0 in Standard mode(eventually triple faulting on the INT 21h in protected mode with an invalid IDT):

Filename
debugger_UniPCemu_20180424_1840_Windows3.0_booting.7z
File size
1.74 MiB
Downloads
67 downloads
File comment
Windows 3.0 booting process in UniPCemu crashing on INT 21h from protected mode?
File license
Fair use/fair dealing exception

Anyone can see what's going wrong?

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io