VOGONS


First post, by superfury

User metadata
Rank l33t++
Rank
l33t++

Within UniPCemu, I notice that Windows 3.0 in 386-mode triple faults at/during it's very first Page fault handling VxD driver call. I see it tries to call the VxD driver using the interrupt 0x20 VxD page driver call, but before it manages to return, it crashes.

Anyone has a bit of knowledge on Windows 3.0's page fault handling and accompanying VxD driver calls can help me out on this?

Last edited by superfury on 2018-08-20, 06:48. Edited 3 times in total.

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 1 of 46, by superfury

User metadata
Rank l33t++
Rank
l33t++

Hmmmm.... Having fixed a bug that made limit checks against a sign extended version of the windows kernel address(8000XXXX becoming offset FFFFFFFF8000XXXX instead of it's proper checking address), it once again reaches said interrupt 0x20 VxD driver call, after which it simply somehow returns to the MS-DOS 5.0 prompt instead of continuing to boot Windows? Maybe some problem in the VxD driver or it's handler? It's ending up a 0028:80005FC2, according to the debugger(flat code segment)?

It seems that handler tries to access offset 06F4011E, which isn't mapped in the virtual memory? It seems to happen at 0028:802000BD, during a 32-bit operand size MOVZX instruction with an offset pointing there?

Edit: Looking at disassembler output, it's a "movzx eax,WORD PTR [esi]", with ESI seemingly being an invalid address according to the paging unit?

This is what happens, in a simple instruction log:

Filename
debugger_20180809_2041.zip
File size
263.88 KiB
Downloads
62 downloads
File comment
What happens. Common log format, no registers/memory transactions.
File license
Fair use/fair dealing exception

Edit: Created a new, full log with registers/memory transactions.

Filename
debugger_20180809_2041_fulllog.zip
File size
136.24 KiB
Downloads
76 downloads
File comment
Improved, full log with registers/memory transactions.
File license
Fair use/fair dealing exception

Anyone? What happens in your emulator Vladstamate? Or maybe even better(known to probably be having a booting Windows 3.1 installation) Hottobar?

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 2 of 46, by hottobar

User metadata
Rank Newbie
Rank
Newbie

0028:802000b0 8B 75 E4 mov esi,dword ss:[ebp-1c]

See what is the value in memory of ss:[ebp-1c] (30:80013294), maybe you're loading the wrong data.
Check if SS is correctly set, maybe it should not be 0x30?
Verify that the value of EBP: 800132b0 is correct.
The possibilities are countless...

Reply 3 of 46, by superfury

User metadata
Rank l33t++
Rank
l33t++

That seems to have been loaded at line 7115:

0028:8020001d 89 45 E4 mov dword ss:[ebp-1c],eax

That value originates from the instruction before it:

	Paged(w):0018A284=00( ); Physical(w):0018A284=00( ); RAM(w):0018A284=00( ); Paged(w):0018A285=00( ); Physical(w):0018A285=00( ); RAM(w):0018A285=00( ); Paged(w):0018A286=00( ); Physical(w):0018A286=00( ); RAM(w):0018A286=00( ); Paged(w):0018A287=00( ); Physical(w):0018A287=00( ); RAM(w):0018A287=00( )
RAM(p):0018F015=F3(ó); Physical(p):0018F015=F3(ó); Paged(p):0018F015=F3(ó); RAM(p):0018F016=AB(«); Physical(p):0018F016=AB(«); Paged(p):0018F016=AB(«); RAM(p):0018F017=8B(‹); Physical(p):0018F017=8B(‹); Paged(p):0018F017=8B(‹); RAM(p):0018F018=75(u); Physical(p):0018F018=75(u); Paged(p):0018F018=75(u); RAM(p):0018F019=08(); Physical(p):0018F019=08(); Paged(p):0018F019=08(); RAM(p):0018F01A=8B(‹); Physical(p):0018F01A=8B(‹); Paged(p):0018F01A=8B(‹); RAM(p):0018F01B=46(F); Physical(p):0018F01B=46(F); Paged(p):0018F01B=46(F); RAM(p):0018F01C=02(); Physical(p):0018F01C=02(); Paged(p):0018F01C=02(); RAM(p):0018F01D=89(‰); Physical(p):0018F01D=89(‰); Paged(p):0018F01D=89(‰); RAM(p):0018F01E=45(E); Physical(p):0018F01E=45(E); Paged(p):0018F01E=45(E); RAM(p):0018F01F=E4(ä); Physical(p):0018F01F=E4(ä); Paged(p):0018F01F=E4(ä); RAM(p):0018F020=8B(‹); Physical(p):0018F020=8B(‹); Paged(p):0018F020=8B(‹); RAM(p):0018F021=46(F); Physical(p):0018F021=46(F); Paged(p):0018F021=46(F); RAM(p):0018F022=06(); Physical(p):0018F022=06(); Paged(p):0018F022=06(); RAM(p):0018F023=89(‰); Physical(p):0018F023=89(‰); Paged(p):0018F023=89(‰); RAM(p):0018F024=45(E); Physical(p):0018F024=45(E); Paged(p):0018F024=45(E)
RAM(r):0018A2B8=00( ); Physical(r):0018A2B8=00( ); Paged(r):0018A2B8=00( ); RAM(r):0018A2B9=00( ); Physical(r):0018A2B9=00( ); Paged(r):0018A2B9=00( ); RAM(r):0018A2BA=00( ); Physical(r):0018A2BA=00( ); Paged(r):0018A2BA=00( ); RAM(r):0018A2BB=00( ); Physical(r):0018A2BB=00( ); Paged(r):0018A2BB=00( ); RAM(p):0018F025=E0(à); Physical(p):0018F025=E0(à); Paged(p):0018F025=E0(à); RAM(p):0018F026=0F(); Physical(p):0018F026=0F(); Paged(p):0018F026=0F(); RAM(p):0018F027=B7(·); Physical(p):0018F027=B7(·); Paged(p):0018F027=B7(·); RAM(p):0018F028=06(); Physical(p):0018F028=06(); Paged(p):0018F028=06(); RAM(p):0018F029=A3(£); Physical(p):0018F029=A3(£); Paged(p):0018F029=A3(£)
0028:80200017 8B 75 08 mov esi,dword ss:[ebp+08]
Registers:
EAX: 00000000 EBX: 00002069 ECX: 00000000 EDX: 00008010
ESP: 800131f8 EBP: 800132b0 ESI: 00016f5a EDI: 80013288
CS: 0028 DS: 0030 ES: 0030 FS: 0030 GS: 0030 SS: 0030 TR: 0018 LDTR: 0000
EIP: 80200017 EFLAGS: 00003056
CR0: 8000fff1 CR1: 00000000 CR2: 00000000 CR3: 001bb000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 00008010011c010f IDTR: 00008001008c02ff
FLAGSINFO: 00000000000000vr0n11oditsZ0A0P1c
RAM(r):001BB003=00( ); Physical(r):001BB003=00( ); Paged(r):001BB003=00( ); RAM(r):001BB002=1B(); Physical(r):001BB002=1B(); Paged(r):001BB002=1B(); RAM(r):001BB001=C2(Â); Physical(r):001BB001=C2(Â); Paged(r):001BB001=C2(Â); RAM(r):001BB000=27('); Physical(r):001BB000=27('); Paged(r):001BB000=27('); RAM(r):001BC003=00( ); Physical(r):001BC003=00( ); Paged(r):001BC003=00( ); RAM(r):001BC002=00( ); Physical(r):001BC002=00( ); Paged(r):001BC002=00( ); RAM(r):001BC001=00( ); Physical(r):001BC001=00( ); Paged(r):001BC001=00( ); RAM(r):001BC000=07(); Physical(r):001BC000=07(); Paged(r):001BC000=07(); Paged(w):001BC000=27('); Paged(w):001BC001=00( ); Paged(w):001BC002=00( ); Paged(w):001BC003=00( ); RAM(r):00000002=1E(); Physical(r):00000002=1E(); Paged(r):00000002=1E(); RAM(r):00000003=01(); Physical(r):00000003=01(); Paged(r):00000003=01(); RAM(r):00000004=F4(ô); Physical(r):00000004=F4(ô); Paged(r):00000004=F4(ô); RAM(r):00000005=06(); Physical(r):00000005=06(); Paged(r):00000005=06(); Physical(w):001BC000=27('); RAM(w):001BC000=27('); Physical(w):001BC001=00( ); RAM(w):001BC001=00( ); Physical(w):001BC002=00( ); RAM(w):001BC002=00( ); Physical(w):001BC003=00( ); RAM(w):001BC003=00( )
0028:8020001a 8B 46 02 mov eax,dword ds:[esi+02]
Registers:
EAX: 00000000 EBX: 00002069 ECX: 00000000 EDX: 00008010
ESP: 800131f8 EBP: 800132b0 ESI: 00000000 EDI: 80013288
CS: 0028 DS: 0030 ES: 0030 FS: 0030 GS: 0030 SS: 0030 TR: 0018 LDTR: 0000
EIP: 8020001a EFLAGS: 00003056
CR0: 8000fff1 CR1: 00000000 CR2: 00000000 CR3: 001bb000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 00008010011c010f IDTR: 00008001008c02ff
FLAGSINFO: 00000000000000vr0n11oditsZ0A0P1c
RAM(p):0018F02A=80(€); Physical(p):0018F02A=80(€); Paged(p):0018F02A=80(€); RAM(p):0018F02B=B9(¹); Physical(p):0018F02B=B9(¹); Paged(p):0018F02B=B9(¹); RAM(p):0018F02C=00( ); Physical(p):0018F02C=00( ); Paged(p):0018F02C=00( ); RAM(p):0018F02D=80(€); Physical(p):0018F02D=80(€); Paged(p):0018F02D=80(€); RAM(p):0018F02E=8B(‹); Physical(p):0018F02E=8B(‹); Paged(p):0018F02E=8B(‹); RAM(p):0018F02F=46(F); Physical(p):0018F02F=46(F); Paged(p):0018F02F=46(F)
Paged(w):0018A294=1E(); Physical(w):0018A294=1E(); RAM(w):0018A294=1E(); Paged(w):0018A295=01(); Physical(w):0018A295=01(); RAM(w):0018A295=01(); Paged(w):0018A296=F4(ô); Physical(w):0018A296=F4(ô); RAM(w):0018A296=F4(ô); Paged(w):0018A297=06(); Physical(w):0018A297=06(); RAM(w):0018A297=06()
0028:8020001d 89 45 E4 mov dword ss:[ebp-1c],eax
Registers:
EAX: 06f4011e EBX: 00002069 ECX: 00000000 EDX: 00008010
ESP: 800131f8 EBP: 800132b0 ESI: 00000000 EDI: 80013288
CS: 0028 DS: 0030 ES: 0030 FS: 0030 GS: 0030 SS: 0030 TR: 0018 LDTR: 0000
EIP: 8020001d EFLAGS: 00003056
CR0: 8000fff1 CR1: 00000000 CR2: 00000000 CR3: 001bb000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 00008010011c010f IDTR: 00008001008c02ff

So it's written at 018A1294 on the stack. It's value is read immediately before it from address 00000002 in physical RAM. That's because it points there using ESI+02, with ESI being cleared. It looks like it's reading an IVT entry there, probably one set up during boot(The MS-DOS segment 011E of the DIV0 handler as well as the offset of the NMI handler, in one dword read operation). So ESI is cleared, while it obviously shouldn't be for some reason? It doesn't make sense to read two IVT half-entries in one DWORD read operation. So it's obvious ESI should definitely NOT be zeroed there(evidenced by it returning to a fully working MS-DOS prompt after the second Page fault). Now the question: where did ESI come from?

The instruction before that solves that:

0028:80200017 8B 75 08 mov esi,dword ss:[ebp+08]

So EBP+08 is the source of the 0 value loaded into ESI.

Looking for the stack frame being set up, I've found line 7239. There's 11 PUSH EAX(EAX being cleared) above that. That's quite odd? Above that, there's a PUSH push 00023000. Above that another 15 PUSH EAX(50h) instructions. Another odd part(corrupted memory?). Right above that is some setup of a GDT entry(entry 0018) for a LDT and loading said descriptor into the LDTR. Only directly after that, things go a bit weird(or at least it looks like weird code)? Or is it some odd setup for a stack frame? Maybe something being unfilled there(some stack-based variables not being set as supposed to(looking at simple stack frame for a c/c++ program)?

I see it then calling some subroutine that might be somehow translating an address into a physical one(I see a physical address endung up in ESI, if I remember the logs I've just read correctly). Hmmmm....

I see it's setting up a task at the same selector, then loading it for usage through ltr. Then another task is loaded. It's TSS is at virtual address 80010390.
Then it loads a NULL LDT. Then there's the earlier mentioned 15 0h pushes(using EAX), then 00023000(seems to be EFLAGS?), then another 11 EAX(=0) pushes. So 27 doubleword pushes on the stack and loading EBP with the stack base, with EBP+2C corresponding to EFLAGS in the TSS on the stack?

80013390 is the original EBP value of when setting up the TSS frame. the EFLAGS being located at 800133bc. So that's two DWORDs, then followed by the TSS at SS:[BP+02]. Eventually, the subroutine returns to the caller. The caller seems to load the TSS descriptor location into ESI.

The ebp seems to start at logical location 80013390. When adding the offset of EFLAGS within the same-address structure, I end up at 800133bc(assumed eflags location)-24(offset of eflags within the TSS)-80013390(the base address of the stack frame)=offset 8 within the generated stack frame, at ebp+08.

Looking in the middle, there's an ENTER instruction(which has the ebp mentioned as the stack frame, adding a8 bytes of data to a new stack frame). Immediately after that, it pushes ESI(at 80013200 paged) and then edi(at 800131fc).
It then loads the EDI register from 80013208(so EBP-A8), so it's pointing to the bottom of the newly generated stack frame(ebp-ac being esi, ebp-f0 being the edi register of the caller)?

So far so good. Then it clears the low 32-dwords of the stack frame, using a simple rep stosd.

Then it loads ESI from the value at [EBP+08]. But EBP contains the previous stack pointer, EBP+04 being the call return address, and EBP+08 being the vakue push esi pushed before that, at line 7462(value 16f5a). That invalid load happens at line 7689? Something's very wrong there? It reads zeroes instead? The original value was at logical address 800132B8. The addresses match! Something's wrong there!

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 4 of 46, by superfury

User metadata
Rank l33t++
Rank
l33t++
Filename
debugger_20180811_1211.zip
File size
151.97 KiB
Downloads
79 downloads
File comment
Fixed paged addressing
File license
Fair use/fair dealing exception

A little fix, fixing the physical addresses, also allowing page-crossing accesses on the BIU. I've also improved logging of logical("Paged" in the log) addresses, now reporting the proper address(instead of the physical addresses it logged earlier). I've also added the missing segmented("normal" in the log) logging of BIU prefetch accesses. So now all memory accesses show up properly(the memory accesses ending on the paged layer(missing it's normal layer) in a different format being special accesses(either TSS accesses or descriptor table accesses).

Although the paged layer is always active, even in real mode, since it's always used to map(directly).

Edit: Just modified it to only report the Paging layer when it's used. Now it reports Paging accesses(Page tables) only until the physical layer(as there is no Paging layer in effect for Page tables and Page Directories.

Filename
debugger_20180811_1307.zip
File size
150.37 KiB
Downloads
57 downloads
File comment
Improved Paging reporting, only when it's active.
File license
Fair use/fair dealing exception

Edit: Looking at line 7463:

	RAM(p):001916DC=04(); Physical(p):001916DC=04(); Paged(p):802026DC=04(); Normal(p):802026DC=04(); RAM(p):001916DD=80(€); Physical(p):001916DD=80(€); Paged(p):802026DD=80(€); Normal(p):802026DD=80(€); RAM(p):001916DE=3D(=); Physical(p):001916DE=3D(=); Paged(p):802026DE=3D(=); Normal(p):802026DE=3D(=); RAM(p):001916DF=00( ); Physical(p):001916DF=00( ); Paged(p):802026DF=00( ); Normal(p):802026DF=00( ); RAM(p):001916E0=34(4); Physical(p):001916E0=34(4); Paged(p):802026E0=34(4); Normal(p):802026E0=34(4); RAM(p):001916E1=01(); Physical(p):001916E1=01(); Paged(p):802026E1=01(); Normal(p):802026E1=01(); RAM(p):001916E2=80(€); Physical(p):001916E2=80(€); Paged(p):802026E2=80(€); Normal(p):802026E2=80(€); RAM(p):001916E3=01(); Physical(p):001916E3=01(); Paged(p):802026E3=01(); Normal(p):802026E3=01()
Physical(w):00191EF0=28((); RAM(w):00191EF0=28((); Physical(w):00191EF1=0F(); RAM(w):00191EF1=0F(); Paged(w):80202EF1=0F(); Physical(w):00191EF2=01(); RAM(w):00191EF2=01(); Paged(w):80202EF2=01(); Physical(w):00191EF3=00( ); RAM(w):00191EF3=00( ); Paged(w):80202EF3=00( )
0028:802026cf A3 F0 2E 20 80 mov dword ds:[80202ef0],eax
Registers:
EAX: 00010f28 EBX: 00002069 ECX: 00002fd0 EDX: 00008010
ESP: 800132b8 EBP: 80013390 ESI: 00016f5a EDI: 80100000
CS: 0028 DS: 0030 ES: 0030 FS: 0030 GS: 0030 SS: 0030 TR: 0018 LDTR: 0000
EIP: 802026cf EFLAGS: 00003097
CR0: 8000fff1 CR1: 00000000 CR2: 00000000 CR3: 001bb000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 00008010011c010f IDTR: 00008001008c02ff
FLAGSINFO: 00000000000000vr0n11oditSz0A0P1C
Paged(w):800132B5=6F(o); Paged(w):800132B6=01(); Paged(w):800132B7=00( ); Physical(w):0018A2B4=5A(Z); RAM(w):0018A2B4=5A(Z); Physical(w):0018A2B5=6F(o); RAM(w):0018A2B5=6F(o); Physical(w):0018A2B6=01(); RAM(w):0018A2B6=01(); Physical(w):0018A2B7=00( ); RAM(w):0018A2B7=00( )
0028:802026d4 56 push esi
Registers:
EAX: 00010f28 EBX: 00002069 ECX: 00002fd0 EDX: 00008010
ESP: 800132b8 EBP: 80013390 ESI: 00016f5a EDI: 80100000
CS: 0028 DS: 0030 ES: 0030 FS: 0030 GS: 0030 SS: 0030 TR: 0018 LDTR: 0000
EIP: 802026d4 EFLAGS: 00003097
CR0: 8000fff1 CR1: 00000000 CR2: 00000000 CR3: 001bb000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 00008010011c010f IDTR: 00008001008c02ff
FLAGSINFO: 00000000000000vr0n11oditSz0A0P1C
Paged(w):800132B1=26(&); Paged(w):800132B2=20( ); Paged(w):800132B3=80(€); RAM(p):001916E4=75(u); Physical(p):001916E4=75(u); Paged(p):802026E4=75(u); Normal(p):802026E4=75(u); RAM(p):001916E5=10(); Physical(p):001916E5=10(); Paged(p):802026E5=10(); Normal(p):802026E5=10(); RAM(p):001916E6=56(V); Physical(p):001916E6=56(V); Paged(p):802026E6=56(V); Normal(p):802026E6=56(V); RAM(p):001916E7=B0(°); Physical(p):001916E7=B0(°); Paged(p):802026E7=B0(°); Normal(p):802026E7=B0(°); RAM(p):001916E8=01(); Physical(p):001916E8=01(); Paged(p):802026E8=01(); Normal(p):802026E8=01(); RAM(p):001916E9=66(f); Physical(p):001916E9=66(f); Paged(p):802026E9=66(f); Normal(p):802026E9=66(f); Physical(w):0018A2B0=DA(Ú); RAM(w):0018A2B0=DA(Ú); Physical(w):0018A2B1=26(&); RAM(w):0018A2B1=26(&); Physical(w):0018A2B2=20( ); RAM(w):0018A2B2=20( ); Physical(w):0018A2B3=80(€); RAM(w):0018A2B3=80(€)
0028:802026d5 E8 26 D9 FF FF calld 80200000
Registers:
EAX: 00010f28 EBX: 00002069 ECX: 00002fd0 EDX: 00008010
ESP: 800132b4 EBP: 80013390 ESI: 00016f5a EDI: 80100000
CS: 0028 DS: 0030 ES: 0030 FS: 0030 GS: 0030 SS: 0030 TR: 0018 LDTR: 0000
EIP: 802026d5 EFLAGS: 00003097
CR0: 8000fff1 CR1: 00000000 CR2: 00000000 CR3: 001bb000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 00008010011c010f IDTR: 00008001008c02ff
FLAGSINFO: 00000000000000vr0n11oditSz0A0P1C
RAM(r):001BB803=00( ); Physical(r):001BB803=00( ); RAM(r):001BB802=1B(); Physical(r):001BB802=1B(); RAM(r):001BB801=D2(Ò); Physical(r):001BB801=D2(Ò); RAM(r):001BB800=27('); Physical(r):001BB800=27('); RAM(r):001BD803=00( ); Physical(r):001BD803=00( ); RAM(r):001BD802=18(); Physical(r):001BD802=18(); RAM(r):001BD801=F2(ò); Physical(r):001BD801=F2(ò); RAM(r):001BD800=07(); Physical(r):001BD800=07(); Physical(w):001BD800=27('); RAM(w):001BD800=27('); Physical(w):001BD801=F2(ò); RAM(w):001BD801=F2(ò); Physical(w):001BD802=18(); RAM(w):001BD802=18(); Physical(w):001BD803=00( ); RAM(w):001BD803=00( )
RAM(p):0018F000=C8(È); Physical(p):0018F000=C8(È); Paged(p):80200000=C8(È); Normal(p):80200000=C8(È); RAM(p):0018F001=A8(¨); Physical(p):0018F001=A8(¨); Paged(p):80200001=A8(¨); Normal(p):80200001=A8(¨); RAM(p):0018F002=00( ); Physical(p):0018F002=00( ); Paged(p):80200002=00( ); Normal(p):80200002=00( ); RAM(p):0018F003=00( ); Physical(p):0018F003=00( ); Paged(p):80200003=00( ); Normal(p):80200003=00( ); RAM(p):0018F004=56(V); Physical(p):0018F004=56(V); Paged(p):80200004=56(V); Normal(p):80200004=56(V); RAM(p):0018F005=57(W); Physical(p):0018F005=57(W); Paged(p):80200005=57(W); Normal(p):80200005=57(W); RAM(p):0018F006=53(S); Physical(p):0018F006=53(S); Paged(p):80200006=53(S); Normal(p):80200006=53(S); RAM(p):0018F007=8D(); Physical(p):0018F007=8D(); Paged(p):80200007=8D(); Normal(p):80200007=8D(); RAM(p):0018F008=BD(½); Physical(p):0018F008=BD(½); Paged(p):80200008=BD(½); Normal(p):80200008=BD(½); RAM(p):0018F009=58(X); Physical(p):0018F009=58(X); Paged(p):80200009=58(X); Normal(p):80200009=58(X); RAM(p):0018F00A=FF(ÿ); Physical(p):0018F00A=FF(ÿ); Paged(p):8020000A=FF(ÿ); Normal(p):8020000A=FF(ÿ); RAM(p):0018F00B=FF(ÿ); Physical(p):0018F00B=FF(ÿ); Paged(p):8020000B=FF(ÿ); Normal(p):8020000B=FF(ÿ); RAM(p):0018F00C=FF(ÿ); Physical(p):0018F00C=FF(ÿ); Paged(p):8020000C=FF(ÿ); Normal(p):8020000C=FF(ÿ); RAM(p):0018F00D=33(3); Physical(p):0018F00D=33(3); Paged(p):8020000D=33(3); Normal(p):8020000D=33(3); RAM(p):0018F00E=C0(À); Physical(p):0018F00E=C0(À); Paged(p):8020000E=C0(À); Normal(p):8020000E=C0(À); RAM(p):0018F00F=B9(¹); Physical(p):0018F00F=B9(¹); Paged(p):8020000F=B9(¹); Normal(p):8020000F=B9(¹)
RAM(p):0018F010=20( ); Physical(p):0018F010=20( ); Paged(p):80200010=20( ); Normal(p):80200010=20( ); RAM(p):0018F011=00( ); Physical(p):0018F011=00( ); Paged(p):80200011=00( ); Normal(p):80200011=00( ); RAM(p):0018F012=00( ); Physical(p):0018F012=00( ); Paged(p):80200012=00( ); Normal(p):80200012=00( ); RAM(p):0018F013=00( ); Physical(p):0018F013=00( ); Paged(p):80200013=00( ); Normal(p):80200013=00( )
Physical(w):0018A2AC=90(); RAM(w):0018A2AC=90(); Physical(w):0018A2AD=33(3); RAM(w):0018A2AD=33(3); Paged(w):800132AD=33(3); Physical(w):0018A2AE=01(); RAM(w):0018A2AE=01(); Paged(w):800132AE=01(); Physical(w):0018A2AF=80(€); RAM(w):0018A2AF=80(€); Paged(w):800132AF=80(€)
0028:80200000 C8 A8 00 00 enterd 00a8,00
Registers:
EAX: 00010f28 EBX: 00002069 ECX: 00002fd0 EDX: 00008010
ESP: 800132b0 EBP: 80013390 ESI: 00016f5a EDI: 80100000
CS: 0028 DS: 0030 ES: 0030 FS: 0030 GS: 0030 SS: 0030 TR: 0018 LDTR: 0000
EIP: 80200000 EFLAGS: 00003097
CR0: 8000fff1 CR1: 00000000 CR2: 00000000 CR3: 001bb000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 00008010011c010f IDTR: 00008001008c02ff
FLAGSINFO: 00000000000000vr0n11oditSz0A0P1C
Paged(w):80013201=6F(o); Paged(w):80013202=01(); Paged(w):80013203=00( ); Physical(w):0018A200=5A(Z); RAM(w):0018A200=5A(Z); Physical(w):0018A201=6F(o); RAM(w):0018A201=6F(o); Physical(w):0018A202=01(); RAM(w):0018A202=01(); Physical(w):0018A203=00( ); RAM(w):0018A203=00( )
0028:80200004 56 push esi
Registers:
EAX: 00010f28 EBX: 00002069 ECX: 00002fd0 EDX: 00008010
ESP: 80013204 EBP: 800132b0 ESI: 00016f5a EDI: 80100000
CS: 0028 DS: 0030 ES: 0030 FS: 0030 GS: 0030 SS: 0030 TR: 0018 LDTR: 0000
EIP: 80200004 EFLAGS: 00003097
CR0: 8000fff1 CR1: 00000000 CR2: 00000000 CR3: 001bb000
Show last 17 lines
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 00008010011c010f IDTR: 00008001008c02ff
FLAGSINFO: 00000000000000vr0n11oditSz0A0P1C
Paged(w):800131FD=00( ); Paged(w):800131FE=10(); Paged(w):800131FF=80(€); Physical(w):0018A1FC=00( ); RAM(w):0018A1FC=00( ); Physical(w):0018A1FD=00( ); RAM(w):0018A1FD=00( ); Physical(w):0018A1FE=10(); RAM(w):0018A1FE=10(); Physical(w):0018A1FF=80(€); RAM(w):0018A1FF=80(€)
0028:80200005 57 push edi
Registers:
EAX: 00010f28 EBX: 00002069 ECX: 00002fd0 EDX: 00008010
ESP: 80013200 EBP: 800132b0 ESI: 00016f5a EDI: 80100000
CS: 0028 DS: 0030 ES: 0030 FS: 0030 GS: 0030 SS: 0030 TR: 0018 LDTR: 0000
EIP: 80200005 EFLAGS: 00003097
CR0: 8000fff1 CR1: 00000000 CR2: 00000000 CR3: 001bb000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 00008010011c010f IDTR: 00008001008c02ff
FLAGSINFO: 00000000000000vr0n11oditSz0A0P1C

Then, at line 7703:

	RAM(r):0018A2B8=00( ); Physical(r):0018A2B8=00( ); Paged(r):800132B8=00( ); RAM(r):0018A2B9=00( ); Physical(r):0018A2B9=00( ); Paged(r):800132B9=00( ); RAM(r):0018A2BA=00( ); Physical(r):0018A2BA=00( ); Paged(r):800132BA=00( ); RAM(r):0018A2BB=00( ); Physical(r):0018A2BB=00( ); Paged(r):800132BB=00( ); RAM(p):0018F025=E0(à); Physical(p):0018F025=E0(à); Paged(p):80200025=E0(à); Normal(p):80200025=E0(à); RAM(p):0018F026=0F(); Physical(p):0018F026=0F(); Paged(p):80200026=0F(); Normal(p):80200026=0F(); RAM(p):0018F027=B7(·); Physical(p):0018F027=B7(·); Paged(p):80200027=B7(·); Normal(p):80200027=B7(·); RAM(p):0018F028=06(); Physical(p):0018F028=06(); Paged(p):80200028=06(); Normal(p):80200028=06(); RAM(p):0018F029=A3(£); Physical(p):0018F029=A3(£); Paged(p):80200029=A3(£); Normal(p):80200029=A3(£)
0028:80200017 8B 75 08 mov esi,dword ss:[ebp+08]
Registers:
EAX: 00000000 EBX: 00002069 ECX: 00000000 EDX: 00008010
ESP: 800131f8 EBP: 800132b0 ESI: 00016f5a EDI: 80013288
CS: 0028 DS: 0030 ES: 0030 FS: 0030 GS: 0030 SS: 0030 TR: 0018 LDTR: 0000
EIP: 80200017 EFLAGS: 00003056
CR0: 8000fff1 CR1: 00000000 CR2: 00000000 CR3: 001bb000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 00008010011c010f IDTR: 00008001008c02ff
FLAGSINFO: 00000000000000vr0n11oditsZ0A0P1c
RAM(r):001BB003=00( ); Physical(r):001BB003=00( ); RAM(r):001BB002=1B(); Physical(r):001BB002=1B(); RAM(r):001BB001=C2(Â); Physical(r):001BB001=C2(Â); RAM(r):001BB000=27('); Physical(r):001BB000=27('); RAM(r):001BC003=00( ); Physical(r):001BC003=00( ); RAM(r):001BC002=00( ); Physical(r):001BC002=00( ); RAM(r):001BC001=00( ); Physical(r):001BC001=00( ); RAM(r):001BC000=07(); Physical(r):001BC000=07(); RAM(r):00000002=1E(); Physical(r):00000002=1E(); Paged(r):00000002=1E(); RAM(r):00000003=01(); Physical(r):00000003=01(); Paged(r):00000003=01(); RAM(r):00000004=F4(ô); Physical(r):00000004=F4(ô); Paged(r):00000004=F4(ô); RAM(r):00000005=06(); Physical(r):00000005=06(); Paged(r):00000005=06(); Physical(w):001BC000=27('); RAM(w):001BC000=27('); Physical(w):001BC001=00( ); RAM(w):001BC001=00( ); Physical(w):001BC002=00( ); RAM(w):001BC002=00( ); Physical(w):001BC003=00( ); RAM(w):001BC003=00( )
0028:8020001a 8B 46 02 mov eax,dword ds:[esi+02]
Registers:
EAX: 00000000 EBX: 00002069 ECX: 00000000 EDX: 00008010
ESP: 800131f8 EBP: 800132b0 ESI: 00000000 EDI: 80013288
CS: 0028 DS: 0030 ES: 0030 FS: 0030 GS: 0030 SS: 0030 TR: 0018 LDTR: 0000
EIP: 8020001a EFLAGS: 00003056
CR0: 8000fff1 CR1: 00000000 CR2: 00000000 CR3: 001bb000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 00008010011c010f IDTR: 00008001008c02ff
FLAGSINFO: 00000000000000vr0n11oditsZ0A0P1c
RAM(p):0018F02A=80(€); Physical(p):0018F02A=80(€); Paged(p):8020002A=80(€); Normal(p):8020002A=80(€); RAM(p):0018F02B=B9(¹); Physical(p):0018F02B=B9(¹); Paged(p):8020002B=B9(¹); Normal(p):8020002B=B9(¹); RAM(p):0018F02C=00( ); Physical(p):0018F02C=00( ); Paged(p):8020002C=00( ); Normal(p):8020002C=00( ); RAM(p):0018F02D=80(€); Physical(p):0018F02D=80(€); Paged(p):8020002D=80(€); Normal(p):8020002D=80(€); RAM(p):0018F02E=8B(‹); Physical(p):0018F02E=8B(‹); Paged(p):8020002E=8B(‹); Normal(p):8020002E=8B(‹); RAM(p):0018F02F=46(F); Physical(p):0018F02F=46(F); Paged(p):8020002F=46(F); Normal(p):8020002F=46(F)
Physical(w):0018A294=1E(); RAM(w):0018A294=1E(); Physical(w):0018A295=01(); RAM(w):0018A295=01(); Paged(w):80013295=01(); Physical(w):0018A296=F4(ô); RAM(w):0018A296=F4(ô); Paged(w):80013296=F4(ô); Physical(w):0018A297=06(); RAM(w):0018A297=06(); Paged(w):80013297=06()
0028:8020001d 89 45 E4 mov dword ss:[ebp-1c],eax
Registers:
EAX: 06f4011e EBX: 00002069 ECX: 00000000 EDX: 00008010
ESP: 800131f8 EBP: 800132b0 ESI: 00000000 EDI: 80013288
CS: 0028 DS: 0030 ES: 0030 FS: 0030 GS: 0030 SS: 0030 TR: 0018 LDTR: 0000
EIP: 8020001d EFLAGS: 00003056
CR0: 8000fff1 CR1: 00000000 CR2: 00000000 CR3: 001bb000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 00008010011c010f IDTR: 00008001008c02ff
FLAGSINFO: 00000000000000vr0n11oditsZ0A0P1c

Those two seem to be the cause of said data being lost...
Edit: Found a little bug causing the missing log of the first paged byte of multi-byte accesses requested by the BIU(e.g. the push esi and enter instructions above show that). They're still performed though(see the physical and RAM layer before the remaining three bytes).

The eventual ESI value is first loaded in EAX using logical address 800132B8. Looking further up, I see that's the value of ESP BEFORE pushing ESI, so that's something wrong. That one is written to the stack at 800132B4 properly.

Then CALL. It seems to go fine as well, writing it's return address at 800132B0.

Then ENTER. That one's going horribly wrong: EBP becomes ESP(incorrect) and ESP decreased by A8+4(the pushed EBP). So the pushes work correctly, but EBP is loaded with the value BEFORE executing the ENTER instruction, updating it to be the value of ESP BEFORE pushing EBP, instead of it's correct AFTER pushing EBP! 😖

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 5 of 46, by superfury

User metadata
Rank l33t++
Rank
l33t++

Having fixed that Enter instruction bug, it now no longer faults on that point! 😁

Although I eventually see it faulting on descriptor loading and eventually stack/double/triple faulting on something else further on?

Filename
debugger_20180811_1430.7z
File size
849.07 KiB
Downloads
58 downloads
File comment
Later error.
File license
Fair use/fair dealing exception

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 6 of 46, by superfury

User metadata
Rank l33t++
Rank
l33t++

A small update, throwing #GP(16B) etc. faults(set of three interrupts) in a loop? Added logging of double/triple faults and removed V86 interrupt logging.

Filename
debugger_20180811_1524.7z
File size
2.16 MiB
Downloads
68 downloads
File comment
Execution of Windows 3.0 until return to the command prompt?
File license
Fair use/fair dealing exception

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 7 of 46, by superfury

User metadata
Rank l33t++
Rank
l33t++

@barotto: Could you make a common log format log of Windows 3.0 booting in 80386 mode? Then maybe I can compare those to my logs and find out why it's crashing(double faulting on infinite faulting causing stack overflow) my emulator(it's booting fine in real mode and with /r parameter from the EMM386 being loaded(V86-mode running real-mode Windows). 80286 and 80386 both stack&triple fault(80386 on linear memory address 80201002 for a BT modr/m,10h instruction(modrm pointing to 80201000), then more faults(on interrupts in V86 mode) until eventually another page fault and double fault/triple fault).

Edit: Yay! Wfw3.11 setup finally starts without the "invalid parameter:<linebreak>" error back to MS-DOS prompt! 😁

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 8 of 46, by superfury

User metadata
Rank l33t++
Rank
l33t++

I manage to get Windows 3.11 through the first two disks, but when it tries to start the graphics part, it gives me an error it cannot start Windows in Standard mode and to run "win /3" instead. It's unresponsive to input.

After restarting the emulator, win.com/exe is missing from the Windows 3.11 directory?

The exact message it gives(no faults thrown in protected mode, translation from Dutch):

Cannot start Windows in Standard mode.
Try starting Windows in 386 ""enhanced""-mode by typing win /3.
563.jpg
Filename
563.jpg
File size
18.66 KiB
Views
2011 views
File comment
Windows 3.11 erroring out with missing win.com.
File license
Fair use/fair dealing exception

Do you know anything about this case? I see no protected mode faults happening.

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 9 of 46, by superfury

User metadata
Rank l33t++
Rank
l33t++

Hmmmm... Immediately after starting protected mode, it checks some byte that has the value 3(jump if less(jc), which isn't taken), then immediately drops out of protected mode and seems to abort???

Edit: Another small CPU bugfix: iret/retf to higher privilege levels(resulting CS.RPL<old CPL) now properly throws a #GP(segment|table|EXT) fault(didn't before).

Booting Windows 3.11 during setup on the 80386 somehow fails? I see some interrupt 2F requests for cannonicalizing filenames(according to Ralf Brown's interrupt list), but no actual executables being loaded? Maybe that's the issue somehow?

Can you see what's going wrong(according to the interrupts thrown?)?

Filename
debugger_20180812_1343.7z
File size
1.66 MiB
Downloads
68 downloads
File comment
Windows 3.11 booting fails
File license
Fair use/fair dealing exception

Edit: Hmmm... Interresting. I see a http://www.ctyme.com/intr/rb-4498.htm call. So DosX.exe is starting up! That's one!

Edit: Just improved my CPU identification a bit based on your article on Identifying Processors(mainly adding stuck CR0 bit on 80286-, additional DX values on reset, SGDT/SIDT ignoring operand size(knew about it for the LMSW/SMSW but somehow forgot to implement it for SGDT/SIDT, including the 80286 stuck high bits:S ).

Edit: Whoops. The ET bit wasn't stuck to 1, instead it was forcing the TS bit to 1 instead. 😖

Edit: Improved log after implementing said processor detection support(also mapping 80286 MSW writes to 80386 CR0 writes, adding improved detection support for stuck bits easier(also added CR0 stuck bits to the 80286).

Filename
debugger_20180812_1745.7z
File size
2.23 MiB
Downloads
66 downloads
File comment
Improved processor detection implemented.
File license
Fair use/fair dealing exception

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 10 of 46, by superfury

User metadata
Rank l33t++
Rank
l33t++

Just made a little improved log(fixing a bug that incorrectly handled logging type(affecting how it's reported) of prefetcher BIU reads from physical memory(during it's accompanying T CPU-cycles).

Also got a different copy of Windows 3.11(from a youtube video describing the setup's validity) that has less disks(6 disks instead of 9), while also being the english version instead of my earlier Dutch version(maybe a bit better for cross-referencing here, since there's not many Dutch people here afaik(save for a few I know of)).

It's the "Windows 3.11 (OEM) (3.5)" version from Winworld(that was what it was called) for reference on the used version for the log.

Filename
debugger_20180812_2006.7z
File size
2.11 MiB
Downloads
59 downloads
File comment
Improved logging.
File license
Fair use/fair dealing exception

For reference: https://www.youtube.com/watch?v=y34WhpjSLPg&t=110s at ~1:50 (when starting Windows) is the point my emulator craps out and gives me a black screen with the message Windows couldn't be started and run with /3 parameter(even though win.com/win.exe isn't copied yet:S ) instead of going into graphics mode(crashing before doing that).

Can you make a log of Windows 3.0 starting from the point it enters protected mode and onwards? Then I can compare it with my log and see what's going wrong(maybe minus the HDD/FLOPPY/CD-ROM reading part, as that's system and timing-specific). I'm running it at 3000kIPS(Dosbox-style cycles, with the BIU Prefetch Queue constantly filled after/during each instruction to perform a Dosbox-style prefetch buffer in IPS mode).

Edit: Although the memory writes look odd(being split apart by the PIQ filling from memory), the cause of that is that only after the full cycle block in IPS-mode is processed(so the memory access plus any remaining cycles that are spent on filling the PIQ FIFO) the memory writes are flushed to memory(the physical (and RAM if not a memory mapped device) layer(s)). It looks a bit odd, but that's actually the way the CPU handles memory writes atm(to prevent the writes from immediately affecting the PIQ in front of it, affecting SMC in a simple way).

So the Paged layer you see is actually writing to a simple FIFO instead of the physical layer. Said FIFO is written to the Physical layer each time the CPU finishes a block to process(either a cycle or a non-terminating cycle(a cycle that doesn't take any time, so an unfinished IPS-mode instruction still undergoing execution). Of course, any cycle(both terminating and non-terminating) can have PIQ fetches in between the processing blocks, if allowed(depending on the actual cycle timing provided by the EU in cycle-accurate mode). The Dosbox-style IPS mode is actually just a simple hack/wrapper around the cycle-accurate core(just modifying external BUS timings relative to the CPU clock), while the EU still runs in a cycle-accurate way(the IPS-clocking is applied to the hardware timing and realtime synchonization(being either 1(finished instruction) or 0(unfinished instruction) cycles). Of course, there's security preventing infinite loops there(if you were to have an infinite unfinished instruction(thus always processing 0 cycles)), which simply breaks the main loop to allow surrounding timing to update the real-time synchonization. This keeps the EU simple and portable with the IPS clocking easy to apply(for a significant speedup compared to cycle-accurate mode), while keeping maximum compatibility for the EU(which it's all about) for simple updating of code(without needing two fully implemented cores for each CPU mode).

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 11 of 46, by superfury

User metadata
Rank l33t++
Rank
l33t++

Somethings terribly wrong at an IRET at line 57762...

054c:000001a9 83 C4 02 add sp,0002	RAM(p):00005676=12(); Physical(p):00005676=12(); Paged(p):00005676=12(); Normal(p):000001B6=12(); RAM(p):00005677=00( ); Physical(p):00005677=00( ); Paged(p):00005677=00( ); Normal(p):000001B7=00( ); RAM(p):00005678=EB(ë); Physical(p):00005678=EB(ë); Paged(p):00005678=EB(ë); Normal(p):000001B8=EB(ë); RAM(p):00005679=AA(ª); Physical(p):00005679=AA(ª); Paged(p):00005679=AA(ª); Normal(p):000001B9=AA(ª); RAM(p):0000567A=2E(.); Physical(p):0000567A=2E(.); Paged(p):0000567A=2E(.); Normal(p):000001BA=2E(.); RAM(p):0000567B=3B(;); Physical(p):0000567B=3B(;); Paged(p):0000567B=3B(;); Normal(p):000001BB=3B(;)
Registers:
EAX: 00000000 EBX: 00000ecd ECX: 00000000 EDX: 00000001
ESP: 00000045 EBP: 00000000 ESI: 000035ec EDI: 00000078
CS: 054c DS: 0ecd ES: 0ecd FS: 0000 GS: 0303 SS: 0ecd TR: 0088 LDTR: 0038
EIP: 000001a9 EFLAGS: 00003046
CR0: 0000fff0 CR1: 00000000 CR2: 00000000 CR3: 00000000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 000000110800011f IDTR: 000000000000ffff
FLAGSINFO: 00000000000000vr0n11oditsZ0a0P1c
RAM(r):0000ED17=02(); Physical(r):0000ED17=02(); Paged(r):0000ED17=02()
RAM(r):0000ED18=00( ); Physical(r):0000ED18=00( ); Paged(r):0000ED18=00( )
RAM(r):0000ED19=F8(ø); Physical(r):0000ED19=F8(ø); Paged(r):0000ED19=F8(ø); RAM(r):0000ED1A=12(); Physical(r):0000ED1A=12(); Paged(r):0000ED1A=12()
RAM(r):0000ED1B=06(); Physical(r):0000ED1B=06(); Paged(r):0000ED1B=06()
RAM(r):0000ED1C=30(0); Physical(r):0000ED1C=30(0); Paged(r):0000ED1C=30(0)
054c:000001ac CF iret RAM(p):00012F82=00( ); Physical(p):00012F82=00( ); Paged(p):00012F82=00( ); Normal(p):00000002=00( ); RAM(p):00012F83=00( ); Physical(p):00012F83=00( ); Paged(p):00012F83=00( ); Normal(p):00000003=00( ); RAM(p):00012F84=00( ); Physical(p):00012F84=00( ); Paged(p):00012F84=00( ); Normal(p):00000004=00( ); RAM(p):00012F85=00( ); Physical(p):00012F85=00( ); Paged(p):00012F85=00( ); Normal(p):00000005=00( ); RAM(p):00012F86=00( ); Physical(p):00012F86=00( ); Paged(p):00012F86=00( ); Normal(p):00000006=00( ); RAM(p):00012F87=00( ); Physical(p):00012F87=00( ); Paged(p):00012F87=00( ); Normal(p):00000007=00( ); RAM(p):00012F88=00( ); Physical(p):00012F88=00( ); Paged(p):00012F88=00( ); Normal(p):00000008=00( ); RAM(p):00012F89=00( ); Physical(p):00012F89=00( ); Paged(p):00012F89=00( ); Normal(p):00000009=00( ); RAM(p):00012F8A=B8(¸); Physical(p):00012F8A=B8(¸); Paged(p):00012F8A=B8(¸); Normal(p):0000000A=B8(¸); RAM(p):00012F8B=CD(Í); Physical(p):00012F8B=CD(Í); Paged(p):00012F8B=CD(Í); Normal(p):0000000B=CD(Í); RAM(p):00012F8C=0E(); Physical(p):00012F8C=0E(); Paged(p):00012F8C=0E(); Normal(p):0000000C=0E(); RAM(p):00012F8D=8E(Ž); Physical(p):00012F8D=8E(Ž); Paged(p):00012F8D=8E(Ž); Normal(p):0000000D=8E(Ž); RAM(p):00012F8E=D8(Ø); Physical(p):00012F8E=D8(Ø); Paged(p):00012F8E=D8(Ø); Normal(p):0000000E=D8(Ø); RAM(p):00012F8F=8C(Œ); Physical(p):00012F8F=8C(Œ); Paged(p):00012F8F=8C(Œ); Normal(p):0000000F=8C(Œ); RAM(p):00012F90=06(); Physical(p):00012F90=06(); Paged(p):00012F90=06(); Normal(p):00000010=06(); RAM(p):00012F91=36(6); Physical(p):00012F91=36(6); Paged(p):00012F91=36(6); Normal(p):00000011=36(6)
Registers:
EAX: 00000000 EBX: 00000ecd ECX: 00000000 EDX: 00000001
ESP: 00000047 EBP: 00000000 ESI: 000035ec EDI: 00000078
CS: 054c DS: 0ecd ES: 0ecd FS: 0000 GS: 0303 SS: 0ecd TR: 0088 LDTR: 0038
EIP: 000001ac EFLAGS: 00003006
CR0: 0000fff0 CR1: 00000000 CR2: 00000000 CR3: 00000000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 000000110800011f IDTR: 000000000000ffff
FLAGSINFO: 00000000000000vr0n11oditsz0a0P1c
RAM(r):00013189=0A( ); Physical(r):00013189=0A( ); Paged(r):00013189=0A( )
Physical(w):00013189=0A( ); RAM(w):00013189=0A( ); Paged(w):00013189=0A( )
12f8:00000002 00 00 add byte ds:[bx+si],al
Registers:
EAX: 00000000 EBX: 00000ecd ECX: 00000000 EDX: 00000001
ESP: 0000004d EBP: 00000000 ESI: 000035ec EDI: 00000078
CS: 12f8 DS: 0ecd ES: 0ecd FS: 0000 GS: 0303 SS: 0ecd TR: 0088 LDTR: 0038
EIP: 00000002 EFLAGS: 00003006
CR0: 0000fff0 CR1: 00000000 CR2: 00000000 CR3: 00000000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 000000110800011f IDTR: 000000000000ffff
FLAGSINFO: 00000000000000vr0n11oditsz0a0P1c
RAM(r):00013189=0A( ); Physical(r):00013189=0A( ); Paged(r):00013189=0A( ); RAM(p):00012F92=01(); Physical(p):00012F92=01(); Paged(p):00012F92=01(); Normal(p):00000012=01(); RAM(p):00012F93=8E(Ž); Physical(p):00012F93=8E(Ž); Paged(p):00012F93=8E(Ž); Normal(p):00000013=8E(Ž); RAM(p):00012F94=D0(Ð); Physical(p):00012F94=D0(Ð); Paged(p):00012F94=D0(Ð); Normal(p):00000014=D0(Ð); RAM(p):00012F95=BC(¼); Physical(p):00012F95=BC(¼); Paged(p):00012F95=BC(¼); Normal(p):00000015=BC(¼)
Physical(w):00013189=0A( ); RAM(w):00013189=0A( ); Paged(w):00013189=0A( )
12f8:00000004 00 00 add byte ds:[bx+si],al
Registers:
EAX: 00000000 EBX: 00000ecd ECX: 00000000 EDX: 00000001
ESP: 0000004d EBP: 00000000 ESI: 000035ec EDI: 00000078
CS: 12f8 DS: 0ecd ES: 0ecd FS: 0000 GS: 0303 SS: 0ecd TR: 0088 LDTR: 0038
EIP: 00000004 EFLAGS: 00003006
CR0: 0000fff0 CR1: 00000000 CR2: 00000000 CR3: 00000000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 000000110800011f IDTR: 000000000000ffff
FLAGSINFO: 00000000000000vr0n11oditsz0a0P1c
RAM(r):00013189=0A( ); Physical(r):00013189=0A( ); Paged(r):00013189=0A( )
Physical(w):00013189=0A( ); RAM(w):00013189=0A( ); Paged(w):00013189=0A( )
12f8:00000006 00 00 add byte ds:[bx+si],al
Registers:
EAX: 00000000 EBX: 00000ecd ECX: 00000000 EDX: 00000001
ESP: 0000004d EBP: 00000000 ESI: 000035ec EDI: 00000078
CS: 12f8 DS: 0ecd ES: 0ecd FS: 0000 GS: 0303 SS: 0ecd TR: 0088 LDTR: 0038
Show last 128 lines
EIP: 00000006 EFLAGS: 00003006
CR0: 0000fff0 CR1: 00000000 CR2: 00000000 CR3: 00000000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 000000110800011f IDTR: 000000000000ffff
FLAGSINFO: 00000000000000vr0n11oditsz0a0P1c
RAM(r):00013189=0A( ); Physical(r):00013189=0A( ); Paged(r):00013189=0A( ); RAM(p):00012F96=00( ); Physical(p):00012F96=00( ); Paged(p):00012F96=00( ); Normal(p):00000016=00( ); RAM(p):00012F97=01(); Physical(p):00012F97=01(); Paged(p):00012F97=01(); Normal(p):00000017=01(); RAM(p):00012F98=E8(è); Physical(p):00012F98=E8(è); Paged(p):00012F98=E8(è); Normal(p):00000018=E8(è); RAM(p):00012F99=56(V); Physical(p):00012F99=56(V); Paged(p):00012F99=56(V); Normal(p):00000019=56(V)
Physical(w):00013189=0A( ); RAM(w):00013189=0A( ); Paged(w):00013189=0A( )
12f8:00000008 00 00 add byte ds:[bx+si],al
Registers:
EAX: 00000000 EBX: 00000ecd ECX: 00000000 EDX: 00000001
ESP: 0000004d EBP: 00000000 ESI: 000035ec EDI: 00000078
CS: 12f8 DS: 0ecd ES: 0ecd FS: 0000 GS: 0303 SS: 0ecd TR: 0088 LDTR: 0038
EIP: 00000008 EFLAGS: 00003006
CR0: 0000fff0 CR1: 00000000 CR2: 00000000 CR3: 00000000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 000000110800011f IDTR: 000000000000ffff
FLAGSINFO: 00000000000000vr0n11oditsz0a0P1c
12f8:0000000a B8 CD 0E mov ax,0ecd
Registers:
EAX: 00000000 EBX: 00000ecd ECX: 00000000 EDX: 00000001
ESP: 0000004d EBP: 00000000 ESI: 000035ec EDI: 00000078
CS: 12f8 DS: 0ecd ES: 0ecd FS: 0000 GS: 0303 SS: 0ecd TR: 0088 LDTR: 0038
EIP: 0000000a EFLAGS: 00003006
CR0: 0000fff0 CR1: 00000000 CR2: 00000000 CR3: 00000000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 000000110800011f IDTR: 000000000000ffff
FLAGSINFO: 00000000000000vr0n11oditsz0a0P1c
12f8:0000000d 8E D8 mov ds,ax RAM(p):00012F9A=29()); Physical(p):00012F9A=29()); Paged(p):00012F9A=29()); Normal(p):0000001A=29()); RAM(p):00012F9B=0B(); Physical(p):00012F9B=0B(); Paged(p):00012F9B=0B(); Normal(p):0000001B=0B(); RAM(p):00012F9C=C0(À); Physical(p):00012F9C=C0(À); Paged(p):00012F9C=C0(À); Normal(p):0000001C=C0(À); RAM(p):00012F9D=75(u); Physical(p):00012F9D=75(u); Paged(p):00012F9D=75(u); Normal(p):0000001D=75(u); RAM(p):00012F9E=03(); Physical(p):00012F9E=03(); Paged(p):00012F9E=03(); Normal(p):0000001E=03()
Registers:
EAX: 00000ecd EBX: 00000ecd ECX: 00000000 EDX: 00000001
ESP: 0000004d EBP: 00000000 ESI: 000035ec EDI: 00000078
CS: 12f8 DS: 0ecd ES: 0ecd FS: 0000 GS: 0303 SS: 0ecd TR: 0088 LDTR: 0038
EIP: 0000000d EFLAGS: 00003006
CR0: 0000fff0 CR1: 00000000 CR2: 00000000 CR3: 00000000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 000000110800011f IDTR: 000000000000ffff
FLAGSINFO: 00000000000000vr0n11oditsz0a0P1c
RAM(p):00012F9F=E8(è); Physical(p):00012F9F=E8(è); Paged(p):00012F9F=E8(è); Normal(p):0000001F=E8(è); RAM(p):00012FA0=6E(n); Physical(p):00012FA0=6E(n); Paged(p):00012FA0=6E(n); Normal(p):00000020=6E(n); RAM(p):00012FA1=29()); Physical(p):00012FA1=29()); Paged(p):00012FA1=29()); Normal(p):00000021=29()); RAM(p):00012FA2=1E(); Physical(p):00012FA2=1E(); Paged(p):00012FA2=1E(); Normal(p):00000022=1E()
Physical(w):0000EE06=CD(Í); RAM(w):0000EE06=CD(Í); Paged(w):0000EE06=CD(Í); Physical(w):0000EE07=0E(); RAM(w):0000EE07=0E(); Paged(w):0000EE07=0E()
12f8:0000000f 8C 06 36 01 mov word ds:[0136],es
Registers:
EAX: 00000ecd EBX: 00000ecd ECX: 00000000 EDX: 00000001
ESP: 0000004d EBP: 00000000 ESI: 000035ec EDI: 00000078
CS: 12f8 DS: 0ecd ES: 0ecd FS: 0000 GS: 0303 SS: 0ecd TR: 0088 LDTR: 0038
EIP: 0000000f EFLAGS: 00003006
CR0: 0000fff0 CR1: 00000000 CR2: 00000000 CR3: 00000000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 000000110800011f IDTR: 000000000000ffff
FLAGSINFO: 00000000000000vr0n11oditsz0a0P1c
12f8:00000013 8E D0 mov ss,ax
Registers:
EAX: 00000ecd EBX: 00000ecd ECX: 00000000 EDX: 00000001
ESP: 0000004d EBP: 00000000 ESI: 000035ec EDI: 00000078
CS: 12f8 DS: 0ecd ES: 0ecd FS: 0000 GS: 0303 SS: 0ecd TR: 0088 LDTR: 0038
EIP: 00000013 EFLAGS: 00003006
CR0: 0000fff0 CR1: 00000000 CR2: 00000000 CR3: 00000000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 000000110800011f IDTR: 000000000000ffff
FLAGSINFO: 00000000000000vr0n11oditsz0a0P1c
12f8:00000015 BC 00 01 mov sp,0100 RAM(p):00012FA3=B8(¸); Physical(p):00012FA3=B8(¸); Paged(p):00012FA3=B8(¸); Normal(p):00000023=B8(¸); RAM(p):00012FA4=05(); Physical(p):00012FA4=05(); Paged(p):00012FA4=05(); Normal(p):00000024=05(); RAM(p):00012FA5=16(); Physical(p):00012FA5=16(); Paged(p):00012FA5=16(); Normal(p):00000025=16(); RAM(p):00012FA6=33(3); Physical(p):00012FA6=33(3); Paged(p):00012FA6=33(3); Normal(p):00000026=33(3); RAM(p):00012FA7=DB(Û); Physical(p):00012FA7=DB(Û); Paged(p):00012FA7=DB(Û); Normal(p):00000027=DB(Û)
Registers:
EAX: 00000ecd EBX: 00000ecd ECX: 00000000 EDX: 00000001
ESP: 0000004d EBP: 00000000 ESI: 000035ec EDI: 00000078
CS: 12f8 DS: 0ecd ES: 0ecd FS: 0000 GS: 0303 SS: 0ecd TR: 0088 LDTR: 0038
EIP: 00000015 EFLAGS: 00003006
CR0: 0000fff0 CR1: 00000000 CR2: 00000000 CR3: 00000000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 000000110800011f IDTR: 000000000000ffff
FLAGSINFO: 00000000000000vr0n11oditsz0a0P1c
Paged(w):0000EDCE=1B(); Paged(w):0000EDCF=00( ); Physical(w):0000EDCE=1B(); RAM(w):0000EDCE=1B(); Physical(w):0000EDCF=00( ); RAM(w):0000EDCF=00( )
12f8:00000018 E8 56 29 call 00002971 RAM(p):000158F1=E8(è); Physical(p):000158F1=E8(è); Paged(p):000158F1=E8(è); Normal(p):00002971=E8(è); RAM(p):000158F2=5A(Z); Physical(p):000158F2=5A(Z); Paged(p):000158F2=5A(Z); Normal(p):00002972=5A(Z); RAM(p):000158F3=FF(ÿ); Physical(p):000158F3=FF(ÿ); Paged(p):000158F3=FF(ÿ); Normal(p):00002973=FF(ÿ); RAM(p):000158F4=0B(); Physical(p):000158F4=0B(); Paged(p):000158F4=0B(); Normal(p):00002974=0B(); RAM(p):000158F5=C0(À); Physical(p):000158F5=C0(À); Paged(p):000158F5=C0(À); Normal(p):00002975=C0(À); RAM(p):000158F6=74(t); Physical(p):000158F6=74(t); Paged(p):000158F6=74(t); Normal(p):00002976=74(t); RAM(p):000158F7=13(); Physical(p):000158F7=13(); Paged(p):000158F7=13(); Normal(p):00002977=13(); RAM(p):000158F8=FE(þ); Physical(p):000158F8=FE(þ); Paged(p):000158F8=FE(þ); Normal(p):00002978=FE(þ); RAM(p):000158F9=06(); Physical(p):000158F9=06(); Paged(p):000158F9=06(); Normal(p):00002979=06(); RAM(p):000158FA=33(3); Physical(p):000158FA=33(3); Paged(p):000158FA=33(3); Normal(p):0000297A=33(3); RAM(p):000158FB=2B(+); Physical(p):000158FB=2B(+); Paged(p):000158FB=2B(+); Normal(p):0000297B=2B(+); RAM(p):000158FC=3D(=); Physical(p):000158FC=3D(=); Paged(p):000158FC=3D(=); Normal(p):0000297C=3D(=); RAM(p):000158FD=10(); Physical(p):000158FD=10(); Paged(p):000158FD=10(); Normal(p):0000297D=10(); RAM(p):000158FE=05(); Physical(p):000158FE=05(); Paged(p):000158FE=05(); Normal(p):0000297E=05(); RAM(p):000158FF=72(r); Physical(p):000158FF=72(r); Paged(p):000158FF=72(r); Normal(p):0000297F=72(r); RAM(p):00015900=0A( ); Physical(p):00015900=0A( ); Paged(p):00015900=0A( ); Normal(p):00002980=0A( )
Registers:
EAX: 00000ecd EBX: 00000ecd ECX: 00000000 EDX: 00000001
ESP: 00000100 EBP: 00000000 ESI: 000035ec EDI: 00000078
CS: 12f8 DS: 0ecd ES: 0ecd FS: 0000 GS: 0303 SS: 0ecd TR: 0088 LDTR: 0038
EIP: 00000018 EFLAGS: 00003006
CR0: 0000fff0 CR1: 00000000 CR2: 00000000 CR3: 00000000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 000000110800011f IDTR: 000000000000ffff
FLAGSINFO: 00000000000000vr0n11oditsz0a0P1c
Paged(w):0000EDCC=74(t); Paged(w):0000EDCD=29()); Physical(w):0000EDCC=74(t); RAM(w):0000EDCC=74(t); Physical(w):0000EDCD=29()); RAM(w):0000EDCD=29())
12f8:00002971 E8 5A FF call 000028ce RAM(p):0001584E=B8(¸); Physical(p):0001584E=B8(¸); Paged(p):0001584E=B8(¸); Normal(p):000028CE=B8(¸); RAM(p):0001584F=2F(/); Physical(p):0001584F=2F(/); Paged(p):0001584F=2F(/); Normal(p):000028CF=2F(/); RAM(p):00015850=35(5); Physical(p):00015850=35(5); Paged(p):00015850=35(5); Normal(p):000028D0=35(5); RAM(p):00015851=CD(Í); Physical(p):00015851=CD(Í); Paged(p):00015851=CD(Í); Normal(p):000028D1=CD(Í); RAM(p):00015852=21(!); Physical(p):00015852=21(!); Paged(p):00015852=21(!); Normal(p):000028D2=21(!); RAM(p):00015853=8C(Œ); Physical(p):00015853=8C(Œ); Paged(p):00015853=8C(Œ); Normal(p):000028D3=8C(Œ); RAM(p):00015854=C1(Á); Physical(p):00015854=C1(Á); Paged(p):00015854=C1(Á); Normal(p):000028D4=C1(Á); RAM(p):00015855=E3(ã); Physical(p):00015855=E3(ã); Paged(p):00015855=E3(ã); Normal(p):000028D5=E3(ã); RAM(p):00015856=4D(M); Physical(p):00015856=4D(M); Paged(p):00015856=4D(M); Normal(p):000028D6=4D(M); RAM(p):00015857=8A(Š); Physical(p):00015857=8A(Š); Paged(p):00015857=8A(Š); Normal(p):000028D7=8A(Š); RAM(p):00015858=26(&); Physical(p):00015858=26(&); Paged(p):00015858=26(&); Normal(p):000028D8=26(&); RAM(p):00015859=80(€); Physical(p):00015859=80(€); Paged(p):00015859=80(€); Normal(p):000028D9=80(€); RAM(p):0001585A=2E(.); Physical(p):0001585A=2E(.); Paged(p):0001585A=2E(.); Normal(p):000028DA=2E(.); RAM(p):0001585B=84(„); Physical(p):0001585B=84(„); Paged(p):0001585B=84(„); Normal(p):000028DB=84(„); RAM(p):0001585C=E4(ä); Physical(p):0001585C=E4(ä); Paged(p):0001585C=E4(ä); Normal(p):000028DC=E4(ä); RAM(p):0001585D=75(u); Physical(p):0001585D=75(u); Paged(p):0001585D=75(u); Normal(p):000028DD=75(u)
Registers:
EAX: 00000ecd EBX: 00000ecd ECX: 00000000 EDX: 00000001
ESP: 000000fe EBP: 00000000 ESI: 000035ec EDI: 00000078
CS: 12f8 DS: 0ecd ES: 0ecd FS: 0000 GS: 0303 SS: 0ecd TR: 0088 LDTR: 0038
EIP: 00002971 EFLAGS: 00003006
CR0: 0000fff0 CR1: 00000000 CR2: 00000000 CR3: 00000000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 000000110800011f IDTR: 000000000000ffff
FLAGSINFO: 00000000000000vr0n11oditsz0a0P1c
12f8:000028ce B8 2F 35 mov ax,352f
Registers:
EAX: 00000ecd EBX: 00000ecd ECX: 00000000 EDX: 00000001
ESP: 000000fc EBP: 00000000 ESI: 000035ec EDI: 00000078
CS: 12f8 DS: 0ecd ES: 0ecd FS: 0000 GS: 0303 SS: 0ecd TR: 0088 LDTR: 0038
EIP: 000028ce EFLAGS: 00003006
CR0: 0000fff0 CR1: 00000000 CR2: 00000000 CR3: 00000000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 000000110800011f IDTR: 000000000000ffff
FLAGSINFO: 00000000000000vr0n11oditsz0a0P1c
Paged(w):0000EDCA=06(); Paged(w):0000EDCB=30(0); RAM(p):0001585E=02(); Physical(p):0001585E=02(); Paged(p):0001585E=02(); Normal(p):000028DE=02(); RAM(p):0001585F=B4(´); Physical(p):0001585F=B4(´); Paged(p):0001585F=B4(´); Normal(p):000028DF=B4(´); RAM(p):00015860=D2(Ò); Physical(p):00015860=D2(Ò); Paged(p):00015860=D2(Ò); Normal(p):000028E0=D2(Ò); RAM(p):00015861=B0(°); Physical(p):00015861=B0(°); Paged(p):00015861=B0(°); Normal(p):000028E1=B0(°); RAM(p):00015862=00( ); Physical(p):00015862=00( ); Paged(p):00015862=00( ); Normal(p):000028E2=00( ); Physical(w):0000EDCA=06(); RAM(w):0000EDCA=06(); Physical(w):0000EDCB=30(0); RAM(w):0000EDCB=30(0)
Physical(w):0000EDC8=F8(ø); RAM(w):0000EDC8=F8(ø); Paged(w):0000EDC8=F8(ø); Physical(w):0000EDC9=12(); RAM(w):0000EDC9=12(); Paged(w):0000EDC9=12()
Physical(w):0000EDC6=D3(Ó); RAM(w):0000EDC6=D3(Ó); Paged(w):0000EDC6=D3(Ó); Physical(w):0000EDC7=28((); RAM(w):0000EDC7=28((); Paged(w):0000EDC7=28(()
RAM(r):00000084=9E(ž); Physical(r):00000084=9E(ž); RAM(r):00000085=10(); Physical(r):00000085=10()
RAM(r):00000086=1E(); Physical(r):00000086=1E(); RAM(r):00000087=01(); Physical(r):00000087=01()
01:34:52:39.02448: Interrupt 21=011E:0000109E@12F8:28D3(CD); ERRORCODE: FFFFFFFE
12f8:000028d1 CD 21 int 21 RAM(p):0000227E=90(); Physical(p):0000227E=90(); Paged(p):0000227E=90(); Normal(p):0000109E=90(); RAM(p):0000227F=90(); Physical(p):0000227F=90(); Paged(p):0000227F=90(); Normal(p):0000109F=90(); RAM(p):00002280=E8(è); Physical(p):00002280=E8(è); Paged(p):00002280=E8(è); Normal(p):000010A0=E8(è); RAM(p):00002281=CC(Ì); Physical(p):00002281=CC(Ì); Paged(p):00002281=CC(Ì); Normal(p):000010A1=CC(Ì); RAM(p):00002282=00( ); Physical(p):00002282=00( ); Paged(p):00002282=00( ); Normal(p):000010A2=00( ); RAM(p):00002283=2E(.); Physical(p):00002283=2E(.); Paged(p):00002283=2E(.); Normal(p):000010A3=2E(.); RAM(p):00002284=FF(ÿ); Physical(p):00002284=FF(ÿ); Paged(p):00002284=FF(ÿ); Normal(p):000010A4=FF(ÿ); RAM(p):00002285=2E(.); Physical(p):00002285=2E(.); Paged(p):00002285=2E(.); Normal(p):000010A5=2E(.); RAM(p):00002286=6A(j); Physical(p):00002286=6A(j); Paged(p):00002286=6A(j); Normal(p):000010A6=6A(j); RAM(p):00002287=10(); Physical(p):00002287=10(); Paged(p):00002287=10(); Normal(p):000010A7=10(); RAM(p):00002288=90(); Physical(p):00002288=90(); Paged(p):00002288=90(); Normal(p):000010A8=90(); RAM(p):00002289=90(); Physical(p):00002289=90(); Paged(p):00002289=90(); Normal(p):000010A9=90(); RAM(p):0000228A=E8(è); Physical(p):0000228A=E8(è); Paged(p):0000228A=E8(è); Normal(p):000010AA=E8(è); RAM(p):0000228B=C2(Â); Physical(p):0000228B=C2(Â); Paged(p):0000228B=C2(Â); Normal(p):000010AB=C2(Â); RAM(p):0000228C=00( ); Physical(p):0000228C=00( ); Paged(p):0000228C=00( ); Normal(p):000010AC=00( ); RAM(p):0000228D=2E(.); Physical(p):0000228D=2E(.); Paged(p):0000228D=2E(.); Normal(p):000010AD=2E(.)
Registers:
EAX: 0000352f EBX: 00000ecd ECX: 00000000 EDX: 00000001
ESP: 000000fc EBP: 00000000 ESI: 000035ec EDI: 00000078
CS: 12f8 DS: 0ecd ES: 0ecd FS: 0000 GS: 0303 SS: 0ecd TR: 0088 LDTR: 0038
EIP: 000028d1 EFLAGS: 00003006
CR0: 0000fff0 CR1: 00000000 CR2: 00000000 CR3: 00000000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 000000110800011f IDTR: 000000000000ffff
FLAGSINFO: 00000000000000vr0n11oditsz0a0P1c

Sounds like the stack got wrong somewhere in there?
Edit: Looking back up the code, that's the correct address after all(an INT 0Eh at 12F8:00000000).

Edit: Maybe that very interrupt isn't supposed to happen? It doesn't make that much sense to be calling it anyway?

It looks like it's just the value that's loaded earlier with some padding data, after which a block of code is located that was ran earlier in the code(if you look upwards from that point on), I believe it was still in protected mode there? So maybe the INT 0Eh was already an invalid instruction location to start with(EIP=0)? Maybe some uninitialized(probably unfinished) far pointer(or pointer data) somewhere? RET(F) going awry because of stack issues? Or maybe an invalid jump?

Hmmmm... Just found this: https://jdebp.eu/FGA/dos-windows-boot-process.html

The DPMI server is definitely installed. It's probably that thing that switches it back to real mode? Or maybe there's a problem within krnl386.exe or kernel.exe?

Edit: Hmmmm.... Line 56704...

Edit: Hmmmm.... Line 56679. It's data is pushed almost immediately after a call through a call gate... Maybe the call gate itself is the problem somehow?

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 12 of 46, by Stenzek

User metadata
Rank Newbie
Rank
Newbie

Recorded a trace of Windows 3.0 starting from the first pmode switch on my emulator, if it's any help: https://drive.google.com/file/d/1Y3fD0QtX9Nls … iew?usp=sharing (3GB uncompressed).
It's not in the same format, but if you're looking for the processor state after a specific instruction, it might give you some clue.

Reply 13 of 46, by superfury

User metadata
Rank l33t++
Rank
l33t++

Thanks. Just found out one problem: call gates and retf had ss and esp reversed on the stack(pushes and pop in wrong order). That might fix that issue(since pop sp works correctly now, untested though).

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 14 of 46, by superfury

User metadata
Rank l33t++
Rank
l33t++

Progress(No more page faults/displayed error)! But now it eventually faults on verifying a descriptor that's loaded(not looked at why yet), and after that I see lots(infinite?) of Divide by Zero exceptions?

Edit: Apparently, the cause of this is an IRET POPPing 0h values for CS&EIP(EFLAGS might be fine, though, but I doubt that(as it can be forced depending on the CPL).

Edit: The DIV0 fault happens at 0053:000013E1, apparently(continuous fault).

This is what happens in my case:

Filename
debugger_20180813_1420.7z
File size
932.1 KiB
Downloads
56 downloads
File comment
Log of Windows 3.11 booting from the setup.exe(from first protected mode onwards).
File license
Fair use/fair dealing exception

What does your emulator do with Windows 3.11 booting from setup.exe(until the graphics mode is started should be enough for now(getting the basic environment running))? Can you make a log of that?

Edit: A slight logging improvement on the BIU part of the logging process(it was incorrectly logging the previous byte written with the current address applied to it, instead of the current byte that's being written).

Filename
debugger_20180813_1842.7z
File size
842.09 KiB
Downloads
63 downloads
File comment
Fixed logging to log the correct byte with the used logical address.
File license
Fair use/fair dealing exception

Edit: Btw, could you make it in the common log format, if your emulator supports it? That's a bit more readable to compare to my emulation(since it's logging in common log format(with the addition of memory accesses, which haven't been made 'official'(as official as you can get from a WIP standard) yet)).

Edit: Hmmm... Looking for "0000EE24=" within the log reveals the times SS0 is actually looked up in the TSS. But I see non CPL0 loading it?

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 15 of 46, by Stenzek

User metadata
Rank Newbie
Rank
Newbie

I quickly modified my tracing to dump in the common log format, but there's probably still some differences in my disassembler.

Trace of Win 3.11 starting after the file copy portion (AFAICT that's all in real mode, so I'm doubting your issue is there), up until the mode switch: https://drive.google.com/file/d/1TmtaNUUHgU4b … iew?usp=sharing

Reply 16 of 46, by superfury

User metadata
Rank l33t++
Rank
l33t++

With the latest bugfixes(made based on the Haribote OS), Windows 3.1(3.11 afaik, but setup says 3.1), Windows 3.11 setup no longer hangs or triple faults, but instead returns to the MS-DOS prompt saying "Standard Mode: Fault outside of MS-DOS Extender.".

602-Windows 3.11_faultoutsideMS-DOSextender.jpg
Filename
602-Windows 3.11_faultoutsideMS-DOSextender.jpg
File size
25.83 KiB
Views
1831 views
File comment
Fault outside MS-DOS extender?
File license
Fair use/fair dealing exception

Edit: It's cause seems to be a MOVSB instruction in protected mode? It happens at 307:C1A9, which in your code succeeds without any faults?

Your code:

0307:0000c1a8 FC cld 
Registers:
EAX: 00000377 EBX: 00000376 ECX: 00000040 EDX: 00010376
ESP: 00000166 EBP: 0000016e ESI: 00000000 EDI: 00000000
CS: 0307 DS: 033f ES: 0377 FS: 0000 GS: 0000 SS: 027f TR: 0088 LDTR: 0038
EIP: 0000c1a8 EFLAGS: 00003246
CR0: 60000011 CR2: 00000000 CR3: 00000000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 003108000000011f IDTR: 00310000000007ff
FLAGSINFO: 00000000000000vr0n11odItsZ0a0P1c
0307:0000c1a9 F3 A4 rep movsb byte ptr ds:[di], byte ptr ds:[si]
Registers:
EAX: 00000377 EBX: 00000376 ECX: 00000040 EDX: 00010376
ESP: 00000166 EBP: 0000016e ESI: 00000000 EDI: 00000000
CS: 0307 DS: 033f ES: 0377 FS: 0000 GS: 0000 SS: 027f TR: 0088 LDTR: 0038
EIP: 0000c1a9 EFLAGS: 00003246
CR0: 60000011 CR2: 00000000 CR3: 00000000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 003108000000011f IDTR: 00310000000007ff
FLAGSINFO: 00000000000000vr0n11odItsZ0a0P1c
0307:0000c1ab 26 8B 0E 1C 00 mov cx, word ptr [es:001ch]
Registers:
EAX: 00000377 EBX: 00000376 ECX: 00000000 EDX: 00010376
ESP: 00000166 EBP: 0000016e ESI: 00000040 EDI: 00000040
CS: 0307 DS: 033f ES: 0377 FS: 0000 GS: 0000 SS: 027f TR: 0088 LDTR: 0038
EIP: 0000c1ab EFLAGS: 00003246
CR0: 60000011 CR2: 00000000 CR3: 00000000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 003108000000011f IDTR: 00310000000007ff
FLAGSINFO: 00000000000000vr0n11odItsZ0a0P1c

Although said disassembly is incorrect, according to documentation? it's supposed to be REP MOVSB DS:[SI],ES:[DI] (no instruction prefixes, ES isn't allowed to be overwritten)?

Edit: Hmmmm.... ES is cleared(0000) in UniPCemu, instead of the valid value(0377) in your log?

I know only one case that's clearing the data segments outside of a program's 'control'(not directly loading it using a pop instruction): retf/iret to a lower privilege level with an invalid descriptor inside said segments.
Maybe there's a problem in validating it's contents?

if (RETF_segmentregister) //Are we to check the segment registers for validity during a RETF?
{
for (RETF_segmentregister = 0; RETF_segmentregister < NUMITEMS(RETF_checkSegmentRegisters); ++RETF_segmentregister) //Process all we need to check!
{
RETF_whatsegment = RETF_checkSegmentRegisters[RETF_segmentregister]; //What register to check?
word descriptor_index;
descriptor_index = getDescriptorIndex(*CPU[activeCPU].SEGMENT_REGISTERS[RETF_whatsegment]); //What descriptor index?
if (descriptor_index) //Valid index(Non-NULL)?
{
if ((word)(descriptor_index | 0x7) > ((*CPU[activeCPU].SEGMENT_REGISTERS[RETF_whatsegment] & 4) ? CPU[activeCPU].SEG_DESCRIPTOR[CPU_SEGMENT_LDTR].PRECALCS.limit : CPU[activeCPU].registers->GDTR.limit)) //LDT/GDT limit exceeded?
{
invalidRETFsegment:
//Selector and Access rights are zeroed!
*CPU[activeCPU].SEGMENT_REGISTERS[RETF_whatsegment] = 0; //Zero the register!
if ((isJMPorCALL&0x1FF) == 3) //IRET?
{
CPU[activeCPU].SEG_DESCRIPTOR[RETF_whatsegment].desc.AccessRights &= 0x7F; //Clear the valid flag only with IRET!
}
else //RETF?
{
CPU[activeCPU].SEG_DESCRIPTOR[RETF_whatsegment].desc.AccessRights = 0; //Invalid!
}
continue; //Next register!
}
}
if (GENERALSEGMENT_P(CPU[activeCPU].SEG_DESCRIPTOR[RETF_whatsegment])==0) //Not present?
{
goto invalidRETFsegment; //Next register!
}
if (GENERALSEGMENT_S(CPU[activeCPU].SEG_DESCRIPTOR[RETF_whatsegment])==0) //Not data/readable code segment?
{
goto invalidRETFsegment; //Next register!
}
//We're either data or code!
if (EXECSEGMENT_ISEXEC(CPU[activeCPU].SEG_DESCRIPTOR[RETF_whatsegment])) //Code?
{
if (!EXECSEGMENT_C(CPU[activeCPU].SEG_DESCRIPTOR[RETF_whatsegment])) //Nonconforming? Invalid!
{
goto invalidRETFsegment; //Next register!
}
if (!EXECSEGMENT_R(CPU[activeCPU].SEG_DESCRIPTOR[RETF_whatsegment])) //Not readable? Invalid!
{
goto invalidRETFsegment; //Next register!
}
}
//We're either data or readable, conforming code!
if (GENERALSEGMENT_DPL(CPU[activeCPU].SEG_DESCRIPTOR[RETF_whatsegment])<MAX(getCPL(),getRPL(*CPU[activeCPU].SEGMENT_REGISTERS[RETF_whatsegment]))) //Not privileged enough to handle said segment descriptor?
{
goto invalidRETFsegment; //Next register!
}
}
}

Is this validation correct?

Edit: Slight improvement concerning the conforming code:

if (RETF_segmentregister) //Are we to check the segment registers for validity during a RETF?
{
for (RETF_segmentregister = 0; RETF_segmentregister < NUMITEMS(RETF_checkSegmentRegisters); ++RETF_segmentregister) //Process all we need to check!
{
RETF_whatsegment = RETF_checkSegmentRegisters[RETF_segmentregister]; //What register to check?
word descriptor_index;
descriptor_index = getDescriptorIndex(*CPU[activeCPU].SEGMENT_REGISTERS[RETF_whatsegment]); //What descriptor index?
if (descriptor_index) //Valid index(Non-NULL)?
{
if ((word)(descriptor_index | 0x7) > ((*CPU[activeCPU].SEGMENT_REGISTERS[RETF_whatsegment] & 4) ? CPU[activeCPU].SEG_DESCRIPTOR[CPU_SEGMENT_LDTR].PRECALCS.limit : CPU[activeCPU].registers->GDTR.limit)) //LDT/GDT limit exceeded?
{
invalidRETFsegment:
//Selector and Access rights are zeroed!
*CPU[activeCPU].SEGMENT_REGISTERS[RETF_whatsegment] = 0; //Zero the register!
if ((isJMPorCALL&0x1FF) == 3) //IRET?
{
CPU[activeCPU].SEG_DESCRIPTOR[RETF_whatsegment].desc.AccessRights &= 0x7F; //Clear the valid flag only with IRET!
}
else //RETF?
{
CPU[activeCPU].SEG_DESCRIPTOR[RETF_whatsegment].desc.AccessRights = 0; //Invalid!
}
continue; //Next register!
}
}
if (GENERALSEGMENT_P(CPU[activeCPU].SEG_DESCRIPTOR[RETF_whatsegment])==0) //Not present?
{
goto invalidRETFsegment; //Next register!
}
if (GENERALSEGMENT_S(CPU[activeCPU].SEG_DESCRIPTOR[RETF_whatsegment])==0) //Not data/readable code segment?
{
goto invalidRETFsegment; //Next register!
}
//We're either data or code!
isnonconformingcodeordata = 0; //Default: neither!
if (EXECSEGMENT_ISEXEC(CPU[activeCPU].SEG_DESCRIPTOR[RETF_whatsegment])) //Code?
{
if (!EXECSEGMENT_C(CPU[activeCPU].SEG_DESCRIPTOR[RETF_whatsegment])) //Nonconforming? Invalid!
{
isnonconformingcodeordata = 1; //Next register!
}
if (!EXECSEGMENT_R(CPU[activeCPU].SEG_DESCRIPTOR[RETF_whatsegment])) //Not readable? Invalid!
{
goto invalidRETFsegment; //Next register!
}
}
else isnonconformingcodeordata = 1; //Data!
//We're either data or readable code!
if (isnonconformingcodeordata && (GENERALSEGMENT_DPL(CPU[activeCPU].SEG_DESCRIPTOR[RETF_whatsegment])<MAX(getCPL(),getRPL(*CPU[activeCPU].SEGMENT_REGISTERS[RETF_whatsegment])))) //Not privileged enough to handle said segment descriptor?
{
goto invalidRETFsegment; //Next register!
}
}
}

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 17 of 46, by superfury

User metadata
Rank l33t++
Rank
l33t++

Just applied the fixed checks. RETF/IRET doesn't clear ES(it's still valid with the last one to a lower privilege level). So probably a pop instruction is at fault?

Filename
debugger_REPMOVSB_ES0000.7z
File size
1.5 MiB
Downloads
67 downloads
File comment
Full log of Windows 3.1(1) in protected mode.
File license
Fair use/fair dealing exception

Edit: Searching up the chain of memory accesses, I find line 1201305, where the stack(and ebp) doesn't match your code already?

Then, at line 1201192, 0053:000002d7, ES is pushed being cleared.
Upwards, at line 1200576, 0053:00001905, ES is popped cleared(02ff in your code).
Upwards, at line , 0053:000018de, the general purpose registers(except esp) are different and ES&FS are zeroed.

Searching upwards, at line 1198067, 0053:00001905 I see ES being loaded with 33f. FS is already cleared. Otherwise same as above(ES/FS&GPregs).
Same at line 1197541, 0053:000018de.
Oddly enough, your CR0 starts with 6000?

So, this is where my log starts(already different) in protected mode:

0078:00000b0e B8 68 00 mov ax, 0068h
Registers:
EAX: 00000011 EBX: 00000c38 ECX: 00002144 EDX: 000024a3
ESP: 000000f8 EBP: 00000000 ESI: 00000054 EDI: 000042b0
CS: 0078 DS: 0c38 ES: 0040 FS: 0000 GS: 0000 SS: 0c38 TR: 0000 LDTR: 0000
EIP: 00000b0e EFLAGS: 00003002
CR0: 60000011 CR2: 00000000 CR3: 00000000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 003108000000011f IDTR: 00310000000007ff
FLAGSINFO: 00000000000000vr0n11oditsz0a0p1c

You already have some 486/pentium+ flags set in CR0, while I have the upper 12 bits set and bits 1-3 cleared(fff1).

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 18 of 46, by superfury

User metadata
Rank l33t++
Rank
l33t++

Hmmmm.... Searching for " es" in both logs, after line 1200074(0053:0000208f 8E 06 0E 01 mov es,word ds:[010e]), I see an ES-referencing instruction that's not in your log? "0053:000020a1 26 83 7F 05 00 cmp word es:[bx+05],0000" at line 1200176? That's clearly diverging there?

Edit: Whoops, it's the same, but your log puts the segments within brackets, while the common log format uses it OUTSIDE the brackets. Also things like ptr isn't used in said format(just byte, word or dword). The same with spaces, only between instruction and the first operand(if any). Also, no h suffixes(it's assumed hex already).

In my protected-mode onoy version, I see CR0 being loaded to return to real mode 39 times after which the error message shows up. Hmmmm...
The fault ends up after the 31th time it returns to real mode... Add one during your log returning to protected mode(my log doesn't include real mode).

I can't find the error using searching that cr0 and then comparing the logs with searching " es". But looking at my own log, I see ES becoming zeroed using "mov es,di" after a ret instruction? That's odd?

Hmmm... LAR doesn't do anything?

	RAM(r):0009F9A2=76(v); Physical(r):0009F9A2=76(v); Paged(r):0009F9A2=76(v); RAM(r):0009F9A3=03(); Physical(r):0009F9A3=03(); Paged(r):0009F9A3=03(); RAM(p):0008F83C=80(€); Physical(p):0008F83C=80(€); Paged(p):0008F83C=80(€); Normal(p):00000FBC=80(€); RAM(p):0008F83D=CA(Ê); Physical(p):0008F83D=CA(Ê); Paged(p):0008F83D=CA(Ê); Normal(p):00000FBD=CA(Ê); RAM(p):0008F83E=01(); Physical(p):0008F83E=01(); Paged(p):0008F83E=01(); Normal(p):00000FBE=01(); RAM(p):0008F83F=F6(ö); Physical(p):0008F83F=F6(ö); Paged(p):0008F83F=F6(ö); Normal(p):00000FBF=F6(ö); RAM(p):0008F840=C4(Ä); Physical(p):0008F840=C4(Ä); Paged(p):0008F840=C4(Ä); Normal(p):00000FC0=C4(Ä)
Reading from RAM(r): 00114FC0=BF (¿)
Reading from physical memory(r): 00114FC0=BF (¿)
Reading from paged memory(r): 00114FC0=BF (¿)
Reading from RAM(r): 00114FC1=05 ()
Reading from physical memory(r): 00114FC1=05 ()
Reading from paged memory(r): 00114FC1=05 ()
Reading from RAM(r): 00114FC2=C0 (À)
Reading from physical memory(r): 00114FC2=C0 (À)
Reading from paged memory(r): 00114FC2=C0 (À)
Reading from RAM(r): 00114FC3=44 (D)
Reading from physical memory(r): 00114FC3=44 (D)
Reading from paged memory(r): 00114FC3=44 (D)
Reading from RAM(r): 00114FC4=01 ()
Reading from physical memory(r): 00114FC4=01 ()
Reading from paged memory(r): 00114FC4=01 ()
Reading from RAM(r): 00114FC5=F3 (ó)
Reading from physical memory(r): 00114FC5=F3 (ó)
Reading from paged memory(r): 00114FC5=F3 (ó)
Reading from RAM(r): 00114FC6=00 ( )
Reading from physical memory(r): 00114FC6=00 ( )
Reading from paged memory(r): 00114FC6=00 ( )
Reading from RAM(r): 00114FC7=00 ( )
Reading from physical memory(r): 00114FC7=00 ( )
Reading from paged memory(r): 00114FC7=00 ( )
0307:00000fac 66 0F 02 46 06 lar eax,dword ss:[bp+06]
Registers:
EAX: 00000376 EBX: 00000376 ECX: 00000376 EDX: 00010000
ESP: 0000015a EBP: 0000015c ESI: 00000000 EDI: 000005ac
CS: 0307 DS: 033f ES: 0000 FS: 0000 GS: 0000 SS: 027f TR: 0088 LDTR: 0038
EIP: 00000fac EFLAGS: 00003217
CR0: 0000fff1 CR1: 00000000 CR2: 00000000 CR3: 00000000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 000000110800011f IDTR: 00000011000007ff
FLAGSINFO: 00000000000000vr0n11odItsz0A0P1C
0307:00000fb1 66 C1 E8 08 shr eax,08 RAM(p):0008F841=10(); Physical(p):0008F841=10(); Paged(p):0008F841=10(); Normal(p):00000FC1=10(); RAM(p):0008F842=74(t); Physical(p):0008F842=74(t); Paged(p):0008F842=74(t); Normal(p):00000FC2=74(t); RAM(p):0008F843=17(); Physical(p):0008F843=17(); Paged(p):0008F843=17(); Normal(p):00000FC3=17(); RAM(p):0008F844=2E(.); Physical(p):0008F844=2E(.); Paged(p):0008F844=2E(.); Normal(p):00000FC4=2E(.)
Registers:
EAX: 00000376 EBX: 00000376 ECX: 00000376 EDX: 00010000
ESP: 0000015a EBP: 0000015c ESI: 00000000 EDI: 000005ac
CS: 0307 DS: 033f ES: 0000 FS: 0000 GS: 0000 SS: 027f TR: 0088 LDTR: 0038
EIP: 00000fb1 EFLAGS: 00003257
CR0: 0000fff1 CR1: 00000000 CR2: 00000000 CR3: 00000000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 000000110800011f IDTR: 00000011000007ff
FLAGSINFO: 00000000000000vr0n11odItsZ0A0P1C

Your code:

0307:00000fac 66 0F 02 46 06 lar eax, word ptr [ss:bp + 6h]
Registers:
EAX: 00000376 EBX: 00000376 ECX: 00000376 EDX: 00010000
ESP: 0000015a EBP: 0000015c ESI: 00000000 EDI: 000005ac
CS: 0307 DS: 033f ES: 0000 FS: 0000 GS: 0000 SS: 027f TR: 0088 LDTR: 0038
EIP: 00000fac EFLAGS: 00003217
CR0: 60000011 CR2: 00000000 CR3: 00000000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 003108000000011f IDTR: 00310000000007ff
FLAGSINFO: 00000000000000vr0n11odItsz0A0P1C
0307:00000fb1 66 C1 E8 08 shr eax, 08h
Registers:
EAX: 0000f300 EBX: 00000376 ECX: 00000376 EDX: 00010000
ESP: 0000015a EBP: 0000015c ESI: 00000000 EDI: 000005ac
CS: 0307 DS: 033f ES: 0000 FS: 0000 GS: 0000 SS: 027f TR: 0088 LDTR: 0038
EIP: 00000fb1 EFLAGS: 00003257
CR0: 60000011 CR2: 00000000 CR3: 00000000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 003108000000011f IDTR: 00310000000007ff
FLAGSINFO: 00000000000000vr0n11odItsZ0A0P1C
0307:00000fb5 A8 80 test al, 80h

That's some bug right there!

Edit: OK. First off, 32-bit LAR&LSL weren't mapped.

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 19 of 46, by superfury

User metadata
Rank l33t++
Rank
l33t++

Yay! Having fixed said missing LSL/LAR 32-bit instructions, Windows 3.1(1) now continues to boot!

603-Windows 3.11 in Standard mode at last!.jpg
Filename
603-Windows 3.11 in Standard mode at last!.jpg
File size
122.9 KiB
Views
1816 views
File comment
Finally it's running the kernel in Standard mode!
File license
Fair use/fair dealing exception

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io