VOGONS


First post, by superfury

User metadata
Rank l33t++
Rank
l33t++

Reading the i486 microprocessor programmer's reference manual chapter 6.6.1.2, it says that protection riles that are faulting on read/write faults(by the R/W bits and CR0 WP bit) trigger a #GP fault? But the 80386 says it's a Page Fault instead(the error code describing a protection fault because the P-bit is set)? Which one is correct? Is it supposed to throw a #GP(0) fault or a #PF(UR1) fault in the protection cases(UR1=U)ser cause bit(0=Supervisor, 1=User), R)eading(0)/writing(1) cause bit, 1(Present bit, always 1 in protection faults))?

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 1 of 10, by Stenzek

User metadata
Rank Newbie
Rank
Newbie

The wording there does seem a bit confusing. As far as I understand, both should raise #PF, regardless of whether it was a present or access issue.

Section 9.9.14 would seem to agree with that.

(if you think about it, OSes which use page permissions to implement CoW semantics would have to decode the faulting instruction to compute the linear address which faulted if it was #GP, not #PF)

Reply 2 of 10, by superfury

User metadata
Rank l33t++
Rank
l33t++

Oddly enough, currently Windows 95 on UniPCemu crashes immediately after the very first Page fault? The PDE entry points to 0x5000, the PTE is 0. This causes the very first page fault(Windows 95 setup after reboot) to crash Windows? (Various VXDs have already loaded at that point)

Anyone can help me with this? The only faults thrown before the page fault are:
- #GP fault(HIMEM.SYS loading and checking UMA)
- #UD fault on a 80486-only opcode(0F CMPXCHG for 80486 only, #UD on Pentium and up(moved to another opcode on those newer processors) and 80386-(doesn't exist yet)).

The message identifies initializing some "VPICD device" as the cause(Windows Protection Error)?

See: UniPCemu Windows 95/NT progress and issues

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 3 of 10, by Stenzek

User metadata
Rank Newbie
Rank
Newbie

I'm only seeing one invalid opcode during Win95(A) boot, and quite late in the process, at a different address/instruction bytes:

Invalid opcode at EIP = 0117:0000B927h (0x000140C7)
EAX=00000283 EBX=00000006 ECX=0000003B EDX=000103B2 ESI=00000004 EDI=00000000 ESP=C13C1FEA EBP=00000000
EFLAGS=00000246 ES=010F SS=008F DS=012F FS=0000 GS=0000 CR0=E0000011 CR2=801E9000 CR3=002FD000 TSC=1C846BD8
Decoding failed, bytes at failure point: 0F FF 55 8B EC B3 06 B8 83 02 CD 31 8D 06 54 B9

The first page fault I see is funnily enough in the ET4000 video bios, in V8086 mode:

[   44.4520] B/CPU_X86::CPU: Page fault at linear address 0x000A0000: Not Present,Write,User Mode
[ 54.1414] B/CPU_X86::CPU: Raise exception 14 error code 0x00000006 EIP 0x00002690 address 0x000A0000
EAX=00000003 EBX=00000010 ECX=00000010 EDX=00000100 ESI=00004A31 EDI=00000000 ESP=0000051A EBP=00000010
EFLAGS=00023207 ES=A000 SS=FFFF DS=C000 FS=0000 GS=0000 CR0=E0000011 CR2=000A0000 CR3=002FD000 TSC=E50E336
C000:00002690h (0x000C2690) | F3 A4 | rep movsb byte ptr ds:[di], byte ptr ds:[si]

The first page fault in actual Windows code is here:

[  171.1375] B/CPU_X86::CPU: Page fault at linear address 0xC13D0000: Not Present,Write,Supervisor Mode
[ 187.3263] B/CPU_X86::CPU: Raise exception 14 error code 0x00000002 EIP 0xC0364288 address 0xC13D0000
EAX=00110000 EBX=00000110 ECX=00000400 EDX=C112E4CC ESI=C13D1000 EDI=C13D0000 ESP=C13ADE14 EBP=000C0400
EFLAGS=00000206 ES=0030 SS=0030 DS=0030 FS=0030 GS=0030 CR0=E0000011 CR2=C13D0000 CR3=002FD000 TSC=1B1BEA6E
0028:C0364288h (0xC0364288) | F3 A5 | rep movsd dword ptr ds:[edi], dword ptr ds:[esi]

Dunno if that helps at all.. if needed I could dump an instruction trace, but unless you have some idea what you're looking for, it won't be too useful (*huge* files..).

Reply 4 of 10, by superfury

User metadata
Rank l33t++
Rank
l33t++

Well, I know the values of the TR register and CR3 register(along with TSS location). That could be an indicator of the faulting driver during booting(VPICD.VXD according to the fault handler)?

New debugger features I've added to UniPCemu just now can log just said task(old breakpoint method combined with the new TR:TRbase and/or CR3 filters(they can work without the old breakpoint filter as well).

So, the new specs are as follows:
- Debugger always running, don't show, logging when breaking(in other words: only log when the breakpoint matches the instruction to execute).
- CS-only breakpoint at 0028:00000000, protected mode.
- Task breakpoint at 0018:C000AEBC
- CR3 breakpoint at 0x0328000.

Those combined should make it only log the specified task(the breakpoint conditions that are set are ANDed with each other to obtain the breakpoint condition. In this case a logging condition).

Edit: Always nice, those undocumented sign extension issues.... The task register has 1s in it's upper 64-bit half of it's precalculated base thus non-matching for 0x80000000 and up.
Edit: More bugs found: The CR3 breakpoint was overwriting the task breakpoint precalcs instead:S

Edit: Having fixed those bugs(together with some other bugs with the new breakpoint improvements), it's now logging properly. I also improperly set the task breakpoint to 0018:AEBC instead of 0018:C000AEBC. Having entered the correct breakpoint, it's properly triggering and generating a proper log file of the process until it's crashing.

I'm now getting a ~800MB large log file of the process/driver until it's crashing.

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 5 of 10, by superfury

User metadata
Rank l33t++
Rank
l33t++

I've made two logs of the task running: one with full logging(including interrupts, memory transactions and fault signaling) and one without those.

Simplified log:
https://www.dropbox.com/s/ov919hrtk0n94mb/deb … rashing.7z?dl=0

Full log:
https://www.dropbox.com/s/e10veqnxrbzb5tu/deb … fulllog.7z?dl=0

Can you see what's going wrong?

The full log should have the word "fault" at each fault thrown(pf fault=page fault). The simplified log doesn't have those logged.

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 6 of 10, by superfury

User metadata
Rank l33t++
Rank
l33t++

The conditions seem to have changed with the latest commit:

- CR3: 295000
Edit: Hmmm... Back to 328000 in Normal booting mode(not safe mode). Maybe that was in Safe mode?

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 7 of 10, by superfury

User metadata
Rank l33t++
Rank
l33t++

I've made a new full log(Normal boot during error boot menu because of previous invalid boot): https://www.dropbox.com/s/tbsvvrxcbmx4ov5/deb … 17_2153.7z?dl=0

Anyone can see what's going wrong?

Edit: So far, I've traced back the invalid address to some:

0028:c022c48a 8D 1C 37 lea ebx,dword ds:[edi+esi*1]	RealRAM(p):001F8496=FF(?); RAM(p):00258496=FF(?); Physical(p):00258496=FF(?); Paged(p):C022C496=FF(?); Normal(p):C022C496=FF(?); RealRAM(p):001F8497=0F(); RAM(p):00258497=0F(); Physical(p):00258497=0F(); Paged(p):C022C497=0F(); Normal(p):C022C497=0F(); RealRAM(p):001F8498=03(); RAM(p):00258498=03(); Physical(p):00258498=03(); Paged(p):C022C498=03(); Normal(p):C022C498=03(); RealRAM(p):001F8499=F8(?); RAM(p):00258499=F8(?); Physical(p):00258499=F8(?); Paged(p):C022C499=F8(?); Normal(p):C022C499=F8(?)
Registers:
EAX: c10cd7f4 EBX: 00000014 ECX: 00100000 EDX: c159f068
ESP: c13a1dc4 EBP: 000c10ce ESI: c10cd7f4 EDI: 00000808
CS: 0028 DS: 0030 ES: 0030 FS: 0030 GS: 0030 SS: 0030 TR: 0018 LDTR: 0000
EIP: c022c48a EFLAGS: 00003002
CR0: 80000001 CR1: 00000000 CR2: 00000000 CR3: 00328000
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: 00000000 DR7: 00000000
GDTR: 0000c0046ff001f7 IDTR: 0000c000abbc02ff
FLAGSINFO: 00000000000000vr0n11oditsz0a0p1c
0028:c022c48d 8B 03 mov eax,dword ds:[ebx] RealRAM(p):001F849A=8B(?); RAM(p):0025849A=8B(?); Physical(p):0025849A=8B(?); Paged(p):C022C49A=8B(?); Normal(p):C022C49A=8B(?); RealRAM(p):001F849B=4B(K); RAM(p):0025849B=4B(K); Physical(p):0025849B=4B(K); Paged(p):C022C49B=4B(K); Normal(p):C022C49B=4B(K); RealRAM(p):001F849C=04(); RAM(p):0025849C=04(); Physical(p):0025849C=04(); Paged(p):C022C49C=04(); Normal(p):C022C49C=04(); RealRAM(r):002DAFFC=02(); RAM(r):0033AFFC=02(); Physical(r):0033AFFC=02(); Paged(r):C10CDFFC=02(); RealRAM(r):002DAFFD=00( ); RAM(r):0033AFFD=00( ); Physical(r):0033AFFD=00( ); Paged(r):C10CDFFD=00( ); RealRAM(r):002DAFFE=00( ); RAM(r):0033AFFE=00( ); Physical(r):0033AFFE=00( ); Paged(r):C10CDFFE=00( ); RealRAM(r):002DAFFF=A0(?); RAM(r):0033AFFF=A0(?); Physical(r):0033AFFF=A0(?); Paged(r):C10CDFFF=A0(?)
Registers:
EAX: c10cd7f4 EBX: c10cdffc ECX: 00100000 EDX: c159f068

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 8 of 10, by superfury

User metadata
Rank l33t++
Rank
l33t++

After noticing that Doom seems to run correctly(although very slow, at ~1FPS at 20% CPU speed(3MIPS), I've decided to give Simcity 2000 Special Edition(which I still have from long ago, back when I was a child as well as having played it more recent in Dosbox) a try within UniPCemu.

It runs like a charm(8MB RAM, MS-DOS 6.22, ET4000(1MB VRAM), 80386 at 3MIPS(IPS clocking mode))! And the case of the game says it required a 'minimum' of 486-class CPU to run! Ran it on a 80386!!! 🤣

Hmmmm.... Terminating the application seems to make it hang somehow? It says: "Now leaving Simcity 2000", the cursor being at the start of the row 2 rows ahead, doing nothing it seems.

Just have HIMEM.SYS and CD-ROM(VIDE-CDD) drivers loaded.

971-Simcity startup menu.jpg
Filename
971-Simcity startup menu.jpg
File size
201.3 KiB
Views
1085 views
File comment
Starting up Simcity 2000 Special Edition
File license
Fair use/fair dealing exception
972-Amazing city loaded.jpg
Filename
972-Amazing city loaded.jpg
File size
366.85 KiB
Views
1085 views
File comment
Amazing city huh?
File license
Fair use/fair dealing exception
973-Amazing city zoomed in.jpg
Filename
973-Amazing city zoomed in.jpg
File size
337.63 KiB
Views
1085 views
File comment
Zoom time!
File license
Fair use/fair dealing exception
974-Destroying stuff.jpg
Filename
974-Destroying stuff.jpg
File size
337.59 KiB
Views
1085 views
File comment
Destroying stuff
File license
Fair use/fair dealing exception
976-Alienating.jpg
Filename
976-Alienating.jpg
File size
314.15 KiB
Views
1085 views
File comment
Alienating domes out there(disaster activated in the background)
File license
Fair use/fair dealing exception

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 9 of 10, by superfury

User metadata
Rank l33t++
Rank
l33t++
981-Disastering.jpg
Filename
981-Disastering.jpg
File size
331.03 KiB
Views
1085 views
File comment
Disastering about...
File license
Fair use/fair dealing exception
984-Burn baby burn!!!.jpg
Filename
984-Burn baby burn!!!.jpg
File size
332.27 KiB
Views
1085 views
File comment
Burn, baby, burn!!!
File license
Fair use/fair dealing exception
985-Quitting Simcity 2000.jpg
Filename
985-Quitting Simcity 2000.jpg
File size
316.39 KiB
Views
1085 views
File comment
Quitting Simcity...
File license
Fair use/fair dealing exception
Filename
986-Termination time.jpg
File size
9.08 KiB
Downloads
No downloads
File comment
Terminating time? Hanging on #UD?
File license
Fair use/fair dealing exception

It seems to try to execute opcode 0F12 on the 80386 CPU(which isn't emulator for either 80286, 80386 or 80486 emulation), so it keeps faulting #UD faults infinitely?

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io

Reply 10 of 10, by superfury

User metadata
Rank l33t++
Rank
l33t++

Just tried terminating Simcity 2000 on the mobile testbuild(2018/10/20 02:11:55(GMT+02:00)). It returns back to a working MS-DOS prompt? Perhaps an input issue or hardware IRQ issue?

Author of the UniPCemu emulator.
UniPCemu Git repository
UniPCemu for Android, Windows, PSP, Vita and Switch on itch.io