From owner-freebsd-hackers Thu Jan 9 23:35:54 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.4/8.8.4) id XAA26412 for hackers-outgoing; Thu, 9 Jan 1997 23:35:54 -0800 (PST) Received: from godzilla.zeta.org.au (godzilla.zeta.org.au [203.2.228.19]) by freefall.freebsd.org (8.8.4/8.8.4) with ESMTP id XAA26398 for ; Thu, 9 Jan 1997 23:35:47 -0800 (PST) Received: (from bde@localhost) by godzilla.zeta.org.au (8.8.3/8.6.9) id RAA18329; Fri, 10 Jan 1997 17:36:15 +1100 Date: Fri, 10 Jan 1997 17:36:15 +1100 From: Bruce Evans Message-Id: <199701100636.RAA18329@godzilla.zeta.org.au> To: fenyo@inf.enst.fr, freebsd-hackers@FreeBSD.ORG Subject: Re: bug in code for booting over the net Sender: owner-hackers@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk >I was unable to boot over ethernet because of code in >/src/sys/i386/boot/netboot/start2.S > >In this file, _get_diskinfo is a function used to get informations >about drives. To do this, it makes call to BIOS INT 13h. >The parameter (drive number) is put in %dl : >------------------------------------------------------------ > movb 0x8(%ebp), %dl /* diskinfo(drive #) */ > call _prot_to_real /* enter real mode */ > movb $0x8, %ah /* ask for disk info */ > sti > int $0x13 > cli >------------------------------------------------------------ > >But the call to INT 13h never returns, on my PC. get_diskinfo() was buggy in revision 1.3 of start2.S. It did not preserve %edi. This is fixed in revision 1.4 and in FreeBSD-2.2. prot_to_real() is buggy in all versions of start2.S. It does not set the segment limits of the real mode descriptors to 64K-1. Some BIOSes are sensitive to this. This is fixed in prot_to_real() in biosboot/asm.S. >I think it's because the function _prot_to_real modifies %dl. It doesn't seem to have that bug :-). >Indeed, when I invert the two first lines, the PC boots over >the net; the following code works fine : >------------------------------------------------------------ > call _prot_to_real /* enter real mode */ > movb 0x8(%ebp), %dl /* diskinfo(drive #) */ > movb $0x8, %ah /* ask for disk info */ > sti > int $0x13 > cli >------------------------------------------------------------ Moving the code is wrong because gas doesn't completely understand 16-bit mode (especially when it isn't told that the mode changed), and `(%ebp)' is one of the things it doesn't understand. `movb 0x8(%ebp), %dl' for 32-bit (protected) mode actually turns into `movb 0x8(%di), %dl' when it is executed in 16-bit (real) mode! I guess this works by giving a completely invalid value for %dl so that the BIOS aborts before it runs into the other bugs. >BUT looking at _prot_to_real, I can't find any reason why %dl >would be modified : Right. Bruce