Category : Files from Magazines
Archive   : DDJ0292.ZIP
Filename : EMULATE.ASC

 
Output of file : EMULATE.ASC contained in archive : DDJ0292.ZIP
_PROTECTED-MODE DEBUGGING USING IN-CIRCUIT EMULATORS_
by Tovey Barron

Example 1


lgdt pword ptr gdt_reg_values
; Load global descriptor table register
mov eax,cr0 ; Set Protection Enabled bit to go into protected
or eax,1 ; mode
mov cr0,eax
jmp next ; Flush prefetch queue to get rid of instructions
; decoded in real mode
next:
xor bx,d_seg_selector; Initialize data selectors with appropriate
mov ds,bx ; values - here, we see FLAT model
mov es,bx ; initialization
mov fs,bx
mov gs,bx
mov ss,bx
pejump:
jmp full_prot_code ; FAR jump, loads CS register with protected mode
; value and branches to full protected mode code




Example 2

(a)

hlt> gdtbas /* Display the base field of the GDT register */
11000
hlt>
hlt> gdtlim /* Display the limit field of the GDT register */
77

(b)

hlt> &gdt_reg_values /* Display address of variable. */
some-address-here /* The address would be displayed in */
/* virtual format, i.e. seg:offset or */
/* ldt:seg:offset, depending on whether */
/* code is in real or protected mode */

(c)

hlt> byte &gdt_reg_values L length 6
0ffff0168L 77 00 00 10 01 00



Example 3

hlt> d_seg_selector
003B



Example 4

(a)

hlt> dt(3BH)
GDT(7T) 0040F30116C0017B
DSEG BASE=000116C0 LIMIT=0017B DPL=3 P=1 G=0 V=0 B=1 E=0 W=1 A=1


(b)

hlt> dt(38).limit = 27B

(c)

hlt> dt(38).limit = dt(38).limit + 100



Example 5

hlt> asm full_prot_code length 5
; :TASK_1.PROC_A.full_prot_code
0098:0014:00000000H 1E PUSH DS
0098:0014:00000000H 66B9F900 MOV CX,0F9H
0098:0014:00000000H 8ED9 MOV DS,CX
0098:0014:00000000H 8EC1 MOV EX,CX

0098:0014:00000000H 55 PUSH EBP



Example 6

hlt> gdt /* Display the contents of the GDT */
GDT(1T) 00009201100000FF
DSEG BASE=00011000 LIMIT=000FF DPL=0 P=1 G=0 V=0 B=0 E=0 W=1 A=0
GDT(17T) 00409A01146C0055
ESEG BASE=0001146C LIMIT=00055 DPL=0 P=1 G=0 V=0 D=1 C=0 R=1 A=0
GDT(19T) 0000820112000027
DTABL BASE=00011200 LIMIT=00027 DPL=0 P=1 G=0 V=0
GDT(26T) 0000EC0000150000
CALLG3 SSEL=0015 SOFF=00000000 DPL=3 P=1 WCO=00



Example 7

hlt> idt

IDT(0T) FFFF8E00001803A4
INTG3 SSEL=0018 SOFF=FFFF03A4 DPL=0 P=1
IDT(1T) FFFF8E00001803A8
INTG3 SSEL=0018 SOFF=FFFF03A8 DPL=0 P=1
IDT(2T) FFFF8E00001803AC
INTG3 SSEL=0018 SOFF=FFFF03AC DPL=0 P=1



Example 8

(a)

hlt> gdt(19t)
GDT(19T) 0000820112000027
DTABL BASE=00011200 LIMIT=00027 DPL=0 P=1 G=0 V=0


(b)

gdt(7).ldt(3).limit = 12345H



Example 9

(a)

hlt> tss
386 TSS

SS0= 00f0 ESP0= 00000101 SS1= 001d ESP1= 00000101
SS2= 0000 ESP2= 00000000
EAX= 00000000 EBX= 00000000 ECX= 00000000 EDX= 00000000
DS= 00fb ES= 00fb FS= 00fb GS= 00fb
ESI= 00000000 EDI= 00000000
SS= 001d CS= 0025
ESP= 00000101 EIP= 00000000
EBP= 00000101 LDTR=00b0
LINK= 0068 EFLAGS= 00000000 CR3= 00000000


(b)

hlt> tss(50)


(c)

hlt> tss(50).esp2



(d)

hlt> tss(50).ldtr
0068


(e)

hlt> dt(68)
GDT(13T) 0000820112000027
DTABL BASE=00011200 LIMIT=00027 DPL=0 P=1 G=0 V=0


(f)

hlt> gdt(13t).ldt /* For brevity, the LDT will not be shown */



Example 10

hlt> ldtbas /* Display base field of the current LDT */
00011200H

hlt> idtlim /* Display limit field of current IDT */
00ffH

hlt> tr /* Display selector field of current TR */
0080H

hlt> dslim = dslim + 35H /* Change limit of current data segment */


hlt> cs /* Display selector in CS register */
0025H

hlt> csar /* Display the access rights bits as they */
0bbH /* appear in the current CS register */





  3 Responses to “Category : Files from Magazines
Archive   : DDJ0292.ZIP
Filename : EMULATE.ASC

  1. Very nice! Thank you for this wonderful archive. I wonder why I found it only now. Long live the BBS file archives!

  2. This is so awesome! 😀 I’d be cool if you could download an entire archive of this at once, though.

  3. But one thing that puzzles me is the “mtswslnkmcjklsdlsbdmMICROSOFT” string. There is an article about it here. It is definitely worth a read: http://www.os2museum.com/wp/mtswslnk/