OSDev.org

Hello,

Working on my bootloader and all seems to be going along nicely, I had it printing characters to the screen and what not. Now comes the time to switch to 32-bit Protected Mode.

From what I can tell, I seem to load the GDT correctly and set the Protected Mode flag in cr0. However, as soon as I attempt to do the far jump afterwards in order to flush the 16-bit commands in the pipeline I have issues. Qemu sits in a reboot loop and VirtualBox crashes out. Presumably, I'm not jumping to the location I expect to be jumping to either due to a misunderstanding of how CS/DS is used in a far jump, or my GDT table is incorrect. As a result, meaningless instructions are being executed and causing an exception of some variety causing the VM to crash.

Below is the full copy of my bootloader code, stripped down to the minimum code required to reproduce the issue. Presumably, I'm doing something dumb and should be a simple fix.




The above code is to force the VM to be at a specific point I want. The code in this state doesn't reset Qemu. And I can do "info registers" to view the various registers (see below)



I can see the value 0x5574 is loaded into EAX. The EIP value seems sane, as does the value in GDT.

However, if I remove the "jmp hang" and allow it to execute the far jump, Qemu then gets stuck in it's reboot loop and doing "info registers" provides meaningless data depending on where I manage to execute it during the reboot.

I have attempted to use GDB to step through the instructions but GDB seems to refuse to load my executable and therefore doesn't play nicely for me.

Can anyone see anything obvious I've done wrong?

I see nothing wrong in this code (whether you use `jmp hang` or not). When it doesn't work are you sure the code you are assembling is what you are showing here?

Amusingly I went away for a meeting with a client, came back, had an idea, and now it seems to work.

Immediately prior to my jump I now do this:



Setting the DS register to 0 seems to have allowed the jmp to execute the address I actually wanted it to do.



Doing 'info registers' in Qemu now shows me that EAX is equal to 0x34567890 and there is no reboot loop.....

There is no reason to do this:Are you sure if you remove those lines it fails?

Using this exact file does it crash or not?TO assemble and run this in QEMU use:

Nope you're absolutely right, removing the bits I added means it's not crashing.

Building and running the code snippet you provided, results in no crashing....

I'm so confused....

Is it purely because I had something between setting the Protected Mode bit in cr0 and the jump?

If I didn't know any better and I had heard this story the first thing I would have asked is "When it fails, is it failing on real hardware and are you booting with USB Floppy Disk Emulation". I'm going to straight up ask... The failures you are seeing are strictly in QEMU and not on real hardware?

It was crashing in both Qemu and VirtualBox VMs - I don't have an easy way to test on real hardware.

Thank you for your assistance though. It has allowed me to get past this roadblock and can hopefully leave much of this ASM world behind soon and get back into a language I'm much more familiar with (C).

The idea of using the JMP 0x0008:flush right after turning on the PE bit in CR0 is to ensure that the instruction prefetch queue is cleared (to ensure the instructions following are decoded properly) and that a 32-bit CS selector is set. To be honest the code you did have shouldn't have caused a problem. Maybe you weren't testing the code you thought you were in QEMU? (wrote one set of code, ran another by accident)